3 * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
125 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 /* Configure default/group WEP keys for static WEP */
129 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
133 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
134 if (ssid
->wep_key_len
[i
] == 0)
138 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
139 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
140 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
147 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
)
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
159 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
160 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
165 if (!ssid
->psk_set
) {
166 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
171 switch (wpa_s
->group_cipher
) {
172 case WPA_CIPHER_CCMP
:
173 os_memcpy(key
, ssid
->psk
, 16);
177 case WPA_CIPHER_GCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_TKIP
:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key
, ssid
->psk
, 16 + 8);
185 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
190 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s
->group_cipher
);
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
198 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
199 os_memset(key
, 0, sizeof(key
));
204 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
206 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
207 const u8
*bssid
= wpa_s
->bssid
;
208 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
209 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
210 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
211 bssid
= wpa_s
->pending_bssid
;
212 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
214 wpa_blacklist_add(wpa_s
, bssid
);
215 wpa_sm_notify_disassoc(wpa_s
->wpa
);
216 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
217 wpa_s
->reassociate
= 1;
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
223 wpa_supplicant_req_scan(wpa_s
, 1, 0);
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
233 * This function is used to schedule a timeout for the current authentication
236 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
239 if (wpa_s
->conf
->ap_scan
== 0 &&
240 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
243 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
244 "%d usec", sec
, usec
);
245 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
246 wpa_s
->last_auth_timeout_sec
= sec
;
247 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
256 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
258 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
261 wpa_dbg(wpa_s
, MSG_DEBUG
,
262 "Authentication timeout restart: %d sec", new_sec
);
263 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
264 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
278 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
280 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
282 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
283 os_free(wpa_s
->last_con_fail_realm
);
284 wpa_s
->last_con_fail_realm
= NULL
;
285 wpa_s
->last_con_fail_realm_len
= 0;
290 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
291 * @wpa_s: Pointer to wpa_supplicant data
293 * This function is used to configure EAPOL state machine based on the selected
294 * authentication mode.
296 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
298 #ifdef IEEE8021X_EAPOL
299 struct eapol_config eapol_conf
;
300 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
302 #ifdef CONFIG_IBSS_RSN
303 if (ssid
->mode
== WPAS_MODE_IBSS
&&
304 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
305 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
307 * RSN IBSS authentication is per-STA and we can disable the
308 * per-BSSID EAPOL authentication.
310 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
311 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
312 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
315 #endif /* CONFIG_IBSS_RSN */
317 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
318 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
321 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
322 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
324 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
326 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
327 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
328 eapol_conf
.accept_802_1x_keys
= 1;
329 eapol_conf
.required_keys
= 0;
330 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
331 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
333 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
334 eapol_conf
.required_keys
|=
335 EAPOL_REQUIRE_KEY_BROADCAST
;
338 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
339 eapol_conf
.required_keys
= 0;
341 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
342 eapol_conf
.workaround
= ssid
->eap_workaround
;
343 eapol_conf
.eap_disabled
=
344 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
345 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
346 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
347 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
350 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
351 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
352 if (wpa_s
->current_bss
) {
354 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
359 EAPOL_PEER_IS_WPS20_AP
;
364 #endif /* CONFIG_WPS */
366 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
369 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
370 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
372 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
373 #endif /* CONFIG_MACSEC */
374 #endif /* IEEE8021X_EAPOL */
379 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
380 * @wpa_s: Pointer to wpa_supplicant data
381 * @ssid: Configuration data for the network
383 * This function is used to configure WPA state machine and related parameters
384 * to a mode where WPA is not enabled. This is called as part of the
385 * authentication configuration when the selected network does not use WPA.
387 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
388 struct wpa_ssid
*ssid
)
392 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
393 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
394 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
397 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
398 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
399 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
400 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
401 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
402 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
403 wpa_s
->mgmt_group_cipher
= 0;
405 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
406 if (ssid
->wep_key_len
[i
] > 5) {
407 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
408 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
410 } else if (ssid
->wep_key_len
[i
] > 0) {
411 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
412 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
417 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
418 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
419 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
420 wpa_s
->pairwise_cipher
);
421 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
422 #ifdef CONFIG_IEEE80211W
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
424 wpa_s
->mgmt_group_cipher
);
425 #endif /* CONFIG_IEEE80211W */
427 pmksa_cache_clear_current(wpa_s
->wpa
);
431 void free_hw_features(struct wpa_supplicant
*wpa_s
)
434 if (wpa_s
->hw
.modes
== NULL
)
437 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
438 os_free(wpa_s
->hw
.modes
[i
].channels
);
439 os_free(wpa_s
->hw
.modes
[i
].rates
);
442 os_free(wpa_s
->hw
.modes
);
443 wpa_s
->hw
.modes
= NULL
;
447 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
449 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
451 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
452 struct wpa_bss_tmp_disallowed
, list
) {
453 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
454 dl_list_del(&bss
->list
);
460 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
462 struct fils_hlp_req
*req
;
464 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
466 dl_list_del(&req
->list
);
467 wpabuf_free(req
->pkt
);
473 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
477 bgscan_deinit(wpa_s
);
478 autoscan_deinit(wpa_s
);
479 scard_deinit(wpa_s
->scard
);
481 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
482 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
483 l2_packet_deinit(wpa_s
->l2
);
486 l2_packet_deinit(wpa_s
->l2_br
);
489 #ifdef CONFIG_TESTING_OPTIONS
490 l2_packet_deinit(wpa_s
->l2_test
);
491 wpa_s
->l2_test
= NULL
;
492 os_free(wpa_s
->get_pref_freq_list_override
);
493 wpa_s
->get_pref_freq_list_override
= NULL
;
494 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
495 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
496 #endif /* CONFIG_TESTING_OPTIONS */
498 if (wpa_s
->conf
!= NULL
) {
499 struct wpa_ssid
*ssid
;
500 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
501 wpas_notify_network_removed(wpa_s
, ssid
);
504 os_free(wpa_s
->confname
);
505 wpa_s
->confname
= NULL
;
507 os_free(wpa_s
->confanother
);
508 wpa_s
->confanother
= NULL
;
510 os_free(wpa_s
->last_con_fail_realm
);
511 wpa_s
->last_con_fail_realm
= NULL
;
512 wpa_s
->last_con_fail_realm_len
= 0;
514 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
515 eapol_sm_deinit(wpa_s
->eapol
);
518 rsn_preauth_deinit(wpa_s
->wpa
);
521 wpa_tdls_deinit(wpa_s
->wpa
);
522 #endif /* CONFIG_TDLS */
524 wmm_ac_clear_saved_tspecs(wpa_s
);
525 pmksa_candidate_free(wpa_s
->wpa
);
526 wpa_sm_deinit(wpa_s
->wpa
);
528 wpa_blacklist_clear(wpa_s
);
530 wpa_bss_deinit(wpa_s
);
532 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
533 wpa_supplicant_cancel_scan(wpa_s
);
534 wpa_supplicant_cancel_auth_timeout(wpa_s
);
535 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
536 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
537 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
539 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
541 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
543 wpas_wps_deinit(wpa_s
);
545 wpabuf_free(wpa_s
->pending_eapol_rx
);
546 wpa_s
->pending_eapol_rx
= NULL
;
548 #ifdef CONFIG_IBSS_RSN
549 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
550 wpa_s
->ibss_rsn
= NULL
;
551 #endif /* CONFIG_IBSS_RSN */
556 wpa_supplicant_ap_deinit(wpa_s
);
557 #endif /* CONFIG_AP */
559 wpas_p2p_deinit(wpa_s
);
561 #ifdef CONFIG_OFFCHANNEL
562 offchannel_deinit(wpa_s
);
563 #endif /* CONFIG_OFFCHANNEL */
565 wpa_supplicant_cancel_sched_scan(wpa_s
);
567 os_free(wpa_s
->next_scan_freqs
);
568 wpa_s
->next_scan_freqs
= NULL
;
570 os_free(wpa_s
->manual_scan_freqs
);
571 wpa_s
->manual_scan_freqs
= NULL
;
572 os_free(wpa_s
->select_network_scan_freqs
);
573 wpa_s
->select_network_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_sched_scan_freqs
);
576 wpa_s
->manual_sched_scan_freqs
= NULL
;
578 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
581 * Need to remove any pending gas-query radio work before the
582 * gas_query_deinit() call because gas_query::work has not yet been set
583 * for works that have not been started. gas_query_free() will be unable
584 * to cancel such pending radio works and once the pending gas-query
585 * radio work eventually gets removed, the deinit notification call to
586 * gas_query_start_cb() would result in dereferencing freed memory.
589 radio_remove_works(wpa_s
, "gas-query", 0);
590 gas_query_deinit(wpa_s
->gas
);
592 gas_server_deinit(wpa_s
->gas_server
);
593 wpa_s
->gas_server
= NULL
;
595 free_hw_features(wpa_s
);
597 ieee802_1x_dealloc_kay_sm(wpa_s
);
599 os_free(wpa_s
->bssid_filter
);
600 wpa_s
->bssid_filter
= NULL
;
602 os_free(wpa_s
->disallow_aps_bssid
);
603 wpa_s
->disallow_aps_bssid
= NULL
;
604 os_free(wpa_s
->disallow_aps_ssid
);
605 wpa_s
->disallow_aps_ssid
= NULL
;
607 wnm_bss_keep_alive_deinit(wpa_s
);
609 wnm_deallocate_memory(wpa_s
);
610 #endif /* CONFIG_WNM */
612 ext_password_deinit(wpa_s
->ext_pw
);
613 wpa_s
->ext_pw
= NULL
;
615 wpabuf_free(wpa_s
->last_gas_resp
);
616 wpa_s
->last_gas_resp
= NULL
;
617 wpabuf_free(wpa_s
->prev_gas_resp
);
618 wpa_s
->prev_gas_resp
= NULL
;
620 os_free(wpa_s
->last_scan_res
);
621 wpa_s
->last_scan_res
= NULL
;
625 wpa_drv_configure_frame_filters(wpa_s
, 0);
627 #endif /* CONFIG_HS20 */
629 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
630 wpabuf_free(wpa_s
->vendor_elem
[i
]);
631 wpa_s
->vendor_elem
[i
] = NULL
;
634 wmm_ac_notify_disassoc(wpa_s
);
636 wpa_s
->sched_scan_plans_num
= 0;
637 os_free(wpa_s
->sched_scan_plans
);
638 wpa_s
->sched_scan_plans
= NULL
;
641 wpa_s
->non_pref_chan_num
= 0;
642 os_free(wpa_s
->non_pref_chan
);
643 wpa_s
->non_pref_chan
= NULL
;
644 #endif /* CONFIG_MBO */
646 free_bss_tmp_disallowed(wpa_s
);
648 wpabuf_free(wpa_s
->lci
);
650 wpas_clear_beacon_rep_data(wpa_s
);
652 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
655 struct external_pmksa_cache
*entry
;
657 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
658 struct external_pmksa_cache
,
660 dl_list_del(&entry
->list
);
661 os_free(entry
->pmksa_cache
);
665 #endif /* CONFIG_MESH */
666 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
668 wpas_flush_fils_hlp_req(wpa_s
);
670 wpabuf_free(wpa_s
->ric_ies
);
671 wpa_s
->ric_ies
= NULL
;
674 wpas_dpp_deinit(wpa_s
);
675 #endif /* CONFIG_DPP */
680 * wpa_clear_keys - Clear keys configured for the driver
681 * @wpa_s: Pointer to wpa_supplicant data
682 * @addr: Previously used BSSID or %NULL if not available
684 * This function clears the encryption keys that has been previously configured
687 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
691 #ifdef CONFIG_IEEE80211W
693 #else /* CONFIG_IEEE80211W */
695 #endif /* CONFIG_IEEE80211W */
697 /* MLME-DELETEKEYS.request */
698 for (i
= 0; i
< max
; i
++) {
699 if (wpa_s
->keys_cleared
& BIT(i
))
701 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
704 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
705 !is_zero_ether_addr(addr
)) {
706 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
708 /* MLME-SETPROTECTION.request(None) */
709 wpa_drv_mlme_setprotection(
711 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
712 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
714 wpa_s
->keys_cleared
= (u32
) -1;
719 * wpa_supplicant_state_txt - Get the connection state name as a text string
720 * @state: State (wpa_state; WPA_*)
721 * Returns: The state name as a printable text string
723 const char * wpa_supplicant_state_txt(enum wpa_states state
)
726 case WPA_DISCONNECTED
:
727 return "DISCONNECTED";
730 case WPA_INTERFACE_DISABLED
:
731 return "INTERFACE_DISABLED";
734 case WPA_AUTHENTICATING
:
735 return "AUTHENTICATING";
736 case WPA_ASSOCIATING
:
737 return "ASSOCIATING";
740 case WPA_4WAY_HANDSHAKE
:
741 return "4WAY_HANDSHAKE";
742 case WPA_GROUP_HANDSHAKE
:
743 return "GROUP_HANDSHAKE";
754 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
758 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
759 name
= wpa_s
->current_ssid
->bgscan
;
761 name
= wpa_s
->conf
->bgscan
;
762 if (name
== NULL
|| name
[0] == '\0')
764 if (wpas_driver_bss_selection(wpa_s
))
766 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
769 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
771 #endif /* CONFIG_P2P */
773 bgscan_deinit(wpa_s
);
774 if (wpa_s
->current_ssid
) {
775 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
776 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
779 * Live without bgscan; it is only used as a roaming
780 * optimization, so the initial connection is not
784 struct wpa_scan_results
*scan_res
;
785 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
786 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
789 bgscan_notify_scan(wpa_s
, scan_res
);
790 wpa_scan_results_free(scan_res
);
794 wpa_s
->bgscan_ssid
= NULL
;
798 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
800 if (wpa_s
->bgscan_ssid
!= NULL
) {
801 bgscan_deinit(wpa_s
);
802 wpa_s
->bgscan_ssid
= NULL
;
806 #endif /* CONFIG_BGSCAN */
809 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
811 if (autoscan_init(wpa_s
, 0))
812 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
816 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
818 autoscan_deinit(wpa_s
);
822 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
824 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
825 wpa_s
->wpa_state
== WPA_SCANNING
) {
826 autoscan_deinit(wpa_s
);
827 wpa_supplicant_start_autoscan(wpa_s
);
833 * wpa_supplicant_set_state - Set current connection state
834 * @wpa_s: Pointer to wpa_supplicant data
835 * @state: The new connection state
837 * This function is called whenever the connection state changes, e.g.,
838 * association is completed for WPA/WPA2 4-Way Handshake is started.
840 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
841 enum wpa_states state
)
843 enum wpa_states old_state
= wpa_s
->wpa_state
;
845 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
846 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
847 wpa_supplicant_state_txt(state
));
849 if (state
== WPA_INTERFACE_DISABLED
) {
850 /* Assure normal scan when interface is restored */
851 wpa_s
->normal_scans
= 0;
854 if (state
== WPA_COMPLETED
) {
855 wpas_connect_work_done(wpa_s
);
856 /* Reinitialize normal_scan counter */
857 wpa_s
->normal_scans
= 0;
862 * P2PS client has to reply to Probe Request frames received on the
863 * group operating channel. Enable Probe Request frame reporting for
864 * P2P connected client in case p2p_cli_probe configuration property is
867 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
868 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
869 wpa_s
->current_ssid
->p2p_group
) {
870 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
871 wpa_dbg(wpa_s
, MSG_DEBUG
,
872 "P2P: Enable CLI Probe Request RX reporting");
873 wpa_s
->p2p_cli_probe
=
874 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
875 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
876 wpa_dbg(wpa_s
, MSG_DEBUG
,
877 "P2P: Disable CLI Probe Request RX reporting");
878 wpa_s
->p2p_cli_probe
= 0;
879 wpa_drv_probe_req_report(wpa_s
, 0);
882 #endif /* CONFIG_P2P */
884 if (state
!= WPA_SCANNING
)
885 wpa_supplicant_notify_scanning(wpa_s
, 0);
887 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
888 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
889 int fils_hlp_sent
= 0;
892 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
893 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
895 #endif /* CONFIG_SME */
896 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
897 wpa_auth_alg_fils(wpa_s
->auth_alg
))
900 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
901 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
902 MACSTR
" completed [id=%d id_str=%s%s]",
903 MAC2STR(wpa_s
->bssid
),
904 ssid
? ssid
->id
: -1,
905 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
906 fils_hlp_sent
? " FILS_HLP_SENT" : "");
907 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
908 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
909 wpa_blacklist_clear(wpa_s
);
910 wpa_s
->extra_blacklist_count
= 0;
911 wpa_s
->new_connection
= 0;
912 wpa_drv_set_operstate(wpa_s
, 1);
913 #ifndef IEEE8021X_EAPOL
914 wpa_drv_set_supp_port(wpa_s
, 1);
915 #endif /* IEEE8021X_EAPOL */
916 wpa_s
->after_wps
= 0;
917 wpa_s
->known_wps_freq
= 0;
918 wpas_p2p_completed(wpa_s
);
920 sme_sched_obss_scan(wpa_s
, 1);
922 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
923 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
924 wpas_update_fils_connect_params(wpa_s
);
925 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
926 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
927 state
== WPA_ASSOCIATED
) {
928 wpa_s
->new_connection
= 1;
929 wpa_drv_set_operstate(wpa_s
, 0);
930 #ifndef IEEE8021X_EAPOL
931 wpa_drv_set_supp_port(wpa_s
, 0);
932 #endif /* IEEE8021X_EAPOL */
933 sme_sched_obss_scan(wpa_s
, 0);
935 wpa_s
->wpa_state
= state
;
938 if (state
== WPA_COMPLETED
)
939 wpa_supplicant_start_bgscan(wpa_s
);
940 else if (state
< WPA_ASSOCIATED
)
941 wpa_supplicant_stop_bgscan(wpa_s
);
942 #endif /* CONFIG_BGSCAN */
944 if (state
== WPA_AUTHENTICATING
)
945 wpa_supplicant_stop_autoscan(wpa_s
);
947 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
948 wpa_supplicant_start_autoscan(wpa_s
);
950 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
951 wmm_ac_notify_disassoc(wpa_s
);
953 if (wpa_s
->wpa_state
!= old_state
) {
954 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
957 * Notify the P2P Device interface about a state change in one
960 wpas_p2p_indicate_state_change(wpa_s
);
962 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
963 old_state
== WPA_COMPLETED
)
964 wpas_notify_auth_changed(wpa_s
);
969 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
973 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
975 struct wpa_supplicant
*next
= wpa_s
->next
;
976 if (wpas_wps_terminate_pending(wpa_s
) == 1)
979 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
980 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
981 wpas_p2p_disconnect(wpa_s
);
982 #endif /* CONFIG_P2P */
985 #endif /* CONFIG_WPS */
992 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
994 struct wpa_global
*global
= signal_ctx
;
995 wpa_supplicant_terminate_proc(global
);
999 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1001 enum wpa_states old_state
= wpa_s
->wpa_state
;
1003 wpa_s
->pairwise_cipher
= 0;
1004 wpa_s
->group_cipher
= 0;
1005 wpa_s
->mgmt_group_cipher
= 0;
1006 wpa_s
->key_mgmt
= 0;
1007 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1008 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1010 if (wpa_s
->wpa_state
!= old_state
)
1011 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1016 * wpa_supplicant_reload_configuration - Reload configuration data
1017 * @wpa_s: Pointer to wpa_supplicant data
1018 * Returns: 0 on success or -1 if configuration parsing failed
1020 * This function can be used to request that the configuration data is reloaded
1021 * (e.g., after configuration file change). This function is reloading
1022 * configuration only for one interface, so this may need to be called multiple
1023 * times if %wpa_supplicant is controlling multiple interfaces and all
1024 * interfaces need reconfiguration.
1026 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1028 struct wpa_config
*conf
;
1032 if (wpa_s
->confname
== NULL
)
1034 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1036 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1037 "file '%s' - exiting", wpa_s
->confname
);
1040 if (wpa_s
->confanother
&&
1041 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1042 wpa_msg(wpa_s
, MSG_ERROR
,
1043 "Failed to parse the configuration file '%s' - exiting",
1044 wpa_s
->confanother
);
1048 conf
->changed_parameters
= (unsigned int) -1;
1050 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1051 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1052 os_strcmp(conf
->ctrl_interface
,
1053 wpa_s
->conf
->ctrl_interface
) != 0);
1055 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1056 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1057 wpa_s
->ctrl_iface
= NULL
;
1060 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1061 if (wpa_s
->current_ssid
) {
1062 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1063 wpa_s
->own_disconnect_req
= 1;
1064 wpa_supplicant_deauthenticate(wpa_s
,
1065 WLAN_REASON_DEAUTH_LEAVING
);
1069 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1070 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1072 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1073 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1074 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1076 * Clear forced success to clear EAP state for next
1079 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1081 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1082 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1083 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1084 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1085 rsn_preauth_deinit(wpa_s
->wpa
);
1087 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1088 wpa_config_free(wpa_s
->conf
);
1090 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1091 wpas_notify_ap_scan_changed(wpa_s
);
1094 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1096 wpa_supplicant_update_config(wpa_s
);
1098 wpa_supplicant_clear_status(wpa_s
);
1099 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1100 wpa_s
->reassociate
= 1;
1101 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1103 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1108 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1110 struct wpa_global
*global
= signal_ctx
;
1111 struct wpa_supplicant
*wpa_s
;
1112 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1113 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1115 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1116 wpa_supplicant_terminate_proc(global
);
1120 if (wpa_debug_reopen_file() < 0) {
1121 /* Ignore errors since we cannot really do much to fix this */
1122 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1127 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1128 struct wpa_ssid
*ssid
,
1129 struct wpa_ie_data
*ie
)
1131 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1134 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1135 "from association info");
1140 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1142 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1143 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1144 "cipher 0x%x (mask 0x%x) - reject",
1145 ie
->group_cipher
, ssid
->group_cipher
);
1148 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1149 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1150 "cipher 0x%x (mask 0x%x) - reject",
1151 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1154 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1155 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1156 "management 0x%x (mask 0x%x) - reject",
1157 ie
->key_mgmt
, ssid
->key_mgmt
);
1161 #ifdef CONFIG_IEEE80211W
1162 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1163 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1164 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1165 "that does not support management frame protection - "
1169 #endif /* CONFIG_IEEE80211W */
1176 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1177 * @wpa_s: Pointer to wpa_supplicant data
1178 * @bss: Scan results for the selected BSS, or %NULL if not available
1179 * @ssid: Configuration data for the selected network
1180 * @wpa_ie: Buffer for the WPA/RSN IE
1181 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1182 * used buffer length in case the functions returns success.
1183 * Returns: 0 on success or -1 on failure
1185 * This function is used to configure authentication and encryption parameters
1186 * based on the network configuration and scan result for the selected BSS (if
1189 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1190 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1191 u8
*wpa_ie
, size_t *wpa_ie_len
)
1193 struct wpa_ie_data ie
;
1195 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1198 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1199 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1200 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1202 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1204 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1205 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1206 (ie
.group_cipher
& ssid
->group_cipher
) &&
1207 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1208 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1209 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1210 proto
= WPA_PROTO_RSN
;
1211 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1212 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1213 (ie
.group_cipher
& ssid
->group_cipher
) &&
1214 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1215 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1216 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1217 proto
= WPA_PROTO_WPA
;
1219 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1220 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1221 (ie
.group_cipher
& ssid
->group_cipher
) &&
1222 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1223 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1224 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1225 proto
= WPA_PROTO_OSEN
;
1226 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1227 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1228 (ie
.group_cipher
& ssid
->group_cipher
) &&
1229 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1230 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1231 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1232 proto
= WPA_PROTO_RSN
;
1233 #endif /* CONFIG_HS20 */
1235 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1236 wpa_dbg(wpa_s
, MSG_DEBUG
,
1237 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1238 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1240 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1241 MAC2STR(bss
->bssid
),
1242 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1243 bss_wpa
? " WPA" : "",
1244 bss_rsn
? " RSN" : "",
1245 bss_osen
? " OSEN" : "");
1247 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1248 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1249 wpa_dbg(wpa_s
, MSG_DEBUG
,
1250 "Could not parse RSN element");
1252 wpa_dbg(wpa_s
, MSG_DEBUG
,
1253 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1254 ie
.pairwise_cipher
, ie
.group_cipher
,
1259 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1260 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1261 wpa_dbg(wpa_s
, MSG_DEBUG
,
1262 "Could not parse WPA element");
1264 wpa_dbg(wpa_s
, MSG_DEBUG
,
1265 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1266 ie
.pairwise_cipher
, ie
.group_cipher
,
1272 if (ssid
->proto
& WPA_PROTO_OSEN
)
1273 proto
= WPA_PROTO_OSEN
;
1274 else if (ssid
->proto
& WPA_PROTO_RSN
)
1275 proto
= WPA_PROTO_RSN
;
1277 proto
= WPA_PROTO_WPA
;
1278 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1279 os_memset(&ie
, 0, sizeof(ie
));
1280 ie
.group_cipher
= ssid
->group_cipher
;
1281 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1282 ie
.key_mgmt
= ssid
->key_mgmt
;
1283 #ifdef CONFIG_IEEE80211W
1284 ie
.mgmt_group_cipher
= 0;
1285 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1286 if (ssid
->group_mgmt_cipher
&
1287 WPA_CIPHER_BIP_GMAC_256
)
1288 ie
.mgmt_group_cipher
=
1289 WPA_CIPHER_BIP_GMAC_256
;
1290 else if (ssid
->group_mgmt_cipher
&
1291 WPA_CIPHER_BIP_CMAC_256
)
1292 ie
.mgmt_group_cipher
=
1293 WPA_CIPHER_BIP_CMAC_256
;
1294 else if (ssid
->group_mgmt_cipher
&
1295 WPA_CIPHER_BIP_GMAC_128
)
1296 ie
.mgmt_group_cipher
=
1297 WPA_CIPHER_BIP_GMAC_128
;
1299 ie
.mgmt_group_cipher
=
1300 WPA_CIPHER_AES_128_CMAC
;
1302 #endif /* CONFIG_IEEE80211W */
1304 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1306 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1307 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1308 wpa_s
->wpa_proto
= 0;
1312 #endif /* CONFIG_OWE */
1313 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1314 "based on configuration");
1319 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1320 "pairwise %d key_mgmt %d proto %d",
1321 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1322 #ifdef CONFIG_IEEE80211W
1323 if (ssid
->ieee80211w
) {
1324 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1325 ie
.mgmt_group_cipher
);
1327 #endif /* CONFIG_IEEE80211W */
1329 wpa_s
->wpa_proto
= proto
;
1330 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1331 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1332 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1334 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1335 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1336 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1337 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1338 bss_rsn
? 2 + bss_rsn
[1] : 0))
1342 #ifdef CONFIG_NO_WPA
1343 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1344 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1345 #else /* CONFIG_NO_WPA */
1346 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1347 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1348 if (wpa_s
->group_cipher
< 0) {
1349 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1353 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1354 wpa_cipher_txt(wpa_s
->group_cipher
));
1356 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1357 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1358 if (wpa_s
->pairwise_cipher
< 0) {
1359 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1363 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1364 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1365 #endif /* CONFIG_NO_WPA */
1367 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1369 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1370 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1371 #endif /* CONFIG_SAE */
1373 #ifdef CONFIG_SUITEB192
1374 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1375 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1376 wpa_dbg(wpa_s
, MSG_DEBUG
,
1377 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1378 #endif /* CONFIG_SUITEB192 */
1379 #ifdef CONFIG_SUITEB
1380 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1381 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1382 wpa_dbg(wpa_s
, MSG_DEBUG
,
1383 "WPA: using KEY_MGMT 802.1X with Suite B");
1384 #endif /* CONFIG_SUITEB */
1386 #ifdef CONFIG_IEEE80211R
1387 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1388 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1389 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1390 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1391 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1392 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1393 #endif /* CONFIG_IEEE80211R */
1394 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1396 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1397 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1399 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1400 #endif /* CONFIG_FILS */
1401 #ifdef CONFIG_IEEE80211R
1402 #ifdef CONFIG_SHA384
1403 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) {
1404 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1405 wpa_dbg(wpa_s
, MSG_DEBUG
,
1406 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1407 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1408 /* PMKSA caching with FT is not fully functional, so
1409 * disable the case for now. */
1410 wpa_dbg(wpa_s
, MSG_DEBUG
,
1411 "WPA: Disable PMKSA caching for FT/802.1X connection");
1412 pmksa_cache_clear_current(wpa_s
->wpa
);
1414 #endif /* CONFIG_SHA384 */
1415 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1416 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1417 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1418 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1419 /* PMKSA caching with FT is not fully functional, so
1420 * disable the case for now. */
1421 wpa_dbg(wpa_s
, MSG_DEBUG
,
1422 "WPA: Disable PMKSA caching for FT/802.1X connection");
1423 pmksa_cache_clear_current(wpa_s
->wpa
);
1425 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1426 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1427 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1428 #endif /* CONFIG_IEEE80211R */
1430 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1431 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1432 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1433 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1434 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1435 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1436 #endif /* CONFIG_SAE */
1437 #ifdef CONFIG_IEEE80211W
1438 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1439 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1440 wpa_dbg(wpa_s
, MSG_DEBUG
,
1441 "WPA: using KEY_MGMT 802.1X with SHA256");
1442 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1443 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1444 wpa_dbg(wpa_s
, MSG_DEBUG
,
1445 "WPA: using KEY_MGMT PSK with SHA256");
1446 #endif /* CONFIG_IEEE80211W */
1447 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1448 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1449 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1450 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1451 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1452 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1453 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1454 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1455 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1457 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1458 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1459 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1460 #endif /* CONFIG_HS20 */
1462 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1463 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1464 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1465 #endif /* CONFIG_OWE */
1467 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1468 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1469 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1470 #endif /* CONFIG_DPP */
1472 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1473 "authenticated key management type");
1477 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1478 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1479 wpa_s
->pairwise_cipher
);
1480 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1482 #ifdef CONFIG_IEEE80211W
1483 sel
= ie
.mgmt_group_cipher
;
1484 if (ssid
->group_mgmt_cipher
)
1485 sel
&= ssid
->group_mgmt_cipher
;
1486 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1487 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1489 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1490 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1491 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1493 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1494 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1495 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1497 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1498 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1499 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1501 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1502 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1503 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1506 wpa_s
->mgmt_group_cipher
= 0;
1507 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1509 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1510 wpa_s
->mgmt_group_cipher
);
1511 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1512 wpas_get_ssid_pmf(wpa_s
, ssid
));
1513 #endif /* CONFIG_IEEE80211W */
1515 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1516 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1520 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1524 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1525 WPA_KEY_MGMT_FT_PSK
|
1526 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1528 if (ssid
->psk_set
&& !sae_only
) {
1529 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1530 ssid
->psk
, PMK_LEN
);
1531 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1536 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1537 (ssid
->sae_password
|| ssid
->passphrase
))
1540 #ifndef CONFIG_NO_PBKDF2
1541 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1542 ssid
->passphrase
&& !sae_only
) {
1544 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1545 4096, psk
, PMK_LEN
);
1546 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1548 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1550 os_memset(psk
, 0, sizeof(psk
));
1552 #endif /* CONFIG_NO_PBKDF2 */
1553 #ifdef CONFIG_EXT_PASSWORD
1554 if (ssid
->ext_psk
&& !sae_only
) {
1555 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1557 char pw_str
[64 + 1];
1561 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1562 "found from external storage");
1566 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1567 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1568 "PSK length %d in external storage",
1569 (int) wpabuf_len(pw
));
1570 ext_password_free(pw
);
1574 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1575 pw_str
[wpabuf_len(pw
)] = '\0';
1577 #ifndef CONFIG_NO_PBKDF2
1578 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1580 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1581 4096, psk
, PMK_LEN
);
1582 os_memset(pw_str
, 0, sizeof(pw_str
));
1583 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1584 "external passphrase)",
1586 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1589 os_memset(psk
, 0, sizeof(psk
));
1591 #endif /* CONFIG_NO_PBKDF2 */
1592 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1593 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1594 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1595 "Invalid PSK hex string");
1596 os_memset(pw_str
, 0, sizeof(pw_str
));
1597 ext_password_free(pw
);
1600 wpa_hexdump_key(MSG_MSGDUMP
,
1601 "PSK (from external PSK)",
1603 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1606 os_memset(psk
, 0, sizeof(psk
));
1608 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1610 os_memset(pw_str
, 0, sizeof(pw_str
));
1611 ext_password_free(pw
);
1615 os_memset(pw_str
, 0, sizeof(pw_str
));
1616 ext_password_free(pw
);
1618 #endif /* CONFIG_EXT_PASSWORD */
1621 wpa_msg(wpa_s
, MSG_INFO
,
1622 "No PSK available for association");
1623 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1627 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1628 /* OWE Diffie-Hellman exchange in (Re)Association
1629 * Request/Response frames set the PMK, so do not override it
1631 #endif /* CONFIG_OWE */
1633 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1639 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1644 case 0: /* Bits 0-7 */
1646 case 1: /* Bits 8-15 */
1647 if (wpa_s
->conf
->coloc_intf_reporting
) {
1648 /* Bit 13 - Collocated Interference Reporting */
1652 case 2: /* Bits 16-23 */
1654 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1655 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1656 #endif /* CONFIG_WNM */
1658 case 3: /* Bits 24-31 */
1660 *pos
|= 0x02; /* Bit 25 - SSID List */
1661 #endif /* CONFIG_WNM */
1662 #ifdef CONFIG_INTERWORKING
1663 if (wpa_s
->conf
->interworking
)
1664 *pos
|= 0x80; /* Bit 31 - Interworking */
1665 #endif /* CONFIG_INTERWORKING */
1667 case 4: /* Bits 32-39 */
1668 #ifdef CONFIG_INTERWORKING
1669 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1670 *pos
|= 0x01; /* Bit 32 - QoS Map */
1671 #endif /* CONFIG_INTERWORKING */
1673 case 5: /* Bits 40-47 */
1675 if (wpa_s
->conf
->hs20
)
1676 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1677 #endif /* CONFIG_HS20 */
1679 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1680 #endif /* CONFIG_MBO */
1682 case 6: /* Bits 48-55 */
1684 case 7: /* Bits 56-63 */
1686 case 8: /* Bits 64-71 */
1687 if (wpa_s
->conf
->ftm_responder
)
1688 *pos
|= 0x40; /* Bit 70 - FTM responder */
1689 if (wpa_s
->conf
->ftm_initiator
)
1690 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1692 case 9: /* Bits 72-79 */
1694 if (!wpa_s
->disable_fils
)
1696 #endif /* CONFIG_FILS */
1702 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1707 if (len
< wpa_s
->extended_capa_len
)
1708 len
= wpa_s
->extended_capa_len
;
1709 if (buflen
< (size_t) len
+ 2) {
1710 wpa_printf(MSG_INFO
,
1711 "Not enough room for building extended capabilities element");
1715 *pos
++ = WLAN_EID_EXT_CAPAB
;
1717 for (i
= 0; i
< len
; i
++, pos
++) {
1718 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1720 if (i
< wpa_s
->extended_capa_len
) {
1721 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1722 *pos
|= wpa_s
->extended_capa
[i
];
1726 while (len
> 0 && buf
[1 + len
] == 0) {
1737 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1738 struct wpa_bss
*test_bss
)
1740 struct wpa_bss
*bss
;
1742 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1743 if (bss
== test_bss
)
1751 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1752 struct wpa_ssid
*test_ssid
)
1754 struct wpa_ssid
*ssid
;
1756 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1757 if (ssid
== test_ssid
)
1765 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1766 struct wpa_ssid
*test_ssid
)
1768 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1771 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1775 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1783 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1785 struct wpa_connect_work
*cwork
;
1786 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1791 wpa_s
->connect_work
= NULL
;
1794 wpas_connect_work_free(cwork
);
1795 radio_work_done(work
);
1799 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1801 struct os_reltime now
;
1804 os_get_reltime(&now
);
1805 if (wpa_s
->last_mac_addr_style
== style
&&
1806 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1807 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1808 wpa_s
->conf
->rand_addr_lifetime
)) {
1809 wpa_msg(wpa_s
, MSG_DEBUG
,
1810 "Previously selected random MAC address has not yet expired");
1816 if (random_mac_addr(addr
) < 0)
1820 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1821 if (random_mac_addr_keep_oui(addr
) < 0)
1828 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1829 wpa_msg(wpa_s
, MSG_INFO
,
1830 "Failed to set random MAC address");
1834 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1835 wpa_s
->mac_addr_changed
= 1;
1836 wpa_s
->last_mac_addr_style
= style
;
1838 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1839 wpa_msg(wpa_s
, MSG_INFO
,
1840 "Could not update MAC address information");
1844 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1851 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1853 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1854 !wpa_s
->conf
->preassoc_mac_addr
)
1857 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1861 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1864 * wpa_supplicant_associate - Request association
1865 * @wpa_s: Pointer to wpa_supplicant data
1866 * @bss: Scan results for the selected BSS, or %NULL if not available
1867 * @ssid: Configuration data for the selected network
1869 * This function is used to request %wpa_supplicant to associate with a BSS.
1871 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1872 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1874 struct wpa_connect_work
*cwork
;
1877 wpa_s
->own_disconnect_req
= 0;
1880 * If we are starting a new connection, any previously pending EAPOL
1881 * RX cannot be valid anymore.
1883 wpabuf_free(wpa_s
->pending_eapol_rx
);
1884 wpa_s
->pending_eapol_rx
= NULL
;
1886 if (ssid
->mac_addr
== -1)
1887 rand_style
= wpa_s
->conf
->mac_addr
;
1889 rand_style
= ssid
->mac_addr
;
1891 wmm_ac_clear_saved_tspecs(wpa_s
);
1892 wpa_s
->reassoc_same_bss
= 0;
1893 wpa_s
->reassoc_same_ess
= 0;
1894 #ifdef CONFIG_TESTING_OPTIONS
1895 wpa_s
->testing_resend_assoc
= 0;
1896 #endif /* CONFIG_TESTING_OPTIONS */
1898 if (wpa_s
->last_ssid
== ssid
) {
1899 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1900 wpa_s
->reassoc_same_ess
= 1;
1901 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1902 wmm_ac_save_tspecs(wpa_s
);
1903 wpa_s
->reassoc_same_bss
= 1;
1907 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1908 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1910 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1911 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1912 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1913 wpa_msg(wpa_s
, MSG_INFO
,
1914 "Could not restore permanent MAC address");
1917 wpa_s
->mac_addr_changed
= 0;
1918 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1919 wpa_msg(wpa_s
, MSG_INFO
,
1920 "Could not update MAC address information");
1923 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1925 wpa_s
->last_ssid
= ssid
;
1927 #ifdef CONFIG_IBSS_RSN
1928 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1929 wpa_s
->ibss_rsn
= NULL
;
1930 #else /* CONFIG_IBSS_RSN */
1931 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1932 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1933 wpa_msg(wpa_s
, MSG_INFO
,
1934 "IBSS RSN not supported in the build");
1937 #endif /* CONFIG_IBSS_RSN */
1939 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1940 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1942 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1943 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1947 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1948 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1949 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1950 wpas_p2p_ap_setup_failed(wpa_s
);
1953 wpa_s
->current_bss
= bss
;
1954 #else /* CONFIG_AP */
1955 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1957 #endif /* CONFIG_AP */
1961 if (ssid
->mode
== WPAS_MODE_MESH
) {
1963 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1964 wpa_msg(wpa_s
, MSG_INFO
,
1965 "Driver does not support mesh mode");
1969 ssid
->frequency
= bss
->freq
;
1970 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1971 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1974 wpa_s
->current_bss
= bss
;
1975 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1976 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1978 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1979 #else /* CONFIG_MESH */
1980 wpa_msg(wpa_s
, MSG_ERROR
,
1981 "mesh mode support not included in the build");
1982 #endif /* CONFIG_MESH */
1987 * Set WPA state machine configuration to match the selected network now
1988 * so that the information is available before wpas_start_assoc_cb()
1989 * gets called. This is needed at least for RSN pre-authentication where
1990 * candidate APs are added to a list based on scan result processing
1991 * before completion of the first association.
1993 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1996 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
1998 #endif /* CONFIG_DPP */
2002 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2004 #endif /* CONFIG_TDLS */
2006 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2007 ssid
->mode
== IEEE80211_MODE_INFRA
) {
2008 sme_authenticate(wpa_s
, bss
, ssid
);
2012 if (wpa_s
->connect_work
) {
2013 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2017 if (radio_work_pending(wpa_s
, "connect")) {
2018 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2023 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2024 /* Clear possibly set auth_alg, if any, from last attempt. */
2025 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2027 #endif /* CONFIG_SME */
2029 wpas_abort_ongoing_scan(wpa_s
);
2031 cwork
= os_zalloc(sizeof(*cwork
));
2038 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2039 wpas_start_assoc_cb
, cwork
) < 0) {
2045 static int bss_is_ibss(struct wpa_bss
*bss
)
2047 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2052 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2053 const struct wpa_ssid
*ssid
)
2055 enum hostapd_hw_mode hw_mode
;
2056 struct hostapd_hw_modes
*mode
= NULL
;
2060 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2061 if (hw_mode
== NUM_HOSTAPD_MODES
)
2063 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2064 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2065 mode
= &wpa_s
->hw
.modes
[i
];
2073 return mode
->vht_capab
!= 0;
2077 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2078 const struct wpa_ssid
*ssid
,
2079 struct hostapd_freq_params
*freq
)
2081 enum hostapd_hw_mode hw_mode
;
2082 struct hostapd_hw_modes
*mode
= NULL
;
2083 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2085 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2086 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2088 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2090 struct hostapd_freq_params vht_freq
;
2091 int chwidth
, seg0
, seg1
;
2094 freq
->freq
= ssid
->frequency
;
2096 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2097 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2099 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2102 /* Don't adjust control freq in case of fixed_freq */
2103 if (ssid
->fixed_freq
)
2106 if (!bss_is_ibss(bss
))
2109 if (ssid
->ssid_len
== bss
->ssid_len
&&
2110 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2111 wpa_printf(MSG_DEBUG
,
2112 "IBSS already found in scan results, adjust control freq: %d",
2114 freq
->freq
= bss
->freq
;
2120 /* For IBSS check HT_IBSS flag */
2121 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2122 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2125 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2126 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2127 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2128 wpa_printf(MSG_DEBUG
,
2129 "IBSS: WEP/TKIP detected, do not try to enable HT");
2133 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2134 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2135 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2136 mode
= &wpa_s
->hw
.modes
[i
];
2144 #ifdef CONFIG_HT_OVERRIDES
2145 if (ssid
->disable_ht
) {
2146 freq
->ht_enabled
= 0;
2149 #endif /* CONFIG_HT_OVERRIDES */
2151 freq
->ht_enabled
= ht_supported(mode
);
2152 if (!freq
->ht_enabled
)
2155 /* Setup higher BW only for 5 GHz */
2156 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2159 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2160 pri_chan
= &mode
->channels
[chan_idx
];
2161 if (pri_chan
->chan
== channel
)
2168 /* Check primary channel flags */
2169 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2172 #ifdef CONFIG_HT_OVERRIDES
2173 if (ssid
->disable_ht40
)
2175 #endif /* CONFIG_HT_OVERRIDES */
2177 /* Check/setup HT40+/HT40- */
2178 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2179 if (ht40plus
[j
] == channel
) {
2185 /* Find secondary channel */
2186 for (i
= 0; i
< mode
->num_channels
; i
++) {
2187 sec_chan
= &mode
->channels
[i
];
2188 if (sec_chan
->chan
== channel
+ ht40
* 4)
2195 /* Check secondary channel flags */
2196 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2199 freq
->channel
= pri_chan
->chan
;
2202 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2205 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2208 freq
->sec_channel_offset
= ht40
;
2211 struct wpa_scan_results
*scan_res
;
2213 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2214 if (scan_res
== NULL
) {
2216 freq
->sec_channel_offset
= 0;
2220 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2225 freq
->sec_channel_offset
= 0;
2228 /* Configuration allowed */
2231 /* Switch pri/sec channels */
2232 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2233 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2234 freq
->channel
= sec_chan
->chan
;
2237 freq
->sec_channel_offset
= 0;
2241 wpa_scan_results_free(scan_res
);
2244 wpa_printf(MSG_DEBUG
,
2245 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2246 freq
->channel
, freq
->sec_channel_offset
);
2248 if (!drv_supports_vht(wpa_s
, ssid
))
2251 /* For IBSS check VHT_IBSS flag */
2252 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2253 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2258 #ifdef CONFIG_VHT_OVERRIDES
2259 if (ssid
->disable_vht
) {
2260 freq
->vht_enabled
= 0;
2263 #endif /* CONFIG_VHT_OVERRIDES */
2265 vht_freq
.vht_enabled
= vht_supported(mode
);
2266 if (!vht_freq
.vht_enabled
)
2269 /* setup center_freq1, bandwidth */
2270 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2271 if (freq
->channel
>= vht80
[j
] &&
2272 freq
->channel
< vht80
[j
] + 16)
2276 if (j
== ARRAY_SIZE(vht80
))
2279 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2280 struct hostapd_channel_data
*chan
;
2282 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2286 /* Back to HT configuration if channel not usable */
2287 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2291 chwidth
= VHT_CHANWIDTH_80MHZ
;
2292 seg0
= vht80
[j
] + 6;
2295 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2296 /* setup center_freq2, bandwidth */
2297 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2298 /* Only accept 80 MHz segments separated by a gap */
2299 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2301 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2302 struct hostapd_channel_data
*chan
;
2304 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2308 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2309 HOSTAPD_CHAN_NO_IR
|
2310 HOSTAPD_CHAN_RADAR
))
2313 /* Found a suitable second segment for 80+80 */
2314 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2316 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2317 seg1
= vht80
[k
] + 6;
2320 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2323 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2324 if (freq
->freq
== 5180) {
2325 chwidth
= VHT_CHANWIDTH_160MHZ
;
2326 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2328 } else if (freq
->freq
== 5520) {
2329 chwidth
= VHT_CHANWIDTH_160MHZ
;
2330 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2335 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2336 freq
->channel
, freq
->ht_enabled
,
2337 vht_freq
.vht_enabled
,
2338 freq
->sec_channel_offset
,
2339 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2344 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2345 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2350 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2353 struct fils_hlp_req
*req
;
2354 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2358 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2360 rem_len
= ie_buf_len
- ie_len
;
2361 pos
= wpabuf_head(req
->pkt
);
2362 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2363 hlp_len
= wpabuf_len(req
->pkt
);
2365 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2366 wpa_printf(MSG_ERROR
,
2367 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2368 (unsigned long) rem_len
,
2369 (unsigned long) (2 + hdr_len
+ hlp_len
));
2373 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2375 *buf
++ = WLAN_EID_EXTENSION
;
2378 /* Element ID Extension */
2379 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2380 /* Destination MAC address */
2381 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2383 /* Source MAC address */
2384 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2386 /* LLC/SNAP Header */
2387 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2390 os_memcpy(buf
, pos
, len
- hdr_len
);
2391 buf
+= len
- hdr_len
;
2392 pos
+= len
- hdr_len
;
2394 hlp_len
-= len
- hdr_len
;
2399 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2400 if (rem_len
< 2 + len
)
2402 *buf
++ = WLAN_EID_FRAGMENT
;
2404 os_memcpy(buf
, pos
, len
);
2418 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2420 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2421 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2422 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2423 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2427 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2429 #ifdef CONFIG_FILS_SK_PFS
2430 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2431 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2432 #else /* CONFIG_FILS_SK_PFS */
2434 #endif /* CONFIG_FILS_SK_PFS */
2437 #endif /* CONFIG_FILS */
2440 static u8
* wpas_populate_assoc_ies(
2441 struct wpa_supplicant
*wpa_s
,
2442 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2443 struct wpa_driver_associate_params
*params
,
2444 enum wpa_drv_update_connect_params_mask
*mask
)
2447 size_t max_wpa_ie_len
= 500;
2449 int algs
= WPA_AUTH_ALG_OPEN
;
2454 const u8
*realm
, *username
, *rrk
;
2455 size_t realm_len
, username_len
, rrk_len
;
2457 struct fils_hlp_req
*req
;
2459 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2461 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2462 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2464 #endif /* CONFIG_FILS */
2466 wpa_ie
= os_malloc(max_wpa_ie_len
);
2468 wpa_printf(MSG_ERROR
,
2469 "Failed to allocate connect IE buffer for %lu bytes",
2470 (unsigned long) max_wpa_ie_len
);
2474 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2475 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2476 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2477 int try_opportunistic
;
2478 const u8
*cache_id
= NULL
;
2480 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2482 ssid
->proactive_key_caching
) &&
2483 (ssid
->proto
& WPA_PROTO_RSN
);
2485 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2486 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2487 #endif /* CONFIG_FILS */
2488 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2489 ssid
, try_opportunistic
,
2491 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2492 wpa_ie_len
= max_wpa_ie_len
;
2493 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2494 wpa_ie
, &wpa_ie_len
)) {
2495 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2496 "key management and encryption suites");
2501 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2502 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2503 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2504 wpa_ie_len
= max_wpa_ie_len
;
2505 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2506 wpa_ie
, &wpa_ie_len
)) {
2507 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2508 "key management and encryption suites");
2512 #endif /* CONFIG_HS20 */
2513 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2514 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2516 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2517 * use non-WPA since the scan results did not indicate that the
2518 * AP is using WPA or WPA2.
2520 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2522 wpa_s
->wpa_proto
= 0;
2523 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2524 wpa_ie_len
= max_wpa_ie_len
;
2525 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2526 wpa_ie
, &wpa_ie_len
)) {
2527 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2528 "key management and encryption suites (no "
2534 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2535 struct wpabuf
*wps_ie
;
2536 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2537 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2538 wpa_ie_len
= wpabuf_len(wps_ie
);
2539 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2542 wpabuf_free(wps_ie
);
2543 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2544 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2545 params
->wps
= WPS_MODE_PRIVACY
;
2547 params
->wps
= WPS_MODE_OPEN
;
2548 wpa_s
->wpa_proto
= 0;
2549 #endif /* CONFIG_WPS */
2551 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2553 wpa_s
->wpa_proto
= 0;
2556 #ifdef IEEE8021X_EAPOL
2557 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2559 if (ssid
->non_leap
== 0)
2560 algs
= WPA_AUTH_ALG_LEAP
;
2562 algs
|= WPA_AUTH_ALG_LEAP
;
2567 /* Clear FILS association */
2568 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2570 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2571 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2572 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2573 &username_len
, &realm
, &realm_len
,
2574 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2575 (!wpa_s
->last_con_fail_realm
||
2576 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2577 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2578 algs
= WPA_AUTH_ALG_FILS
;
2579 params
->fils_erp_username
= username
;
2580 params
->fils_erp_username_len
= username_len
;
2581 params
->fils_erp_realm
= realm
;
2582 params
->fils_erp_realm_len
= realm_len
;
2583 params
->fils_erp_next_seq_num
= next_seq_num
;
2584 params
->fils_erp_rrk
= rrk
;
2585 params
->fils_erp_rrk_len
= rrk_len
;
2588 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2590 #endif /* CONFIG_FILS */
2591 #endif /* IEEE8021X_EAPOL */
2593 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2594 algs
= WPA_AUTH_ALG_SAE
;
2595 #endif /* CONFIG_SAE */
2597 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2598 if (ssid
->auth_alg
) {
2599 algs
= ssid
->auth_alg
;
2600 wpa_dbg(wpa_s
, MSG_DEBUG
,
2601 "Overriding auth_alg selection: 0x%x", algs
);
2605 if (wpa_s
->global
->p2p
) {
2609 pos
= wpa_ie
+ wpa_ie_len
;
2610 len
= max_wpa_ie_len
- wpa_ie_len
;
2611 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2617 wpa_s
->cross_connect_disallowed
= 0;
2620 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2622 wpa_s
->cross_connect_disallowed
=
2623 p2p_get_cross_connect_disallowed(p2p
);
2625 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2627 wpa_s
->cross_connect_disallowed
?
2628 "disallows" : "allows");
2632 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2633 #endif /* CONFIG_P2P */
2636 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2637 wpa_ie
+ wpa_ie_len
,
2643 * Workaround: Add Extended Capabilities element only if the AP
2644 * included this element in Beacon/Probe Response frames. Some older
2645 * APs seem to have interoperability issues if this element is
2646 * included, so while the standard may require us to include the
2647 * element in all cases, it is justifiable to skip it to avoid
2648 * interoperability issues.
2650 if (ssid
->p2p_group
)
2651 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2653 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2655 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2658 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2660 if (ext_capab_len
> 0 &&
2661 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2663 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2665 os_memmove(pos
+ ext_capab_len
, pos
,
2666 wpa_ie_len
- (pos
- wpa_ie
));
2667 wpa_ie_len
+= ext_capab_len
;
2668 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2673 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2674 struct wpabuf
*hs20
;
2676 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2678 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2681 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2682 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2683 len
= max_wpa_ie_len
- wpa_ie_len
;
2684 if (wpabuf_len(hs20
) <= len
) {
2685 os_memcpy(wpa_ie
+ wpa_ie_len
,
2686 wpabuf_head(hs20
), wpabuf_len(hs20
));
2687 wpa_ie_len
+= wpabuf_len(hs20
);
2691 hs20_configure_frame_filters(wpa_s
);
2694 #endif /* CONFIG_HS20 */
2696 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2697 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2700 len
= max_wpa_ie_len
- wpa_ie_len
;
2701 if (wpabuf_len(buf
) <= len
) {
2702 os_memcpy(wpa_ie
+ wpa_ie_len
,
2703 wpabuf_head(buf
), wpabuf_len(buf
));
2704 wpa_ie_len
+= wpabuf_len(buf
);
2709 if (wpa_s
->fst_ies
) {
2710 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2712 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2713 os_memcpy(wpa_ie
+ wpa_ie_len
,
2714 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2715 wpa_ie_len
+= fst_ies_len
;
2718 #endif /* CONFIG_FST */
2721 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2725 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2726 max_wpa_ie_len
- wpa_ie_len
,
2727 !!mbo_attr_from_mbo_ie(mbo_ie
,
2728 OCE_ATTR_ID_CAPA_IND
));
2732 #endif /* CONFIG_MBO */
2735 if (algs
== WPA_AUTH_ALG_FILS
) {
2738 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2739 max_wpa_ie_len
- wpa_ie_len
);
2742 #endif /* CONFIG_FILS */
2745 #ifdef CONFIG_TESTING_OPTIONS
2746 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2747 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2749 #endif /* CONFIG_TESTING_OPTIONS */
2750 if (algs
== WPA_AUTH_ALG_OPEN
&&
2751 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2752 struct wpabuf
*owe_ie
;
2755 if (ssid
->owe_group
) {
2756 group
= ssid
->owe_group
;
2757 } else if (wpa_s
->assoc_status_code
==
2758 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2759 if (wpa_s
->last_owe_group
== 19)
2761 else if (wpa_s
->last_owe_group
== 20)
2764 group
= OWE_DH_GROUP
;
2766 group
= OWE_DH_GROUP
;
2769 wpa_s
->last_owe_group
= group
;
2770 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2771 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2773 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2774 os_memcpy(wpa_ie
+ wpa_ie_len
,
2775 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2776 wpa_ie_len
+= wpabuf_len(owe_ie
);
2777 wpabuf_free(owe_ie
);
2780 #endif /* CONFIG_OWE */
2782 #ifdef CONFIG_IEEE80211R
2784 * Add MDIE under these conditions: the network profile allows FT,
2785 * the AP supports FT, and the mobility domain ID matches.
2787 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2788 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2790 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2792 const u8
*md
= mdie
+ 2;
2793 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2795 if (os_memcmp(md
, wpa_md
,
2796 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2797 /* Add mobility domain IE */
2798 len
= wpa_ft_add_mdie(
2799 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2800 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2804 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2805 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2806 wpa_dbg(wpa_s
, MSG_DEBUG
,
2807 "SME: Trying to use FT over-the-air");
2808 algs
|= WPA_AUTH_ALG_FT
;
2810 #endif /* CONFIG_SME */
2813 #endif /* CONFIG_IEEE80211R */
2815 params
->wpa_ie
= wpa_ie
;
2816 params
->wpa_ie_len
= wpa_ie_len
;
2817 params
->auth_alg
= algs
;
2819 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2825 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2826 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
2828 struct wpa_driver_associate_params params
;
2829 enum wpa_drv_update_connect_params_mask mask
= 0;
2832 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
2833 return; /* nothing to do */
2835 os_memset(¶ms
, 0, sizeof(params
));
2836 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2837 wpa_s
->current_ssid
, ¶ms
, &mask
);
2841 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
2846 wpa_s
->auth_alg
= params
.auth_alg
;
2847 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
2850 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2853 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2855 struct wpa_connect_work
*cwork
= work
->ctx
;
2856 struct wpa_bss
*bss
= cwork
->bss
;
2857 struct wpa_ssid
*ssid
= cwork
->ssid
;
2858 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2860 int use_crypt
, ret
, i
, bssid_changed
;
2861 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2862 struct wpa_driver_associate_params params
;
2863 int wep_keys_set
= 0;
2864 int assoc_failed
= 0;
2865 struct wpa_ssid
*old_ssid
;
2866 u8 prev_bssid
[ETH_ALEN
];
2867 #ifdef CONFIG_HT_OVERRIDES
2868 struct ieee80211_ht_capabilities htcaps
;
2869 struct ieee80211_ht_capabilities htcaps_mask
;
2870 #endif /* CONFIG_HT_OVERRIDES */
2871 #ifdef CONFIG_VHT_OVERRIDES
2872 struct ieee80211_vht_capabilities vhtcaps
;
2873 struct ieee80211_vht_capabilities vhtcaps_mask
;
2874 #endif /* CONFIG_VHT_OVERRIDES */
2877 if (work
->started
) {
2878 wpa_s
->connect_work
= NULL
;
2880 /* cancel possible auth. timeout */
2881 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2884 wpas_connect_work_free(cwork
);
2888 wpa_s
->connect_work
= work
;
2890 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2891 wpas_network_disabled(wpa_s
, ssid
)) {
2892 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2893 wpas_connect_work_done(wpa_s
);
2897 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2898 os_memset(¶ms
, 0, sizeof(params
));
2899 wpa_s
->reassociate
= 0;
2900 wpa_s
->eap_expected_failure
= 0;
2902 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2903 #ifdef CONFIG_IEEE80211R
2904 const u8
*ie
, *md
= NULL
;
2905 #endif /* CONFIG_IEEE80211R */
2906 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2907 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2908 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2909 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2910 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2911 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2913 wpas_notify_bssid_changed(wpa_s
);
2914 #ifdef CONFIG_IEEE80211R
2915 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2916 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2918 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2920 /* Prepare for the next transition */
2921 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2923 #endif /* CONFIG_IEEE80211R */
2925 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2926 wpa_s
->conf
->ap_scan
== 2 &&
2927 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2928 /* Use ap_scan==1 style network selection to find the network
2930 wpas_connect_work_done(wpa_s
);
2931 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2932 wpa_s
->reassociate
= 1;
2933 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2935 #endif /* CONFIG_WPS */
2937 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2938 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2940 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2942 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2945 wpa_supplicant_cancel_sched_scan(wpa_s
);
2947 wpa_supplicant_cancel_scan(wpa_s
);
2949 /* Starting new association, so clear the possibly used WPA IE from the
2950 * previous association. */
2951 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2953 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
2955 wpas_connect_work_done(wpa_s
);
2959 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2961 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2962 cipher_group
= wpa_s
->group_cipher
;
2963 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2964 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2965 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2966 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2968 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2973 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2976 #ifdef IEEE8021X_EAPOL
2977 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2978 if ((ssid
->eapol_flags
&
2979 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2980 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2984 /* Assume that dynamic WEP-104 keys will be used and
2985 * set cipher suites in order for drivers to expect
2987 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2990 #endif /* IEEE8021X_EAPOL */
2992 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2993 /* Set the key before (and later after) association */
2994 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2997 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2999 params
.ssid
= bss
->ssid
;
3000 params
.ssid_len
= bss
->ssid_len
;
3001 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3002 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3003 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3004 MACSTR
" freq=%u MHz based on scan results "
3005 "(bssid_set=%d wps=%d)",
3006 MAC2STR(bss
->bssid
), bss
->freq
,
3008 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3009 params
.bssid
= bss
->bssid
;
3010 params
.freq
.freq
= bss
->freq
;
3012 params
.bssid_hint
= bss
->bssid
;
3013 params
.freq_hint
= bss
->freq
;
3014 params
.pbss
= bss_is_pbss(bss
);
3016 if (ssid
->bssid_hint_set
)
3017 params
.bssid_hint
= ssid
->bssid_hint
;
3019 params
.ssid
= ssid
->ssid
;
3020 params
.ssid_len
= ssid
->ssid_len
;
3021 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3024 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3025 wpa_s
->conf
->ap_scan
== 2) {
3026 params
.bssid
= ssid
->bssid
;
3027 params
.fixed_bssid
= 1;
3030 /* Initial frequency for IBSS/mesh */
3031 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3032 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3033 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3035 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3036 params
.fixed_freq
= ssid
->fixed_freq
;
3037 if (ssid
->beacon_int
)
3038 params
.beacon_int
= ssid
->beacon_int
;
3040 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3043 params
.pairwise_suite
= cipher_pairwise
;
3044 params
.group_suite
= cipher_group
;
3045 params
.mgmt_group_suite
= cipher_group_mgmt
;
3046 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3047 params
.wpa_proto
= wpa_s
->wpa_proto
;
3048 wpa_s
->auth_alg
= params
.auth_alg
;
3049 params
.mode
= ssid
->mode
;
3050 params
.bg_scan_period
= ssid
->bg_scan_period
;
3051 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3052 if (ssid
->wep_key_len
[i
])
3053 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3054 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3056 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3058 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3059 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3060 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3061 params
.passphrase
= ssid
->passphrase
;
3063 params
.psk
= ssid
->psk
;
3066 if (wpa_s
->conf
->key_mgmt_offload
) {
3067 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3068 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3069 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3070 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3071 params
.req_key_mgmt_offload
=
3072 ssid
->proactive_key_caching
< 0 ?
3073 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3075 params
.req_key_mgmt_offload
= 1;
3077 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3078 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3079 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3081 params
.psk
= ssid
->psk
;
3084 params
.drop_unencrypted
= use_crypt
;
3086 #ifdef CONFIG_IEEE80211W
3087 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3088 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3089 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3090 struct wpa_ie_data ie
;
3091 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3093 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3094 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3095 "MFP: require MFP");
3096 params
.mgmt_frame_protection
=
3097 MGMT_FRAME_PROTECTION_REQUIRED
;
3099 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3101 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3102 #endif /* CONFIG_OWE */
3105 #endif /* CONFIG_IEEE80211W */
3107 params
.p2p
= ssid
->p2p_group
;
3109 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3110 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3114 #ifdef CONFIG_HT_OVERRIDES
3115 os_memset(&htcaps
, 0, sizeof(htcaps
));
3116 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3117 params
.htcaps
= (u8
*) &htcaps
;
3118 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3119 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3120 #endif /* CONFIG_HT_OVERRIDES */
3121 #ifdef CONFIG_VHT_OVERRIDES
3122 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3123 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3124 params
.vhtcaps
= &vhtcaps
;
3125 params
.vhtcaps_mask
= &vhtcaps_mask
;
3126 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3127 #endif /* CONFIG_VHT_OVERRIDES */
3131 * If multi-channel concurrency is not supported, check for any
3132 * frequency conflict. In case of any frequency conflict, remove the
3133 * least prioritized connection.
3135 if (wpa_s
->num_multichan_concurrent
< 2) {
3137 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3138 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3139 wpa_printf(MSG_DEBUG
,
3140 "Assoc conflicting freq found (%d != %d)",
3141 freq
, params
.freq
.freq
);
3142 if (wpas_p2p_handle_frequency_conflicts(
3143 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3144 wpas_connect_work_done(wpa_s
);
3150 #endif /* CONFIG_P2P */
3152 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3153 wpa_s
->current_ssid
)
3154 params
.prev_bssid
= prev_bssid
;
3156 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3159 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3161 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3163 * The driver is known to mean what is saying, so we
3164 * can stop right here; the association will not
3167 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3168 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3169 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3172 /* try to continue anyway; new association will be tried again
3177 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3178 /* Set the key after the association just in case association
3179 * cleared the previously configured key. */
3180 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3181 /* No need to timeout authentication since there is no key
3183 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3184 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3185 #ifdef CONFIG_IBSS_RSN
3186 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3187 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3188 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3190 * RSN IBSS authentication is per-STA and we can disable the
3191 * per-BSSID authentication.
3193 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3194 #endif /* CONFIG_IBSS_RSN */
3196 /* Timeout for IEEE 802.11 authentication and association */
3200 /* give IBSS a bit more time */
3201 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3202 } else if (wpa_s
->conf
->ap_scan
== 1) {
3203 /* give IBSS a bit more time */
3204 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3206 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3210 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3211 /* Set static WEP keys again */
3212 wpa_set_wep_keys(wpa_s
, ssid
);
3215 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3217 * Do not allow EAP session resumption between different
3218 * network configurations.
3220 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3222 old_ssid
= wpa_s
->current_ssid
;
3223 wpa_s
->current_ssid
= ssid
;
3225 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3226 wpa_s
->current_bss
= bss
;
3228 hs20_configure_frame_filters(wpa_s
);
3229 #endif /* CONFIG_HS20 */
3232 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3233 wpa_supplicant_initiate_eapol(wpa_s
);
3234 if (old_ssid
!= wpa_s
->current_ssid
)
3235 wpas_notify_network_changed(wpa_s
);
3239 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3242 struct wpa_ssid
*old_ssid
;
3244 wpas_connect_work_done(wpa_s
);
3245 wpa_clear_keys(wpa_s
, addr
);
3246 old_ssid
= wpa_s
->current_ssid
;
3247 wpa_supplicant_mark_disassoc(wpa_s
);
3248 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3249 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3250 if (old_ssid
!= wpa_s
->current_ssid
)
3251 wpas_notify_network_changed(wpa_s
);
3252 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3257 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3258 * @wpa_s: Pointer to wpa_supplicant data
3259 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3261 * This function is used to request %wpa_supplicant to deauthenticate from the
3264 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3268 union wpa_event_data event
;
3271 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3272 " pending_bssid=" MACSTR
" reason=%d state=%s",
3273 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3274 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3276 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3277 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3278 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3279 addr
= wpa_s
->pending_bssid
;
3280 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3281 addr
= wpa_s
->bssid
;
3282 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3284 * When using driver-based BSS selection, we may not know the
3285 * BSSID with which we are currently trying to associate. We
3286 * need to notify the driver of this disconnection even in such
3287 * a case, so use the all zeros address here.
3289 addr
= wpa_s
->bssid
;
3294 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3295 #endif /* CONFIG_TDLS */
3299 struct mesh_conf
*mconf
;
3301 mconf
= wpa_s
->ifmsh
->mconf
;
3302 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3304 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3305 mconf
->meshid_len
, reason_code
);
3306 wpa_supplicant_leave_mesh(wpa_s
);
3308 #endif /* CONFIG_MESH */
3311 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3312 os_memset(&event
, 0, sizeof(event
));
3313 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3314 event
.deauth_info
.locally_generated
= 1;
3315 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3320 wpa_supplicant_clear_connection(wpa_s
, addr
);
3323 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3324 struct wpa_ssid
*ssid
)
3326 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3330 ssid
->owe_transition_bss_select_count
= 0;
3331 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3332 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3335 * Try to reassociate since there is no current configuration and a new
3336 * network was made available.
3338 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3339 wpa_s
->reassociate
= 1;
3344 * wpa_supplicant_add_network - Add a new network
3345 * @wpa_s: wpa_supplicant structure for a network interface
3346 * Returns: The new network configuration or %NULL if operation failed
3348 * This function performs the following operations:
3349 * 1. Adds a new network.
3350 * 2. Send network addition notification.
3351 * 3. Marks the network disabled.
3352 * 4. Set network default parameters.
3354 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3356 struct wpa_ssid
*ssid
;
3358 ssid
= wpa_config_add_network(wpa_s
->conf
);
3361 wpas_notify_network_added(wpa_s
, ssid
);
3363 wpa_config_set_network_defaults(ssid
);
3370 * wpa_supplicant_remove_network - Remove a configured network based on id
3371 * @wpa_s: wpa_supplicant structure for a network interface
3372 * @id: Unique network id to search for
3373 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3374 * could not be removed
3376 * This function performs the following operations:
3377 * 1. Removes the network.
3378 * 2. Send network removal notification.
3379 * 3. Update internal state machines.
3380 * 4. Stop any running sched scans.
3382 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3384 struct wpa_ssid
*ssid
;
3387 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3390 wpas_notify_network_removed(wpa_s
, ssid
);
3392 if (wpa_s
->last_ssid
== ssid
)
3393 wpa_s
->last_ssid
= NULL
;
3395 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3397 wpa_s
->sme
.prev_bssid_set
= 0;
3398 #endif /* CONFIG_SME */
3400 * Invalidate the EAP session cache if the current or
3401 * previously used network is removed.
3403 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3406 if (ssid
== wpa_s
->current_ssid
) {
3407 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3408 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3410 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3411 wpa_s
->own_disconnect_req
= 1;
3412 wpa_supplicant_deauthenticate(wpa_s
,
3413 WLAN_REASON_DEAUTH_LEAVING
);
3416 was_disabled
= ssid
->disabled
;
3418 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3421 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3422 wpa_printf(MSG_DEBUG
,
3423 "Stop ongoing sched_scan to remove network from filters");
3424 wpa_supplicant_cancel_sched_scan(wpa_s
);
3425 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3433 * wpa_supplicant_enable_network - Mark a configured network as enabled
3434 * @wpa_s: wpa_supplicant structure for a network interface
3435 * @ssid: wpa_ssid structure for a configured network or %NULL
3437 * Enables the specified network or all networks if no network specified.
3439 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3440 struct wpa_ssid
*ssid
)
3443 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3444 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3446 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3448 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3449 (!wpa_s
->current_ssid
||
3450 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3451 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3452 if (wpa_s
->sched_scanning
) {
3453 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3454 "new network to scan filters");
3455 wpa_supplicant_cancel_sched_scan(wpa_s
);
3458 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3459 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3460 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3467 * wpa_supplicant_disable_network - Mark a configured network as disabled
3468 * @wpa_s: wpa_supplicant structure for a network interface
3469 * @ssid: wpa_ssid structure for a configured network or %NULL
3471 * Disables the specified network or all networks if no network specified.
3473 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3474 struct wpa_ssid
*ssid
)
3476 struct wpa_ssid
*other_ssid
;
3480 if (wpa_s
->sched_scanning
)
3481 wpa_supplicant_cancel_sched_scan(wpa_s
);
3483 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3484 other_ssid
= other_ssid
->next
) {
3485 was_disabled
= other_ssid
->disabled
;
3486 if (was_disabled
== 2)
3487 continue; /* do not change persistent P2P group
3490 other_ssid
->disabled
= 1;
3492 if (was_disabled
!= other_ssid
->disabled
)
3493 wpas_notify_network_enabled_changed(
3496 if (wpa_s
->current_ssid
) {
3497 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3498 wpa_s
->own_disconnect_req
= 1;
3499 wpa_supplicant_deauthenticate(
3500 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3502 } else if (ssid
->disabled
!= 2) {
3503 if (ssid
== wpa_s
->current_ssid
) {
3504 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3505 wpa_s
->own_disconnect_req
= 1;
3506 wpa_supplicant_deauthenticate(
3507 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3510 was_disabled
= ssid
->disabled
;
3514 if (was_disabled
!= ssid
->disabled
) {
3515 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3516 if (wpa_s
->sched_scanning
) {
3517 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3518 "to remove network from filters");
3519 wpa_supplicant_cancel_sched_scan(wpa_s
);
3520 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3528 * wpa_supplicant_select_network - Attempt association with a network
3529 * @wpa_s: wpa_supplicant structure for a network interface
3530 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3532 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3533 struct wpa_ssid
*ssid
)
3536 struct wpa_ssid
*other_ssid
;
3537 int disconnected
= 0;
3539 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3540 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3541 wpa_s
->own_disconnect_req
= 1;
3542 wpa_supplicant_deauthenticate(
3543 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3548 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3551 * Mark all other networks disabled or mark all networks enabled if no
3552 * network specified.
3554 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3555 other_ssid
= other_ssid
->next
) {
3556 int was_disabled
= other_ssid
->disabled
;
3557 if (was_disabled
== 2)
3558 continue; /* do not change persistent P2P group data */
3560 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3561 if (was_disabled
&& !other_ssid
->disabled
)
3562 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3564 if (was_disabled
!= other_ssid
->disabled
)
3565 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3568 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3569 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3570 /* We are already associated with the selected network */
3571 wpa_printf(MSG_DEBUG
, "Already associated with the "
3572 "selected network - do nothing");
3577 wpa_s
->current_ssid
= ssid
;
3578 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3579 wpa_s
->connect_without_scan
=
3580 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3583 * Don't optimize next scan freqs since a new ESS has been
3586 os_free(wpa_s
->next_scan_freqs
);
3587 wpa_s
->next_scan_freqs
= NULL
;
3589 wpa_s
->connect_without_scan
= NULL
;
3592 wpa_s
->disconnected
= 0;
3593 wpa_s
->reassociate
= 1;
3594 wpa_s
->last_owe_group
= 0;
3596 ssid
->owe_transition_bss_select_count
= 0;
3598 if (wpa_s
->connect_without_scan
||
3599 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3600 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3601 wpas_scan_reset_sched_scan(wpa_s
);
3602 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3606 wpas_notify_network_selected(wpa_s
, ssid
);
3611 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3612 * @wpa_s: wpa_supplicant structure for a network interface
3613 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3614 * @pkcs11_module_path: PKCS #11 module path or NULL
3615 * Returns: 0 on success; -1 on failure
3617 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3618 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3619 * module path fails the paths will be reset to the default value (NULL).
3621 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3622 const char *pkcs11_engine_path
,
3623 const char *pkcs11_module_path
)
3625 char *pkcs11_engine_path_copy
= NULL
;
3626 char *pkcs11_module_path_copy
= NULL
;
3628 if (pkcs11_engine_path
!= NULL
) {
3629 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3630 if (pkcs11_engine_path_copy
== NULL
)
3633 if (pkcs11_module_path
!= NULL
) {
3634 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3635 if (pkcs11_module_path_copy
== NULL
) {
3636 os_free(pkcs11_engine_path_copy
);
3641 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3642 os_free(wpa_s
->conf
->pkcs11_module_path
);
3643 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3644 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3646 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3647 eapol_sm_deinit(wpa_s
->eapol
);
3648 wpa_s
->eapol
= NULL
;
3649 if (wpa_supplicant_init_eapol(wpa_s
)) {
3650 /* Error -> Reset paths to the default value (NULL) once. */
3651 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3652 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3657 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3664 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3665 * @wpa_s: wpa_supplicant structure for a network interface
3666 * @ap_scan: AP scan mode
3667 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3670 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3675 if (ap_scan
< 0 || ap_scan
> 2)
3678 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3679 wpa_printf(MSG_INFO
,
3680 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3684 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3685 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3686 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3687 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3688 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3691 #endif /* ANDROID */
3693 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3694 wpa_s
->conf
->ap_scan
= ap_scan
;
3696 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3697 wpas_notify_ap_scan_changed(wpa_s
);
3704 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3705 * @wpa_s: wpa_supplicant structure for a network interface
3706 * @expire_age: Expiration age in seconds
3707 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3710 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3711 unsigned int bss_expire_age
)
3713 if (bss_expire_age
< 10) {
3714 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3718 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3720 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3727 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3728 * @wpa_s: wpa_supplicant structure for a network interface
3729 * @expire_count: number of scans after which an unseen BSS is reclaimed
3730 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3733 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3734 unsigned int bss_expire_count
)
3736 if (bss_expire_count
< 1) {
3737 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3741 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3743 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3750 * wpa_supplicant_set_scan_interval - Set scan interval
3751 * @wpa_s: wpa_supplicant structure for a network interface
3752 * @scan_interval: scan interval in seconds
3753 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3756 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3759 if (scan_interval
< 0) {
3760 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3764 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3766 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3773 * wpa_supplicant_set_debug_params - Set global debug params
3774 * @global: wpa_global structure
3775 * @debug_level: debug level
3776 * @debug_timestamp: determines if show timestamp in debug data
3777 * @debug_show_keys: determines if show keys in debug data
3778 * Returns: 0 if succeed or -1 if debug_level has wrong value
3780 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3781 int debug_timestamp
, int debug_show_keys
)
3784 int old_level
, old_timestamp
, old_show_keys
;
3786 /* check for allowed debuglevels */
3787 if (debug_level
!= MSG_EXCESSIVE
&&
3788 debug_level
!= MSG_MSGDUMP
&&
3789 debug_level
!= MSG_DEBUG
&&
3790 debug_level
!= MSG_INFO
&&
3791 debug_level
!= MSG_WARNING
&&
3792 debug_level
!= MSG_ERROR
)
3795 old_level
= wpa_debug_level
;
3796 old_timestamp
= wpa_debug_timestamp
;
3797 old_show_keys
= wpa_debug_show_keys
;
3799 wpa_debug_level
= debug_level
;
3800 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3801 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3803 if (wpa_debug_level
!= old_level
)
3804 wpas_notify_debug_level_changed(global
);
3805 if (wpa_debug_timestamp
!= old_timestamp
)
3806 wpas_notify_debug_timestamp_changed(global
);
3807 if (wpa_debug_show_keys
!= old_show_keys
)
3808 wpas_notify_debug_show_keys_changed(global
);
3815 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
3816 const u8
*entry_ssid
, size_t entry_ssid_len
)
3818 const u8
*owe
, *pos
, *end
;
3820 struct wpa_bss
*bss
;
3822 /* Check network profile SSID aganst the SSID in the
3823 * OWE Transition Mode element. */
3825 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
3829 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
3834 end
= owe
+ 2 + owe
[1];
3836 if (end
- pos
< ETH_ALEN
+ 1)
3840 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
3843 return entry_ssid_len
== ssid_len
&&
3844 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
3846 #endif /* CONFIG_OWE */
3850 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3851 * @wpa_s: Pointer to wpa_supplicant data
3852 * Returns: A pointer to the current network structure or %NULL on failure
3854 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3856 struct wpa_ssid
*entry
;
3857 u8 ssid
[SSID_MAX_LEN
];
3863 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3865 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3871 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3872 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3877 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3878 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3880 entry
= wpa_s
->conf
->ssid
;
3882 if (!wpas_network_disabled(wpa_s
, entry
) &&
3883 ((ssid_len
== entry
->ssid_len
&&
3884 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3885 (!entry
->bssid_set
||
3886 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3889 if (!wpas_network_disabled(wpa_s
, entry
) &&
3890 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3891 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3892 (!entry
->bssid_set
||
3893 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3895 #endif /* CONFIG_WPS */
3898 if (!wpas_network_disabled(wpa_s
, entry
) &&
3899 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
3901 (!entry
->bssid_set
||
3902 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3904 #endif /* CONFIG_OWE */
3906 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3907 entry
->ssid_len
== 0 &&
3908 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3911 entry
= entry
->next
;
3918 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3920 struct wpa_global
*global
= wpa_s
->global
;
3922 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3923 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3924 if (global
->drv_priv
[i
] == NULL
) {
3925 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3926 "'%s'", wpa_drivers
[i
]->name
);
3931 wpa_s
->driver
= wpa_drivers
[i
];
3932 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3938 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3943 const char *pos
, *driver
= name
;
3948 if (wpa_drivers
[0] == NULL
) {
3949 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3955 /* default to first driver in the list */
3956 return select_driver(wpa_s
, 0);
3960 pos
= os_strchr(driver
, ',');
3964 len
= os_strlen(driver
);
3966 for (i
= 0; wpa_drivers
[i
]; i
++) {
3967 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3968 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3970 /* First driver that succeeds wins */
3971 if (select_driver(wpa_s
, i
) == 0)
3979 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3985 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3986 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3987 * with struct wpa_driver_ops::init()
3988 * @src_addr: Source address of the EAPOL frame
3989 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3990 * @len: Length of the EAPOL data
3992 * This function is called for each received EAPOL frame. Most driver
3993 * interfaces rely on more generic OS mechanism for receiving frames through
3994 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3995 * take care of received EAPOL frames and deliver them to the core supplicant
3996 * code by calling this function.
3998 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3999 const u8
*buf
, size_t len
)
4001 struct wpa_supplicant
*wpa_s
= ctx
;
4003 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4004 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4006 #ifdef CONFIG_TESTING_OPTIONS
4007 if (wpa_s
->ignore_auth_resp
) {
4008 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4011 #endif /* CONFIG_TESTING_OPTIONS */
4013 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4014 (wpa_s
->last_eapol_matches_bssid
&&
4017 #endif /* CONFIG_AP */
4018 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4020 * There is possible race condition between receiving the
4021 * association event and the EAPOL frame since they are coming
4022 * through different paths from the driver. In order to avoid
4023 * issues in trying to process the EAPOL frame before receiving
4024 * association information, lets queue it for processing until
4025 * the association event is received. This may also be needed in
4026 * driver-based roaming case, so also use src_addr != BSSID as a
4027 * trigger if we have previously confirmed that the
4028 * Authenticator uses BSSID as the src_addr (which is not the
4029 * case with wired IEEE 802.1X).
4031 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4032 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4033 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4034 MAC2STR(wpa_s
->bssid
));
4035 wpabuf_free(wpa_s
->pending_eapol_rx
);
4036 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4037 if (wpa_s
->pending_eapol_rx
) {
4038 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4039 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4045 wpa_s
->last_eapol_matches_bssid
=
4046 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4049 if (wpa_s
->ap_iface
) {
4050 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4053 #endif /* CONFIG_AP */
4055 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4056 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4057 "no key management is configured");
4061 if (wpa_s
->eapol_received
== 0 &&
4062 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
4063 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4064 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4065 (wpa_s
->current_ssid
== NULL
||
4066 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
4067 /* Timeout for completing IEEE 802.1X and WPA authentication */
4070 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4071 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4072 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4073 /* Use longer timeout for IEEE 802.1X/EAP */
4078 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4079 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4080 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4082 * Use shorter timeout if going through WPS AP iteration
4083 * for PIN config method with an AP that does not
4084 * advertise Selected Registrar.
4086 struct wpabuf
*wps_ie
;
4088 wps_ie
= wpa_bss_get_vendor_ie_multi(
4089 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4091 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4093 wpabuf_free(wps_ie
);
4095 #endif /* CONFIG_WPS */
4097 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4099 wpa_s
->eapol_received
++;
4101 if (wpa_s
->countermeasures
) {
4102 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4107 #ifdef CONFIG_IBSS_RSN
4108 if (wpa_s
->current_ssid
&&
4109 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4110 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4113 #endif /* CONFIG_IBSS_RSN */
4115 /* Source address of the incoming EAPOL frame could be compared to the
4116 * current BSSID. However, it is possible that a centralized
4117 * Authenticator could be using another MAC address than the BSSID of
4118 * an AP, so just allow any address to be used for now. The replies are
4119 * still sent to the current BSSID (if available), though. */
4121 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4122 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4123 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4124 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4125 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4127 wpa_drv_poll(wpa_s
);
4128 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
4129 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4130 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4132 * Set portValid = TRUE here since we are going to skip 4-way
4133 * handshake processing which would normally set portValid. We
4134 * need this to allow the EAPOL state machines to be completed
4135 * without going through EAPOL-Key handshake.
4137 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4142 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4144 if ((!wpa_s
->p2p_mgmt
||
4145 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4146 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4147 l2_packet_deinit(wpa_s
->l2
);
4148 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4149 wpa_drv_get_mac_addr(wpa_s
),
4151 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4152 if (wpa_s
->l2
== NULL
)
4155 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4156 L2_PACKET_FILTER_PKTTYPE
))
4157 wpa_dbg(wpa_s
, MSG_DEBUG
,
4158 "Failed to attach pkt_type filter");
4160 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4162 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4165 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4166 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4170 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4176 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4177 const u8
*buf
, size_t len
)
4179 struct wpa_supplicant
*wpa_s
= ctx
;
4180 const struct l2_ethhdr
*eth
;
4182 if (len
< sizeof(*eth
))
4184 eth
= (const struct l2_ethhdr
*) buf
;
4186 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4187 !(eth
->h_dest
[0] & 0x01)) {
4188 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4189 " (bridge - not for this interface - ignore)",
4190 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4194 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4195 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4196 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4197 len
- sizeof(*eth
));
4202 * wpa_supplicant_driver_init - Initialize driver interface parameters
4203 * @wpa_s: Pointer to wpa_supplicant data
4204 * Returns: 0 on success, -1 on failure
4206 * This function is called to initialize driver interface parameters.
4207 * wpa_drv_init() must have been called before this function to initialize the
4210 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4212 static int interface_count
= 0;
4214 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4217 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4218 MAC2STR(wpa_s
->own_addr
));
4219 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4220 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4222 if (wpa_s
->bridge_ifname
[0]) {
4223 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4224 "interface '%s'", wpa_s
->bridge_ifname
);
4225 wpa_s
->l2_br
= l2_packet_init_bridge(
4226 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4227 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4228 if (wpa_s
->l2_br
== NULL
) {
4229 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4230 "connection for the bridge interface '%s'",
4231 wpa_s
->bridge_ifname
);
4236 if (wpa_s
->conf
->ap_scan
== 2 &&
4237 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4238 wpa_printf(MSG_INFO
,
4239 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4242 wpa_clear_keys(wpa_s
, NULL
);
4244 /* Make sure that TKIP countermeasures are not left enabled (could
4245 * happen if wpa_supplicant is killed during countermeasures. */
4246 wpa_drv_set_countermeasures(wpa_s
, 0);
4248 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4249 wpa_drv_flush_pmkid(wpa_s
);
4251 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4252 wpa_s
->prev_scan_wildcard
= 0;
4254 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4255 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4256 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4257 interface_count
= 0;
4260 if (!wpa_s
->p2p_mgmt
&&
4261 wpa_supplicant_delayed_sched_scan(wpa_s
,
4262 interface_count
% 3,
4264 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4266 #endif /* ANDROID */
4269 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4275 static int wpa_supplicant_daemon(const char *pid_file
)
4277 wpa_printf(MSG_DEBUG
, "Daemonize..");
4278 return os_daemonize(pid_file
);
4282 static struct wpa_supplicant
*
4283 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4285 struct wpa_supplicant
*wpa_s
;
4287 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4290 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4291 wpa_s
->scan_interval
= 5;
4292 wpa_s
->new_connection
= 1;
4293 wpa_s
->parent
= parent
? parent
: wpa_s
;
4294 wpa_s
->p2pdev
= wpa_s
->parent
;
4295 wpa_s
->sched_scanning
= 0;
4297 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4298 dl_list_init(&wpa_s
->fils_hlp_req
);
4304 #ifdef CONFIG_HT_OVERRIDES
4306 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4307 struct ieee80211_ht_capabilities
*htcaps
,
4308 struct ieee80211_ht_capabilities
*htcaps_mask
,
4311 /* parse ht_mcs into hex array */
4313 const char *tmp
= ht_mcs
;
4316 /* If ht_mcs is null, do not set anything */
4320 /* This is what we are setting in the kernel */
4321 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4323 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4325 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4329 v
= strtol(tmp
, &end
, 16);
4332 wpa_msg(wpa_s
, MSG_DEBUG
,
4333 "htcap value[%i]: %ld end: %p tmp: %p",
4338 htcaps
->supported_mcs_set
[i
] = v
;
4341 wpa_msg(wpa_s
, MSG_ERROR
,
4342 "Failed to parse ht-mcs: %s, error: %s\n",
4343 ht_mcs
, strerror(errno
));
4349 * If we were able to parse any values, then set mask for the MCS set.
4352 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4353 IEEE80211_HT_MCS_MASK_LEN
- 1);
4354 /* skip the 3 reserved bits */
4355 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4363 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4364 struct ieee80211_ht_capabilities
*htcaps
,
4365 struct ieee80211_ht_capabilities
*htcaps_mask
,
4370 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4375 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4376 htcaps_mask
->ht_capabilities_info
|= msk
;
4378 htcaps
->ht_capabilities_info
&= msk
;
4380 htcaps
->ht_capabilities_info
|= msk
;
4386 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4387 struct ieee80211_ht_capabilities
*htcaps
,
4388 struct ieee80211_ht_capabilities
*htcaps_mask
,
4391 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4396 if (factor
< 0 || factor
> 3) {
4397 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4398 "Must be 0-3 or -1", factor
);
4402 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4403 htcaps
->a_mpdu_params
&= ~0x3;
4404 htcaps
->a_mpdu_params
|= factor
& 0x3;
4410 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4411 struct ieee80211_ht_capabilities
*htcaps
,
4412 struct ieee80211_ht_capabilities
*htcaps_mask
,
4415 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4420 if (density
< 0 || density
> 7) {
4421 wpa_msg(wpa_s
, MSG_ERROR
,
4422 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4427 htcaps_mask
->a_mpdu_params
|= 0x1C;
4428 htcaps
->a_mpdu_params
&= ~(0x1C);
4429 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4435 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4436 struct ieee80211_ht_capabilities
*htcaps
,
4437 struct ieee80211_ht_capabilities
*htcaps_mask
,
4440 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4442 set_disable_ht40(htcaps
, disabled
);
4443 set_disable_ht40(htcaps_mask
, 0);
4449 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4450 struct ieee80211_ht_capabilities
*htcaps
,
4451 struct ieee80211_ht_capabilities
*htcaps_mask
,
4454 /* Masking these out disables SGI */
4455 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4456 HT_CAP_INFO_SHORT_GI40MHZ
);
4458 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4461 htcaps
->ht_capabilities_info
&= ~msk
;
4463 htcaps
->ht_capabilities_info
|= msk
;
4465 htcaps_mask
->ht_capabilities_info
|= msk
;
4471 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4472 struct ieee80211_ht_capabilities
*htcaps
,
4473 struct ieee80211_ht_capabilities
*htcaps_mask
,
4476 /* Masking these out disables LDPC */
4477 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4479 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4482 htcaps
->ht_capabilities_info
&= ~msk
;
4484 htcaps
->ht_capabilities_info
|= msk
;
4486 htcaps_mask
->ht_capabilities_info
|= msk
;
4492 void wpa_supplicant_apply_ht_overrides(
4493 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4494 struct wpa_driver_associate_params
*params
)
4496 struct ieee80211_ht_capabilities
*htcaps
;
4497 struct ieee80211_ht_capabilities
*htcaps_mask
;
4502 params
->disable_ht
= ssid
->disable_ht
;
4503 if (!params
->htcaps
|| !params
->htcaps_mask
)
4506 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4507 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4508 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4509 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4510 ssid
->disable_max_amsdu
);
4511 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4512 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4513 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4514 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4515 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4517 if (ssid
->ht40_intolerant
) {
4518 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4519 htcaps
->ht_capabilities_info
|= bit
;
4520 htcaps_mask
->ht_capabilities_info
|= bit
;
4524 #endif /* CONFIG_HT_OVERRIDES */
4527 #ifdef CONFIG_VHT_OVERRIDES
4528 void wpa_supplicant_apply_vht_overrides(
4529 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4530 struct wpa_driver_associate_params
*params
)
4532 struct ieee80211_vht_capabilities
*vhtcaps
;
4533 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4538 params
->disable_vht
= ssid
->disable_vht
;
4540 vhtcaps
= (void *) params
->vhtcaps
;
4541 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4543 if (!vhtcaps
|| !vhtcaps_mask
)
4546 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4547 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4549 #ifdef CONFIG_HT_OVERRIDES
4550 /* if max ampdu is <= 3, we have to make the HT cap the same */
4551 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4554 max_ampdu
= (ssid
->vht_capa
&
4555 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4556 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4558 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4559 wpa_set_ampdu_factor(wpa_s
,
4560 (void *) params
->htcaps
,
4561 (void *) params
->htcaps_mask
,
4564 #endif /* CONFIG_HT_OVERRIDES */
4566 #define OVERRIDE_MCS(i) \
4567 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4568 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4569 host_to_le16(3 << 2 * (i - 1)); \
4570 vhtcaps->vht_supported_mcs_set.tx_map |= \
4571 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4574 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4575 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4576 host_to_le16(3 << 2 * (i - 1)); \
4577 vhtcaps->vht_supported_mcs_set.rx_map |= \
4578 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4591 #endif /* CONFIG_VHT_OVERRIDES */
4594 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4599 if (!wpa_s
->conf
->pcsc_reader
)
4602 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4606 if (wpa_s
->conf
->pcsc_pin
&&
4607 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4608 scard_deinit(wpa_s
->scard
);
4609 wpa_s
->scard
= NULL
;
4610 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4614 len
= sizeof(wpa_s
->imsi
) - 1;
4615 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4616 scard_deinit(wpa_s
->scard
);
4617 wpa_s
->scard
= NULL
;
4618 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4621 wpa_s
->imsi
[len
] = '\0';
4623 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4625 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4626 wpa_s
->imsi
, wpa_s
->mnc_len
);
4628 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4629 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4630 #endif /* PCSC_FUNCS */
4636 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4640 ext_password_deinit(wpa_s
->ext_pw
);
4641 wpa_s
->ext_pw
= NULL
;
4642 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4644 if (!wpa_s
->conf
->ext_password_backend
)
4647 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4650 pos
= os_strchr(val
, ':');
4654 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4656 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4658 if (wpa_s
->ext_pw
== NULL
) {
4659 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4662 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4670 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4672 struct wpa_supplicant
*wpa_s
= ctx
;
4674 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4675 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4679 static void wpas_fst_get_channel_info_cb(void *ctx
,
4680 enum hostapd_hw_mode
*hw_mode
,
4683 struct wpa_supplicant
*wpa_s
= ctx
;
4685 if (wpa_s
->current_bss
) {
4686 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4688 } else if (wpa_s
->hw
.num_modes
) {
4689 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4697 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4699 struct wpa_supplicant
*wpa_s
= ctx
;
4701 *modes
= wpa_s
->hw
.modes
;
4702 return wpa_s
->hw
.num_modes
;
4706 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4708 struct wpa_supplicant
*wpa_s
= ctx
;
4710 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4711 wpa_s
->fst_ies
= fst_ies
;
4715 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4717 struct wpa_supplicant
*wpa_s
= ctx
;
4719 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4720 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4721 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4724 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4725 wpa_s
->own_addr
, wpa_s
->bssid
,
4726 wpabuf_head(data
), wpabuf_len(data
),
4731 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4733 struct wpa_supplicant
*wpa_s
= ctx
;
4735 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4736 return wpa_s
->received_mb_ies
;
4740 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4741 const u8
*buf
, size_t size
)
4743 struct wpa_supplicant
*wpa_s
= ctx
;
4744 struct mb_ies_info info
;
4746 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4748 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4749 wpabuf_free(wpa_s
->received_mb_ies
);
4750 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4755 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4756 struct fst_get_peer_ctx
**get_ctx
,
4759 struct wpa_supplicant
*wpa_s
= ctx
;
4762 if (!is_zero_ether_addr(wpa_s
->bssid
))
4763 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4764 wpa_s
->bssid
: NULL
;
4769 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4770 struct fst_get_peer_ctx
**get_ctx
,
4776 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4777 struct fst_wpa_obj
*iface_obj
)
4779 iface_obj
->ctx
= wpa_s
;
4780 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4781 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4782 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4783 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4784 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4785 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4786 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4787 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4788 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4790 #endif /* CONFIG_FST */
4792 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4793 const struct wpa_driver_capa
*capa
)
4795 struct wowlan_triggers
*triggers
;
4798 if (!wpa_s
->conf
->wowlan_triggers
)
4801 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4803 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4810 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4813 return BAND_2_4_GHZ
;
4820 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4823 unsigned int band
= 0;
4826 /* freqs are specified for the radio work */
4827 for (i
= 0; freqs
[i
]; i
++)
4828 band
|= wpas_freq_to_band(freqs
[i
]);
4831 * freqs are not specified, implies all
4832 * the supported freqs by HW
4834 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4835 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4836 if (wpa_s
->hw
.modes
[i
].mode
==
4837 HOSTAPD_MODE_IEEE80211B
||
4838 wpa_s
->hw
.modes
[i
].mode
==
4839 HOSTAPD_MODE_IEEE80211G
)
4840 band
|= BAND_2_4_GHZ
;
4841 else if (wpa_s
->hw
.modes
[i
].mode
==
4842 HOSTAPD_MODE_IEEE80211A
)
4844 else if (wpa_s
->hw
.modes
[i
].mode
==
4845 HOSTAPD_MODE_IEEE80211AD
)
4846 band
|= BAND_60_GHZ
;
4847 else if (wpa_s
->hw
.modes
[i
].mode
==
4848 HOSTAPD_MODE_IEEE80211ANY
)
4849 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4859 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4862 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4863 struct wpa_radio
*radio
;
4865 while (rn
&& iface
) {
4866 radio
= iface
->radio
;
4867 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4868 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4870 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4874 iface
= iface
->next
;
4877 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4878 wpa_s
->ifname
, rn
? rn
: "N/A");
4879 radio
= os_zalloc(sizeof(*radio
));
4884 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4885 dl_list_init(&radio
->ifaces
);
4886 dl_list_init(&radio
->work
);
4887 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4893 static void radio_work_free(struct wpa_radio_work
*work
)
4895 if (work
->wpa_s
->scan_work
== work
) {
4896 /* This should not really happen. */
4897 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4898 work
->type
, work
, work
->started
);
4899 work
->wpa_s
->scan_work
= NULL
;
4903 if (work
->wpa_s
->p2p_scan_work
== work
) {
4904 /* This should not really happen. */
4905 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4906 work
->type
, work
, work
->started
);
4907 work
->wpa_s
->p2p_scan_work
= NULL
;
4909 #endif /* CONFIG_P2P */
4911 if (work
->started
) {
4912 work
->wpa_s
->radio
->num_active_works
--;
4913 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4914 "radio_work_free('%s'@%p): num_active_works --> %u",
4916 work
->wpa_s
->radio
->num_active_works
);
4919 dl_list_del(&work
->list
);
4924 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4926 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4927 os_strcmp(work
->type
, "connect") == 0;
4931 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4933 return os_strcmp(work
->type
, "scan") == 0 ||
4934 os_strcmp(work
->type
, "p2p-scan") == 0;
4938 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4940 struct wpa_radio_work
*active_work
= NULL
;
4941 struct wpa_radio_work
*tmp
;
4943 /* Get the active work to know the type and band. */
4944 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4952 /* No active work, start one */
4953 radio
->num_active_works
= 0;
4954 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4956 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4957 radio
->external_scan_running
&&
4958 (((struct wpa_driver_scan_params
*)
4959 tmp
->ctx
)->only_new_results
||
4960 tmp
->wpa_s
->clear_driver_scan_cache
))
4967 if (radio_work_is_connect(active_work
)) {
4969 * If the active work is either connect or sme-connect,
4970 * do not parallelize them with other radio works.
4972 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4973 "Do not parallelize radio work with %s",
4978 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4983 * If connect or sme-connect are enqueued, parallelize only
4984 * those operations ahead of them in the queue.
4986 if (radio_work_is_connect(tmp
))
4989 /* Serialize parallel scan and p2p_scan operations on the same
4990 * interface since the driver_nl80211 mechanism for tracking
4991 * scan cookies does not yet have support for this. */
4992 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4993 radio_work_is_scan(active_work
) &&
4994 radio_work_is_scan(tmp
)) {
4995 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4996 "Do not start work '%s' when another work '%s' is already scheduled",
4997 tmp
->type
, active_work
->type
);
5001 * Check that the radio works are distinct and
5002 * on different bands.
5004 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5005 (active_work
->bands
!= tmp
->bands
)) {
5007 * If a scan has to be scheduled through nl80211 scan
5008 * interface and if an external scan is already running,
5009 * do not schedule the scan since it is likely to get
5010 * rejected by kernel.
5012 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5013 radio
->external_scan_running
&&
5014 (((struct wpa_driver_scan_params
*)
5015 tmp
->ctx
)->only_new_results
||
5016 tmp
->wpa_s
->clear_driver_scan_cache
))
5019 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5020 "active_work:%s new_work:%s",
5021 active_work
->type
, tmp
->type
);
5026 /* Did not find a radio work to schedule in parallel. */
5031 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5033 struct wpa_radio
*radio
= eloop_ctx
;
5034 struct wpa_radio_work
*work
;
5035 struct os_reltime now
, diff
;
5036 struct wpa_supplicant
*wpa_s
;
5038 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5040 radio
->num_active_works
= 0;
5044 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5048 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5050 return; /* already started and still in progress */
5052 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5053 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5058 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5059 /* get the work to schedule next */
5060 work
= radio_work_get_next_work(radio
);
5066 wpa_s
= work
->wpa_s
;
5067 os_get_reltime(&now
);
5068 os_reltime_sub(&now
, &work
->time
, &diff
);
5069 wpa_dbg(wpa_s
, MSG_DEBUG
,
5070 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5071 work
->type
, work
, diff
.sec
, diff
.usec
);
5074 radio
->num_active_works
++;
5078 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5079 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5080 radio_work_check_next(wpa_s
);
5085 * This function removes both started and pending radio works running on
5086 * the provided interface's radio.
5087 * Prior to the removal of the radio work, its callback (cb) is called with
5088 * deinit set to be 1. Each work's callback is responsible for clearing its
5089 * internal data and restoring to a correct state.
5090 * @wpa_s: wpa_supplicant data
5091 * @type: type of works to be removed
5092 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5093 * this interface's works.
5095 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5096 const char *type
, int remove_all
)
5098 struct wpa_radio_work
*work
, *tmp
;
5099 struct wpa_radio
*radio
= wpa_s
->radio
;
5101 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5103 if (type
&& os_strcmp(type
, work
->type
) != 0)
5106 /* skip other ifaces' works */
5107 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5110 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5111 work
->type
, work
, work
->started
? " (started)" : "");
5113 radio_work_free(work
);
5116 /* in case we removed the started work */
5117 radio_work_check_next(wpa_s
);
5121 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5123 struct wpa_radio_work
*work
;
5124 struct wpa_radio
*radio
= wpa_s
->radio
;
5126 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5127 if (work
->ctx
!= ctx
)
5129 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5130 work
->type
, work
, work
->started
? " (started)" : "");
5131 radio_work_free(work
);
5137 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5139 struct wpa_radio
*radio
= wpa_s
->radio
;
5144 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5145 wpa_s
->ifname
, radio
->name
);
5146 dl_list_del(&wpa_s
->radio_list
);
5147 radio_remove_works(wpa_s
, NULL
, 0);
5148 wpa_s
->radio
= NULL
;
5149 if (!dl_list_empty(&radio
->ifaces
))
5150 return; /* Interfaces remain for this radio */
5152 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5153 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5158 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5160 struct wpa_radio
*radio
= wpa_s
->radio
;
5162 if (dl_list_empty(&radio
->work
))
5164 if (wpa_s
->ext_work_in_progress
) {
5165 wpa_printf(MSG_DEBUG
,
5166 "External radio work in progress - delay start of pending item");
5169 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5170 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5175 * radio_add_work - Add a radio work item
5176 * @wpa_s: Pointer to wpa_supplicant data
5177 * @freq: Frequency of the offchannel operation in MHz or 0
5178 * @type: Unique identifier for each type of work
5179 * @next: Force as the next work to be executed
5180 * @cb: Callback function for indicating when radio is available
5181 * @ctx: Context pointer for the work (work->ctx in cb())
5182 * Returns: 0 on success, -1 on failure
5184 * This function is used to request time for an operation that requires
5185 * exclusive radio control. Once the radio is available, the registered callback
5186 * function will be called. radio_work_done() must be called once the exclusive
5187 * radio operation has been completed, so that the radio is freed for other
5188 * operations. The special case of deinit=1 is used to free the context data
5189 * during interface removal. That does not allow the callback function to start
5190 * the radio operation, i.e., it must free any resources allocated for the radio
5193 * The @freq parameter can be used to indicate a single channel on which the
5194 * offchannel operation will occur. This may allow multiple radio work
5195 * operations to be performed in parallel if they apply for the same channel.
5196 * Setting this to 0 indicates that the work item may use multiple channels or
5197 * requires exclusive control of the radio.
5199 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5200 const char *type
, int next
,
5201 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5204 struct wpa_radio
*radio
= wpa_s
->radio
;
5205 struct wpa_radio_work
*work
;
5208 work
= os_zalloc(sizeof(*work
));
5211 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5212 os_get_reltime(&work
->time
);
5215 work
->wpa_s
= wpa_s
;
5220 work
->bands
= wpas_freq_to_band(freq
);
5221 else if (os_strcmp(type
, "scan") == 0 ||
5222 os_strcmp(type
, "p2p-scan") == 0)
5223 work
->bands
= wpas_get_bands(wpa_s
,
5224 ((struct wpa_driver_scan_params
*)
5227 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5229 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5231 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5233 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5235 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5236 radio_work_check_next(wpa_s
);
5237 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5238 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5239 wpa_dbg(wpa_s
, MSG_DEBUG
,
5240 "Try to schedule a radio work (num_active_works=%u)",
5241 radio
->num_active_works
);
5242 radio_work_check_next(wpa_s
);
5250 * radio_work_done - Indicate that a radio work item has been completed
5251 * @work: Completed work
5253 * This function is called once the callback function registered with
5254 * radio_add_work() has completed its work.
5256 void radio_work_done(struct wpa_radio_work
*work
)
5258 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5259 struct os_reltime now
, diff
;
5260 unsigned int started
= work
->started
;
5262 os_get_reltime(&now
);
5263 os_reltime_sub(&now
, &work
->time
, &diff
);
5264 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5265 work
->type
, work
, started
? "done" : "canceled",
5266 diff
.sec
, diff
.usec
);
5267 radio_work_free(work
);
5269 radio_work_check_next(wpa_s
);
5273 struct wpa_radio_work
*
5274 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5276 struct wpa_radio_work
*work
;
5277 struct wpa_radio
*radio
= wpa_s
->radio
;
5279 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5280 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5288 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5289 const struct wpa_interface
*iface
)
5291 const char *ifname
, *driver
, *rn
;
5293 driver
= iface
->driver
;
5295 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5298 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5299 if (wpa_s
->drv_priv
== NULL
) {
5301 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5303 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5304 "driver interface - try next driver wrapper");
5308 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5312 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5313 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5314 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5318 ifname
= wpa_drv_get_ifname(wpa_s
);
5319 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5320 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5321 "interface name with '%s'", ifname
);
5322 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5325 rn
= wpa_driver_get_radio_name(wpa_s
);
5326 if (rn
&& rn
[0] == '\0')
5329 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5330 if (wpa_s
->radio
== NULL
)
5337 #ifdef CONFIG_GAS_SERVER
5339 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5340 unsigned int freq
, const u8
*dst
,
5341 const u8
*src
, const u8
*bssid
,
5342 const u8
*data
, size_t data_len
,
5343 enum offchannel_send_action_result result
)
5345 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5348 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5349 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5351 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5352 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5356 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5357 struct wpabuf
*buf
, unsigned int wait_time
)
5359 struct wpa_supplicant
*wpa_s
= ctx
;
5360 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5362 if (wait_time
> wpa_s
->max_remain_on_chan
)
5363 wait_time
= wpa_s
->max_remain_on_chan
;
5365 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5366 wpabuf_head(buf
), wpabuf_len(buf
),
5367 wait_time
, wpas_gas_server_tx_status
, 0);
5370 #endif /* CONFIG_GAS_SERVER */
5372 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5373 const struct wpa_interface
*iface
)
5375 struct wpa_driver_capa capa
;
5379 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5380 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5381 iface
->confname
? iface
->confname
: "N/A",
5382 iface
->driver
? iface
->driver
: "default",
5383 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5384 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5386 if (iface
->confname
) {
5387 #ifdef CONFIG_BACKEND_FILE
5388 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5389 if (wpa_s
->confname
== NULL
) {
5390 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5391 "for configuration file '%s'.",
5395 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5396 iface
->confname
, wpa_s
->confname
);
5397 #else /* CONFIG_BACKEND_FILE */
5398 wpa_s
->confname
= os_strdup(iface
->confname
);
5399 #endif /* CONFIG_BACKEND_FILE */
5400 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5401 if (wpa_s
->conf
== NULL
) {
5402 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5403 "configuration '%s'.", wpa_s
->confname
);
5406 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5407 if (wpa_s
->confanother
&&
5408 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5409 wpa_printf(MSG_ERROR
,
5410 "Failed to read or parse configuration '%s'.",
5411 wpa_s
->confanother
);
5416 * Override ctrl_interface and driver_param if set on command
5419 if (iface
->ctrl_interface
) {
5420 os_free(wpa_s
->conf
->ctrl_interface
);
5421 wpa_s
->conf
->ctrl_interface
=
5422 os_strdup(iface
->ctrl_interface
);
5425 if (iface
->driver_param
) {
5426 os_free(wpa_s
->conf
->driver_param
);
5427 wpa_s
->conf
->driver_param
=
5428 os_strdup(iface
->driver_param
);
5431 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5432 os_free(wpa_s
->conf
->ctrl_interface
);
5433 wpa_s
->conf
->ctrl_interface
= NULL
;
5436 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5437 iface
->driver_param
);
5439 if (wpa_s
->conf
== NULL
) {
5440 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5444 if (iface
->ifname
== NULL
) {
5445 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5448 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5449 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5453 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5455 if (iface
->bridge_ifname
) {
5456 if (os_strlen(iface
->bridge_ifname
) >=
5457 sizeof(wpa_s
->bridge_ifname
)) {
5458 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5459 "name '%s'.", iface
->bridge_ifname
);
5462 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5463 sizeof(wpa_s
->bridge_ifname
));
5466 /* RSNA Supplicant Key Management - INITIALIZE */
5467 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5468 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5470 /* Initialize driver interface and register driver event handler before
5471 * L2 receive handler so that association events are processed before
5472 * EAPOL-Key packets if both become available for the same select()
5474 if (wpas_init_driver(wpa_s
, iface
) < 0)
5477 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5480 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5481 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5483 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5485 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5486 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5487 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5488 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5489 "dot11RSNAConfigPMKLifetime");
5493 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5494 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5495 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5496 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5497 "dot11RSNAConfigPMKReauthThreshold");
5501 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5502 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5503 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5504 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5505 "dot11RSNAConfigSATimeout");
5509 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5510 &wpa_s
->hw
.num_modes
,
5513 if (wpa_s
->hw
.modes
) {
5516 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5517 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5518 wpa_s
->hw_capab
= CAPAB_VHT
;
5522 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5523 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5524 wpa_s
->hw_capab
= CAPAB_HT40
;
5525 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5526 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5527 wpa_s
->hw_capab
= CAPAB_HT
;
5531 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5532 if (capa_res
== 0) {
5533 wpa_s
->drv_capa_known
= 1;
5534 wpa_s
->drv_flags
= capa
.flags
;
5535 wpa_s
->drv_enc
= capa
.enc
;
5536 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5537 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5538 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5539 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5540 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5541 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5542 wpa_s
->max_sched_scan_plan_interval
=
5543 capa
.max_sched_scan_plan_interval
;
5544 wpa_s
->max_sched_scan_plan_iterations
=
5545 capa
.max_sched_scan_plan_iterations
;
5546 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5547 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5548 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5549 wpa_s
->max_stations
= capa
.max_stations
;
5550 wpa_s
->extended_capa
= capa
.extended_capa
;
5551 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5552 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5553 wpa_s
->num_multichan_concurrent
=
5554 capa
.num_multichan_concurrent
;
5555 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5557 if (capa
.mac_addr_rand_scan_supported
)
5558 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5559 if (wpa_s
->sched_scan_supported
&&
5560 capa
.mac_addr_rand_sched_scan_supported
)
5561 wpa_s
->mac_addr_rand_supported
|=
5562 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5564 if (wpa_s
->max_remain_on_chan
== 0)
5565 wpa_s
->max_remain_on_chan
= 1000;
5568 * Only take p2p_mgmt parameters when P2P Device is supported.
5569 * Doing it here as it determines whether l2_packet_init() will be done
5570 * during wpa_supplicant_driver_init().
5572 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5573 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5575 if (wpa_s
->num_multichan_concurrent
== 0)
5576 wpa_s
->num_multichan_concurrent
= 1;
5578 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5582 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5584 #endif /* CONFIG_TDLS */
5586 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5587 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5588 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5593 if (wpa_s
->conf
->fst_group_id
) {
5594 struct fst_iface_cfg cfg
;
5595 struct fst_wpa_obj iface_obj
;
5597 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5598 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5599 sizeof(cfg
.group_id
));
5600 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5601 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5603 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5606 wpa_msg(wpa_s
, MSG_ERROR
,
5607 "FST: Cannot attach iface %s to group %s",
5608 wpa_s
->ifname
, cfg
.group_id
);
5612 #endif /* CONFIG_FST */
5614 if (wpas_wps_init(wpa_s
))
5617 #ifdef CONFIG_GAS_SERVER
5618 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5619 if (!wpa_s
->gas_server
) {
5620 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5623 #endif /* CONFIG_GAS_SERVER */
5626 if (wpas_dpp_init(wpa_s
) < 0)
5628 #endif /* CONFIG_DPP */
5630 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5632 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5634 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5635 if (wpa_s
->ctrl_iface
== NULL
) {
5636 wpa_printf(MSG_ERROR
,
5637 "Failed to initialize control interface '%s'.\n"
5638 "You may have another wpa_supplicant process "
5639 "already running or the file was\n"
5640 "left by an unclean termination of wpa_supplicant "
5641 "in which case you will need\n"
5642 "to manually remove this file before starting "
5643 "wpa_supplicant again.\n",
5644 wpa_s
->conf
->ctrl_interface
);
5648 wpa_s
->gas
= gas_query_init(wpa_s
);
5649 if (wpa_s
->gas
== NULL
) {
5650 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5654 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5656 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5657 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5661 if (wpa_bss_init(wpa_s
) < 0)
5664 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5666 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5667 #endif /* CONFIG_MESH */
5668 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5671 * Set Wake-on-WLAN triggers, if configured.
5672 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5673 * have effect anyway when the interface is down).
5675 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5678 #ifdef CONFIG_EAP_PROXY
5681 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5683 if (wpa_s
->mnc_len
> 0) {
5684 wpa_s
->imsi
[len
] = '\0';
5685 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5686 wpa_s
->imsi
, wpa_s
->mnc_len
);
5688 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5691 #endif /* CONFIG_EAP_PROXY */
5693 if (pcsc_reader_init(wpa_s
) < 0)
5696 if (wpas_init_ext_pw(wpa_s
) < 0)
5699 wpas_rrm_reset(wpa_s
);
5701 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5705 #endif /* CONFIG_HS20 */
5707 if (wpa_s
->conf
->oce
) {
5708 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5709 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5710 wpa_s
->enable_oce
= OCE_STA
;
5711 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5712 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5713 /* TODO: Need to add STA-CFON support */
5714 wpa_printf(MSG_ERROR
,
5715 "OCE STA-CFON feature is not yet supported");
5718 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5719 #endif /* CONFIG_MBO */
5721 wpa_supplicant_set_default_scan_ies(wpa_s
);
5727 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5728 int notify
, int terminate
)
5730 struct wpa_global
*global
= wpa_s
->global
;
5731 struct wpa_supplicant
*iface
, *prev
;
5733 if (wpa_s
== wpa_s
->parent
)
5734 wpas_p2p_group_remove(wpa_s
, "*");
5736 iface
= global
->ifaces
;
5738 if (iface
->p2pdev
== wpa_s
)
5739 iface
->p2pdev
= iface
->parent
;
5740 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5741 iface
= iface
->next
;
5744 wpa_printf(MSG_DEBUG
,
5745 "Remove remaining child interface %s from parent %s",
5746 iface
->ifname
, wpa_s
->ifname
);
5748 iface
= iface
->next
;
5749 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5752 wpa_s
->disconnected
= 1;
5753 if (wpa_s
->drv_priv
) {
5754 wpa_supplicant_deauthenticate(wpa_s
,
5755 WLAN_REASON_DEAUTH_LEAVING
);
5757 wpa_drv_set_countermeasures(wpa_s
, 0);
5758 wpa_clear_keys(wpa_s
, NULL
);
5761 wpa_supplicant_cleanup(wpa_s
);
5762 wpas_p2p_deinit_iface(wpa_s
);
5764 wpas_ctrl_radio_work_flush(wpa_s
);
5765 radio_remove_interface(wpa_s
);
5769 fst_detach(wpa_s
->fst
);
5772 if (wpa_s
->received_mb_ies
) {
5773 wpabuf_free(wpa_s
->received_mb_ies
);
5774 wpa_s
->received_mb_ies
= NULL
;
5776 #endif /* CONFIG_FST */
5778 if (wpa_s
->drv_priv
)
5779 wpa_drv_deinit(wpa_s
);
5782 wpas_notify_iface_removed(wpa_s
);
5785 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5787 if (wpa_s
->ctrl_iface
) {
5788 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5789 wpa_s
->ctrl_iface
= NULL
;
5794 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5795 wpa_s
->ifmsh
= NULL
;
5797 #endif /* CONFIG_MESH */
5799 if (wpa_s
->conf
!= NULL
) {
5800 wpa_config_free(wpa_s
->conf
);
5804 os_free(wpa_s
->ssids_from_scan_req
);
5810 #ifdef CONFIG_MATCH_IFACE
5813 * wpa_supplicant_match_iface - Match an interface description to a name
5814 * @global: Pointer to global data from wpa_supplicant_init()
5815 * @ifname: Name of the interface to match
5816 * Returns: Pointer to the created interface description or %NULL on failure
5818 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5822 struct wpa_interface
*iface
, *miface
;
5824 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5825 miface
= &global
->params
.match_ifaces
[i
];
5826 if (!miface
->ifname
||
5827 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5828 iface
= os_zalloc(sizeof(*iface
));
5832 iface
->ifname
= ifname
;
5842 * wpa_supplicant_match_existing - Match existing interfaces
5843 * @global: Pointer to global data from wpa_supplicant_init()
5844 * Returns: 0 on success, -1 on failure
5846 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5848 struct if_nameindex
*ifi
, *ifp
;
5849 struct wpa_supplicant
*wpa_s
;
5850 struct wpa_interface
*iface
;
5852 ifp
= if_nameindex();
5854 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5858 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5859 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5862 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5864 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5871 if_freenameindex(ifp
);
5875 #endif /* CONFIG_MATCH_IFACE */
5879 * wpa_supplicant_add_iface - Add a new network interface
5880 * @global: Pointer to global data from wpa_supplicant_init()
5881 * @iface: Interface configuration options
5882 * @parent: Parent interface or %NULL to assign new interface as parent
5883 * Returns: Pointer to the created interface or %NULL on failure
5885 * This function is used to add new network interfaces for %wpa_supplicant.
5886 * This can be called before wpa_supplicant_run() to add interfaces before the
5887 * main event loop has been started. In addition, new interfaces can be added
5888 * dynamically while %wpa_supplicant is already running. This could happen,
5889 * e.g., when a hotplug network adapter is inserted.
5891 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5892 struct wpa_interface
*iface
,
5893 struct wpa_supplicant
*parent
)
5895 struct wpa_supplicant
*wpa_s
;
5896 struct wpa_interface t_iface
;
5897 struct wpa_ssid
*ssid
;
5899 if (global
== NULL
|| iface
== NULL
)
5902 wpa_s
= wpa_supplicant_alloc(parent
);
5906 wpa_s
->global
= global
;
5909 if (global
->params
.override_driver
) {
5910 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5912 iface
->driver
, global
->params
.override_driver
);
5913 t_iface
.driver
= global
->params
.override_driver
;
5915 if (global
->params
.override_ctrl_interface
) {
5916 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5917 "ctrl_interface ('%s' -> '%s')",
5918 iface
->ctrl_interface
,
5919 global
->params
.override_ctrl_interface
);
5920 t_iface
.ctrl_interface
=
5921 global
->params
.override_ctrl_interface
;
5923 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5924 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5926 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5930 if (iface
->p2p_mgmt
== 0) {
5931 /* Notify the control interfaces about new iface */
5932 if (wpas_notify_iface_added(wpa_s
)) {
5933 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5937 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5938 wpas_notify_network_added(wpa_s
, ssid
);
5941 wpa_s
->next
= global
->ifaces
;
5942 global
->ifaces
= wpa_s
;
5944 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5945 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5948 if (wpa_s
->global
->p2p
== NULL
&&
5949 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5950 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5951 wpas_p2p_add_p2pdev_interface(
5952 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5953 wpa_printf(MSG_INFO
,
5954 "P2P: Failed to enable P2P Device interface");
5955 /* Try to continue without. P2P will be disabled. */
5957 #endif /* CONFIG_P2P */
5964 * wpa_supplicant_remove_iface - Remove a network interface
5965 * @global: Pointer to global data from wpa_supplicant_init()
5966 * @wpa_s: Pointer to the network interface to be removed
5967 * Returns: 0 if interface was removed, -1 if interface was not found
5969 * This function can be used to dynamically remove network interfaces from
5970 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5971 * addition, this function is used to remove all remaining interfaces when
5972 * %wpa_supplicant is terminated.
5974 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5975 struct wpa_supplicant
*wpa_s
,
5978 struct wpa_supplicant
*prev
;
5980 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5981 char *ifname
= NULL
;
5982 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5983 #endif /* CONFIG_MESH */
5985 /* Remove interface from the global list of interfaces */
5986 prev
= global
->ifaces
;
5987 if (prev
== wpa_s
) {
5988 global
->ifaces
= wpa_s
->next
;
5990 while (prev
&& prev
->next
!= wpa_s
)
5994 prev
->next
= wpa_s
->next
;
5997 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6000 if (mesh_if_created
) {
6001 ifname
= os_strdup(wpa_s
->ifname
);
6002 if (ifname
== NULL
) {
6003 wpa_dbg(wpa_s
, MSG_ERROR
,
6004 "mesh: Failed to malloc ifname");
6008 #endif /* CONFIG_MESH */
6010 if (global
->p2p_group_formation
== wpa_s
)
6011 global
->p2p_group_formation
= NULL
;
6012 if (global
->p2p_invite_group
== wpa_s
)
6013 global
->p2p_invite_group
= NULL
;
6014 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6017 if (mesh_if_created
) {
6018 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6021 #endif /* CONFIG_MESH */
6028 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6029 * @wpa_s: Pointer to the network interface
6030 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6032 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6034 const char *eapol_method
;
6036 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6037 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6041 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6042 if (eapol_method
== NULL
)
6043 return "UNKNOWN-EAP";
6045 return eapol_method
;
6050 * wpa_supplicant_get_iface - Get a new network interface
6051 * @global: Pointer to global data from wpa_supplicant_init()
6052 * @ifname: Interface name
6053 * Returns: Pointer to the interface or %NULL if not found
6055 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6058 struct wpa_supplicant
*wpa_s
;
6060 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6061 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6068 #ifndef CONFIG_NO_WPA_MSG
6069 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6071 struct wpa_supplicant
*wpa_s
= ctx
;
6074 return wpa_s
->ifname
;
6076 #endif /* CONFIG_NO_WPA_MSG */
6079 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6080 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6081 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6083 /* Periodic cleanup tasks */
6084 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6086 struct wpa_global
*global
= eloop_ctx
;
6087 struct wpa_supplicant
*wpa_s
;
6089 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6090 wpas_periodic
, global
, NULL
);
6094 p2p_expire_peers(global
->p2p
);
6095 #endif /* CONFIG_P2P */
6097 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6098 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6101 #endif /* CONFIG_AP */
6107 * wpa_supplicant_init - Initialize %wpa_supplicant
6108 * @params: Parameters for %wpa_supplicant
6109 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6111 * This function is used to initialize %wpa_supplicant. After successful
6112 * initialization, the returned data pointer can be used to add and remove
6113 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6115 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6117 struct wpa_global
*global
;
6123 #ifdef CONFIG_DRIVER_NDIS
6125 void driver_ndis_init_ops(void);
6126 driver_ndis_init_ops();
6128 #endif /* CONFIG_DRIVER_NDIS */
6130 #ifndef CONFIG_NO_WPA_MSG
6131 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6132 #endif /* CONFIG_NO_WPA_MSG */
6134 if (params
->wpa_debug_file_path
)
6135 wpa_debug_open_file(params
->wpa_debug_file_path
);
6137 wpa_debug_setup_stdout();
6138 if (params
->wpa_debug_syslog
)
6139 wpa_debug_open_syslog();
6140 if (params
->wpa_debug_tracing
) {
6141 ret
= wpa_debug_open_linux_tracing();
6143 wpa_printf(MSG_ERROR
,
6144 "Failed to enable trace logging");
6149 ret
= eap_register_methods();
6151 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6153 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6154 "the same EAP type.");
6158 global
= os_zalloc(sizeof(*global
));
6161 dl_list_init(&global
->p2p_srv_bonjour
);
6162 dl_list_init(&global
->p2p_srv_upnp
);
6163 global
->params
.daemonize
= params
->daemonize
;
6164 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6165 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6166 if (params
->pid_file
)
6167 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6168 if (params
->ctrl_interface
)
6169 global
->params
.ctrl_interface
=
6170 os_strdup(params
->ctrl_interface
);
6171 if (params
->ctrl_interface_group
)
6172 global
->params
.ctrl_interface_group
=
6173 os_strdup(params
->ctrl_interface_group
);
6174 if (params
->override_driver
)
6175 global
->params
.override_driver
=
6176 os_strdup(params
->override_driver
);
6177 if (params
->override_ctrl_interface
)
6178 global
->params
.override_ctrl_interface
=
6179 os_strdup(params
->override_ctrl_interface
);
6180 #ifdef CONFIG_MATCH_IFACE
6181 global
->params
.match_iface_count
= params
->match_iface_count
;
6182 if (params
->match_iface_count
) {
6183 global
->params
.match_ifaces
=
6184 os_calloc(params
->match_iface_count
,
6185 sizeof(struct wpa_interface
));
6186 os_memcpy(global
->params
.match_ifaces
,
6187 params
->match_ifaces
,
6188 params
->match_iface_count
*
6189 sizeof(struct wpa_interface
));
6191 #endif /* CONFIG_MATCH_IFACE */
6193 if (params
->conf_p2p_dev
)
6194 global
->params
.conf_p2p_dev
=
6195 os_strdup(params
->conf_p2p_dev
);
6196 #endif /* CONFIG_P2P */
6197 wpa_debug_level
= global
->params
.wpa_debug_level
=
6198 params
->wpa_debug_level
;
6199 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6200 params
->wpa_debug_show_keys
;
6201 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6202 params
->wpa_debug_timestamp
;
6204 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6207 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6208 wpa_supplicant_deinit(global
);
6212 random_init(params
->entropy_file
);
6214 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6215 if (global
->ctrl_iface
== NULL
) {
6216 wpa_supplicant_deinit(global
);
6220 if (wpas_notify_supplicant_initialized(global
)) {
6221 wpa_supplicant_deinit(global
);
6225 for (i
= 0; wpa_drivers
[i
]; i
++)
6226 global
->drv_count
++;
6227 if (global
->drv_count
== 0) {
6228 wpa_printf(MSG_ERROR
, "No drivers enabled");
6229 wpa_supplicant_deinit(global
);
6232 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6233 if (global
->drv_priv
== NULL
) {
6234 wpa_supplicant_deinit(global
);
6238 #ifdef CONFIG_WIFI_DISPLAY
6239 if (wifi_display_init(global
) < 0) {
6240 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6241 wpa_supplicant_deinit(global
);
6244 #endif /* CONFIG_WIFI_DISPLAY */
6246 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6247 wpas_periodic
, global
, NULL
);
6254 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6255 * @global: Pointer to global data from wpa_supplicant_init()
6256 * Returns: 0 after successful event loop run, -1 on failure
6258 * This function starts the main event loop and continues running as long as
6259 * there are any remaining events. In most cases, this function is running as
6260 * long as the %wpa_supplicant process in still in use.
6262 int wpa_supplicant_run(struct wpa_global
*global
)
6264 struct wpa_supplicant
*wpa_s
;
6266 if (global
->params
.daemonize
&&
6267 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6268 eloop_sock_requeue()))
6271 #ifdef CONFIG_MATCH_IFACE
6272 if (wpa_supplicant_match_existing(global
))
6276 if (global
->params
.wait_for_monitor
) {
6277 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6278 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6279 wpa_supplicant_ctrl_iface_wait(
6283 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6284 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6293 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6294 * @global: Pointer to global data from wpa_supplicant_init()
6296 * This function is called to deinitialize %wpa_supplicant and to free all
6297 * allocated resources. Remaining network interfaces will also be removed.
6299 void wpa_supplicant_deinit(struct wpa_global
*global
)
6306 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6308 #ifdef CONFIG_WIFI_DISPLAY
6309 wifi_display_deinit(global
);
6310 #endif /* CONFIG_WIFI_DISPLAY */
6312 while (global
->ifaces
)
6313 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6315 if (global
->ctrl_iface
)
6316 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6318 wpas_notify_supplicant_deinitialized(global
);
6320 eap_peer_unregister_methods();
6322 eap_server_unregister_methods();
6323 #endif /* CONFIG_AP */
6325 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6326 if (!global
->drv_priv
[i
])
6328 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6330 os_free(global
->drv_priv
);
6336 if (global
->params
.pid_file
) {
6337 os_daemonize_terminate(global
->params
.pid_file
);
6338 os_free(global
->params
.pid_file
);
6340 os_free(global
->params
.ctrl_interface
);
6341 os_free(global
->params
.ctrl_interface_group
);
6342 os_free(global
->params
.override_driver
);
6343 os_free(global
->params
.override_ctrl_interface
);
6344 #ifdef CONFIG_MATCH_IFACE
6345 os_free(global
->params
.match_ifaces
);
6346 #endif /* CONFIG_MATCH_IFACE */
6348 os_free(global
->params
.conf_p2p_dev
);
6349 #endif /* CONFIG_P2P */
6351 os_free(global
->p2p_disallow_freq
.range
);
6352 os_free(global
->p2p_go_avoid_freq
.range
);
6353 os_free(global
->add_psk
);
6356 wpa_debug_close_syslog();
6357 wpa_debug_close_file();
6358 wpa_debug_close_linux_tracing();
6362 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6364 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6365 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6367 country
[0] = wpa_s
->conf
->country
[0];
6368 country
[1] = wpa_s
->conf
->country
[1];
6370 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6371 wpa_printf(MSG_ERROR
, "Failed to set country code "
6376 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6377 wpas_init_ext_pw(wpa_s
);
6379 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6380 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6382 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6383 struct wpa_driver_capa capa
;
6384 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6386 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6387 wpa_printf(MSG_ERROR
,
6388 "Failed to update wowlan_triggers to '%s'",
6389 wpa_s
->conf
->wowlan_triggers
);
6393 wpas_wps_update_config(wpa_s
);
6394 #endif /* CONFIG_WPS */
6395 wpas_p2p_update_config(wpa_s
);
6396 wpa_s
->conf
->changed_parameters
= 0;
6400 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6404 for (i
= 0; i
< *num_freqs
; i
++) {
6405 if (freqs
[i
] == freq
)
6409 freqs
[*num_freqs
] = freq
;
6414 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6416 struct wpa_bss
*bss
, *cbss
;
6417 const int max_freqs
= 10;
6421 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6425 cbss
= wpa_s
->current_bss
;
6427 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6430 if (bss
->ssid_len
== cbss
->ssid_len
&&
6431 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6432 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6433 add_freq(freqs
, &num_freqs
, bss
->freq
);
6434 if (num_freqs
== max_freqs
)
6439 if (num_freqs
== 0) {
6448 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6454 wpas_connect_work_done(wpa_s
);
6457 * Remove possible authentication timeout since the connection failed.
6459 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6462 * There is no point in blacklisting the AP if this event is
6463 * generated based on local request to disconnect.
6465 if (wpa_s
->own_disconnect_req
) {
6466 wpa_s
->own_disconnect_req
= 0;
6467 wpa_dbg(wpa_s
, MSG_DEBUG
,
6468 "Ignore connection failure due to local request to disconnect");
6471 if (wpa_s
->disconnected
) {
6472 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6473 "indication since interface has been put into "
6474 "disconnected state");
6479 * Add the failed BSSID into the blacklist and speed up next scan
6480 * attempt if there could be other APs that could accept association.
6481 * The current blacklist count indicates how many times we have tried
6482 * connecting to this AP and multiple attempts mean that other APs are
6483 * either not available or has already been tried, so that we can start
6484 * increasing the delay here to avoid constant scanning.
6486 count
= wpa_blacklist_add(wpa_s
, bssid
);
6487 if (count
== 1 && wpa_s
->current_bss
) {
6489 * This BSS was not in the blacklist before. If there is
6490 * another BSS available for the same ESS, we should try that
6491 * next. Otherwise, we may as well try this one once more
6492 * before allowing other, likely worse, ESSes to be considered.
6494 freqs
= get_bss_freqs_in_ess(wpa_s
);
6496 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6497 "has been seen; try it next");
6498 wpa_blacklist_add(wpa_s
, bssid
);
6500 * On the next scan, go through only the known channels
6501 * used in this ESS based on previous scans to speed up
6502 * common load balancing use case.
6504 os_free(wpa_s
->next_scan_freqs
);
6505 wpa_s
->next_scan_freqs
= freqs
;
6510 * Add previous failure count in case the temporary blacklist was
6511 * cleared due to no other BSSes being available.
6513 count
+= wpa_s
->extra_blacklist_count
;
6515 if (count
> 3 && wpa_s
->current_ssid
) {
6516 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6517 "consider temporary network disabling");
6518 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6539 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6540 "ms", count
, timeout
);
6543 * TODO: if more than one possible AP is available in scan results,
6544 * could try the other ones before requesting a new scan.
6546 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6547 1000 * (timeout
% 1000));
6552 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6554 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6555 const u8
*realm
, *username
, *rrk
;
6556 size_t realm_len
, username_len
, rrk_len
;
6559 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6560 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6561 &username
, &username_len
,
6562 &realm
, &realm_len
, &next_seq_num
,
6563 &rrk
, &rrk_len
) != 0 ||
6567 wpa_hexdump_ascii(MSG_DEBUG
,
6568 "FILS: Store last connection failure realm",
6570 os_free(wpa_s
->last_con_fail_realm
);
6571 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6572 if (wpa_s
->last_con_fail_realm
) {
6573 wpa_s
->last_con_fail_realm_len
= realm_len
;
6574 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6577 #endif /* CONFIG_FILS */
6580 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6582 return wpa_s
->conf
->ap_scan
== 2 ||
6583 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6587 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6588 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6589 struct wpa_ssid
*ssid
,
6593 #ifdef IEEE8021X_EAPOL
6594 struct eap_peer_config
*eap
= &ssid
->eap
;
6596 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6597 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6598 (const u8
*) value
, os_strlen(value
));
6600 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6601 case WPA_CTRL_REQ_EAP_IDENTITY
:
6602 os_free(eap
->identity
);
6603 eap
->identity
= (u8
*) os_strdup(value
);
6604 eap
->identity_len
= os_strlen(value
);
6605 eap
->pending_req_identity
= 0;
6606 if (ssid
== wpa_s
->current_ssid
)
6607 wpa_s
->reassociate
= 1;
6609 case WPA_CTRL_REQ_EAP_PASSWORD
:
6610 bin_clear_free(eap
->password
, eap
->password_len
);
6611 eap
->password
= (u8
*) os_strdup(value
);
6612 eap
->password_len
= os_strlen(value
);
6613 eap
->pending_req_password
= 0;
6614 if (ssid
== wpa_s
->current_ssid
)
6615 wpa_s
->reassociate
= 1;
6617 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6618 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6619 eap
->new_password
= (u8
*) os_strdup(value
);
6620 eap
->new_password_len
= os_strlen(value
);
6621 eap
->pending_req_new_password
= 0;
6622 if (ssid
== wpa_s
->current_ssid
)
6623 wpa_s
->reassociate
= 1;
6625 case WPA_CTRL_REQ_EAP_PIN
:
6626 str_clear_free(eap
->pin
);
6627 eap
->pin
= os_strdup(value
);
6628 eap
->pending_req_pin
= 0;
6629 if (ssid
== wpa_s
->current_ssid
)
6630 wpa_s
->reassociate
= 1;
6632 case WPA_CTRL_REQ_EAP_OTP
:
6633 bin_clear_free(eap
->otp
, eap
->otp_len
);
6634 eap
->otp
= (u8
*) os_strdup(value
);
6635 eap
->otp_len
= os_strlen(value
);
6636 os_free(eap
->pending_req_otp
);
6637 eap
->pending_req_otp
= NULL
;
6638 eap
->pending_req_otp_len
= 0;
6640 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6641 str_clear_free(eap
->private_key_passwd
);
6642 eap
->private_key_passwd
= os_strdup(value
);
6643 eap
->pending_req_passphrase
= 0;
6644 if (ssid
== wpa_s
->current_ssid
)
6645 wpa_s
->reassociate
= 1;
6647 case WPA_CTRL_REQ_SIM
:
6648 str_clear_free(eap
->external_sim_resp
);
6649 eap
->external_sim_resp
= os_strdup(value
);
6650 eap
->pending_req_sim
= 0;
6652 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6653 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6655 ssid
->mem_only_psk
= 1;
6656 if (ssid
->passphrase
)
6657 wpa_config_update_psk(ssid
);
6658 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6659 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6661 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6662 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6664 if (os_strcmp(value
, "good") == 0)
6665 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6666 else if (os_strcmp(value
, "bad") == 0)
6667 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6672 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6677 #else /* IEEE8021X_EAPOL */
6678 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6680 #endif /* IEEE8021X_EAPOL */
6682 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6685 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6688 unsigned int drv_enc
;
6690 if (wpa_s
->p2p_mgmt
)
6691 return 1; /* no normal network profiles on p2p_mgmt interface */
6699 if (wpa_s
->drv_capa_known
)
6700 drv_enc
= wpa_s
->drv_enc
;
6702 drv_enc
= (unsigned int) -1;
6704 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6705 size_t len
= ssid
->wep_key_len
[i
];
6708 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6710 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6712 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6714 return 1; /* invalid WEP key */
6717 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6718 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6719 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
6720 !ssid
->mem_only_psk
)
6727 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6729 #ifdef CONFIG_IEEE80211W
6730 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6731 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6732 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6734 * Driver does not support BIP -- ignore pmf=1 default
6735 * since the connection with PMF would fail and the
6736 * configuration does not require PMF to be enabled.
6738 return NO_MGMT_FRAME_PROTECTION
;
6743 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6744 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6746 * Do not use the default PMF value for non-RSN networks
6747 * since PMF is available only with RSN and pmf=2
6748 * configuration would otherwise prevent connections to
6749 * all open networks.
6751 return NO_MGMT_FRAME_PROTECTION
;
6754 return wpa_s
->conf
->pmf
;
6757 return ssid
->ieee80211w
;
6758 #else /* CONFIG_IEEE80211W */
6759 return NO_MGMT_FRAME_PROTECTION
;
6760 #endif /* CONFIG_IEEE80211W */
6764 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6766 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6768 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6774 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6776 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6778 struct os_reltime now
;
6781 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6786 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6789 ssid
->auth_failures
++;
6792 if (ssid
->p2p_group
&&
6793 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6795 * Skip the wait time since there is a short timeout on the
6796 * connection to a P2P group.
6800 #endif /* CONFIG_P2P */
6802 if (ssid
->auth_failures
> 50)
6804 else if (ssid
->auth_failures
> 10)
6806 else if (ssid
->auth_failures
> 5)
6808 else if (ssid
->auth_failures
> 3)
6810 else if (ssid
->auth_failures
> 2)
6812 else if (ssid
->auth_failures
> 1)
6817 if (ssid
->auth_failures
> 1 &&
6818 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6819 dur
+= os_random() % (ssid
->auth_failures
* 10);
6821 os_get_reltime(&now
);
6822 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6825 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6827 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6828 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6829 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6830 ssid
->auth_failures
, dur
, reason
);
6834 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6835 struct wpa_ssid
*ssid
, int clear_failures
)
6840 if (ssid
->disabled_until
.sec
) {
6841 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6842 "id=%d ssid=\"%s\"",
6843 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6845 ssid
->disabled_until
.sec
= 0;
6846 ssid
->disabled_until
.usec
= 0;
6848 ssid
->auth_failures
= 0;
6852 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6856 if (wpa_s
->disallow_aps_bssid
== NULL
)
6859 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6860 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6861 bssid
, ETH_ALEN
) == 0)
6869 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6874 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6877 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6878 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6879 if (ssid_len
== s
->ssid_len
&&
6880 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6889 * wpas_request_connection - Request a new connection
6890 * @wpa_s: Pointer to the network interface
6892 * This function is used to request a new connection to be found. It will mark
6893 * the interface to allow reassociation and request a new scan to find a
6894 * suitable network to connect to.
6896 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6898 wpa_s
->normal_scans
= 0;
6899 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6900 wpa_supplicant_reinit_autoscan(wpa_s
);
6901 wpa_s
->extra_blacklist_count
= 0;
6902 wpa_s
->disconnected
= 0;
6903 wpa_s
->reassociate
= 1;
6904 wpa_s
->last_owe_group
= 0;
6906 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6907 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6909 wpa_s
->reattach
= 0;
6914 * wpas_request_disconnection - Request disconnection
6915 * @wpa_s: Pointer to the network interface
6917 * This function is used to request disconnection from the currently connected
6918 * network. This will stop any ongoing scans and initiate deauthentication.
6920 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6923 wpa_s
->sme
.prev_bssid_set
= 0;
6924 #endif /* CONFIG_SME */
6925 wpa_s
->reassociate
= 0;
6926 wpa_s
->disconnected
= 1;
6927 wpa_supplicant_cancel_sched_scan(wpa_s
);
6928 wpa_supplicant_cancel_scan(wpa_s
);
6929 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6930 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6934 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6935 struct wpa_used_freq_data
*freqs_data
,
6940 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6942 for (i
= 0; i
< len
; i
++) {
6943 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6944 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6945 i
, cur
->freq
, cur
->flags
);
6951 * Find the operating frequencies of any of the virtual interfaces that
6952 * are using the same radio as the current interface, and in addition, get
6953 * information about the interface types that are using the frequency.
6955 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6956 struct wpa_used_freq_data
*freqs_data
,
6959 struct wpa_supplicant
*ifs
;
6962 unsigned int idx
= 0, i
;
6964 wpa_dbg(wpa_s
, MSG_DEBUG
,
6965 "Determining shared radio frequencies (max len %u)", len
);
6966 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6968 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6973 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6976 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6977 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6978 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6979 freq
= ifs
->current_ssid
->frequency
;
6980 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6981 freq
= ifs
->assoc_freq
;
6985 /* Hold only distinct freqs */
6986 for (i
= 0; i
< idx
; i
++)
6987 if (freqs_data
[i
].freq
== freq
)
6991 freqs_data
[idx
++].freq
= freq
;
6993 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6994 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6995 WPA_FREQ_USED_BY_P2P_CLIENT
:
6996 WPA_FREQ_USED_BY_INFRA_STATION
;
7000 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7006 * Find the operating frequencies of any of the virtual interfaces that
7007 * are using the same radio as the current interface.
7009 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7010 int *freq_array
, unsigned int len
)
7012 struct wpa_used_freq_data
*freqs_data
;
7015 os_memset(freq_array
, 0, sizeof(int) * len
);
7017 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7021 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7022 for (i
= 0; i
< num
; i
++)
7023 freq_array
[i
] = freqs_data
[i
].freq
;
7025 os_free(freqs_data
);
7031 struct wpa_supplicant
*
7032 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7036 case VENDOR_ELEM_PROBE_REQ_P2P
:
7037 case VENDOR_ELEM_PROBE_RESP_P2P
:
7038 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7039 case VENDOR_ELEM_BEACON_P2P_GO
:
7040 case VENDOR_ELEM_P2P_PD_REQ
:
7041 case VENDOR_ELEM_P2P_PD_RESP
:
7042 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7043 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7044 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7045 case VENDOR_ELEM_P2P_INV_REQ
:
7046 case VENDOR_ELEM_P2P_INV_RESP
:
7047 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7048 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7049 return wpa_s
->p2pdev
;
7050 #endif /* CONFIG_P2P */
7057 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7062 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7064 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7065 if (wpa_s
->vendor_elem
[i
]) {
7068 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7069 if (!os_snprintf_error(sizeof(buf
), res
)) {
7070 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7071 wpa_s
->vendor_elem
[i
]);
7077 if (wpa_s
->parent
== wpa_s
&&
7078 wpa_s
->global
->p2p
&&
7079 !wpa_s
->global
->p2p_disabled
)
7080 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7081 #endif /* CONFIG_P2P */
7085 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7086 const u8
*elem
, size_t len
)
7090 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7091 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7093 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7096 if (os_memcmp(ie
, elem
, len
) != 0)
7099 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7100 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7101 wpa_s
->vendor_elem
[frame
] = NULL
;
7103 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7104 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7106 wpas_vendor_elem_update(wpa_s
);
7114 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7115 u16 num_modes
, enum hostapd_hw_mode mode
)
7119 for (i
= 0; i
< num_modes
; i
++) {
7120 if (modes
[i
].mode
== mode
)
7129 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7132 struct wpa_bss_tmp_disallowed
*bss
;
7134 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7135 struct wpa_bss_tmp_disallowed
, list
) {
7136 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7144 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7146 struct wpa_bss_tmp_disallowed
*tmp
;
7147 unsigned int num_bssid
= 0;
7151 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7154 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7155 struct wpa_bss_tmp_disallowed
, list
) {
7156 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7160 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7166 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7168 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7169 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7171 /* Make sure the bss is not already freed */
7172 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7173 struct wpa_bss_tmp_disallowed
, list
) {
7175 dl_list_del(&tmp
->list
);
7177 wpa_set_driver_tmp_disallow_list(wpa_s
);
7184 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7187 struct wpa_bss_tmp_disallowed
*bss
;
7189 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7191 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7192 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7197 bss
= os_malloc(sizeof(*bss
));
7199 wpa_printf(MSG_DEBUG
,
7200 "Failed to allocate memory for temp disallow BSS");
7204 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7205 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7206 wpa_set_driver_tmp_disallow_list(wpa_s
);
7207 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7212 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7214 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
7216 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7217 struct wpa_bss_tmp_disallowed
, list
) {
7218 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {