3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
130 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
131 if (ssid
->wep_key_len
[i
] == 0)
135 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
136 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
137 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
144 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
145 struct wpa_ssid
*ssid
)
153 /* IBSS/WPA-None uses only one key (Group) for both receiving and
154 * sending unicast and multicast packets. */
156 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
157 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
158 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
162 if (!ssid
->psk_set
) {
163 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
168 switch (wpa_s
->group_cipher
) {
169 case WPA_CIPHER_CCMP
:
170 os_memcpy(key
, ssid
->psk
, 16);
174 case WPA_CIPHER_GCMP
:
175 os_memcpy(key
, ssid
->psk
, 16);
179 case WPA_CIPHER_TKIP
:
180 /* WPA-None uses the same Michael MIC key for both TX and RX */
181 os_memcpy(key
, ssid
->psk
, 16 + 8);
182 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
187 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
188 "WPA-None", wpa_s
->group_cipher
);
192 /* TODO: should actually remember the previously used seq#, both for TX
193 * and RX from each STA.. */
195 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
196 os_memset(key
, 0, sizeof(key
));
201 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
203 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
204 const u8
*bssid
= wpa_s
->bssid
;
205 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
206 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
207 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
208 bssid
= wpa_s
->pending_bssid
;
209 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
211 wpa_blacklist_add(wpa_s
, bssid
);
212 wpa_sm_notify_disassoc(wpa_s
->wpa
);
213 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
214 wpa_s
->reassociate
= 1;
217 * If we timed out, the AP or the local radio may be busy.
218 * So, wait a second until scanning again.
220 wpa_supplicant_req_scan(wpa_s
, 1, 0);
225 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
226 * @wpa_s: Pointer to wpa_supplicant data
227 * @sec: Number of seconds after which to time out authentication
228 * @usec: Number of microseconds after which to time out authentication
230 * This function is used to schedule a timeout for the current authentication
233 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
236 if (wpa_s
->conf
->ap_scan
== 0 &&
237 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
240 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
241 "%d usec", sec
, usec
);
242 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
243 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
248 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to cancel authentication timeout scheduled with
252 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
255 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
257 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
258 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
259 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
264 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
265 * @wpa_s: Pointer to wpa_supplicant data
267 * This function is used to configure EAPOL state machine based on the selected
268 * authentication mode.
270 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
272 #ifdef IEEE8021X_EAPOL
273 struct eapol_config eapol_conf
;
274 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
276 #ifdef CONFIG_IBSS_RSN
277 if (ssid
->mode
== WPAS_MODE_IBSS
&&
278 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
279 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
281 * RSN IBSS authentication is per-STA and we can disable the
282 * per-BSSID EAPOL authentication.
284 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
285 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
286 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
289 #endif /* CONFIG_IBSS_RSN */
291 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
292 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
294 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
295 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
296 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
298 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
300 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
301 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
302 eapol_conf
.accept_802_1x_keys
= 1;
303 eapol_conf
.required_keys
= 0;
304 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
305 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
307 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
308 eapol_conf
.required_keys
|=
309 EAPOL_REQUIRE_KEY_BROADCAST
;
312 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
313 eapol_conf
.required_keys
= 0;
315 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
316 eapol_conf
.workaround
= ssid
->eap_workaround
;
317 eapol_conf
.eap_disabled
=
318 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
319 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
320 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
321 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
324 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
325 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
326 if (wpa_s
->current_bss
) {
328 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
333 EAPOL_PEER_IS_WPS20_AP
;
338 #endif /* CONFIG_WPS */
340 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
343 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
344 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
346 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
347 #endif /* CONFIG_MACSEC */
348 #endif /* IEEE8021X_EAPOL */
353 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
354 * @wpa_s: Pointer to wpa_supplicant data
355 * @ssid: Configuration data for the network
357 * This function is used to configure WPA state machine and related parameters
358 * to a mode where WPA is not enabled. This is called as part of the
359 * authentication configuration when the selected network does not use WPA.
361 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
362 struct wpa_ssid
*ssid
)
366 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
367 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
368 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
369 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
371 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
372 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
373 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
374 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
375 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
376 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
377 wpa_s
->mgmt_group_cipher
= 0;
379 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
380 if (ssid
->wep_key_len
[i
] > 5) {
381 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
382 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
384 } else if (ssid
->wep_key_len
[i
] > 0) {
385 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
386 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
391 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
392 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
393 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
394 wpa_s
->pairwise_cipher
);
395 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
396 #ifdef CONFIG_IEEE80211W
397 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
398 wpa_s
->mgmt_group_cipher
);
399 #endif /* CONFIG_IEEE80211W */
401 pmksa_cache_clear_current(wpa_s
->wpa
);
405 void free_hw_features(struct wpa_supplicant
*wpa_s
)
408 if (wpa_s
->hw
.modes
== NULL
)
411 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
412 os_free(wpa_s
->hw
.modes
[i
].channels
);
413 os_free(wpa_s
->hw
.modes
[i
].rates
);
416 os_free(wpa_s
->hw
.modes
);
417 wpa_s
->hw
.modes
= NULL
;
421 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
423 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
425 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
426 struct wpa_bss_tmp_disallowed
, list
) {
427 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
428 dl_list_del(&bss
->list
);
434 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
436 struct fils_hlp_req
*req
;
438 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
440 dl_list_del(&req
->list
);
441 wpabuf_free(req
->pkt
);
447 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
451 bgscan_deinit(wpa_s
);
452 autoscan_deinit(wpa_s
);
453 scard_deinit(wpa_s
->scard
);
455 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
456 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
457 l2_packet_deinit(wpa_s
->l2
);
460 l2_packet_deinit(wpa_s
->l2_br
);
463 #ifdef CONFIG_TESTING_OPTIONS
464 l2_packet_deinit(wpa_s
->l2_test
);
465 wpa_s
->l2_test
= NULL
;
466 os_free(wpa_s
->get_pref_freq_list_override
);
467 wpa_s
->get_pref_freq_list_override
= NULL
;
468 #endif /* CONFIG_TESTING_OPTIONS */
470 if (wpa_s
->conf
!= NULL
) {
471 struct wpa_ssid
*ssid
;
472 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
473 wpas_notify_network_removed(wpa_s
, ssid
);
476 os_free(wpa_s
->confname
);
477 wpa_s
->confname
= NULL
;
479 os_free(wpa_s
->confanother
);
480 wpa_s
->confanother
= NULL
;
482 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
483 eapol_sm_deinit(wpa_s
->eapol
);
486 rsn_preauth_deinit(wpa_s
->wpa
);
489 wpa_tdls_deinit(wpa_s
->wpa
);
490 #endif /* CONFIG_TDLS */
492 wmm_ac_clear_saved_tspecs(wpa_s
);
493 pmksa_candidate_free(wpa_s
->wpa
);
494 wpa_sm_deinit(wpa_s
->wpa
);
496 wpa_blacklist_clear(wpa_s
);
498 wpa_bss_deinit(wpa_s
);
500 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
501 wpa_supplicant_cancel_scan(wpa_s
);
502 wpa_supplicant_cancel_auth_timeout(wpa_s
);
503 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
504 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
505 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
507 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
509 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
511 wpas_wps_deinit(wpa_s
);
513 wpabuf_free(wpa_s
->pending_eapol_rx
);
514 wpa_s
->pending_eapol_rx
= NULL
;
516 #ifdef CONFIG_IBSS_RSN
517 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
518 wpa_s
->ibss_rsn
= NULL
;
519 #endif /* CONFIG_IBSS_RSN */
524 wpa_supplicant_ap_deinit(wpa_s
);
525 #endif /* CONFIG_AP */
527 wpas_p2p_deinit(wpa_s
);
529 #ifdef CONFIG_OFFCHANNEL
530 offchannel_deinit(wpa_s
);
531 #endif /* CONFIG_OFFCHANNEL */
533 wpa_supplicant_cancel_sched_scan(wpa_s
);
535 os_free(wpa_s
->next_scan_freqs
);
536 wpa_s
->next_scan_freqs
= NULL
;
538 os_free(wpa_s
->manual_scan_freqs
);
539 wpa_s
->manual_scan_freqs
= NULL
;
540 os_free(wpa_s
->select_network_scan_freqs
);
541 wpa_s
->select_network_scan_freqs
= NULL
;
543 os_free(wpa_s
->manual_sched_scan_freqs
);
544 wpa_s
->manual_sched_scan_freqs
= NULL
;
546 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
549 * Need to remove any pending gas-query radio work before the
550 * gas_query_deinit() call because gas_query::work has not yet been set
551 * for works that have not been started. gas_query_free() will be unable
552 * to cancel such pending radio works and once the pending gas-query
553 * radio work eventually gets removed, the deinit notification call to
554 * gas_query_start_cb() would result in dereferencing freed memory.
557 radio_remove_works(wpa_s
, "gas-query", 0);
558 gas_query_deinit(wpa_s
->gas
);
560 gas_server_deinit(wpa_s
->gas_server
);
561 wpa_s
->gas_server
= NULL
;
563 free_hw_features(wpa_s
);
565 ieee802_1x_dealloc_kay_sm(wpa_s
);
567 os_free(wpa_s
->bssid_filter
);
568 wpa_s
->bssid_filter
= NULL
;
570 os_free(wpa_s
->disallow_aps_bssid
);
571 wpa_s
->disallow_aps_bssid
= NULL
;
572 os_free(wpa_s
->disallow_aps_ssid
);
573 wpa_s
->disallow_aps_ssid
= NULL
;
575 wnm_bss_keep_alive_deinit(wpa_s
);
577 wnm_deallocate_memory(wpa_s
);
578 #endif /* CONFIG_WNM */
580 ext_password_deinit(wpa_s
->ext_pw
);
581 wpa_s
->ext_pw
= NULL
;
583 wpabuf_free(wpa_s
->last_gas_resp
);
584 wpa_s
->last_gas_resp
= NULL
;
585 wpabuf_free(wpa_s
->prev_gas_resp
);
586 wpa_s
->prev_gas_resp
= NULL
;
588 os_free(wpa_s
->last_scan_res
);
589 wpa_s
->last_scan_res
= NULL
;
593 wpa_drv_configure_frame_filters(wpa_s
, 0);
595 #endif /* CONFIG_HS20 */
597 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
598 wpabuf_free(wpa_s
->vendor_elem
[i
]);
599 wpa_s
->vendor_elem
[i
] = NULL
;
602 wmm_ac_notify_disassoc(wpa_s
);
604 wpa_s
->sched_scan_plans_num
= 0;
605 os_free(wpa_s
->sched_scan_plans
);
606 wpa_s
->sched_scan_plans
= NULL
;
609 wpa_s
->non_pref_chan_num
= 0;
610 os_free(wpa_s
->non_pref_chan
);
611 wpa_s
->non_pref_chan
= NULL
;
612 #endif /* CONFIG_MBO */
614 free_bss_tmp_disallowed(wpa_s
);
616 wpabuf_free(wpa_s
->lci
);
618 wpas_clear_beacon_rep_data(wpa_s
);
620 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
623 struct external_pmksa_cache
*entry
;
625 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
626 struct external_pmksa_cache
,
628 dl_list_del(&entry
->list
);
629 os_free(entry
->pmksa_cache
);
633 #endif /* CONFIG_MESH */
634 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
636 wpas_flush_fils_hlp_req(wpa_s
);
638 wpabuf_free(wpa_s
->ric_ies
);
639 wpa_s
->ric_ies
= NULL
;
642 wpas_dpp_deinit(wpa_s
);
643 #endif /* CONFIG_DPP */
648 * wpa_clear_keys - Clear keys configured for the driver
649 * @wpa_s: Pointer to wpa_supplicant data
650 * @addr: Previously used BSSID or %NULL if not available
652 * This function clears the encryption keys that has been previously configured
655 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
659 #ifdef CONFIG_IEEE80211W
661 #else /* CONFIG_IEEE80211W */
663 #endif /* CONFIG_IEEE80211W */
665 /* MLME-DELETEKEYS.request */
666 for (i
= 0; i
< max
; i
++) {
667 if (wpa_s
->keys_cleared
& BIT(i
))
669 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
672 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
673 !is_zero_ether_addr(addr
)) {
674 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
676 /* MLME-SETPROTECTION.request(None) */
677 wpa_drv_mlme_setprotection(
679 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
680 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
682 wpa_s
->keys_cleared
= (u32
) -1;
687 * wpa_supplicant_state_txt - Get the connection state name as a text string
688 * @state: State (wpa_state; WPA_*)
689 * Returns: The state name as a printable text string
691 const char * wpa_supplicant_state_txt(enum wpa_states state
)
694 case WPA_DISCONNECTED
:
695 return "DISCONNECTED";
698 case WPA_INTERFACE_DISABLED
:
699 return "INTERFACE_DISABLED";
702 case WPA_AUTHENTICATING
:
703 return "AUTHENTICATING";
704 case WPA_ASSOCIATING
:
705 return "ASSOCIATING";
708 case WPA_4WAY_HANDSHAKE
:
709 return "4WAY_HANDSHAKE";
710 case WPA_GROUP_HANDSHAKE
:
711 return "GROUP_HANDSHAKE";
722 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
726 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
727 name
= wpa_s
->current_ssid
->bgscan
;
729 name
= wpa_s
->conf
->bgscan
;
730 if (name
== NULL
|| name
[0] == '\0')
732 if (wpas_driver_bss_selection(wpa_s
))
734 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
737 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
739 #endif /* CONFIG_P2P */
741 bgscan_deinit(wpa_s
);
742 if (wpa_s
->current_ssid
) {
743 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
744 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
747 * Live without bgscan; it is only used as a roaming
748 * optimization, so the initial connection is not
752 struct wpa_scan_results
*scan_res
;
753 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
754 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
757 bgscan_notify_scan(wpa_s
, scan_res
);
758 wpa_scan_results_free(scan_res
);
762 wpa_s
->bgscan_ssid
= NULL
;
766 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
768 if (wpa_s
->bgscan_ssid
!= NULL
) {
769 bgscan_deinit(wpa_s
);
770 wpa_s
->bgscan_ssid
= NULL
;
774 #endif /* CONFIG_BGSCAN */
777 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
779 if (autoscan_init(wpa_s
, 0))
780 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
784 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
786 autoscan_deinit(wpa_s
);
790 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
792 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
793 wpa_s
->wpa_state
== WPA_SCANNING
) {
794 autoscan_deinit(wpa_s
);
795 wpa_supplicant_start_autoscan(wpa_s
);
801 * wpa_supplicant_set_state - Set current connection state
802 * @wpa_s: Pointer to wpa_supplicant data
803 * @state: The new connection state
805 * This function is called whenever the connection state changes, e.g.,
806 * association is completed for WPA/WPA2 4-Way Handshake is started.
808 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
809 enum wpa_states state
)
811 enum wpa_states old_state
= wpa_s
->wpa_state
;
813 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
814 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
815 wpa_supplicant_state_txt(state
));
817 if (state
== WPA_INTERFACE_DISABLED
) {
818 /* Assure normal scan when interface is restored */
819 wpa_s
->normal_scans
= 0;
822 if (state
== WPA_COMPLETED
) {
823 wpas_connect_work_done(wpa_s
);
824 /* Reinitialize normal_scan counter */
825 wpa_s
->normal_scans
= 0;
830 * P2PS client has to reply to Probe Request frames received on the
831 * group operating channel. Enable Probe Request frame reporting for
832 * P2P connected client in case p2p_cli_probe configuration property is
835 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
836 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
837 wpa_s
->current_ssid
->p2p_group
) {
838 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
839 wpa_dbg(wpa_s
, MSG_DEBUG
,
840 "P2P: Enable CLI Probe Request RX reporting");
841 wpa_s
->p2p_cli_probe
=
842 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
843 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
844 wpa_dbg(wpa_s
, MSG_DEBUG
,
845 "P2P: Disable CLI Probe Request RX reporting");
846 wpa_s
->p2p_cli_probe
= 0;
847 wpa_drv_probe_req_report(wpa_s
, 0);
850 #endif /* CONFIG_P2P */
852 if (state
!= WPA_SCANNING
)
853 wpa_supplicant_notify_scanning(wpa_s
, 0);
855 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
856 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
857 int fils_hlp_sent
= 0;
860 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
861 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
863 #endif /* CONFIG_SME */
864 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
865 wpa_auth_alg_fils(wpa_s
->auth_alg
))
868 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
869 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
870 MACSTR
" completed [id=%d id_str=%s%s]",
871 MAC2STR(wpa_s
->bssid
),
872 ssid
? ssid
->id
: -1,
873 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
874 fils_hlp_sent
? " FILS_HLP_SENT" : "");
875 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
876 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
877 wpa_blacklist_clear(wpa_s
);
878 wpa_s
->extra_blacklist_count
= 0;
879 wpa_s
->new_connection
= 0;
880 wpa_drv_set_operstate(wpa_s
, 1);
881 #ifndef IEEE8021X_EAPOL
882 wpa_drv_set_supp_port(wpa_s
, 1);
883 #endif /* IEEE8021X_EAPOL */
884 wpa_s
->after_wps
= 0;
885 wpa_s
->known_wps_freq
= 0;
886 wpas_p2p_completed(wpa_s
);
888 sme_sched_obss_scan(wpa_s
, 1);
889 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
890 state
== WPA_ASSOCIATED
) {
891 wpa_s
->new_connection
= 1;
892 wpa_drv_set_operstate(wpa_s
, 0);
893 #ifndef IEEE8021X_EAPOL
894 wpa_drv_set_supp_port(wpa_s
, 0);
895 #endif /* IEEE8021X_EAPOL */
896 sme_sched_obss_scan(wpa_s
, 0);
898 wpa_s
->wpa_state
= state
;
901 if (state
== WPA_COMPLETED
)
902 wpa_supplicant_start_bgscan(wpa_s
);
903 else if (state
< WPA_ASSOCIATED
)
904 wpa_supplicant_stop_bgscan(wpa_s
);
905 #endif /* CONFIG_BGSCAN */
907 if (state
== WPA_AUTHENTICATING
)
908 wpa_supplicant_stop_autoscan(wpa_s
);
910 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
911 wpa_supplicant_start_autoscan(wpa_s
);
913 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
914 wmm_ac_notify_disassoc(wpa_s
);
916 if (wpa_s
->wpa_state
!= old_state
) {
917 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
920 * Notify the P2P Device interface about a state change in one
923 wpas_p2p_indicate_state_change(wpa_s
);
925 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
926 old_state
== WPA_COMPLETED
)
927 wpas_notify_auth_changed(wpa_s
);
932 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
936 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
938 struct wpa_supplicant
*next
= wpa_s
->next
;
939 if (wpas_wps_terminate_pending(wpa_s
) == 1)
942 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
943 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
944 wpas_p2p_disconnect(wpa_s
);
945 #endif /* CONFIG_P2P */
948 #endif /* CONFIG_WPS */
955 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
957 struct wpa_global
*global
= signal_ctx
;
958 wpa_supplicant_terminate_proc(global
);
962 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
964 enum wpa_states old_state
= wpa_s
->wpa_state
;
966 wpa_s
->pairwise_cipher
= 0;
967 wpa_s
->group_cipher
= 0;
968 wpa_s
->mgmt_group_cipher
= 0;
970 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
971 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
973 if (wpa_s
->wpa_state
!= old_state
)
974 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
979 * wpa_supplicant_reload_configuration - Reload configuration data
980 * @wpa_s: Pointer to wpa_supplicant data
981 * Returns: 0 on success or -1 if configuration parsing failed
983 * This function can be used to request that the configuration data is reloaded
984 * (e.g., after configuration file change). This function is reloading
985 * configuration only for one interface, so this may need to be called multiple
986 * times if %wpa_supplicant is controlling multiple interfaces and all
987 * interfaces need reconfiguration.
989 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
991 struct wpa_config
*conf
;
995 if (wpa_s
->confname
== NULL
)
997 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
999 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1000 "file '%s' - exiting", wpa_s
->confname
);
1003 wpa_config_read(wpa_s
->confanother
, conf
);
1005 conf
->changed_parameters
= (unsigned int) -1;
1007 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1008 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1009 os_strcmp(conf
->ctrl_interface
,
1010 wpa_s
->conf
->ctrl_interface
) != 0);
1012 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1013 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1014 wpa_s
->ctrl_iface
= NULL
;
1017 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1018 if (wpa_s
->current_ssid
) {
1019 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1020 wpa_s
->own_disconnect_req
= 1;
1021 wpa_supplicant_deauthenticate(wpa_s
,
1022 WLAN_REASON_DEAUTH_LEAVING
);
1026 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1027 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1029 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1030 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1031 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1033 * Clear forced success to clear EAP state for next
1036 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1038 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1039 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1040 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1041 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1042 rsn_preauth_deinit(wpa_s
->wpa
);
1044 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1045 wpa_config_free(wpa_s
->conf
);
1047 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1048 wpas_notify_ap_scan_changed(wpa_s
);
1051 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1053 wpa_supplicant_update_config(wpa_s
);
1055 wpa_supplicant_clear_status(wpa_s
);
1056 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1057 wpa_s
->reassociate
= 1;
1058 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1060 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1065 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1067 struct wpa_global
*global
= signal_ctx
;
1068 struct wpa_supplicant
*wpa_s
;
1069 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1070 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1072 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1073 wpa_supplicant_terminate_proc(global
);
1077 if (wpa_debug_reopen_file() < 0) {
1078 /* Ignore errors since we cannot really do much to fix this */
1079 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1084 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1085 struct wpa_ssid
*ssid
,
1086 struct wpa_ie_data
*ie
)
1088 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1091 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1092 "from association info");
1097 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1099 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1100 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1101 "cipher 0x%x (mask 0x%x) - reject",
1102 ie
->group_cipher
, ssid
->group_cipher
);
1105 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1106 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1107 "cipher 0x%x (mask 0x%x) - reject",
1108 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1111 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1112 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1113 "management 0x%x (mask 0x%x) - reject",
1114 ie
->key_mgmt
, ssid
->key_mgmt
);
1118 #ifdef CONFIG_IEEE80211W
1119 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1120 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1121 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1122 "that does not support management frame protection - "
1126 #endif /* CONFIG_IEEE80211W */
1133 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1134 * @wpa_s: Pointer to wpa_supplicant data
1135 * @bss: Scan results for the selected BSS, or %NULL if not available
1136 * @ssid: Configuration data for the selected network
1137 * @wpa_ie: Buffer for the WPA/RSN IE
1138 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1139 * used buffer length in case the functions returns success.
1140 * Returns: 0 on success or -1 on failure
1142 * This function is used to configure authentication and encryption parameters
1143 * based on the network configuration and scan result for the selected BSS (if
1146 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1147 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1148 u8
*wpa_ie
, size_t *wpa_ie_len
)
1150 struct wpa_ie_data ie
;
1152 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1155 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1156 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1157 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1159 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1161 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1162 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1163 (ie
.group_cipher
& ssid
->group_cipher
) &&
1164 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1165 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1166 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1167 proto
= WPA_PROTO_RSN
;
1168 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1169 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1170 (ie
.group_cipher
& ssid
->group_cipher
) &&
1171 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1172 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1173 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1174 proto
= WPA_PROTO_WPA
;
1176 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1177 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1178 /* TODO: parse OSEN element */
1179 os_memset(&ie
, 0, sizeof(ie
));
1180 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1181 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1182 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1183 proto
= WPA_PROTO_OSEN
;
1184 #endif /* CONFIG_HS20 */
1186 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1187 wpa_dbg(wpa_s
, MSG_DEBUG
,
1188 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1189 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1191 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1192 MAC2STR(bss
->bssid
),
1193 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1194 bss_wpa
? " WPA" : "",
1195 bss_rsn
? " RSN" : "",
1196 bss_osen
? " OSEN" : "");
1198 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1199 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1200 wpa_dbg(wpa_s
, MSG_DEBUG
,
1201 "Could not parse RSN element");
1203 wpa_dbg(wpa_s
, MSG_DEBUG
,
1204 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1205 ie
.pairwise_cipher
, ie
.group_cipher
,
1210 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1211 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1212 wpa_dbg(wpa_s
, MSG_DEBUG
,
1213 "Could not parse WPA element");
1215 wpa_dbg(wpa_s
, MSG_DEBUG
,
1216 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1217 ie
.pairwise_cipher
, ie
.group_cipher
,
1223 if (ssid
->proto
& WPA_PROTO_OSEN
)
1224 proto
= WPA_PROTO_OSEN
;
1225 else if (ssid
->proto
& WPA_PROTO_RSN
)
1226 proto
= WPA_PROTO_RSN
;
1228 proto
= WPA_PROTO_WPA
;
1229 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1230 os_memset(&ie
, 0, sizeof(ie
));
1231 ie
.group_cipher
= ssid
->group_cipher
;
1232 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1233 ie
.key_mgmt
= ssid
->key_mgmt
;
1234 #ifdef CONFIG_IEEE80211W
1235 ie
.mgmt_group_cipher
= 0;
1236 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1237 if (ssid
->group_mgmt_cipher
&
1238 WPA_CIPHER_BIP_GMAC_256
)
1239 ie
.mgmt_group_cipher
=
1240 WPA_CIPHER_BIP_GMAC_256
;
1241 else if (ssid
->group_mgmt_cipher
&
1242 WPA_CIPHER_BIP_CMAC_256
)
1243 ie
.mgmt_group_cipher
=
1244 WPA_CIPHER_BIP_CMAC_256
;
1245 else if (ssid
->group_mgmt_cipher
&
1246 WPA_CIPHER_BIP_GMAC_128
)
1247 ie
.mgmt_group_cipher
=
1248 WPA_CIPHER_BIP_GMAC_128
;
1250 ie
.mgmt_group_cipher
=
1251 WPA_CIPHER_AES_128_CMAC
;
1253 #endif /* CONFIG_IEEE80211W */
1254 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1255 "based on configuration");
1260 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1261 "pairwise %d key_mgmt %d proto %d",
1262 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1263 #ifdef CONFIG_IEEE80211W
1264 if (ssid
->ieee80211w
) {
1265 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1266 ie
.mgmt_group_cipher
);
1268 #endif /* CONFIG_IEEE80211W */
1270 wpa_s
->wpa_proto
= proto
;
1271 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1272 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1273 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1275 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1276 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1277 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1278 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1279 bss_rsn
? 2 + bss_rsn
[1] : 0))
1283 #ifdef CONFIG_NO_WPA
1284 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1285 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1286 #else /* CONFIG_NO_WPA */
1287 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1288 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1289 if (wpa_s
->group_cipher
< 0) {
1290 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1294 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1295 wpa_cipher_txt(wpa_s
->group_cipher
));
1297 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1298 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1299 if (wpa_s
->pairwise_cipher
< 0) {
1300 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1304 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1305 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1306 #endif /* CONFIG_NO_WPA */
1308 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1310 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1311 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1312 #endif /* CONFIG_SAE */
1314 #ifdef CONFIG_SUITEB192
1315 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1316 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1317 wpa_dbg(wpa_s
, MSG_DEBUG
,
1318 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1319 #endif /* CONFIG_SUITEB192 */
1320 #ifdef CONFIG_SUITEB
1321 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1322 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1323 wpa_dbg(wpa_s
, MSG_DEBUG
,
1324 "WPA: using KEY_MGMT 802.1X with Suite B");
1325 #endif /* CONFIG_SUITEB */
1327 #ifdef CONFIG_IEEE80211R
1328 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1329 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1330 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1331 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1332 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1333 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1334 #endif /* CONFIG_IEEE80211R */
1335 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1336 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1337 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1338 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1339 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1340 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1341 #endif /* CONFIG_FILS */
1342 #ifdef CONFIG_IEEE80211R
1343 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1344 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1345 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1346 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1347 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1348 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1349 #endif /* CONFIG_IEEE80211R */
1351 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1352 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1353 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1354 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1355 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1356 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1357 #endif /* CONFIG_SAE */
1358 #ifdef CONFIG_IEEE80211W
1359 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1360 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1361 wpa_dbg(wpa_s
, MSG_DEBUG
,
1362 "WPA: using KEY_MGMT 802.1X with SHA256");
1363 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1364 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1365 wpa_dbg(wpa_s
, MSG_DEBUG
,
1366 "WPA: using KEY_MGMT PSK with SHA256");
1367 #endif /* CONFIG_IEEE80211W */
1368 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1369 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1370 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1371 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1372 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1373 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1374 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1375 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1376 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1378 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1379 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1380 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1381 #endif /* CONFIG_HS20 */
1383 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1384 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1385 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1386 #endif /* CONFIG_OWE */
1388 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1389 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1390 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1391 #endif /* CONFIG_DPP */
1393 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1394 "authenticated key management type");
1398 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1399 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1400 wpa_s
->pairwise_cipher
);
1401 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1403 #ifdef CONFIG_IEEE80211W
1404 sel
= ie
.mgmt_group_cipher
;
1405 if (ssid
->group_mgmt_cipher
)
1406 sel
&= ssid
->group_mgmt_cipher
;
1407 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1408 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1410 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1411 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1412 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1414 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1415 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1416 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1418 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1419 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1420 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1422 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1423 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1424 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1427 wpa_s
->mgmt_group_cipher
= 0;
1428 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1430 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1431 wpa_s
->mgmt_group_cipher
);
1432 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1433 wpas_get_ssid_pmf(wpa_s
, ssid
));
1434 #endif /* CONFIG_IEEE80211W */
1436 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1437 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1441 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1444 if (ssid
->psk_set
) {
1445 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1449 #ifndef CONFIG_NO_PBKDF2
1450 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1453 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1454 4096, psk
, PMK_LEN
);
1455 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1457 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1459 os_memset(psk
, 0, sizeof(psk
));
1461 #endif /* CONFIG_NO_PBKDF2 */
1462 #ifdef CONFIG_EXT_PASSWORD
1463 if (ssid
->ext_psk
) {
1464 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1466 char pw_str
[64 + 1];
1470 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1471 "found from external storage");
1475 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1476 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1477 "PSK length %d in external storage",
1478 (int) wpabuf_len(pw
));
1479 ext_password_free(pw
);
1483 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1484 pw_str
[wpabuf_len(pw
)] = '\0';
1486 #ifndef CONFIG_NO_PBKDF2
1487 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1489 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1490 4096, psk
, PMK_LEN
);
1491 os_memset(pw_str
, 0, sizeof(pw_str
));
1492 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1493 "external passphrase)",
1495 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1498 os_memset(psk
, 0, sizeof(psk
));
1500 #endif /* CONFIG_NO_PBKDF2 */
1501 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1502 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1503 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1504 "Invalid PSK hex string");
1505 os_memset(pw_str
, 0, sizeof(pw_str
));
1506 ext_password_free(pw
);
1509 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1512 os_memset(psk
, 0, sizeof(psk
));
1514 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1516 os_memset(pw_str
, 0, sizeof(pw_str
));
1517 ext_password_free(pw
);
1521 os_memset(pw_str
, 0, sizeof(pw_str
));
1522 ext_password_free(pw
);
1524 #endif /* CONFIG_EXT_PASSWORD */
1527 wpa_msg(wpa_s
, MSG_INFO
,
1528 "No PSK available for association");
1532 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1538 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1543 case 0: /* Bits 0-7 */
1545 case 1: /* Bits 8-15 */
1547 case 2: /* Bits 16-23 */
1549 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1550 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1551 #endif /* CONFIG_WNM */
1553 case 3: /* Bits 24-31 */
1555 *pos
|= 0x02; /* Bit 25 - SSID List */
1556 #endif /* CONFIG_WNM */
1557 #ifdef CONFIG_INTERWORKING
1558 if (wpa_s
->conf
->interworking
)
1559 *pos
|= 0x80; /* Bit 31 - Interworking */
1560 #endif /* CONFIG_INTERWORKING */
1562 case 4: /* Bits 32-39 */
1563 #ifdef CONFIG_INTERWORKING
1564 if (wpa_s
->drv_flags
/ WPA_DRIVER_FLAGS_QOS_MAPPING
)
1565 *pos
|= 0x01; /* Bit 32 - QoS Map */
1566 #endif /* CONFIG_INTERWORKING */
1568 case 5: /* Bits 40-47 */
1570 if (wpa_s
->conf
->hs20
)
1571 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1572 #endif /* CONFIG_HS20 */
1574 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1575 #endif /* CONFIG_MBO */
1577 case 6: /* Bits 48-55 */
1579 case 7: /* Bits 56-63 */
1581 case 8: /* Bits 64-71 */
1582 if (wpa_s
->conf
->ftm_responder
)
1583 *pos
|= 0x40; /* Bit 70 - FTM responder */
1584 if (wpa_s
->conf
->ftm_initiator
)
1585 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1587 case 9: /* Bits 72-79 */
1590 #endif /* CONFIG_FILS */
1596 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1601 if (len
< wpa_s
->extended_capa_len
)
1602 len
= wpa_s
->extended_capa_len
;
1603 if (buflen
< (size_t) len
+ 2) {
1604 wpa_printf(MSG_INFO
,
1605 "Not enough room for building extended capabilities element");
1609 *pos
++ = WLAN_EID_EXT_CAPAB
;
1611 for (i
= 0; i
< len
; i
++, pos
++) {
1612 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1614 if (i
< wpa_s
->extended_capa_len
) {
1615 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1616 *pos
|= wpa_s
->extended_capa
[i
];
1620 while (len
> 0 && buf
[1 + len
] == 0) {
1631 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1632 struct wpa_bss
*test_bss
)
1634 struct wpa_bss
*bss
;
1636 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1637 if (bss
== test_bss
)
1645 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1646 struct wpa_ssid
*test_ssid
)
1648 struct wpa_ssid
*ssid
;
1650 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1651 if (ssid
== test_ssid
)
1659 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1660 struct wpa_ssid
*test_ssid
)
1662 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1665 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1669 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1677 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1679 struct wpa_connect_work
*cwork
;
1680 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1685 wpa_s
->connect_work
= NULL
;
1688 wpas_connect_work_free(cwork
);
1689 radio_work_done(work
);
1693 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1695 struct os_reltime now
;
1698 os_get_reltime(&now
);
1699 if (wpa_s
->last_mac_addr_style
== style
&&
1700 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1701 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1702 wpa_s
->conf
->rand_addr_lifetime
)) {
1703 wpa_msg(wpa_s
, MSG_DEBUG
,
1704 "Previously selected random MAC address has not yet expired");
1710 if (random_mac_addr(addr
) < 0)
1714 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1715 if (random_mac_addr_keep_oui(addr
) < 0)
1722 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1723 wpa_msg(wpa_s
, MSG_INFO
,
1724 "Failed to set random MAC address");
1728 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1729 wpa_s
->mac_addr_changed
= 1;
1730 wpa_s
->last_mac_addr_style
= style
;
1732 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1733 wpa_msg(wpa_s
, MSG_INFO
,
1734 "Could not update MAC address information");
1738 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1745 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1747 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1748 !wpa_s
->conf
->preassoc_mac_addr
)
1751 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1755 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1758 * wpa_supplicant_associate - Request association
1759 * @wpa_s: Pointer to wpa_supplicant data
1760 * @bss: Scan results for the selected BSS, or %NULL if not available
1761 * @ssid: Configuration data for the selected network
1763 * This function is used to request %wpa_supplicant to associate with a BSS.
1765 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1766 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1768 struct wpa_connect_work
*cwork
;
1771 wpa_s
->own_disconnect_req
= 0;
1774 * If we are starting a new connection, any previously pending EAPOL
1775 * RX cannot be valid anymore.
1777 wpabuf_free(wpa_s
->pending_eapol_rx
);
1778 wpa_s
->pending_eapol_rx
= NULL
;
1780 if (ssid
->mac_addr
== -1)
1781 rand_style
= wpa_s
->conf
->mac_addr
;
1783 rand_style
= ssid
->mac_addr
;
1785 wmm_ac_clear_saved_tspecs(wpa_s
);
1786 wpa_s
->reassoc_same_bss
= 0;
1787 wpa_s
->reassoc_same_ess
= 0;
1789 if (wpa_s
->last_ssid
== ssid
) {
1790 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1791 wpa_s
->reassoc_same_ess
= 1;
1792 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1793 wmm_ac_save_tspecs(wpa_s
);
1794 wpa_s
->reassoc_same_bss
= 1;
1798 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1799 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1801 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1802 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1803 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1804 wpa_msg(wpa_s
, MSG_INFO
,
1805 "Could not restore permanent MAC address");
1808 wpa_s
->mac_addr_changed
= 0;
1809 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1810 wpa_msg(wpa_s
, MSG_INFO
,
1811 "Could not update MAC address information");
1814 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1816 wpa_s
->last_ssid
= ssid
;
1818 #ifdef CONFIG_IBSS_RSN
1819 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1820 wpa_s
->ibss_rsn
= NULL
;
1821 #else /* CONFIG_IBSS_RSN */
1822 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1823 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1824 wpa_msg(wpa_s
, MSG_INFO
,
1825 "IBSS RSN not supported in the build");
1828 #endif /* CONFIG_IBSS_RSN */
1830 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1831 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1833 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1834 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1838 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1839 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1840 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1841 wpas_p2p_ap_setup_failed(wpa_s
);
1844 wpa_s
->current_bss
= bss
;
1845 #else /* CONFIG_AP */
1846 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1848 #endif /* CONFIG_AP */
1852 if (ssid
->mode
== WPAS_MODE_MESH
) {
1854 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1855 wpa_msg(wpa_s
, MSG_INFO
,
1856 "Driver does not support mesh mode");
1860 ssid
->frequency
= bss
->freq
;
1861 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1862 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1865 wpa_s
->current_bss
= bss
;
1866 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1867 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1869 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1870 #else /* CONFIG_MESH */
1871 wpa_msg(wpa_s
, MSG_ERROR
,
1872 "mesh mode support not included in the build");
1873 #endif /* CONFIG_MESH */
1878 * Set WPA state machine configuration to match the selected network now
1879 * so that the information is available before wpas_start_assoc_cb()
1880 * gets called. This is needed at least for RSN pre-authentication where
1881 * candidate APs are added to a list based on scan result processing
1882 * before completion of the first association.
1884 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1887 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
1889 #endif /* CONFIG_DPP */
1893 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
1895 #endif /* CONFIG_TDLS */
1897 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1898 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1899 sme_authenticate(wpa_s
, bss
, ssid
);
1903 if (wpa_s
->connect_work
) {
1904 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
1908 if (radio_work_pending(wpa_s
, "connect")) {
1909 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
1914 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
1915 /* Clear possibly set auth_alg, if any, from last attempt. */
1916 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
1918 #endif /* CONFIG_SME */
1920 wpas_abort_ongoing_scan(wpa_s
);
1922 cwork
= os_zalloc(sizeof(*cwork
));
1929 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
1930 wpas_start_assoc_cb
, cwork
) < 0) {
1936 static int bss_is_ibss(struct wpa_bss
*bss
)
1938 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
1943 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
1944 const struct wpa_ssid
*ssid
)
1946 enum hostapd_hw_mode hw_mode
;
1947 struct hostapd_hw_modes
*mode
= NULL
;
1951 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
1952 if (hw_mode
== NUM_HOSTAPD_MODES
)
1954 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1955 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1956 mode
= &wpa_s
->hw
.modes
[i
];
1964 return mode
->vht_capab
!= 0;
1968 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
1969 const struct wpa_ssid
*ssid
,
1970 struct hostapd_freq_params
*freq
)
1972 enum hostapd_hw_mode hw_mode
;
1973 struct hostapd_hw_modes
*mode
= NULL
;
1974 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1976 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
1977 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
1979 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
1981 struct hostapd_freq_params vht_freq
;
1982 int chwidth
, seg0
, seg1
;
1985 freq
->freq
= ssid
->frequency
;
1987 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
1988 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
1990 if (ssid
->mode
!= WPAS_MODE_IBSS
)
1993 /* Don't adjust control freq in case of fixed_freq */
1994 if (ssid
->fixed_freq
)
1997 if (!bss_is_ibss(bss
))
2000 if (ssid
->ssid_len
== bss
->ssid_len
&&
2001 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2002 wpa_printf(MSG_DEBUG
,
2003 "IBSS already found in scan results, adjust control freq: %d",
2005 freq
->freq
= bss
->freq
;
2011 /* For IBSS check HT_IBSS flag */
2012 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2013 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2016 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2017 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2018 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2019 wpa_printf(MSG_DEBUG
,
2020 "IBSS: WEP/TKIP detected, do not try to enable HT");
2024 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2025 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2026 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2027 mode
= &wpa_s
->hw
.modes
[i
];
2035 #ifdef CONFIG_HT_OVERRIDES
2036 if (ssid
->disable_ht
) {
2037 freq
->ht_enabled
= 0;
2040 #endif /* CONFIG_HT_OVERRIDES */
2042 freq
->ht_enabled
= ht_supported(mode
);
2043 if (!freq
->ht_enabled
)
2046 /* Setup higher BW only for 5 GHz */
2047 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2050 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2051 pri_chan
= &mode
->channels
[chan_idx
];
2052 if (pri_chan
->chan
== channel
)
2059 /* Check primary channel flags */
2060 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2063 #ifdef CONFIG_HT_OVERRIDES
2064 if (ssid
->disable_ht40
)
2066 #endif /* CONFIG_HT_OVERRIDES */
2068 /* Check/setup HT40+/HT40- */
2069 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2070 if (ht40plus
[j
] == channel
) {
2076 /* Find secondary channel */
2077 for (i
= 0; i
< mode
->num_channels
; i
++) {
2078 sec_chan
= &mode
->channels
[i
];
2079 if (sec_chan
->chan
== channel
+ ht40
* 4)
2086 /* Check secondary channel flags */
2087 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2090 freq
->channel
= pri_chan
->chan
;
2093 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2096 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2099 freq
->sec_channel_offset
= ht40
;
2102 struct wpa_scan_results
*scan_res
;
2104 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2105 if (scan_res
== NULL
) {
2107 freq
->sec_channel_offset
= 0;
2111 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2116 freq
->sec_channel_offset
= 0;
2119 /* Configuration allowed */
2122 /* Switch pri/sec channels */
2123 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2124 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2125 freq
->channel
= sec_chan
->chan
;
2128 freq
->sec_channel_offset
= 0;
2132 wpa_scan_results_free(scan_res
);
2135 wpa_printf(MSG_DEBUG
,
2136 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2137 freq
->channel
, freq
->sec_channel_offset
);
2139 if (!drv_supports_vht(wpa_s
, ssid
))
2142 /* For IBSS check VHT_IBSS flag */
2143 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2144 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2149 #ifdef CONFIG_VHT_OVERRIDES
2150 if (ssid
->disable_vht
) {
2151 freq
->vht_enabled
= 0;
2154 #endif /* CONFIG_VHT_OVERRIDES */
2156 vht_freq
.vht_enabled
= vht_supported(mode
);
2157 if (!vht_freq
.vht_enabled
)
2160 /* setup center_freq1, bandwidth */
2161 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2162 if (freq
->channel
>= vht80
[j
] &&
2163 freq
->channel
< vht80
[j
] + 16)
2167 if (j
== ARRAY_SIZE(vht80
))
2170 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2171 struct hostapd_channel_data
*chan
;
2173 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2177 /* Back to HT configuration if channel not usable */
2178 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2182 chwidth
= VHT_CHANWIDTH_80MHZ
;
2183 seg0
= vht80
[j
] + 6;
2186 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2187 /* setup center_freq2, bandwidth */
2188 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2189 /* Only accept 80 MHz segments separated by a gap */
2190 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2192 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2193 struct hostapd_channel_data
*chan
;
2195 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2199 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2200 HOSTAPD_CHAN_NO_IR
|
2201 HOSTAPD_CHAN_RADAR
))
2204 /* Found a suitable second segment for 80+80 */
2205 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2207 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2208 seg1
= vht80
[k
] + 6;
2211 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2214 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2215 if (freq
->freq
== 5180) {
2216 chwidth
= VHT_CHANWIDTH_160MHZ
;
2217 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2219 } else if (freq
->freq
== 5520) {
2220 chwidth
= VHT_CHANWIDTH_160MHZ
;
2221 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2226 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2227 freq
->channel
, freq
->ht_enabled
,
2228 vht_freq
.vht_enabled
,
2229 freq
->sec_channel_offset
,
2230 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2235 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2236 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2241 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2244 struct fils_hlp_req
*req
;
2245 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2249 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2251 rem_len
= ie_buf_len
- ie_len
;
2252 pos
= wpabuf_head(req
->pkt
);
2253 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2254 hlp_len
= wpabuf_len(req
->pkt
);
2256 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2257 wpa_printf(MSG_ERROR
,
2258 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2259 (unsigned long) rem_len
,
2260 (unsigned long) (2 + hdr_len
+ hlp_len
));
2264 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2266 *buf
++ = WLAN_EID_EXTENSION
;
2269 /* Element ID Extension */
2270 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2271 /* Destination MAC address */
2272 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2274 /* Source MAC address */
2275 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2277 /* LLC/SNAP Header */
2278 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2281 os_memcpy(buf
, pos
, len
- hdr_len
);
2282 buf
+= len
- hdr_len
;
2283 pos
+= len
- hdr_len
;
2285 hlp_len
-= len
- hdr_len
;
2290 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2291 if (rem_len
< 2 + len
)
2293 *buf
++ = WLAN_EID_FRAGMENT
;
2295 os_memcpy(buf
, pos
, len
);
2307 #endif /* CONFIG_FILS */
2310 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2312 struct wpa_connect_work
*cwork
= work
->ctx
;
2313 struct wpa_bss
*bss
= cwork
->bss
;
2314 struct wpa_ssid
*ssid
= cwork
->ssid
;
2315 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2317 size_t max_wpa_ie_len
= 200;
2319 int use_crypt
, ret
, i
, bssid_changed
;
2320 int algs
= WPA_AUTH_ALG_OPEN
;
2321 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2322 struct wpa_driver_associate_params params
;
2323 int wep_keys_set
= 0;
2324 int assoc_failed
= 0;
2325 struct wpa_ssid
*old_ssid
;
2326 u8 prev_bssid
[ETH_ALEN
];
2327 #ifdef CONFIG_HT_OVERRIDES
2328 struct ieee80211_ht_capabilities htcaps
;
2329 struct ieee80211_ht_capabilities htcaps_mask
;
2330 #endif /* CONFIG_HT_OVERRIDES */
2331 #ifdef CONFIG_VHT_OVERRIDES
2332 struct ieee80211_vht_capabilities vhtcaps
;
2333 struct ieee80211_vht_capabilities vhtcaps_mask
;
2334 #endif /* CONFIG_VHT_OVERRIDES */
2336 const u8
*realm
, *username
, *rrk
;
2337 size_t realm_len
, username_len
, rrk_len
;
2339 struct fils_hlp_req
*req
;
2340 #endif /* CONFIG_FILS */
2343 if (work
->started
) {
2344 wpa_s
->connect_work
= NULL
;
2346 /* cancel possible auth. timeout */
2347 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2350 wpas_connect_work_free(cwork
);
2354 wpa_s
->connect_work
= work
;
2356 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2357 wpas_network_disabled(wpa_s
, ssid
)) {
2358 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2359 wpas_connect_work_done(wpa_s
);
2363 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2364 os_memset(¶ms
, 0, sizeof(params
));
2365 wpa_s
->reassociate
= 0;
2366 wpa_s
->eap_expected_failure
= 0;
2368 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2369 #ifdef CONFIG_IEEE80211R
2370 const u8
*ie
, *md
= NULL
;
2371 #endif /* CONFIG_IEEE80211R */
2372 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2373 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2374 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2375 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2376 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2377 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2379 wpas_notify_bssid_changed(wpa_s
);
2380 #ifdef CONFIG_IEEE80211R
2381 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2382 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2384 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2386 /* Prepare for the next transition */
2387 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2389 #endif /* CONFIG_IEEE80211R */
2391 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2392 wpa_s
->conf
->ap_scan
== 2 &&
2393 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2394 /* Use ap_scan==1 style network selection to find the network
2396 wpas_connect_work_done(wpa_s
);
2397 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2398 wpa_s
->reassociate
= 1;
2399 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2401 #endif /* CONFIG_WPS */
2403 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2404 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2406 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2408 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2411 wpa_supplicant_cancel_sched_scan(wpa_s
);
2413 wpa_supplicant_cancel_scan(wpa_s
);
2415 /* Starting new association, so clear the possibly used WPA IE from the
2416 * previous association. */
2417 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2420 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2422 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2423 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2425 #endif /* CONFIG_FILS */
2427 wpa_ie
= os_malloc(max_wpa_ie_len
);
2429 wpa_printf(MSG_ERROR
,
2430 "Failed to allocate connect IE buffer for %lu bytes",
2431 (unsigned long) max_wpa_ie_len
);
2432 wpas_connect_work_done(wpa_s
);
2436 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2437 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2438 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2439 int try_opportunistic
;
2440 const u8
*cache_id
= NULL
;
2442 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2444 ssid
->proactive_key_caching
) &&
2445 (ssid
->proto
& WPA_PROTO_RSN
);
2447 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2448 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2449 #endif /* CONFIG_FILS */
2450 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2451 ssid
, try_opportunistic
,
2453 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2454 wpa_ie_len
= max_wpa_ie_len
;
2455 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2456 wpa_ie
, &wpa_ie_len
)) {
2457 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2458 "key management and encryption suites");
2459 wpas_connect_work_done(wpa_s
);
2463 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2464 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2466 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2467 * use non-WPA since the scan results did not indicate that the
2468 * AP is using WPA or WPA2.
2470 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2472 wpa_s
->wpa_proto
= 0;
2473 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2474 wpa_ie_len
= max_wpa_ie_len
;
2475 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2476 wpa_ie
, &wpa_ie_len
)) {
2477 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2478 "key management and encryption suites (no "
2480 wpas_connect_work_done(wpa_s
);
2485 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2486 struct wpabuf
*wps_ie
;
2487 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2488 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2489 wpa_ie_len
= wpabuf_len(wps_ie
);
2490 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2493 wpabuf_free(wps_ie
);
2494 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2495 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2496 params
.wps
= WPS_MODE_PRIVACY
;
2498 params
.wps
= WPS_MODE_OPEN
;
2499 wpa_s
->wpa_proto
= 0;
2500 #endif /* CONFIG_WPS */
2502 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2504 wpa_s
->wpa_proto
= 0;
2507 #ifdef IEEE8021X_EAPOL
2508 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2510 if (ssid
->non_leap
== 0)
2511 algs
= WPA_AUTH_ALG_LEAP
;
2513 algs
|= WPA_AUTH_ALG_LEAP
;
2518 /* Clear FILS association */
2519 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2521 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2522 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2523 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2524 &username_len
, &realm
, &realm_len
,
2525 &next_seq_num
, &rrk
, &rrk_len
) == 0) {
2526 algs
= WPA_AUTH_ALG_FILS
;
2527 params
.fils_erp_username
= username
;
2528 params
.fils_erp_username_len
= username_len
;
2529 params
.fils_erp_realm
= realm
;
2530 params
.fils_erp_realm_len
= realm_len
;
2531 params
.fils_erp_next_seq_num
= next_seq_num
;
2532 params
.fils_erp_rrk
= rrk
;
2533 params
.fils_erp_rrk_len
= rrk_len
;
2535 #endif /* CONFIG_FILS */
2536 #endif /* IEEE8021X_EAPOL */
2538 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2539 if (ssid
->auth_alg
) {
2540 algs
= ssid
->auth_alg
;
2541 wpa_dbg(wpa_s
, MSG_DEBUG
,
2542 "Overriding auth_alg selection: 0x%x", algs
);
2546 if (wpa_s
->global
->p2p
) {
2550 pos
= wpa_ie
+ wpa_ie_len
;
2551 len
= max_wpa_ie_len
- wpa_ie_len
;
2552 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2558 wpa_s
->cross_connect_disallowed
= 0;
2561 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2563 wpa_s
->cross_connect_disallowed
=
2564 p2p_get_cross_connect_disallowed(p2p
);
2566 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2568 wpa_s
->cross_connect_disallowed
?
2569 "disallows" : "allows");
2573 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2574 #endif /* CONFIG_P2P */
2577 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2578 wpa_ie
+ wpa_ie_len
,
2584 * Workaround: Add Extended Capabilities element only if the AP
2585 * included this element in Beacon/Probe Response frames. Some older
2586 * APs seem to have interoperability issues if this element is
2587 * included, so while the standard may require us to include the
2588 * element in all cases, it is justifiable to skip it to avoid
2589 * interoperability issues.
2591 if (ssid
->p2p_group
)
2592 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2594 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2596 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2599 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2601 if (ext_capab_len
> 0 &&
2602 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2604 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2606 os_memmove(pos
+ ext_capab_len
, pos
,
2607 wpa_ie_len
- (pos
- wpa_ie
));
2608 wpa_ie_len
+= ext_capab_len
;
2609 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2614 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2615 struct wpabuf
*hs20
;
2617 hs20
= wpabuf_alloc(20);
2619 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2622 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2623 len
= max_wpa_ie_len
- wpa_ie_len
;
2624 if (wpabuf_len(hs20
) <= len
) {
2625 os_memcpy(wpa_ie
+ wpa_ie_len
,
2626 wpabuf_head(hs20
), wpabuf_len(hs20
));
2627 wpa_ie_len
+= wpabuf_len(hs20
);
2631 hs20_configure_frame_filters(wpa_s
);
2634 #endif /* CONFIG_HS20 */
2636 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2637 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2640 len
= max_wpa_ie_len
- wpa_ie_len
;
2641 if (wpabuf_len(buf
) <= len
) {
2642 os_memcpy(wpa_ie
+ wpa_ie_len
,
2643 wpabuf_head(buf
), wpabuf_len(buf
));
2644 wpa_ie_len
+= wpabuf_len(buf
);
2649 if (wpa_s
->fst_ies
) {
2650 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2652 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2653 os_memcpy(wpa_ie
+ wpa_ie_len
,
2654 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2655 wpa_ie_len
+= fst_ies_len
;
2658 #endif /* CONFIG_FST */
2661 if (bss
&& wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
)) {
2664 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2665 max_wpa_ie_len
- wpa_ie_len
);
2669 #endif /* CONFIG_MBO */
2672 if (algs
== WPA_AUTH_ALG_FILS
) {
2675 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2676 max_wpa_ie_len
- wpa_ie_len
);
2679 #endif /* CONFIG_FILS */
2681 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2683 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2684 cipher_group
= wpa_s
->group_cipher
;
2685 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2686 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2687 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2688 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2690 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2695 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2698 #ifdef IEEE8021X_EAPOL
2699 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2700 if ((ssid
->eapol_flags
&
2701 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2702 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2706 /* Assume that dynamic WEP-104 keys will be used and
2707 * set cipher suites in order for drivers to expect
2709 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2712 #endif /* IEEE8021X_EAPOL */
2714 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2715 /* Set the key before (and later after) association */
2716 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2719 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2721 params
.ssid
= bss
->ssid
;
2722 params
.ssid_len
= bss
->ssid_len
;
2723 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2724 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2725 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2726 MACSTR
" freq=%u MHz based on scan results "
2727 "(bssid_set=%d wps=%d)",
2728 MAC2STR(bss
->bssid
), bss
->freq
,
2730 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2731 params
.bssid
= bss
->bssid
;
2732 params
.freq
.freq
= bss
->freq
;
2734 params
.bssid_hint
= bss
->bssid
;
2735 params
.freq_hint
= bss
->freq
;
2736 params
.pbss
= bss_is_pbss(bss
);
2738 if (ssid
->bssid_hint_set
)
2739 params
.bssid_hint
= ssid
->bssid_hint
;
2741 params
.ssid
= ssid
->ssid
;
2742 params
.ssid_len
= ssid
->ssid_len
;
2743 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
2746 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
2747 wpa_s
->conf
->ap_scan
== 2) {
2748 params
.bssid
= ssid
->bssid
;
2749 params
.fixed_bssid
= 1;
2752 /* Initial frequency for IBSS/mesh */
2753 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
2754 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
2755 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
2757 if (ssid
->mode
== WPAS_MODE_IBSS
) {
2758 params
.fixed_freq
= ssid
->fixed_freq
;
2759 if (ssid
->beacon_int
)
2760 params
.beacon_int
= ssid
->beacon_int
;
2762 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
2765 params
.wpa_ie
= wpa_ie
;
2766 params
.wpa_ie_len
= wpa_ie_len
;
2767 params
.pairwise_suite
= cipher_pairwise
;
2768 params
.group_suite
= cipher_group
;
2769 params
.mgmt_group_suite
= cipher_group_mgmt
;
2770 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
2771 params
.wpa_proto
= wpa_s
->wpa_proto
;
2772 params
.auth_alg
= algs
;
2773 wpa_s
->auth_alg
= params
.auth_alg
;
2774 params
.mode
= ssid
->mode
;
2775 params
.bg_scan_period
= ssid
->bg_scan_period
;
2776 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
2777 if (ssid
->wep_key_len
[i
])
2778 params
.wep_key
[i
] = ssid
->wep_key
[i
];
2779 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
2781 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
2783 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
2784 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2785 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
2786 params
.passphrase
= ssid
->passphrase
;
2788 params
.psk
= ssid
->psk
;
2791 if (wpa_s
->conf
->key_mgmt_offload
) {
2792 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
2793 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
2794 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
2795 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
2796 params
.req_key_mgmt_offload
=
2797 ssid
->proactive_key_caching
< 0 ?
2798 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
2800 params
.req_key_mgmt_offload
= 1;
2802 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2803 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
2804 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
2806 params
.psk
= ssid
->psk
;
2809 params
.drop_unencrypted
= use_crypt
;
2811 #ifdef CONFIG_IEEE80211W
2812 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
2813 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
2814 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
2815 struct wpa_ie_data ie
;
2816 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
2818 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
2819 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
2820 "MFP: require MFP");
2821 params
.mgmt_frame_protection
=
2822 MGMT_FRAME_PROTECTION_REQUIRED
;
2825 #endif /* CONFIG_IEEE80211W */
2827 params
.p2p
= ssid
->p2p_group
;
2829 if (wpa_s
->p2pdev
->set_sta_uapsd
)
2830 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
2834 #ifdef CONFIG_HT_OVERRIDES
2835 os_memset(&htcaps
, 0, sizeof(htcaps
));
2836 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
2837 params
.htcaps
= (u8
*) &htcaps
;
2838 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
2839 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
2840 #endif /* CONFIG_HT_OVERRIDES */
2841 #ifdef CONFIG_VHT_OVERRIDES
2842 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
2843 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
2844 params
.vhtcaps
= &vhtcaps
;
2845 params
.vhtcaps_mask
= &vhtcaps_mask
;
2846 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
2847 #endif /* CONFIG_VHT_OVERRIDES */
2851 * If multi-channel concurrency is not supported, check for any
2852 * frequency conflict. In case of any frequency conflict, remove the
2853 * least prioritized connection.
2855 if (wpa_s
->num_multichan_concurrent
< 2) {
2857 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
2858 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
2859 wpa_printf(MSG_DEBUG
,
2860 "Assoc conflicting freq found (%d != %d)",
2861 freq
, params
.freq
.freq
);
2862 if (wpas_p2p_handle_frequency_conflicts(
2863 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
2864 wpas_connect_work_done(wpa_s
);
2870 #endif /* CONFIG_P2P */
2872 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
2873 wpa_s
->current_ssid
)
2874 params
.prev_bssid
= prev_bssid
;
2876 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
2879 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
2881 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
2883 * The driver is known to mean what is saying, so we
2884 * can stop right here; the association will not
2887 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
2888 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2889 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2892 /* try to continue anyway; new association will be tried again
2897 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2898 /* Set the key after the association just in case association
2899 * cleared the previously configured key. */
2900 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2901 /* No need to timeout authentication since there is no key
2903 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2904 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
2905 #ifdef CONFIG_IBSS_RSN
2906 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
2907 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
2908 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
2910 * RSN IBSS authentication is per-STA and we can disable the
2911 * per-BSSID authentication.
2913 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2914 #endif /* CONFIG_IBSS_RSN */
2916 /* Timeout for IEEE 802.11 authentication and association */
2920 /* give IBSS a bit more time */
2921 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
2922 } else if (wpa_s
->conf
->ap_scan
== 1) {
2923 /* give IBSS a bit more time */
2924 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
2926 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
2930 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
2931 /* Set static WEP keys again */
2932 wpa_set_wep_keys(wpa_s
, ssid
);
2935 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
2937 * Do not allow EAP session resumption between different
2938 * network configurations.
2940 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
2942 old_ssid
= wpa_s
->current_ssid
;
2943 wpa_s
->current_ssid
= ssid
;
2945 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
2946 wpa_s
->current_bss
= bss
;
2948 hs20_configure_frame_filters(wpa_s
);
2949 #endif /* CONFIG_HS20 */
2952 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
2953 wpa_supplicant_initiate_eapol(wpa_s
);
2954 if (old_ssid
!= wpa_s
->current_ssid
)
2955 wpas_notify_network_changed(wpa_s
);
2959 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
2962 struct wpa_ssid
*old_ssid
;
2964 wpas_connect_work_done(wpa_s
);
2965 wpa_clear_keys(wpa_s
, addr
);
2966 old_ssid
= wpa_s
->current_ssid
;
2967 wpa_supplicant_mark_disassoc(wpa_s
);
2968 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
2969 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
2970 if (old_ssid
!= wpa_s
->current_ssid
)
2971 wpas_notify_network_changed(wpa_s
);
2972 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
2977 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2978 * @wpa_s: Pointer to wpa_supplicant data
2979 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2981 * This function is used to request %wpa_supplicant to deauthenticate from the
2984 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
2988 union wpa_event_data event
;
2991 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
2992 " pending_bssid=" MACSTR
" reason=%d state=%s",
2993 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
2994 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
2996 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
2997 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
2998 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
2999 addr
= wpa_s
->pending_bssid
;
3000 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3001 addr
= wpa_s
->bssid
;
3002 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3004 * When using driver-based BSS selection, we may not know the
3005 * BSSID with which we are currently trying to associate. We
3006 * need to notify the driver of this disconnection even in such
3007 * a case, so use the all zeros address here.
3009 addr
= wpa_s
->bssid
;
3014 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3015 #endif /* CONFIG_TDLS */
3019 struct mesh_conf
*mconf
;
3021 mconf
= wpa_s
->ifmsh
->mconf
;
3022 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3024 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3025 mconf
->meshid_len
, reason_code
);
3026 wpa_supplicant_leave_mesh(wpa_s
);
3028 #endif /* CONFIG_MESH */
3031 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3032 os_memset(&event
, 0, sizeof(event
));
3033 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3034 event
.deauth_info
.locally_generated
= 1;
3035 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3040 wpa_supplicant_clear_connection(wpa_s
, addr
);
3043 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3044 struct wpa_ssid
*ssid
)
3046 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3050 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3051 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3054 * Try to reassociate since there is no current configuration and a new
3055 * network was made available.
3057 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3058 wpa_s
->reassociate
= 1;
3063 * wpa_supplicant_add_network - Add a new network
3064 * @wpa_s: wpa_supplicant structure for a network interface
3065 * Returns: The new network configuration or %NULL if operation failed
3067 * This function performs the following operations:
3068 * 1. Adds a new network.
3069 * 2. Send network addition notification.
3070 * 3. Marks the network disabled.
3071 * 4. Set network default parameters.
3073 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3075 struct wpa_ssid
*ssid
;
3077 ssid
= wpa_config_add_network(wpa_s
->conf
);
3080 wpas_notify_network_added(wpa_s
, ssid
);
3082 wpa_config_set_network_defaults(ssid
);
3089 * wpa_supplicant_remove_network - Remove a configured network based on id
3090 * @wpa_s: wpa_supplicant structure for a network interface
3091 * @id: Unique network id to search for
3092 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3093 * could not be removed
3095 * This function performs the following operations:
3096 * 1. Removes the network.
3097 * 2. Send network removal notification.
3098 * 3. Update internal state machines.
3099 * 4. Stop any running sched scans.
3101 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3103 struct wpa_ssid
*ssid
;
3106 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3109 wpas_notify_network_removed(wpa_s
, ssid
);
3111 if (wpa_s
->last_ssid
== ssid
)
3112 wpa_s
->last_ssid
= NULL
;
3114 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3116 wpa_s
->sme
.prev_bssid_set
= 0;
3117 #endif /* CONFIG_SME */
3119 * Invalidate the EAP session cache if the current or
3120 * previously used network is removed.
3122 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3125 if (ssid
== wpa_s
->current_ssid
) {
3126 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3127 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3129 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3130 wpa_s
->own_disconnect_req
= 1;
3131 wpa_supplicant_deauthenticate(wpa_s
,
3132 WLAN_REASON_DEAUTH_LEAVING
);
3135 was_disabled
= ssid
->disabled
;
3137 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3140 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3141 wpa_printf(MSG_DEBUG
,
3142 "Stop ongoing sched_scan to remove network from filters");
3143 wpa_supplicant_cancel_sched_scan(wpa_s
);
3144 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3152 * wpa_supplicant_enable_network - Mark a configured network as enabled
3153 * @wpa_s: wpa_supplicant structure for a network interface
3154 * @ssid: wpa_ssid structure for a configured network or %NULL
3156 * Enables the specified network or all networks if no network specified.
3158 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3159 struct wpa_ssid
*ssid
)
3162 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3163 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3165 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3167 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3168 (!wpa_s
->current_ssid
||
3169 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3170 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3171 if (wpa_s
->sched_scanning
) {
3172 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3173 "new network to scan filters");
3174 wpa_supplicant_cancel_sched_scan(wpa_s
);
3177 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3178 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3179 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3186 * wpa_supplicant_disable_network - Mark a configured network as disabled
3187 * @wpa_s: wpa_supplicant structure for a network interface
3188 * @ssid: wpa_ssid structure for a configured network or %NULL
3190 * Disables the specified network or all networks if no network specified.
3192 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3193 struct wpa_ssid
*ssid
)
3195 struct wpa_ssid
*other_ssid
;
3199 if (wpa_s
->sched_scanning
)
3200 wpa_supplicant_cancel_sched_scan(wpa_s
);
3202 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3203 other_ssid
= other_ssid
->next
) {
3204 was_disabled
= other_ssid
->disabled
;
3205 if (was_disabled
== 2)
3206 continue; /* do not change persistent P2P group
3209 other_ssid
->disabled
= 1;
3211 if (was_disabled
!= other_ssid
->disabled
)
3212 wpas_notify_network_enabled_changed(
3215 if (wpa_s
->current_ssid
) {
3216 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3217 wpa_s
->own_disconnect_req
= 1;
3218 wpa_supplicant_deauthenticate(
3219 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3221 } else if (ssid
->disabled
!= 2) {
3222 if (ssid
== wpa_s
->current_ssid
) {
3223 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3224 wpa_s
->own_disconnect_req
= 1;
3225 wpa_supplicant_deauthenticate(
3226 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3229 was_disabled
= ssid
->disabled
;
3233 if (was_disabled
!= ssid
->disabled
) {
3234 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3235 if (wpa_s
->sched_scanning
) {
3236 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3237 "to remove network from filters");
3238 wpa_supplicant_cancel_sched_scan(wpa_s
);
3239 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3247 * wpa_supplicant_select_network - Attempt association with a network
3248 * @wpa_s: wpa_supplicant structure for a network interface
3249 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3251 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3252 struct wpa_ssid
*ssid
)
3255 struct wpa_ssid
*other_ssid
;
3256 int disconnected
= 0;
3258 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3259 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3260 wpa_s
->own_disconnect_req
= 1;
3261 wpa_supplicant_deauthenticate(
3262 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3267 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3270 * Mark all other networks disabled or mark all networks enabled if no
3271 * network specified.
3273 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3274 other_ssid
= other_ssid
->next
) {
3275 int was_disabled
= other_ssid
->disabled
;
3276 if (was_disabled
== 2)
3277 continue; /* do not change persistent P2P group data */
3279 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3280 if (was_disabled
&& !other_ssid
->disabled
)
3281 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3283 if (was_disabled
!= other_ssid
->disabled
)
3284 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3287 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3288 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3289 /* We are already associated with the selected network */
3290 wpa_printf(MSG_DEBUG
, "Already associated with the "
3291 "selected network - do nothing");
3296 wpa_s
->current_ssid
= ssid
;
3297 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3298 wpa_s
->connect_without_scan
=
3299 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3302 * Don't optimize next scan freqs since a new ESS has been
3305 os_free(wpa_s
->next_scan_freqs
);
3306 wpa_s
->next_scan_freqs
= NULL
;
3308 wpa_s
->connect_without_scan
= NULL
;
3311 wpa_s
->disconnected
= 0;
3312 wpa_s
->reassociate
= 1;
3314 if (wpa_s
->connect_without_scan
||
3315 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3316 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3317 wpas_scan_reset_sched_scan(wpa_s
);
3318 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3322 wpas_notify_network_selected(wpa_s
, ssid
);
3327 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3328 * @wpa_s: wpa_supplicant structure for a network interface
3329 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3330 * @pkcs11_module_path: PKCS #11 module path or NULL
3331 * Returns: 0 on success; -1 on failure
3333 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3334 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3335 * module path fails the paths will be reset to the default value (NULL).
3337 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3338 const char *pkcs11_engine_path
,
3339 const char *pkcs11_module_path
)
3341 char *pkcs11_engine_path_copy
= NULL
;
3342 char *pkcs11_module_path_copy
= NULL
;
3344 if (pkcs11_engine_path
!= NULL
) {
3345 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3346 if (pkcs11_engine_path_copy
== NULL
)
3349 if (pkcs11_module_path
!= NULL
) {
3350 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3351 if (pkcs11_module_path_copy
== NULL
) {
3352 os_free(pkcs11_engine_path_copy
);
3357 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3358 os_free(wpa_s
->conf
->pkcs11_module_path
);
3359 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3360 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3362 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3363 eapol_sm_deinit(wpa_s
->eapol
);
3364 wpa_s
->eapol
= NULL
;
3365 if (wpa_supplicant_init_eapol(wpa_s
)) {
3366 /* Error -> Reset paths to the default value (NULL) once. */
3367 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3368 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3373 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3380 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3381 * @wpa_s: wpa_supplicant structure for a network interface
3382 * @ap_scan: AP scan mode
3383 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3386 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3391 if (ap_scan
< 0 || ap_scan
> 2)
3394 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3395 wpa_printf(MSG_INFO
,
3396 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3400 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3401 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3402 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3403 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3404 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3407 #endif /* ANDROID */
3409 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3410 wpa_s
->conf
->ap_scan
= ap_scan
;
3412 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3413 wpas_notify_ap_scan_changed(wpa_s
);
3420 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3421 * @wpa_s: wpa_supplicant structure for a network interface
3422 * @expire_age: Expiration age in seconds
3423 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3426 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3427 unsigned int bss_expire_age
)
3429 if (bss_expire_age
< 10) {
3430 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3434 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3436 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3443 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3444 * @wpa_s: wpa_supplicant structure for a network interface
3445 * @expire_count: number of scans after which an unseen BSS is reclaimed
3446 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3449 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3450 unsigned int bss_expire_count
)
3452 if (bss_expire_count
< 1) {
3453 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3457 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3459 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3466 * wpa_supplicant_set_scan_interval - Set scan interval
3467 * @wpa_s: wpa_supplicant structure for a network interface
3468 * @scan_interval: scan interval in seconds
3469 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3472 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3475 if (scan_interval
< 0) {
3476 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3480 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3482 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3489 * wpa_supplicant_set_debug_params - Set global debug params
3490 * @global: wpa_global structure
3491 * @debug_level: debug level
3492 * @debug_timestamp: determines if show timestamp in debug data
3493 * @debug_show_keys: determines if show keys in debug data
3494 * Returns: 0 if succeed or -1 if debug_level has wrong value
3496 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3497 int debug_timestamp
, int debug_show_keys
)
3500 int old_level
, old_timestamp
, old_show_keys
;
3502 /* check for allowed debuglevels */
3503 if (debug_level
!= MSG_EXCESSIVE
&&
3504 debug_level
!= MSG_MSGDUMP
&&
3505 debug_level
!= MSG_DEBUG
&&
3506 debug_level
!= MSG_INFO
&&
3507 debug_level
!= MSG_WARNING
&&
3508 debug_level
!= MSG_ERROR
)
3511 old_level
= wpa_debug_level
;
3512 old_timestamp
= wpa_debug_timestamp
;
3513 old_show_keys
= wpa_debug_show_keys
;
3515 wpa_debug_level
= debug_level
;
3516 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3517 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3519 if (wpa_debug_level
!= old_level
)
3520 wpas_notify_debug_level_changed(global
);
3521 if (wpa_debug_timestamp
!= old_timestamp
)
3522 wpas_notify_debug_timestamp_changed(global
);
3523 if (wpa_debug_show_keys
!= old_show_keys
)
3524 wpas_notify_debug_show_keys_changed(global
);
3531 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3532 * @wpa_s: Pointer to wpa_supplicant data
3533 * Returns: A pointer to the current network structure or %NULL on failure
3535 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3537 struct wpa_ssid
*entry
;
3538 u8 ssid
[SSID_MAX_LEN
];
3544 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3546 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3552 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3553 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3558 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3559 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3561 entry
= wpa_s
->conf
->ssid
;
3563 if (!wpas_network_disabled(wpa_s
, entry
) &&
3564 ((ssid_len
== entry
->ssid_len
&&
3565 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3566 (!entry
->bssid_set
||
3567 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3570 if (!wpas_network_disabled(wpa_s
, entry
) &&
3571 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3572 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3573 (!entry
->bssid_set
||
3574 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3576 #endif /* CONFIG_WPS */
3578 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3579 entry
->ssid_len
== 0 &&
3580 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3583 entry
= entry
->next
;
3590 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3592 struct wpa_global
*global
= wpa_s
->global
;
3594 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3595 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3596 if (global
->drv_priv
[i
] == NULL
) {
3597 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3598 "'%s'", wpa_drivers
[i
]->name
);
3603 wpa_s
->driver
= wpa_drivers
[i
];
3604 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3610 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3615 const char *pos
, *driver
= name
;
3620 if (wpa_drivers
[0] == NULL
) {
3621 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3627 /* default to first driver in the list */
3628 return select_driver(wpa_s
, 0);
3632 pos
= os_strchr(driver
, ',');
3636 len
= os_strlen(driver
);
3638 for (i
= 0; wpa_drivers
[i
]; i
++) {
3639 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3640 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3642 /* First driver that succeeds wins */
3643 if (select_driver(wpa_s
, i
) == 0)
3651 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3657 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3658 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3659 * with struct wpa_driver_ops::init()
3660 * @src_addr: Source address of the EAPOL frame
3661 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3662 * @len: Length of the EAPOL data
3664 * This function is called for each received EAPOL frame. Most driver
3665 * interfaces rely on more generic OS mechanism for receiving frames through
3666 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3667 * take care of received EAPOL frames and deliver them to the core supplicant
3668 * code by calling this function.
3670 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3671 const u8
*buf
, size_t len
)
3673 struct wpa_supplicant
*wpa_s
= ctx
;
3675 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3676 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3678 #ifdef CONFIG_TESTING_OPTIONS
3679 if (wpa_s
->ignore_auth_resp
) {
3680 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3683 #endif /* CONFIG_TESTING_OPTIONS */
3685 #ifdef CONFIG_PEERKEY
3686 if (wpa_s
->wpa_state
> WPA_ASSOCIATED
&& wpa_s
->current_ssid
&&
3687 wpa_s
->current_ssid
->peerkey
&&
3688 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3689 wpa_sm_rx_eapol_peerkey(wpa_s
->wpa
, src_addr
, buf
, len
) == 1) {
3690 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: Processed PeerKey EAPOL-Key");
3693 #endif /* CONFIG_PEERKEY */
3695 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3696 (wpa_s
->last_eapol_matches_bssid
&&
3699 #endif /* CONFIG_AP */
3700 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3702 * There is possible race condition between receiving the
3703 * association event and the EAPOL frame since they are coming
3704 * through different paths from the driver. In order to avoid
3705 * issues in trying to process the EAPOL frame before receiving
3706 * association information, lets queue it for processing until
3707 * the association event is received. This may also be needed in
3708 * driver-based roaming case, so also use src_addr != BSSID as a
3709 * trigger if we have previously confirmed that the
3710 * Authenticator uses BSSID as the src_addr (which is not the
3711 * case with wired IEEE 802.1X).
3713 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
3714 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
3715 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
3716 MAC2STR(wpa_s
->bssid
));
3717 wpabuf_free(wpa_s
->pending_eapol_rx
);
3718 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
3719 if (wpa_s
->pending_eapol_rx
) {
3720 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
3721 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
3727 wpa_s
->last_eapol_matches_bssid
=
3728 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
3731 if (wpa_s
->ap_iface
) {
3732 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
3735 #endif /* CONFIG_AP */
3737 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
3738 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
3739 "no key management is configured");
3743 if (wpa_s
->eapol_received
== 0 &&
3744 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
3745 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
3746 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
3747 (wpa_s
->current_ssid
== NULL
||
3748 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
3749 /* Timeout for completing IEEE 802.1X and WPA authentication */
3752 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
3753 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
3754 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3755 /* Use longer timeout for IEEE 802.1X/EAP */
3760 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
3761 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3762 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
3764 * Use shorter timeout if going through WPS AP iteration
3765 * for PIN config method with an AP that does not
3766 * advertise Selected Registrar.
3768 struct wpabuf
*wps_ie
;
3770 wps_ie
= wpa_bss_get_vendor_ie_multi(
3771 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
3773 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
3775 wpabuf_free(wps_ie
);
3777 #endif /* CONFIG_WPS */
3779 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3781 wpa_s
->eapol_received
++;
3783 if (wpa_s
->countermeasures
) {
3784 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
3789 #ifdef CONFIG_IBSS_RSN
3790 if (wpa_s
->current_ssid
&&
3791 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
3792 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
3795 #endif /* CONFIG_IBSS_RSN */
3797 /* Source address of the incoming EAPOL frame could be compared to the
3798 * current BSSID. However, it is possible that a centralized
3799 * Authenticator could be using another MAC address than the BSSID of
3800 * an AP, so just allow any address to be used for now. The replies are
3801 * still sent to the current BSSID (if available), though. */
3803 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
3804 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
3805 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
3806 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
3807 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
3809 wpa_drv_poll(wpa_s
);
3810 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
3811 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
3812 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
3814 * Set portValid = TRUE here since we are going to skip 4-way
3815 * handshake processing which would normally set portValid. We
3816 * need this to allow the EAPOL state machines to be completed
3817 * without going through EAPOL-Key handshake.
3819 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
3824 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
3826 if ((!wpa_s
->p2p_mgmt
||
3827 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
3828 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
3829 l2_packet_deinit(wpa_s
->l2
);
3830 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
3831 wpa_drv_get_mac_addr(wpa_s
),
3833 wpa_supplicant_rx_eapol
, wpa_s
, 0);
3834 if (wpa_s
->l2
== NULL
)
3837 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
3839 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
3842 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
3843 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
3847 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3853 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
3854 const u8
*buf
, size_t len
)
3856 struct wpa_supplicant
*wpa_s
= ctx
;
3857 const struct l2_ethhdr
*eth
;
3859 if (len
< sizeof(*eth
))
3861 eth
= (const struct l2_ethhdr
*) buf
;
3863 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
3864 !(eth
->h_dest
[0] & 0x01)) {
3865 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3866 " (bridge - not for this interface - ignore)",
3867 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3871 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3872 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3873 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
3874 len
- sizeof(*eth
));
3879 * wpa_supplicant_driver_init - Initialize driver interface parameters
3880 * @wpa_s: Pointer to wpa_supplicant data
3881 * Returns: 0 on success, -1 on failure
3883 * This function is called to initialize driver interface parameters.
3884 * wpa_drv_init() must have been called before this function to initialize the
3887 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
3889 static int interface_count
= 0;
3891 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
3894 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
3895 MAC2STR(wpa_s
->own_addr
));
3896 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
3897 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3899 if (wpa_s
->bridge_ifname
[0]) {
3900 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
3901 "interface '%s'", wpa_s
->bridge_ifname
);
3902 wpa_s
->l2_br
= l2_packet_init_bridge(
3903 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
3904 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
3905 if (wpa_s
->l2_br
== NULL
) {
3906 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
3907 "connection for the bridge interface '%s'",
3908 wpa_s
->bridge_ifname
);
3913 if (wpa_s
->conf
->ap_scan
== 2 &&
3914 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3915 wpa_printf(MSG_INFO
,
3916 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3919 wpa_clear_keys(wpa_s
, NULL
);
3921 /* Make sure that TKIP countermeasures are not left enabled (could
3922 * happen if wpa_supplicant is killed during countermeasures. */
3923 wpa_drv_set_countermeasures(wpa_s
, 0);
3925 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
3926 wpa_drv_flush_pmkid(wpa_s
);
3928 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
3929 wpa_s
->prev_scan_wildcard
= 0;
3931 if (wpa_supplicant_enabled_networks(wpa_s
)) {
3932 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
3933 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3934 interface_count
= 0;
3937 if (!wpa_s
->p2p_mgmt
&&
3938 wpa_supplicant_delayed_sched_scan(wpa_s
,
3939 interface_count
% 3,
3941 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
3943 #endif /* ANDROID */
3946 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
3952 static int wpa_supplicant_daemon(const char *pid_file
)
3954 wpa_printf(MSG_DEBUG
, "Daemonize..");
3955 return os_daemonize(pid_file
);
3959 static struct wpa_supplicant
*
3960 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
3962 struct wpa_supplicant
*wpa_s
;
3964 wpa_s
= os_zalloc(sizeof(*wpa_s
));
3967 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
3968 wpa_s
->scan_interval
= 5;
3969 wpa_s
->new_connection
= 1;
3970 wpa_s
->parent
= parent
? parent
: wpa_s
;
3971 wpa_s
->p2pdev
= wpa_s
->parent
;
3972 wpa_s
->sched_scanning
= 0;
3974 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
3975 dl_list_init(&wpa_s
->fils_hlp_req
);
3981 #ifdef CONFIG_HT_OVERRIDES
3983 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
3984 struct ieee80211_ht_capabilities
*htcaps
,
3985 struct ieee80211_ht_capabilities
*htcaps_mask
,
3988 /* parse ht_mcs into hex array */
3990 const char *tmp
= ht_mcs
;
3993 /* If ht_mcs is null, do not set anything */
3997 /* This is what we are setting in the kernel */
3998 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4000 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4002 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4006 v
= strtol(tmp
, &end
, 16);
4009 wpa_msg(wpa_s
, MSG_DEBUG
,
4010 "htcap value[%i]: %ld end: %p tmp: %p",
4015 htcaps
->supported_mcs_set
[i
] = v
;
4018 wpa_msg(wpa_s
, MSG_ERROR
,
4019 "Failed to parse ht-mcs: %s, error: %s\n",
4020 ht_mcs
, strerror(errno
));
4026 * If we were able to parse any values, then set mask for the MCS set.
4029 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4030 IEEE80211_HT_MCS_MASK_LEN
- 1);
4031 /* skip the 3 reserved bits */
4032 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4040 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4041 struct ieee80211_ht_capabilities
*htcaps
,
4042 struct ieee80211_ht_capabilities
*htcaps_mask
,
4047 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4052 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4053 htcaps_mask
->ht_capabilities_info
|= msk
;
4055 htcaps
->ht_capabilities_info
&= msk
;
4057 htcaps
->ht_capabilities_info
|= msk
;
4063 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4064 struct ieee80211_ht_capabilities
*htcaps
,
4065 struct ieee80211_ht_capabilities
*htcaps_mask
,
4068 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4073 if (factor
< 0 || factor
> 3) {
4074 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4075 "Must be 0-3 or -1", factor
);
4079 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4080 htcaps
->a_mpdu_params
&= ~0x3;
4081 htcaps
->a_mpdu_params
|= factor
& 0x3;
4087 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4088 struct ieee80211_ht_capabilities
*htcaps
,
4089 struct ieee80211_ht_capabilities
*htcaps_mask
,
4092 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4097 if (density
< 0 || density
> 7) {
4098 wpa_msg(wpa_s
, MSG_ERROR
,
4099 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4104 htcaps_mask
->a_mpdu_params
|= 0x1C;
4105 htcaps
->a_mpdu_params
&= ~(0x1C);
4106 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4112 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4113 struct ieee80211_ht_capabilities
*htcaps
,
4114 struct ieee80211_ht_capabilities
*htcaps_mask
,
4117 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4119 set_disable_ht40(htcaps
, disabled
);
4120 set_disable_ht40(htcaps_mask
, 0);
4126 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4127 struct ieee80211_ht_capabilities
*htcaps
,
4128 struct ieee80211_ht_capabilities
*htcaps_mask
,
4131 /* Masking these out disables SGI */
4132 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4133 HT_CAP_INFO_SHORT_GI40MHZ
);
4135 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4138 htcaps
->ht_capabilities_info
&= ~msk
;
4140 htcaps
->ht_capabilities_info
|= msk
;
4142 htcaps_mask
->ht_capabilities_info
|= msk
;
4148 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4149 struct ieee80211_ht_capabilities
*htcaps
,
4150 struct ieee80211_ht_capabilities
*htcaps_mask
,
4153 /* Masking these out disables LDPC */
4154 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4156 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4159 htcaps
->ht_capabilities_info
&= ~msk
;
4161 htcaps
->ht_capabilities_info
|= msk
;
4163 htcaps_mask
->ht_capabilities_info
|= msk
;
4169 void wpa_supplicant_apply_ht_overrides(
4170 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4171 struct wpa_driver_associate_params
*params
)
4173 struct ieee80211_ht_capabilities
*htcaps
;
4174 struct ieee80211_ht_capabilities
*htcaps_mask
;
4179 params
->disable_ht
= ssid
->disable_ht
;
4180 if (!params
->htcaps
|| !params
->htcaps_mask
)
4183 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4184 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4185 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4186 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4187 ssid
->disable_max_amsdu
);
4188 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4189 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4190 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4191 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4192 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4194 if (ssid
->ht40_intolerant
) {
4195 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4196 htcaps
->ht_capabilities_info
|= bit
;
4197 htcaps_mask
->ht_capabilities_info
|= bit
;
4201 #endif /* CONFIG_HT_OVERRIDES */
4204 #ifdef CONFIG_VHT_OVERRIDES
4205 void wpa_supplicant_apply_vht_overrides(
4206 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4207 struct wpa_driver_associate_params
*params
)
4209 struct ieee80211_vht_capabilities
*vhtcaps
;
4210 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4215 params
->disable_vht
= ssid
->disable_vht
;
4217 vhtcaps
= (void *) params
->vhtcaps
;
4218 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4220 if (!vhtcaps
|| !vhtcaps_mask
)
4223 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4224 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4226 #ifdef CONFIG_HT_OVERRIDES
4227 /* if max ampdu is <= 3, we have to make the HT cap the same */
4228 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4231 max_ampdu
= (ssid
->vht_capa
&
4232 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4233 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4235 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4236 wpa_set_ampdu_factor(wpa_s
,
4237 (void *) params
->htcaps
,
4238 (void *) params
->htcaps_mask
,
4241 #endif /* CONFIG_HT_OVERRIDES */
4243 #define OVERRIDE_MCS(i) \
4244 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4245 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4246 host_to_le16(3 << 2 * (i - 1)); \
4247 vhtcaps->vht_supported_mcs_set.tx_map |= \
4248 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4251 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4252 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4253 host_to_le16(3 << 2 * (i - 1)); \
4254 vhtcaps->vht_supported_mcs_set.rx_map |= \
4255 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4268 #endif /* CONFIG_VHT_OVERRIDES */
4271 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4276 if (!wpa_s
->conf
->pcsc_reader
)
4279 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4283 if (wpa_s
->conf
->pcsc_pin
&&
4284 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4285 scard_deinit(wpa_s
->scard
);
4286 wpa_s
->scard
= NULL
;
4287 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4291 len
= sizeof(wpa_s
->imsi
) - 1;
4292 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4293 scard_deinit(wpa_s
->scard
);
4294 wpa_s
->scard
= NULL
;
4295 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4298 wpa_s
->imsi
[len
] = '\0';
4300 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4302 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4303 wpa_s
->imsi
, wpa_s
->mnc_len
);
4305 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4306 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4307 #endif /* PCSC_FUNCS */
4313 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4317 ext_password_deinit(wpa_s
->ext_pw
);
4318 wpa_s
->ext_pw
= NULL
;
4319 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4321 if (!wpa_s
->conf
->ext_password_backend
)
4324 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4327 pos
= os_strchr(val
, ':');
4331 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4333 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4335 if (wpa_s
->ext_pw
== NULL
) {
4336 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4339 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4347 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4349 struct wpa_supplicant
*wpa_s
= ctx
;
4351 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4352 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4356 static void wpas_fst_get_channel_info_cb(void *ctx
,
4357 enum hostapd_hw_mode
*hw_mode
,
4360 struct wpa_supplicant
*wpa_s
= ctx
;
4362 if (wpa_s
->current_bss
) {
4363 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4365 } else if (wpa_s
->hw
.num_modes
) {
4366 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4374 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4376 struct wpa_supplicant
*wpa_s
= ctx
;
4378 *modes
= wpa_s
->hw
.modes
;
4379 return wpa_s
->hw
.num_modes
;
4383 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4385 struct wpa_supplicant
*wpa_s
= ctx
;
4387 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4388 wpa_s
->fst_ies
= fst_ies
;
4392 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4394 struct wpa_supplicant
*wpa_s
= ctx
;
4396 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4397 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4398 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4401 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4402 wpa_s
->own_addr
, wpa_s
->bssid
,
4403 wpabuf_head(data
), wpabuf_len(data
),
4408 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4410 struct wpa_supplicant
*wpa_s
= ctx
;
4412 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4413 return wpa_s
->received_mb_ies
;
4417 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4418 const u8
*buf
, size_t size
)
4420 struct wpa_supplicant
*wpa_s
= ctx
;
4421 struct mb_ies_info info
;
4423 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4425 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4426 wpabuf_free(wpa_s
->received_mb_ies
);
4427 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4432 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4433 struct fst_get_peer_ctx
**get_ctx
,
4436 struct wpa_supplicant
*wpa_s
= ctx
;
4439 if (!is_zero_ether_addr(wpa_s
->bssid
))
4440 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4441 wpa_s
->bssid
: NULL
;
4446 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4447 struct fst_get_peer_ctx
**get_ctx
,
4453 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4454 struct fst_wpa_obj
*iface_obj
)
4456 iface_obj
->ctx
= wpa_s
;
4457 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4458 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4459 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4460 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4461 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4462 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4463 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4464 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4465 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4467 #endif /* CONFIG_FST */
4469 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4470 const struct wpa_driver_capa
*capa
)
4472 struct wowlan_triggers
*triggers
;
4475 if (!wpa_s
->conf
->wowlan_triggers
)
4478 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4480 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4487 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4490 return BAND_2_4_GHZ
;
4497 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4500 unsigned int band
= 0;
4503 /* freqs are specified for the radio work */
4504 for (i
= 0; freqs
[i
]; i
++)
4505 band
|= wpas_freq_to_band(freqs
[i
]);
4508 * freqs are not specified, implies all
4509 * the supported freqs by HW
4511 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4512 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4513 if (wpa_s
->hw
.modes
[i
].mode
==
4514 HOSTAPD_MODE_IEEE80211B
||
4515 wpa_s
->hw
.modes
[i
].mode
==
4516 HOSTAPD_MODE_IEEE80211G
)
4517 band
|= BAND_2_4_GHZ
;
4518 else if (wpa_s
->hw
.modes
[i
].mode
==
4519 HOSTAPD_MODE_IEEE80211A
)
4521 else if (wpa_s
->hw
.modes
[i
].mode
==
4522 HOSTAPD_MODE_IEEE80211AD
)
4523 band
|= BAND_60_GHZ
;
4524 else if (wpa_s
->hw
.modes
[i
].mode
==
4525 HOSTAPD_MODE_IEEE80211ANY
)
4526 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4536 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4539 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4540 struct wpa_radio
*radio
;
4542 while (rn
&& iface
) {
4543 radio
= iface
->radio
;
4544 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4545 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4547 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4551 iface
= iface
->next
;
4554 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4555 wpa_s
->ifname
, rn
? rn
: "N/A");
4556 radio
= os_zalloc(sizeof(*radio
));
4561 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4562 dl_list_init(&radio
->ifaces
);
4563 dl_list_init(&radio
->work
);
4564 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4570 static void radio_work_free(struct wpa_radio_work
*work
)
4572 if (work
->wpa_s
->scan_work
== work
) {
4573 /* This should not really happen. */
4574 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4575 work
->type
, work
, work
->started
);
4576 work
->wpa_s
->scan_work
= NULL
;
4580 if (work
->wpa_s
->p2p_scan_work
== work
) {
4581 /* This should not really happen. */
4582 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4583 work
->type
, work
, work
->started
);
4584 work
->wpa_s
->p2p_scan_work
= NULL
;
4586 #endif /* CONFIG_P2P */
4588 if (work
->started
) {
4589 work
->wpa_s
->radio
->num_active_works
--;
4590 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4591 "radio_work_free('%s'@%p: num_active_works --> %u",
4593 work
->wpa_s
->radio
->num_active_works
);
4596 dl_list_del(&work
->list
);
4601 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4603 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4604 os_strcmp(work
->type
, "connect") == 0;
4608 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4610 return os_strcmp(work
->type
, "scan") == 0 ||
4611 os_strcmp(work
->type
, "p2p-scan") == 0;
4615 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4617 struct wpa_radio_work
*active_work
= NULL
;
4618 struct wpa_radio_work
*tmp
;
4620 /* Get the active work to know the type and band. */
4621 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4629 /* No active work, start one */
4630 radio
->num_active_works
= 0;
4631 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4633 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4634 radio
->external_scan_running
&&
4635 (((struct wpa_driver_scan_params
*)
4636 tmp
->ctx
)->only_new_results
||
4637 tmp
->wpa_s
->clear_driver_scan_cache
))
4644 if (radio_work_is_connect(active_work
)) {
4646 * If the active work is either connect or sme-connect,
4647 * do not parallelize them with other radio works.
4649 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4650 "Do not parallelize radio work with %s",
4655 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4660 * If connect or sme-connect are enqueued, parallelize only
4661 * those operations ahead of them in the queue.
4663 if (radio_work_is_connect(tmp
))
4666 /* Serialize parallel scan and p2p_scan operations on the same
4667 * interface since the driver_nl80211 mechanism for tracking
4668 * scan cookies does not yet have support for this. */
4669 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4670 radio_work_is_scan(active_work
) &&
4671 radio_work_is_scan(tmp
)) {
4672 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4673 "Do not start work '%s' when another work '%s' is already scheduled",
4674 tmp
->type
, active_work
->type
);
4678 * Check that the radio works are distinct and
4679 * on different bands.
4681 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4682 (active_work
->bands
!= tmp
->bands
)) {
4684 * If a scan has to be scheduled through nl80211 scan
4685 * interface and if an external scan is already running,
4686 * do not schedule the scan since it is likely to get
4687 * rejected by kernel.
4689 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4690 radio
->external_scan_running
&&
4691 (((struct wpa_driver_scan_params
*)
4692 tmp
->ctx
)->only_new_results
||
4693 tmp
->wpa_s
->clear_driver_scan_cache
))
4696 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4697 "active_work:%s new_work:%s",
4698 active_work
->type
, tmp
->type
);
4703 /* Did not find a radio work to schedule in parallel. */
4708 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
4710 struct wpa_radio
*radio
= eloop_ctx
;
4711 struct wpa_radio_work
*work
;
4712 struct os_reltime now
, diff
;
4713 struct wpa_supplicant
*wpa_s
;
4715 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
4717 radio
->num_active_works
= 0;
4721 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
4725 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
4727 return; /* already started and still in progress */
4729 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
4730 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
4735 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4736 /* get the work to schedule next */
4737 work
= radio_work_get_next_work(radio
);
4743 wpa_s
= work
->wpa_s
;
4744 os_get_reltime(&now
);
4745 os_reltime_sub(&now
, &work
->time
, &diff
);
4746 wpa_dbg(wpa_s
, MSG_DEBUG
,
4747 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4748 work
->type
, work
, diff
.sec
, diff
.usec
);
4751 radio
->num_active_works
++;
4755 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
4756 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
4757 radio_work_check_next(wpa_s
);
4762 * This function removes both started and pending radio works running on
4763 * the provided interface's radio.
4764 * Prior to the removal of the radio work, its callback (cb) is called with
4765 * deinit set to be 1. Each work's callback is responsible for clearing its
4766 * internal data and restoring to a correct state.
4767 * @wpa_s: wpa_supplicant data
4768 * @type: type of works to be removed
4769 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4770 * this interface's works.
4772 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
4773 const char *type
, int remove_all
)
4775 struct wpa_radio_work
*work
, *tmp
;
4776 struct wpa_radio
*radio
= wpa_s
->radio
;
4778 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
4780 if (type
&& os_strcmp(type
, work
->type
) != 0)
4783 /* skip other ifaces' works */
4784 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
4787 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
4788 work
->type
, work
, work
->started
? " (started)" : "");
4790 radio_work_free(work
);
4793 /* in case we removed the started work */
4794 radio_work_check_next(wpa_s
);
4798 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
4800 struct wpa_radio
*radio
= wpa_s
->radio
;
4805 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
4806 wpa_s
->ifname
, radio
->name
);
4807 dl_list_del(&wpa_s
->radio_list
);
4808 radio_remove_works(wpa_s
, NULL
, 0);
4809 wpa_s
->radio
= NULL
;
4810 if (!dl_list_empty(&radio
->ifaces
))
4811 return; /* Interfaces remain for this radio */
4813 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
4814 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4819 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
4821 struct wpa_radio
*radio
= wpa_s
->radio
;
4823 if (dl_list_empty(&radio
->work
))
4825 if (wpa_s
->ext_work_in_progress
) {
4826 wpa_printf(MSG_DEBUG
,
4827 "External radio work in progress - delay start of pending item");
4830 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4831 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
4836 * radio_add_work - Add a radio work item
4837 * @wpa_s: Pointer to wpa_supplicant data
4838 * @freq: Frequency of the offchannel operation in MHz or 0
4839 * @type: Unique identifier for each type of work
4840 * @next: Force as the next work to be executed
4841 * @cb: Callback function for indicating when radio is available
4842 * @ctx: Context pointer for the work (work->ctx in cb())
4843 * Returns: 0 on success, -1 on failure
4845 * This function is used to request time for an operation that requires
4846 * exclusive radio control. Once the radio is available, the registered callback
4847 * function will be called. radio_work_done() must be called once the exclusive
4848 * radio operation has been completed, so that the radio is freed for other
4849 * operations. The special case of deinit=1 is used to free the context data
4850 * during interface removal. That does not allow the callback function to start
4851 * the radio operation, i.e., it must free any resources allocated for the radio
4854 * The @freq parameter can be used to indicate a single channel on which the
4855 * offchannel operation will occur. This may allow multiple radio work
4856 * operations to be performed in parallel if they apply for the same channel.
4857 * Setting this to 0 indicates that the work item may use multiple channels or
4858 * requires exclusive control of the radio.
4860 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
4861 const char *type
, int next
,
4862 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
4865 struct wpa_radio
*radio
= wpa_s
->radio
;
4866 struct wpa_radio_work
*work
;
4869 work
= os_zalloc(sizeof(*work
));
4872 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
4873 os_get_reltime(&work
->time
);
4876 work
->wpa_s
= wpa_s
;
4881 work
->bands
= wpas_freq_to_band(freq
);
4882 else if (os_strcmp(type
, "scan") == 0 ||
4883 os_strcmp(type
, "p2p-scan") == 0)
4884 work
->bands
= wpas_get_bands(wpa_s
,
4885 ((struct wpa_driver_scan_params
*)
4888 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
4890 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
4892 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
4894 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
4896 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
4897 radio_work_check_next(wpa_s
);
4898 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
4899 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4900 wpa_dbg(wpa_s
, MSG_DEBUG
,
4901 "Try to schedule a radio work (num_active_works=%u)",
4902 radio
->num_active_works
);
4903 radio_work_check_next(wpa_s
);
4911 * radio_work_done - Indicate that a radio work item has been completed
4912 * @work: Completed work
4914 * This function is called once the callback function registered with
4915 * radio_add_work() has completed its work.
4917 void radio_work_done(struct wpa_radio_work
*work
)
4919 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
4920 struct os_reltime now
, diff
;
4921 unsigned int started
= work
->started
;
4923 os_get_reltime(&now
);
4924 os_reltime_sub(&now
, &work
->time
, &diff
);
4925 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4926 work
->type
, work
, started
? "done" : "canceled",
4927 diff
.sec
, diff
.usec
);
4928 radio_work_free(work
);
4930 radio_work_check_next(wpa_s
);
4934 struct wpa_radio_work
*
4935 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
4937 struct wpa_radio_work
*work
;
4938 struct wpa_radio
*radio
= wpa_s
->radio
;
4940 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
4941 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
4949 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
4950 struct wpa_interface
*iface
)
4952 const char *ifname
, *driver
, *rn
;
4954 driver
= iface
->driver
;
4956 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
4959 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
4960 if (wpa_s
->drv_priv
== NULL
) {
4962 pos
= driver
? os_strchr(driver
, ',') : NULL
;
4964 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
4965 "driver interface - try next driver wrapper");
4969 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
4973 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
4974 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
4975 "driver_param '%s'", wpa_s
->conf
->driver_param
);
4979 ifname
= wpa_drv_get_ifname(wpa_s
);
4980 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
4981 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
4982 "interface name with '%s'", ifname
);
4983 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
4986 rn
= wpa_driver_get_radio_name(wpa_s
);
4987 if (rn
&& rn
[0] == '\0')
4990 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
4991 if (wpa_s
->radio
== NULL
)
4998 #ifdef CONFIG_GAS_SERVER
5000 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5001 unsigned int freq
, const u8
*dst
,
5002 const u8
*src
, const u8
*bssid
,
5003 const u8
*data
, size_t data_len
,
5004 enum offchannel_send_action_result result
)
5006 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5009 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5010 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5012 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5013 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5017 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5018 struct wpabuf
*buf
, unsigned int wait_time
)
5020 struct wpa_supplicant
*wpa_s
= ctx
;
5021 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5023 if (wait_time
> wpa_s
->max_remain_on_chan
)
5024 wait_time
= wpa_s
->max_remain_on_chan
;
5026 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5027 wpabuf_head(buf
), wpabuf_len(buf
),
5028 wait_time
, wpas_gas_server_tx_status
, 0);
5031 #endif /* CONFIG_GAS_SERVER */
5033 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5034 struct wpa_interface
*iface
)
5036 struct wpa_driver_capa capa
;
5040 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5041 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5042 iface
->confname
? iface
->confname
: "N/A",
5043 iface
->driver
? iface
->driver
: "default",
5044 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5045 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5047 if (iface
->confname
) {
5048 #ifdef CONFIG_BACKEND_FILE
5049 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5050 if (wpa_s
->confname
== NULL
) {
5051 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5052 "for configuration file '%s'.",
5056 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5057 iface
->confname
, wpa_s
->confname
);
5058 #else /* CONFIG_BACKEND_FILE */
5059 wpa_s
->confname
= os_strdup(iface
->confname
);
5060 #endif /* CONFIG_BACKEND_FILE */
5061 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5062 if (wpa_s
->conf
== NULL
) {
5063 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5064 "configuration '%s'.", wpa_s
->confname
);
5067 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5068 wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
);
5071 * Override ctrl_interface and driver_param if set on command
5074 if (iface
->ctrl_interface
) {
5075 os_free(wpa_s
->conf
->ctrl_interface
);
5076 wpa_s
->conf
->ctrl_interface
=
5077 os_strdup(iface
->ctrl_interface
);
5080 if (iface
->driver_param
) {
5081 os_free(wpa_s
->conf
->driver_param
);
5082 wpa_s
->conf
->driver_param
=
5083 os_strdup(iface
->driver_param
);
5086 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5087 os_free(wpa_s
->conf
->ctrl_interface
);
5088 wpa_s
->conf
->ctrl_interface
= NULL
;
5091 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5092 iface
->driver_param
);
5094 if (wpa_s
->conf
== NULL
) {
5095 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5099 if (iface
->ifname
== NULL
) {
5100 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5103 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5104 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5108 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5110 if (iface
->bridge_ifname
) {
5111 if (os_strlen(iface
->bridge_ifname
) >=
5112 sizeof(wpa_s
->bridge_ifname
)) {
5113 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5114 "name '%s'.", iface
->bridge_ifname
);
5117 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5118 sizeof(wpa_s
->bridge_ifname
));
5121 /* RSNA Supplicant Key Management - INITIALIZE */
5122 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5123 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5125 /* Initialize driver interface and register driver event handler before
5126 * L2 receive handler so that association events are processed before
5127 * EAPOL-Key packets if both become available for the same select()
5129 if (wpas_init_driver(wpa_s
, iface
) < 0)
5132 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5135 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5136 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5138 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5140 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5141 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5142 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5143 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5144 "dot11RSNAConfigPMKLifetime");
5148 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5149 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5150 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5151 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5152 "dot11RSNAConfigPMKReauthThreshold");
5156 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5157 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5158 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5159 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5160 "dot11RSNAConfigSATimeout");
5164 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5165 &wpa_s
->hw
.num_modes
,
5168 if (wpa_s
->hw
.modes
) {
5171 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5172 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5173 wpa_s
->hw_capab
= CAPAB_VHT
;
5177 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5178 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5179 wpa_s
->hw_capab
= CAPAB_HT40
;
5180 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5181 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5182 wpa_s
->hw_capab
= CAPAB_HT
;
5186 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5187 if (capa_res
== 0) {
5188 wpa_s
->drv_capa_known
= 1;
5189 wpa_s
->drv_flags
= capa
.flags
;
5190 wpa_s
->drv_enc
= capa
.enc
;
5191 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5192 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5193 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5194 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5195 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5196 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5197 wpa_s
->max_sched_scan_plan_interval
=
5198 capa
.max_sched_scan_plan_interval
;
5199 wpa_s
->max_sched_scan_plan_iterations
=
5200 capa
.max_sched_scan_plan_iterations
;
5201 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5202 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5203 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5204 wpa_s
->max_stations
= capa
.max_stations
;
5205 wpa_s
->extended_capa
= capa
.extended_capa
;
5206 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5207 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5208 wpa_s
->num_multichan_concurrent
=
5209 capa
.num_multichan_concurrent
;
5210 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5212 if (capa
.mac_addr_rand_scan_supported
)
5213 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5214 if (wpa_s
->sched_scan_supported
&&
5215 capa
.mac_addr_rand_sched_scan_supported
)
5216 wpa_s
->mac_addr_rand_supported
|=
5217 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5219 if (wpa_s
->max_remain_on_chan
== 0)
5220 wpa_s
->max_remain_on_chan
= 1000;
5223 * Only take p2p_mgmt parameters when P2P Device is supported.
5224 * Doing it here as it determines whether l2_packet_init() will be done
5225 * during wpa_supplicant_driver_init().
5227 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5228 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5230 iface
->p2p_mgmt
= 1;
5232 if (wpa_s
->num_multichan_concurrent
== 0)
5233 wpa_s
->num_multichan_concurrent
= 1;
5235 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5239 if ((!iface
->p2p_mgmt
||
5240 !(wpa_s
->drv_flags
&
5241 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
5242 wpa_tdls_init(wpa_s
->wpa
))
5244 #endif /* CONFIG_TDLS */
5246 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5247 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5248 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5253 if (wpa_s
->conf
->fst_group_id
) {
5254 struct fst_iface_cfg cfg
;
5255 struct fst_wpa_obj iface_obj
;
5257 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5258 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5259 sizeof(cfg
.group_id
));
5260 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5261 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5263 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5266 wpa_msg(wpa_s
, MSG_ERROR
,
5267 "FST: Cannot attach iface %s to group %s",
5268 wpa_s
->ifname
, cfg
.group_id
);
5272 #endif /* CONFIG_FST */
5274 if (wpas_wps_init(wpa_s
))
5277 #ifdef CONFIG_GAS_SERVER
5278 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5279 if (!wpa_s
->gas_server
) {
5280 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5283 #endif /* CONFIG_GAS_SERVER */
5286 if (wpas_dpp_init(wpa_s
) < 0)
5288 #endif /* CONFIG_DPP */
5290 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5292 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5294 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5295 if (wpa_s
->ctrl_iface
== NULL
) {
5296 wpa_printf(MSG_ERROR
,
5297 "Failed to initialize control interface '%s'.\n"
5298 "You may have another wpa_supplicant process "
5299 "already running or the file was\n"
5300 "left by an unclean termination of wpa_supplicant "
5301 "in which case you will need\n"
5302 "to manually remove this file before starting "
5303 "wpa_supplicant again.\n",
5304 wpa_s
->conf
->ctrl_interface
);
5308 wpa_s
->gas
= gas_query_init(wpa_s
);
5309 if (wpa_s
->gas
== NULL
) {
5310 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5314 if (iface
->p2p_mgmt
&& wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5315 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5319 if (wpa_bss_init(wpa_s
) < 0)
5322 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5324 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5325 #endif /* CONFIG_MESH */
5326 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5329 * Set Wake-on-WLAN triggers, if configured.
5330 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5331 * have effect anyway when the interface is down).
5333 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5336 #ifdef CONFIG_EAP_PROXY
5339 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5341 if (wpa_s
->mnc_len
> 0) {
5342 wpa_s
->imsi
[len
] = '\0';
5343 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5344 wpa_s
->imsi
, wpa_s
->mnc_len
);
5346 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5349 #endif /* CONFIG_EAP_PROXY */
5351 if (pcsc_reader_init(wpa_s
) < 0)
5354 if (wpas_init_ext_pw(wpa_s
) < 0)
5357 wpas_rrm_reset(wpa_s
);
5359 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5363 #endif /* CONFIG_HS20 */
5365 if (wpa_s
->conf
->oce
) {
5366 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5367 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5368 wpa_s
->enable_oce
= OCE_STA
;
5369 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5370 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5371 /* TODO: Need to add STA-CFON support */
5372 wpa_printf(MSG_ERROR
,
5373 "OCE STA-CFON feature is not yet supported");
5376 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5377 #endif /* CONFIG_MBO */
5379 wpa_supplicant_set_default_scan_ies(wpa_s
);
5385 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5386 int notify
, int terminate
)
5388 struct wpa_global
*global
= wpa_s
->global
;
5389 struct wpa_supplicant
*iface
, *prev
;
5391 if (wpa_s
== wpa_s
->parent
)
5392 wpas_p2p_group_remove(wpa_s
, "*");
5394 iface
= global
->ifaces
;
5396 if (iface
->p2pdev
== wpa_s
)
5397 iface
->p2pdev
= iface
->parent
;
5398 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5399 iface
= iface
->next
;
5402 wpa_printf(MSG_DEBUG
,
5403 "Remove remaining child interface %s from parent %s",
5404 iface
->ifname
, wpa_s
->ifname
);
5406 iface
= iface
->next
;
5407 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5410 wpa_s
->disconnected
= 1;
5411 if (wpa_s
->drv_priv
) {
5412 wpa_supplicant_deauthenticate(wpa_s
,
5413 WLAN_REASON_DEAUTH_LEAVING
);
5415 wpa_drv_set_countermeasures(wpa_s
, 0);
5416 wpa_clear_keys(wpa_s
, NULL
);
5419 wpa_supplicant_cleanup(wpa_s
);
5420 wpas_p2p_deinit_iface(wpa_s
);
5422 wpas_ctrl_radio_work_flush(wpa_s
);
5423 radio_remove_interface(wpa_s
);
5427 fst_detach(wpa_s
->fst
);
5430 if (wpa_s
->received_mb_ies
) {
5431 wpabuf_free(wpa_s
->received_mb_ies
);
5432 wpa_s
->received_mb_ies
= NULL
;
5434 #endif /* CONFIG_FST */
5436 if (wpa_s
->drv_priv
)
5437 wpa_drv_deinit(wpa_s
);
5440 wpas_notify_iface_removed(wpa_s
);
5443 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5445 if (wpa_s
->ctrl_iface
) {
5446 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5447 wpa_s
->ctrl_iface
= NULL
;
5452 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5453 wpa_s
->ifmsh
= NULL
;
5455 #endif /* CONFIG_MESH */
5457 if (wpa_s
->conf
!= NULL
) {
5458 wpa_config_free(wpa_s
->conf
);
5462 os_free(wpa_s
->ssids_from_scan_req
);
5468 #ifdef CONFIG_MATCH_IFACE
5471 * wpa_supplicant_match_iface - Match an interface description to a name
5472 * @global: Pointer to global data from wpa_supplicant_init()
5473 * @ifname: Name of the interface to match
5474 * Returns: Pointer to the created interface description or %NULL on failure
5476 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5480 struct wpa_interface
*iface
, *miface
;
5482 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5483 miface
= &global
->params
.match_ifaces
[i
];
5484 if (!miface
->ifname
||
5485 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5486 iface
= os_zalloc(sizeof(*iface
));
5490 iface
->ifname
= ifname
;
5500 * wpa_supplicant_match_existing - Match existing interfaces
5501 * @global: Pointer to global data from wpa_supplicant_init()
5502 * Returns: 0 on success, -1 on failure
5504 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5506 struct if_nameindex
*ifi
, *ifp
;
5507 struct wpa_supplicant
*wpa_s
;
5508 struct wpa_interface
*iface
;
5510 ifp
= if_nameindex();
5512 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5516 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5517 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5520 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5522 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5529 if_freenameindex(ifp
);
5533 #endif /* CONFIG_MATCH_IFACE */
5537 * wpa_supplicant_add_iface - Add a new network interface
5538 * @global: Pointer to global data from wpa_supplicant_init()
5539 * @iface: Interface configuration options
5540 * @parent: Parent interface or %NULL to assign new interface as parent
5541 * Returns: Pointer to the created interface or %NULL on failure
5543 * This function is used to add new network interfaces for %wpa_supplicant.
5544 * This can be called before wpa_supplicant_run() to add interfaces before the
5545 * main event loop has been started. In addition, new interfaces can be added
5546 * dynamically while %wpa_supplicant is already running. This could happen,
5547 * e.g., when a hotplug network adapter is inserted.
5549 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5550 struct wpa_interface
*iface
,
5551 struct wpa_supplicant
*parent
)
5553 struct wpa_supplicant
*wpa_s
;
5554 struct wpa_interface t_iface
;
5555 struct wpa_ssid
*ssid
;
5557 if (global
== NULL
|| iface
== NULL
)
5560 wpa_s
= wpa_supplicant_alloc(parent
);
5564 wpa_s
->global
= global
;
5567 if (global
->params
.override_driver
) {
5568 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5570 iface
->driver
, global
->params
.override_driver
);
5571 t_iface
.driver
= global
->params
.override_driver
;
5573 if (global
->params
.override_ctrl_interface
) {
5574 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5575 "ctrl_interface ('%s' -> '%s')",
5576 iface
->ctrl_interface
,
5577 global
->params
.override_ctrl_interface
);
5578 t_iface
.ctrl_interface
=
5579 global
->params
.override_ctrl_interface
;
5581 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5582 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5584 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5588 if (iface
->p2p_mgmt
== 0) {
5589 /* Notify the control interfaces about new iface */
5590 if (wpas_notify_iface_added(wpa_s
)) {
5591 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5595 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5596 wpas_notify_network_added(wpa_s
, ssid
);
5599 wpa_s
->next
= global
->ifaces
;
5600 global
->ifaces
= wpa_s
;
5602 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5603 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5606 if (wpa_s
->global
->p2p
== NULL
&&
5607 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5608 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5609 wpas_p2p_add_p2pdev_interface(
5610 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5611 wpa_printf(MSG_INFO
,
5612 "P2P: Failed to enable P2P Device interface");
5613 /* Try to continue without. P2P will be disabled. */
5615 #endif /* CONFIG_P2P */
5622 * wpa_supplicant_remove_iface - Remove a network interface
5623 * @global: Pointer to global data from wpa_supplicant_init()
5624 * @wpa_s: Pointer to the network interface to be removed
5625 * Returns: 0 if interface was removed, -1 if interface was not found
5627 * This function can be used to dynamically remove network interfaces from
5628 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5629 * addition, this function is used to remove all remaining interfaces when
5630 * %wpa_supplicant is terminated.
5632 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5633 struct wpa_supplicant
*wpa_s
,
5636 struct wpa_supplicant
*prev
;
5638 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5639 char *ifname
= NULL
;
5640 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5641 #endif /* CONFIG_MESH */
5643 /* Remove interface from the global list of interfaces */
5644 prev
= global
->ifaces
;
5645 if (prev
== wpa_s
) {
5646 global
->ifaces
= wpa_s
->next
;
5648 while (prev
&& prev
->next
!= wpa_s
)
5652 prev
->next
= wpa_s
->next
;
5655 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5658 if (mesh_if_created
) {
5659 ifname
= os_strdup(wpa_s
->ifname
);
5660 if (ifname
== NULL
) {
5661 wpa_dbg(wpa_s
, MSG_ERROR
,
5662 "mesh: Failed to malloc ifname");
5666 #endif /* CONFIG_MESH */
5668 if (global
->p2p_group_formation
== wpa_s
)
5669 global
->p2p_group_formation
= NULL
;
5670 if (global
->p2p_invite_group
== wpa_s
)
5671 global
->p2p_invite_group
= NULL
;
5672 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5675 if (mesh_if_created
) {
5676 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5679 #endif /* CONFIG_MESH */
5686 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5687 * @wpa_s: Pointer to the network interface
5688 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5690 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
5692 const char *eapol_method
;
5694 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
5695 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
5699 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
5700 if (eapol_method
== NULL
)
5701 return "UNKNOWN-EAP";
5703 return eapol_method
;
5708 * wpa_supplicant_get_iface - Get a new network interface
5709 * @global: Pointer to global data from wpa_supplicant_init()
5710 * @ifname: Interface name
5711 * Returns: Pointer to the interface or %NULL if not found
5713 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
5716 struct wpa_supplicant
*wpa_s
;
5718 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5719 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
5726 #ifndef CONFIG_NO_WPA_MSG
5727 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
5729 struct wpa_supplicant
*wpa_s
= ctx
;
5732 return wpa_s
->ifname
;
5734 #endif /* CONFIG_NO_WPA_MSG */
5737 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5738 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5739 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5741 /* Periodic cleanup tasks */
5742 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
5744 struct wpa_global
*global
= eloop_ctx
;
5745 struct wpa_supplicant
*wpa_s
;
5747 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5748 wpas_periodic
, global
, NULL
);
5752 p2p_expire_peers(global
->p2p
);
5753 #endif /* CONFIG_P2P */
5755 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5756 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
5759 #endif /* CONFIG_AP */
5765 * wpa_supplicant_init - Initialize %wpa_supplicant
5766 * @params: Parameters for %wpa_supplicant
5767 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5769 * This function is used to initialize %wpa_supplicant. After successful
5770 * initialization, the returned data pointer can be used to add and remove
5771 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5773 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
5775 struct wpa_global
*global
;
5781 #ifdef CONFIG_DRIVER_NDIS
5783 void driver_ndis_init_ops(void);
5784 driver_ndis_init_ops();
5786 #endif /* CONFIG_DRIVER_NDIS */
5788 #ifndef CONFIG_NO_WPA_MSG
5789 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
5790 #endif /* CONFIG_NO_WPA_MSG */
5792 if (params
->wpa_debug_file_path
)
5793 wpa_debug_open_file(params
->wpa_debug_file_path
);
5795 wpa_debug_setup_stdout();
5796 if (params
->wpa_debug_syslog
)
5797 wpa_debug_open_syslog();
5798 if (params
->wpa_debug_tracing
) {
5799 ret
= wpa_debug_open_linux_tracing();
5801 wpa_printf(MSG_ERROR
,
5802 "Failed to enable trace logging");
5807 ret
= eap_register_methods();
5809 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
5811 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
5812 "the same EAP type.");
5816 global
= os_zalloc(sizeof(*global
));
5819 dl_list_init(&global
->p2p_srv_bonjour
);
5820 dl_list_init(&global
->p2p_srv_upnp
);
5821 global
->params
.daemonize
= params
->daemonize
;
5822 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
5823 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
5824 if (params
->pid_file
)
5825 global
->params
.pid_file
= os_strdup(params
->pid_file
);
5826 if (params
->ctrl_interface
)
5827 global
->params
.ctrl_interface
=
5828 os_strdup(params
->ctrl_interface
);
5829 if (params
->ctrl_interface_group
)
5830 global
->params
.ctrl_interface_group
=
5831 os_strdup(params
->ctrl_interface_group
);
5832 if (params
->override_driver
)
5833 global
->params
.override_driver
=
5834 os_strdup(params
->override_driver
);
5835 if (params
->override_ctrl_interface
)
5836 global
->params
.override_ctrl_interface
=
5837 os_strdup(params
->override_ctrl_interface
);
5838 #ifdef CONFIG_MATCH_IFACE
5839 global
->params
.match_iface_count
= params
->match_iface_count
;
5840 if (params
->match_iface_count
) {
5841 global
->params
.match_ifaces
=
5842 os_calloc(params
->match_iface_count
,
5843 sizeof(struct wpa_interface
));
5844 os_memcpy(global
->params
.match_ifaces
,
5845 params
->match_ifaces
,
5846 params
->match_iface_count
*
5847 sizeof(struct wpa_interface
));
5849 #endif /* CONFIG_MATCH_IFACE */
5851 if (params
->conf_p2p_dev
)
5852 global
->params
.conf_p2p_dev
=
5853 os_strdup(params
->conf_p2p_dev
);
5854 #endif /* CONFIG_P2P */
5855 wpa_debug_level
= global
->params
.wpa_debug_level
=
5856 params
->wpa_debug_level
;
5857 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
5858 params
->wpa_debug_show_keys
;
5859 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
5860 params
->wpa_debug_timestamp
;
5862 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
5865 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
5866 wpa_supplicant_deinit(global
);
5870 random_init(params
->entropy_file
);
5872 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
5873 if (global
->ctrl_iface
== NULL
) {
5874 wpa_supplicant_deinit(global
);
5878 if (wpas_notify_supplicant_initialized(global
)) {
5879 wpa_supplicant_deinit(global
);
5883 for (i
= 0; wpa_drivers
[i
]; i
++)
5884 global
->drv_count
++;
5885 if (global
->drv_count
== 0) {
5886 wpa_printf(MSG_ERROR
, "No drivers enabled");
5887 wpa_supplicant_deinit(global
);
5890 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
5891 if (global
->drv_priv
== NULL
) {
5892 wpa_supplicant_deinit(global
);
5896 #ifdef CONFIG_WIFI_DISPLAY
5897 if (wifi_display_init(global
) < 0) {
5898 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
5899 wpa_supplicant_deinit(global
);
5902 #endif /* CONFIG_WIFI_DISPLAY */
5904 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5905 wpas_periodic
, global
, NULL
);
5912 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5913 * @global: Pointer to global data from wpa_supplicant_init()
5914 * Returns: 0 after successful event loop run, -1 on failure
5916 * This function starts the main event loop and continues running as long as
5917 * there are any remaining events. In most cases, this function is running as
5918 * long as the %wpa_supplicant process in still in use.
5920 int wpa_supplicant_run(struct wpa_global
*global
)
5922 struct wpa_supplicant
*wpa_s
;
5924 if (global
->params
.daemonize
&&
5925 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
5926 eloop_sock_requeue()))
5929 #ifdef CONFIG_MATCH_IFACE
5930 if (wpa_supplicant_match_existing(global
))
5934 if (global
->params
.wait_for_monitor
) {
5935 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
5936 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
5937 wpa_supplicant_ctrl_iface_wait(
5941 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
5942 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
5951 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5952 * @global: Pointer to global data from wpa_supplicant_init()
5954 * This function is called to deinitialize %wpa_supplicant and to free all
5955 * allocated resources. Remaining network interfaces will also be removed.
5957 void wpa_supplicant_deinit(struct wpa_global
*global
)
5964 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
5966 #ifdef CONFIG_WIFI_DISPLAY
5967 wifi_display_deinit(global
);
5968 #endif /* CONFIG_WIFI_DISPLAY */
5970 while (global
->ifaces
)
5971 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
5973 if (global
->ctrl_iface
)
5974 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
5976 wpas_notify_supplicant_deinitialized(global
);
5978 eap_peer_unregister_methods();
5980 eap_server_unregister_methods();
5981 #endif /* CONFIG_AP */
5983 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
5984 if (!global
->drv_priv
[i
])
5986 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
5988 os_free(global
->drv_priv
);
5994 if (global
->params
.pid_file
) {
5995 os_daemonize_terminate(global
->params
.pid_file
);
5996 os_free(global
->params
.pid_file
);
5998 os_free(global
->params
.ctrl_interface
);
5999 os_free(global
->params
.ctrl_interface_group
);
6000 os_free(global
->params
.override_driver
);
6001 os_free(global
->params
.override_ctrl_interface
);
6002 #ifdef CONFIG_MATCH_IFACE
6003 os_free(global
->params
.match_ifaces
);
6004 #endif /* CONFIG_MATCH_IFACE */
6006 os_free(global
->params
.conf_p2p_dev
);
6007 #endif /* CONFIG_P2P */
6009 os_free(global
->p2p_disallow_freq
.range
);
6010 os_free(global
->p2p_go_avoid_freq
.range
);
6011 os_free(global
->add_psk
);
6014 wpa_debug_close_syslog();
6015 wpa_debug_close_file();
6016 wpa_debug_close_linux_tracing();
6020 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6022 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6023 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6025 country
[0] = wpa_s
->conf
->country
[0];
6026 country
[1] = wpa_s
->conf
->country
[1];
6028 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6029 wpa_printf(MSG_ERROR
, "Failed to set country code "
6034 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6035 wpas_init_ext_pw(wpa_s
);
6037 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6038 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6040 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6041 struct wpa_driver_capa capa
;
6042 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6044 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6045 wpa_printf(MSG_ERROR
,
6046 "Failed to update wowlan_triggers to '%s'",
6047 wpa_s
->conf
->wowlan_triggers
);
6051 wpas_wps_update_config(wpa_s
);
6052 #endif /* CONFIG_WPS */
6053 wpas_p2p_update_config(wpa_s
);
6054 wpa_s
->conf
->changed_parameters
= 0;
6058 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6062 for (i
= 0; i
< *num_freqs
; i
++) {
6063 if (freqs
[i
] == freq
)
6067 freqs
[*num_freqs
] = freq
;
6072 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6074 struct wpa_bss
*bss
, *cbss
;
6075 const int max_freqs
= 10;
6079 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6083 cbss
= wpa_s
->current_bss
;
6085 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6088 if (bss
->ssid_len
== cbss
->ssid_len
&&
6089 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6090 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6091 add_freq(freqs
, &num_freqs
, bss
->freq
);
6092 if (num_freqs
== max_freqs
)
6097 if (num_freqs
== 0) {
6106 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6112 wpas_connect_work_done(wpa_s
);
6115 * Remove possible authentication timeout since the connection failed.
6117 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6120 * There is no point in blacklisting the AP if this event is
6121 * generated based on local request to disconnect.
6123 if (wpa_s
->own_disconnect_req
) {
6124 wpa_s
->own_disconnect_req
= 0;
6125 wpa_dbg(wpa_s
, MSG_DEBUG
,
6126 "Ignore connection failure due to local request to disconnect");
6129 if (wpa_s
->disconnected
) {
6130 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6131 "indication since interface has been put into "
6132 "disconnected state");
6137 * Add the failed BSSID into the blacklist and speed up next scan
6138 * attempt if there could be other APs that could accept association.
6139 * The current blacklist count indicates how many times we have tried
6140 * connecting to this AP and multiple attempts mean that other APs are
6141 * either not available or has already been tried, so that we can start
6142 * increasing the delay here to avoid constant scanning.
6144 count
= wpa_blacklist_add(wpa_s
, bssid
);
6145 if (count
== 1 && wpa_s
->current_bss
) {
6147 * This BSS was not in the blacklist before. If there is
6148 * another BSS available for the same ESS, we should try that
6149 * next. Otherwise, we may as well try this one once more
6150 * before allowing other, likely worse, ESSes to be considered.
6152 freqs
= get_bss_freqs_in_ess(wpa_s
);
6154 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6155 "has been seen; try it next");
6156 wpa_blacklist_add(wpa_s
, bssid
);
6158 * On the next scan, go through only the known channels
6159 * used in this ESS based on previous scans to speed up
6160 * common load balancing use case.
6162 os_free(wpa_s
->next_scan_freqs
);
6163 wpa_s
->next_scan_freqs
= freqs
;
6168 * Add previous failure count in case the temporary blacklist was
6169 * cleared due to no other BSSes being available.
6171 count
+= wpa_s
->extra_blacklist_count
;
6173 if (count
> 3 && wpa_s
->current_ssid
) {
6174 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6175 "consider temporary network disabling");
6176 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6197 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6198 "ms", count
, timeout
);
6201 * TODO: if more than one possible AP is available in scan results,
6202 * could try the other ones before requesting a new scan.
6204 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6205 1000 * (timeout
% 1000));
6209 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6211 return wpa_s
->conf
->ap_scan
== 2 ||
6212 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6216 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6217 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6218 struct wpa_ssid
*ssid
,
6222 #ifdef IEEE8021X_EAPOL
6223 struct eap_peer_config
*eap
= &ssid
->eap
;
6225 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6226 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6227 (const u8
*) value
, os_strlen(value
));
6229 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6230 case WPA_CTRL_REQ_EAP_IDENTITY
:
6231 os_free(eap
->identity
);
6232 eap
->identity
= (u8
*) os_strdup(value
);
6233 eap
->identity_len
= os_strlen(value
);
6234 eap
->pending_req_identity
= 0;
6235 if (ssid
== wpa_s
->current_ssid
)
6236 wpa_s
->reassociate
= 1;
6238 case WPA_CTRL_REQ_EAP_PASSWORD
:
6239 bin_clear_free(eap
->password
, eap
->password_len
);
6240 eap
->password
= (u8
*) os_strdup(value
);
6241 eap
->password_len
= os_strlen(value
);
6242 eap
->pending_req_password
= 0;
6243 if (ssid
== wpa_s
->current_ssid
)
6244 wpa_s
->reassociate
= 1;
6246 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6247 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6248 eap
->new_password
= (u8
*) os_strdup(value
);
6249 eap
->new_password_len
= os_strlen(value
);
6250 eap
->pending_req_new_password
= 0;
6251 if (ssid
== wpa_s
->current_ssid
)
6252 wpa_s
->reassociate
= 1;
6254 case WPA_CTRL_REQ_EAP_PIN
:
6255 str_clear_free(eap
->pin
);
6256 eap
->pin
= os_strdup(value
);
6257 eap
->pending_req_pin
= 0;
6258 if (ssid
== wpa_s
->current_ssid
)
6259 wpa_s
->reassociate
= 1;
6261 case WPA_CTRL_REQ_EAP_OTP
:
6262 bin_clear_free(eap
->otp
, eap
->otp_len
);
6263 eap
->otp
= (u8
*) os_strdup(value
);
6264 eap
->otp_len
= os_strlen(value
);
6265 os_free(eap
->pending_req_otp
);
6266 eap
->pending_req_otp
= NULL
;
6267 eap
->pending_req_otp_len
= 0;
6269 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6270 str_clear_free(eap
->private_key_passwd
);
6271 eap
->private_key_passwd
= os_strdup(value
);
6272 eap
->pending_req_passphrase
= 0;
6273 if (ssid
== wpa_s
->current_ssid
)
6274 wpa_s
->reassociate
= 1;
6276 case WPA_CTRL_REQ_SIM
:
6277 str_clear_free(eap
->external_sim_resp
);
6278 eap
->external_sim_resp
= os_strdup(value
);
6279 eap
->pending_req_sim
= 0;
6281 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6282 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6284 ssid
->mem_only_psk
= 1;
6285 if (ssid
->passphrase
)
6286 wpa_config_update_psk(ssid
);
6287 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6288 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6290 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6291 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6293 if (os_strcmp(value
, "good") == 0)
6294 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6295 else if (os_strcmp(value
, "bad") == 0)
6296 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6301 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6306 #else /* IEEE8021X_EAPOL */
6307 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6309 #endif /* IEEE8021X_EAPOL */
6311 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6314 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6317 unsigned int drv_enc
;
6319 if (wpa_s
->p2p_mgmt
)
6320 return 1; /* no normal network profiles on p2p_mgmt interface */
6328 if (wpa_s
->drv_capa_known
)
6329 drv_enc
= wpa_s
->drv_enc
;
6331 drv_enc
= (unsigned int) -1;
6333 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6334 size_t len
= ssid
->wep_key_len
[i
];
6337 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6339 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6341 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6343 return 1; /* invalid WEP key */
6346 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6347 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6348 !ssid
->mem_only_psk
)
6355 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6357 #ifdef CONFIG_IEEE80211W
6358 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6359 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6360 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6362 * Driver does not support BIP -- ignore pmf=1 default
6363 * since the connection with PMF would fail and the
6364 * configuration does not require PMF to be enabled.
6366 return NO_MGMT_FRAME_PROTECTION
;
6371 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6372 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6374 * Do not use the default PMF value for non-RSN networks
6375 * since PMF is available only with RSN and pmf=2
6376 * configuration would otherwise prevent connections to
6377 * all open networks.
6379 return NO_MGMT_FRAME_PROTECTION
;
6382 return wpa_s
->conf
->pmf
;
6385 return ssid
->ieee80211w
;
6386 #else /* CONFIG_IEEE80211W */
6387 return NO_MGMT_FRAME_PROTECTION
;
6388 #endif /* CONFIG_IEEE80211W */
6392 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6394 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6396 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6402 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6404 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6406 struct os_reltime now
;
6409 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6414 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6417 ssid
->auth_failures
++;
6420 if (ssid
->p2p_group
&&
6421 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6423 * Skip the wait time since there is a short timeout on the
6424 * connection to a P2P group.
6428 #endif /* CONFIG_P2P */
6430 if (ssid
->auth_failures
> 50)
6432 else if (ssid
->auth_failures
> 10)
6434 else if (ssid
->auth_failures
> 5)
6436 else if (ssid
->auth_failures
> 3)
6438 else if (ssid
->auth_failures
> 2)
6440 else if (ssid
->auth_failures
> 1)
6445 if (ssid
->auth_failures
> 1 &&
6446 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6447 dur
+= os_random() % (ssid
->auth_failures
* 10);
6449 os_get_reltime(&now
);
6450 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6453 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6455 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6456 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6457 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6458 ssid
->auth_failures
, dur
, reason
);
6462 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6463 struct wpa_ssid
*ssid
, int clear_failures
)
6468 if (ssid
->disabled_until
.sec
) {
6469 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6470 "id=%d ssid=\"%s\"",
6471 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6473 ssid
->disabled_until
.sec
= 0;
6474 ssid
->disabled_until
.usec
= 0;
6476 ssid
->auth_failures
= 0;
6480 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6484 if (wpa_s
->disallow_aps_bssid
== NULL
)
6487 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6488 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6489 bssid
, ETH_ALEN
) == 0)
6497 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6502 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6505 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6506 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6507 if (ssid_len
== s
->ssid_len
&&
6508 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6517 * wpas_request_connection - Request a new connection
6518 * @wpa_s: Pointer to the network interface
6520 * This function is used to request a new connection to be found. It will mark
6521 * the interface to allow reassociation and request a new scan to find a
6522 * suitable network to connect to.
6524 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6526 wpa_s
->normal_scans
= 0;
6527 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6528 wpa_supplicant_reinit_autoscan(wpa_s
);
6529 wpa_s
->extra_blacklist_count
= 0;
6530 wpa_s
->disconnected
= 0;
6531 wpa_s
->reassociate
= 1;
6533 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6534 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6536 wpa_s
->reattach
= 0;
6541 * wpas_request_disconnection - Request disconnection
6542 * @wpa_s: Pointer to the network interface
6544 * This function is used to request disconnection from the currently connected
6545 * network. This will stop any ongoing scans and initiate deauthentication.
6547 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6550 wpa_s
->sme
.prev_bssid_set
= 0;
6551 #endif /* CONFIG_SME */
6552 wpa_s
->reassociate
= 0;
6553 wpa_s
->disconnected
= 1;
6554 wpa_supplicant_cancel_sched_scan(wpa_s
);
6555 wpa_supplicant_cancel_scan(wpa_s
);
6556 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6557 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6561 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6562 struct wpa_used_freq_data
*freqs_data
,
6567 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6569 for (i
= 0; i
< len
; i
++) {
6570 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6571 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6572 i
, cur
->freq
, cur
->flags
);
6578 * Find the operating frequencies of any of the virtual interfaces that
6579 * are using the same radio as the current interface, and in addition, get
6580 * information about the interface types that are using the frequency.
6582 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6583 struct wpa_used_freq_data
*freqs_data
,
6586 struct wpa_supplicant
*ifs
;
6589 unsigned int idx
= 0, i
;
6591 wpa_dbg(wpa_s
, MSG_DEBUG
,
6592 "Determining shared radio frequencies (max len %u)", len
);
6593 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6595 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6600 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6603 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6604 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6605 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6606 freq
= ifs
->current_ssid
->frequency
;
6607 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6608 freq
= ifs
->assoc_freq
;
6612 /* Hold only distinct freqs */
6613 for (i
= 0; i
< idx
; i
++)
6614 if (freqs_data
[i
].freq
== freq
)
6618 freqs_data
[idx
++].freq
= freq
;
6620 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6621 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6622 WPA_FREQ_USED_BY_P2P_CLIENT
:
6623 WPA_FREQ_USED_BY_INFRA_STATION
;
6627 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6633 * Find the operating frequencies of any of the virtual interfaces that
6634 * are using the same radio as the current interface.
6636 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6637 int *freq_array
, unsigned int len
)
6639 struct wpa_used_freq_data
*freqs_data
;
6642 os_memset(freq_array
, 0, sizeof(int) * len
);
6644 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6648 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6649 for (i
= 0; i
< num
; i
++)
6650 freq_array
[i
] = freqs_data
[i
].freq
;
6652 os_free(freqs_data
);
6658 struct wpa_supplicant
*
6659 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
6663 case VENDOR_ELEM_PROBE_REQ_P2P
:
6664 case VENDOR_ELEM_PROBE_RESP_P2P
:
6665 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
6666 case VENDOR_ELEM_BEACON_P2P_GO
:
6667 case VENDOR_ELEM_P2P_PD_REQ
:
6668 case VENDOR_ELEM_P2P_PD_RESP
:
6669 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
6670 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
6671 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
6672 case VENDOR_ELEM_P2P_INV_REQ
:
6673 case VENDOR_ELEM_P2P_INV_RESP
:
6674 case VENDOR_ELEM_P2P_ASSOC_REQ
:
6675 case VENDOR_ELEM_P2P_ASSOC_RESP
:
6676 return wpa_s
->p2pdev
;
6677 #endif /* CONFIG_P2P */
6684 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
6689 wpa_printf(MSG_DEBUG
, "Update vendor elements");
6691 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
6692 if (wpa_s
->vendor_elem
[i
]) {
6695 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
6696 if (!os_snprintf_error(sizeof(buf
), res
)) {
6697 wpa_hexdump_buf(MSG_DEBUG
, buf
,
6698 wpa_s
->vendor_elem
[i
]);
6704 if (wpa_s
->parent
== wpa_s
&&
6705 wpa_s
->global
->p2p
&&
6706 !wpa_s
->global
->p2p_disabled
)
6707 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
6708 #endif /* CONFIG_P2P */
6712 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
6713 const u8
*elem
, size_t len
)
6717 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
6718 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
6720 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
6723 if (os_memcmp(ie
, elem
, len
) != 0)
6726 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
6727 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
6728 wpa_s
->vendor_elem
[frame
] = NULL
;
6730 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
6731 wpa_s
->vendor_elem
[frame
]->used
-= len
;
6733 wpas_vendor_elem_update(wpa_s
);
6741 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
6742 u16 num_modes
, enum hostapd_hw_mode mode
)
6746 for (i
= 0; i
< num_modes
; i
++) {
6747 if (modes
[i
].mode
== mode
)
6756 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
6759 struct wpa_bss_tmp_disallowed
*bss
;
6761 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
6762 struct wpa_bss_tmp_disallowed
, list
) {
6763 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
6771 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
6773 struct wpa_bss_tmp_disallowed
*tmp
;
6774 unsigned int num_bssid
= 0;
6778 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
6781 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
6782 struct wpa_bss_tmp_disallowed
, list
) {
6783 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
6787 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
6793 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
6795 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
6796 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
6798 /* Make sure the bss is not already freed */
6799 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
6800 struct wpa_bss_tmp_disallowed
, list
) {
6802 dl_list_del(&tmp
->list
);
6804 wpa_set_driver_tmp_disallow_list(wpa_s
);
6811 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
6814 struct wpa_bss_tmp_disallowed
*bss
;
6816 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
6818 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
6819 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
6824 bss
= os_malloc(sizeof(*bss
));
6826 wpa_printf(MSG_DEBUG
,
6827 "Failed to allocate memory for temp disallow BSS");
6831 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
6832 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
6833 wpa_set_driver_tmp_disallow_list(wpa_s
);
6834 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
6839 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6841 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
6843 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
6844 struct wpa_bss_tmp_disallowed
, list
) {
6845 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {