]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
WPS: Deinit before wpas_p2p_disconnect()
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
23 #include "eloop.h"
24 #include "config.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
28 #include "driver_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "p2p/p2p.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
40 #include "ibss_rsn.h"
41 #include "sme.h"
42 #include "gas_query.h"
43 #include "ap.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
46 #include "notify.h"
47 #include "bgscan.h"
48 #include "autoscan.h"
49 #include "bss.h"
50 #include "scan.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
53 #include "wnm_sta.h"
54 #include "wpas_kay.h"
55
56 const char *wpa_supplicant_version =
57 "wpa_supplicant v" VERSION_STR "\n"
58 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59
60 const char *wpa_supplicant_license =
61 "This software may be distributed under the terms of the BSD license.\n"
62 "See README for more details.\n"
63 #ifdef EAP_TLS_OPENSSL
64 "\nThis product includes software developed by the OpenSSL Project\n"
65 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
66 #endif /* EAP_TLS_OPENSSL */
67 ;
68
69 #ifndef CONFIG_NO_STDOUT_DEBUG
70 /* Long text divided into parts in order to fit in C89 strings size limits. */
71 const char *wpa_supplicant_full_license1 =
72 "";
73 const char *wpa_supplicant_full_license2 =
74 "This software may be distributed under the terms of the BSD license.\n"
75 "\n"
76 "Redistribution and use in source and binary forms, with or without\n"
77 "modification, are permitted provided that the following conditions are\n"
78 "met:\n"
79 "\n";
80 const char *wpa_supplicant_full_license3 =
81 "1. Redistributions of source code must retain the above copyright\n"
82 " notice, this list of conditions and the following disclaimer.\n"
83 "\n"
84 "2. Redistributions in binary form must reproduce the above copyright\n"
85 " notice, this list of conditions and the following disclaimer in the\n"
86 " documentation and/or other materials provided with the distribution.\n"
87 "\n";
88 const char *wpa_supplicant_full_license4 =
89 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
90 " names of its contributors may be used to endorse or promote products\n"
91 " derived from this software without specific prior written permission.\n"
92 "\n"
93 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
94 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
95 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
96 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
97 const char *wpa_supplicant_full_license5 =
98 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
99 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
100 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
101 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
102 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
103 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
104 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 "\n";
106 #endif /* CONFIG_NO_STDOUT_DEBUG */
107
108 /* Configure default/group WEP keys for static WEP */
109 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
110 {
111 int i, set = 0;
112
113 for (i = 0; i < NUM_WEP_KEYS; i++) {
114 if (ssid->wep_key_len[i] == 0)
115 continue;
116
117 set = 1;
118 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
119 i, i == ssid->wep_tx_keyidx, NULL, 0,
120 ssid->wep_key[i], ssid->wep_key_len[i]);
121 }
122
123 return set;
124 }
125
126
127 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
128 struct wpa_ssid *ssid)
129 {
130 u8 key[32];
131 size_t keylen;
132 enum wpa_alg alg;
133 u8 seq[6] = { 0 };
134
135 /* IBSS/WPA-None uses only one key (Group) for both receiving and
136 * sending unicast and multicast packets. */
137
138 if (ssid->mode != WPAS_MODE_IBSS) {
139 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
140 "IBSS/ad-hoc) for WPA-None", ssid->mode);
141 return -1;
142 }
143
144 if (!ssid->psk_set) {
145 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
146 "WPA-None");
147 return -1;
148 }
149
150 switch (wpa_s->group_cipher) {
151 case WPA_CIPHER_CCMP:
152 os_memcpy(key, ssid->psk, 16);
153 keylen = 16;
154 alg = WPA_ALG_CCMP;
155 break;
156 case WPA_CIPHER_GCMP:
157 os_memcpy(key, ssid->psk, 16);
158 keylen = 16;
159 alg = WPA_ALG_GCMP;
160 break;
161 case WPA_CIPHER_TKIP:
162 /* WPA-None uses the same Michael MIC key for both TX and RX */
163 os_memcpy(key, ssid->psk, 16 + 8);
164 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
165 keylen = 32;
166 alg = WPA_ALG_TKIP;
167 break;
168 default:
169 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
170 "WPA-None", wpa_s->group_cipher);
171 return -1;
172 }
173
174 /* TODO: should actually remember the previously used seq#, both for TX
175 * and RX from each STA.. */
176
177 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
178 }
179
180
181 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 {
183 struct wpa_supplicant *wpa_s = eloop_ctx;
184 const u8 *bssid = wpa_s->bssid;
185 if (is_zero_ether_addr(bssid))
186 bssid = wpa_s->pending_bssid;
187 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 MAC2STR(bssid));
189 wpa_blacklist_add(wpa_s, bssid);
190 wpa_sm_notify_disassoc(wpa_s->wpa);
191 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
192 wpa_s->reassociate = 1;
193
194 /*
195 * If we timed out, the AP or the local radio may be busy.
196 * So, wait a second until scanning again.
197 */
198 wpa_supplicant_req_scan(wpa_s, 1, 0);
199 }
200
201
202 /**
203 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
204 * @wpa_s: Pointer to wpa_supplicant data
205 * @sec: Number of seconds after which to time out authentication
206 * @usec: Number of microseconds after which to time out authentication
207 *
208 * This function is used to schedule a timeout for the current authentication
209 * attempt.
210 */
211 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
212 int sec, int usec)
213 {
214 if (wpa_s->conf->ap_scan == 0 &&
215 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
216 return;
217
218 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
219 "%d usec", sec, usec);
220 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
221 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
222 }
223
224
225 /**
226 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
227 * @wpa_s: Pointer to wpa_supplicant data
228 *
229 * This function is used to cancel authentication timeout scheduled with
230 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
231 * been completed.
232 */
233 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 {
235 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
236 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
237 wpa_blacklist_del(wpa_s, wpa_s->bssid);
238 }
239
240
241 /**
242 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
243 * @wpa_s: Pointer to wpa_supplicant data
244 *
245 * This function is used to configure EAPOL state machine based on the selected
246 * authentication mode.
247 */
248 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 {
250 #ifdef IEEE8021X_EAPOL
251 struct eapol_config eapol_conf;
252 struct wpa_ssid *ssid = wpa_s->current_ssid;
253
254 #ifdef CONFIG_IBSS_RSN
255 if (ssid->mode == WPAS_MODE_IBSS &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
257 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 /*
259 * RSN IBSS authentication is per-STA and we can disable the
260 * per-BSSID EAPOL authentication.
261 */
262 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
263 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
264 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
265 return;
266 }
267 #endif /* CONFIG_IBSS_RSN */
268
269 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271
272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
273 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 else
276 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277
278 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
279 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
280 eapol_conf.accept_802_1x_keys = 1;
281 eapol_conf.required_keys = 0;
282 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
283 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 }
285 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
286 eapol_conf.required_keys |=
287 EAPOL_REQUIRE_KEY_BROADCAST;
288 }
289
290 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
291 eapol_conf.required_keys = 0;
292 }
293 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
294 eapol_conf.workaround = ssid->eap_workaround;
295 eapol_conf.eap_disabled =
296 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
298 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
299 eapol_conf.external_sim = wpa_s->conf->external_sim;
300 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
301 #endif /* IEEE8021X_EAPOL */
302
303 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
304 }
305
306
307 /**
308 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
309 * @wpa_s: Pointer to wpa_supplicant data
310 * @ssid: Configuration data for the network
311 *
312 * This function is used to configure WPA state machine and related parameters
313 * to a mode where WPA is not enabled. This is called as part of the
314 * authentication configuration when the selected network does not use WPA.
315 */
316 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
317 struct wpa_ssid *ssid)
318 {
319 int i;
320
321 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
322 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
323 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
325 else
326 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
327 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
328 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
329 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
331 wpa_s->group_cipher = WPA_CIPHER_NONE;
332 wpa_s->mgmt_group_cipher = 0;
333
334 for (i = 0; i < NUM_WEP_KEYS; i++) {
335 if (ssid->wep_key_len[i] > 5) {
336 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
337 wpa_s->group_cipher = WPA_CIPHER_WEP104;
338 break;
339 } else if (ssid->wep_key_len[i] > 0) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
341 wpa_s->group_cipher = WPA_CIPHER_WEP40;
342 break;
343 }
344 }
345
346 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
349 wpa_s->pairwise_cipher);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
351 #ifdef CONFIG_IEEE80211W
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
353 wpa_s->mgmt_group_cipher);
354 #endif /* CONFIG_IEEE80211W */
355
356 pmksa_cache_clear_current(wpa_s->wpa);
357 }
358
359
360 void free_hw_features(struct wpa_supplicant *wpa_s)
361 {
362 int i;
363 if (wpa_s->hw.modes == NULL)
364 return;
365
366 for (i = 0; i < wpa_s->hw.num_modes; i++) {
367 os_free(wpa_s->hw.modes[i].channels);
368 os_free(wpa_s->hw.modes[i].rates);
369 }
370
371 os_free(wpa_s->hw.modes);
372 wpa_s->hw.modes = NULL;
373 }
374
375
376 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
377 {
378 bgscan_deinit(wpa_s);
379 autoscan_deinit(wpa_s);
380 scard_deinit(wpa_s->scard);
381 wpa_s->scard = NULL;
382 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
383 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
384 l2_packet_deinit(wpa_s->l2);
385 wpa_s->l2 = NULL;
386 if (wpa_s->l2_br) {
387 l2_packet_deinit(wpa_s->l2_br);
388 wpa_s->l2_br = NULL;
389 }
390
391 if (wpa_s->conf != NULL) {
392 struct wpa_ssid *ssid;
393 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
394 wpas_notify_network_removed(wpa_s, ssid);
395 }
396
397 os_free(wpa_s->confname);
398 wpa_s->confname = NULL;
399
400 os_free(wpa_s->confanother);
401 wpa_s->confanother = NULL;
402
403 #ifdef CONFIG_P2P
404 os_free(wpa_s->conf_p2p_dev);
405 wpa_s->conf_p2p_dev = NULL;
406 #endif /* CONFIG_P2P */
407
408 wpa_sm_set_eapol(wpa_s->wpa, NULL);
409 eapol_sm_deinit(wpa_s->eapol);
410 wpa_s->eapol = NULL;
411
412 rsn_preauth_deinit(wpa_s->wpa);
413
414 #ifdef CONFIG_TDLS
415 wpa_tdls_deinit(wpa_s->wpa);
416 #endif /* CONFIG_TDLS */
417
418 pmksa_candidate_free(wpa_s->wpa);
419 wpa_sm_deinit(wpa_s->wpa);
420 wpa_s->wpa = NULL;
421 wpa_blacklist_clear(wpa_s);
422
423 wpa_bss_deinit(wpa_s);
424
425 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
426 wpa_supplicant_cancel_scan(wpa_s);
427 wpa_supplicant_cancel_auth_timeout(wpa_s);
428 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
429 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
430 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
431 wpa_s, NULL);
432 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
433
434 wpas_wps_deinit(wpa_s);
435
436 wpabuf_free(wpa_s->pending_eapol_rx);
437 wpa_s->pending_eapol_rx = NULL;
438
439 #ifdef CONFIG_IBSS_RSN
440 ibss_rsn_deinit(wpa_s->ibss_rsn);
441 wpa_s->ibss_rsn = NULL;
442 #endif /* CONFIG_IBSS_RSN */
443
444 sme_deinit(wpa_s);
445
446 #ifdef CONFIG_AP
447 wpa_supplicant_ap_deinit(wpa_s);
448 #endif /* CONFIG_AP */
449
450 #ifdef CONFIG_P2P
451 wpas_p2p_deinit(wpa_s);
452 #endif /* CONFIG_P2P */
453
454 #ifdef CONFIG_OFFCHANNEL
455 offchannel_deinit(wpa_s);
456 #endif /* CONFIG_OFFCHANNEL */
457
458 wpa_supplicant_cancel_sched_scan(wpa_s);
459
460 os_free(wpa_s->next_scan_freqs);
461 wpa_s->next_scan_freqs = NULL;
462
463 os_free(wpa_s->manual_scan_freqs);
464 wpa_s->manual_scan_freqs = NULL;
465
466 os_free(wpa_s->manual_sched_scan_freqs);
467 wpa_s->manual_sched_scan_freqs = NULL;
468
469 gas_query_deinit(wpa_s->gas);
470 wpa_s->gas = NULL;
471
472 free_hw_features(wpa_s);
473
474 ieee802_1x_dealloc_kay_sm(wpa_s);
475
476 os_free(wpa_s->bssid_filter);
477 wpa_s->bssid_filter = NULL;
478
479 os_free(wpa_s->disallow_aps_bssid);
480 wpa_s->disallow_aps_bssid = NULL;
481 os_free(wpa_s->disallow_aps_ssid);
482 wpa_s->disallow_aps_ssid = NULL;
483
484 wnm_bss_keep_alive_deinit(wpa_s);
485 #ifdef CONFIG_WNM
486 wnm_deallocate_memory(wpa_s);
487 #endif /* CONFIG_WNM */
488
489 ext_password_deinit(wpa_s->ext_pw);
490 wpa_s->ext_pw = NULL;
491
492 wpabuf_free(wpa_s->last_gas_resp);
493 wpa_s->last_gas_resp = NULL;
494 wpabuf_free(wpa_s->prev_gas_resp);
495 wpa_s->prev_gas_resp = NULL;
496
497 os_free(wpa_s->last_scan_res);
498 wpa_s->last_scan_res = NULL;
499
500 #ifdef CONFIG_HS20
501 hs20_deinit(wpa_s);
502 #endif /* CONFIG_HS20 */
503 }
504
505
506 /**
507 * wpa_clear_keys - Clear keys configured for the driver
508 * @wpa_s: Pointer to wpa_supplicant data
509 * @addr: Previously used BSSID or %NULL if not available
510 *
511 * This function clears the encryption keys that has been previously configured
512 * for the driver.
513 */
514 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
515 {
516 int i, max;
517
518 #ifdef CONFIG_IEEE80211W
519 max = 6;
520 #else /* CONFIG_IEEE80211W */
521 max = 4;
522 #endif /* CONFIG_IEEE80211W */
523
524 /* MLME-DELETEKEYS.request */
525 for (i = 0; i < max; i++) {
526 if (wpa_s->keys_cleared & BIT(i))
527 continue;
528 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
529 NULL, 0);
530 }
531 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
532 !is_zero_ether_addr(addr)) {
533 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
534 0);
535 /* MLME-SETPROTECTION.request(None) */
536 wpa_drv_mlme_setprotection(
537 wpa_s, addr,
538 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
539 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
540 }
541 wpa_s->keys_cleared = (u32) -1;
542 }
543
544
545 /**
546 * wpa_supplicant_state_txt - Get the connection state name as a text string
547 * @state: State (wpa_state; WPA_*)
548 * Returns: The state name as a printable text string
549 */
550 const char * wpa_supplicant_state_txt(enum wpa_states state)
551 {
552 switch (state) {
553 case WPA_DISCONNECTED:
554 return "DISCONNECTED";
555 case WPA_INACTIVE:
556 return "INACTIVE";
557 case WPA_INTERFACE_DISABLED:
558 return "INTERFACE_DISABLED";
559 case WPA_SCANNING:
560 return "SCANNING";
561 case WPA_AUTHENTICATING:
562 return "AUTHENTICATING";
563 case WPA_ASSOCIATING:
564 return "ASSOCIATING";
565 case WPA_ASSOCIATED:
566 return "ASSOCIATED";
567 case WPA_4WAY_HANDSHAKE:
568 return "4WAY_HANDSHAKE";
569 case WPA_GROUP_HANDSHAKE:
570 return "GROUP_HANDSHAKE";
571 case WPA_COMPLETED:
572 return "COMPLETED";
573 default:
574 return "UNKNOWN";
575 }
576 }
577
578
579 #ifdef CONFIG_BGSCAN
580
581 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
582 {
583 const char *name;
584
585 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
586 name = wpa_s->current_ssid->bgscan;
587 else
588 name = wpa_s->conf->bgscan;
589 if (name == NULL || name[0] == '\0')
590 return;
591 if (wpas_driver_bss_selection(wpa_s))
592 return;
593 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
594 return;
595 #ifdef CONFIG_P2P
596 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
597 return;
598 #endif /* CONFIG_P2P */
599
600 bgscan_deinit(wpa_s);
601 if (wpa_s->current_ssid) {
602 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
603 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
604 "bgscan");
605 /*
606 * Live without bgscan; it is only used as a roaming
607 * optimization, so the initial connection is not
608 * affected.
609 */
610 } else {
611 struct wpa_scan_results *scan_res;
612 wpa_s->bgscan_ssid = wpa_s->current_ssid;
613 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
614 0);
615 if (scan_res) {
616 bgscan_notify_scan(wpa_s, scan_res);
617 wpa_scan_results_free(scan_res);
618 }
619 }
620 } else
621 wpa_s->bgscan_ssid = NULL;
622 }
623
624
625 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
626 {
627 if (wpa_s->bgscan_ssid != NULL) {
628 bgscan_deinit(wpa_s);
629 wpa_s->bgscan_ssid = NULL;
630 }
631 }
632
633 #endif /* CONFIG_BGSCAN */
634
635
636 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
637 {
638 if (autoscan_init(wpa_s, 0))
639 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
640 }
641
642
643 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
644 {
645 autoscan_deinit(wpa_s);
646 }
647
648
649 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
650 {
651 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
652 wpa_s->wpa_state == WPA_SCANNING) {
653 autoscan_deinit(wpa_s);
654 wpa_supplicant_start_autoscan(wpa_s);
655 }
656 }
657
658
659 /**
660 * wpa_supplicant_set_state - Set current connection state
661 * @wpa_s: Pointer to wpa_supplicant data
662 * @state: The new connection state
663 *
664 * This function is called whenever the connection state changes, e.g.,
665 * association is completed for WPA/WPA2 4-Way Handshake is started.
666 */
667 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
668 enum wpa_states state)
669 {
670 enum wpa_states old_state = wpa_s->wpa_state;
671
672 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
673 wpa_supplicant_state_txt(wpa_s->wpa_state),
674 wpa_supplicant_state_txt(state));
675
676 if (state == WPA_INTERFACE_DISABLED) {
677 /* Assure normal scan when interface is restored */
678 wpa_s->normal_scans = 0;
679 }
680
681 if (state == WPA_COMPLETED) {
682 wpas_connect_work_done(wpa_s);
683 /* Reinitialize normal_scan counter */
684 wpa_s->normal_scans = 0;
685 }
686
687 if (state != WPA_SCANNING)
688 wpa_supplicant_notify_scanning(wpa_s, 0);
689
690 if (state == WPA_COMPLETED && wpa_s->new_connection) {
691 struct wpa_ssid *ssid = wpa_s->current_ssid;
692 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
693 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
694 MACSTR " completed [id=%d id_str=%s]",
695 MAC2STR(wpa_s->bssid),
696 ssid ? ssid->id : -1,
697 ssid && ssid->id_str ? ssid->id_str : "");
698 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
699 wpas_clear_temp_disabled(wpa_s, ssid, 1);
700 wpa_s->extra_blacklist_count = 0;
701 wpa_s->new_connection = 0;
702 wpa_drv_set_operstate(wpa_s, 1);
703 #ifndef IEEE8021X_EAPOL
704 wpa_drv_set_supp_port(wpa_s, 1);
705 #endif /* IEEE8021X_EAPOL */
706 wpa_s->after_wps = 0;
707 wpa_s->known_wps_freq = 0;
708 #ifdef CONFIG_P2P
709 wpas_p2p_completed(wpa_s);
710 #endif /* CONFIG_P2P */
711
712 sme_sched_obss_scan(wpa_s, 1);
713 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
714 state == WPA_ASSOCIATED) {
715 wpa_s->new_connection = 1;
716 wpa_drv_set_operstate(wpa_s, 0);
717 #ifndef IEEE8021X_EAPOL
718 wpa_drv_set_supp_port(wpa_s, 0);
719 #endif /* IEEE8021X_EAPOL */
720 sme_sched_obss_scan(wpa_s, 0);
721 }
722 wpa_s->wpa_state = state;
723
724 #ifdef CONFIG_BGSCAN
725 if (state == WPA_COMPLETED)
726 wpa_supplicant_start_bgscan(wpa_s);
727 else if (state < WPA_ASSOCIATED)
728 wpa_supplicant_stop_bgscan(wpa_s);
729 #endif /* CONFIG_BGSCAN */
730
731 if (state == WPA_AUTHENTICATING)
732 wpa_supplicant_stop_autoscan(wpa_s);
733
734 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
735 wpa_supplicant_start_autoscan(wpa_s);
736
737 if (wpa_s->wpa_state != old_state) {
738 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
739
740 if (wpa_s->wpa_state == WPA_COMPLETED ||
741 old_state == WPA_COMPLETED)
742 wpas_notify_auth_changed(wpa_s);
743 }
744 }
745
746
747 void wpa_supplicant_terminate_proc(struct wpa_global *global)
748 {
749 int pending = 0;
750 #ifdef CONFIG_WPS
751 struct wpa_supplicant *wpa_s = global->ifaces;
752 while (wpa_s) {
753 struct wpa_supplicant *next = wpa_s->next;
754 if (wpas_wps_terminate_pending(wpa_s) == 1)
755 pending = 1;
756 #ifdef CONFIG_P2P
757 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
758 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
759 wpas_p2p_disconnect(wpa_s);
760 #endif /* CONFIG_P2P */
761 wpa_s = next;
762 }
763 #endif /* CONFIG_WPS */
764 if (pending)
765 return;
766 eloop_terminate();
767 }
768
769
770 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
771 {
772 struct wpa_global *global = signal_ctx;
773 wpa_supplicant_terminate_proc(global);
774 }
775
776
777 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
778 {
779 enum wpa_states old_state = wpa_s->wpa_state;
780
781 wpa_s->pairwise_cipher = 0;
782 wpa_s->group_cipher = 0;
783 wpa_s->mgmt_group_cipher = 0;
784 wpa_s->key_mgmt = 0;
785 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
786 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
787
788 if (wpa_s->wpa_state != old_state)
789 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
790 }
791
792
793 /**
794 * wpa_supplicant_reload_configuration - Reload configuration data
795 * @wpa_s: Pointer to wpa_supplicant data
796 * Returns: 0 on success or -1 if configuration parsing failed
797 *
798 * This function can be used to request that the configuration data is reloaded
799 * (e.g., after configuration file change). This function is reloading
800 * configuration only for one interface, so this may need to be called multiple
801 * times if %wpa_supplicant is controlling multiple interfaces and all
802 * interfaces need reconfiguration.
803 */
804 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
805 {
806 struct wpa_config *conf;
807 int reconf_ctrl;
808 int old_ap_scan;
809
810 if (wpa_s->confname == NULL)
811 return -1;
812 conf = wpa_config_read(wpa_s->confname, NULL);
813 if (conf == NULL) {
814 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
815 "file '%s' - exiting", wpa_s->confname);
816 return -1;
817 }
818 wpa_config_read(wpa_s->confanother, conf);
819
820 conf->changed_parameters = (unsigned int) -1;
821
822 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
823 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
824 os_strcmp(conf->ctrl_interface,
825 wpa_s->conf->ctrl_interface) != 0);
826
827 if (reconf_ctrl && wpa_s->ctrl_iface) {
828 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
829 wpa_s->ctrl_iface = NULL;
830 }
831
832 eapol_sm_invalidate_cached_session(wpa_s->eapol);
833 if (wpa_s->current_ssid) {
834 wpa_supplicant_deauthenticate(wpa_s,
835 WLAN_REASON_DEAUTH_LEAVING);
836 }
837
838 /*
839 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
840 * pkcs11_engine_path, pkcs11_module_path.
841 */
842 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
843 /*
844 * Clear forced success to clear EAP state for next
845 * authentication.
846 */
847 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
848 }
849 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
850 wpa_sm_set_config(wpa_s->wpa, NULL);
851 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
852 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
853 rsn_preauth_deinit(wpa_s->wpa);
854
855 old_ap_scan = wpa_s->conf->ap_scan;
856 wpa_config_free(wpa_s->conf);
857 wpa_s->conf = conf;
858 if (old_ap_scan != wpa_s->conf->ap_scan)
859 wpas_notify_ap_scan_changed(wpa_s);
860
861 if (reconf_ctrl)
862 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
863
864 wpa_supplicant_update_config(wpa_s);
865
866 wpa_supplicant_clear_status(wpa_s);
867 if (wpa_supplicant_enabled_networks(wpa_s)) {
868 wpa_s->reassociate = 1;
869 wpa_supplicant_req_scan(wpa_s, 0, 0);
870 }
871 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
872 return 0;
873 }
874
875
876 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
877 {
878 struct wpa_global *global = signal_ctx;
879 struct wpa_supplicant *wpa_s;
880 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
881 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
882 sig);
883 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
884 wpa_supplicant_terminate_proc(global);
885 }
886 }
887 }
888
889
890 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
891 struct wpa_ssid *ssid,
892 struct wpa_ie_data *ie)
893 {
894 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
895 if (ret) {
896 if (ret == -2) {
897 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
898 "from association info");
899 }
900 return -1;
901 }
902
903 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
904 "cipher suites");
905 if (!(ie->group_cipher & ssid->group_cipher)) {
906 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
907 "cipher 0x%x (mask 0x%x) - reject",
908 ie->group_cipher, ssid->group_cipher);
909 return -1;
910 }
911 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
912 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
913 "cipher 0x%x (mask 0x%x) - reject",
914 ie->pairwise_cipher, ssid->pairwise_cipher);
915 return -1;
916 }
917 if (!(ie->key_mgmt & ssid->key_mgmt)) {
918 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
919 "management 0x%x (mask 0x%x) - reject",
920 ie->key_mgmt, ssid->key_mgmt);
921 return -1;
922 }
923
924 #ifdef CONFIG_IEEE80211W
925 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
926 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
927 wpa_s->conf->pmf : ssid->ieee80211w) ==
928 MGMT_FRAME_PROTECTION_REQUIRED) {
929 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
930 "that does not support management frame protection - "
931 "reject");
932 return -1;
933 }
934 #endif /* CONFIG_IEEE80211W */
935
936 return 0;
937 }
938
939
940 /**
941 * wpa_supplicant_set_suites - Set authentication and encryption parameters
942 * @wpa_s: Pointer to wpa_supplicant data
943 * @bss: Scan results for the selected BSS, or %NULL if not available
944 * @ssid: Configuration data for the selected network
945 * @wpa_ie: Buffer for the WPA/RSN IE
946 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
947 * used buffer length in case the functions returns success.
948 * Returns: 0 on success or -1 on failure
949 *
950 * This function is used to configure authentication and encryption parameters
951 * based on the network configuration and scan result for the selected BSS (if
952 * available).
953 */
954 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
955 struct wpa_bss *bss, struct wpa_ssid *ssid,
956 u8 *wpa_ie, size_t *wpa_ie_len)
957 {
958 struct wpa_ie_data ie;
959 int sel, proto;
960 const u8 *bss_wpa, *bss_rsn, *bss_osen;
961
962 if (bss) {
963 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
964 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
965 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
966 } else
967 bss_wpa = bss_rsn = bss_osen = NULL;
968
969 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
970 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
971 (ie.group_cipher & ssid->group_cipher) &&
972 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
973 (ie.key_mgmt & ssid->key_mgmt)) {
974 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
975 proto = WPA_PROTO_RSN;
976 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
977 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
978 (ie.group_cipher & ssid->group_cipher) &&
979 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
980 (ie.key_mgmt & ssid->key_mgmt)) {
981 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
982 proto = WPA_PROTO_WPA;
983 #ifdef CONFIG_HS20
984 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
985 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
986 /* TODO: parse OSEN element */
987 ie.group_cipher = WPA_CIPHER_CCMP;
988 ie.pairwise_cipher = WPA_CIPHER_CCMP;
989 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
990 proto = WPA_PROTO_OSEN;
991 #endif /* CONFIG_HS20 */
992 } else if (bss) {
993 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
994 return -1;
995 } else {
996 if (ssid->proto & WPA_PROTO_OSEN)
997 proto = WPA_PROTO_OSEN;
998 else if (ssid->proto & WPA_PROTO_RSN)
999 proto = WPA_PROTO_RSN;
1000 else
1001 proto = WPA_PROTO_WPA;
1002 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1003 os_memset(&ie, 0, sizeof(ie));
1004 ie.group_cipher = ssid->group_cipher;
1005 ie.pairwise_cipher = ssid->pairwise_cipher;
1006 ie.key_mgmt = ssid->key_mgmt;
1007 #ifdef CONFIG_IEEE80211W
1008 ie.mgmt_group_cipher =
1009 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1010 WPA_CIPHER_AES_128_CMAC : 0;
1011 #endif /* CONFIG_IEEE80211W */
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1013 "based on configuration");
1014 } else
1015 proto = ie.proto;
1016 }
1017
1018 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1019 "pairwise %d key_mgmt %d proto %d",
1020 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1021 #ifdef CONFIG_IEEE80211W
1022 if (ssid->ieee80211w) {
1023 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1024 ie.mgmt_group_cipher);
1025 }
1026 #endif /* CONFIG_IEEE80211W */
1027
1028 wpa_s->wpa_proto = proto;
1029 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1030 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1031 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1032
1033 if (bss || !wpa_s->ap_ies_from_associnfo) {
1034 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1035 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1036 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1037 bss_rsn ? 2 + bss_rsn[1] : 0))
1038 return -1;
1039 }
1040
1041 sel = ie.group_cipher & ssid->group_cipher;
1042 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1043 if (wpa_s->group_cipher < 0) {
1044 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1045 "cipher");
1046 return -1;
1047 }
1048 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1049 wpa_cipher_txt(wpa_s->group_cipher));
1050
1051 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1052 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1053 if (wpa_s->pairwise_cipher < 0) {
1054 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1055 "cipher");
1056 return -1;
1057 }
1058 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1059 wpa_cipher_txt(wpa_s->pairwise_cipher));
1060
1061 sel = ie.key_mgmt & ssid->key_mgmt;
1062 #ifdef CONFIG_SAE
1063 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1064 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1065 #endif /* CONFIG_SAE */
1066 if (0) {
1067 #ifdef CONFIG_IEEE80211R
1068 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1070 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1071 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1072 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1073 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1074 #endif /* CONFIG_IEEE80211R */
1075 #ifdef CONFIG_SAE
1076 } else if (sel & WPA_KEY_MGMT_SAE) {
1077 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1078 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1079 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1082 #endif /* CONFIG_SAE */
1083 #ifdef CONFIG_IEEE80211W
1084 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1085 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1086 wpa_dbg(wpa_s, MSG_DEBUG,
1087 "WPA: using KEY_MGMT 802.1X with SHA256");
1088 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1089 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1090 wpa_dbg(wpa_s, MSG_DEBUG,
1091 "WPA: using KEY_MGMT PSK with SHA256");
1092 #endif /* CONFIG_IEEE80211W */
1093 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1094 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1095 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1096 } else if (sel & WPA_KEY_MGMT_PSK) {
1097 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1098 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1099 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1100 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1102 #ifdef CONFIG_HS20
1103 } else if (sel & WPA_KEY_MGMT_OSEN) {
1104 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1105 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1106 #endif /* CONFIG_HS20 */
1107 } else {
1108 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1109 "authenticated key management type");
1110 return -1;
1111 }
1112
1113 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1114 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1115 wpa_s->pairwise_cipher);
1116 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1117
1118 #ifdef CONFIG_IEEE80211W
1119 sel = ie.mgmt_group_cipher;
1120 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1121 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1122 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1123 sel = 0;
1124 if (sel & WPA_CIPHER_AES_128_CMAC) {
1125 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1126 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1127 "AES-128-CMAC");
1128 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1129 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1130 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1131 "BIP-GMAC-128");
1132 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1133 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1134 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1135 "BIP-GMAC-256");
1136 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1137 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1138 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1139 "BIP-CMAC-256");
1140 } else {
1141 wpa_s->mgmt_group_cipher = 0;
1142 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1143 }
1144 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1145 wpa_s->mgmt_group_cipher);
1146 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1147 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1148 wpa_s->conf->pmf : ssid->ieee80211w));
1149 #endif /* CONFIG_IEEE80211W */
1150
1151 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1152 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1153 return -1;
1154 }
1155
1156 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1157 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1158 #ifndef CONFIG_NO_PBKDF2
1159 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1160 ssid->passphrase) {
1161 u8 psk[PMK_LEN];
1162 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1163 4096, psk, PMK_LEN);
1164 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1165 psk, PMK_LEN);
1166 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1167 }
1168 #endif /* CONFIG_NO_PBKDF2 */
1169 #ifdef CONFIG_EXT_PASSWORD
1170 if (ssid->ext_psk) {
1171 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1172 ssid->ext_psk);
1173 char pw_str[64 + 1];
1174 u8 psk[PMK_LEN];
1175
1176 if (pw == NULL) {
1177 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1178 "found from external storage");
1179 return -1;
1180 }
1181
1182 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1183 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1184 "PSK length %d in external storage",
1185 (int) wpabuf_len(pw));
1186 ext_password_free(pw);
1187 return -1;
1188 }
1189
1190 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1191 pw_str[wpabuf_len(pw)] = '\0';
1192
1193 #ifndef CONFIG_NO_PBKDF2
1194 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1195 {
1196 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1197 4096, psk, PMK_LEN);
1198 os_memset(pw_str, 0, sizeof(pw_str));
1199 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1200 "external passphrase)",
1201 psk, PMK_LEN);
1202 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1203 } else
1204 #endif /* CONFIG_NO_PBKDF2 */
1205 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1206 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1207 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1208 "Invalid PSK hex string");
1209 os_memset(pw_str, 0, sizeof(pw_str));
1210 ext_password_free(pw);
1211 return -1;
1212 }
1213 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1214 } else {
1215 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1216 "PSK available");
1217 os_memset(pw_str, 0, sizeof(pw_str));
1218 ext_password_free(pw);
1219 return -1;
1220 }
1221
1222 os_memset(pw_str, 0, sizeof(pw_str));
1223 ext_password_free(pw);
1224 }
1225 #endif /* CONFIG_EXT_PASSWORD */
1226 } else
1227 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1228
1229 return 0;
1230 }
1231
1232
1233 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1234 {
1235 *pos = 0x00;
1236
1237 switch (idx) {
1238 case 0: /* Bits 0-7 */
1239 break;
1240 case 1: /* Bits 8-15 */
1241 break;
1242 case 2: /* Bits 16-23 */
1243 #ifdef CONFIG_WNM
1244 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1245 *pos |= 0x08; /* Bit 19 - BSS Transition */
1246 #endif /* CONFIG_WNM */
1247 break;
1248 case 3: /* Bits 24-31 */
1249 #ifdef CONFIG_WNM
1250 *pos |= 0x02; /* Bit 25 - SSID List */
1251 #endif /* CONFIG_WNM */
1252 #ifdef CONFIG_INTERWORKING
1253 if (wpa_s->conf->interworking)
1254 *pos |= 0x80; /* Bit 31 - Interworking */
1255 #endif /* CONFIG_INTERWORKING */
1256 break;
1257 case 4: /* Bits 32-39 */
1258 #ifdef CONFIG_INTERWORKING
1259 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1260 *pos |= 0x01; /* Bit 32 - QoS Map */
1261 #endif /* CONFIG_INTERWORKING */
1262 break;
1263 case 5: /* Bits 40-47 */
1264 #ifdef CONFIG_HS20
1265 if (wpa_s->conf->hs20)
1266 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1267 #endif /* CONFIG_HS20 */
1268 break;
1269 case 6: /* Bits 48-55 */
1270 break;
1271 }
1272 }
1273
1274
1275 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1276 {
1277 u8 *pos = buf;
1278 u8 len = 6, i;
1279
1280 if (len < wpa_s->extended_capa_len)
1281 len = wpa_s->extended_capa_len;
1282
1283 *pos++ = WLAN_EID_EXT_CAPAB;
1284 *pos++ = len;
1285 for (i = 0; i < len; i++, pos++) {
1286 wpas_ext_capab_byte(wpa_s, pos, i);
1287
1288 if (i < wpa_s->extended_capa_len) {
1289 *pos &= ~wpa_s->extended_capa_mask[i];
1290 *pos |= wpa_s->extended_capa[i];
1291 }
1292 }
1293
1294 while (len > 0 && buf[1 + len] == 0) {
1295 len--;
1296 buf[1] = len;
1297 }
1298 if (len == 0)
1299 return 0;
1300
1301 return 2 + len;
1302 }
1303
1304
1305 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1306 struct wpa_bss *test_bss)
1307 {
1308 struct wpa_bss *bss;
1309
1310 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1311 if (bss == test_bss)
1312 return 1;
1313 }
1314
1315 return 0;
1316 }
1317
1318
1319 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1320 struct wpa_ssid *test_ssid)
1321 {
1322 struct wpa_ssid *ssid;
1323
1324 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1325 if (ssid == test_ssid)
1326 return 1;
1327 }
1328
1329 return 0;
1330 }
1331
1332
1333 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1334 struct wpa_ssid *test_ssid)
1335 {
1336 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1337 return 0;
1338
1339 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1340 }
1341
1342
1343 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1344 {
1345 if (cwork == NULL)
1346 return;
1347 os_free(cwork);
1348 }
1349
1350
1351 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1352 {
1353 struct wpa_connect_work *cwork;
1354 struct wpa_radio_work *work = wpa_s->connect_work;
1355
1356 if (!work)
1357 return;
1358
1359 wpa_s->connect_work = NULL;
1360 cwork = work->ctx;
1361 work->ctx = NULL;
1362 wpas_connect_work_free(cwork);
1363 radio_work_done(work);
1364 }
1365
1366
1367 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1368
1369 /**
1370 * wpa_supplicant_associate - Request association
1371 * @wpa_s: Pointer to wpa_supplicant data
1372 * @bss: Scan results for the selected BSS, or %NULL if not available
1373 * @ssid: Configuration data for the selected network
1374 *
1375 * This function is used to request %wpa_supplicant to associate with a BSS.
1376 */
1377 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1378 struct wpa_bss *bss, struct wpa_ssid *ssid)
1379 {
1380 struct wpa_connect_work *cwork;
1381
1382 #ifdef CONFIG_IBSS_RSN
1383 ibss_rsn_deinit(wpa_s->ibss_rsn);
1384 wpa_s->ibss_rsn = NULL;
1385 #endif /* CONFIG_IBSS_RSN */
1386
1387 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1388 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1389 #ifdef CONFIG_AP
1390 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1391 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1392 "mode");
1393 return;
1394 }
1395 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1396 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1397 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1398 wpas_p2p_ap_setup_failed(wpa_s);
1399 return;
1400 }
1401 wpa_s->current_bss = bss;
1402 #else /* CONFIG_AP */
1403 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1404 "the build");
1405 #endif /* CONFIG_AP */
1406 return;
1407 }
1408
1409 #ifdef CONFIG_TDLS
1410 if (bss)
1411 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1412 bss->ie_len);
1413 #endif /* CONFIG_TDLS */
1414
1415 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1416 ssid->mode == IEEE80211_MODE_INFRA) {
1417 sme_authenticate(wpa_s, bss, ssid);
1418 return;
1419 }
1420
1421 if (wpa_s->connect_work) {
1422 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1423 return;
1424 }
1425
1426 if (radio_work_pending(wpa_s, "connect")) {
1427 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1428 return;
1429 }
1430
1431 cwork = os_zalloc(sizeof(*cwork));
1432 if (cwork == NULL)
1433 return;
1434
1435 cwork->bss = bss;
1436 cwork->ssid = ssid;
1437
1438 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1439 wpas_start_assoc_cb, cwork) < 0) {
1440 os_free(cwork);
1441 }
1442 }
1443
1444
1445 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1446 {
1447 struct wpa_connect_work *cwork = work->ctx;
1448 struct wpa_bss *bss = cwork->bss;
1449 struct wpa_ssid *ssid = cwork->ssid;
1450 struct wpa_supplicant *wpa_s = work->wpa_s;
1451 u8 wpa_ie[200];
1452 size_t wpa_ie_len;
1453 int use_crypt, ret, i, bssid_changed;
1454 int algs = WPA_AUTH_ALG_OPEN;
1455 unsigned int cipher_pairwise, cipher_group;
1456 struct wpa_driver_associate_params params;
1457 int wep_keys_set = 0;
1458 int assoc_failed = 0;
1459 struct wpa_ssid *old_ssid;
1460 #ifdef CONFIG_HT_OVERRIDES
1461 struct ieee80211_ht_capabilities htcaps;
1462 struct ieee80211_ht_capabilities htcaps_mask;
1463 #endif /* CONFIG_HT_OVERRIDES */
1464 #ifdef CONFIG_VHT_OVERRIDES
1465 struct ieee80211_vht_capabilities vhtcaps;
1466 struct ieee80211_vht_capabilities vhtcaps_mask;
1467 #endif /* CONFIG_VHT_OVERRIDES */
1468
1469 if (deinit) {
1470 if (work->started) {
1471 wpa_s->connect_work = NULL;
1472
1473 /* cancel possible auth. timeout */
1474 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1475 NULL);
1476 }
1477 wpas_connect_work_free(cwork);
1478 return;
1479 }
1480
1481 wpa_s->connect_work = work;
1482
1483 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1484 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1485 wpas_connect_work_done(wpa_s);
1486 return;
1487 }
1488
1489 os_memset(&params, 0, sizeof(params));
1490 wpa_s->reassociate = 0;
1491 wpa_s->eap_expected_failure = 0;
1492 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1493 #ifdef CONFIG_IEEE80211R
1494 const u8 *ie, *md = NULL;
1495 #endif /* CONFIG_IEEE80211R */
1496 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1497 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1498 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1499 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1500 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1501 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1502 if (bssid_changed)
1503 wpas_notify_bssid_changed(wpa_s);
1504 #ifdef CONFIG_IEEE80211R
1505 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1506 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1507 md = ie + 2;
1508 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1509 if (md) {
1510 /* Prepare for the next transition */
1511 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1512 }
1513 #endif /* CONFIG_IEEE80211R */
1514 #ifdef CONFIG_WPS
1515 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1516 wpa_s->conf->ap_scan == 2 &&
1517 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1518 /* Use ap_scan==1 style network selection to find the network
1519 */
1520 wpa_s->scan_req = MANUAL_SCAN_REQ;
1521 wpa_s->reassociate = 1;
1522 wpa_supplicant_req_scan(wpa_s, 0, 0);
1523 return;
1524 #endif /* CONFIG_WPS */
1525 } else {
1526 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1527 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1528 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1529 }
1530 wpa_supplicant_cancel_sched_scan(wpa_s);
1531 wpa_supplicant_cancel_scan(wpa_s);
1532
1533 /* Starting new association, so clear the possibly used WPA IE from the
1534 * previous association. */
1535 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1536
1537 #ifdef IEEE8021X_EAPOL
1538 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1539 if (ssid->leap) {
1540 if (ssid->non_leap == 0)
1541 algs = WPA_AUTH_ALG_LEAP;
1542 else
1543 algs |= WPA_AUTH_ALG_LEAP;
1544 }
1545 }
1546 #endif /* IEEE8021X_EAPOL */
1547 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1548 if (ssid->auth_alg) {
1549 algs = ssid->auth_alg;
1550 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1551 "0x%x", algs);
1552 }
1553
1554 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1555 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1556 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1557 int try_opportunistic;
1558 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1559 wpa_s->conf->okc :
1560 ssid->proactive_key_caching) &&
1561 (ssid->proto & WPA_PROTO_RSN);
1562 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1563 ssid, try_opportunistic) == 0)
1564 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1565 wpa_ie_len = sizeof(wpa_ie);
1566 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1567 wpa_ie, &wpa_ie_len)) {
1568 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1569 "key management and encryption suites");
1570 return;
1571 }
1572 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1573 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1574 /*
1575 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1576 * use non-WPA since the scan results did not indicate that the
1577 * AP is using WPA or WPA2.
1578 */
1579 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1580 wpa_ie_len = 0;
1581 wpa_s->wpa_proto = 0;
1582 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1583 wpa_ie_len = sizeof(wpa_ie);
1584 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1585 wpa_ie, &wpa_ie_len)) {
1586 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1587 "key management and encryption suites (no "
1588 "scan results)");
1589 return;
1590 }
1591 #ifdef CONFIG_WPS
1592 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1593 struct wpabuf *wps_ie;
1594 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1595 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1596 wpa_ie_len = wpabuf_len(wps_ie);
1597 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1598 } else
1599 wpa_ie_len = 0;
1600 wpabuf_free(wps_ie);
1601 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1602 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1603 params.wps = WPS_MODE_PRIVACY;
1604 else
1605 params.wps = WPS_MODE_OPEN;
1606 wpa_s->wpa_proto = 0;
1607 #endif /* CONFIG_WPS */
1608 } else {
1609 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1610 wpa_ie_len = 0;
1611 wpa_s->wpa_proto = 0;
1612 }
1613
1614 #ifdef CONFIG_P2P
1615 if (wpa_s->global->p2p) {
1616 u8 *pos;
1617 size_t len;
1618 int res;
1619 pos = wpa_ie + wpa_ie_len;
1620 len = sizeof(wpa_ie) - wpa_ie_len;
1621 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1622 ssid->p2p_group);
1623 if (res >= 0)
1624 wpa_ie_len += res;
1625 }
1626
1627 wpa_s->cross_connect_disallowed = 0;
1628 if (bss) {
1629 struct wpabuf *p2p;
1630 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1631 if (p2p) {
1632 wpa_s->cross_connect_disallowed =
1633 p2p_get_cross_connect_disallowed(p2p);
1634 wpabuf_free(p2p);
1635 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1636 "connection",
1637 wpa_s->cross_connect_disallowed ?
1638 "disallows" : "allows");
1639 }
1640 }
1641
1642 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1643 #endif /* CONFIG_P2P */
1644
1645 #ifdef CONFIG_HS20
1646 if (is_hs20_network(wpa_s, ssid, bss)) {
1647 struct wpabuf *hs20;
1648 hs20 = wpabuf_alloc(20);
1649 if (hs20) {
1650 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1651 wpas_hs20_add_indication(hs20, pps_mo_id);
1652 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1653 wpabuf_len(hs20));
1654 wpa_ie_len += wpabuf_len(hs20);
1655 wpabuf_free(hs20);
1656 }
1657 }
1658 #endif /* CONFIG_HS20 */
1659
1660 /*
1661 * Workaround: Add Extended Capabilities element only if the AP
1662 * included this element in Beacon/Probe Response frames. Some older
1663 * APs seem to have interoperability issues if this element is
1664 * included, so while the standard may require us to include the
1665 * element in all cases, it is justifiable to skip it to avoid
1666 * interoperability issues.
1667 */
1668 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1669 u8 ext_capab[10];
1670 int ext_capab_len;
1671 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1672 if (ext_capab_len > 0) {
1673 u8 *pos = wpa_ie;
1674 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1675 pos += 2 + pos[1];
1676 os_memmove(pos + ext_capab_len, pos,
1677 wpa_ie_len - (pos - wpa_ie));
1678 wpa_ie_len += ext_capab_len;
1679 os_memcpy(pos, ext_capab, ext_capab_len);
1680 }
1681 }
1682
1683 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1684 use_crypt = 1;
1685 cipher_pairwise = wpa_s->pairwise_cipher;
1686 cipher_group = wpa_s->group_cipher;
1687 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1688 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1689 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1690 use_crypt = 0;
1691 if (wpa_set_wep_keys(wpa_s, ssid)) {
1692 use_crypt = 1;
1693 wep_keys_set = 1;
1694 }
1695 }
1696 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1697 use_crypt = 0;
1698
1699 #ifdef IEEE8021X_EAPOL
1700 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1701 if ((ssid->eapol_flags &
1702 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1703 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1704 !wep_keys_set) {
1705 use_crypt = 0;
1706 } else {
1707 /* Assume that dynamic WEP-104 keys will be used and
1708 * set cipher suites in order for drivers to expect
1709 * encryption. */
1710 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1711 }
1712 }
1713 #endif /* IEEE8021X_EAPOL */
1714
1715 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1716 /* Set the key before (and later after) association */
1717 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1718 }
1719
1720 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1721 if (bss) {
1722 params.ssid = bss->ssid;
1723 params.ssid_len = bss->ssid_len;
1724 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1725 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1726 MACSTR " freq=%u MHz based on scan results "
1727 "(bssid_set=%d)",
1728 MAC2STR(bss->bssid), bss->freq,
1729 ssid->bssid_set);
1730 params.bssid = bss->bssid;
1731 params.freq = bss->freq;
1732 }
1733 params.bssid_hint = bss->bssid;
1734 params.freq_hint = bss->freq;
1735 } else {
1736 params.ssid = ssid->ssid;
1737 params.ssid_len = ssid->ssid_len;
1738 }
1739
1740 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1741 wpa_s->conf->ap_scan == 2) {
1742 params.bssid = ssid->bssid;
1743 params.fixed_bssid = 1;
1744 }
1745
1746 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1747 params.freq == 0)
1748 params.freq = ssid->frequency; /* Initial channel for IBSS */
1749
1750 if (ssid->mode == WPAS_MODE_IBSS) {
1751 if (ssid->beacon_int)
1752 params.beacon_int = ssid->beacon_int;
1753 else
1754 params.beacon_int = wpa_s->conf->beacon_int;
1755 }
1756
1757 params.wpa_ie = wpa_ie;
1758 params.wpa_ie_len = wpa_ie_len;
1759 params.pairwise_suite = cipher_pairwise;
1760 params.group_suite = cipher_group;
1761 params.key_mgmt_suite = wpa_s->key_mgmt;
1762 params.wpa_proto = wpa_s->wpa_proto;
1763 params.auth_alg = algs;
1764 params.mode = ssid->mode;
1765 params.bg_scan_period = ssid->bg_scan_period;
1766 for (i = 0; i < NUM_WEP_KEYS; i++) {
1767 if (ssid->wep_key_len[i])
1768 params.wep_key[i] = ssid->wep_key[i];
1769 params.wep_key_len[i] = ssid->wep_key_len[i];
1770 }
1771 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1772
1773 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1774 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1775 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1776 params.passphrase = ssid->passphrase;
1777 if (ssid->psk_set)
1778 params.psk = ssid->psk;
1779 }
1780
1781 params.drop_unencrypted = use_crypt;
1782
1783 #ifdef CONFIG_IEEE80211W
1784 params.mgmt_frame_protection =
1785 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1786 wpa_s->conf->pmf : ssid->ieee80211w;
1787 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1788 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1789 struct wpa_ie_data ie;
1790 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1791 ie.capabilities &
1792 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1793 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1794 "MFP: require MFP");
1795 params.mgmt_frame_protection =
1796 MGMT_FRAME_PROTECTION_REQUIRED;
1797 }
1798 }
1799 #endif /* CONFIG_IEEE80211W */
1800
1801 params.p2p = ssid->p2p_group;
1802
1803 if (wpa_s->parent->set_sta_uapsd)
1804 params.uapsd = wpa_s->parent->sta_uapsd;
1805 else
1806 params.uapsd = -1;
1807
1808 #ifdef CONFIG_HT_OVERRIDES
1809 os_memset(&htcaps, 0, sizeof(htcaps));
1810 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1811 params.htcaps = (u8 *) &htcaps;
1812 params.htcaps_mask = (u8 *) &htcaps_mask;
1813 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1814 #endif /* CONFIG_HT_OVERRIDES */
1815 #ifdef CONFIG_VHT_OVERRIDES
1816 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
1817 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
1818 params.vhtcaps = &vhtcaps;
1819 params.vhtcaps_mask = &vhtcaps_mask;
1820 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, &params);
1821 #endif /* CONFIG_VHT_OVERRIDES */
1822
1823 #ifdef CONFIG_P2P
1824 /*
1825 * If multi-channel concurrency is not supported, check for any
1826 * frequency conflict. In case of any frequency conflict, remove the
1827 * least prioritized connection.
1828 */
1829 if (wpa_s->num_multichan_concurrent < 2) {
1830 int freq, num;
1831 num = get_shared_radio_freqs(wpa_s, &freq, 1);
1832 if (num > 0 && freq > 0 && freq != params.freq) {
1833 wpa_printf(MSG_DEBUG,
1834 "Assoc conflicting freq found (%d != %d)",
1835 freq, params.freq);
1836 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1837 params.freq,
1838 ssid) < 0)
1839 return;
1840 }
1841 }
1842 #endif /* CONFIG_P2P */
1843
1844 ret = wpa_drv_associate(wpa_s, &params);
1845 if (ret < 0) {
1846 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1847 "failed");
1848 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1849 /*
1850 * The driver is known to mean what is saying, so we
1851 * can stop right here; the association will not
1852 * succeed.
1853 */
1854 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1855 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1856 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1857 return;
1858 }
1859 /* try to continue anyway; new association will be tried again
1860 * after timeout */
1861 assoc_failed = 1;
1862 }
1863
1864 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1865 /* Set the key after the association just in case association
1866 * cleared the previously configured key. */
1867 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1868 /* No need to timeout authentication since there is no key
1869 * management. */
1870 wpa_supplicant_cancel_auth_timeout(wpa_s);
1871 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1872 #ifdef CONFIG_IBSS_RSN
1873 } else if (ssid->mode == WPAS_MODE_IBSS &&
1874 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1875 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1876 /*
1877 * RSN IBSS authentication is per-STA and we can disable the
1878 * per-BSSID authentication.
1879 */
1880 wpa_supplicant_cancel_auth_timeout(wpa_s);
1881 #endif /* CONFIG_IBSS_RSN */
1882 } else {
1883 /* Timeout for IEEE 802.11 authentication and association */
1884 int timeout = 60;
1885
1886 if (assoc_failed) {
1887 /* give IBSS a bit more time */
1888 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1889 } else if (wpa_s->conf->ap_scan == 1) {
1890 /* give IBSS a bit more time */
1891 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1892 }
1893 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1894 }
1895
1896 if (wep_keys_set &&
1897 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1898 /* Set static WEP keys again */
1899 wpa_set_wep_keys(wpa_s, ssid);
1900 }
1901
1902 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1903 /*
1904 * Do not allow EAP session resumption between different
1905 * network configurations.
1906 */
1907 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1908 }
1909 old_ssid = wpa_s->current_ssid;
1910 wpa_s->current_ssid = ssid;
1911 wpa_s->current_bss = bss;
1912 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1913 wpa_supplicant_initiate_eapol(wpa_s);
1914 if (old_ssid != wpa_s->current_ssid)
1915 wpas_notify_network_changed(wpa_s);
1916 }
1917
1918
1919 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1920 const u8 *addr)
1921 {
1922 struct wpa_ssid *old_ssid;
1923
1924 wpa_clear_keys(wpa_s, addr);
1925 old_ssid = wpa_s->current_ssid;
1926 wpa_supplicant_mark_disassoc(wpa_s);
1927 wpa_sm_set_config(wpa_s->wpa, NULL);
1928 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1929 if (old_ssid != wpa_s->current_ssid)
1930 wpas_notify_network_changed(wpa_s);
1931 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1932 }
1933
1934
1935 /**
1936 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1937 * @wpa_s: Pointer to wpa_supplicant data
1938 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1939 *
1940 * This function is used to request %wpa_supplicant to deauthenticate from the
1941 * current AP.
1942 */
1943 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1944 int reason_code)
1945 {
1946 u8 *addr = NULL;
1947 union wpa_event_data event;
1948 int zero_addr = 0;
1949
1950 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1951 " pending_bssid=" MACSTR " reason=%d state=%s",
1952 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1953 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1954
1955 if (!is_zero_ether_addr(wpa_s->bssid))
1956 addr = wpa_s->bssid;
1957 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1958 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1959 wpa_s->wpa_state == WPA_ASSOCIATING))
1960 addr = wpa_s->pending_bssid;
1961 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1962 /*
1963 * When using driver-based BSS selection, we may not know the
1964 * BSSID with which we are currently trying to associate. We
1965 * need to notify the driver of this disconnection even in such
1966 * a case, so use the all zeros address here.
1967 */
1968 addr = wpa_s->bssid;
1969 zero_addr = 1;
1970 }
1971
1972 #ifdef CONFIG_TDLS
1973 wpa_tdls_teardown_peers(wpa_s->wpa);
1974 #endif /* CONFIG_TDLS */
1975
1976 if (addr) {
1977 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1978 os_memset(&event, 0, sizeof(event));
1979 event.deauth_info.reason_code = (u16) reason_code;
1980 event.deauth_info.locally_generated = 1;
1981 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1982 if (zero_addr)
1983 addr = NULL;
1984 }
1985
1986 wpa_supplicant_clear_connection(wpa_s, addr);
1987 }
1988
1989 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1990 struct wpa_ssid *ssid)
1991 {
1992 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1993 return;
1994
1995 ssid->disabled = 0;
1996 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1997 wpas_notify_network_enabled_changed(wpa_s, ssid);
1998
1999 /*
2000 * Try to reassociate since there is no current configuration and a new
2001 * network was made available.
2002 */
2003 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2004 wpa_s->reassociate = 1;
2005 }
2006
2007
2008 /**
2009 * wpa_supplicant_enable_network - Mark a configured network as enabled
2010 * @wpa_s: wpa_supplicant structure for a network interface
2011 * @ssid: wpa_ssid structure for a configured network or %NULL
2012 *
2013 * Enables the specified network or all networks if no network specified.
2014 */
2015 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2016 struct wpa_ssid *ssid)
2017 {
2018 if (ssid == NULL) {
2019 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2020 wpa_supplicant_enable_one_network(wpa_s, ssid);
2021 } else
2022 wpa_supplicant_enable_one_network(wpa_s, ssid);
2023
2024 if (wpa_s->reassociate && !wpa_s->disconnected) {
2025 if (wpa_s->sched_scanning) {
2026 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2027 "new network to scan filters");
2028 wpa_supplicant_cancel_sched_scan(wpa_s);
2029 }
2030
2031 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2032 wpa_supplicant_req_scan(wpa_s, 0, 0);
2033 }
2034 }
2035
2036
2037 /**
2038 * wpa_supplicant_disable_network - Mark a configured network as disabled
2039 * @wpa_s: wpa_supplicant structure for a network interface
2040 * @ssid: wpa_ssid structure for a configured network or %NULL
2041 *
2042 * Disables the specified network or all networks if no network specified.
2043 */
2044 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2045 struct wpa_ssid *ssid)
2046 {
2047 struct wpa_ssid *other_ssid;
2048 int was_disabled;
2049
2050 if (ssid == NULL) {
2051 if (wpa_s->sched_scanning)
2052 wpa_supplicant_cancel_sched_scan(wpa_s);
2053
2054 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2055 other_ssid = other_ssid->next) {
2056 was_disabled = other_ssid->disabled;
2057 if (was_disabled == 2)
2058 continue; /* do not change persistent P2P group
2059 * data */
2060
2061 other_ssid->disabled = 1;
2062
2063 if (was_disabled != other_ssid->disabled)
2064 wpas_notify_network_enabled_changed(
2065 wpa_s, other_ssid);
2066 }
2067 if (wpa_s->current_ssid)
2068 wpa_supplicant_deauthenticate(
2069 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2070 } else if (ssid->disabled != 2) {
2071 if (ssid == wpa_s->current_ssid)
2072 wpa_supplicant_deauthenticate(
2073 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2074
2075 was_disabled = ssid->disabled;
2076
2077 ssid->disabled = 1;
2078
2079 if (was_disabled != ssid->disabled) {
2080 wpas_notify_network_enabled_changed(wpa_s, ssid);
2081 if (wpa_s->sched_scanning) {
2082 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2083 "to remove network from filters");
2084 wpa_supplicant_cancel_sched_scan(wpa_s);
2085 wpa_supplicant_req_scan(wpa_s, 0, 0);
2086 }
2087 }
2088 }
2089 }
2090
2091
2092 /**
2093 * wpa_supplicant_select_network - Attempt association with a network
2094 * @wpa_s: wpa_supplicant structure for a network interface
2095 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2096 */
2097 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2098 struct wpa_ssid *ssid)
2099 {
2100
2101 struct wpa_ssid *other_ssid;
2102 int disconnected = 0;
2103
2104 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2105 wpa_supplicant_deauthenticate(
2106 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2107 disconnected = 1;
2108 }
2109
2110 if (ssid)
2111 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2112
2113 /*
2114 * Mark all other networks disabled or mark all networks enabled if no
2115 * network specified.
2116 */
2117 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2118 other_ssid = other_ssid->next) {
2119 int was_disabled = other_ssid->disabled;
2120 if (was_disabled == 2)
2121 continue; /* do not change persistent P2P group data */
2122
2123 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2124 if (was_disabled && !other_ssid->disabled)
2125 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2126
2127 if (was_disabled != other_ssid->disabled)
2128 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2129 }
2130
2131 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2132 /* We are already associated with the selected network */
2133 wpa_printf(MSG_DEBUG, "Already associated with the "
2134 "selected network - do nothing");
2135 return;
2136 }
2137
2138 if (ssid) {
2139 wpa_s->current_ssid = ssid;
2140 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2141 }
2142 wpa_s->connect_without_scan = NULL;
2143 wpa_s->disconnected = 0;
2144 wpa_s->reassociate = 1;
2145
2146 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2147 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2148
2149 if (ssid)
2150 wpas_notify_network_selected(wpa_s, ssid);
2151 }
2152
2153
2154 /**
2155 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2156 * @wpa_s: wpa_supplicant structure for a network interface
2157 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2158 * @pkcs11_module_path: PKCS #11 module path or NULL
2159 * Returns: 0 on success; -1 on failure
2160 *
2161 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2162 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2163 * module path fails the paths will be reset to the default value (NULL).
2164 */
2165 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2166 const char *pkcs11_engine_path,
2167 const char *pkcs11_module_path)
2168 {
2169 char *pkcs11_engine_path_copy = NULL;
2170 char *pkcs11_module_path_copy = NULL;
2171
2172 if (pkcs11_engine_path != NULL) {
2173 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2174 if (pkcs11_engine_path_copy == NULL)
2175 return -1;
2176 }
2177 if (pkcs11_module_path != NULL) {
2178 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2179 if (pkcs11_module_path_copy == NULL) {
2180 os_free(pkcs11_engine_path_copy);
2181 return -1;
2182 }
2183 }
2184
2185 os_free(wpa_s->conf->pkcs11_engine_path);
2186 os_free(wpa_s->conf->pkcs11_module_path);
2187 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2188 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2189
2190 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2191 eapol_sm_deinit(wpa_s->eapol);
2192 wpa_s->eapol = NULL;
2193 if (wpa_supplicant_init_eapol(wpa_s)) {
2194 /* Error -> Reset paths to the default value (NULL) once. */
2195 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2196 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2197 NULL);
2198
2199 return -1;
2200 }
2201 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2202
2203 return 0;
2204 }
2205
2206
2207 /**
2208 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2209 * @wpa_s: wpa_supplicant structure for a network interface
2210 * @ap_scan: AP scan mode
2211 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2212 *
2213 */
2214 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2215 {
2216
2217 int old_ap_scan;
2218
2219 if (ap_scan < 0 || ap_scan > 2)
2220 return -1;
2221
2222 #ifdef ANDROID
2223 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2224 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2225 wpa_s->wpa_state < WPA_COMPLETED) {
2226 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2227 "associating", wpa_s->conf->ap_scan, ap_scan);
2228 return 0;
2229 }
2230 #endif /* ANDROID */
2231
2232 old_ap_scan = wpa_s->conf->ap_scan;
2233 wpa_s->conf->ap_scan = ap_scan;
2234
2235 if (old_ap_scan != wpa_s->conf->ap_scan)
2236 wpas_notify_ap_scan_changed(wpa_s);
2237
2238 return 0;
2239 }
2240
2241
2242 /**
2243 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2244 * @wpa_s: wpa_supplicant structure for a network interface
2245 * @expire_age: Expiration age in seconds
2246 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2247 *
2248 */
2249 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2250 unsigned int bss_expire_age)
2251 {
2252 if (bss_expire_age < 10) {
2253 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2254 bss_expire_age);
2255 return -1;
2256 }
2257 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2258 bss_expire_age);
2259 wpa_s->conf->bss_expiration_age = bss_expire_age;
2260
2261 return 0;
2262 }
2263
2264
2265 /**
2266 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2267 * @wpa_s: wpa_supplicant structure for a network interface
2268 * @expire_count: number of scans after which an unseen BSS is reclaimed
2269 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2270 *
2271 */
2272 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2273 unsigned int bss_expire_count)
2274 {
2275 if (bss_expire_count < 1) {
2276 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2277 bss_expire_count);
2278 return -1;
2279 }
2280 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2281 bss_expire_count);
2282 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2283
2284 return 0;
2285 }
2286
2287
2288 /**
2289 * wpa_supplicant_set_scan_interval - Set scan interval
2290 * @wpa_s: wpa_supplicant structure for a network interface
2291 * @scan_interval: scan interval in seconds
2292 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2293 *
2294 */
2295 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2296 int scan_interval)
2297 {
2298 if (scan_interval < 0) {
2299 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2300 scan_interval);
2301 return -1;
2302 }
2303 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2304 scan_interval);
2305 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2306
2307 return 0;
2308 }
2309
2310
2311 /**
2312 * wpa_supplicant_set_debug_params - Set global debug params
2313 * @global: wpa_global structure
2314 * @debug_level: debug level
2315 * @debug_timestamp: determines if show timestamp in debug data
2316 * @debug_show_keys: determines if show keys in debug data
2317 * Returns: 0 if succeed or -1 if debug_level has wrong value
2318 */
2319 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2320 int debug_timestamp, int debug_show_keys)
2321 {
2322
2323 int old_level, old_timestamp, old_show_keys;
2324
2325 /* check for allowed debuglevels */
2326 if (debug_level != MSG_EXCESSIVE &&
2327 debug_level != MSG_MSGDUMP &&
2328 debug_level != MSG_DEBUG &&
2329 debug_level != MSG_INFO &&
2330 debug_level != MSG_WARNING &&
2331 debug_level != MSG_ERROR)
2332 return -1;
2333
2334 old_level = wpa_debug_level;
2335 old_timestamp = wpa_debug_timestamp;
2336 old_show_keys = wpa_debug_show_keys;
2337
2338 wpa_debug_level = debug_level;
2339 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2340 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2341
2342 if (wpa_debug_level != old_level)
2343 wpas_notify_debug_level_changed(global);
2344 if (wpa_debug_timestamp != old_timestamp)
2345 wpas_notify_debug_timestamp_changed(global);
2346 if (wpa_debug_show_keys != old_show_keys)
2347 wpas_notify_debug_show_keys_changed(global);
2348
2349 return 0;
2350 }
2351
2352
2353 /**
2354 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2355 * @wpa_s: Pointer to wpa_supplicant data
2356 * Returns: A pointer to the current network structure or %NULL on failure
2357 */
2358 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2359 {
2360 struct wpa_ssid *entry;
2361 u8 ssid[MAX_SSID_LEN];
2362 int res;
2363 size_t ssid_len;
2364 u8 bssid[ETH_ALEN];
2365 int wired;
2366
2367 res = wpa_drv_get_ssid(wpa_s, ssid);
2368 if (res < 0) {
2369 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2370 "driver");
2371 return NULL;
2372 }
2373 ssid_len = res;
2374
2375 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2376 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2377 "driver");
2378 return NULL;
2379 }
2380
2381 wired = wpa_s->conf->ap_scan == 0 &&
2382 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2383
2384 entry = wpa_s->conf->ssid;
2385 while (entry) {
2386 if (!wpas_network_disabled(wpa_s, entry) &&
2387 ((ssid_len == entry->ssid_len &&
2388 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2389 (!entry->bssid_set ||
2390 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2391 return entry;
2392 #ifdef CONFIG_WPS
2393 if (!wpas_network_disabled(wpa_s, entry) &&
2394 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2395 (entry->ssid == NULL || entry->ssid_len == 0) &&
2396 (!entry->bssid_set ||
2397 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2398 return entry;
2399 #endif /* CONFIG_WPS */
2400
2401 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2402 entry->ssid_len == 0 &&
2403 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2404 return entry;
2405
2406 entry = entry->next;
2407 }
2408
2409 return NULL;
2410 }
2411
2412
2413 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2414 {
2415 struct wpa_global *global = wpa_s->global;
2416
2417 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2418 global->drv_priv[i] = wpa_drivers[i]->global_init();
2419 if (global->drv_priv[i] == NULL) {
2420 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2421 "'%s'", wpa_drivers[i]->name);
2422 return -1;
2423 }
2424 }
2425
2426 wpa_s->driver = wpa_drivers[i];
2427 wpa_s->global_drv_priv = global->drv_priv[i];
2428
2429 return 0;
2430 }
2431
2432
2433 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2434 const char *name)
2435 {
2436 int i;
2437 size_t len;
2438 const char *pos, *driver = name;
2439
2440 if (wpa_s == NULL)
2441 return -1;
2442
2443 if (wpa_drivers[0] == NULL) {
2444 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2445 "wpa_supplicant");
2446 return -1;
2447 }
2448
2449 if (name == NULL) {
2450 /* default to first driver in the list */
2451 return select_driver(wpa_s, 0);
2452 }
2453
2454 do {
2455 pos = os_strchr(driver, ',');
2456 if (pos)
2457 len = pos - driver;
2458 else
2459 len = os_strlen(driver);
2460
2461 for (i = 0; wpa_drivers[i]; i++) {
2462 if (os_strlen(wpa_drivers[i]->name) == len &&
2463 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2464 0) {
2465 /* First driver that succeeds wins */
2466 if (select_driver(wpa_s, i) == 0)
2467 return 0;
2468 }
2469 }
2470
2471 driver = pos + 1;
2472 } while (pos);
2473
2474 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2475 return -1;
2476 }
2477
2478
2479 /**
2480 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2481 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2482 * with struct wpa_driver_ops::init()
2483 * @src_addr: Source address of the EAPOL frame
2484 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2485 * @len: Length of the EAPOL data
2486 *
2487 * This function is called for each received EAPOL frame. Most driver
2488 * interfaces rely on more generic OS mechanism for receiving frames through
2489 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2490 * take care of received EAPOL frames and deliver them to the core supplicant
2491 * code by calling this function.
2492 */
2493 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2494 const u8 *buf, size_t len)
2495 {
2496 struct wpa_supplicant *wpa_s = ctx;
2497
2498 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2499 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2500
2501 #ifdef CONFIG_PEERKEY
2502 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2503 wpa_s->current_ssid->peerkey &&
2504 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2505 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2506 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2507 return;
2508 }
2509 #endif /* CONFIG_PEERKEY */
2510
2511 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2512 (wpa_s->last_eapol_matches_bssid &&
2513 #ifdef CONFIG_AP
2514 !wpa_s->ap_iface &&
2515 #endif /* CONFIG_AP */
2516 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2517 /*
2518 * There is possible race condition between receiving the
2519 * association event and the EAPOL frame since they are coming
2520 * through different paths from the driver. In order to avoid
2521 * issues in trying to process the EAPOL frame before receiving
2522 * association information, lets queue it for processing until
2523 * the association event is received. This may also be needed in
2524 * driver-based roaming case, so also use src_addr != BSSID as a
2525 * trigger if we have previously confirmed that the
2526 * Authenticator uses BSSID as the src_addr (which is not the
2527 * case with wired IEEE 802.1X).
2528 */
2529 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2530 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2531 wpa_supplicant_state_txt(wpa_s->wpa_state),
2532 MAC2STR(wpa_s->bssid));
2533 wpabuf_free(wpa_s->pending_eapol_rx);
2534 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2535 if (wpa_s->pending_eapol_rx) {
2536 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2537 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2538 ETH_ALEN);
2539 }
2540 return;
2541 }
2542
2543 wpa_s->last_eapol_matches_bssid =
2544 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2545
2546 #ifdef CONFIG_AP
2547 if (wpa_s->ap_iface) {
2548 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2549 return;
2550 }
2551 #endif /* CONFIG_AP */
2552
2553 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2554 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2555 "no key management is configured");
2556 return;
2557 }
2558
2559 if (wpa_s->eapol_received == 0 &&
2560 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2561 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2562 wpa_s->wpa_state != WPA_COMPLETED) &&
2563 (wpa_s->current_ssid == NULL ||
2564 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2565 /* Timeout for completing IEEE 802.1X and WPA authentication */
2566 wpa_supplicant_req_auth_timeout(
2567 wpa_s,
2568 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2569 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2570 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2571 70 : 10, 0);
2572 }
2573 wpa_s->eapol_received++;
2574
2575 if (wpa_s->countermeasures) {
2576 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2577 "EAPOL packet");
2578 return;
2579 }
2580
2581 #ifdef CONFIG_IBSS_RSN
2582 if (wpa_s->current_ssid &&
2583 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2584 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2585 return;
2586 }
2587 #endif /* CONFIG_IBSS_RSN */
2588
2589 /* Source address of the incoming EAPOL frame could be compared to the
2590 * current BSSID. However, it is possible that a centralized
2591 * Authenticator could be using another MAC address than the BSSID of
2592 * an AP, so just allow any address to be used for now. The replies are
2593 * still sent to the current BSSID (if available), though. */
2594
2595 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2596 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2597 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2598 return;
2599 wpa_drv_poll(wpa_s);
2600 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2601 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2602 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2603 /*
2604 * Set portValid = TRUE here since we are going to skip 4-way
2605 * handshake processing which would normally set portValid. We
2606 * need this to allow the EAPOL state machines to be completed
2607 * without going through EAPOL-Key handshake.
2608 */
2609 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2610 }
2611 }
2612
2613
2614 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2615 {
2616 if (wpa_s->driver->send_eapol) {
2617 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2618 if (addr)
2619 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2620 } else if ((!wpa_s->p2p_mgmt ||
2621 !(wpa_s->drv_flags &
2622 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2623 !(wpa_s->drv_flags &
2624 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2625 l2_packet_deinit(wpa_s->l2);
2626 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2627 wpa_drv_get_mac_addr(wpa_s),
2628 ETH_P_EAPOL,
2629 wpa_supplicant_rx_eapol, wpa_s, 0);
2630 if (wpa_s->l2 == NULL)
2631 return -1;
2632 } else {
2633 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2634 if (addr)
2635 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2636 }
2637
2638 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2639 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2640 return -1;
2641 }
2642
2643 return 0;
2644 }
2645
2646
2647 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2648 const u8 *buf, size_t len)
2649 {
2650 struct wpa_supplicant *wpa_s = ctx;
2651 const struct l2_ethhdr *eth;
2652
2653 if (len < sizeof(*eth))
2654 return;
2655 eth = (const struct l2_ethhdr *) buf;
2656
2657 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2658 !(eth->h_dest[0] & 0x01)) {
2659 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2660 " (bridge - not for this interface - ignore)",
2661 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2662 return;
2663 }
2664
2665 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2666 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2667 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2668 len - sizeof(*eth));
2669 }
2670
2671
2672 /**
2673 * wpa_supplicant_driver_init - Initialize driver interface parameters
2674 * @wpa_s: Pointer to wpa_supplicant data
2675 * Returns: 0 on success, -1 on failure
2676 *
2677 * This function is called to initialize driver interface parameters.
2678 * wpa_drv_init() must have been called before this function to initialize the
2679 * driver interface.
2680 */
2681 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2682 {
2683 static int interface_count = 0;
2684
2685 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2686 return -1;
2687
2688 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2689 MAC2STR(wpa_s->own_addr));
2690 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2691
2692 if (wpa_s->bridge_ifname[0]) {
2693 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2694 "interface '%s'", wpa_s->bridge_ifname);
2695 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2696 wpa_s->own_addr,
2697 ETH_P_EAPOL,
2698 wpa_supplicant_rx_eapol_bridge,
2699 wpa_s, 1);
2700 if (wpa_s->l2_br == NULL) {
2701 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2702 "connection for the bridge interface '%s'",
2703 wpa_s->bridge_ifname);
2704 return -1;
2705 }
2706 }
2707
2708 wpa_clear_keys(wpa_s, NULL);
2709
2710 /* Make sure that TKIP countermeasures are not left enabled (could
2711 * happen if wpa_supplicant is killed during countermeasures. */
2712 wpa_drv_set_countermeasures(wpa_s, 0);
2713
2714 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2715 wpa_drv_flush_pmkid(wpa_s);
2716
2717 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2718 wpa_s->prev_scan_wildcard = 0;
2719
2720 if (wpa_supplicant_enabled_networks(wpa_s)) {
2721 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2722 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2723 interface_count = 0;
2724 }
2725 if (!wpa_s->p2p_mgmt &&
2726 wpa_supplicant_delayed_sched_scan(wpa_s,
2727 interface_count % 3,
2728 100000))
2729 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2730 100000);
2731 interface_count++;
2732 } else
2733 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2734
2735 return 0;
2736 }
2737
2738
2739 static int wpa_supplicant_daemon(const char *pid_file)
2740 {
2741 wpa_printf(MSG_DEBUG, "Daemonize..");
2742 return os_daemonize(pid_file);
2743 }
2744
2745
2746 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2747 {
2748 struct wpa_supplicant *wpa_s;
2749
2750 wpa_s = os_zalloc(sizeof(*wpa_s));
2751 if (wpa_s == NULL)
2752 return NULL;
2753 wpa_s->scan_req = INITIAL_SCAN_REQ;
2754 wpa_s->scan_interval = 5;
2755 wpa_s->new_connection = 1;
2756 wpa_s->parent = wpa_s;
2757 wpa_s->sched_scanning = 0;
2758
2759 return wpa_s;
2760 }
2761
2762
2763 #ifdef CONFIG_HT_OVERRIDES
2764
2765 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2766 struct ieee80211_ht_capabilities *htcaps,
2767 struct ieee80211_ht_capabilities *htcaps_mask,
2768 const char *ht_mcs)
2769 {
2770 /* parse ht_mcs into hex array */
2771 int i;
2772 const char *tmp = ht_mcs;
2773 char *end = NULL;
2774
2775 /* If ht_mcs is null, do not set anything */
2776 if (!ht_mcs)
2777 return 0;
2778
2779 /* This is what we are setting in the kernel */
2780 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2781
2782 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2783
2784 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2785 errno = 0;
2786 long v = strtol(tmp, &end, 16);
2787 if (errno == 0) {
2788 wpa_msg(wpa_s, MSG_DEBUG,
2789 "htcap value[%i]: %ld end: %p tmp: %p",
2790 i, v, end, tmp);
2791 if (end == tmp)
2792 break;
2793
2794 htcaps->supported_mcs_set[i] = v;
2795 tmp = end;
2796 } else {
2797 wpa_msg(wpa_s, MSG_ERROR,
2798 "Failed to parse ht-mcs: %s, error: %s\n",
2799 ht_mcs, strerror(errno));
2800 return -1;
2801 }
2802 }
2803
2804 /*
2805 * If we were able to parse any values, then set mask for the MCS set.
2806 */
2807 if (i) {
2808 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2809 IEEE80211_HT_MCS_MASK_LEN - 1);
2810 /* skip the 3 reserved bits */
2811 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2812 0x1f;
2813 }
2814
2815 return 0;
2816 }
2817
2818
2819 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2820 struct ieee80211_ht_capabilities *htcaps,
2821 struct ieee80211_ht_capabilities *htcaps_mask,
2822 int disabled)
2823 {
2824 u16 msk;
2825
2826 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2827
2828 if (disabled == -1)
2829 return 0;
2830
2831 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2832 htcaps_mask->ht_capabilities_info |= msk;
2833 if (disabled)
2834 htcaps->ht_capabilities_info &= msk;
2835 else
2836 htcaps->ht_capabilities_info |= msk;
2837
2838 return 0;
2839 }
2840
2841
2842 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2843 struct ieee80211_ht_capabilities *htcaps,
2844 struct ieee80211_ht_capabilities *htcaps_mask,
2845 int factor)
2846 {
2847 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2848
2849 if (factor == -1)
2850 return 0;
2851
2852 if (factor < 0 || factor > 3) {
2853 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2854 "Must be 0-3 or -1", factor);
2855 return -EINVAL;
2856 }
2857
2858 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2859 htcaps->a_mpdu_params &= ~0x3;
2860 htcaps->a_mpdu_params |= factor & 0x3;
2861
2862 return 0;
2863 }
2864
2865
2866 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2867 struct ieee80211_ht_capabilities *htcaps,
2868 struct ieee80211_ht_capabilities *htcaps_mask,
2869 int density)
2870 {
2871 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2872
2873 if (density == -1)
2874 return 0;
2875
2876 if (density < 0 || density > 7) {
2877 wpa_msg(wpa_s, MSG_ERROR,
2878 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2879 density);
2880 return -EINVAL;
2881 }
2882
2883 htcaps_mask->a_mpdu_params |= 0x1C;
2884 htcaps->a_mpdu_params &= ~(0x1C);
2885 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2886
2887 return 0;
2888 }
2889
2890
2891 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2892 struct ieee80211_ht_capabilities *htcaps,
2893 struct ieee80211_ht_capabilities *htcaps_mask,
2894 int disabled)
2895 {
2896 /* Masking these out disables HT40 */
2897 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2898 HT_CAP_INFO_SHORT_GI40MHZ);
2899
2900 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2901
2902 if (disabled)
2903 htcaps->ht_capabilities_info &= ~msk;
2904 else
2905 htcaps->ht_capabilities_info |= msk;
2906
2907 htcaps_mask->ht_capabilities_info |= msk;
2908
2909 return 0;
2910 }
2911
2912
2913 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2914 struct ieee80211_ht_capabilities *htcaps,
2915 struct ieee80211_ht_capabilities *htcaps_mask,
2916 int disabled)
2917 {
2918 /* Masking these out disables SGI */
2919 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2920 HT_CAP_INFO_SHORT_GI40MHZ);
2921
2922 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2923
2924 if (disabled)
2925 htcaps->ht_capabilities_info &= ~msk;
2926 else
2927 htcaps->ht_capabilities_info |= msk;
2928
2929 htcaps_mask->ht_capabilities_info |= msk;
2930
2931 return 0;
2932 }
2933
2934
2935 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
2936 struct ieee80211_ht_capabilities *htcaps,
2937 struct ieee80211_ht_capabilities *htcaps_mask,
2938 int disabled)
2939 {
2940 /* Masking these out disables LDPC */
2941 u16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
2942
2943 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
2944
2945 if (disabled)
2946 htcaps->ht_capabilities_info &= ~msk;
2947 else
2948 htcaps->ht_capabilities_info |= msk;
2949
2950 htcaps_mask->ht_capabilities_info |= msk;
2951
2952 return 0;
2953 }
2954
2955
2956 void wpa_supplicant_apply_ht_overrides(
2957 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2958 struct wpa_driver_associate_params *params)
2959 {
2960 struct ieee80211_ht_capabilities *htcaps;
2961 struct ieee80211_ht_capabilities *htcaps_mask;
2962
2963 if (!ssid)
2964 return;
2965
2966 params->disable_ht = ssid->disable_ht;
2967 if (!params->htcaps || !params->htcaps_mask)
2968 return;
2969
2970 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2971 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2972 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2973 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2974 ssid->disable_max_amsdu);
2975 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2976 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2977 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2978 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2979 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
2980
2981 if (ssid->ht40_intolerant) {
2982 u16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
2983 htcaps->ht_capabilities_info |= bit;
2984 htcaps_mask->ht_capabilities_info |= bit;
2985 }
2986 }
2987
2988 #endif /* CONFIG_HT_OVERRIDES */
2989
2990
2991 #ifdef CONFIG_VHT_OVERRIDES
2992 void wpa_supplicant_apply_vht_overrides(
2993 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2994 struct wpa_driver_associate_params *params)
2995 {
2996 struct ieee80211_vht_capabilities *vhtcaps;
2997 struct ieee80211_vht_capabilities *vhtcaps_mask;
2998 #ifdef CONFIG_HT_OVERRIDES
2999 int max_ampdu;
3000 const u32 max_ampdu_mask = VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
3001 #endif /* CONFIG_HT_OVERRIDES */
3002
3003 if (!ssid)
3004 return;
3005
3006 params->disable_vht = ssid->disable_vht;
3007
3008 vhtcaps = (void *) params->vhtcaps;
3009 vhtcaps_mask = (void *) params->vhtcaps_mask;
3010
3011 if (!vhtcaps || !vhtcaps_mask)
3012 return;
3013
3014 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3015 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3016
3017 #ifdef CONFIG_HT_OVERRIDES
3018 /* if max ampdu is <= 3, we have to make the HT cap the same */
3019 if (ssid->vht_capa_mask & max_ampdu_mask) {
3020 max_ampdu = (ssid->vht_capa & max_ampdu_mask) >>
3021 find_first_bit(max_ampdu_mask);
3022
3023 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3024 wpa_set_ampdu_factor(wpa_s,
3025 (void *) params->htcaps,
3026 (void *) params->htcaps_mask,
3027 max_ampdu);
3028 }
3029 #endif /* CONFIG_HT_OVERRIDES */
3030
3031 #define OVERRIDE_MCS(i) \
3032 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3033 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3034 3 << 2 * (i - 1); \
3035 vhtcaps->vht_supported_mcs_set.tx_map |= \
3036 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3037 } \
3038 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3039 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3040 3 << 2 * (i - 1); \
3041 vhtcaps->vht_supported_mcs_set.rx_map |= \
3042 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3043 }
3044
3045 OVERRIDE_MCS(1);
3046 OVERRIDE_MCS(2);
3047 OVERRIDE_MCS(3);
3048 OVERRIDE_MCS(4);
3049 OVERRIDE_MCS(5);
3050 OVERRIDE_MCS(6);
3051 OVERRIDE_MCS(7);
3052 OVERRIDE_MCS(8);
3053 }
3054 #endif /* CONFIG_VHT_OVERRIDES */
3055
3056
3057 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3058 {
3059 #ifdef PCSC_FUNCS
3060 size_t len;
3061
3062 if (!wpa_s->conf->pcsc_reader)
3063 return 0;
3064
3065 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3066 if (!wpa_s->scard)
3067 return 1;
3068
3069 if (wpa_s->conf->pcsc_pin &&
3070 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3071 scard_deinit(wpa_s->scard);
3072 wpa_s->scard = NULL;
3073 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3074 return -1;
3075 }
3076
3077 len = sizeof(wpa_s->imsi) - 1;
3078 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3079 scard_deinit(wpa_s->scard);
3080 wpa_s->scard = NULL;
3081 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3082 return -1;
3083 }
3084 wpa_s->imsi[len] = '\0';
3085
3086 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3087
3088 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3089 wpa_s->imsi, wpa_s->mnc_len);
3090
3091 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3092 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3093 #endif /* PCSC_FUNCS */
3094
3095 return 0;
3096 }
3097
3098
3099 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3100 {
3101 char *val, *pos;
3102
3103 ext_password_deinit(wpa_s->ext_pw);
3104 wpa_s->ext_pw = NULL;
3105 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3106
3107 if (!wpa_s->conf->ext_password_backend)
3108 return 0;
3109
3110 val = os_strdup(wpa_s->conf->ext_password_backend);
3111 if (val == NULL)
3112 return -1;
3113 pos = os_strchr(val, ':');
3114 if (pos)
3115 *pos++ = '\0';
3116
3117 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3118
3119 wpa_s->ext_pw = ext_password_init(val, pos);
3120 os_free(val);
3121 if (wpa_s->ext_pw == NULL) {
3122 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3123 return -1;
3124 }
3125 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3126
3127 return 0;
3128 }
3129
3130
3131 static int wpas_check_wowlan_trigger(const char *start, const char *trigger,
3132 int capa_trigger, u8 *param_trigger)
3133 {
3134 if (os_strcmp(start, trigger) != 0)
3135 return 0;
3136 if (!capa_trigger)
3137 return 0;
3138
3139 *param_trigger = 1;
3140 return 1;
3141 }
3142
3143
3144 int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3145 struct wpa_driver_capa *capa)
3146 {
3147 struct wowlan_triggers triggers;
3148 char *start, *end, *buf;
3149 int last, ret;
3150
3151 if (!wpa_s->conf->wowlan_triggers)
3152 return 0;
3153
3154 buf = os_strdup(wpa_s->conf->wowlan_triggers);
3155 if (buf == NULL)
3156 return -1;
3157
3158 os_memset(&triggers, 0, sizeof(triggers));
3159
3160 #define CHECK_TRIGGER(trigger) \
3161 wpas_check_wowlan_trigger(start, #trigger, \
3162 capa->wowlan_triggers.trigger, \
3163 &triggers.trigger)
3164
3165 start = buf;
3166 while (*start != '\0') {
3167 while (isblank(*start))
3168 start++;
3169 if (*start == '\0')
3170 break;
3171 end = start;
3172 while (!isblank(*end) && *end != '\0')
3173 end++;
3174 last = *end == '\0';
3175 *end = '\0';
3176
3177 if (!CHECK_TRIGGER(any) &&
3178 !CHECK_TRIGGER(disconnect) &&
3179 !CHECK_TRIGGER(magic_pkt) &&
3180 !CHECK_TRIGGER(gtk_rekey_failure) &&
3181 !CHECK_TRIGGER(eap_identity_req) &&
3182 !CHECK_TRIGGER(four_way_handshake) &&
3183 !CHECK_TRIGGER(rfkill_release)) {
3184 wpa_printf(MSG_DEBUG,
3185 "Unknown/unsupported wowlan trigger '%s'",
3186 start);
3187 ret = -1;
3188 goto out;
3189 }
3190
3191 if (last)
3192 break;
3193 start = end + 1;
3194 }
3195 #undef CHECK_TRIGGER
3196
3197 ret = wpa_drv_wowlan(wpa_s, &triggers);
3198 out:
3199 os_free(buf);
3200 return ret;
3201 }
3202
3203
3204 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3205 const char *rn)
3206 {
3207 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3208 struct wpa_radio *radio;
3209
3210 while (rn && iface) {
3211 radio = iface->radio;
3212 if (radio && os_strcmp(rn, radio->name) == 0) {
3213 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3214 wpa_s->ifname, rn);
3215 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3216 return radio;
3217 }
3218
3219 iface = iface->next;
3220 }
3221
3222 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3223 wpa_s->ifname, rn ? rn : "N/A");
3224 radio = os_zalloc(sizeof(*radio));
3225 if (radio == NULL)
3226 return NULL;
3227
3228 if (rn)
3229 os_strlcpy(radio->name, rn, sizeof(radio->name));
3230 dl_list_init(&radio->ifaces);
3231 dl_list_init(&radio->work);
3232 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3233
3234 return radio;
3235 }
3236
3237
3238 static void radio_work_free(struct wpa_radio_work *work)
3239 {
3240 if (work->wpa_s->scan_work == work) {
3241 /* This should not really happen. */
3242 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3243 work->type, work, work->started);
3244 work->wpa_s->scan_work = NULL;
3245 }
3246
3247 #ifdef CONFIG_P2P
3248 if (work->wpa_s->p2p_scan_work == work) {
3249 /* This should not really happen. */
3250 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3251 work->type, work, work->started);
3252 work->wpa_s->p2p_scan_work = NULL;
3253 }
3254 #endif /* CONFIG_P2P */
3255
3256 dl_list_del(&work->list);
3257 os_free(work);
3258 }
3259
3260
3261 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3262 {
3263 struct wpa_radio *radio = eloop_ctx;
3264 struct wpa_radio_work *work;
3265 struct os_reltime now, diff;
3266 struct wpa_supplicant *wpa_s;
3267
3268 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3269 if (work == NULL)
3270 return;
3271
3272 if (work->started)
3273 return; /* already started and still in progress */
3274
3275 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3276 radio_list);
3277 if (wpa_s && wpa_s->external_scan_running) {
3278 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3279 return;
3280 }
3281
3282 os_get_reltime(&now);
3283 os_reltime_sub(&now, &work->time, &diff);
3284 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3285 work->type, work, diff.sec, diff.usec);
3286 work->started = 1;
3287 work->time = now;
3288 work->cb(work, 0);
3289 }
3290
3291
3292 /*
3293 * This function removes both started and pending radio works running on
3294 * the provided interface's radio.
3295 * Prior to the removal of the radio work, its callback (cb) is called with
3296 * deinit set to be 1. Each work's callback is responsible for clearing its
3297 * internal data and restoring to a correct state.
3298 * @wpa_s: wpa_supplicant data
3299 * @type: type of works to be removed
3300 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3301 * this interface's works.
3302 */
3303 void radio_remove_works(struct wpa_supplicant *wpa_s,
3304 const char *type, int remove_all)
3305 {
3306 struct wpa_radio_work *work, *tmp;
3307 struct wpa_radio *radio = wpa_s->radio;
3308
3309 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3310 list) {
3311 if (type && os_strcmp(type, work->type) != 0)
3312 continue;
3313
3314 /* skip other ifaces' works */
3315 if (!remove_all && work->wpa_s != wpa_s)
3316 continue;
3317
3318 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3319 work->type, work, work->started ? " (started)" : "");
3320 work->cb(work, 1);
3321 radio_work_free(work);
3322 }
3323
3324 /* in case we removed the started work */
3325 radio_work_check_next(wpa_s);
3326 }
3327
3328
3329 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3330 {
3331 struct wpa_radio *radio = wpa_s->radio;
3332
3333 if (!radio)
3334 return;
3335
3336 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3337 wpa_s->ifname, radio->name);
3338 dl_list_del(&wpa_s->radio_list);
3339 radio_remove_works(wpa_s, NULL, 0);
3340 wpa_s->radio = NULL;
3341 if (!dl_list_empty(&radio->ifaces))
3342 return; /* Interfaces remain for this radio */
3343
3344 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3345 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3346 os_free(radio);
3347 }
3348
3349
3350 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3351 {
3352 struct wpa_radio *radio = wpa_s->radio;
3353
3354 if (dl_list_empty(&radio->work))
3355 return;
3356 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3357 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3358 }
3359
3360
3361 /**
3362 * radio_add_work - Add a radio work item
3363 * @wpa_s: Pointer to wpa_supplicant data
3364 * @freq: Frequency of the offchannel operation in MHz or 0
3365 * @type: Unique identifier for each type of work
3366 * @next: Force as the next work to be executed
3367 * @cb: Callback function for indicating when radio is available
3368 * @ctx: Context pointer for the work (work->ctx in cb())
3369 * Returns: 0 on success, -1 on failure
3370 *
3371 * This function is used to request time for an operation that requires
3372 * exclusive radio control. Once the radio is available, the registered callback
3373 * function will be called. radio_work_done() must be called once the exclusive
3374 * radio operation has been completed, so that the radio is freed for other
3375 * operations. The special case of deinit=1 is used to free the context data
3376 * during interface removal. That does not allow the callback function to start
3377 * the radio operation, i.e., it must free any resources allocated for the radio
3378 * work and return.
3379 *
3380 * The @freq parameter can be used to indicate a single channel on which the
3381 * offchannel operation will occur. This may allow multiple radio work
3382 * operations to be performed in parallel if they apply for the same channel.
3383 * Setting this to 0 indicates that the work item may use multiple channels or
3384 * requires exclusive control of the radio.
3385 */
3386 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3387 const char *type, int next,
3388 void (*cb)(struct wpa_radio_work *work, int deinit),
3389 void *ctx)
3390 {
3391 struct wpa_radio_work *work;
3392 int was_empty;
3393
3394 work = os_zalloc(sizeof(*work));
3395 if (work == NULL)
3396 return -1;
3397 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3398 os_get_reltime(&work->time);
3399 work->freq = freq;
3400 work->type = type;
3401 work->wpa_s = wpa_s;
3402 work->cb = cb;
3403 work->ctx = ctx;
3404
3405 was_empty = dl_list_empty(&wpa_s->radio->work);
3406 if (next)
3407 dl_list_add(&wpa_s->radio->work, &work->list);
3408 else
3409 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3410 if (was_empty) {
3411 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3412 radio_work_check_next(wpa_s);
3413 }
3414
3415 return 0;
3416 }
3417
3418
3419 /**
3420 * radio_work_done - Indicate that a radio work item has been completed
3421 * @work: Completed work
3422 *
3423 * This function is called once the callback function registered with
3424 * radio_add_work() has completed its work.
3425 */
3426 void radio_work_done(struct wpa_radio_work *work)
3427 {
3428 struct wpa_supplicant *wpa_s = work->wpa_s;
3429 struct os_reltime now, diff;
3430 unsigned int started = work->started;
3431
3432 os_get_reltime(&now);
3433 os_reltime_sub(&now, &work->time, &diff);
3434 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3435 work->type, work, started ? "done" : "canceled",
3436 diff.sec, diff.usec);
3437 radio_work_free(work);
3438 if (started)
3439 radio_work_check_next(wpa_s);
3440 }
3441
3442
3443 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3444 {
3445 struct wpa_radio_work *work;
3446 struct wpa_radio *radio = wpa_s->radio;
3447
3448 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3449 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3450 return 1;
3451 }
3452
3453 return 0;
3454 }
3455
3456
3457 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3458 struct wpa_interface *iface)
3459 {
3460 const char *ifname, *driver, *rn;
3461
3462 driver = iface->driver;
3463 next_driver:
3464 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3465 return -1;
3466
3467 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3468 if (wpa_s->drv_priv == NULL) {
3469 const char *pos;
3470 pos = driver ? os_strchr(driver, ',') : NULL;
3471 if (pos) {
3472 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3473 "driver interface - try next driver wrapper");
3474 driver = pos + 1;
3475 goto next_driver;
3476 }
3477 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3478 "interface");
3479 return -1;
3480 }
3481 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3482 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3483 "driver_param '%s'", wpa_s->conf->driver_param);
3484 return -1;
3485 }
3486
3487 ifname = wpa_drv_get_ifname(wpa_s);
3488 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3489 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3490 "interface name with '%s'", ifname);
3491 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3492 }
3493
3494 rn = wpa_driver_get_radio_name(wpa_s);
3495 if (rn && rn[0] == '\0')
3496 rn = NULL;
3497
3498 wpa_s->radio = radio_add_interface(wpa_s, rn);
3499 if (wpa_s->radio == NULL)
3500 return -1;
3501
3502 return 0;
3503 }
3504
3505
3506 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3507 struct wpa_interface *iface)
3508 {
3509 struct wpa_driver_capa capa;
3510
3511 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3512 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3513 iface->confname ? iface->confname : "N/A",
3514 iface->driver ? iface->driver : "default",
3515 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3516 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3517
3518 if (iface->confname) {
3519 #ifdef CONFIG_BACKEND_FILE
3520 wpa_s->confname = os_rel2abs_path(iface->confname);
3521 if (wpa_s->confname == NULL) {
3522 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3523 "for configuration file '%s'.",
3524 iface->confname);
3525 return -1;
3526 }
3527 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3528 iface->confname, wpa_s->confname);
3529 #else /* CONFIG_BACKEND_FILE */
3530 wpa_s->confname = os_strdup(iface->confname);
3531 #endif /* CONFIG_BACKEND_FILE */
3532 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3533 if (wpa_s->conf == NULL) {
3534 wpa_printf(MSG_ERROR, "Failed to read or parse "
3535 "configuration '%s'.", wpa_s->confname);
3536 return -1;
3537 }
3538 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3539 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3540
3541 #ifdef CONFIG_P2P
3542 wpa_s->conf_p2p_dev = os_rel2abs_path(iface->conf_p2p_dev);
3543 wpa_config_read(wpa_s->conf_p2p_dev, wpa_s->conf);
3544 #endif /* CONFIG_P2P */
3545
3546 /*
3547 * Override ctrl_interface and driver_param if set on command
3548 * line.
3549 */
3550 if (iface->ctrl_interface) {
3551 os_free(wpa_s->conf->ctrl_interface);
3552 wpa_s->conf->ctrl_interface =
3553 os_strdup(iface->ctrl_interface);
3554 }
3555
3556 if (iface->driver_param) {
3557 os_free(wpa_s->conf->driver_param);
3558 wpa_s->conf->driver_param =
3559 os_strdup(iface->driver_param);
3560 }
3561
3562 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3563 os_free(wpa_s->conf->ctrl_interface);
3564 wpa_s->conf->ctrl_interface = NULL;
3565 }
3566 } else
3567 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3568 iface->driver_param);
3569
3570 if (wpa_s->conf == NULL) {
3571 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3572 return -1;
3573 }
3574
3575 if (iface->ifname == NULL) {
3576 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3577 return -1;
3578 }
3579 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3580 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3581 iface->ifname);
3582 return -1;
3583 }
3584 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3585
3586 if (iface->bridge_ifname) {
3587 if (os_strlen(iface->bridge_ifname) >=
3588 sizeof(wpa_s->bridge_ifname)) {
3589 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3590 "name '%s'.", iface->bridge_ifname);
3591 return -1;
3592 }
3593 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3594 sizeof(wpa_s->bridge_ifname));
3595 }
3596
3597 /* RSNA Supplicant Key Management - INITIALIZE */
3598 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3599 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3600
3601 /* Initialize driver interface and register driver event handler before
3602 * L2 receive handler so that association events are processed before
3603 * EAPOL-Key packets if both become available for the same select()
3604 * call. */
3605 if (wpas_init_driver(wpa_s, iface) < 0)
3606 return -1;
3607
3608 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3609 return -1;
3610
3611 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3612 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3613 NULL);
3614 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3615
3616 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3617 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3618 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3619 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3620 "dot11RSNAConfigPMKLifetime");
3621 return -1;
3622 }
3623
3624 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3625 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3626 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3627 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3628 "dot11RSNAConfigPMKReauthThreshold");
3629 return -1;
3630 }
3631
3632 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3633 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3634 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3635 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3636 "dot11RSNAConfigSATimeout");
3637 return -1;
3638 }
3639
3640 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3641 &wpa_s->hw.num_modes,
3642 &wpa_s->hw.flags);
3643
3644 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3645 wpa_s->drv_capa_known = 1;
3646 wpa_s->drv_flags = capa.flags;
3647 wpa_s->drv_enc = capa.enc;
3648 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3649 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3650 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3651 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3652 wpa_s->max_match_sets = capa.max_match_sets;
3653 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3654 wpa_s->max_stations = capa.max_stations;
3655 wpa_s->extended_capa = capa.extended_capa;
3656 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3657 wpa_s->extended_capa_len = capa.extended_capa_len;
3658 wpa_s->num_multichan_concurrent =
3659 capa.num_multichan_concurrent;
3660 }
3661 if (wpa_s->max_remain_on_chan == 0)
3662 wpa_s->max_remain_on_chan = 1000;
3663
3664 /*
3665 * Only take p2p_mgmt parameters when P2P Device is supported.
3666 * Doing it here as it determines whether l2_packet_init() will be done
3667 * during wpa_supplicant_driver_init().
3668 */
3669 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3670 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3671 else
3672 iface->p2p_mgmt = 1;
3673
3674 if (wpa_s->num_multichan_concurrent == 0)
3675 wpa_s->num_multichan_concurrent = 1;
3676
3677 if (wpa_supplicant_driver_init(wpa_s) < 0)
3678 return -1;
3679
3680 #ifdef CONFIG_TDLS
3681 if ((!iface->p2p_mgmt ||
3682 !(wpa_s->drv_flags &
3683 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3684 wpa_tdls_init(wpa_s->wpa))
3685 return -1;
3686 #endif /* CONFIG_TDLS */
3687
3688 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3689 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3690 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3691 return -1;
3692 }
3693
3694 if (wpas_wps_init(wpa_s))
3695 return -1;
3696
3697 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3698 return -1;
3699 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3700
3701 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3702 if (wpa_s->ctrl_iface == NULL) {
3703 wpa_printf(MSG_ERROR,
3704 "Failed to initialize control interface '%s'.\n"
3705 "You may have another wpa_supplicant process "
3706 "already running or the file was\n"
3707 "left by an unclean termination of wpa_supplicant "
3708 "in which case you will need\n"
3709 "to manually remove this file before starting "
3710 "wpa_supplicant again.\n",
3711 wpa_s->conf->ctrl_interface);
3712 return -1;
3713 }
3714
3715 wpa_s->gas = gas_query_init(wpa_s);
3716 if (wpa_s->gas == NULL) {
3717 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3718 return -1;
3719 }
3720
3721 #ifdef CONFIG_P2P
3722 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3723 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3724 return -1;
3725 }
3726 #endif /* CONFIG_P2P */
3727
3728 if (wpa_bss_init(wpa_s) < 0)
3729 return -1;
3730
3731 /*
3732 * Set Wake-on-WLAN triggers, if configured.
3733 * Note: We don't restore/remove the triggers on shutdown (it doesn't
3734 * have effect anyway when the interface is down).
3735 */
3736 if (wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
3737 return -1;
3738
3739 #ifdef CONFIG_EAP_PROXY
3740 {
3741 size_t len;
3742 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3743 &len);
3744 if (wpa_s->mnc_len > 0) {
3745 wpa_s->imsi[len] = '\0';
3746 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3747 wpa_s->imsi, wpa_s->mnc_len);
3748 } else {
3749 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3750 }
3751 }
3752 #endif /* CONFIG_EAP_PROXY */
3753
3754 if (pcsc_reader_init(wpa_s) < 0)
3755 return -1;
3756
3757 if (wpas_init_ext_pw(wpa_s) < 0)
3758 return -1;
3759
3760 return 0;
3761 }
3762
3763
3764 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3765 int notify, int terminate)
3766 {
3767 wpa_s->disconnected = 1;
3768 if (wpa_s->drv_priv) {
3769 wpa_supplicant_deauthenticate(wpa_s,
3770 WLAN_REASON_DEAUTH_LEAVING);
3771
3772 wpa_drv_set_countermeasures(wpa_s, 0);
3773 wpa_clear_keys(wpa_s, NULL);
3774 }
3775
3776 wpa_supplicant_cleanup(wpa_s);
3777
3778 #ifdef CONFIG_P2P
3779 if (wpa_s == wpa_s->parent)
3780 wpas_p2p_group_remove(wpa_s, "*");
3781 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3782 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3783 "the management interface is being removed");
3784 wpas_p2p_deinit_global(wpa_s->global);
3785 }
3786 #endif /* CONFIG_P2P */
3787
3788 wpas_ctrl_radio_work_flush(wpa_s);
3789 radio_remove_interface(wpa_s);
3790
3791 if (wpa_s->drv_priv)
3792 wpa_drv_deinit(wpa_s);
3793
3794 if (notify)
3795 wpas_notify_iface_removed(wpa_s);
3796
3797 if (terminate)
3798 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3799
3800 if (wpa_s->ctrl_iface) {
3801 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3802 wpa_s->ctrl_iface = NULL;
3803 }
3804
3805 if (wpa_s->conf != NULL) {
3806 wpa_config_free(wpa_s->conf);
3807 wpa_s->conf = NULL;
3808 }
3809
3810 os_free(wpa_s);
3811 }
3812
3813
3814 /**
3815 * wpa_supplicant_add_iface - Add a new network interface
3816 * @global: Pointer to global data from wpa_supplicant_init()
3817 * @iface: Interface configuration options
3818 * Returns: Pointer to the created interface or %NULL on failure
3819 *
3820 * This function is used to add new network interfaces for %wpa_supplicant.
3821 * This can be called before wpa_supplicant_run() to add interfaces before the
3822 * main event loop has been started. In addition, new interfaces can be added
3823 * dynamically while %wpa_supplicant is already running. This could happen,
3824 * e.g., when a hotplug network adapter is inserted.
3825 */
3826 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3827 struct wpa_interface *iface)
3828 {
3829 struct wpa_supplicant *wpa_s;
3830 struct wpa_interface t_iface;
3831 struct wpa_ssid *ssid;
3832
3833 if (global == NULL || iface == NULL)
3834 return NULL;
3835
3836 wpa_s = wpa_supplicant_alloc();
3837 if (wpa_s == NULL)
3838 return NULL;
3839
3840 wpa_s->global = global;
3841
3842 t_iface = *iface;
3843 if (global->params.override_driver) {
3844 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3845 "('%s' -> '%s')",
3846 iface->driver, global->params.override_driver);
3847 t_iface.driver = global->params.override_driver;
3848 }
3849 if (global->params.override_ctrl_interface) {
3850 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3851 "ctrl_interface ('%s' -> '%s')",
3852 iface->ctrl_interface,
3853 global->params.override_ctrl_interface);
3854 t_iface.ctrl_interface =
3855 global->params.override_ctrl_interface;
3856 }
3857 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3858 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3859 iface->ifname);
3860 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3861 return NULL;
3862 }
3863
3864 /* Notify the control interfaces about new iface */
3865 if (wpas_notify_iface_added(wpa_s)) {
3866 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3867 return NULL;
3868 }
3869
3870 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3871 wpas_notify_network_added(wpa_s, ssid);
3872
3873 wpa_s->next = global->ifaces;
3874 global->ifaces = wpa_s;
3875
3876 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3877 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3878
3879 return wpa_s;
3880 }
3881
3882
3883 /**
3884 * wpa_supplicant_remove_iface - Remove a network interface
3885 * @global: Pointer to global data from wpa_supplicant_init()
3886 * @wpa_s: Pointer to the network interface to be removed
3887 * Returns: 0 if interface was removed, -1 if interface was not found
3888 *
3889 * This function can be used to dynamically remove network interfaces from
3890 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3891 * addition, this function is used to remove all remaining interfaces when
3892 * %wpa_supplicant is terminated.
3893 */
3894 int wpa_supplicant_remove_iface(struct wpa_global *global,
3895 struct wpa_supplicant *wpa_s,
3896 int terminate)
3897 {
3898 struct wpa_supplicant *prev;
3899
3900 /* Remove interface from the global list of interfaces */
3901 prev = global->ifaces;
3902 if (prev == wpa_s) {
3903 global->ifaces = wpa_s->next;
3904 } else {
3905 while (prev && prev->next != wpa_s)
3906 prev = prev->next;
3907 if (prev == NULL)
3908 return -1;
3909 prev->next = wpa_s->next;
3910 }
3911
3912 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3913
3914 if (global->p2p_group_formation == wpa_s)
3915 global->p2p_group_formation = NULL;
3916 if (global->p2p_invite_group == wpa_s)
3917 global->p2p_invite_group = NULL;
3918 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3919
3920 return 0;
3921 }
3922
3923
3924 /**
3925 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3926 * @wpa_s: Pointer to the network interface
3927 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3928 */
3929 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3930 {
3931 const char *eapol_method;
3932
3933 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3934 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3935 return "NO-EAP";
3936 }
3937
3938 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3939 if (eapol_method == NULL)
3940 return "UNKNOWN-EAP";
3941
3942 return eapol_method;
3943 }
3944
3945
3946 /**
3947 * wpa_supplicant_get_iface - Get a new network interface
3948 * @global: Pointer to global data from wpa_supplicant_init()
3949 * @ifname: Interface name
3950 * Returns: Pointer to the interface or %NULL if not found
3951 */
3952 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3953 const char *ifname)
3954 {
3955 struct wpa_supplicant *wpa_s;
3956
3957 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3958 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3959 return wpa_s;
3960 }
3961 return NULL;
3962 }
3963
3964
3965 #ifndef CONFIG_NO_WPA_MSG
3966 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3967 {
3968 struct wpa_supplicant *wpa_s = ctx;
3969 if (wpa_s == NULL)
3970 return NULL;
3971 return wpa_s->ifname;
3972 }
3973 #endif /* CONFIG_NO_WPA_MSG */
3974
3975
3976 /**
3977 * wpa_supplicant_init - Initialize %wpa_supplicant
3978 * @params: Parameters for %wpa_supplicant
3979 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3980 *
3981 * This function is used to initialize %wpa_supplicant. After successful
3982 * initialization, the returned data pointer can be used to add and remove
3983 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3984 */
3985 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3986 {
3987 struct wpa_global *global;
3988 int ret, i;
3989
3990 if (params == NULL)
3991 return NULL;
3992
3993 #ifdef CONFIG_DRIVER_NDIS
3994 {
3995 void driver_ndis_init_ops(void);
3996 driver_ndis_init_ops();
3997 }
3998 #endif /* CONFIG_DRIVER_NDIS */
3999
4000 #ifndef CONFIG_NO_WPA_MSG
4001 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4002 #endif /* CONFIG_NO_WPA_MSG */
4003
4004 wpa_debug_open_file(params->wpa_debug_file_path);
4005 if (params->wpa_debug_syslog)
4006 wpa_debug_open_syslog();
4007 if (params->wpa_debug_tracing) {
4008 ret = wpa_debug_open_linux_tracing();
4009 if (ret) {
4010 wpa_printf(MSG_ERROR,
4011 "Failed to enable trace logging");
4012 return NULL;
4013 }
4014 }
4015
4016 ret = eap_register_methods();
4017 if (ret) {
4018 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4019 if (ret == -2)
4020 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4021 "the same EAP type.");
4022 return NULL;
4023 }
4024
4025 global = os_zalloc(sizeof(*global));
4026 if (global == NULL)
4027 return NULL;
4028 dl_list_init(&global->p2p_srv_bonjour);
4029 dl_list_init(&global->p2p_srv_upnp);
4030 global->params.daemonize = params->daemonize;
4031 global->params.wait_for_monitor = params->wait_for_monitor;
4032 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4033 if (params->pid_file)
4034 global->params.pid_file = os_strdup(params->pid_file);
4035 if (params->ctrl_interface)
4036 global->params.ctrl_interface =
4037 os_strdup(params->ctrl_interface);
4038 if (params->ctrl_interface_group)
4039 global->params.ctrl_interface_group =
4040 os_strdup(params->ctrl_interface_group);
4041 if (params->override_driver)
4042 global->params.override_driver =
4043 os_strdup(params->override_driver);
4044 if (params->override_ctrl_interface)
4045 global->params.override_ctrl_interface =
4046 os_strdup(params->override_ctrl_interface);
4047 wpa_debug_level = global->params.wpa_debug_level =
4048 params->wpa_debug_level;
4049 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4050 params->wpa_debug_show_keys;
4051 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4052 params->wpa_debug_timestamp;
4053
4054 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4055
4056 if (eloop_init()) {
4057 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4058 wpa_supplicant_deinit(global);
4059 return NULL;
4060 }
4061
4062 random_init(params->entropy_file);
4063
4064 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4065 if (global->ctrl_iface == NULL) {
4066 wpa_supplicant_deinit(global);
4067 return NULL;
4068 }
4069
4070 if (wpas_notify_supplicant_initialized(global)) {
4071 wpa_supplicant_deinit(global);
4072 return NULL;
4073 }
4074
4075 for (i = 0; wpa_drivers[i]; i++)
4076 global->drv_count++;
4077 if (global->drv_count == 0) {
4078 wpa_printf(MSG_ERROR, "No drivers enabled");
4079 wpa_supplicant_deinit(global);
4080 return NULL;
4081 }
4082 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
4083 if (global->drv_priv == NULL) {
4084 wpa_supplicant_deinit(global);
4085 return NULL;
4086 }
4087
4088 #ifdef CONFIG_WIFI_DISPLAY
4089 if (wifi_display_init(global) < 0) {
4090 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4091 wpa_supplicant_deinit(global);
4092 return NULL;
4093 }
4094 #endif /* CONFIG_WIFI_DISPLAY */
4095
4096 return global;
4097 }
4098
4099
4100 /**
4101 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4102 * @global: Pointer to global data from wpa_supplicant_init()
4103 * Returns: 0 after successful event loop run, -1 on failure
4104 *
4105 * This function starts the main event loop and continues running as long as
4106 * there are any remaining events. In most cases, this function is running as
4107 * long as the %wpa_supplicant process in still in use.
4108 */
4109 int wpa_supplicant_run(struct wpa_global *global)
4110 {
4111 struct wpa_supplicant *wpa_s;
4112
4113 if (global->params.daemonize &&
4114 wpa_supplicant_daemon(global->params.pid_file))
4115 return -1;
4116
4117 if (global->params.wait_for_monitor) {
4118 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4119 if (wpa_s->ctrl_iface)
4120 wpa_supplicant_ctrl_iface_wait(
4121 wpa_s->ctrl_iface);
4122 }
4123
4124 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4125 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4126
4127 eloop_run();
4128
4129 return 0;
4130 }
4131
4132
4133 /**
4134 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4135 * @global: Pointer to global data from wpa_supplicant_init()
4136 *
4137 * This function is called to deinitialize %wpa_supplicant and to free all
4138 * allocated resources. Remaining network interfaces will also be removed.
4139 */
4140 void wpa_supplicant_deinit(struct wpa_global *global)
4141 {
4142 int i;
4143
4144 if (global == NULL)
4145 return;
4146
4147 #ifdef CONFIG_WIFI_DISPLAY
4148 wifi_display_deinit(global);
4149 #endif /* CONFIG_WIFI_DISPLAY */
4150
4151 while (global->ifaces)
4152 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4153
4154 if (global->ctrl_iface)
4155 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4156
4157 wpas_notify_supplicant_deinitialized(global);
4158
4159 eap_peer_unregister_methods();
4160 #ifdef CONFIG_AP
4161 eap_server_unregister_methods();
4162 #endif /* CONFIG_AP */
4163
4164 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4165 if (!global->drv_priv[i])
4166 continue;
4167 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4168 }
4169 os_free(global->drv_priv);
4170
4171 random_deinit();
4172
4173 eloop_destroy();
4174
4175 if (global->params.pid_file) {
4176 os_daemonize_terminate(global->params.pid_file);
4177 os_free(global->params.pid_file);
4178 }
4179 os_free(global->params.ctrl_interface);
4180 os_free(global->params.ctrl_interface_group);
4181 os_free(global->params.override_driver);
4182 os_free(global->params.override_ctrl_interface);
4183
4184 os_free(global->p2p_disallow_freq.range);
4185 os_free(global->p2p_go_avoid_freq.range);
4186 os_free(global->add_psk);
4187
4188 os_free(global);
4189 wpa_debug_close_syslog();
4190 wpa_debug_close_file();
4191 wpa_debug_close_linux_tracing();
4192 }
4193
4194
4195 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4196 {
4197 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4198 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4199 char country[3];
4200 country[0] = wpa_s->conf->country[0];
4201 country[1] = wpa_s->conf->country[1];
4202 country[2] = '\0';
4203 if (wpa_drv_set_country(wpa_s, country) < 0) {
4204 wpa_printf(MSG_ERROR, "Failed to set country code "
4205 "'%s'", country);
4206 }
4207 }
4208
4209 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4210 wpas_init_ext_pw(wpa_s);
4211
4212 #ifdef CONFIG_WPS
4213 wpas_wps_update_config(wpa_s);
4214 #endif /* CONFIG_WPS */
4215
4216 #ifdef CONFIG_P2P
4217 wpas_p2p_update_config(wpa_s);
4218 #endif /* CONFIG_P2P */
4219
4220 wpa_s->conf->changed_parameters = 0;
4221 }
4222
4223
4224 static void add_freq(int *freqs, int *num_freqs, int freq)
4225 {
4226 int i;
4227
4228 for (i = 0; i < *num_freqs; i++) {
4229 if (freqs[i] == freq)
4230 return;
4231 }
4232
4233 freqs[*num_freqs] = freq;
4234 (*num_freqs)++;
4235 }
4236
4237
4238 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4239 {
4240 struct wpa_bss *bss, *cbss;
4241 const int max_freqs = 10;
4242 int *freqs;
4243 int num_freqs = 0;
4244
4245 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4246 if (freqs == NULL)
4247 return NULL;
4248
4249 cbss = wpa_s->current_bss;
4250
4251 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4252 if (bss == cbss)
4253 continue;
4254 if (bss->ssid_len == cbss->ssid_len &&
4255 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4256 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4257 add_freq(freqs, &num_freqs, bss->freq);
4258 if (num_freqs == max_freqs)
4259 break;
4260 }
4261 }
4262
4263 if (num_freqs == 0) {
4264 os_free(freqs);
4265 freqs = NULL;
4266 }
4267
4268 return freqs;
4269 }
4270
4271
4272 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4273 {
4274 int timeout;
4275 int count;
4276 int *freqs = NULL;
4277
4278 wpas_connect_work_done(wpa_s);
4279
4280 /*
4281 * Remove possible authentication timeout since the connection failed.
4282 */
4283 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4284
4285 if (wpa_s->disconnected) {
4286 /*
4287 * There is no point in blacklisting the AP if this event is
4288 * generated based on local request to disconnect.
4289 */
4290 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4291 "indication since interface has been put into "
4292 "disconnected state");
4293 return;
4294 }
4295
4296 /*
4297 * Add the failed BSSID into the blacklist and speed up next scan
4298 * attempt if there could be other APs that could accept association.
4299 * The current blacklist count indicates how many times we have tried
4300 * connecting to this AP and multiple attempts mean that other APs are
4301 * either not available or has already been tried, so that we can start
4302 * increasing the delay here to avoid constant scanning.
4303 */
4304 count = wpa_blacklist_add(wpa_s, bssid);
4305 if (count == 1 && wpa_s->current_bss) {
4306 /*
4307 * This BSS was not in the blacklist before. If there is
4308 * another BSS available for the same ESS, we should try that
4309 * next. Otherwise, we may as well try this one once more
4310 * before allowing other, likely worse, ESSes to be considered.
4311 */
4312 freqs = get_bss_freqs_in_ess(wpa_s);
4313 if (freqs) {
4314 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4315 "has been seen; try it next");
4316 wpa_blacklist_add(wpa_s, bssid);
4317 /*
4318 * On the next scan, go through only the known channels
4319 * used in this ESS based on previous scans to speed up
4320 * common load balancing use case.
4321 */
4322 os_free(wpa_s->next_scan_freqs);
4323 wpa_s->next_scan_freqs = freqs;
4324 }
4325 }
4326
4327 /*
4328 * Add previous failure count in case the temporary blacklist was
4329 * cleared due to no other BSSes being available.
4330 */
4331 count += wpa_s->extra_blacklist_count;
4332
4333 if (count > 3 && wpa_s->current_ssid) {
4334 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4335 "consider temporary network disabling");
4336 wpas_auth_failed(wpa_s);
4337 }
4338
4339 switch (count) {
4340 case 1:
4341 timeout = 100;
4342 break;
4343 case 2:
4344 timeout = 500;
4345 break;
4346 case 3:
4347 timeout = 1000;
4348 break;
4349 case 4:
4350 timeout = 5000;
4351 break;
4352 default:
4353 timeout = 10000;
4354 break;
4355 }
4356
4357 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4358 "ms", count, timeout);
4359
4360 /*
4361 * TODO: if more than one possible AP is available in scan results,
4362 * could try the other ones before requesting a new scan.
4363 */
4364 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4365 1000 * (timeout % 1000));
4366 }
4367
4368
4369 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4370 {
4371 return wpa_s->conf->ap_scan == 2 ||
4372 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4373 }
4374
4375
4376 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4377 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4378 struct wpa_ssid *ssid,
4379 const char *field,
4380 const char *value)
4381 {
4382 #ifdef IEEE8021X_EAPOL
4383 struct eap_peer_config *eap = &ssid->eap;
4384
4385 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4386 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4387 (const u8 *) value, os_strlen(value));
4388
4389 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4390 case WPA_CTRL_REQ_EAP_IDENTITY:
4391 os_free(eap->identity);
4392 eap->identity = (u8 *) os_strdup(value);
4393 eap->identity_len = os_strlen(value);
4394 eap->pending_req_identity = 0;
4395 if (ssid == wpa_s->current_ssid)
4396 wpa_s->reassociate = 1;
4397 break;
4398 case WPA_CTRL_REQ_EAP_PASSWORD:
4399 os_free(eap->password);
4400 eap->password = (u8 *) os_strdup(value);
4401 eap->password_len = os_strlen(value);
4402 eap->pending_req_password = 0;
4403 if (ssid == wpa_s->current_ssid)
4404 wpa_s->reassociate = 1;
4405 break;
4406 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4407 os_free(eap->new_password);
4408 eap->new_password = (u8 *) os_strdup(value);
4409 eap->new_password_len = os_strlen(value);
4410 eap->pending_req_new_password = 0;
4411 if (ssid == wpa_s->current_ssid)
4412 wpa_s->reassociate = 1;
4413 break;
4414 case WPA_CTRL_REQ_EAP_PIN:
4415 os_free(eap->pin);
4416 eap->pin = os_strdup(value);
4417 eap->pending_req_pin = 0;
4418 if (ssid == wpa_s->current_ssid)
4419 wpa_s->reassociate = 1;
4420 break;
4421 case WPA_CTRL_REQ_EAP_OTP:
4422 os_free(eap->otp);
4423 eap->otp = (u8 *) os_strdup(value);
4424 eap->otp_len = os_strlen(value);
4425 os_free(eap->pending_req_otp);
4426 eap->pending_req_otp = NULL;
4427 eap->pending_req_otp_len = 0;
4428 break;
4429 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4430 os_free(eap->private_key_passwd);
4431 eap->private_key_passwd = (u8 *) os_strdup(value);
4432 eap->pending_req_passphrase = 0;
4433 if (ssid == wpa_s->current_ssid)
4434 wpa_s->reassociate = 1;
4435 break;
4436 case WPA_CTRL_REQ_SIM:
4437 os_free(eap->external_sim_resp);
4438 eap->external_sim_resp = os_strdup(value);
4439 break;
4440 default:
4441 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4442 return -1;
4443 }
4444
4445 return 0;
4446 #else /* IEEE8021X_EAPOL */
4447 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4448 return -1;
4449 #endif /* IEEE8021X_EAPOL */
4450 }
4451 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4452
4453
4454 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4455 {
4456 int i;
4457 unsigned int drv_enc;
4458
4459 if (ssid == NULL)
4460 return 1;
4461
4462 if (ssid->disabled)
4463 return 1;
4464
4465 if (wpa_s && wpa_s->drv_capa_known)
4466 drv_enc = wpa_s->drv_enc;
4467 else
4468 drv_enc = (unsigned int) -1;
4469
4470 for (i = 0; i < NUM_WEP_KEYS; i++) {
4471 size_t len = ssid->wep_key_len[i];
4472 if (len == 0)
4473 continue;
4474 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4475 continue;
4476 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4477 continue;
4478 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4479 continue;
4480 return 1; /* invalid WEP key */
4481 }
4482
4483 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4484 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4485 return 1;
4486
4487 return 0;
4488 }
4489
4490
4491 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4492 {
4493 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4494 return 1;
4495 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4496 return 0;
4497 return -1;
4498 }
4499
4500
4501 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4502 {
4503 struct wpa_ssid *ssid = wpa_s->current_ssid;
4504 int dur;
4505 struct os_reltime now;
4506
4507 if (ssid == NULL) {
4508 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4509 "SSID block");
4510 return;
4511 }
4512
4513 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4514 return;
4515
4516 ssid->auth_failures++;
4517
4518 #ifdef CONFIG_P2P
4519 if (ssid->p2p_group &&
4520 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4521 /*
4522 * Skip the wait time since there is a short timeout on the
4523 * connection to a P2P group.
4524 */
4525 return;
4526 }
4527 #endif /* CONFIG_P2P */
4528
4529 if (ssid->auth_failures > 50)
4530 dur = 300;
4531 else if (ssid->auth_failures > 10)
4532 dur = 120;
4533 else if (ssid->auth_failures > 5)
4534 dur = 90;
4535 else if (ssid->auth_failures > 3)
4536 dur = 60;
4537 else if (ssid->auth_failures > 2)
4538 dur = 30;
4539 else if (ssid->auth_failures > 1)
4540 dur = 20;
4541 else
4542 dur = 10;
4543
4544 if (ssid->auth_failures > 1 &&
4545 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4546 dur += os_random() % (ssid->auth_failures * 10);
4547
4548 os_get_reltime(&now);
4549 if (now.sec + dur <= ssid->disabled_until.sec)
4550 return;
4551
4552 ssid->disabled_until.sec = now.sec + dur;
4553
4554 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4555 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4556 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4557 ssid->auth_failures, dur);
4558 }
4559
4560
4561 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4562 struct wpa_ssid *ssid, int clear_failures)
4563 {
4564 if (ssid == NULL)
4565 return;
4566
4567 if (ssid->disabled_until.sec) {
4568 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4569 "id=%d ssid=\"%s\"",
4570 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4571 }
4572 ssid->disabled_until.sec = 0;
4573 ssid->disabled_until.usec = 0;
4574 if (clear_failures)
4575 ssid->auth_failures = 0;
4576 }
4577
4578
4579 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4580 {
4581 size_t i;
4582
4583 if (wpa_s->disallow_aps_bssid == NULL)
4584 return 0;
4585
4586 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4587 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4588 bssid, ETH_ALEN) == 0)
4589 return 1;
4590 }
4591
4592 return 0;
4593 }
4594
4595
4596 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4597 size_t ssid_len)
4598 {
4599 size_t i;
4600
4601 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4602 return 0;
4603
4604 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4605 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4606 if (ssid_len == s->ssid_len &&
4607 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4608 return 1;
4609 }
4610
4611 return 0;
4612 }
4613
4614
4615 /**
4616 * wpas_request_connection - Request a new connection
4617 * @wpa_s: Pointer to the network interface
4618 *
4619 * This function is used to request a new connection to be found. It will mark
4620 * the interface to allow reassociation and request a new scan to find a
4621 * suitable network to connect to.
4622 */
4623 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4624 {
4625 wpa_s->normal_scans = 0;
4626 wpa_supplicant_reinit_autoscan(wpa_s);
4627 wpa_s->extra_blacklist_count = 0;
4628 wpa_s->disconnected = 0;
4629 wpa_s->reassociate = 1;
4630
4631 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4632 wpa_supplicant_req_scan(wpa_s, 0, 0);
4633 }
4634
4635
4636 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4637 int *freq_array, unsigned int len)
4638 {
4639 unsigned int i;
4640
4641 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4642 len, title);
4643 for (i = 0; i < len; i++)
4644 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4645 }
4646
4647
4648 /*
4649 * Find the operating frequencies of any of the virtual interfaces that
4650 * are using the same radio as the current interface.
4651 */
4652 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4653 int *freq_array, unsigned int len)
4654 {
4655 struct wpa_supplicant *ifs;
4656 u8 bssid[ETH_ALEN];
4657 int freq;
4658 unsigned int idx = 0, i;
4659
4660 wpa_dbg(wpa_s, MSG_DEBUG,
4661 "Determining shared radio frequencies (max len %u)", len);
4662 os_memset(freq_array, 0, sizeof(int) * len);
4663
4664 /* First add the frequency of the local interface */
4665 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4666 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4667 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4668 freq_array[idx++] = wpa_s->current_ssid->frequency;
4669 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4670 freq_array[idx++] = wpa_s->assoc_freq;
4671 }
4672
4673 /* If get_radio_name is not supported, use only the local freq */
4674 if (!wpa_driver_get_radio_name(wpa_s)) {
4675 freq = wpa_drv_shared_freq(wpa_s);
4676 if (freq > 0 && idx < len &&
4677 (idx == 0 || freq_array[0] != freq))
4678 freq_array[idx++] = freq;
4679 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4680 return idx;
4681 }
4682
4683 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4684 radio_list) {
4685 if (wpa_s == ifs)
4686 continue;
4687
4688 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4689 continue;
4690
4691 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4692 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4693 freq = ifs->current_ssid->frequency;
4694 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4695 freq = ifs->assoc_freq;
4696 else
4697 continue;
4698
4699 /* Hold only distinct freqs */
4700 for (i = 0; i < idx; i++)
4701 if (freq_array[i] == freq)
4702 break;
4703
4704 if (i == idx)
4705 freq_array[idx++] = freq;
4706 }
4707
4708 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);
4709 return idx;
4710 }
Unnamed repository; edit this file 'description' to name the repository.