3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
43 #include "blacklist.h"
44 #include "wpas_glue.h"
45 #include "wps_supplicant.h"
48 #include "gas_query.h"
50 #include "p2p_supplicant.h"
51 #include "wifi_display.h"
57 #include "offchannel.h"
58 #include "hs20_supplicant.h"
63 const char *const wpa_supplicant_version
=
64 "wpa_supplicant v" VERSION_STR
"\n"
65 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
67 const char *const wpa_supplicant_license
=
68 "This software may be distributed under the terms of the BSD license.\n"
69 "See README for more details.\n"
70 #ifdef EAP_TLS_OPENSSL
71 "\nThis product includes software developed by the OpenSSL Project\n"
72 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
73 #endif /* EAP_TLS_OPENSSL */
76 #ifndef CONFIG_NO_STDOUT_DEBUG
77 /* Long text divided into parts in order to fit in C89 strings size limits. */
78 const char *const wpa_supplicant_full_license1
=
80 const char *const wpa_supplicant_full_license2
=
81 "This software may be distributed under the terms of the BSD license.\n"
83 "Redistribution and use in source and binary forms, with or without\n"
84 "modification, are permitted provided that the following conditions are\n"
87 const char *const wpa_supplicant_full_license3
=
88 "1. Redistributions of source code must retain the above copyright\n"
89 " notice, this list of conditions and the following disclaimer.\n"
91 "2. Redistributions in binary form must reproduce the above copyright\n"
92 " notice, this list of conditions and the following disclaimer in the\n"
93 " documentation and/or other materials provided with the distribution.\n"
95 const char *const wpa_supplicant_full_license4
=
96 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
97 " names of its contributors may be used to endorse or promote products\n"
98 " derived from this software without specific prior written permission.\n"
100 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
101 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
102 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
103 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
104 const char *const wpa_supplicant_full_license5
=
105 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
106 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
107 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
108 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
109 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
110 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
111 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
113 #endif /* CONFIG_NO_STDOUT_DEBUG */
115 /* Configure default/group WEP keys for static WEP */
116 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
120 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
121 if (ssid
->wep_key_len
[i
] == 0)
125 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
126 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
127 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
134 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
135 struct wpa_ssid
*ssid
)
143 /* IBSS/WPA-None uses only one key (Group) for both receiving and
144 * sending unicast and multicast packets. */
146 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
147 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
148 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
152 if (!ssid
->psk_set
) {
153 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
158 switch (wpa_s
->group_cipher
) {
159 case WPA_CIPHER_CCMP
:
160 os_memcpy(key
, ssid
->psk
, 16);
164 case WPA_CIPHER_GCMP
:
165 os_memcpy(key
, ssid
->psk
, 16);
169 case WPA_CIPHER_TKIP
:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key
, ssid
->psk
, 16 + 8);
172 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
177 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s
->group_cipher
);
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
185 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
186 os_memset(key
, 0, sizeof(key
));
191 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
193 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
194 const u8
*bssid
= wpa_s
->bssid
;
195 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
196 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
197 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
198 bssid
= wpa_s
->pending_bssid
;
199 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
201 wpa_blacklist_add(wpa_s
, bssid
);
202 wpa_sm_notify_disassoc(wpa_s
->wpa
);
203 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
204 wpa_s
->reassociate
= 1;
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
210 wpa_supplicant_req_scan(wpa_s
, 1, 0);
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
220 * This function is used to schedule a timeout for the current authentication
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
226 if (wpa_s
->conf
->ap_scan
== 0 &&
227 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
230 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
231 "%d usec", sec
, usec
);
232 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
233 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
247 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
249 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf
;
264 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid
->mode
== WPAS_MODE_IBSS
&&
268 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
269 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
274 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
275 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
276 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
279 #endif /* CONFIG_IBSS_RSN */
281 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
282 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
284 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
285 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
286 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
288 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
290 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
291 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
292 eapol_conf
.accept_802_1x_keys
= 1;
293 eapol_conf
.required_keys
= 0;
294 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
295 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
297 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
298 eapol_conf
.required_keys
|=
299 EAPOL_REQUIRE_KEY_BROADCAST
;
302 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
303 eapol_conf
.required_keys
= 0;
305 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
306 eapol_conf
.workaround
= ssid
->eap_workaround
;
307 eapol_conf
.eap_disabled
=
308 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
309 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
311 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
314 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
315 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
316 if (wpa_s
->current_bss
) {
318 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
323 EAPOL_PEER_IS_WPS20_AP
;
328 #endif /* CONFIG_WPS */
330 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
333 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
334 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
336 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
337 #endif /* CONFIG_MACSEC */
338 #endif /* IEEE8021X_EAPOL */
343 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
344 * @wpa_s: Pointer to wpa_supplicant data
345 * @ssid: Configuration data for the network
347 * This function is used to configure WPA state machine and related parameters
348 * to a mode where WPA is not enabled. This is called as part of the
349 * authentication configuration when the selected network does not use WPA.
351 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
352 struct wpa_ssid
*ssid
)
356 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
357 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
358 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
359 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
361 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
362 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
363 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
364 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
365 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
366 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
367 wpa_s
->mgmt_group_cipher
= 0;
369 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
370 if (ssid
->wep_key_len
[i
] > 5) {
371 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
372 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
374 } else if (ssid
->wep_key_len
[i
] > 0) {
375 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
376 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
381 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
382 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
383 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
384 wpa_s
->pairwise_cipher
);
385 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
386 #ifdef CONFIG_IEEE80211W
387 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
388 wpa_s
->mgmt_group_cipher
);
389 #endif /* CONFIG_IEEE80211W */
391 pmksa_cache_clear_current(wpa_s
->wpa
);
395 void free_hw_features(struct wpa_supplicant
*wpa_s
)
398 if (wpa_s
->hw
.modes
== NULL
)
401 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
402 os_free(wpa_s
->hw
.modes
[i
].channels
);
403 os_free(wpa_s
->hw
.modes
[i
].rates
);
406 os_free(wpa_s
->hw
.modes
);
407 wpa_s
->hw
.modes
= NULL
;
411 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
413 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
415 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
416 struct wpa_bss_tmp_disallowed
, list
) {
417 dl_list_del(&bss
->list
);
423 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
425 struct fils_hlp_req
*req
;
427 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
429 dl_list_del(&req
->list
);
430 wpabuf_free(req
->pkt
);
436 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
440 bgscan_deinit(wpa_s
);
441 autoscan_deinit(wpa_s
);
442 scard_deinit(wpa_s
->scard
);
444 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
445 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
446 l2_packet_deinit(wpa_s
->l2
);
449 l2_packet_deinit(wpa_s
->l2_br
);
452 #ifdef CONFIG_TESTING_OPTIONS
453 l2_packet_deinit(wpa_s
->l2_test
);
454 wpa_s
->l2_test
= NULL
;
455 os_free(wpa_s
->get_pref_freq_list_override
);
456 wpa_s
->get_pref_freq_list_override
= NULL
;
457 #endif /* CONFIG_TESTING_OPTIONS */
459 if (wpa_s
->conf
!= NULL
) {
460 struct wpa_ssid
*ssid
;
461 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
462 wpas_notify_network_removed(wpa_s
, ssid
);
465 os_free(wpa_s
->confname
);
466 wpa_s
->confname
= NULL
;
468 os_free(wpa_s
->confanother
);
469 wpa_s
->confanother
= NULL
;
471 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
472 eapol_sm_deinit(wpa_s
->eapol
);
475 rsn_preauth_deinit(wpa_s
->wpa
);
478 wpa_tdls_deinit(wpa_s
->wpa
);
479 #endif /* CONFIG_TDLS */
481 wmm_ac_clear_saved_tspecs(wpa_s
);
482 pmksa_candidate_free(wpa_s
->wpa
);
483 wpa_sm_deinit(wpa_s
->wpa
);
485 wpa_blacklist_clear(wpa_s
);
487 wpa_bss_deinit(wpa_s
);
489 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
490 wpa_supplicant_cancel_scan(wpa_s
);
491 wpa_supplicant_cancel_auth_timeout(wpa_s
);
492 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
493 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
494 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
496 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
498 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
500 wpas_wps_deinit(wpa_s
);
502 wpabuf_free(wpa_s
->pending_eapol_rx
);
503 wpa_s
->pending_eapol_rx
= NULL
;
505 #ifdef CONFIG_IBSS_RSN
506 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
507 wpa_s
->ibss_rsn
= NULL
;
508 #endif /* CONFIG_IBSS_RSN */
513 wpa_supplicant_ap_deinit(wpa_s
);
514 #endif /* CONFIG_AP */
516 wpas_p2p_deinit(wpa_s
);
518 #ifdef CONFIG_OFFCHANNEL
519 offchannel_deinit(wpa_s
);
520 #endif /* CONFIG_OFFCHANNEL */
522 wpa_supplicant_cancel_sched_scan(wpa_s
);
524 os_free(wpa_s
->next_scan_freqs
);
525 wpa_s
->next_scan_freqs
= NULL
;
527 os_free(wpa_s
->manual_scan_freqs
);
528 wpa_s
->manual_scan_freqs
= NULL
;
529 os_free(wpa_s
->select_network_scan_freqs
);
530 wpa_s
->select_network_scan_freqs
= NULL
;
532 os_free(wpa_s
->manual_sched_scan_freqs
);
533 wpa_s
->manual_sched_scan_freqs
= NULL
;
535 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
538 * Need to remove any pending gas-query radio work before the
539 * gas_query_deinit() call because gas_query::work has not yet been set
540 * for works that have not been started. gas_query_free() will be unable
541 * to cancel such pending radio works and once the pending gas-query
542 * radio work eventually gets removed, the deinit notification call to
543 * gas_query_start_cb() would result in dereferencing freed memory.
546 radio_remove_works(wpa_s
, "gas-query", 0);
547 gas_query_deinit(wpa_s
->gas
);
550 free_hw_features(wpa_s
);
552 ieee802_1x_dealloc_kay_sm(wpa_s
);
554 os_free(wpa_s
->bssid_filter
);
555 wpa_s
->bssid_filter
= NULL
;
557 os_free(wpa_s
->disallow_aps_bssid
);
558 wpa_s
->disallow_aps_bssid
= NULL
;
559 os_free(wpa_s
->disallow_aps_ssid
);
560 wpa_s
->disallow_aps_ssid
= NULL
;
562 wnm_bss_keep_alive_deinit(wpa_s
);
564 wnm_deallocate_memory(wpa_s
);
565 #endif /* CONFIG_WNM */
567 ext_password_deinit(wpa_s
->ext_pw
);
568 wpa_s
->ext_pw
= NULL
;
570 wpabuf_free(wpa_s
->last_gas_resp
);
571 wpa_s
->last_gas_resp
= NULL
;
572 wpabuf_free(wpa_s
->prev_gas_resp
);
573 wpa_s
->prev_gas_resp
= NULL
;
575 os_free(wpa_s
->last_scan_res
);
576 wpa_s
->last_scan_res
= NULL
;
580 wpa_drv_configure_frame_filters(wpa_s
, 0);
582 #endif /* CONFIG_HS20 */
584 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
585 wpabuf_free(wpa_s
->vendor_elem
[i
]);
586 wpa_s
->vendor_elem
[i
] = NULL
;
589 wmm_ac_notify_disassoc(wpa_s
);
591 wpa_s
->sched_scan_plans_num
= 0;
592 os_free(wpa_s
->sched_scan_plans
);
593 wpa_s
->sched_scan_plans
= NULL
;
596 wpa_s
->non_pref_chan_num
= 0;
597 os_free(wpa_s
->non_pref_chan
);
598 wpa_s
->non_pref_chan
= NULL
;
599 #endif /* CONFIG_MBO */
601 free_bss_tmp_disallowed(wpa_s
);
603 wpabuf_free(wpa_s
->lci
);
605 wpas_clear_beacon_rep_data(wpa_s
);
607 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
610 struct external_pmksa_cache
*entry
;
612 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
613 struct external_pmksa_cache
,
615 dl_list_del(&entry
->list
);
616 os_free(entry
->pmksa_cache
);
620 #endif /* CONFIG_MESH */
621 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
623 wpas_flush_fils_hlp_req(wpa_s
);
625 wpabuf_free(wpa_s
->ric_ies
);
626 wpa_s
->ric_ies
= NULL
;
631 * wpa_clear_keys - Clear keys configured for the driver
632 * @wpa_s: Pointer to wpa_supplicant data
633 * @addr: Previously used BSSID or %NULL if not available
635 * This function clears the encryption keys that has been previously configured
638 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
642 #ifdef CONFIG_IEEE80211W
644 #else /* CONFIG_IEEE80211W */
646 #endif /* CONFIG_IEEE80211W */
648 /* MLME-DELETEKEYS.request */
649 for (i
= 0; i
< max
; i
++) {
650 if (wpa_s
->keys_cleared
& BIT(i
))
652 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
655 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
656 !is_zero_ether_addr(addr
)) {
657 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
659 /* MLME-SETPROTECTION.request(None) */
660 wpa_drv_mlme_setprotection(
662 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
663 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
665 wpa_s
->keys_cleared
= (u32
) -1;
670 * wpa_supplicant_state_txt - Get the connection state name as a text string
671 * @state: State (wpa_state; WPA_*)
672 * Returns: The state name as a printable text string
674 const char * wpa_supplicant_state_txt(enum wpa_states state
)
677 case WPA_DISCONNECTED
:
678 return "DISCONNECTED";
681 case WPA_INTERFACE_DISABLED
:
682 return "INTERFACE_DISABLED";
685 case WPA_AUTHENTICATING
:
686 return "AUTHENTICATING";
687 case WPA_ASSOCIATING
:
688 return "ASSOCIATING";
691 case WPA_4WAY_HANDSHAKE
:
692 return "4WAY_HANDSHAKE";
693 case WPA_GROUP_HANDSHAKE
:
694 return "GROUP_HANDSHAKE";
705 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
709 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
710 name
= wpa_s
->current_ssid
->bgscan
;
712 name
= wpa_s
->conf
->bgscan
;
713 if (name
== NULL
|| name
[0] == '\0')
715 if (wpas_driver_bss_selection(wpa_s
))
717 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
720 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
722 #endif /* CONFIG_P2P */
724 bgscan_deinit(wpa_s
);
725 if (wpa_s
->current_ssid
) {
726 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
727 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
730 * Live without bgscan; it is only used as a roaming
731 * optimization, so the initial connection is not
735 struct wpa_scan_results
*scan_res
;
736 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
737 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
740 bgscan_notify_scan(wpa_s
, scan_res
);
741 wpa_scan_results_free(scan_res
);
745 wpa_s
->bgscan_ssid
= NULL
;
749 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
751 if (wpa_s
->bgscan_ssid
!= NULL
) {
752 bgscan_deinit(wpa_s
);
753 wpa_s
->bgscan_ssid
= NULL
;
757 #endif /* CONFIG_BGSCAN */
760 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
762 if (autoscan_init(wpa_s
, 0))
763 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
767 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
769 autoscan_deinit(wpa_s
);
773 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
775 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
776 wpa_s
->wpa_state
== WPA_SCANNING
) {
777 autoscan_deinit(wpa_s
);
778 wpa_supplicant_start_autoscan(wpa_s
);
784 * wpa_supplicant_set_state - Set current connection state
785 * @wpa_s: Pointer to wpa_supplicant data
786 * @state: The new connection state
788 * This function is called whenever the connection state changes, e.g.,
789 * association is completed for WPA/WPA2 4-Way Handshake is started.
791 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
792 enum wpa_states state
)
794 enum wpa_states old_state
= wpa_s
->wpa_state
;
796 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
797 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
798 wpa_supplicant_state_txt(state
));
800 if (state
== WPA_INTERFACE_DISABLED
) {
801 /* Assure normal scan when interface is restored */
802 wpa_s
->normal_scans
= 0;
805 if (state
== WPA_COMPLETED
) {
806 wpas_connect_work_done(wpa_s
);
807 /* Reinitialize normal_scan counter */
808 wpa_s
->normal_scans
= 0;
813 * P2PS client has to reply to Probe Request frames received on the
814 * group operating channel. Enable Probe Request frame reporting for
815 * P2P connected client in case p2p_cli_probe configuration property is
818 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
819 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
820 wpa_s
->current_ssid
->p2p_group
) {
821 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
822 wpa_dbg(wpa_s
, MSG_DEBUG
,
823 "P2P: Enable CLI Probe Request RX reporting");
824 wpa_s
->p2p_cli_probe
=
825 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
826 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
827 wpa_dbg(wpa_s
, MSG_DEBUG
,
828 "P2P: Disable CLI Probe Request RX reporting");
829 wpa_s
->p2p_cli_probe
= 0;
830 wpa_drv_probe_req_report(wpa_s
, 0);
833 #endif /* CONFIG_P2P */
835 if (state
!= WPA_SCANNING
)
836 wpa_supplicant_notify_scanning(wpa_s
, 0);
838 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
839 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
840 int fils_hlp_sent
= 0;
843 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
844 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
846 #endif /* CONFIG_SME */
847 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
848 wpa_auth_alg_fils(wpa_s
->auth_alg
))
851 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
852 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
853 MACSTR
" completed [id=%d id_str=%s%s]",
854 MAC2STR(wpa_s
->bssid
),
855 ssid
? ssid
->id
: -1,
856 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
857 fils_hlp_sent
? " FILS_HLP_SENT" : "");
858 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
859 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
860 wpa_blacklist_clear(wpa_s
);
861 wpa_s
->extra_blacklist_count
= 0;
862 wpa_s
->new_connection
= 0;
863 wpa_drv_set_operstate(wpa_s
, 1);
864 #ifndef IEEE8021X_EAPOL
865 wpa_drv_set_supp_port(wpa_s
, 1);
866 #endif /* IEEE8021X_EAPOL */
867 wpa_s
->after_wps
= 0;
868 wpa_s
->known_wps_freq
= 0;
869 wpas_p2p_completed(wpa_s
);
871 sme_sched_obss_scan(wpa_s
, 1);
872 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
873 state
== WPA_ASSOCIATED
) {
874 wpa_s
->new_connection
= 1;
875 wpa_drv_set_operstate(wpa_s
, 0);
876 #ifndef IEEE8021X_EAPOL
877 wpa_drv_set_supp_port(wpa_s
, 0);
878 #endif /* IEEE8021X_EAPOL */
879 sme_sched_obss_scan(wpa_s
, 0);
881 wpa_s
->wpa_state
= state
;
884 if (state
== WPA_COMPLETED
)
885 wpa_supplicant_start_bgscan(wpa_s
);
886 else if (state
< WPA_ASSOCIATED
)
887 wpa_supplicant_stop_bgscan(wpa_s
);
888 #endif /* CONFIG_BGSCAN */
890 if (state
== WPA_AUTHENTICATING
)
891 wpa_supplicant_stop_autoscan(wpa_s
);
893 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
894 wpa_supplicant_start_autoscan(wpa_s
);
896 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
897 wmm_ac_notify_disassoc(wpa_s
);
899 if (wpa_s
->wpa_state
!= old_state
) {
900 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
903 * Notify the P2P Device interface about a state change in one
906 wpas_p2p_indicate_state_change(wpa_s
);
908 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
909 old_state
== WPA_COMPLETED
)
910 wpas_notify_auth_changed(wpa_s
);
915 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
919 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
921 struct wpa_supplicant
*next
= wpa_s
->next
;
922 if (wpas_wps_terminate_pending(wpa_s
) == 1)
925 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
926 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
927 wpas_p2p_disconnect(wpa_s
);
928 #endif /* CONFIG_P2P */
931 #endif /* CONFIG_WPS */
938 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
940 struct wpa_global
*global
= signal_ctx
;
941 wpa_supplicant_terminate_proc(global
);
945 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
947 enum wpa_states old_state
= wpa_s
->wpa_state
;
949 wpa_s
->pairwise_cipher
= 0;
950 wpa_s
->group_cipher
= 0;
951 wpa_s
->mgmt_group_cipher
= 0;
953 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
954 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
956 if (wpa_s
->wpa_state
!= old_state
)
957 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
962 * wpa_supplicant_reload_configuration - Reload configuration data
963 * @wpa_s: Pointer to wpa_supplicant data
964 * Returns: 0 on success or -1 if configuration parsing failed
966 * This function can be used to request that the configuration data is reloaded
967 * (e.g., after configuration file change). This function is reloading
968 * configuration only for one interface, so this may need to be called multiple
969 * times if %wpa_supplicant is controlling multiple interfaces and all
970 * interfaces need reconfiguration.
972 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
974 struct wpa_config
*conf
;
978 if (wpa_s
->confname
== NULL
)
980 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
982 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
983 "file '%s' - exiting", wpa_s
->confname
);
986 wpa_config_read(wpa_s
->confanother
, conf
);
988 conf
->changed_parameters
= (unsigned int) -1;
990 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
991 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
992 os_strcmp(conf
->ctrl_interface
,
993 wpa_s
->conf
->ctrl_interface
) != 0);
995 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
996 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
997 wpa_s
->ctrl_iface
= NULL
;
1000 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1001 if (wpa_s
->current_ssid
) {
1002 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1003 wpa_s
->own_disconnect_req
= 1;
1004 wpa_supplicant_deauthenticate(wpa_s
,
1005 WLAN_REASON_DEAUTH_LEAVING
);
1009 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1010 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1012 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1013 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1015 * Clear forced success to clear EAP state for next
1018 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1020 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1021 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1022 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1023 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1024 rsn_preauth_deinit(wpa_s
->wpa
);
1026 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1027 wpa_config_free(wpa_s
->conf
);
1029 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1030 wpas_notify_ap_scan_changed(wpa_s
);
1033 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1035 wpa_supplicant_update_config(wpa_s
);
1037 wpa_supplicant_clear_status(wpa_s
);
1038 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1039 wpa_s
->reassociate
= 1;
1040 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1042 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1047 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1049 struct wpa_global
*global
= signal_ctx
;
1050 struct wpa_supplicant
*wpa_s
;
1051 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1052 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1054 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1055 wpa_supplicant_terminate_proc(global
);
1059 if (wpa_debug_reopen_file() < 0) {
1060 /* Ignore errors since we cannot really do much to fix this */
1061 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1066 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1067 struct wpa_ssid
*ssid
,
1068 struct wpa_ie_data
*ie
)
1070 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1073 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1074 "from association info");
1079 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1081 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1082 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1083 "cipher 0x%x (mask 0x%x) - reject",
1084 ie
->group_cipher
, ssid
->group_cipher
);
1087 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1088 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1089 "cipher 0x%x (mask 0x%x) - reject",
1090 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1093 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1094 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1095 "management 0x%x (mask 0x%x) - reject",
1096 ie
->key_mgmt
, ssid
->key_mgmt
);
1100 #ifdef CONFIG_IEEE80211W
1101 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1102 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1103 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1104 "that does not support management frame protection - "
1108 #endif /* CONFIG_IEEE80211W */
1115 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1116 * @wpa_s: Pointer to wpa_supplicant data
1117 * @bss: Scan results for the selected BSS, or %NULL if not available
1118 * @ssid: Configuration data for the selected network
1119 * @wpa_ie: Buffer for the WPA/RSN IE
1120 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1121 * used buffer length in case the functions returns success.
1122 * Returns: 0 on success or -1 on failure
1124 * This function is used to configure authentication and encryption parameters
1125 * based on the network configuration and scan result for the selected BSS (if
1128 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1129 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1130 u8
*wpa_ie
, size_t *wpa_ie_len
)
1132 struct wpa_ie_data ie
;
1134 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1137 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1138 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1139 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1141 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1143 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1144 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1145 (ie
.group_cipher
& ssid
->group_cipher
) &&
1146 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1147 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1148 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1149 proto
= WPA_PROTO_RSN
;
1150 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1151 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1152 (ie
.group_cipher
& ssid
->group_cipher
) &&
1153 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1154 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1155 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1156 proto
= WPA_PROTO_WPA
;
1158 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1159 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1160 /* TODO: parse OSEN element */
1161 os_memset(&ie
, 0, sizeof(ie
));
1162 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1163 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1164 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1165 proto
= WPA_PROTO_OSEN
;
1166 #endif /* CONFIG_HS20 */
1168 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1169 wpa_dbg(wpa_s
, MSG_DEBUG
,
1170 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1171 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1173 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1174 MAC2STR(bss
->bssid
),
1175 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1176 bss_wpa
? " WPA" : "",
1177 bss_rsn
? " RSN" : "",
1178 bss_osen
? " OSEN" : "");
1180 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1181 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1182 wpa_dbg(wpa_s
, MSG_DEBUG
,
1183 "Could not parse RSN element");
1185 wpa_dbg(wpa_s
, MSG_DEBUG
,
1186 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1187 ie
.pairwise_cipher
, ie
.group_cipher
,
1192 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1193 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1194 wpa_dbg(wpa_s
, MSG_DEBUG
,
1195 "Could not parse WPA element");
1197 wpa_dbg(wpa_s
, MSG_DEBUG
,
1198 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1199 ie
.pairwise_cipher
, ie
.group_cipher
,
1205 if (ssid
->proto
& WPA_PROTO_OSEN
)
1206 proto
= WPA_PROTO_OSEN
;
1207 else if (ssid
->proto
& WPA_PROTO_RSN
)
1208 proto
= WPA_PROTO_RSN
;
1210 proto
= WPA_PROTO_WPA
;
1211 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1212 os_memset(&ie
, 0, sizeof(ie
));
1213 ie
.group_cipher
= ssid
->group_cipher
;
1214 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1215 ie
.key_mgmt
= ssid
->key_mgmt
;
1216 #ifdef CONFIG_IEEE80211W
1217 ie
.mgmt_group_cipher
=
1218 ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
?
1219 WPA_CIPHER_AES_128_CMAC
: 0;
1220 #endif /* CONFIG_IEEE80211W */
1221 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1222 "based on configuration");
1227 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1228 "pairwise %d key_mgmt %d proto %d",
1229 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1230 #ifdef CONFIG_IEEE80211W
1231 if (ssid
->ieee80211w
) {
1232 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1233 ie
.mgmt_group_cipher
);
1235 #endif /* CONFIG_IEEE80211W */
1237 wpa_s
->wpa_proto
= proto
;
1238 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1239 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1240 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1242 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1243 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1244 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1245 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1246 bss_rsn
? 2 + bss_rsn
[1] : 0))
1250 #ifdef CONFIG_NO_WPA
1251 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1252 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1253 #else /* CONFIG_NO_WPA */
1254 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1255 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1256 if (wpa_s
->group_cipher
< 0) {
1257 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1261 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1262 wpa_cipher_txt(wpa_s
->group_cipher
));
1264 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1265 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1266 if (wpa_s
->pairwise_cipher
< 0) {
1267 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1271 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1272 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1273 #endif /* CONFIG_NO_WPA */
1275 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1277 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1278 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1279 #endif /* CONFIG_SAE */
1281 #ifdef CONFIG_SUITEB192
1282 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1283 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1284 wpa_dbg(wpa_s
, MSG_DEBUG
,
1285 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1286 #endif /* CONFIG_SUITEB192 */
1287 #ifdef CONFIG_SUITEB
1288 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1289 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1290 wpa_dbg(wpa_s
, MSG_DEBUG
,
1291 "WPA: using KEY_MGMT 802.1X with Suite B");
1292 #endif /* CONFIG_SUITEB */
1294 #ifdef CONFIG_IEEE80211R
1295 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1296 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1297 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1298 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1299 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1300 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1301 #endif /* CONFIG_IEEE80211R */
1302 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1303 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1304 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1305 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1306 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1307 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1308 #endif /* CONFIG_FILS */
1309 #ifdef CONFIG_IEEE80211R
1310 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1311 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1312 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1313 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1314 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1315 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1316 #endif /* CONFIG_IEEE80211R */
1318 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1319 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1320 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1321 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1322 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1323 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1324 #endif /* CONFIG_SAE */
1325 #ifdef CONFIG_IEEE80211W
1326 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1327 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1328 wpa_dbg(wpa_s
, MSG_DEBUG
,
1329 "WPA: using KEY_MGMT 802.1X with SHA256");
1330 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1331 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1332 wpa_dbg(wpa_s
, MSG_DEBUG
,
1333 "WPA: using KEY_MGMT PSK with SHA256");
1334 #endif /* CONFIG_IEEE80211W */
1335 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1336 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1337 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1338 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1339 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1340 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1341 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1342 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1343 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1345 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1346 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1347 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1348 #endif /* CONFIG_HS20 */
1350 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1351 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1352 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1353 #endif /* CONFIG_OWE */
1355 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1356 "authenticated key management type");
1360 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1361 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1362 wpa_s
->pairwise_cipher
);
1363 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1365 #ifdef CONFIG_IEEE80211W
1366 sel
= ie
.mgmt_group_cipher
;
1367 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1368 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1370 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1371 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1372 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1374 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1375 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1376 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1378 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1379 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1380 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1382 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1383 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1384 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1387 wpa_s
->mgmt_group_cipher
= 0;
1388 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1390 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1391 wpa_s
->mgmt_group_cipher
);
1392 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1393 wpas_get_ssid_pmf(wpa_s
, ssid
));
1394 #endif /* CONFIG_IEEE80211W */
1396 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1397 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1401 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1404 if (ssid
->psk_set
) {
1405 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1409 #ifndef CONFIG_NO_PBKDF2
1410 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1413 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1414 4096, psk
, PMK_LEN
);
1415 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1417 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1419 os_memset(psk
, 0, sizeof(psk
));
1421 #endif /* CONFIG_NO_PBKDF2 */
1422 #ifdef CONFIG_EXT_PASSWORD
1423 if (ssid
->ext_psk
) {
1424 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1426 char pw_str
[64 + 1];
1430 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1431 "found from external storage");
1435 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1436 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1437 "PSK length %d in external storage",
1438 (int) wpabuf_len(pw
));
1439 ext_password_free(pw
);
1443 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1444 pw_str
[wpabuf_len(pw
)] = '\0';
1446 #ifndef CONFIG_NO_PBKDF2
1447 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1449 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1450 4096, psk
, PMK_LEN
);
1451 os_memset(pw_str
, 0, sizeof(pw_str
));
1452 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1453 "external passphrase)",
1455 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1458 os_memset(psk
, 0, sizeof(psk
));
1460 #endif /* CONFIG_NO_PBKDF2 */
1461 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1462 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1463 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1464 "Invalid PSK hex string");
1465 os_memset(pw_str
, 0, sizeof(pw_str
));
1466 ext_password_free(pw
);
1469 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1472 os_memset(psk
, 0, sizeof(psk
));
1474 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1476 os_memset(pw_str
, 0, sizeof(pw_str
));
1477 ext_password_free(pw
);
1481 os_memset(pw_str
, 0, sizeof(pw_str
));
1482 ext_password_free(pw
);
1484 #endif /* CONFIG_EXT_PASSWORD */
1487 wpa_msg(wpa_s
, MSG_INFO
,
1488 "No PSK available for association");
1492 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1498 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1503 case 0: /* Bits 0-7 */
1505 case 1: /* Bits 8-15 */
1507 case 2: /* Bits 16-23 */
1509 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1510 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1511 #endif /* CONFIG_WNM */
1513 case 3: /* Bits 24-31 */
1515 *pos
|= 0x02; /* Bit 25 - SSID List */
1516 #endif /* CONFIG_WNM */
1517 #ifdef CONFIG_INTERWORKING
1518 if (wpa_s
->conf
->interworking
)
1519 *pos
|= 0x80; /* Bit 31 - Interworking */
1520 #endif /* CONFIG_INTERWORKING */
1522 case 4: /* Bits 32-39 */
1523 #ifdef CONFIG_INTERWORKING
1524 if (wpa_s
->drv_flags
/ WPA_DRIVER_FLAGS_QOS_MAPPING
)
1525 *pos
|= 0x01; /* Bit 32 - QoS Map */
1526 #endif /* CONFIG_INTERWORKING */
1528 case 5: /* Bits 40-47 */
1530 if (wpa_s
->conf
->hs20
)
1531 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1532 #endif /* CONFIG_HS20 */
1534 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1535 #endif /* CONFIG_MBO */
1537 case 6: /* Bits 48-55 */
1539 case 7: /* Bits 56-63 */
1541 case 8: /* Bits 64-71 */
1542 if (wpa_s
->conf
->ftm_responder
)
1543 *pos
|= 0x40; /* Bit 70 - FTM responder */
1544 if (wpa_s
->conf
->ftm_initiator
)
1545 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1547 case 9: /* Bits 72-79 */
1550 #endif /* CONFIG_FILS */
1556 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1561 if (len
< wpa_s
->extended_capa_len
)
1562 len
= wpa_s
->extended_capa_len
;
1563 if (buflen
< (size_t) len
+ 2) {
1564 wpa_printf(MSG_INFO
,
1565 "Not enough room for building extended capabilities element");
1569 *pos
++ = WLAN_EID_EXT_CAPAB
;
1571 for (i
= 0; i
< len
; i
++, pos
++) {
1572 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1574 if (i
< wpa_s
->extended_capa_len
) {
1575 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1576 *pos
|= wpa_s
->extended_capa
[i
];
1580 while (len
> 0 && buf
[1 + len
] == 0) {
1591 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1592 struct wpa_bss
*test_bss
)
1594 struct wpa_bss
*bss
;
1596 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1597 if (bss
== test_bss
)
1605 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1606 struct wpa_ssid
*test_ssid
)
1608 struct wpa_ssid
*ssid
;
1610 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1611 if (ssid
== test_ssid
)
1619 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1620 struct wpa_ssid
*test_ssid
)
1622 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1625 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1629 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1637 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1639 struct wpa_connect_work
*cwork
;
1640 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1645 wpa_s
->connect_work
= NULL
;
1648 wpas_connect_work_free(cwork
);
1649 radio_work_done(work
);
1653 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1655 struct os_reltime now
;
1658 os_get_reltime(&now
);
1659 if (wpa_s
->last_mac_addr_style
== style
&&
1660 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1661 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1662 wpa_s
->conf
->rand_addr_lifetime
)) {
1663 wpa_msg(wpa_s
, MSG_DEBUG
,
1664 "Previously selected random MAC address has not yet expired");
1670 if (random_mac_addr(addr
) < 0)
1674 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1675 if (random_mac_addr_keep_oui(addr
) < 0)
1682 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1683 wpa_msg(wpa_s
, MSG_INFO
,
1684 "Failed to set random MAC address");
1688 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1689 wpa_s
->mac_addr_changed
= 1;
1690 wpa_s
->last_mac_addr_style
= style
;
1692 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1693 wpa_msg(wpa_s
, MSG_INFO
,
1694 "Could not update MAC address information");
1698 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1705 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1707 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1708 !wpa_s
->conf
->preassoc_mac_addr
)
1711 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1715 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1718 * wpa_supplicant_associate - Request association
1719 * @wpa_s: Pointer to wpa_supplicant data
1720 * @bss: Scan results for the selected BSS, or %NULL if not available
1721 * @ssid: Configuration data for the selected network
1723 * This function is used to request %wpa_supplicant to associate with a BSS.
1725 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1726 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1728 struct wpa_connect_work
*cwork
;
1731 wpa_s
->own_disconnect_req
= 0;
1734 * If we are starting a new connection, any previously pending EAPOL
1735 * RX cannot be valid anymore.
1737 wpabuf_free(wpa_s
->pending_eapol_rx
);
1738 wpa_s
->pending_eapol_rx
= NULL
;
1740 if (ssid
->mac_addr
== -1)
1741 rand_style
= wpa_s
->conf
->mac_addr
;
1743 rand_style
= ssid
->mac_addr
;
1745 wmm_ac_clear_saved_tspecs(wpa_s
);
1746 wpa_s
->reassoc_same_bss
= 0;
1747 wpa_s
->reassoc_same_ess
= 0;
1749 if (wpa_s
->last_ssid
== ssid
) {
1750 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1751 wpa_s
->reassoc_same_ess
= 1;
1752 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1753 wmm_ac_save_tspecs(wpa_s
);
1754 wpa_s
->reassoc_same_bss
= 1;
1758 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1759 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1761 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1762 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1763 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1764 wpa_msg(wpa_s
, MSG_INFO
,
1765 "Could not restore permanent MAC address");
1768 wpa_s
->mac_addr_changed
= 0;
1769 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1770 wpa_msg(wpa_s
, MSG_INFO
,
1771 "Could not update MAC address information");
1774 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1776 wpa_s
->last_ssid
= ssid
;
1778 #ifdef CONFIG_IBSS_RSN
1779 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1780 wpa_s
->ibss_rsn
= NULL
;
1781 #else /* CONFIG_IBSS_RSN */
1782 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1783 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1784 wpa_msg(wpa_s
, MSG_INFO
,
1785 "IBSS RSN not supported in the build");
1788 #endif /* CONFIG_IBSS_RSN */
1790 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1791 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1793 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1794 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1798 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1799 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1800 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1801 wpas_p2p_ap_setup_failed(wpa_s
);
1804 wpa_s
->current_bss
= bss
;
1805 #else /* CONFIG_AP */
1806 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1808 #endif /* CONFIG_AP */
1812 if (ssid
->mode
== WPAS_MODE_MESH
) {
1814 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1815 wpa_msg(wpa_s
, MSG_INFO
,
1816 "Driver does not support mesh mode");
1820 ssid
->frequency
= bss
->freq
;
1821 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1822 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1825 wpa_s
->current_bss
= bss
;
1826 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1827 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1829 #else /* CONFIG_MESH */
1830 wpa_msg(wpa_s
, MSG_ERROR
,
1831 "mesh mode support not included in the build");
1832 #endif /* CONFIG_MESH */
1838 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
1840 #endif /* CONFIG_TDLS */
1842 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1843 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1844 sme_authenticate(wpa_s
, bss
, ssid
);
1848 if (wpa_s
->connect_work
) {
1849 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
1853 if (radio_work_pending(wpa_s
, "connect")) {
1854 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
1859 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
1860 /* Clear possibly set auth_alg, if any, from last attempt. */
1861 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
1863 #endif /* CONFIG_SME */
1865 wpas_abort_ongoing_scan(wpa_s
);
1867 cwork
= os_zalloc(sizeof(*cwork
));
1874 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
1875 wpas_start_assoc_cb
, cwork
) < 0) {
1881 static int bss_is_ibss(struct wpa_bss
*bss
)
1883 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
1888 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
1889 const struct wpa_ssid
*ssid
)
1891 enum hostapd_hw_mode hw_mode
;
1892 struct hostapd_hw_modes
*mode
= NULL
;
1896 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
1897 if (hw_mode
== NUM_HOSTAPD_MODES
)
1899 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1900 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1901 mode
= &wpa_s
->hw
.modes
[i
];
1909 return mode
->vht_capab
!= 0;
1913 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
1914 const struct wpa_ssid
*ssid
,
1915 struct hostapd_freq_params
*freq
)
1917 enum hostapd_hw_mode hw_mode
;
1918 struct hostapd_hw_modes
*mode
= NULL
;
1919 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1921 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
1922 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
1924 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
1926 struct hostapd_freq_params vht_freq
;
1927 int chwidth
, seg0
, seg1
;
1930 freq
->freq
= ssid
->frequency
;
1932 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
1933 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
1935 if (ssid
->mode
!= WPAS_MODE_IBSS
)
1938 /* Don't adjust control freq in case of fixed_freq */
1939 if (ssid
->fixed_freq
)
1942 if (!bss_is_ibss(bss
))
1945 if (ssid
->ssid_len
== bss
->ssid_len
&&
1946 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
1947 wpa_printf(MSG_DEBUG
,
1948 "IBSS already found in scan results, adjust control freq: %d",
1950 freq
->freq
= bss
->freq
;
1956 /* For IBSS check HT_IBSS flag */
1957 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1958 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
1961 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
1962 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
1963 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
1964 wpa_printf(MSG_DEBUG
,
1965 "IBSS: WEP/TKIP detected, do not try to enable HT");
1969 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
1970 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1971 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1972 mode
= &wpa_s
->hw
.modes
[i
];
1980 #ifdef CONFIG_HT_OVERRIDES
1981 if (ssid
->disable_ht
) {
1982 freq
->ht_enabled
= 0;
1985 #endif /* CONFIG_HT_OVERRIDES */
1987 freq
->ht_enabled
= ht_supported(mode
);
1988 if (!freq
->ht_enabled
)
1991 /* Setup higher BW only for 5 GHz */
1992 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
1995 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
1996 pri_chan
= &mode
->channels
[chan_idx
];
1997 if (pri_chan
->chan
== channel
)
2004 /* Check primary channel flags */
2005 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2008 #ifdef CONFIG_HT_OVERRIDES
2009 if (ssid
->disable_ht40
)
2011 #endif /* CONFIG_HT_OVERRIDES */
2013 /* Check/setup HT40+/HT40- */
2014 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2015 if (ht40plus
[j
] == channel
) {
2021 /* Find secondary channel */
2022 for (i
= 0; i
< mode
->num_channels
; i
++) {
2023 sec_chan
= &mode
->channels
[i
];
2024 if (sec_chan
->chan
== channel
+ ht40
* 4)
2031 /* Check secondary channel flags */
2032 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2035 freq
->channel
= pri_chan
->chan
;
2038 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2041 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2044 freq
->sec_channel_offset
= ht40
;
2047 struct wpa_scan_results
*scan_res
;
2049 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2050 if (scan_res
== NULL
) {
2052 freq
->sec_channel_offset
= 0;
2056 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2061 freq
->sec_channel_offset
= 0;
2064 /* Configuration allowed */
2067 /* Switch pri/sec channels */
2068 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2069 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2070 freq
->channel
= sec_chan
->chan
;
2073 freq
->sec_channel_offset
= 0;
2077 wpa_scan_results_free(scan_res
);
2080 wpa_printf(MSG_DEBUG
,
2081 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2082 freq
->channel
, freq
->sec_channel_offset
);
2084 if (!drv_supports_vht(wpa_s
, ssid
))
2087 /* For IBSS check VHT_IBSS flag */
2088 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2089 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2094 #ifdef CONFIG_VHT_OVERRIDES
2095 if (ssid
->disable_vht
) {
2096 freq
->vht_enabled
= 0;
2099 #endif /* CONFIG_VHT_OVERRIDES */
2101 vht_freq
.vht_enabled
= vht_supported(mode
);
2102 if (!vht_freq
.vht_enabled
)
2105 /* setup center_freq1, bandwidth */
2106 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2107 if (freq
->channel
>= vht80
[j
] &&
2108 freq
->channel
< vht80
[j
] + 16)
2112 if (j
== ARRAY_SIZE(vht80
))
2115 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2116 struct hostapd_channel_data
*chan
;
2118 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2122 /* Back to HT configuration if channel not usable */
2123 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2127 chwidth
= VHT_CHANWIDTH_80MHZ
;
2128 seg0
= vht80
[j
] + 6;
2131 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2132 /* setup center_freq2, bandwidth */
2133 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2134 /* Only accept 80 MHz segments separated by a gap */
2135 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2137 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2138 struct hostapd_channel_data
*chan
;
2140 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2144 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2145 HOSTAPD_CHAN_NO_IR
|
2146 HOSTAPD_CHAN_RADAR
))
2149 /* Found a suitable second segment for 80+80 */
2150 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2152 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2153 seg1
= vht80
[k
] + 6;
2156 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2159 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2160 if (freq
->freq
== 5180) {
2161 chwidth
= VHT_CHANWIDTH_160MHZ
;
2162 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2164 } else if (freq
->freq
== 5520) {
2165 chwidth
= VHT_CHANWIDTH_160MHZ
;
2166 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2171 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2172 freq
->channel
, freq
->ht_enabled
,
2173 vht_freq
.vht_enabled
,
2174 freq
->sec_channel_offset
,
2175 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2180 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2181 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2186 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2189 struct fils_hlp_req
*req
;
2190 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2194 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2196 rem_len
= ie_buf_len
- ie_len
;
2197 pos
= wpabuf_head(req
->pkt
);
2198 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2199 hlp_len
= wpabuf_len(req
->pkt
);
2201 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2202 wpa_printf(MSG_ERROR
,
2203 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2204 (unsigned long) rem_len
,
2205 (unsigned long) (2 + hdr_len
+ hlp_len
));
2209 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2211 *buf
++ = WLAN_EID_EXTENSION
;
2214 /* Element ID Extension */
2215 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2216 /* Destination MAC address */
2217 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2219 /* Source MAC address */
2220 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2222 /* LLC/SNAP Header */
2223 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2226 os_memcpy(buf
, pos
, len
- hdr_len
);
2227 buf
+= len
- hdr_len
;
2228 pos
+= len
- hdr_len
;
2230 hlp_len
-= len
- hdr_len
;
2235 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2236 if (rem_len
< 2 + len
)
2238 *buf
++ = WLAN_EID_FRAGMENT
;
2240 os_memcpy(buf
, pos
, len
);
2252 #endif /* CONFIG_FILS */
2255 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2257 struct wpa_connect_work
*cwork
= work
->ctx
;
2258 struct wpa_bss
*bss
= cwork
->bss
;
2259 struct wpa_ssid
*ssid
= cwork
->ssid
;
2260 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2262 size_t max_wpa_ie_len
= 200;
2264 int use_crypt
, ret
, i
, bssid_changed
;
2265 int algs
= WPA_AUTH_ALG_OPEN
;
2266 unsigned int cipher_pairwise
, cipher_group
;
2267 struct wpa_driver_associate_params params
;
2268 int wep_keys_set
= 0;
2269 int assoc_failed
= 0;
2270 struct wpa_ssid
*old_ssid
;
2271 u8 prev_bssid
[ETH_ALEN
];
2272 #ifdef CONFIG_HT_OVERRIDES
2273 struct ieee80211_ht_capabilities htcaps
;
2274 struct ieee80211_ht_capabilities htcaps_mask
;
2275 #endif /* CONFIG_HT_OVERRIDES */
2276 #ifdef CONFIG_VHT_OVERRIDES
2277 struct ieee80211_vht_capabilities vhtcaps
;
2278 struct ieee80211_vht_capabilities vhtcaps_mask
;
2279 #endif /* CONFIG_VHT_OVERRIDES */
2281 const u8
*realm
, *username
, *rrk
;
2282 size_t realm_len
, username_len
, rrk_len
;
2284 #endif /* CONFIG_FILS */
2287 if (work
->started
) {
2288 wpa_s
->connect_work
= NULL
;
2290 /* cancel possible auth. timeout */
2291 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2294 wpas_connect_work_free(cwork
);
2298 wpa_s
->connect_work
= work
;
2300 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2301 wpas_network_disabled(wpa_s
, ssid
)) {
2302 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2303 wpas_connect_work_done(wpa_s
);
2307 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2308 os_memset(¶ms
, 0, sizeof(params
));
2309 wpa_s
->reassociate
= 0;
2310 wpa_s
->eap_expected_failure
= 0;
2312 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2313 #ifdef CONFIG_IEEE80211R
2314 const u8
*ie
, *md
= NULL
;
2315 #endif /* CONFIG_IEEE80211R */
2316 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2317 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2318 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2319 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2320 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2321 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2323 wpas_notify_bssid_changed(wpa_s
);
2324 #ifdef CONFIG_IEEE80211R
2325 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2326 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2328 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2330 /* Prepare for the next transition */
2331 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2333 #endif /* CONFIG_IEEE80211R */
2335 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2336 wpa_s
->conf
->ap_scan
== 2 &&
2337 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2338 /* Use ap_scan==1 style network selection to find the network
2340 wpas_connect_work_done(wpa_s
);
2341 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2342 wpa_s
->reassociate
= 1;
2343 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2345 #endif /* CONFIG_WPS */
2347 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2348 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2350 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2352 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2355 wpa_supplicant_cancel_sched_scan(wpa_s
);
2357 wpa_supplicant_cancel_scan(wpa_s
);
2359 /* Starting new association, so clear the possibly used WPA IE from the
2360 * previous association. */
2361 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2363 #ifdef IEEE8021X_EAPOL
2364 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2366 if (ssid
->non_leap
== 0)
2367 algs
= WPA_AUTH_ALG_LEAP
;
2369 algs
|= WPA_AUTH_ALG_LEAP
;
2374 /* Clear FILS association */
2375 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2377 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2378 ssid
->eap
.erp
&& wpa_key_mgmt_fils(ssid
->key_mgmt
) &&
2379 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2380 &username_len
, &realm
, &realm_len
,
2381 &next_seq_num
, &rrk
, &rrk_len
) == 0) {
2382 algs
= WPA_AUTH_ALG_FILS
;
2383 params
.fils_erp_username
= username
;
2384 params
.fils_erp_username_len
= username_len
;
2385 params
.fils_erp_realm
= realm
;
2386 params
.fils_erp_realm_len
= realm_len
;
2387 params
.fils_erp_next_seq_num
= next_seq_num
;
2388 params
.fils_erp_rrk
= rrk
;
2389 params
.fils_erp_rrk_len
= rrk_len
;
2391 #endif /* CONFIG_FILS */
2392 #endif /* IEEE8021X_EAPOL */
2394 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2395 if (ssid
->auth_alg
) {
2396 algs
= ssid
->auth_alg
;
2397 wpa_dbg(wpa_s
, MSG_DEBUG
, "Overriding auth_alg selection: "
2402 if (algs
== WPA_AUTH_ALG_FILS
) {
2403 struct fils_hlp_req
*req
;
2405 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2407 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 +
2408 wpabuf_len(req
->pkt
) +
2409 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2412 #endif /* CONFIG_FILS */
2413 wpa_ie
= os_malloc(max_wpa_ie_len
);
2415 wpa_printf(MSG_ERROR
,
2416 "Failed to allocate connect IE buffer for %lu bytes",
2417 (unsigned long) max_wpa_ie_len
);
2418 wpas_connect_work_done(wpa_s
);
2422 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2423 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2424 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2425 int try_opportunistic
;
2426 const u8
*cache_id
= NULL
;
2428 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2430 ssid
->proactive_key_caching
) &&
2431 (ssid
->proto
& WPA_PROTO_RSN
);
2433 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2434 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2435 #endif /* CONFIG_FILS */
2436 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2437 ssid
, try_opportunistic
,
2439 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2440 wpa_ie_len
= max_wpa_ie_len
;
2441 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2442 wpa_ie
, &wpa_ie_len
)) {
2443 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2444 "key management and encryption suites");
2445 wpas_connect_work_done(wpa_s
);
2449 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2450 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2452 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2453 * use non-WPA since the scan results did not indicate that the
2454 * AP is using WPA or WPA2.
2456 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2458 wpa_s
->wpa_proto
= 0;
2459 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2460 wpa_ie_len
= max_wpa_ie_len
;
2461 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2462 wpa_ie
, &wpa_ie_len
)) {
2463 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2464 "key management and encryption suites (no "
2466 wpas_connect_work_done(wpa_s
);
2471 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2472 struct wpabuf
*wps_ie
;
2473 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2474 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2475 wpa_ie_len
= wpabuf_len(wps_ie
);
2476 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2479 wpabuf_free(wps_ie
);
2480 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2481 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2482 params
.wps
= WPS_MODE_PRIVACY
;
2484 params
.wps
= WPS_MODE_OPEN
;
2485 wpa_s
->wpa_proto
= 0;
2486 #endif /* CONFIG_WPS */
2488 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2490 wpa_s
->wpa_proto
= 0;
2494 if (wpa_s
->global
->p2p
) {
2498 pos
= wpa_ie
+ wpa_ie_len
;
2499 len
= max_wpa_ie_len
- wpa_ie_len
;
2500 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2506 wpa_s
->cross_connect_disallowed
= 0;
2509 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2511 wpa_s
->cross_connect_disallowed
=
2512 p2p_get_cross_connect_disallowed(p2p
);
2514 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2516 wpa_s
->cross_connect_disallowed
?
2517 "disallows" : "allows");
2521 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2522 #endif /* CONFIG_P2P */
2525 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2526 wpa_ie
+ wpa_ie_len
,
2532 * Workaround: Add Extended Capabilities element only if the AP
2533 * included this element in Beacon/Probe Response frames. Some older
2534 * APs seem to have interoperability issues if this element is
2535 * included, so while the standard may require us to include the
2536 * element in all cases, it is justifiable to skip it to avoid
2537 * interoperability issues.
2539 if (ssid
->p2p_group
)
2540 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2542 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2544 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2547 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2549 if (ext_capab_len
> 0) {
2551 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2553 os_memmove(pos
+ ext_capab_len
, pos
,
2554 wpa_ie_len
- (pos
- wpa_ie
));
2555 wpa_ie_len
+= ext_capab_len
;
2556 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2561 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2562 struct wpabuf
*hs20
;
2564 hs20
= wpabuf_alloc(20);
2566 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2569 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2570 len
= max_wpa_ie_len
- wpa_ie_len
;
2571 if (wpabuf_len(hs20
) <= len
) {
2572 os_memcpy(wpa_ie
+ wpa_ie_len
,
2573 wpabuf_head(hs20
), wpabuf_len(hs20
));
2574 wpa_ie_len
+= wpabuf_len(hs20
);
2578 hs20_configure_frame_filters(wpa_s
);
2581 #endif /* CONFIG_HS20 */
2583 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2584 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2587 len
= max_wpa_ie_len
- wpa_ie_len
;
2588 if (wpabuf_len(buf
) <= len
) {
2589 os_memcpy(wpa_ie
+ wpa_ie_len
,
2590 wpabuf_head(buf
), wpabuf_len(buf
));
2591 wpa_ie_len
+= wpabuf_len(buf
);
2596 if (wpa_s
->fst_ies
) {
2597 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2599 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2600 os_memcpy(wpa_ie
+ wpa_ie_len
,
2601 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2602 wpa_ie_len
+= fst_ies_len
;
2605 #endif /* CONFIG_FST */
2608 if (bss
&& wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
)) {
2611 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2612 max_wpa_ie_len
- wpa_ie_len
);
2616 #endif /* CONFIG_MBO */
2619 if (algs
== WPA_AUTH_ALG_FILS
) {
2622 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2623 max_wpa_ie_len
- wpa_ie_len
);
2626 #endif /* CONFIG_FILS */
2628 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2630 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2631 cipher_group
= wpa_s
->group_cipher
;
2632 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2633 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2634 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2636 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2641 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2644 #ifdef IEEE8021X_EAPOL
2645 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2646 if ((ssid
->eapol_flags
&
2647 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2648 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2652 /* Assume that dynamic WEP-104 keys will be used and
2653 * set cipher suites in order for drivers to expect
2655 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2658 #endif /* IEEE8021X_EAPOL */
2660 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2661 /* Set the key before (and later after) association */
2662 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2665 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2667 params
.ssid
= bss
->ssid
;
2668 params
.ssid_len
= bss
->ssid_len
;
2669 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2670 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2671 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2672 MACSTR
" freq=%u MHz based on scan results "
2673 "(bssid_set=%d wps=%d)",
2674 MAC2STR(bss
->bssid
), bss
->freq
,
2676 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2677 params
.bssid
= bss
->bssid
;
2678 params
.freq
.freq
= bss
->freq
;
2680 params
.bssid_hint
= bss
->bssid
;
2681 params
.freq_hint
= bss
->freq
;
2682 params
.pbss
= bss_is_pbss(bss
);
2684 if (ssid
->bssid_hint_set
)
2685 params
.bssid_hint
= ssid
->bssid_hint
;
2687 params
.ssid
= ssid
->ssid
;
2688 params
.ssid_len
= ssid
->ssid_len
;
2689 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
2692 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
2693 wpa_s
->conf
->ap_scan
== 2) {
2694 params
.bssid
= ssid
->bssid
;
2695 params
.fixed_bssid
= 1;
2698 /* Initial frequency for IBSS/mesh */
2699 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
2700 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
2701 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
2703 if (ssid
->mode
== WPAS_MODE_IBSS
) {
2704 params
.fixed_freq
= ssid
->fixed_freq
;
2705 if (ssid
->beacon_int
)
2706 params
.beacon_int
= ssid
->beacon_int
;
2708 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
2711 params
.wpa_ie
= wpa_ie
;
2712 params
.wpa_ie_len
= wpa_ie_len
;
2713 params
.pairwise_suite
= cipher_pairwise
;
2714 params
.group_suite
= cipher_group
;
2715 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
2716 params
.wpa_proto
= wpa_s
->wpa_proto
;
2717 params
.auth_alg
= algs
;
2718 wpa_s
->auth_alg
= params
.auth_alg
;
2719 params
.mode
= ssid
->mode
;
2720 params
.bg_scan_period
= ssid
->bg_scan_period
;
2721 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
2722 if (ssid
->wep_key_len
[i
])
2723 params
.wep_key
[i
] = ssid
->wep_key
[i
];
2724 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
2726 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
2728 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
2729 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2730 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
2731 params
.passphrase
= ssid
->passphrase
;
2733 params
.psk
= ssid
->psk
;
2736 if (wpa_s
->conf
->key_mgmt_offload
) {
2737 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
2738 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
2739 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
2740 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
2741 params
.req_key_mgmt_offload
=
2742 ssid
->proactive_key_caching
< 0 ?
2743 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
2745 params
.req_key_mgmt_offload
= 1;
2747 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2748 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
2749 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
2751 params
.psk
= ssid
->psk
;
2754 params
.drop_unencrypted
= use_crypt
;
2756 #ifdef CONFIG_IEEE80211W
2757 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
2758 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
2759 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
2760 struct wpa_ie_data ie
;
2761 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
2763 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
2764 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
2765 "MFP: require MFP");
2766 params
.mgmt_frame_protection
=
2767 MGMT_FRAME_PROTECTION_REQUIRED
;
2770 #endif /* CONFIG_IEEE80211W */
2772 params
.p2p
= ssid
->p2p_group
;
2774 if (wpa_s
->p2pdev
->set_sta_uapsd
)
2775 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
2779 #ifdef CONFIG_HT_OVERRIDES
2780 os_memset(&htcaps
, 0, sizeof(htcaps
));
2781 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
2782 params
.htcaps
= (u8
*) &htcaps
;
2783 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
2784 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
2785 #endif /* CONFIG_HT_OVERRIDES */
2786 #ifdef CONFIG_VHT_OVERRIDES
2787 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
2788 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
2789 params
.vhtcaps
= &vhtcaps
;
2790 params
.vhtcaps_mask
= &vhtcaps_mask
;
2791 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
2792 #endif /* CONFIG_VHT_OVERRIDES */
2796 * If multi-channel concurrency is not supported, check for any
2797 * frequency conflict. In case of any frequency conflict, remove the
2798 * least prioritized connection.
2800 if (wpa_s
->num_multichan_concurrent
< 2) {
2802 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
2803 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
2804 wpa_printf(MSG_DEBUG
,
2805 "Assoc conflicting freq found (%d != %d)",
2806 freq
, params
.freq
.freq
);
2807 if (wpas_p2p_handle_frequency_conflicts(
2808 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
2809 wpas_connect_work_done(wpa_s
);
2815 #endif /* CONFIG_P2P */
2817 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
2818 wpa_s
->current_ssid
)
2819 params
.prev_bssid
= prev_bssid
;
2821 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
2824 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
2826 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
2828 * The driver is known to mean what is saying, so we
2829 * can stop right here; the association will not
2832 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
2833 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2834 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2837 /* try to continue anyway; new association will be tried again
2842 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2843 /* Set the key after the association just in case association
2844 * cleared the previously configured key. */
2845 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2846 /* No need to timeout authentication since there is no key
2848 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2849 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
2850 #ifdef CONFIG_IBSS_RSN
2851 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
2852 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
2853 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
2855 * RSN IBSS authentication is per-STA and we can disable the
2856 * per-BSSID authentication.
2858 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2859 #endif /* CONFIG_IBSS_RSN */
2861 /* Timeout for IEEE 802.11 authentication and association */
2865 /* give IBSS a bit more time */
2866 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
2867 } else if (wpa_s
->conf
->ap_scan
== 1) {
2868 /* give IBSS a bit more time */
2869 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
2871 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
2875 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
2876 /* Set static WEP keys again */
2877 wpa_set_wep_keys(wpa_s
, ssid
);
2880 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
2882 * Do not allow EAP session resumption between different
2883 * network configurations.
2885 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
2887 old_ssid
= wpa_s
->current_ssid
;
2888 wpa_s
->current_ssid
= ssid
;
2890 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
2891 wpa_s
->current_bss
= bss
;
2893 hs20_configure_frame_filters(wpa_s
);
2894 #endif /* CONFIG_HS20 */
2897 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
2898 wpa_supplicant_initiate_eapol(wpa_s
);
2899 if (old_ssid
!= wpa_s
->current_ssid
)
2900 wpas_notify_network_changed(wpa_s
);
2904 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
2907 struct wpa_ssid
*old_ssid
;
2909 wpas_connect_work_done(wpa_s
);
2910 wpa_clear_keys(wpa_s
, addr
);
2911 old_ssid
= wpa_s
->current_ssid
;
2912 wpa_supplicant_mark_disassoc(wpa_s
);
2913 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
2914 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
2915 if (old_ssid
!= wpa_s
->current_ssid
)
2916 wpas_notify_network_changed(wpa_s
);
2917 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
2922 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2923 * @wpa_s: Pointer to wpa_supplicant data
2924 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2926 * This function is used to request %wpa_supplicant to deauthenticate from the
2929 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
2933 union wpa_event_data event
;
2936 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
2937 " pending_bssid=" MACSTR
" reason=%d state=%s",
2938 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
2939 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
2941 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
2942 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
2943 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
2944 addr
= wpa_s
->pending_bssid
;
2945 else if (!is_zero_ether_addr(wpa_s
->bssid
))
2946 addr
= wpa_s
->bssid
;
2947 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
2949 * When using driver-based BSS selection, we may not know the
2950 * BSSID with which we are currently trying to associate. We
2951 * need to notify the driver of this disconnection even in such
2952 * a case, so use the all zeros address here.
2954 addr
= wpa_s
->bssid
;
2959 wpa_tdls_teardown_peers(wpa_s
->wpa
);
2960 #endif /* CONFIG_TDLS */
2964 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
2966 wpa_supplicant_leave_mesh(wpa_s
);
2968 #endif /* CONFIG_MESH */
2971 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
2972 os_memset(&event
, 0, sizeof(event
));
2973 event
.deauth_info
.reason_code
= (u16
) reason_code
;
2974 event
.deauth_info
.locally_generated
= 1;
2975 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
2980 wpa_supplicant_clear_connection(wpa_s
, addr
);
2983 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
2984 struct wpa_ssid
*ssid
)
2986 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
2990 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
2991 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
2994 * Try to reassociate since there is no current configuration and a new
2995 * network was made available.
2997 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
2998 wpa_s
->reassociate
= 1;
3003 * wpa_supplicant_add_network - Add a new network
3004 * @wpa_s: wpa_supplicant structure for a network interface
3005 * Returns: The new network configuration or %NULL if operation failed
3007 * This function performs the following operations:
3008 * 1. Adds a new network.
3009 * 2. Send network addition notification.
3010 * 3. Marks the network disabled.
3011 * 4. Set network default parameters.
3013 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3015 struct wpa_ssid
*ssid
;
3017 ssid
= wpa_config_add_network(wpa_s
->conf
);
3020 wpas_notify_network_added(wpa_s
, ssid
);
3022 wpa_config_set_network_defaults(ssid
);
3029 * wpa_supplicant_remove_network - Remove a configured network based on id
3030 * @wpa_s: wpa_supplicant structure for a network interface
3031 * @id: Unique network id to search for
3032 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3033 * could not be removed
3035 * This function performs the following operations:
3036 * 1. Removes the network.
3037 * 2. Send network removal notification.
3038 * 3. Update internal state machines.
3039 * 4. Stop any running sched scans.
3041 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3043 struct wpa_ssid
*ssid
;
3046 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3049 wpas_notify_network_removed(wpa_s
, ssid
);
3051 if (wpa_s
->last_ssid
== ssid
)
3052 wpa_s
->last_ssid
= NULL
;
3054 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3056 wpa_s
->sme
.prev_bssid_set
= 0;
3057 #endif /* CONFIG_SME */
3059 * Invalidate the EAP session cache if the current or
3060 * previously used network is removed.
3062 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3065 if (ssid
== wpa_s
->current_ssid
) {
3066 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3067 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3069 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3070 wpa_s
->own_disconnect_req
= 1;
3071 wpa_supplicant_deauthenticate(wpa_s
,
3072 WLAN_REASON_DEAUTH_LEAVING
);
3075 was_disabled
= ssid
->disabled
;
3077 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3080 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3081 wpa_printf(MSG_DEBUG
,
3082 "Stop ongoing sched_scan to remove network from filters");
3083 wpa_supplicant_cancel_sched_scan(wpa_s
);
3084 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3092 * wpa_supplicant_enable_network - Mark a configured network as enabled
3093 * @wpa_s: wpa_supplicant structure for a network interface
3094 * @ssid: wpa_ssid structure for a configured network or %NULL
3096 * Enables the specified network or all networks if no network specified.
3098 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3099 struct wpa_ssid
*ssid
)
3102 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3103 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3105 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3107 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3108 (!wpa_s
->current_ssid
||
3109 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3110 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3111 if (wpa_s
->sched_scanning
) {
3112 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3113 "new network to scan filters");
3114 wpa_supplicant_cancel_sched_scan(wpa_s
);
3117 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3118 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3119 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3126 * wpa_supplicant_disable_network - Mark a configured network as disabled
3127 * @wpa_s: wpa_supplicant structure for a network interface
3128 * @ssid: wpa_ssid structure for a configured network or %NULL
3130 * Disables the specified network or all networks if no network specified.
3132 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3133 struct wpa_ssid
*ssid
)
3135 struct wpa_ssid
*other_ssid
;
3139 if (wpa_s
->sched_scanning
)
3140 wpa_supplicant_cancel_sched_scan(wpa_s
);
3142 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3143 other_ssid
= other_ssid
->next
) {
3144 was_disabled
= other_ssid
->disabled
;
3145 if (was_disabled
== 2)
3146 continue; /* do not change persistent P2P group
3149 other_ssid
->disabled
= 1;
3151 if (was_disabled
!= other_ssid
->disabled
)
3152 wpas_notify_network_enabled_changed(
3155 if (wpa_s
->current_ssid
) {
3156 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3157 wpa_s
->own_disconnect_req
= 1;
3158 wpa_supplicant_deauthenticate(
3159 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3161 } else if (ssid
->disabled
!= 2) {
3162 if (ssid
== wpa_s
->current_ssid
) {
3163 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3164 wpa_s
->own_disconnect_req
= 1;
3165 wpa_supplicant_deauthenticate(
3166 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3169 was_disabled
= ssid
->disabled
;
3173 if (was_disabled
!= ssid
->disabled
) {
3174 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3175 if (wpa_s
->sched_scanning
) {
3176 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3177 "to remove network from filters");
3178 wpa_supplicant_cancel_sched_scan(wpa_s
);
3179 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3187 * wpa_supplicant_select_network - Attempt association with a network
3188 * @wpa_s: wpa_supplicant structure for a network interface
3189 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3191 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3192 struct wpa_ssid
*ssid
)
3195 struct wpa_ssid
*other_ssid
;
3196 int disconnected
= 0;
3198 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3199 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3200 wpa_s
->own_disconnect_req
= 1;
3201 wpa_supplicant_deauthenticate(
3202 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3207 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3210 * Mark all other networks disabled or mark all networks enabled if no
3211 * network specified.
3213 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3214 other_ssid
= other_ssid
->next
) {
3215 int was_disabled
= other_ssid
->disabled
;
3216 if (was_disabled
== 2)
3217 continue; /* do not change persistent P2P group data */
3219 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3220 if (was_disabled
&& !other_ssid
->disabled
)
3221 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3223 if (was_disabled
!= other_ssid
->disabled
)
3224 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3227 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3228 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3229 /* We are already associated with the selected network */
3230 wpa_printf(MSG_DEBUG
, "Already associated with the "
3231 "selected network - do nothing");
3236 wpa_s
->current_ssid
= ssid
;
3237 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3238 wpa_s
->connect_without_scan
=
3239 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3242 * Don't optimize next scan freqs since a new ESS has been
3245 os_free(wpa_s
->next_scan_freqs
);
3246 wpa_s
->next_scan_freqs
= NULL
;
3248 wpa_s
->connect_without_scan
= NULL
;
3251 wpa_s
->disconnected
= 0;
3252 wpa_s
->reassociate
= 1;
3254 if (wpa_s
->connect_without_scan
||
3255 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3256 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3257 wpas_scan_reset_sched_scan(wpa_s
);
3258 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3262 wpas_notify_network_selected(wpa_s
, ssid
);
3267 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3268 * @wpa_s: wpa_supplicant structure for a network interface
3269 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3270 * @pkcs11_module_path: PKCS #11 module path or NULL
3271 * Returns: 0 on success; -1 on failure
3273 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3274 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3275 * module path fails the paths will be reset to the default value (NULL).
3277 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3278 const char *pkcs11_engine_path
,
3279 const char *pkcs11_module_path
)
3281 char *pkcs11_engine_path_copy
= NULL
;
3282 char *pkcs11_module_path_copy
= NULL
;
3284 if (pkcs11_engine_path
!= NULL
) {
3285 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3286 if (pkcs11_engine_path_copy
== NULL
)
3289 if (pkcs11_module_path
!= NULL
) {
3290 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3291 if (pkcs11_module_path_copy
== NULL
) {
3292 os_free(pkcs11_engine_path_copy
);
3297 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3298 os_free(wpa_s
->conf
->pkcs11_module_path
);
3299 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3300 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3302 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3303 eapol_sm_deinit(wpa_s
->eapol
);
3304 wpa_s
->eapol
= NULL
;
3305 if (wpa_supplicant_init_eapol(wpa_s
)) {
3306 /* Error -> Reset paths to the default value (NULL) once. */
3307 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3308 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3313 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3320 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3321 * @wpa_s: wpa_supplicant structure for a network interface
3322 * @ap_scan: AP scan mode
3323 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3326 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3331 if (ap_scan
< 0 || ap_scan
> 2)
3334 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3335 wpa_printf(MSG_INFO
,
3336 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3340 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3341 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3342 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3343 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3344 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3347 #endif /* ANDROID */
3349 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3350 wpa_s
->conf
->ap_scan
= ap_scan
;
3352 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3353 wpas_notify_ap_scan_changed(wpa_s
);
3360 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3361 * @wpa_s: wpa_supplicant structure for a network interface
3362 * @expire_age: Expiration age in seconds
3363 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3366 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3367 unsigned int bss_expire_age
)
3369 if (bss_expire_age
< 10) {
3370 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3374 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3376 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3383 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3384 * @wpa_s: wpa_supplicant structure for a network interface
3385 * @expire_count: number of scans after which an unseen BSS is reclaimed
3386 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3389 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3390 unsigned int bss_expire_count
)
3392 if (bss_expire_count
< 1) {
3393 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3397 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3399 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3406 * wpa_supplicant_set_scan_interval - Set scan interval
3407 * @wpa_s: wpa_supplicant structure for a network interface
3408 * @scan_interval: scan interval in seconds
3409 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3412 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3415 if (scan_interval
< 0) {
3416 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3420 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3422 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3429 * wpa_supplicant_set_debug_params - Set global debug params
3430 * @global: wpa_global structure
3431 * @debug_level: debug level
3432 * @debug_timestamp: determines if show timestamp in debug data
3433 * @debug_show_keys: determines if show keys in debug data
3434 * Returns: 0 if succeed or -1 if debug_level has wrong value
3436 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3437 int debug_timestamp
, int debug_show_keys
)
3440 int old_level
, old_timestamp
, old_show_keys
;
3442 /* check for allowed debuglevels */
3443 if (debug_level
!= MSG_EXCESSIVE
&&
3444 debug_level
!= MSG_MSGDUMP
&&
3445 debug_level
!= MSG_DEBUG
&&
3446 debug_level
!= MSG_INFO
&&
3447 debug_level
!= MSG_WARNING
&&
3448 debug_level
!= MSG_ERROR
)
3451 old_level
= wpa_debug_level
;
3452 old_timestamp
= wpa_debug_timestamp
;
3453 old_show_keys
= wpa_debug_show_keys
;
3455 wpa_debug_level
= debug_level
;
3456 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3457 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3459 if (wpa_debug_level
!= old_level
)
3460 wpas_notify_debug_level_changed(global
);
3461 if (wpa_debug_timestamp
!= old_timestamp
)
3462 wpas_notify_debug_timestamp_changed(global
);
3463 if (wpa_debug_show_keys
!= old_show_keys
)
3464 wpas_notify_debug_show_keys_changed(global
);
3471 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3472 * @wpa_s: Pointer to wpa_supplicant data
3473 * Returns: A pointer to the current network structure or %NULL on failure
3475 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3477 struct wpa_ssid
*entry
;
3478 u8 ssid
[SSID_MAX_LEN
];
3484 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3486 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3492 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3493 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3498 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3499 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3501 entry
= wpa_s
->conf
->ssid
;
3503 if (!wpas_network_disabled(wpa_s
, entry
) &&
3504 ((ssid_len
== entry
->ssid_len
&&
3505 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3506 (!entry
->bssid_set
||
3507 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3510 if (!wpas_network_disabled(wpa_s
, entry
) &&
3511 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3512 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3513 (!entry
->bssid_set
||
3514 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3516 #endif /* CONFIG_WPS */
3518 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3519 entry
->ssid_len
== 0 &&
3520 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3523 entry
= entry
->next
;
3530 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3532 struct wpa_global
*global
= wpa_s
->global
;
3534 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3535 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3536 if (global
->drv_priv
[i
] == NULL
) {
3537 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3538 "'%s'", wpa_drivers
[i
]->name
);
3543 wpa_s
->driver
= wpa_drivers
[i
];
3544 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3550 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3555 const char *pos
, *driver
= name
;
3560 if (wpa_drivers
[0] == NULL
) {
3561 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3567 /* default to first driver in the list */
3568 return select_driver(wpa_s
, 0);
3572 pos
= os_strchr(driver
, ',');
3576 len
= os_strlen(driver
);
3578 for (i
= 0; wpa_drivers
[i
]; i
++) {
3579 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3580 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3582 /* First driver that succeeds wins */
3583 if (select_driver(wpa_s
, i
) == 0)
3591 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3597 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3598 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3599 * with struct wpa_driver_ops::init()
3600 * @src_addr: Source address of the EAPOL frame
3601 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3602 * @len: Length of the EAPOL data
3604 * This function is called for each received EAPOL frame. Most driver
3605 * interfaces rely on more generic OS mechanism for receiving frames through
3606 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3607 * take care of received EAPOL frames and deliver them to the core supplicant
3608 * code by calling this function.
3610 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3611 const u8
*buf
, size_t len
)
3613 struct wpa_supplicant
*wpa_s
= ctx
;
3615 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3616 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3618 #ifdef CONFIG_TESTING_OPTIONS
3619 if (wpa_s
->ignore_auth_resp
) {
3620 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3623 #endif /* CONFIG_TESTING_OPTIONS */
3625 #ifdef CONFIG_PEERKEY
3626 if (wpa_s
->wpa_state
> WPA_ASSOCIATED
&& wpa_s
->current_ssid
&&
3627 wpa_s
->current_ssid
->peerkey
&&
3628 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3629 wpa_sm_rx_eapol_peerkey(wpa_s
->wpa
, src_addr
, buf
, len
) == 1) {
3630 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: Processed PeerKey EAPOL-Key");
3633 #endif /* CONFIG_PEERKEY */
3635 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3636 (wpa_s
->last_eapol_matches_bssid
&&
3639 #endif /* CONFIG_AP */
3640 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3642 * There is possible race condition between receiving the
3643 * association event and the EAPOL frame since they are coming
3644 * through different paths from the driver. In order to avoid
3645 * issues in trying to process the EAPOL frame before receiving
3646 * association information, lets queue it for processing until
3647 * the association event is received. This may also be needed in
3648 * driver-based roaming case, so also use src_addr != BSSID as a
3649 * trigger if we have previously confirmed that the
3650 * Authenticator uses BSSID as the src_addr (which is not the
3651 * case with wired IEEE 802.1X).
3653 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
3654 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
3655 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
3656 MAC2STR(wpa_s
->bssid
));
3657 wpabuf_free(wpa_s
->pending_eapol_rx
);
3658 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
3659 if (wpa_s
->pending_eapol_rx
) {
3660 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
3661 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
3667 wpa_s
->last_eapol_matches_bssid
=
3668 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
3671 if (wpa_s
->ap_iface
) {
3672 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
3675 #endif /* CONFIG_AP */
3677 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
3678 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
3679 "no key management is configured");
3683 if (wpa_s
->eapol_received
== 0 &&
3684 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
3685 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
3686 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
3687 (wpa_s
->current_ssid
== NULL
||
3688 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
3689 /* Timeout for completing IEEE 802.1X and WPA authentication */
3692 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
3693 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
3694 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3695 /* Use longer timeout for IEEE 802.1X/EAP */
3700 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
3701 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3702 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
3704 * Use shorter timeout if going through WPS AP iteration
3705 * for PIN config method with an AP that does not
3706 * advertise Selected Registrar.
3708 struct wpabuf
*wps_ie
;
3710 wps_ie
= wpa_bss_get_vendor_ie_multi(
3711 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
3713 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
3715 wpabuf_free(wps_ie
);
3717 #endif /* CONFIG_WPS */
3719 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3721 wpa_s
->eapol_received
++;
3723 if (wpa_s
->countermeasures
) {
3724 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
3729 #ifdef CONFIG_IBSS_RSN
3730 if (wpa_s
->current_ssid
&&
3731 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
3732 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
3735 #endif /* CONFIG_IBSS_RSN */
3737 /* Source address of the incoming EAPOL frame could be compared to the
3738 * current BSSID. However, it is possible that a centralized
3739 * Authenticator could be using another MAC address than the BSSID of
3740 * an AP, so just allow any address to be used for now. The replies are
3741 * still sent to the current BSSID (if available), though. */
3743 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
3744 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
3745 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
3746 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
3748 wpa_drv_poll(wpa_s
);
3749 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
3750 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
3751 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
3753 * Set portValid = TRUE here since we are going to skip 4-way
3754 * handshake processing which would normally set portValid. We
3755 * need this to allow the EAPOL state machines to be completed
3756 * without going through EAPOL-Key handshake.
3758 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
3763 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
3765 if ((!wpa_s
->p2p_mgmt
||
3766 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
3767 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
3768 l2_packet_deinit(wpa_s
->l2
);
3769 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
3770 wpa_drv_get_mac_addr(wpa_s
),
3772 wpa_supplicant_rx_eapol
, wpa_s
, 0);
3773 if (wpa_s
->l2
== NULL
)
3776 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
3778 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
3781 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
3782 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
3786 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3792 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
3793 const u8
*buf
, size_t len
)
3795 struct wpa_supplicant
*wpa_s
= ctx
;
3796 const struct l2_ethhdr
*eth
;
3798 if (len
< sizeof(*eth
))
3800 eth
= (const struct l2_ethhdr
*) buf
;
3802 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
3803 !(eth
->h_dest
[0] & 0x01)) {
3804 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3805 " (bridge - not for this interface - ignore)",
3806 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3810 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3811 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3812 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
3813 len
- sizeof(*eth
));
3818 * wpa_supplicant_driver_init - Initialize driver interface parameters
3819 * @wpa_s: Pointer to wpa_supplicant data
3820 * Returns: 0 on success, -1 on failure
3822 * This function is called to initialize driver interface parameters.
3823 * wpa_drv_init() must have been called before this function to initialize the
3826 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
3828 static int interface_count
= 0;
3830 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
3833 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
3834 MAC2STR(wpa_s
->own_addr
));
3835 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
3836 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3838 if (wpa_s
->bridge_ifname
[0]) {
3839 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
3840 "interface '%s'", wpa_s
->bridge_ifname
);
3841 wpa_s
->l2_br
= l2_packet_init_bridge(
3842 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
3843 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
3844 if (wpa_s
->l2_br
== NULL
) {
3845 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
3846 "connection for the bridge interface '%s'",
3847 wpa_s
->bridge_ifname
);
3852 if (wpa_s
->conf
->ap_scan
== 2 &&
3853 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3854 wpa_printf(MSG_INFO
,
3855 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3858 wpa_clear_keys(wpa_s
, NULL
);
3860 /* Make sure that TKIP countermeasures are not left enabled (could
3861 * happen if wpa_supplicant is killed during countermeasures. */
3862 wpa_drv_set_countermeasures(wpa_s
, 0);
3864 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
3865 wpa_drv_flush_pmkid(wpa_s
);
3867 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
3868 wpa_s
->prev_scan_wildcard
= 0;
3870 if (wpa_supplicant_enabled_networks(wpa_s
)) {
3871 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
3872 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3873 interface_count
= 0;
3876 if (!wpa_s
->p2p_mgmt
&&
3877 wpa_supplicant_delayed_sched_scan(wpa_s
,
3878 interface_count
% 3,
3880 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
3882 #endif /* ANDROID */
3885 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
3891 static int wpa_supplicant_daemon(const char *pid_file
)
3893 wpa_printf(MSG_DEBUG
, "Daemonize..");
3894 return os_daemonize(pid_file
);
3898 static struct wpa_supplicant
*
3899 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
3901 struct wpa_supplicant
*wpa_s
;
3903 wpa_s
= os_zalloc(sizeof(*wpa_s
));
3906 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
3907 wpa_s
->scan_interval
= 5;
3908 wpa_s
->new_connection
= 1;
3909 wpa_s
->parent
= parent
? parent
: wpa_s
;
3910 wpa_s
->p2pdev
= wpa_s
->parent
;
3911 wpa_s
->sched_scanning
= 0;
3913 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
3914 dl_list_init(&wpa_s
->fils_hlp_req
);
3920 #ifdef CONFIG_HT_OVERRIDES
3922 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
3923 struct ieee80211_ht_capabilities
*htcaps
,
3924 struct ieee80211_ht_capabilities
*htcaps_mask
,
3927 /* parse ht_mcs into hex array */
3929 const char *tmp
= ht_mcs
;
3932 /* If ht_mcs is null, do not set anything */
3936 /* This is what we are setting in the kernel */
3937 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
3939 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
3941 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
3945 v
= strtol(tmp
, &end
, 16);
3948 wpa_msg(wpa_s
, MSG_DEBUG
,
3949 "htcap value[%i]: %ld end: %p tmp: %p",
3954 htcaps
->supported_mcs_set
[i
] = v
;
3957 wpa_msg(wpa_s
, MSG_ERROR
,
3958 "Failed to parse ht-mcs: %s, error: %s\n",
3959 ht_mcs
, strerror(errno
));
3965 * If we were able to parse any values, then set mask for the MCS set.
3968 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
3969 IEEE80211_HT_MCS_MASK_LEN
- 1);
3970 /* skip the 3 reserved bits */
3971 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
3979 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
3980 struct ieee80211_ht_capabilities
*htcaps
,
3981 struct ieee80211_ht_capabilities
*htcaps_mask
,
3986 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
3991 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
3992 htcaps_mask
->ht_capabilities_info
|= msk
;
3994 htcaps
->ht_capabilities_info
&= msk
;
3996 htcaps
->ht_capabilities_info
|= msk
;
4002 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4003 struct ieee80211_ht_capabilities
*htcaps
,
4004 struct ieee80211_ht_capabilities
*htcaps_mask
,
4007 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4012 if (factor
< 0 || factor
> 3) {
4013 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4014 "Must be 0-3 or -1", factor
);
4018 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4019 htcaps
->a_mpdu_params
&= ~0x3;
4020 htcaps
->a_mpdu_params
|= factor
& 0x3;
4026 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4027 struct ieee80211_ht_capabilities
*htcaps
,
4028 struct ieee80211_ht_capabilities
*htcaps_mask
,
4031 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4036 if (density
< 0 || density
> 7) {
4037 wpa_msg(wpa_s
, MSG_ERROR
,
4038 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4043 htcaps_mask
->a_mpdu_params
|= 0x1C;
4044 htcaps
->a_mpdu_params
&= ~(0x1C);
4045 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4051 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4052 struct ieee80211_ht_capabilities
*htcaps
,
4053 struct ieee80211_ht_capabilities
*htcaps_mask
,
4056 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4058 set_disable_ht40(htcaps
, disabled
);
4059 set_disable_ht40(htcaps_mask
, 0);
4065 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4066 struct ieee80211_ht_capabilities
*htcaps
,
4067 struct ieee80211_ht_capabilities
*htcaps_mask
,
4070 /* Masking these out disables SGI */
4071 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4072 HT_CAP_INFO_SHORT_GI40MHZ
);
4074 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4077 htcaps
->ht_capabilities_info
&= ~msk
;
4079 htcaps
->ht_capabilities_info
|= msk
;
4081 htcaps_mask
->ht_capabilities_info
|= msk
;
4087 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4088 struct ieee80211_ht_capabilities
*htcaps
,
4089 struct ieee80211_ht_capabilities
*htcaps_mask
,
4092 /* Masking these out disables LDPC */
4093 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4095 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4098 htcaps
->ht_capabilities_info
&= ~msk
;
4100 htcaps
->ht_capabilities_info
|= msk
;
4102 htcaps_mask
->ht_capabilities_info
|= msk
;
4108 void wpa_supplicant_apply_ht_overrides(
4109 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4110 struct wpa_driver_associate_params
*params
)
4112 struct ieee80211_ht_capabilities
*htcaps
;
4113 struct ieee80211_ht_capabilities
*htcaps_mask
;
4118 params
->disable_ht
= ssid
->disable_ht
;
4119 if (!params
->htcaps
|| !params
->htcaps_mask
)
4122 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4123 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4124 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4125 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4126 ssid
->disable_max_amsdu
);
4127 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4128 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4129 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4130 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4131 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4133 if (ssid
->ht40_intolerant
) {
4134 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4135 htcaps
->ht_capabilities_info
|= bit
;
4136 htcaps_mask
->ht_capabilities_info
|= bit
;
4140 #endif /* CONFIG_HT_OVERRIDES */
4143 #ifdef CONFIG_VHT_OVERRIDES
4144 void wpa_supplicant_apply_vht_overrides(
4145 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4146 struct wpa_driver_associate_params
*params
)
4148 struct ieee80211_vht_capabilities
*vhtcaps
;
4149 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4154 params
->disable_vht
= ssid
->disable_vht
;
4156 vhtcaps
= (void *) params
->vhtcaps
;
4157 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4159 if (!vhtcaps
|| !vhtcaps_mask
)
4162 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4163 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4165 #ifdef CONFIG_HT_OVERRIDES
4166 /* if max ampdu is <= 3, we have to make the HT cap the same */
4167 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4170 max_ampdu
= (ssid
->vht_capa
&
4171 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4172 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4174 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4175 wpa_set_ampdu_factor(wpa_s
,
4176 (void *) params
->htcaps
,
4177 (void *) params
->htcaps_mask
,
4180 #endif /* CONFIG_HT_OVERRIDES */
4182 #define OVERRIDE_MCS(i) \
4183 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4184 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4185 host_to_le16(3 << 2 * (i - 1)); \
4186 vhtcaps->vht_supported_mcs_set.tx_map |= \
4187 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4190 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4191 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4192 host_to_le16(3 << 2 * (i - 1)); \
4193 vhtcaps->vht_supported_mcs_set.rx_map |= \
4194 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4207 #endif /* CONFIG_VHT_OVERRIDES */
4210 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4215 if (!wpa_s
->conf
->pcsc_reader
)
4218 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4222 if (wpa_s
->conf
->pcsc_pin
&&
4223 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4224 scard_deinit(wpa_s
->scard
);
4225 wpa_s
->scard
= NULL
;
4226 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4230 len
= sizeof(wpa_s
->imsi
) - 1;
4231 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4232 scard_deinit(wpa_s
->scard
);
4233 wpa_s
->scard
= NULL
;
4234 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4237 wpa_s
->imsi
[len
] = '\0';
4239 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4241 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4242 wpa_s
->imsi
, wpa_s
->mnc_len
);
4244 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4245 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4246 #endif /* PCSC_FUNCS */
4252 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4256 ext_password_deinit(wpa_s
->ext_pw
);
4257 wpa_s
->ext_pw
= NULL
;
4258 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4260 if (!wpa_s
->conf
->ext_password_backend
)
4263 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4266 pos
= os_strchr(val
, ':');
4270 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4272 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4274 if (wpa_s
->ext_pw
== NULL
) {
4275 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4278 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4286 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4288 struct wpa_supplicant
*wpa_s
= ctx
;
4290 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4291 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4295 static void wpas_fst_get_channel_info_cb(void *ctx
,
4296 enum hostapd_hw_mode
*hw_mode
,
4299 struct wpa_supplicant
*wpa_s
= ctx
;
4301 if (wpa_s
->current_bss
) {
4302 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4304 } else if (wpa_s
->hw
.num_modes
) {
4305 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4313 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4315 struct wpa_supplicant
*wpa_s
= ctx
;
4317 *modes
= wpa_s
->hw
.modes
;
4318 return wpa_s
->hw
.num_modes
;
4322 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4324 struct wpa_supplicant
*wpa_s
= ctx
;
4326 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4327 wpa_s
->fst_ies
= fst_ies
;
4331 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4333 struct wpa_supplicant
*wpa_s
= ctx
;
4335 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4336 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4337 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4340 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4341 wpa_s
->own_addr
, wpa_s
->bssid
,
4342 wpabuf_head(data
), wpabuf_len(data
),
4347 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4349 struct wpa_supplicant
*wpa_s
= ctx
;
4351 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4352 return wpa_s
->received_mb_ies
;
4356 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4357 const u8
*buf
, size_t size
)
4359 struct wpa_supplicant
*wpa_s
= ctx
;
4360 struct mb_ies_info info
;
4362 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4364 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4365 wpabuf_free(wpa_s
->received_mb_ies
);
4366 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4371 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4372 struct fst_get_peer_ctx
**get_ctx
,
4375 struct wpa_supplicant
*wpa_s
= ctx
;
4378 if (!is_zero_ether_addr(wpa_s
->bssid
))
4379 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4380 wpa_s
->bssid
: NULL
;
4385 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4386 struct fst_get_peer_ctx
**get_ctx
,
4392 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4393 struct fst_wpa_obj
*iface_obj
)
4395 iface_obj
->ctx
= wpa_s
;
4396 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4397 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4398 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4399 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4400 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4401 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4402 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4403 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4404 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4406 #endif /* CONFIG_FST */
4408 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4409 const struct wpa_driver_capa
*capa
)
4411 struct wowlan_triggers
*triggers
;
4414 if (!wpa_s
->conf
->wowlan_triggers
)
4417 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4419 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4426 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4429 return BAND_2_4_GHZ
;
4436 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4439 unsigned int band
= 0;
4442 /* freqs are specified for the radio work */
4443 for (i
= 0; freqs
[i
]; i
++)
4444 band
|= wpas_freq_to_band(freqs
[i
]);
4447 * freqs are not specified, implies all
4448 * the supported freqs by HW
4450 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4451 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4452 if (wpa_s
->hw
.modes
[i
].mode
==
4453 HOSTAPD_MODE_IEEE80211B
||
4454 wpa_s
->hw
.modes
[i
].mode
==
4455 HOSTAPD_MODE_IEEE80211G
)
4456 band
|= BAND_2_4_GHZ
;
4457 else if (wpa_s
->hw
.modes
[i
].mode
==
4458 HOSTAPD_MODE_IEEE80211A
)
4460 else if (wpa_s
->hw
.modes
[i
].mode
==
4461 HOSTAPD_MODE_IEEE80211AD
)
4462 band
|= BAND_60_GHZ
;
4463 else if (wpa_s
->hw
.modes
[i
].mode
==
4464 HOSTAPD_MODE_IEEE80211ANY
)
4465 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4475 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4478 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4479 struct wpa_radio
*radio
;
4481 while (rn
&& iface
) {
4482 radio
= iface
->radio
;
4483 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4484 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4486 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4490 iface
= iface
->next
;
4493 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4494 wpa_s
->ifname
, rn
? rn
: "N/A");
4495 radio
= os_zalloc(sizeof(*radio
));
4500 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4501 dl_list_init(&radio
->ifaces
);
4502 dl_list_init(&radio
->work
);
4503 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4509 static void radio_work_free(struct wpa_radio_work
*work
)
4511 if (work
->wpa_s
->scan_work
== work
) {
4512 /* This should not really happen. */
4513 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4514 work
->type
, work
, work
->started
);
4515 work
->wpa_s
->scan_work
= NULL
;
4519 if (work
->wpa_s
->p2p_scan_work
== work
) {
4520 /* This should not really happen. */
4521 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4522 work
->type
, work
, work
->started
);
4523 work
->wpa_s
->p2p_scan_work
= NULL
;
4525 #endif /* CONFIG_P2P */
4527 if (work
->started
) {
4528 work
->wpa_s
->radio
->num_active_works
--;
4529 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4530 "radio_work_free('%s'@%p: num_active_works --> %u",
4532 work
->wpa_s
->radio
->num_active_works
);
4535 dl_list_del(&work
->list
);
4540 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4542 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4543 os_strcmp(work
->type
, "connect") == 0;
4547 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4549 return os_strcmp(work
->type
, "scan") == 0 ||
4550 os_strcmp(work
->type
, "p2p-scan") == 0;
4554 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4556 struct wpa_radio_work
*active_work
= NULL
;
4557 struct wpa_radio_work
*tmp
;
4559 /* Get the active work to know the type and band. */
4560 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4568 /* No active work, start one */
4569 radio
->num_active_works
= 0;
4570 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4572 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4573 radio
->external_scan_running
&&
4574 (((struct wpa_driver_scan_params
*)
4575 tmp
->ctx
)->only_new_results
||
4576 tmp
->wpa_s
->clear_driver_scan_cache
))
4583 if (radio_work_is_connect(active_work
)) {
4585 * If the active work is either connect or sme-connect,
4586 * do not parallelize them with other radio works.
4588 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4589 "Do not parallelize radio work with %s",
4594 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4599 * If connect or sme-connect are enqueued, parallelize only
4600 * those operations ahead of them in the queue.
4602 if (radio_work_is_connect(tmp
))
4605 /* Serialize parallel scan and p2p_scan operations on the same
4606 * interface since the driver_nl80211 mechanism for tracking
4607 * scan cookies does not yet have support for this. */
4608 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4609 radio_work_is_scan(active_work
) &&
4610 radio_work_is_scan(tmp
)) {
4611 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4612 "Do not start work '%s' when another work '%s' is already scheduled",
4613 tmp
->type
, active_work
->type
);
4617 * Check that the radio works are distinct and
4618 * on different bands.
4620 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4621 (active_work
->bands
!= tmp
->bands
)) {
4623 * If a scan has to be scheduled through nl80211 scan
4624 * interface and if an external scan is already running,
4625 * do not schedule the scan since it is likely to get
4626 * rejected by kernel.
4628 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4629 radio
->external_scan_running
&&
4630 (((struct wpa_driver_scan_params
*)
4631 tmp
->ctx
)->only_new_results
||
4632 tmp
->wpa_s
->clear_driver_scan_cache
))
4635 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4636 "active_work:%s new_work:%s",
4637 active_work
->type
, tmp
->type
);
4642 /* Did not find a radio work to schedule in parallel. */
4647 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
4649 struct wpa_radio
*radio
= eloop_ctx
;
4650 struct wpa_radio_work
*work
;
4651 struct os_reltime now
, diff
;
4652 struct wpa_supplicant
*wpa_s
;
4654 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
4656 radio
->num_active_works
= 0;
4660 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
4664 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
4666 return; /* already started and still in progress */
4668 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
4669 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
4674 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4675 /* get the work to schedule next */
4676 work
= radio_work_get_next_work(radio
);
4682 wpa_s
= work
->wpa_s
;
4683 os_get_reltime(&now
);
4684 os_reltime_sub(&now
, &work
->time
, &diff
);
4685 wpa_dbg(wpa_s
, MSG_DEBUG
,
4686 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4687 work
->type
, work
, diff
.sec
, diff
.usec
);
4690 radio
->num_active_works
++;
4694 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
4695 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
4696 radio_work_check_next(wpa_s
);
4701 * This function removes both started and pending radio works running on
4702 * the provided interface's radio.
4703 * Prior to the removal of the radio work, its callback (cb) is called with
4704 * deinit set to be 1. Each work's callback is responsible for clearing its
4705 * internal data and restoring to a correct state.
4706 * @wpa_s: wpa_supplicant data
4707 * @type: type of works to be removed
4708 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4709 * this interface's works.
4711 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
4712 const char *type
, int remove_all
)
4714 struct wpa_radio_work
*work
, *tmp
;
4715 struct wpa_radio
*radio
= wpa_s
->radio
;
4717 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
4719 if (type
&& os_strcmp(type
, work
->type
) != 0)
4722 /* skip other ifaces' works */
4723 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
4726 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
4727 work
->type
, work
, work
->started
? " (started)" : "");
4729 radio_work_free(work
);
4732 /* in case we removed the started work */
4733 radio_work_check_next(wpa_s
);
4737 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
4739 struct wpa_radio
*radio
= wpa_s
->radio
;
4744 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
4745 wpa_s
->ifname
, radio
->name
);
4746 dl_list_del(&wpa_s
->radio_list
);
4747 radio_remove_works(wpa_s
, NULL
, 0);
4748 wpa_s
->radio
= NULL
;
4749 if (!dl_list_empty(&radio
->ifaces
))
4750 return; /* Interfaces remain for this radio */
4752 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
4753 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4758 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
4760 struct wpa_radio
*radio
= wpa_s
->radio
;
4762 if (dl_list_empty(&radio
->work
))
4764 if (wpa_s
->ext_work_in_progress
) {
4765 wpa_printf(MSG_DEBUG
,
4766 "External radio work in progress - delay start of pending item");
4769 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4770 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
4775 * radio_add_work - Add a radio work item
4776 * @wpa_s: Pointer to wpa_supplicant data
4777 * @freq: Frequency of the offchannel operation in MHz or 0
4778 * @type: Unique identifier for each type of work
4779 * @next: Force as the next work to be executed
4780 * @cb: Callback function for indicating when radio is available
4781 * @ctx: Context pointer for the work (work->ctx in cb())
4782 * Returns: 0 on success, -1 on failure
4784 * This function is used to request time for an operation that requires
4785 * exclusive radio control. Once the radio is available, the registered callback
4786 * function will be called. radio_work_done() must be called once the exclusive
4787 * radio operation has been completed, so that the radio is freed for other
4788 * operations. The special case of deinit=1 is used to free the context data
4789 * during interface removal. That does not allow the callback function to start
4790 * the radio operation, i.e., it must free any resources allocated for the radio
4793 * The @freq parameter can be used to indicate a single channel on which the
4794 * offchannel operation will occur. This may allow multiple radio work
4795 * operations to be performed in parallel if they apply for the same channel.
4796 * Setting this to 0 indicates that the work item may use multiple channels or
4797 * requires exclusive control of the radio.
4799 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
4800 const char *type
, int next
,
4801 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
4804 struct wpa_radio
*radio
= wpa_s
->radio
;
4805 struct wpa_radio_work
*work
;
4808 work
= os_zalloc(sizeof(*work
));
4811 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
4812 os_get_reltime(&work
->time
);
4815 work
->wpa_s
= wpa_s
;
4820 work
->bands
= wpas_freq_to_band(freq
);
4821 else if (os_strcmp(type
, "scan") == 0 ||
4822 os_strcmp(type
, "p2p-scan") == 0)
4823 work
->bands
= wpas_get_bands(wpa_s
,
4824 ((struct wpa_driver_scan_params
*)
4827 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
4829 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
4831 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
4833 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
4835 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
4836 radio_work_check_next(wpa_s
);
4837 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
4838 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4839 wpa_dbg(wpa_s
, MSG_DEBUG
,
4840 "Try to schedule a radio work (num_active_works=%u)",
4841 radio
->num_active_works
);
4842 radio_work_check_next(wpa_s
);
4850 * radio_work_done - Indicate that a radio work item has been completed
4851 * @work: Completed work
4853 * This function is called once the callback function registered with
4854 * radio_add_work() has completed its work.
4856 void radio_work_done(struct wpa_radio_work
*work
)
4858 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
4859 struct os_reltime now
, diff
;
4860 unsigned int started
= work
->started
;
4862 os_get_reltime(&now
);
4863 os_reltime_sub(&now
, &work
->time
, &diff
);
4864 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4865 work
->type
, work
, started
? "done" : "canceled",
4866 diff
.sec
, diff
.usec
);
4867 radio_work_free(work
);
4869 radio_work_check_next(wpa_s
);
4873 struct wpa_radio_work
*
4874 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
4876 struct wpa_radio_work
*work
;
4877 struct wpa_radio
*radio
= wpa_s
->radio
;
4879 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
4880 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
4888 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
4889 struct wpa_interface
*iface
)
4891 const char *ifname
, *driver
, *rn
;
4893 driver
= iface
->driver
;
4895 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
4898 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
4899 if (wpa_s
->drv_priv
== NULL
) {
4901 pos
= driver
? os_strchr(driver
, ',') : NULL
;
4903 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
4904 "driver interface - try next driver wrapper");
4908 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
4912 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
4913 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
4914 "driver_param '%s'", wpa_s
->conf
->driver_param
);
4918 ifname
= wpa_drv_get_ifname(wpa_s
);
4919 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
4920 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
4921 "interface name with '%s'", ifname
);
4922 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
4925 rn
= wpa_driver_get_radio_name(wpa_s
);
4926 if (rn
&& rn
[0] == '\0')
4929 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
4930 if (wpa_s
->radio
== NULL
)
4937 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
4938 struct wpa_interface
*iface
)
4940 struct wpa_driver_capa capa
;
4943 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
4944 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
4945 iface
->confname
? iface
->confname
: "N/A",
4946 iface
->driver
? iface
->driver
: "default",
4947 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
4948 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
4950 if (iface
->confname
) {
4951 #ifdef CONFIG_BACKEND_FILE
4952 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
4953 if (wpa_s
->confname
== NULL
) {
4954 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
4955 "for configuration file '%s'.",
4959 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
4960 iface
->confname
, wpa_s
->confname
);
4961 #else /* CONFIG_BACKEND_FILE */
4962 wpa_s
->confname
= os_strdup(iface
->confname
);
4963 #endif /* CONFIG_BACKEND_FILE */
4964 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
4965 if (wpa_s
->conf
== NULL
) {
4966 wpa_printf(MSG_ERROR
, "Failed to read or parse "
4967 "configuration '%s'.", wpa_s
->confname
);
4970 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
4971 wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
);
4974 * Override ctrl_interface and driver_param if set on command
4977 if (iface
->ctrl_interface
) {
4978 os_free(wpa_s
->conf
->ctrl_interface
);
4979 wpa_s
->conf
->ctrl_interface
=
4980 os_strdup(iface
->ctrl_interface
);
4983 if (iface
->driver_param
) {
4984 os_free(wpa_s
->conf
->driver_param
);
4985 wpa_s
->conf
->driver_param
=
4986 os_strdup(iface
->driver_param
);
4989 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
4990 os_free(wpa_s
->conf
->ctrl_interface
);
4991 wpa_s
->conf
->ctrl_interface
= NULL
;
4994 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
4995 iface
->driver_param
);
4997 if (wpa_s
->conf
== NULL
) {
4998 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5002 if (iface
->ifname
== NULL
) {
5003 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5006 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5007 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5011 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5013 if (iface
->bridge_ifname
) {
5014 if (os_strlen(iface
->bridge_ifname
) >=
5015 sizeof(wpa_s
->bridge_ifname
)) {
5016 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5017 "name '%s'.", iface
->bridge_ifname
);
5020 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5021 sizeof(wpa_s
->bridge_ifname
));
5024 /* RSNA Supplicant Key Management - INITIALIZE */
5025 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5026 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5028 /* Initialize driver interface and register driver event handler before
5029 * L2 receive handler so that association events are processed before
5030 * EAPOL-Key packets if both become available for the same select()
5032 if (wpas_init_driver(wpa_s
, iface
) < 0)
5035 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5038 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5039 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5041 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5043 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5044 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5045 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5046 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5047 "dot11RSNAConfigPMKLifetime");
5051 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5052 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5053 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5054 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5055 "dot11RSNAConfigPMKReauthThreshold");
5059 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5060 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5061 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5062 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5063 "dot11RSNAConfigSATimeout");
5067 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5068 &wpa_s
->hw
.num_modes
,
5070 if (wpa_s
->hw
.modes
) {
5073 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5074 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5075 wpa_s
->hw_capab
= CAPAB_VHT
;
5079 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5080 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5081 wpa_s
->hw_capab
= CAPAB_HT40
;
5082 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5083 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5084 wpa_s
->hw_capab
= CAPAB_HT
;
5088 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5089 if (capa_res
== 0) {
5090 wpa_s
->drv_capa_known
= 1;
5091 wpa_s
->drv_flags
= capa
.flags
;
5092 wpa_s
->drv_enc
= capa
.enc
;
5093 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5094 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5095 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5096 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5097 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5098 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5099 wpa_s
->max_sched_scan_plan_interval
=
5100 capa
.max_sched_scan_plan_interval
;
5101 wpa_s
->max_sched_scan_plan_iterations
=
5102 capa
.max_sched_scan_plan_iterations
;
5103 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5104 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5105 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5106 wpa_s
->max_stations
= capa
.max_stations
;
5107 wpa_s
->extended_capa
= capa
.extended_capa
;
5108 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5109 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5110 wpa_s
->num_multichan_concurrent
=
5111 capa
.num_multichan_concurrent
;
5112 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5114 if (capa
.mac_addr_rand_scan_supported
)
5115 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5116 if (wpa_s
->sched_scan_supported
&&
5117 capa
.mac_addr_rand_sched_scan_supported
)
5118 wpa_s
->mac_addr_rand_supported
|=
5119 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5121 if (wpa_s
->max_remain_on_chan
== 0)
5122 wpa_s
->max_remain_on_chan
= 1000;
5125 * Only take p2p_mgmt parameters when P2P Device is supported.
5126 * Doing it here as it determines whether l2_packet_init() will be done
5127 * during wpa_supplicant_driver_init().
5129 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5130 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5132 iface
->p2p_mgmt
= 1;
5134 if (wpa_s
->num_multichan_concurrent
== 0)
5135 wpa_s
->num_multichan_concurrent
= 1;
5137 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5141 if ((!iface
->p2p_mgmt
||
5142 !(wpa_s
->drv_flags
&
5143 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
5144 wpa_tdls_init(wpa_s
->wpa
))
5146 #endif /* CONFIG_TDLS */
5148 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5149 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5150 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5155 if (wpa_s
->conf
->fst_group_id
) {
5156 struct fst_iface_cfg cfg
;
5157 struct fst_wpa_obj iface_obj
;
5159 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5160 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5161 sizeof(cfg
.group_id
));
5162 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5163 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5165 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5168 wpa_msg(wpa_s
, MSG_ERROR
,
5169 "FST: Cannot attach iface %s to group %s",
5170 wpa_s
->ifname
, cfg
.group_id
);
5174 #endif /* CONFIG_FST */
5176 if (wpas_wps_init(wpa_s
))
5179 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5181 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5183 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5184 if (wpa_s
->ctrl_iface
== NULL
) {
5185 wpa_printf(MSG_ERROR
,
5186 "Failed to initialize control interface '%s'.\n"
5187 "You may have another wpa_supplicant process "
5188 "already running or the file was\n"
5189 "left by an unclean termination of wpa_supplicant "
5190 "in which case you will need\n"
5191 "to manually remove this file before starting "
5192 "wpa_supplicant again.\n",
5193 wpa_s
->conf
->ctrl_interface
);
5197 wpa_s
->gas
= gas_query_init(wpa_s
);
5198 if (wpa_s
->gas
== NULL
) {
5199 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5203 if (iface
->p2p_mgmt
&& wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5204 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5208 if (wpa_bss_init(wpa_s
) < 0)
5211 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5213 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5214 #endif /* CONFIG_MESH */
5215 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5218 * Set Wake-on-WLAN triggers, if configured.
5219 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5220 * have effect anyway when the interface is down).
5222 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5225 #ifdef CONFIG_EAP_PROXY
5228 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, wpa_s
->imsi
,
5230 if (wpa_s
->mnc_len
> 0) {
5231 wpa_s
->imsi
[len
] = '\0';
5232 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5233 wpa_s
->imsi
, wpa_s
->mnc_len
);
5235 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5238 #endif /* CONFIG_EAP_PROXY */
5240 if (pcsc_reader_init(wpa_s
) < 0)
5243 if (wpas_init_ext_pw(wpa_s
) < 0)
5246 wpas_rrm_reset(wpa_s
);
5248 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5252 #endif /* CONFIG_HS20 */
5254 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5255 #endif /* CONFIG_MBO */
5257 wpa_supplicant_set_default_scan_ies(wpa_s
);
5263 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5264 int notify
, int terminate
)
5266 struct wpa_global
*global
= wpa_s
->global
;
5267 struct wpa_supplicant
*iface
, *prev
;
5269 if (wpa_s
== wpa_s
->parent
)
5270 wpas_p2p_group_remove(wpa_s
, "*");
5272 iface
= global
->ifaces
;
5274 if (iface
->p2pdev
== wpa_s
)
5275 iface
->p2pdev
= iface
->parent
;
5276 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5277 iface
= iface
->next
;
5280 wpa_printf(MSG_DEBUG
,
5281 "Remove remaining child interface %s from parent %s",
5282 iface
->ifname
, wpa_s
->ifname
);
5284 iface
= iface
->next
;
5285 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5288 wpa_s
->disconnected
= 1;
5289 if (wpa_s
->drv_priv
) {
5290 wpa_supplicant_deauthenticate(wpa_s
,
5291 WLAN_REASON_DEAUTH_LEAVING
);
5293 wpa_drv_set_countermeasures(wpa_s
, 0);
5294 wpa_clear_keys(wpa_s
, NULL
);
5297 wpa_supplicant_cleanup(wpa_s
);
5298 wpas_p2p_deinit_iface(wpa_s
);
5300 wpas_ctrl_radio_work_flush(wpa_s
);
5301 radio_remove_interface(wpa_s
);
5305 fst_detach(wpa_s
->fst
);
5308 if (wpa_s
->received_mb_ies
) {
5309 wpabuf_free(wpa_s
->received_mb_ies
);
5310 wpa_s
->received_mb_ies
= NULL
;
5312 #endif /* CONFIG_FST */
5314 if (wpa_s
->drv_priv
)
5315 wpa_drv_deinit(wpa_s
);
5318 wpas_notify_iface_removed(wpa_s
);
5321 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5323 if (wpa_s
->ctrl_iface
) {
5324 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5325 wpa_s
->ctrl_iface
= NULL
;
5330 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5331 wpa_s
->ifmsh
= NULL
;
5333 #endif /* CONFIG_MESH */
5335 if (wpa_s
->conf
!= NULL
) {
5336 wpa_config_free(wpa_s
->conf
);
5340 os_free(wpa_s
->ssids_from_scan_req
);
5346 #ifdef CONFIG_MATCH_IFACE
5349 * wpa_supplicant_match_iface - Match an interface description to a name
5350 * @global: Pointer to global data from wpa_supplicant_init()
5351 * @ifname: Name of the interface to match
5352 * Returns: Pointer to the created interface description or %NULL on failure
5354 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5358 struct wpa_interface
*iface
, *miface
;
5360 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5361 miface
= &global
->params
.match_ifaces
[i
];
5362 if (!miface
->ifname
||
5363 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5364 iface
= os_zalloc(sizeof(*iface
));
5368 iface
->ifname
= ifname
;
5378 * wpa_supplicant_match_existing - Match existing interfaces
5379 * @global: Pointer to global data from wpa_supplicant_init()
5380 * Returns: 0 on success, -1 on failure
5382 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5384 struct if_nameindex
*ifi
, *ifp
;
5385 struct wpa_supplicant
*wpa_s
;
5386 struct wpa_interface
*iface
;
5388 ifp
= if_nameindex();
5390 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5394 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5395 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5398 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5400 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5407 if_freenameindex(ifp
);
5411 #endif /* CONFIG_MATCH_IFACE */
5415 * wpa_supplicant_add_iface - Add a new network interface
5416 * @global: Pointer to global data from wpa_supplicant_init()
5417 * @iface: Interface configuration options
5418 * @parent: Parent interface or %NULL to assign new interface as parent
5419 * Returns: Pointer to the created interface or %NULL on failure
5421 * This function is used to add new network interfaces for %wpa_supplicant.
5422 * This can be called before wpa_supplicant_run() to add interfaces before the
5423 * main event loop has been started. In addition, new interfaces can be added
5424 * dynamically while %wpa_supplicant is already running. This could happen,
5425 * e.g., when a hotplug network adapter is inserted.
5427 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5428 struct wpa_interface
*iface
,
5429 struct wpa_supplicant
*parent
)
5431 struct wpa_supplicant
*wpa_s
;
5432 struct wpa_interface t_iface
;
5433 struct wpa_ssid
*ssid
;
5435 if (global
== NULL
|| iface
== NULL
)
5438 wpa_s
= wpa_supplicant_alloc(parent
);
5442 wpa_s
->global
= global
;
5445 if (global
->params
.override_driver
) {
5446 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5448 iface
->driver
, global
->params
.override_driver
);
5449 t_iface
.driver
= global
->params
.override_driver
;
5451 if (global
->params
.override_ctrl_interface
) {
5452 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5453 "ctrl_interface ('%s' -> '%s')",
5454 iface
->ctrl_interface
,
5455 global
->params
.override_ctrl_interface
);
5456 t_iface
.ctrl_interface
=
5457 global
->params
.override_ctrl_interface
;
5459 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5460 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5462 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5466 if (iface
->p2p_mgmt
== 0) {
5467 /* Notify the control interfaces about new iface */
5468 if (wpas_notify_iface_added(wpa_s
)) {
5469 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5473 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5474 wpas_notify_network_added(wpa_s
, ssid
);
5477 wpa_s
->next
= global
->ifaces
;
5478 global
->ifaces
= wpa_s
;
5480 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5481 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5484 if (wpa_s
->global
->p2p
== NULL
&&
5485 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5486 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5487 wpas_p2p_add_p2pdev_interface(
5488 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5489 wpa_printf(MSG_INFO
,
5490 "P2P: Failed to enable P2P Device interface");
5491 /* Try to continue without. P2P will be disabled. */
5493 #endif /* CONFIG_P2P */
5500 * wpa_supplicant_remove_iface - Remove a network interface
5501 * @global: Pointer to global data from wpa_supplicant_init()
5502 * @wpa_s: Pointer to the network interface to be removed
5503 * Returns: 0 if interface was removed, -1 if interface was not found
5505 * This function can be used to dynamically remove network interfaces from
5506 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5507 * addition, this function is used to remove all remaining interfaces when
5508 * %wpa_supplicant is terminated.
5510 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5511 struct wpa_supplicant
*wpa_s
,
5514 struct wpa_supplicant
*prev
;
5516 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5517 char *ifname
= NULL
;
5518 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5519 #endif /* CONFIG_MESH */
5521 /* Remove interface from the global list of interfaces */
5522 prev
= global
->ifaces
;
5523 if (prev
== wpa_s
) {
5524 global
->ifaces
= wpa_s
->next
;
5526 while (prev
&& prev
->next
!= wpa_s
)
5530 prev
->next
= wpa_s
->next
;
5533 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5536 if (mesh_if_created
) {
5537 ifname
= os_strdup(wpa_s
->ifname
);
5538 if (ifname
== NULL
) {
5539 wpa_dbg(wpa_s
, MSG_ERROR
,
5540 "mesh: Failed to malloc ifname");
5544 #endif /* CONFIG_MESH */
5546 if (global
->p2p_group_formation
== wpa_s
)
5547 global
->p2p_group_formation
= NULL
;
5548 if (global
->p2p_invite_group
== wpa_s
)
5549 global
->p2p_invite_group
= NULL
;
5550 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5553 if (mesh_if_created
) {
5554 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5557 #endif /* CONFIG_MESH */
5564 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5565 * @wpa_s: Pointer to the network interface
5566 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5568 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
5570 const char *eapol_method
;
5572 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
5573 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
5577 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
5578 if (eapol_method
== NULL
)
5579 return "UNKNOWN-EAP";
5581 return eapol_method
;
5586 * wpa_supplicant_get_iface - Get a new network interface
5587 * @global: Pointer to global data from wpa_supplicant_init()
5588 * @ifname: Interface name
5589 * Returns: Pointer to the interface or %NULL if not found
5591 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
5594 struct wpa_supplicant
*wpa_s
;
5596 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5597 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
5604 #ifndef CONFIG_NO_WPA_MSG
5605 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
5607 struct wpa_supplicant
*wpa_s
= ctx
;
5610 return wpa_s
->ifname
;
5612 #endif /* CONFIG_NO_WPA_MSG */
5615 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5616 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5617 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5619 /* Periodic cleanup tasks */
5620 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
5622 struct wpa_global
*global
= eloop_ctx
;
5623 struct wpa_supplicant
*wpa_s
;
5625 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5626 wpas_periodic
, global
, NULL
);
5630 p2p_expire_peers(global
->p2p
);
5631 #endif /* CONFIG_P2P */
5633 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5634 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
5637 #endif /* CONFIG_AP */
5643 * wpa_supplicant_init - Initialize %wpa_supplicant
5644 * @params: Parameters for %wpa_supplicant
5645 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5647 * This function is used to initialize %wpa_supplicant. After successful
5648 * initialization, the returned data pointer can be used to add and remove
5649 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5651 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
5653 struct wpa_global
*global
;
5659 #ifdef CONFIG_DRIVER_NDIS
5661 void driver_ndis_init_ops(void);
5662 driver_ndis_init_ops();
5664 #endif /* CONFIG_DRIVER_NDIS */
5666 #ifndef CONFIG_NO_WPA_MSG
5667 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
5668 #endif /* CONFIG_NO_WPA_MSG */
5670 if (params
->wpa_debug_file_path
)
5671 wpa_debug_open_file(params
->wpa_debug_file_path
);
5673 wpa_debug_setup_stdout();
5674 if (params
->wpa_debug_syslog
)
5675 wpa_debug_open_syslog();
5676 if (params
->wpa_debug_tracing
) {
5677 ret
= wpa_debug_open_linux_tracing();
5679 wpa_printf(MSG_ERROR
,
5680 "Failed to enable trace logging");
5685 ret
= eap_register_methods();
5687 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
5689 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
5690 "the same EAP type.");
5694 global
= os_zalloc(sizeof(*global
));
5697 dl_list_init(&global
->p2p_srv_bonjour
);
5698 dl_list_init(&global
->p2p_srv_upnp
);
5699 global
->params
.daemonize
= params
->daemonize
;
5700 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
5701 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
5702 if (params
->pid_file
)
5703 global
->params
.pid_file
= os_strdup(params
->pid_file
);
5704 if (params
->ctrl_interface
)
5705 global
->params
.ctrl_interface
=
5706 os_strdup(params
->ctrl_interface
);
5707 if (params
->ctrl_interface_group
)
5708 global
->params
.ctrl_interface_group
=
5709 os_strdup(params
->ctrl_interface_group
);
5710 if (params
->override_driver
)
5711 global
->params
.override_driver
=
5712 os_strdup(params
->override_driver
);
5713 if (params
->override_ctrl_interface
)
5714 global
->params
.override_ctrl_interface
=
5715 os_strdup(params
->override_ctrl_interface
);
5716 #ifdef CONFIG_MATCH_IFACE
5717 global
->params
.match_iface_count
= params
->match_iface_count
;
5718 if (params
->match_iface_count
) {
5719 global
->params
.match_ifaces
=
5720 os_calloc(params
->match_iface_count
,
5721 sizeof(struct wpa_interface
));
5722 os_memcpy(global
->params
.match_ifaces
,
5723 params
->match_ifaces
,
5724 params
->match_iface_count
*
5725 sizeof(struct wpa_interface
));
5727 #endif /* CONFIG_MATCH_IFACE */
5729 if (params
->conf_p2p_dev
)
5730 global
->params
.conf_p2p_dev
=
5731 os_strdup(params
->conf_p2p_dev
);
5732 #endif /* CONFIG_P2P */
5733 wpa_debug_level
= global
->params
.wpa_debug_level
=
5734 params
->wpa_debug_level
;
5735 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
5736 params
->wpa_debug_show_keys
;
5737 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
5738 params
->wpa_debug_timestamp
;
5740 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
5743 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
5744 wpa_supplicant_deinit(global
);
5748 random_init(params
->entropy_file
);
5750 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
5751 if (global
->ctrl_iface
== NULL
) {
5752 wpa_supplicant_deinit(global
);
5756 if (wpas_notify_supplicant_initialized(global
)) {
5757 wpa_supplicant_deinit(global
);
5761 for (i
= 0; wpa_drivers
[i
]; i
++)
5762 global
->drv_count
++;
5763 if (global
->drv_count
== 0) {
5764 wpa_printf(MSG_ERROR
, "No drivers enabled");
5765 wpa_supplicant_deinit(global
);
5768 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
5769 if (global
->drv_priv
== NULL
) {
5770 wpa_supplicant_deinit(global
);
5774 #ifdef CONFIG_WIFI_DISPLAY
5775 if (wifi_display_init(global
) < 0) {
5776 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
5777 wpa_supplicant_deinit(global
);
5780 #endif /* CONFIG_WIFI_DISPLAY */
5782 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5783 wpas_periodic
, global
, NULL
);
5790 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5791 * @global: Pointer to global data from wpa_supplicant_init()
5792 * Returns: 0 after successful event loop run, -1 on failure
5794 * This function starts the main event loop and continues running as long as
5795 * there are any remaining events. In most cases, this function is running as
5796 * long as the %wpa_supplicant process in still in use.
5798 int wpa_supplicant_run(struct wpa_global
*global
)
5800 struct wpa_supplicant
*wpa_s
;
5802 if (global
->params
.daemonize
&&
5803 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
5804 eloop_sock_requeue()))
5807 #ifdef CONFIG_MATCH_IFACE
5808 if (wpa_supplicant_match_existing(global
))
5812 if (global
->params
.wait_for_monitor
) {
5813 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
5814 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
5815 wpa_supplicant_ctrl_iface_wait(
5819 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
5820 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
5829 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5830 * @global: Pointer to global data from wpa_supplicant_init()
5832 * This function is called to deinitialize %wpa_supplicant and to free all
5833 * allocated resources. Remaining network interfaces will also be removed.
5835 void wpa_supplicant_deinit(struct wpa_global
*global
)
5842 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
5844 #ifdef CONFIG_WIFI_DISPLAY
5845 wifi_display_deinit(global
);
5846 #endif /* CONFIG_WIFI_DISPLAY */
5848 while (global
->ifaces
)
5849 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
5851 if (global
->ctrl_iface
)
5852 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
5854 wpas_notify_supplicant_deinitialized(global
);
5856 eap_peer_unregister_methods();
5858 eap_server_unregister_methods();
5859 #endif /* CONFIG_AP */
5861 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
5862 if (!global
->drv_priv
[i
])
5864 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
5866 os_free(global
->drv_priv
);
5872 if (global
->params
.pid_file
) {
5873 os_daemonize_terminate(global
->params
.pid_file
);
5874 os_free(global
->params
.pid_file
);
5876 os_free(global
->params
.ctrl_interface
);
5877 os_free(global
->params
.ctrl_interface_group
);
5878 os_free(global
->params
.override_driver
);
5879 os_free(global
->params
.override_ctrl_interface
);
5880 #ifdef CONFIG_MATCH_IFACE
5881 os_free(global
->params
.match_ifaces
);
5882 #endif /* CONFIG_MATCH_IFACE */
5884 os_free(global
->params
.conf_p2p_dev
);
5885 #endif /* CONFIG_P2P */
5887 os_free(global
->p2p_disallow_freq
.range
);
5888 os_free(global
->p2p_go_avoid_freq
.range
);
5889 os_free(global
->add_psk
);
5892 wpa_debug_close_syslog();
5893 wpa_debug_close_file();
5894 wpa_debug_close_linux_tracing();
5898 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
5900 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
5901 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
5903 country
[0] = wpa_s
->conf
->country
[0];
5904 country
[1] = wpa_s
->conf
->country
[1];
5906 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
5907 wpa_printf(MSG_ERROR
, "Failed to set country code "
5912 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
5913 wpas_init_ext_pw(wpa_s
);
5915 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
5916 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5919 wpas_wps_update_config(wpa_s
);
5920 #endif /* CONFIG_WPS */
5921 wpas_p2p_update_config(wpa_s
);
5922 wpa_s
->conf
->changed_parameters
= 0;
5926 void add_freq(int *freqs
, int *num_freqs
, int freq
)
5930 for (i
= 0; i
< *num_freqs
; i
++) {
5931 if (freqs
[i
] == freq
)
5935 freqs
[*num_freqs
] = freq
;
5940 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
5942 struct wpa_bss
*bss
, *cbss
;
5943 const int max_freqs
= 10;
5947 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
5951 cbss
= wpa_s
->current_bss
;
5953 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
5956 if (bss
->ssid_len
== cbss
->ssid_len
&&
5957 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
5958 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
5959 add_freq(freqs
, &num_freqs
, bss
->freq
);
5960 if (num_freqs
== max_freqs
)
5965 if (num_freqs
== 0) {
5974 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
5980 wpas_connect_work_done(wpa_s
);
5983 * Remove possible authentication timeout since the connection failed.
5985 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
5988 * There is no point in blacklisting the AP if this event is
5989 * generated based on local request to disconnect.
5991 if (wpa_s
->own_disconnect_req
) {
5992 wpa_s
->own_disconnect_req
= 0;
5993 wpa_dbg(wpa_s
, MSG_DEBUG
,
5994 "Ignore connection failure due to local request to disconnect");
5997 if (wpa_s
->disconnected
) {
5998 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
5999 "indication since interface has been put into "
6000 "disconnected state");
6005 * Add the failed BSSID into the blacklist and speed up next scan
6006 * attempt if there could be other APs that could accept association.
6007 * The current blacklist count indicates how many times we have tried
6008 * connecting to this AP and multiple attempts mean that other APs are
6009 * either not available or has already been tried, so that we can start
6010 * increasing the delay here to avoid constant scanning.
6012 count
= wpa_blacklist_add(wpa_s
, bssid
);
6013 if (count
== 1 && wpa_s
->current_bss
) {
6015 * This BSS was not in the blacklist before. If there is
6016 * another BSS available for the same ESS, we should try that
6017 * next. Otherwise, we may as well try this one once more
6018 * before allowing other, likely worse, ESSes to be considered.
6020 freqs
= get_bss_freqs_in_ess(wpa_s
);
6022 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6023 "has been seen; try it next");
6024 wpa_blacklist_add(wpa_s
, bssid
);
6026 * On the next scan, go through only the known channels
6027 * used in this ESS based on previous scans to speed up
6028 * common load balancing use case.
6030 os_free(wpa_s
->next_scan_freqs
);
6031 wpa_s
->next_scan_freqs
= freqs
;
6036 * Add previous failure count in case the temporary blacklist was
6037 * cleared due to no other BSSes being available.
6039 count
+= wpa_s
->extra_blacklist_count
;
6041 if (count
> 3 && wpa_s
->current_ssid
) {
6042 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6043 "consider temporary network disabling");
6044 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6065 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6066 "ms", count
, timeout
);
6069 * TODO: if more than one possible AP is available in scan results,
6070 * could try the other ones before requesting a new scan.
6072 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6073 1000 * (timeout
% 1000));
6077 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6079 return wpa_s
->conf
->ap_scan
== 2 ||
6080 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6084 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6085 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6086 struct wpa_ssid
*ssid
,
6090 #ifdef IEEE8021X_EAPOL
6091 struct eap_peer_config
*eap
= &ssid
->eap
;
6093 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6094 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6095 (const u8
*) value
, os_strlen(value
));
6097 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6098 case WPA_CTRL_REQ_EAP_IDENTITY
:
6099 os_free(eap
->identity
);
6100 eap
->identity
= (u8
*) os_strdup(value
);
6101 eap
->identity_len
= os_strlen(value
);
6102 eap
->pending_req_identity
= 0;
6103 if (ssid
== wpa_s
->current_ssid
)
6104 wpa_s
->reassociate
= 1;
6106 case WPA_CTRL_REQ_EAP_PASSWORD
:
6107 bin_clear_free(eap
->password
, eap
->password_len
);
6108 eap
->password
= (u8
*) os_strdup(value
);
6109 eap
->password_len
= os_strlen(value
);
6110 eap
->pending_req_password
= 0;
6111 if (ssid
== wpa_s
->current_ssid
)
6112 wpa_s
->reassociate
= 1;
6114 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6115 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6116 eap
->new_password
= (u8
*) os_strdup(value
);
6117 eap
->new_password_len
= os_strlen(value
);
6118 eap
->pending_req_new_password
= 0;
6119 if (ssid
== wpa_s
->current_ssid
)
6120 wpa_s
->reassociate
= 1;
6122 case WPA_CTRL_REQ_EAP_PIN
:
6123 str_clear_free(eap
->pin
);
6124 eap
->pin
= os_strdup(value
);
6125 eap
->pending_req_pin
= 0;
6126 if (ssid
== wpa_s
->current_ssid
)
6127 wpa_s
->reassociate
= 1;
6129 case WPA_CTRL_REQ_EAP_OTP
:
6130 bin_clear_free(eap
->otp
, eap
->otp_len
);
6131 eap
->otp
= (u8
*) os_strdup(value
);
6132 eap
->otp_len
= os_strlen(value
);
6133 os_free(eap
->pending_req_otp
);
6134 eap
->pending_req_otp
= NULL
;
6135 eap
->pending_req_otp_len
= 0;
6137 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6138 str_clear_free(eap
->private_key_passwd
);
6139 eap
->private_key_passwd
= os_strdup(value
);
6140 eap
->pending_req_passphrase
= 0;
6141 if (ssid
== wpa_s
->current_ssid
)
6142 wpa_s
->reassociate
= 1;
6144 case WPA_CTRL_REQ_SIM
:
6145 str_clear_free(eap
->external_sim_resp
);
6146 eap
->external_sim_resp
= os_strdup(value
);
6147 eap
->pending_req_sim
= 0;
6149 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6150 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6152 ssid
->mem_only_psk
= 1;
6153 if (ssid
->passphrase
)
6154 wpa_config_update_psk(ssid
);
6155 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6156 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6158 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6159 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6161 if (os_strcmp(value
, "good") == 0)
6162 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6163 else if (os_strcmp(value
, "bad") == 0)
6164 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6169 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6174 #else /* IEEE8021X_EAPOL */
6175 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6177 #endif /* IEEE8021X_EAPOL */
6179 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6182 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6185 unsigned int drv_enc
;
6187 if (wpa_s
->p2p_mgmt
)
6188 return 1; /* no normal network profiles on p2p_mgmt interface */
6196 if (wpa_s
->drv_capa_known
)
6197 drv_enc
= wpa_s
->drv_enc
;
6199 drv_enc
= (unsigned int) -1;
6201 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6202 size_t len
= ssid
->wep_key_len
[i
];
6205 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6207 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6209 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6211 return 1; /* invalid WEP key */
6214 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6215 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6216 !ssid
->mem_only_psk
)
6223 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6225 #ifdef CONFIG_IEEE80211W
6226 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6227 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6228 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6230 * Driver does not support BIP -- ignore pmf=1 default
6231 * since the connection with PMF would fail and the
6232 * configuration does not require PMF to be enabled.
6234 return NO_MGMT_FRAME_PROTECTION
;
6239 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6240 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6242 * Do not use the default PMF value for non-RSN networks
6243 * since PMF is available only with RSN and pmf=2
6244 * configuration would otherwise prevent connections to
6245 * all open networks.
6247 return NO_MGMT_FRAME_PROTECTION
;
6250 return wpa_s
->conf
->pmf
;
6253 return ssid
->ieee80211w
;
6254 #else /* CONFIG_IEEE80211W */
6255 return NO_MGMT_FRAME_PROTECTION
;
6256 #endif /* CONFIG_IEEE80211W */
6260 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6262 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6264 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6270 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6272 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6274 struct os_reltime now
;
6277 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6282 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6285 ssid
->auth_failures
++;
6288 if (ssid
->p2p_group
&&
6289 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6291 * Skip the wait time since there is a short timeout on the
6292 * connection to a P2P group.
6296 #endif /* CONFIG_P2P */
6298 if (ssid
->auth_failures
> 50)
6300 else if (ssid
->auth_failures
> 10)
6302 else if (ssid
->auth_failures
> 5)
6304 else if (ssid
->auth_failures
> 3)
6306 else if (ssid
->auth_failures
> 2)
6308 else if (ssid
->auth_failures
> 1)
6313 if (ssid
->auth_failures
> 1 &&
6314 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6315 dur
+= os_random() % (ssid
->auth_failures
* 10);
6317 os_get_reltime(&now
);
6318 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6321 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6323 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6324 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6325 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6326 ssid
->auth_failures
, dur
, reason
);
6330 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6331 struct wpa_ssid
*ssid
, int clear_failures
)
6336 if (ssid
->disabled_until
.sec
) {
6337 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6338 "id=%d ssid=\"%s\"",
6339 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6341 ssid
->disabled_until
.sec
= 0;
6342 ssid
->disabled_until
.usec
= 0;
6344 ssid
->auth_failures
= 0;
6348 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6352 if (wpa_s
->disallow_aps_bssid
== NULL
)
6355 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6356 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6357 bssid
, ETH_ALEN
) == 0)
6365 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6370 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6373 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6374 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6375 if (ssid_len
== s
->ssid_len
&&
6376 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6385 * wpas_request_connection - Request a new connection
6386 * @wpa_s: Pointer to the network interface
6388 * This function is used to request a new connection to be found. It will mark
6389 * the interface to allow reassociation and request a new scan to find a
6390 * suitable network to connect to.
6392 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6394 wpa_s
->normal_scans
= 0;
6395 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6396 wpa_supplicant_reinit_autoscan(wpa_s
);
6397 wpa_s
->extra_blacklist_count
= 0;
6398 wpa_s
->disconnected
= 0;
6399 wpa_s
->reassociate
= 1;
6401 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6402 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6404 wpa_s
->reattach
= 0;
6409 * wpas_request_disconnection - Request disconnection
6410 * @wpa_s: Pointer to the network interface
6412 * This function is used to request disconnection from the currently connected
6413 * network. This will stop any ongoing scans and initiate deauthentication.
6415 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6418 wpa_s
->sme
.prev_bssid_set
= 0;
6419 #endif /* CONFIG_SME */
6420 wpa_s
->reassociate
= 0;
6421 wpa_s
->disconnected
= 1;
6422 wpa_supplicant_cancel_sched_scan(wpa_s
);
6423 wpa_supplicant_cancel_scan(wpa_s
);
6424 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6425 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6429 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6430 struct wpa_used_freq_data
*freqs_data
,
6435 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6437 for (i
= 0; i
< len
; i
++) {
6438 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6439 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6440 i
, cur
->freq
, cur
->flags
);
6446 * Find the operating frequencies of any of the virtual interfaces that
6447 * are using the same radio as the current interface, and in addition, get
6448 * information about the interface types that are using the frequency.
6450 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6451 struct wpa_used_freq_data
*freqs_data
,
6454 struct wpa_supplicant
*ifs
;
6457 unsigned int idx
= 0, i
;
6459 wpa_dbg(wpa_s
, MSG_DEBUG
,
6460 "Determining shared radio frequencies (max len %u)", len
);
6461 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6463 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6468 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6471 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6472 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6473 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6474 freq
= ifs
->current_ssid
->frequency
;
6475 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6476 freq
= ifs
->assoc_freq
;
6480 /* Hold only distinct freqs */
6481 for (i
= 0; i
< idx
; i
++)
6482 if (freqs_data
[i
].freq
== freq
)
6486 freqs_data
[idx
++].freq
= freq
;
6488 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6489 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6490 WPA_FREQ_USED_BY_P2P_CLIENT
:
6491 WPA_FREQ_USED_BY_INFRA_STATION
;
6495 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6501 * Find the operating frequencies of any of the virtual interfaces that
6502 * are using the same radio as the current interface.
6504 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6505 int *freq_array
, unsigned int len
)
6507 struct wpa_used_freq_data
*freqs_data
;
6510 os_memset(freq_array
, 0, sizeof(int) * len
);
6512 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6516 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6517 for (i
= 0; i
< num
; i
++)
6518 freq_array
[i
] = freqs_data
[i
].freq
;
6520 os_free(freqs_data
);
6526 struct wpa_supplicant
*
6527 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
6531 case VENDOR_ELEM_PROBE_REQ_P2P
:
6532 case VENDOR_ELEM_PROBE_RESP_P2P
:
6533 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
6534 case VENDOR_ELEM_BEACON_P2P_GO
:
6535 case VENDOR_ELEM_P2P_PD_REQ
:
6536 case VENDOR_ELEM_P2P_PD_RESP
:
6537 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
6538 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
6539 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
6540 case VENDOR_ELEM_P2P_INV_REQ
:
6541 case VENDOR_ELEM_P2P_INV_RESP
:
6542 case VENDOR_ELEM_P2P_ASSOC_REQ
:
6543 case VENDOR_ELEM_P2P_ASSOC_RESP
:
6544 return wpa_s
->p2pdev
;
6545 #endif /* CONFIG_P2P */
6552 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
6557 wpa_printf(MSG_DEBUG
, "Update vendor elements");
6559 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
6560 if (wpa_s
->vendor_elem
[i
]) {
6563 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
6564 if (!os_snprintf_error(sizeof(buf
), res
)) {
6565 wpa_hexdump_buf(MSG_DEBUG
, buf
,
6566 wpa_s
->vendor_elem
[i
]);
6572 if (wpa_s
->parent
== wpa_s
&&
6573 wpa_s
->global
->p2p
&&
6574 !wpa_s
->global
->p2p_disabled
)
6575 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
6576 #endif /* CONFIG_P2P */
6580 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
6581 const u8
*elem
, size_t len
)
6585 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
6586 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
6588 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
6591 if (os_memcmp(ie
, elem
, len
) != 0)
6594 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
6595 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
6596 wpa_s
->vendor_elem
[frame
] = NULL
;
6598 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
6599 wpa_s
->vendor_elem
[frame
]->used
-= len
;
6601 wpas_vendor_elem_update(wpa_s
);
6609 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
6610 u16 num_modes
, enum hostapd_hw_mode mode
)
6614 for (i
= 0; i
< num_modes
; i
++) {
6615 if (modes
[i
].mode
== mode
)
6624 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
6627 struct wpa_bss_tmp_disallowed
*bss
;
6629 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
6630 struct wpa_bss_tmp_disallowed
, list
) {
6631 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
6639 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
6642 struct wpa_bss_tmp_disallowed
*bss
;
6643 struct os_reltime until
;
6645 os_get_reltime(&until
);
6648 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
6650 bss
->disallowed_until
= until
;
6654 bss
= os_malloc(sizeof(*bss
));
6656 wpa_printf(MSG_DEBUG
,
6657 "Failed to allocate memory for temp disallow BSS");
6661 bss
->disallowed_until
= until
;
6662 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
6663 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
6667 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6669 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
6670 struct os_reltime now
, age
;
6672 os_get_reltime(&now
);
6674 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
6675 struct wpa_bss_tmp_disallowed
, list
) {
6676 if (!os_reltime_before(&now
, &tmp
->disallowed_until
)) {
6677 /* This BSS is not disallowed anymore */
6678 dl_list_del(&tmp
->list
);
6682 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {
6690 os_reltime_sub(&bss
->disallowed_until
, &now
, &age
);
6691 wpa_printf(MSG_DEBUG
,
6692 "BSS " MACSTR
" disabled for %ld.%0ld seconds",
6693 MAC2STR(bss
->bssid
), age
.sec
, age
.usec
);