]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright notices to include the new year
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19 #include "includes.h"
20
21 #include "common.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_server/eap_methods.h"
25 #include "rsn_supp/wpa.h"
26 #include "eloop.h"
27 #include "config.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "driver_i.h"
31 #include "ctrl_iface.h"
32 #include "pcsc_funcs.h"
33 #include "common/version.h"
34 #include "rsn_supp/preauth.h"
35 #include "rsn_supp/pmksa_cache.h"
36 #include "common/wpa_ctrl.h"
37 #include "mlme.h"
38 #include "common/ieee802_11_defs.h"
39 #include "p2p/p2p.h"
40 #include "blacklist.h"
41 #include "wpas_glue.h"
42 #include "wps_supplicant.h"
43 #include "ibss_rsn.h"
44 #include "sme.h"
45 #include "ap.h"
46 #include "p2p_supplicant.h"
47 #include "notify.h"
48 #include "bgscan.h"
49 #include "bss.h"
50 #include "scan.h"
51
52 const char *wpa_supplicant_version =
53 "wpa_supplicant v" VERSION_STR "\n"
54 "Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors";
55
56 const char *wpa_supplicant_license =
57 "This program is free software. You can distribute it and/or modify it\n"
58 "under the terms of the GNU General Public License version 2.\n"
59 "\n"
60 "Alternatively, this software may be distributed under the terms of the\n"
61 "BSD license. See README and COPYING for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
66 ;
67
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
71 "This program is free software; you can redistribute it and/or modify\n"
72 "it under the terms of the GNU General Public License version 2 as\n"
73 "published by the Free Software Foundation.\n"
74 "\n"
75 "This program is distributed in the hope that it will be useful,\n"
76 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
77 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
78 "GNU General Public License for more details.\n"
79 "\n";
80 const char *wpa_supplicant_full_license2 =
81 "You should have received a copy of the GNU General Public License\n"
82 "along with this program; if not, write to the Free Software\n"
83 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
84 "\n"
85 "Alternatively, this software may be distributed under the terms of the\n"
86 "BSD license.\n"
87 "\n"
88 "Redistribution and use in source and binary forms, with or without\n"
89 "modification, are permitted provided that the following conditions are\n"
90 "met:\n"
91 "\n";
92 const char *wpa_supplicant_full_license3 =
93 "1. Redistributions of source code must retain the above copyright\n"
94 " notice, this list of conditions and the following disclaimer.\n"
95 "\n"
96 "2. Redistributions in binary form must reproduce the above copyright\n"
97 " notice, this list of conditions and the following disclaimer in the\n"
98 " documentation and/or other materials provided with the distribution.\n"
99 "\n";
100 const char *wpa_supplicant_full_license4 =
101 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
102 " names of its contributors may be used to endorse or promote products\n"
103 " derived from this software without specific prior written permission.\n"
104 "\n"
105 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
106 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
107 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
108 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
109 const char *wpa_supplicant_full_license5 =
110 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
111 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
112 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
113 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
114 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
115 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
116 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
117 "\n";
118 #endif /* CONFIG_NO_STDOUT_DEBUG */
119
120 extern int wpa_debug_level;
121 extern int wpa_debug_show_keys;
122 extern int wpa_debug_timestamp;
123 extern struct wpa_driver_ops *wpa_drivers[];
124
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
127 {
128 int i, set = 0;
129
130 for (i = 0; i < NUM_WEP_KEYS; i++) {
131 if (ssid->wep_key_len[i] == 0)
132 continue;
133
134 set = 1;
135 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
136 i, i == ssid->wep_tx_keyidx, NULL, 0,
137 ssid->wep_key[i], ssid->wep_key_len[i]);
138 }
139
140 return set;
141 }
142
143
144 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
145 struct wpa_ssid *ssid)
146 {
147 u8 key[32];
148 size_t keylen;
149 enum wpa_alg alg;
150 u8 seq[6] = { 0 };
151
152 /* IBSS/WPA-None uses only one key (Group) for both receiving and
153 * sending unicast and multicast packets. */
154
155 if (ssid->mode != WPAS_MODE_IBSS) {
156 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
157 "IBSS/ad-hoc) for WPA-None", ssid->mode);
158 return -1;
159 }
160
161 if (!ssid->psk_set) {
162 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
163 "WPA-None");
164 return -1;
165 }
166
167 switch (wpa_s->group_cipher) {
168 case WPA_CIPHER_CCMP:
169 os_memcpy(key, ssid->psk, 16);
170 keylen = 16;
171 alg = WPA_ALG_CCMP;
172 break;
173 case WPA_CIPHER_TKIP:
174 /* WPA-None uses the same Michael MIC key for both TX and RX */
175 os_memcpy(key, ssid->psk, 16 + 8);
176 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
177 keylen = 32;
178 alg = WPA_ALG_TKIP;
179 break;
180 default:
181 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
182 "WPA-None", wpa_s->group_cipher);
183 return -1;
184 }
185
186 /* TODO: should actually remember the previously used seq#, both for TX
187 * and RX from each STA.. */
188
189 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
190 }
191
192
193 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
194 {
195 struct wpa_supplicant *wpa_s = eloop_ctx;
196 const u8 *bssid = wpa_s->bssid;
197 if (is_zero_ether_addr(bssid))
198 bssid = wpa_s->pending_bssid;
199 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
200 MAC2STR(bssid));
201 wpa_blacklist_add(wpa_s, bssid);
202 wpa_sm_notify_disassoc(wpa_s->wpa);
203 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
204 wpa_s->reassociate = 1;
205
206 /*
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
209 */
210 wpa_supplicant_req_scan(wpa_s, 1, 0);
211 }
212
213
214 /**
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
219 *
220 * This function is used to schedule a timeout for the current authentication
221 * attempt.
222 */
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 int sec, int usec)
225 {
226 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
227 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 return;
229
230 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
231 "%d usec", sec, usec);
232 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
233 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
234 }
235
236
237 /**
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
240 *
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 * been completed.
244 */
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
246 {
247 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
249 wpa_blacklist_del(wpa_s, wpa_s->bssid);
250 }
251
252
253 /**
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
256 *
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
259 */
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
261 {
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf;
264 struct wpa_ssid *ssid = wpa_s->current_ssid;
265
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid->mode == WPAS_MODE_IBSS &&
268 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
270 /*
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
273 */
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 return;
278 }
279 #endif /* CONFIG_IBSS_RSN */
280
281 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
282 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
283
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
285 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
286 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
287 else
288 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
289
290 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
291 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
292 eapol_conf.accept_802_1x_keys = 1;
293 eapol_conf.required_keys = 0;
294 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
295 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
296 }
297 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
298 eapol_conf.required_keys |=
299 EAPOL_REQUIRE_KEY_BROADCAST;
300 }
301
302 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
303 eapol_conf.required_keys = 0;
304 }
305 if (wpa_s->conf)
306 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
307 eapol_conf.workaround = ssid->eap_workaround;
308 eapol_conf.eap_disabled =
309 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
311 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
312 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
313 #endif /* IEEE8021X_EAPOL */
314 }
315
316
317 /**
318 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
319 * @wpa_s: Pointer to wpa_supplicant data
320 * @ssid: Configuration data for the network
321 *
322 * This function is used to configure WPA state machine and related parameters
323 * to a mode where WPA is not enabled. This is called as part of the
324 * authentication configuration when the selected network does not use WPA.
325 */
326 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
327 struct wpa_ssid *ssid)
328 {
329 int i;
330
331 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
332 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
333 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
334 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
335 else
336 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
337 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
338 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
340 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
341 wpa_s->group_cipher = WPA_CIPHER_NONE;
342 wpa_s->mgmt_group_cipher = 0;
343
344 for (i = 0; i < NUM_WEP_KEYS; i++) {
345 if (ssid->wep_key_len[i] > 5) {
346 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
347 wpa_s->group_cipher = WPA_CIPHER_WEP104;
348 break;
349 } else if (ssid->wep_key_len[i] > 0) {
350 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
351 wpa_s->group_cipher = WPA_CIPHER_WEP40;
352 break;
353 }
354 }
355
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
359 wpa_s->pairwise_cipher);
360 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
361 #ifdef CONFIG_IEEE80211W
362 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
363 wpa_s->mgmt_group_cipher);
364 #endif /* CONFIG_IEEE80211W */
365
366 pmksa_cache_clear_current(wpa_s->wpa);
367 }
368
369
370 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
371 {
372 bgscan_deinit(wpa_s);
373 scard_deinit(wpa_s->scard);
374 wpa_s->scard = NULL;
375 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
376 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
377 l2_packet_deinit(wpa_s->l2);
378 wpa_s->l2 = NULL;
379 if (wpa_s->l2_br) {
380 l2_packet_deinit(wpa_s->l2_br);
381 wpa_s->l2_br = NULL;
382 }
383
384 if (wpa_s->ctrl_iface) {
385 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
386 wpa_s->ctrl_iface = NULL;
387 }
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
392 wpa_config_free(wpa_s->conf);
393 wpa_s->conf = NULL;
394 }
395
396 os_free(wpa_s->confname);
397 wpa_s->confname = NULL;
398
399 wpa_sm_set_eapol(wpa_s->wpa, NULL);
400 eapol_sm_deinit(wpa_s->eapol);
401 wpa_s->eapol = NULL;
402
403 rsn_preauth_deinit(wpa_s->wpa);
404
405 pmksa_candidate_free(wpa_s->wpa);
406 wpa_sm_deinit(wpa_s->wpa);
407 wpa_s->wpa = NULL;
408 wpa_blacklist_clear(wpa_s);
409
410 wpa_bss_deinit(wpa_s);
411
412 wpa_supplicant_cancel_scan(wpa_s);
413 wpa_supplicant_cancel_auth_timeout(wpa_s);
414
415 ieee80211_sta_deinit(wpa_s);
416
417 wpas_wps_deinit(wpa_s);
418
419 wpabuf_free(wpa_s->pending_eapol_rx);
420 wpa_s->pending_eapol_rx = NULL;
421
422 #ifdef CONFIG_IBSS_RSN
423 ibss_rsn_deinit(wpa_s->ibss_rsn);
424 wpa_s->ibss_rsn = NULL;
425 #endif /* CONFIG_IBSS_RSN */
426
427 sme_deinit(wpa_s);
428
429 #ifdef CONFIG_AP
430 wpa_supplicant_ap_deinit(wpa_s);
431 #endif /* CONFIG_AP */
432
433 #ifdef CONFIG_P2P
434 wpas_p2p_deinit(wpa_s);
435 #endif /* CONFIG_P2P */
436
437 os_free(wpa_s->next_scan_freqs);
438 wpa_s->next_scan_freqs = NULL;
439 }
440
441
442 /**
443 * wpa_clear_keys - Clear keys configured for the driver
444 * @wpa_s: Pointer to wpa_supplicant data
445 * @addr: Previously used BSSID or %NULL if not available
446 *
447 * This function clears the encryption keys that has been previously configured
448 * for the driver.
449 */
450 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
451 {
452 if (wpa_s->keys_cleared) {
453 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
454 * timing issues with keys being cleared just before new keys
455 * are set or just after association or something similar. This
456 * shows up in group key handshake failing often because of the
457 * client not receiving the first encrypted packets correctly.
458 * Skipping some of the extra key clearing steps seems to help
459 * in completing group key handshake more reliably. */
460 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
461 "skip key clearing");
462 return;
463 }
464
465 /* MLME-DELETEKEYS.request */
466 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
467 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
468 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
469 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
470 #ifdef CONFIG_IEEE80211W
471 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
472 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
473 #endif /* CONFIG_IEEE80211W */
474 if (addr) {
475 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
476 0);
477 /* MLME-SETPROTECTION.request(None) */
478 wpa_drv_mlme_setprotection(
479 wpa_s, addr,
480 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
481 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
482 }
483 wpa_s->keys_cleared = 1;
484 }
485
486
487 /**
488 * wpa_supplicant_state_txt - Get the connection state name as a text string
489 * @state: State (wpa_state; WPA_*)
490 * Returns: The state name as a printable text string
491 */
492 const char * wpa_supplicant_state_txt(enum wpa_states state)
493 {
494 switch (state) {
495 case WPA_DISCONNECTED:
496 return "DISCONNECTED";
497 case WPA_INACTIVE:
498 return "INACTIVE";
499 case WPA_INTERFACE_DISABLED:
500 return "INTERFACE_DISABLED";
501 case WPA_SCANNING:
502 return "SCANNING";
503 case WPA_AUTHENTICATING:
504 return "AUTHENTICATING";
505 case WPA_ASSOCIATING:
506 return "ASSOCIATING";
507 case WPA_ASSOCIATED:
508 return "ASSOCIATED";
509 case WPA_4WAY_HANDSHAKE:
510 return "4WAY_HANDSHAKE";
511 case WPA_GROUP_HANDSHAKE:
512 return "GROUP_HANDSHAKE";
513 case WPA_COMPLETED:
514 return "COMPLETED";
515 default:
516 return "UNKNOWN";
517 }
518 }
519
520
521 /**
522 * wpa_supplicant_set_state - Set current connection state
523 * @wpa_s: Pointer to wpa_supplicant data
524 * @state: The new connection state
525 *
526 * This function is called whenever the connection state changes, e.g.,
527 * association is completed for WPA/WPA2 4-Way Handshake is started.
528 */
529 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
530 enum wpa_states state)
531 {
532 enum wpa_states old_state = wpa_s->wpa_state;
533
534 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
535 wpa_supplicant_state_txt(wpa_s->wpa_state),
536 wpa_supplicant_state_txt(state));
537
538 if (state != WPA_SCANNING)
539 wpa_supplicant_notify_scanning(wpa_s, 0);
540
541 if (state == WPA_COMPLETED && wpa_s->new_connection) {
542 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
543 struct wpa_ssid *ssid = wpa_s->current_ssid;
544 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
545 MACSTR " completed %s [id=%d id_str=%s]",
546 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
547 "(reauth)" : "(auth)",
548 ssid ? ssid->id : -1,
549 ssid && ssid->id_str ? ssid->id_str : "");
550 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
551 wpa_s->new_connection = 0;
552 wpa_s->reassociated_connection = 1;
553 wpa_drv_set_operstate(wpa_s, 1);
554 #ifndef IEEE8021X_EAPOL
555 wpa_drv_set_supp_port(wpa_s, 1);
556 #endif /* IEEE8021X_EAPOL */
557 wpa_s->after_wps = 0;
558 #ifdef CONFIG_P2P
559 wpas_p2p_completed(wpa_s);
560 #endif /* CONFIG_P2P */
561 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
562 state == WPA_ASSOCIATED) {
563 wpa_s->new_connection = 1;
564 wpa_drv_set_operstate(wpa_s, 0);
565 #ifndef IEEE8021X_EAPOL
566 wpa_drv_set_supp_port(wpa_s, 0);
567 #endif /* IEEE8021X_EAPOL */
568 }
569 wpa_s->wpa_state = state;
570
571 if (wpa_s->wpa_state != old_state)
572 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
573 }
574
575
576 void wpa_supplicant_terminate_proc(struct wpa_global *global)
577 {
578 int pending = 0;
579 #ifdef CONFIG_WPS
580 struct wpa_supplicant *wpa_s = global->ifaces;
581 while (wpa_s) {
582 if (wpas_wps_terminate_pending(wpa_s) == 1)
583 pending = 1;
584 wpa_s = wpa_s->next;
585 }
586 #endif /* CONFIG_WPS */
587 if (pending)
588 return;
589 eloop_terminate();
590 }
591
592
593 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
594 {
595 struct wpa_global *global = signal_ctx;
596 struct wpa_supplicant *wpa_s;
597 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
598 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
599 "received", sig);
600 }
601 wpa_supplicant_terminate_proc(global);
602 }
603
604
605 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
606 {
607 enum wpa_states old_state = wpa_s->wpa_state;
608
609 wpa_s->pairwise_cipher = 0;
610 wpa_s->group_cipher = 0;
611 wpa_s->mgmt_group_cipher = 0;
612 wpa_s->key_mgmt = 0;
613 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
614 wpa_s->wpa_state = WPA_DISCONNECTED;
615
616 if (wpa_s->wpa_state != old_state)
617 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
618 }
619
620
621 /**
622 * wpa_supplicant_reload_configuration - Reload configuration data
623 * @wpa_s: Pointer to wpa_supplicant data
624 * Returns: 0 on success or -1 if configuration parsing failed
625 *
626 * This function can be used to request that the configuration data is reloaded
627 * (e.g., after configuration file change). This function is reloading
628 * configuration only for one interface, so this may need to be called multiple
629 * times if %wpa_supplicant is controlling multiple interfaces and all
630 * interfaces need reconfiguration.
631 */
632 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
633 {
634 struct wpa_config *conf;
635 struct wpa_ssid *old_ssid;
636 int reconf_ctrl;
637 int old_ap_scan;
638
639 if (wpa_s->confname == NULL)
640 return -1;
641 conf = wpa_config_read(wpa_s->confname);
642 if (conf == NULL) {
643 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
644 "file '%s' - exiting", wpa_s->confname);
645 return -1;
646 }
647 conf->changed_parameters = (unsigned int) -1;
648
649 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
650 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
651 os_strcmp(conf->ctrl_interface,
652 wpa_s->conf->ctrl_interface) != 0);
653
654 if (reconf_ctrl && wpa_s->ctrl_iface) {
655 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
656 wpa_s->ctrl_iface = NULL;
657 }
658
659 eapol_sm_invalidate_cached_session(wpa_s->eapol);
660 old_ssid = wpa_s->current_ssid;
661 wpa_s->current_ssid = NULL;
662 if (old_ssid != wpa_s->current_ssid)
663 wpas_notify_network_changed(wpa_s);
664
665 /*
666 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
667 * pkcs11_engine_path, pkcs11_module_path.
668 */
669 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
670 /*
671 * Clear forced success to clear EAP state for next
672 * authentication.
673 */
674 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
675 }
676 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
677 wpa_sm_set_config(wpa_s->wpa, NULL);
678 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
679 rsn_preauth_deinit(wpa_s->wpa);
680
681 old_ap_scan = wpa_s->conf->ap_scan;
682 wpa_config_free(wpa_s->conf);
683 wpa_s->conf = conf;
684 if (old_ap_scan != wpa_s->conf->ap_scan)
685 wpas_notify_ap_scan_changed(wpa_s);
686
687 if (reconf_ctrl)
688 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
689
690 wpa_supplicant_update_config(wpa_s);
691
692 wpa_supplicant_clear_status(wpa_s);
693 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
694 wpa_s->reassociate = 1;
695 wpa_supplicant_req_scan(wpa_s, 0, 0);
696 }
697 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
698 return 0;
699 }
700
701
702 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
703 {
704 struct wpa_global *global = signal_ctx;
705 struct wpa_supplicant *wpa_s;
706 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
707 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
708 sig);
709 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
710 wpa_supplicant_terminate_proc(global);
711 }
712 }
713 }
714
715
716 enum wpa_cipher cipher_suite2driver(int cipher)
717 {
718 switch (cipher) {
719 case WPA_CIPHER_NONE:
720 return CIPHER_NONE;
721 case WPA_CIPHER_WEP40:
722 return CIPHER_WEP40;
723 case WPA_CIPHER_WEP104:
724 return CIPHER_WEP104;
725 case WPA_CIPHER_CCMP:
726 return CIPHER_CCMP;
727 case WPA_CIPHER_TKIP:
728 default:
729 return CIPHER_TKIP;
730 }
731 }
732
733
734 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
735 {
736 switch (key_mgmt) {
737 case WPA_KEY_MGMT_NONE:
738 return KEY_MGMT_NONE;
739 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
740 return KEY_MGMT_802_1X_NO_WPA;
741 case WPA_KEY_MGMT_IEEE8021X:
742 return KEY_MGMT_802_1X;
743 case WPA_KEY_MGMT_WPA_NONE:
744 return KEY_MGMT_WPA_NONE;
745 case WPA_KEY_MGMT_FT_IEEE8021X:
746 return KEY_MGMT_FT_802_1X;
747 case WPA_KEY_MGMT_FT_PSK:
748 return KEY_MGMT_FT_PSK;
749 case WPA_KEY_MGMT_IEEE8021X_SHA256:
750 return KEY_MGMT_802_1X_SHA256;
751 case WPA_KEY_MGMT_PSK_SHA256:
752 return KEY_MGMT_PSK_SHA256;
753 case WPA_KEY_MGMT_WPS:
754 return KEY_MGMT_WPS;
755 case WPA_KEY_MGMT_PSK:
756 default:
757 return KEY_MGMT_PSK;
758 }
759 }
760
761
762 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
763 struct wpa_ssid *ssid,
764 struct wpa_ie_data *ie)
765 {
766 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
767 if (ret) {
768 if (ret == -2) {
769 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
770 "from association info");
771 }
772 return -1;
773 }
774
775 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
776 "cipher suites");
777 if (!(ie->group_cipher & ssid->group_cipher)) {
778 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
779 "cipher 0x%x (mask 0x%x) - reject",
780 ie->group_cipher, ssid->group_cipher);
781 return -1;
782 }
783 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
784 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
785 "cipher 0x%x (mask 0x%x) - reject",
786 ie->pairwise_cipher, ssid->pairwise_cipher);
787 return -1;
788 }
789 if (!(ie->key_mgmt & ssid->key_mgmt)) {
790 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
791 "management 0x%x (mask 0x%x) - reject",
792 ie->key_mgmt, ssid->key_mgmt);
793 return -1;
794 }
795
796 #ifdef CONFIG_IEEE80211W
797 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
798 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
799 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
800 "that does not support management frame protection - "
801 "reject");
802 return -1;
803 }
804 #endif /* CONFIG_IEEE80211W */
805
806 return 0;
807 }
808
809
810 /**
811 * wpa_supplicant_set_suites - Set authentication and encryption parameters
812 * @wpa_s: Pointer to wpa_supplicant data
813 * @bss: Scan results for the selected BSS, or %NULL if not available
814 * @ssid: Configuration data for the selected network
815 * @wpa_ie: Buffer for the WPA/RSN IE
816 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
817 * used buffer length in case the functions returns success.
818 * Returns: 0 on success or -1 on failure
819 *
820 * This function is used to configure authentication and encryption parameters
821 * based on the network configuration and scan result for the selected BSS (if
822 * available).
823 */
824 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
825 struct wpa_bss *bss, struct wpa_ssid *ssid,
826 u8 *wpa_ie, size_t *wpa_ie_len)
827 {
828 struct wpa_ie_data ie;
829 int sel, proto;
830 const u8 *bss_wpa, *bss_rsn;
831
832 if (bss) {
833 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
834 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
835 } else
836 bss_wpa = bss_rsn = NULL;
837
838 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
839 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
840 (ie.group_cipher & ssid->group_cipher) &&
841 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
842 (ie.key_mgmt & ssid->key_mgmt)) {
843 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
844 proto = WPA_PROTO_RSN;
845 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
846 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
847 (ie.group_cipher & ssid->group_cipher) &&
848 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
849 (ie.key_mgmt & ssid->key_mgmt)) {
850 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
851 proto = WPA_PROTO_WPA;
852 } else if (bss) {
853 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
854 return -1;
855 } else {
856 if (ssid->proto & WPA_PROTO_RSN)
857 proto = WPA_PROTO_RSN;
858 else
859 proto = WPA_PROTO_WPA;
860 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
861 os_memset(&ie, 0, sizeof(ie));
862 ie.group_cipher = ssid->group_cipher;
863 ie.pairwise_cipher = ssid->pairwise_cipher;
864 ie.key_mgmt = ssid->key_mgmt;
865 #ifdef CONFIG_IEEE80211W
866 ie.mgmt_group_cipher =
867 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
868 WPA_CIPHER_AES_128_CMAC : 0;
869 #endif /* CONFIG_IEEE80211W */
870 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
871 "based on configuration");
872 } else
873 proto = ie.proto;
874 }
875
876 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
877 "pairwise %d key_mgmt %d proto %d",
878 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
879 #ifdef CONFIG_IEEE80211W
880 if (ssid->ieee80211w) {
881 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
882 ie.mgmt_group_cipher);
883 }
884 #endif /* CONFIG_IEEE80211W */
885
886 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
887 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
888 !!(ssid->proto & WPA_PROTO_RSN));
889
890 if (bss || !wpa_s->ap_ies_from_associnfo) {
891 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
892 bss_wpa ? 2 + bss_wpa[1] : 0) ||
893 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
894 bss_rsn ? 2 + bss_rsn[1] : 0))
895 return -1;
896 }
897
898 sel = ie.group_cipher & ssid->group_cipher;
899 if (sel & WPA_CIPHER_CCMP) {
900 wpa_s->group_cipher = WPA_CIPHER_CCMP;
901 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
902 } else if (sel & WPA_CIPHER_TKIP) {
903 wpa_s->group_cipher = WPA_CIPHER_TKIP;
904 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
905 } else if (sel & WPA_CIPHER_WEP104) {
906 wpa_s->group_cipher = WPA_CIPHER_WEP104;
907 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
908 } else if (sel & WPA_CIPHER_WEP40) {
909 wpa_s->group_cipher = WPA_CIPHER_WEP40;
910 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
911 } else {
912 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
913 "cipher");
914 return -1;
915 }
916
917 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
918 if (sel & WPA_CIPHER_CCMP) {
919 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
920 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
921 } else if (sel & WPA_CIPHER_TKIP) {
922 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
923 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
924 } else if (sel & WPA_CIPHER_NONE) {
925 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
926 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
927 } else {
928 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
929 "cipher");
930 return -1;
931 }
932
933 sel = ie.key_mgmt & ssid->key_mgmt;
934 if (0) {
935 #ifdef CONFIG_IEEE80211R
936 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
937 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
938 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
939 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
940 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
941 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
942 #endif /* CONFIG_IEEE80211R */
943 #ifdef CONFIG_IEEE80211W
944 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
945 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
946 wpa_dbg(wpa_s, MSG_DEBUG,
947 "WPA: using KEY_MGMT 802.1X with SHA256");
948 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
949 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
950 wpa_dbg(wpa_s, MSG_DEBUG,
951 "WPA: using KEY_MGMT PSK with SHA256");
952 #endif /* CONFIG_IEEE80211W */
953 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
954 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
955 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
956 } else if (sel & WPA_KEY_MGMT_PSK) {
957 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
958 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
959 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
960 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
961 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
962 } else {
963 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
964 "authenticated key management type");
965 return -1;
966 }
967
968 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
969 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
970 wpa_s->pairwise_cipher);
971 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
972
973 #ifdef CONFIG_IEEE80211W
974 sel = ie.mgmt_group_cipher;
975 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
976 !(ie.capabilities & WPA_CAPABILITY_MFPC))
977 sel = 0;
978 if (sel & WPA_CIPHER_AES_128_CMAC) {
979 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
980 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
981 "AES-128-CMAC");
982 } else {
983 wpa_s->mgmt_group_cipher = 0;
984 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
985 }
986 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
987 wpa_s->mgmt_group_cipher);
988 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
989 #endif /* CONFIG_IEEE80211W */
990
991 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
992 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
993 return -1;
994 }
995
996 if (ssid->key_mgmt &
997 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
998 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
999 else
1000 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1001
1002 return 0;
1003 }
1004
1005
1006 /**
1007 * wpa_supplicant_associate - Request association
1008 * @wpa_s: Pointer to wpa_supplicant data
1009 * @bss: Scan results for the selected BSS, or %NULL if not available
1010 * @ssid: Configuration data for the selected network
1011 *
1012 * This function is used to request %wpa_supplicant to associate with a BSS.
1013 */
1014 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1015 struct wpa_bss *bss, struct wpa_ssid *ssid)
1016 {
1017 u8 wpa_ie[200];
1018 size_t wpa_ie_len;
1019 int use_crypt, ret, i, bssid_changed;
1020 int algs = WPA_AUTH_ALG_OPEN;
1021 enum wpa_cipher cipher_pairwise, cipher_group;
1022 struct wpa_driver_associate_params params;
1023 int wep_keys_set = 0;
1024 struct wpa_driver_capa capa;
1025 int assoc_failed = 0;
1026 struct wpa_ssid *old_ssid;
1027
1028 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1029 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1030 #ifdef CONFIG_AP
1031 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1032 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1033 "mode");
1034 return;
1035 }
1036 wpa_supplicant_create_ap(wpa_s, ssid);
1037 wpa_s->current_bss = bss;
1038 #else /* CONFIG_AP */
1039 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1040 "the build");
1041 #endif /* CONFIG_AP */
1042 return;
1043 }
1044
1045 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1046 ssid->mode == IEEE80211_MODE_INFRA) {
1047 sme_authenticate(wpa_s, bss, ssid);
1048 return;
1049 }
1050
1051 os_memset(&params, 0, sizeof(params));
1052 wpa_s->reassociate = 0;
1053 if (bss) {
1054 #ifdef CONFIG_IEEE80211R
1055 const u8 *ie, *md = NULL;
1056 #endif /* CONFIG_IEEE80211R */
1057 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1058 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1059 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1060 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1061 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1062 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1063 if (bssid_changed)
1064 wpas_notify_bssid_changed(wpa_s);
1065 #ifdef CONFIG_IEEE80211R
1066 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1067 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1068 md = ie + 2;
1069 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1070 if (md) {
1071 /* Prepare for the next transition */
1072 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1073 }
1074 #endif /* CONFIG_IEEE80211R */
1075 #ifdef CONFIG_WPS
1076 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1077 wpa_s->conf->ap_scan == 2 &&
1078 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1079 /* Use ap_scan==1 style network selection to find the network
1080 */
1081 wpa_s->scan_req = 2;
1082 wpa_s->reassociate = 1;
1083 wpa_supplicant_req_scan(wpa_s, 0, 0);
1084 return;
1085 #endif /* CONFIG_WPS */
1086 } else {
1087 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1088 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1089 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1090 }
1091 wpa_supplicant_cancel_scan(wpa_s);
1092
1093 /* Starting new association, so clear the possibly used WPA IE from the
1094 * previous association. */
1095 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1096
1097 #ifdef IEEE8021X_EAPOL
1098 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1099 if (ssid->leap) {
1100 if (ssid->non_leap == 0)
1101 algs = WPA_AUTH_ALG_LEAP;
1102 else
1103 algs |= WPA_AUTH_ALG_LEAP;
1104 }
1105 }
1106 #endif /* IEEE8021X_EAPOL */
1107 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1108 if (ssid->auth_alg) {
1109 algs = ssid->auth_alg;
1110 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1111 "0x%x", algs);
1112 }
1113
1114 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1115 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1116 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1117 WPA_KEY_MGMT_FT_IEEE8021X |
1118 WPA_KEY_MGMT_FT_PSK |
1119 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1120 WPA_KEY_MGMT_PSK_SHA256))) {
1121 int try_opportunistic;
1122 try_opportunistic = ssid->proactive_key_caching &&
1123 (ssid->proto & WPA_PROTO_RSN);
1124 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1125 wpa_s->current_ssid,
1126 try_opportunistic) == 0)
1127 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1128 wpa_ie_len = sizeof(wpa_ie);
1129 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1130 wpa_ie, &wpa_ie_len)) {
1131 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1132 "key management and encryption suites");
1133 return;
1134 }
1135 } else if (ssid->key_mgmt &
1136 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1137 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
1138 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1139 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
1140 wpa_ie_len = sizeof(wpa_ie);
1141 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1142 wpa_ie, &wpa_ie_len)) {
1143 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1144 "key management and encryption suites (no "
1145 "scan results)");
1146 return;
1147 }
1148 #ifdef CONFIG_WPS
1149 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1150 struct wpabuf *wps_ie;
1151 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1152 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1153 wpa_ie_len = wpabuf_len(wps_ie);
1154 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1155 } else
1156 wpa_ie_len = 0;
1157 wpabuf_free(wps_ie);
1158 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1159 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1160 params.wps = WPS_MODE_PRIVACY;
1161 else
1162 params.wps = WPS_MODE_OPEN;
1163 #endif /* CONFIG_WPS */
1164 } else {
1165 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1166 wpa_ie_len = 0;
1167 }
1168
1169 #ifdef CONFIG_P2P
1170 if (wpa_s->global->p2p) {
1171 u8 *pos;
1172 size_t len;
1173 int res;
1174 int p2p_group;
1175 p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
1176 pos = wpa_ie + wpa_ie_len;
1177 len = sizeof(wpa_ie) - wpa_ie_len;
1178 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
1179 if (res >= 0)
1180 wpa_ie_len += res;
1181 }
1182
1183 wpa_s->cross_connect_disallowed = 0;
1184 if (bss) {
1185 struct wpabuf *p2p;
1186 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1187 if (p2p) {
1188 wpa_s->cross_connect_disallowed =
1189 p2p_get_cross_connect_disallowed(p2p);
1190 wpabuf_free(p2p);
1191 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1192 "connection",
1193 wpa_s->cross_connect_disallowed ?
1194 "disallows" : "allows");
1195 }
1196 }
1197 #endif /* CONFIG_P2P */
1198
1199 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1200 use_crypt = 1;
1201 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1202 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1203 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1204 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1205 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1206 use_crypt = 0;
1207 if (wpa_set_wep_keys(wpa_s, ssid)) {
1208 use_crypt = 1;
1209 wep_keys_set = 1;
1210 }
1211 }
1212 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1213 use_crypt = 0;
1214
1215 #ifdef IEEE8021X_EAPOL
1216 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1217 if ((ssid->eapol_flags &
1218 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1219 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1220 !wep_keys_set) {
1221 use_crypt = 0;
1222 } else {
1223 /* Assume that dynamic WEP-104 keys will be used and
1224 * set cipher suites in order for drivers to expect
1225 * encryption. */
1226 cipher_pairwise = cipher_group = CIPHER_WEP104;
1227 }
1228 }
1229 #endif /* IEEE8021X_EAPOL */
1230
1231 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1232 /* Set the key before (and later after) association */
1233 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1234 }
1235
1236 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1237 if (bss) {
1238 params.bssid = bss->bssid;
1239 params.ssid = bss->ssid;
1240 params.ssid_len = bss->ssid_len;
1241 params.freq = bss->freq;
1242 } else {
1243 params.ssid = ssid->ssid;
1244 params.ssid_len = ssid->ssid_len;
1245 }
1246 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1247 params.freq == 0)
1248 params.freq = ssid->frequency; /* Initial channel for IBSS */
1249 params.wpa_ie = wpa_ie;
1250 params.wpa_ie_len = wpa_ie_len;
1251 params.pairwise_suite = cipher_pairwise;
1252 params.group_suite = cipher_group;
1253 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1254 params.auth_alg = algs;
1255 params.mode = ssid->mode;
1256 for (i = 0; i < NUM_WEP_KEYS; i++) {
1257 if (ssid->wep_key_len[i])
1258 params.wep_key[i] = ssid->wep_key[i];
1259 params.wep_key_len[i] = ssid->wep_key_len[i];
1260 }
1261 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1262
1263 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1264 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1265 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1266 params.passphrase = ssid->passphrase;
1267 if (ssid->psk_set)
1268 params.psk = ssid->psk;
1269 }
1270
1271 params.drop_unencrypted = use_crypt;
1272
1273 #ifdef CONFIG_IEEE80211W
1274 params.mgmt_frame_protection = ssid->ieee80211w;
1275 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1276 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1277 struct wpa_ie_data ie;
1278 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1279 ie.capabilities &
1280 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1281 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1282 "MFP: require MFP");
1283 params.mgmt_frame_protection =
1284 MGMT_FRAME_PROTECTION_REQUIRED;
1285 }
1286 }
1287 #endif /* CONFIG_IEEE80211W */
1288
1289 #ifdef CONFIG_P2P
1290 if (wpa_s->global->p2p &&
1291 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE))
1292 params.p2p = 1;
1293 #endif /* CONFIG_P2P */
1294
1295 if (wpa_s->parent->set_sta_uapsd)
1296 params.uapsd = wpa_s->parent->sta_uapsd;
1297 else
1298 params.uapsd = -1;
1299
1300 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1301 ret = ieee80211_sta_associate(wpa_s, &params);
1302 else
1303 ret = wpa_drv_associate(wpa_s, &params);
1304 if (ret < 0) {
1305 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1306 "failed");
1307 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1308 /*
1309 * The driver is known to mean what is saying, so we
1310 * can stop right here; the association will not
1311 * succeed.
1312 */
1313 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1314 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1315 return;
1316 }
1317 /* try to continue anyway; new association will be tried again
1318 * after timeout */
1319 assoc_failed = 1;
1320 }
1321
1322 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1323 /* Set the key after the association just in case association
1324 * cleared the previously configured key. */
1325 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1326 /* No need to timeout authentication since there is no key
1327 * management. */
1328 wpa_supplicant_cancel_auth_timeout(wpa_s);
1329 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1330 #ifdef CONFIG_IBSS_RSN
1331 } else if (ssid->mode == WPAS_MODE_IBSS &&
1332 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1333 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1334 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
1335 /*
1336 * RSN IBSS authentication is per-STA and we can disable the
1337 * per-BSSID authentication.
1338 */
1339 wpa_supplicant_cancel_auth_timeout(wpa_s);
1340 #endif /* CONFIG_IBSS_RSN */
1341 } else {
1342 /* Timeout for IEEE 802.11 authentication and association */
1343 int timeout = 60;
1344
1345 if (assoc_failed) {
1346 /* give IBSS a bit more time */
1347 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1348 } else if (wpa_s->conf->ap_scan == 1) {
1349 /* give IBSS a bit more time */
1350 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1351 }
1352 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1353 }
1354
1355 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1356 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1357 /* Set static WEP keys again */
1358 wpa_set_wep_keys(wpa_s, ssid);
1359 }
1360
1361 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1362 /*
1363 * Do not allow EAP session resumption between different
1364 * network configurations.
1365 */
1366 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1367 }
1368 old_ssid = wpa_s->current_ssid;
1369 wpa_s->current_ssid = ssid;
1370 wpa_s->current_bss = bss;
1371 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1372 wpa_supplicant_initiate_eapol(wpa_s);
1373 if (old_ssid != wpa_s->current_ssid)
1374 wpas_notify_network_changed(wpa_s);
1375 }
1376
1377
1378 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1379 const u8 *addr)
1380 {
1381 struct wpa_ssid *old_ssid;
1382
1383 wpa_clear_keys(wpa_s, addr);
1384 wpa_supplicant_mark_disassoc(wpa_s);
1385 old_ssid = wpa_s->current_ssid;
1386 wpa_s->current_ssid = NULL;
1387 wpa_s->current_bss = NULL;
1388 wpa_sm_set_config(wpa_s->wpa, NULL);
1389 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1390 if (old_ssid != wpa_s->current_ssid)
1391 wpas_notify_network_changed(wpa_s);
1392 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1393 }
1394
1395
1396 /**
1397 * wpa_supplicant_disassociate - Disassociate the current connection
1398 * @wpa_s: Pointer to wpa_supplicant data
1399 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1400 *
1401 * This function is used to request %wpa_supplicant to disassociate with the
1402 * current AP.
1403 */
1404 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1405 int reason_code)
1406 {
1407 u8 *addr = NULL;
1408
1409 if (!is_zero_ether_addr(wpa_s->bssid)) {
1410 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1411 ieee80211_sta_disassociate(wpa_s, reason_code);
1412 else
1413 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1414 addr = wpa_s->bssid;
1415 }
1416
1417 wpa_supplicant_clear_connection(wpa_s, addr);
1418 }
1419
1420
1421 /**
1422 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1423 * @wpa_s: Pointer to wpa_supplicant data
1424 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1425 *
1426 * This function is used to request %wpa_supplicant to deauthenticate from the
1427 * current AP.
1428 */
1429 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1430 int reason_code)
1431 {
1432 u8 *addr = NULL;
1433
1434 if (!is_zero_ether_addr(wpa_s->bssid)) {
1435 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1436 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1437 else
1438 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1439 reason_code);
1440 addr = wpa_s->bssid;
1441 }
1442
1443 wpa_supplicant_clear_connection(wpa_s, addr);
1444 }
1445
1446
1447 /**
1448 * wpa_supplicant_enable_network - Mark a configured network as enabled
1449 * @wpa_s: wpa_supplicant structure for a network interface
1450 * @ssid: wpa_ssid structure for a configured network or %NULL
1451 *
1452 * Enables the specified network or all networks if no network specified.
1453 */
1454 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1455 struct wpa_ssid *ssid)
1456 {
1457 struct wpa_ssid *other_ssid;
1458 int was_disabled;
1459
1460 if (ssid == NULL) {
1461 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1462 other_ssid = other_ssid->next) {
1463 if (other_ssid->disabled == 2)
1464 continue; /* do not change persistent P2P group
1465 * data */
1466 if (other_ssid == wpa_s->current_ssid &&
1467 other_ssid->disabled)
1468 wpa_s->reassociate = 1;
1469
1470 was_disabled = other_ssid->disabled;
1471
1472 other_ssid->disabled = 0;
1473
1474 if (was_disabled != other_ssid->disabled)
1475 wpas_notify_network_enabled_changed(
1476 wpa_s, other_ssid);
1477 }
1478 if (wpa_s->reassociate)
1479 wpa_supplicant_req_scan(wpa_s, 0, 0);
1480 } else if (ssid->disabled && ssid->disabled != 2) {
1481 if (wpa_s->current_ssid == NULL) {
1482 /*
1483 * Try to reassociate since there is no current
1484 * configuration and a new network was made available.
1485 */
1486 wpa_s->reassociate = 1;
1487 wpa_supplicant_req_scan(wpa_s, 0, 0);
1488 }
1489
1490 was_disabled = ssid->disabled;
1491
1492 ssid->disabled = 0;
1493
1494 if (was_disabled != ssid->disabled)
1495 wpas_notify_network_enabled_changed(wpa_s, ssid);
1496 }
1497 }
1498
1499
1500 /**
1501 * wpa_supplicant_disable_network - Mark a configured network as disabled
1502 * @wpa_s: wpa_supplicant structure for a network interface
1503 * @ssid: wpa_ssid structure for a configured network or %NULL
1504 *
1505 * Disables the specified network or all networks if no network specified.
1506 */
1507 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1508 struct wpa_ssid *ssid)
1509 {
1510 struct wpa_ssid *other_ssid;
1511 int was_disabled;
1512
1513 if (ssid == NULL) {
1514 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1515 other_ssid = other_ssid->next) {
1516 was_disabled = other_ssid->disabled;
1517 if (was_disabled == 2)
1518 continue; /* do not change persistent P2P group
1519 * data */
1520
1521 other_ssid->disabled = 1;
1522
1523 if (was_disabled != other_ssid->disabled)
1524 wpas_notify_network_enabled_changed(
1525 wpa_s, other_ssid);
1526 }
1527 if (wpa_s->current_ssid)
1528 wpa_supplicant_disassociate(
1529 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1530 } else if (ssid->disabled != 2) {
1531 if (ssid == wpa_s->current_ssid)
1532 wpa_supplicant_disassociate(
1533 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1534
1535 was_disabled = ssid->disabled;
1536
1537 ssid->disabled = 1;
1538
1539 if (was_disabled != ssid->disabled)
1540 wpas_notify_network_enabled_changed(wpa_s, ssid);
1541 }
1542 }
1543
1544
1545 /**
1546 * wpa_supplicant_select_network - Attempt association with a network
1547 * @wpa_s: wpa_supplicant structure for a network interface
1548 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1549 */
1550 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1551 struct wpa_ssid *ssid)
1552 {
1553
1554 struct wpa_ssid *other_ssid;
1555
1556 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1557 wpa_supplicant_disassociate(
1558 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1559
1560 /*
1561 * Mark all other networks disabled or mark all networks enabled if no
1562 * network specified.
1563 */
1564 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1565 other_ssid = other_ssid->next) {
1566 int was_disabled = other_ssid->disabled;
1567 if (was_disabled == 2)
1568 continue; /* do not change persistent P2P group data */
1569
1570 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1571
1572 if (was_disabled != other_ssid->disabled)
1573 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1574 }
1575 wpa_s->disconnected = 0;
1576 wpa_s->reassociate = 1;
1577 wpa_supplicant_req_scan(wpa_s, 0, 0);
1578
1579 if (ssid)
1580 wpas_notify_network_selected(wpa_s, ssid);
1581 }
1582
1583
1584 /**
1585 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1586 * @wpa_s: wpa_supplicant structure for a network interface
1587 * @ap_scan: AP scan mode
1588 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1589 *
1590 */
1591 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1592 {
1593
1594 int old_ap_scan;
1595
1596 if (ap_scan < 0 || ap_scan > 2)
1597 return -1;
1598
1599 old_ap_scan = wpa_s->conf->ap_scan;
1600 wpa_s->conf->ap_scan = ap_scan;
1601
1602 if (old_ap_scan != wpa_s->conf->ap_scan)
1603 wpas_notify_ap_scan_changed(wpa_s);
1604
1605 return 0;
1606 }
1607
1608
1609 /**
1610 * wpa_supplicant_set_debug_params - Set global debug params
1611 * @global: wpa_global structure
1612 * @debug_level: debug level
1613 * @debug_timestamp: determines if show timestamp in debug data
1614 * @debug_show_keys: determines if show keys in debug data
1615 * Returns: 0 if succeed or -1 if debug_level has wrong value
1616 */
1617 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1618 int debug_timestamp, int debug_show_keys)
1619 {
1620
1621 int old_level, old_timestamp, old_show_keys;
1622
1623 /* check for allowed debuglevels */
1624 if (debug_level != MSG_MSGDUMP &&
1625 debug_level != MSG_DEBUG &&
1626 debug_level != MSG_INFO &&
1627 debug_level != MSG_WARNING &&
1628 debug_level != MSG_ERROR)
1629 return -1;
1630
1631 old_level = wpa_debug_level;
1632 old_timestamp = wpa_debug_timestamp;
1633 old_show_keys = wpa_debug_show_keys;
1634
1635 wpa_debug_level = debug_level;
1636 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1637 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1638
1639 if (wpa_debug_level != old_level)
1640 wpas_notify_debug_level_changed(global);
1641 if (wpa_debug_timestamp != old_timestamp)
1642 wpas_notify_debug_timestamp_changed(global);
1643 if (wpa_debug_show_keys != old_show_keys)
1644 wpas_notify_debug_show_keys_changed(global);
1645
1646 return 0;
1647 }
1648
1649
1650 /**
1651 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1652 * @wpa_s: Pointer to wpa_supplicant data
1653 * Returns: A pointer to the current network structure or %NULL on failure
1654 */
1655 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1656 {
1657 struct wpa_ssid *entry;
1658 u8 ssid[MAX_SSID_LEN];
1659 int res;
1660 size_t ssid_len;
1661 u8 bssid[ETH_ALEN];
1662 int wired;
1663
1664 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1665 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1666 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1667 "MLME");
1668 return NULL;
1669 }
1670 } else {
1671 res = wpa_drv_get_ssid(wpa_s, ssid);
1672 if (res < 0) {
1673 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1674 "driver");
1675 return NULL;
1676 }
1677 ssid_len = res;
1678 }
1679
1680 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1681 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1682 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1683 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
1684 "driver");
1685 return NULL;
1686 }
1687
1688 wired = wpa_s->conf->ap_scan == 0 &&
1689 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1690
1691 entry = wpa_s->conf->ssid;
1692 while (entry) {
1693 if (!entry->disabled &&
1694 ((ssid_len == entry->ssid_len &&
1695 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1696 (!entry->bssid_set ||
1697 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1698 return entry;
1699 #ifdef CONFIG_WPS
1700 if (!entry->disabled &&
1701 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1702 (entry->ssid == NULL || entry->ssid_len == 0) &&
1703 (!entry->bssid_set ||
1704 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1705 return entry;
1706 #endif /* CONFIG_WPS */
1707 entry = entry->next;
1708 }
1709
1710 return NULL;
1711 }
1712
1713
1714 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1715 const char *name)
1716 {
1717 int i;
1718 size_t len;
1719 const char *pos, *driver = name;
1720
1721 if (wpa_s == NULL)
1722 return -1;
1723
1724 if (wpa_drivers[0] == NULL) {
1725 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
1726 "wpa_supplicant");
1727 return -1;
1728 }
1729
1730 if (name == NULL) {
1731 /* default to first driver in the list */
1732 wpa_s->driver = wpa_drivers[0];
1733 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
1734 return 0;
1735 }
1736
1737 do {
1738 pos = os_strchr(driver, ',');
1739 if (pos)
1740 len = pos - driver;
1741 else
1742 len = os_strlen(driver);
1743
1744 for (i = 0; wpa_drivers[i]; i++) {
1745 if (os_strlen(wpa_drivers[i]->name) == len &&
1746 os_strncmp(driver, wpa_drivers[i]->name, len) ==
1747 0) {
1748 wpa_s->driver = wpa_drivers[i];
1749 wpa_s->global_drv_priv =
1750 wpa_s->global->drv_priv[i];
1751 return 0;
1752 }
1753 }
1754
1755 driver = pos + 1;
1756 } while (pos);
1757
1758 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
1759 return -1;
1760 }
1761
1762
1763 /**
1764 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1765 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1766 * with struct wpa_driver_ops::init()
1767 * @src_addr: Source address of the EAPOL frame
1768 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1769 * @len: Length of the EAPOL data
1770 *
1771 * This function is called for each received EAPOL frame. Most driver
1772 * interfaces rely on more generic OS mechanism for receiving frames through
1773 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1774 * take care of received EAPOL frames and deliver them to the core supplicant
1775 * code by calling this function.
1776 */
1777 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1778 const u8 *buf, size_t len)
1779 {
1780 struct wpa_supplicant *wpa_s = ctx;
1781
1782 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1783 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1784
1785 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1786 /*
1787 * There is possible race condition between receiving the
1788 * association event and the EAPOL frame since they are coming
1789 * through different paths from the driver. In order to avoid
1790 * issues in trying to process the EAPOL frame before receiving
1791 * association information, lets queue it for processing until
1792 * the association event is received.
1793 */
1794 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
1795 "of received EAPOL frame");
1796 wpabuf_free(wpa_s->pending_eapol_rx);
1797 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1798 if (wpa_s->pending_eapol_rx) {
1799 os_get_time(&wpa_s->pending_eapol_rx_time);
1800 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1801 ETH_ALEN);
1802 }
1803 return;
1804 }
1805
1806 #ifdef CONFIG_AP
1807 if (wpa_s->ap_iface) {
1808 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1809 return;
1810 }
1811 #endif /* CONFIG_AP */
1812
1813 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1814 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
1815 "no key management is configured");
1816 return;
1817 }
1818
1819 if (wpa_s->eapol_received == 0 &&
1820 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
1821 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1822 wpa_s->wpa_state != WPA_COMPLETED) &&
1823 (wpa_s->current_ssid == NULL ||
1824 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
1825 /* Timeout for completing IEEE 802.1X and WPA authentication */
1826 wpa_supplicant_req_auth_timeout(
1827 wpa_s,
1828 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1829 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1830 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
1831 70 : 10, 0);
1832 }
1833 wpa_s->eapol_received++;
1834
1835 if (wpa_s->countermeasures) {
1836 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
1837 "EAPOL packet");
1838 return;
1839 }
1840
1841 #ifdef CONFIG_IBSS_RSN
1842 if (wpa_s->current_ssid &&
1843 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
1844 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1845 return;
1846 }
1847 #endif /* CONFIG_IBSS_RSN */
1848
1849 /* Source address of the incoming EAPOL frame could be compared to the
1850 * current BSSID. However, it is possible that a centralized
1851 * Authenticator could be using another MAC address than the BSSID of
1852 * an AP, so just allow any address to be used for now. The replies are
1853 * still sent to the current BSSID (if available), though. */
1854
1855 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1856 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1857 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1858 return;
1859 wpa_drv_poll(wpa_s);
1860 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1861 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1862 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1863 /*
1864 * Set portValid = TRUE here since we are going to skip 4-way
1865 * handshake processing which would normally set portValid. We
1866 * need this to allow the EAPOL state machines to be completed
1867 * without going through EAPOL-Key handshake.
1868 */
1869 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1870 }
1871 }
1872
1873
1874 /**
1875 * wpa_supplicant_driver_init - Initialize driver interface parameters
1876 * @wpa_s: Pointer to wpa_supplicant data
1877 * Returns: 0 on success, -1 on failure
1878 *
1879 * This function is called to initialize driver interface parameters.
1880 * wpa_drv_init() must have been called before this function to initialize the
1881 * driver interface.
1882 */
1883 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1884 {
1885 static int interface_count = 0;
1886
1887 if (wpa_s->driver->send_eapol) {
1888 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1889 if (addr)
1890 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1891 } else if (!(wpa_s->drv_flags &
1892 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
1893 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1894 wpa_drv_get_mac_addr(wpa_s),
1895 ETH_P_EAPOL,
1896 wpa_supplicant_rx_eapol, wpa_s, 0);
1897 if (wpa_s->l2 == NULL)
1898 return -1;
1899 } else {
1900 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1901 if (addr)
1902 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1903 }
1904
1905 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1906 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
1907 return -1;
1908 }
1909
1910 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
1911 MAC2STR(wpa_s->own_addr));
1912
1913 if (wpa_s->bridge_ifname[0]) {
1914 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
1915 "interface '%s'", wpa_s->bridge_ifname);
1916 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1917 wpa_s->own_addr,
1918 ETH_P_EAPOL,
1919 wpa_supplicant_rx_eapol, wpa_s,
1920 0);
1921 if (wpa_s->l2_br == NULL) {
1922 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
1923 "connection for the bridge interface '%s'",
1924 wpa_s->bridge_ifname);
1925 return -1;
1926 }
1927 }
1928
1929 wpa_clear_keys(wpa_s, NULL);
1930
1931 /* Make sure that TKIP countermeasures are not left enabled (could
1932 * happen if wpa_supplicant is killed during countermeasures. */
1933 wpa_drv_set_countermeasures(wpa_s, 0);
1934
1935 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1936 wpa_drv_flush_pmkid(wpa_s);
1937
1938 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
1939 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
1940 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1941 interface_count++;
1942 } else
1943 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
1944
1945 return 0;
1946 }
1947
1948
1949 static int wpa_supplicant_daemon(const char *pid_file)
1950 {
1951 wpa_printf(MSG_DEBUG, "Daemonize..");
1952 return os_daemonize(pid_file);
1953 }
1954
1955
1956 static struct wpa_supplicant * wpa_supplicant_alloc(void)
1957 {
1958 struct wpa_supplicant *wpa_s;
1959
1960 wpa_s = os_zalloc(sizeof(*wpa_s));
1961 if (wpa_s == NULL)
1962 return NULL;
1963 wpa_s->scan_req = 1;
1964 wpa_s->new_connection = 1;
1965 wpa_s->parent = wpa_s;
1966
1967 return wpa_s;
1968 }
1969
1970
1971 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1972 struct wpa_interface *iface)
1973 {
1974 const char *ifname, *driver;
1975 struct wpa_driver_capa capa;
1976
1977 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1978 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1979 iface->confname ? iface->confname : "N/A",
1980 iface->driver ? iface->driver : "default",
1981 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1982 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1983
1984 if (iface->confname) {
1985 #ifdef CONFIG_BACKEND_FILE
1986 wpa_s->confname = os_rel2abs_path(iface->confname);
1987 if (wpa_s->confname == NULL) {
1988 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1989 "for configuration file '%s'.",
1990 iface->confname);
1991 return -1;
1992 }
1993 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1994 iface->confname, wpa_s->confname);
1995 #else /* CONFIG_BACKEND_FILE */
1996 wpa_s->confname = os_strdup(iface->confname);
1997 #endif /* CONFIG_BACKEND_FILE */
1998 wpa_s->conf = wpa_config_read(wpa_s->confname);
1999 if (wpa_s->conf == NULL) {
2000 wpa_printf(MSG_ERROR, "Failed to read or parse "
2001 "configuration '%s'.", wpa_s->confname);
2002 return -1;
2003 }
2004
2005 /*
2006 * Override ctrl_interface and driver_param if set on command
2007 * line.
2008 */
2009 if (iface->ctrl_interface) {
2010 os_free(wpa_s->conf->ctrl_interface);
2011 wpa_s->conf->ctrl_interface =
2012 os_strdup(iface->ctrl_interface);
2013 }
2014
2015 if (iface->driver_param) {
2016 os_free(wpa_s->conf->driver_param);
2017 wpa_s->conf->driver_param =
2018 os_strdup(iface->driver_param);
2019 }
2020 } else
2021 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2022 iface->driver_param);
2023
2024 if (wpa_s->conf == NULL) {
2025 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2026 return -1;
2027 }
2028
2029 if (iface->ifname == NULL) {
2030 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2031 return -1;
2032 }
2033 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2034 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2035 iface->ifname);
2036 return -1;
2037 }
2038 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2039
2040 if (iface->bridge_ifname) {
2041 if (os_strlen(iface->bridge_ifname) >=
2042 sizeof(wpa_s->bridge_ifname)) {
2043 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2044 "name '%s'.", iface->bridge_ifname);
2045 return -1;
2046 }
2047 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2048 sizeof(wpa_s->bridge_ifname));
2049 }
2050
2051 /* RSNA Supplicant Key Management - INITIALIZE */
2052 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2053 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2054
2055 /* Initialize driver interface and register driver event handler before
2056 * L2 receive handler so that association events are processed before
2057 * EAPOL-Key packets if both become available for the same select()
2058 * call. */
2059 driver = iface->driver;
2060 next_driver:
2061 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2062 return -1;
2063
2064 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2065 if (wpa_s->drv_priv == NULL) {
2066 const char *pos;
2067 pos = driver ? os_strchr(driver, ',') : NULL;
2068 if (pos) {
2069 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2070 "driver interface - try next driver wrapper");
2071 driver = pos + 1;
2072 goto next_driver;
2073 }
2074 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2075 "interface");
2076 return -1;
2077 }
2078 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2079 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2080 "driver_param '%s'", wpa_s->conf->driver_param);
2081 return -1;
2082 }
2083
2084 ifname = wpa_drv_get_ifname(wpa_s);
2085 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2086 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2087 "interface name with '%s'", ifname);
2088 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2089 }
2090
2091 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2092 return -1;
2093
2094 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2095 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2096 NULL);
2097 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2098
2099 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2100 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2101 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2102 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2103 "dot11RSNAConfigPMKLifetime");
2104 return -1;
2105 }
2106
2107 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2108 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2109 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2110 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2111 "dot11RSNAConfigPMKReauthThreshold");
2112 return -1;
2113 }
2114
2115 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2116 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2117 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2118 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2119 "dot11RSNAConfigSATimeout");
2120 return -1;
2121 }
2122
2123 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2124 wpa_s->drv_flags = capa.flags;
2125 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
2126 if (ieee80211_sta_init(wpa_s))
2127 return -1;
2128 }
2129 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2130 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2131 wpa_s->max_stations = capa.max_stations;
2132 }
2133 if (wpa_s->max_remain_on_chan == 0)
2134 wpa_s->max_remain_on_chan = 1000;
2135
2136 if (wpa_supplicant_driver_init(wpa_s) < 0)
2137 return -1;
2138
2139 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2140 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2141 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2142 return -1;
2143 }
2144
2145 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2146
2147 if (wpas_wps_init(wpa_s))
2148 return -1;
2149
2150 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2151 return -1;
2152 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2153
2154 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2155 if (wpa_s->ctrl_iface == NULL) {
2156 wpa_printf(MSG_ERROR,
2157 "Failed to initialize control interface '%s'.\n"
2158 "You may have another wpa_supplicant process "
2159 "already running or the file was\n"
2160 "left by an unclean termination of wpa_supplicant "
2161 "in which case you will need\n"
2162 "to manually remove this file before starting "
2163 "wpa_supplicant again.\n",
2164 wpa_s->conf->ctrl_interface);
2165 return -1;
2166 }
2167
2168 #ifdef CONFIG_IBSS_RSN
2169 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2170 if (!wpa_s->ibss_rsn) {
2171 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to init IBSS RSN");
2172 return -1;
2173 }
2174 #endif /* CONFIG_IBSS_RSN */
2175
2176 #ifdef CONFIG_P2P
2177 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2178 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2179 return -1;
2180 }
2181 #endif /* CONFIG_P2P */
2182
2183 if (wpa_bss_init(wpa_s) < 0)
2184 return -1;
2185
2186 return 0;
2187 }
2188
2189
2190 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2191 int notify)
2192 {
2193 if (wpa_s->drv_priv) {
2194 wpa_supplicant_deauthenticate(wpa_s,
2195 WLAN_REASON_DEAUTH_LEAVING);
2196
2197 wpa_drv_set_countermeasures(wpa_s, 0);
2198 wpa_clear_keys(wpa_s, NULL);
2199 }
2200
2201 wpa_supplicant_cleanup(wpa_s);
2202
2203 if (notify)
2204 wpas_notify_iface_removed(wpa_s);
2205
2206 if (wpa_s->drv_priv)
2207 wpa_drv_deinit(wpa_s);
2208 }
2209
2210
2211 /**
2212 * wpa_supplicant_add_iface - Add a new network interface
2213 * @global: Pointer to global data from wpa_supplicant_init()
2214 * @iface: Interface configuration options
2215 * Returns: Pointer to the created interface or %NULL on failure
2216 *
2217 * This function is used to add new network interfaces for %wpa_supplicant.
2218 * This can be called before wpa_supplicant_run() to add interfaces before the
2219 * main event loop has been started. In addition, new interfaces can be added
2220 * dynamically while %wpa_supplicant is already running. This could happen,
2221 * e.g., when a hotplug network adapter is inserted.
2222 */
2223 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2224 struct wpa_interface *iface)
2225 {
2226 struct wpa_supplicant *wpa_s;
2227 struct wpa_interface t_iface;
2228 struct wpa_ssid *ssid;
2229
2230 if (global == NULL || iface == NULL)
2231 return NULL;
2232
2233 wpa_s = wpa_supplicant_alloc();
2234 if (wpa_s == NULL)
2235 return NULL;
2236
2237 wpa_s->global = global;
2238
2239 t_iface = *iface;
2240 if (global->params.override_driver) {
2241 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2242 "('%s' -> '%s')",
2243 iface->driver, global->params.override_driver);
2244 t_iface.driver = global->params.override_driver;
2245 }
2246 if (global->params.override_ctrl_interface) {
2247 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2248 "ctrl_interface ('%s' -> '%s')",
2249 iface->ctrl_interface,
2250 global->params.override_ctrl_interface);
2251 t_iface.ctrl_interface =
2252 global->params.override_ctrl_interface;
2253 }
2254 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2255 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2256 iface->ifname);
2257 wpa_supplicant_deinit_iface(wpa_s, 0);
2258 os_free(wpa_s);
2259 return NULL;
2260 }
2261
2262 /* Notify the control interfaces about new iface */
2263 if (wpas_notify_iface_added(wpa_s)) {
2264 wpa_supplicant_deinit_iface(wpa_s, 1);
2265 os_free(wpa_s);
2266 return NULL;
2267 }
2268
2269 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2270 wpas_notify_network_added(wpa_s, ssid);
2271
2272 wpa_s->next = global->ifaces;
2273 global->ifaces = wpa_s;
2274
2275 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2276
2277 return wpa_s;
2278 }
2279
2280
2281 /**
2282 * wpa_supplicant_remove_iface - Remove a network interface
2283 * @global: Pointer to global data from wpa_supplicant_init()
2284 * @wpa_s: Pointer to the network interface to be removed
2285 * Returns: 0 if interface was removed, -1 if interface was not found
2286 *
2287 * This function can be used to dynamically remove network interfaces from
2288 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2289 * addition, this function is used to remove all remaining interfaces when
2290 * %wpa_supplicant is terminated.
2291 */
2292 int wpa_supplicant_remove_iface(struct wpa_global *global,
2293 struct wpa_supplicant *wpa_s)
2294 {
2295 struct wpa_supplicant *prev;
2296
2297 /* Remove interface from the global list of interfaces */
2298 prev = global->ifaces;
2299 if (prev == wpa_s) {
2300 global->ifaces = wpa_s->next;
2301 } else {
2302 while (prev && prev->next != wpa_s)
2303 prev = prev->next;
2304 if (prev == NULL)
2305 return -1;
2306 prev->next = wpa_s->next;
2307 }
2308
2309 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2310
2311 if (global->p2p_group_formation == wpa_s)
2312 global->p2p_group_formation = NULL;
2313 wpa_supplicant_deinit_iface(wpa_s, 1);
2314 os_free(wpa_s);
2315
2316 return 0;
2317 }
2318
2319
2320 /**
2321 * wpa_supplicant_get_iface - Get a new network interface
2322 * @global: Pointer to global data from wpa_supplicant_init()
2323 * @ifname: Interface name
2324 * Returns: Pointer to the interface or %NULL if not found
2325 */
2326 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2327 const char *ifname)
2328 {
2329 struct wpa_supplicant *wpa_s;
2330
2331 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2332 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2333 return wpa_s;
2334 }
2335 return NULL;
2336 }
2337
2338
2339 #ifndef CONFIG_NO_WPA_MSG
2340 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
2341 {
2342 struct wpa_supplicant *wpa_s = ctx;
2343 if (wpa_s == NULL)
2344 return NULL;
2345 return wpa_s->ifname;
2346 }
2347 #endif /* CONFIG_NO_WPA_MSG */
2348
2349
2350 /**
2351 * wpa_supplicant_init - Initialize %wpa_supplicant
2352 * @params: Parameters for %wpa_supplicant
2353 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2354 *
2355 * This function is used to initialize %wpa_supplicant. After successful
2356 * initialization, the returned data pointer can be used to add and remove
2357 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2358 */
2359 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2360 {
2361 struct wpa_global *global;
2362 int ret, i;
2363
2364 if (params == NULL)
2365 return NULL;
2366
2367 #ifndef CONFIG_NO_WPA_MSG
2368 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
2369 #endif /* CONFIG_NO_WPA_MSG */
2370
2371 wpa_debug_open_file(params->wpa_debug_file_path);
2372 if (params->wpa_debug_syslog)
2373 wpa_debug_open_syslog();
2374
2375 ret = eap_register_methods();
2376 if (ret) {
2377 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2378 if (ret == -2)
2379 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2380 "the same EAP type.");
2381 return NULL;
2382 }
2383
2384 global = os_zalloc(sizeof(*global));
2385 if (global == NULL)
2386 return NULL;
2387 dl_list_init(&global->p2p_srv_bonjour);
2388 dl_list_init(&global->p2p_srv_upnp);
2389 global->params.daemonize = params->daemonize;
2390 global->params.wait_for_monitor = params->wait_for_monitor;
2391 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2392 if (params->pid_file)
2393 global->params.pid_file = os_strdup(params->pid_file);
2394 if (params->ctrl_interface)
2395 global->params.ctrl_interface =
2396 os_strdup(params->ctrl_interface);
2397 if (params->override_driver)
2398 global->params.override_driver =
2399 os_strdup(params->override_driver);
2400 if (params->override_ctrl_interface)
2401 global->params.override_ctrl_interface =
2402 os_strdup(params->override_ctrl_interface);
2403 wpa_debug_level = global->params.wpa_debug_level =
2404 params->wpa_debug_level;
2405 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2406 params->wpa_debug_show_keys;
2407 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2408 params->wpa_debug_timestamp;
2409
2410 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
2411
2412 if (eloop_init()) {
2413 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2414 wpa_supplicant_deinit(global);
2415 return NULL;
2416 }
2417
2418 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2419 if (global->ctrl_iface == NULL) {
2420 wpa_supplicant_deinit(global);
2421 return NULL;
2422 }
2423
2424 if (wpas_notify_supplicant_initialized(global)) {
2425 wpa_supplicant_deinit(global);
2426 return NULL;
2427 }
2428
2429 for (i = 0; wpa_drivers[i]; i++)
2430 global->drv_count++;
2431 if (global->drv_count == 0) {
2432 wpa_printf(MSG_ERROR, "No drivers enabled");
2433 wpa_supplicant_deinit(global);
2434 return NULL;
2435 }
2436 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2437 if (global->drv_priv == NULL) {
2438 wpa_supplicant_deinit(global);
2439 return NULL;
2440 }
2441 for (i = 0; wpa_drivers[i]; i++) {
2442 if (!wpa_drivers[i]->global_init)
2443 continue;
2444 global->drv_priv[i] = wpa_drivers[i]->global_init();
2445 if (global->drv_priv[i] == NULL) {
2446 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2447 "'%s'", wpa_drivers[i]->name);
2448 wpa_supplicant_deinit(global);
2449 return NULL;
2450 }
2451 }
2452
2453 return global;
2454 }
2455
2456
2457 /**
2458 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2459 * @global: Pointer to global data from wpa_supplicant_init()
2460 * Returns: 0 after successful event loop run, -1 on failure
2461 *
2462 * This function starts the main event loop and continues running as long as
2463 * there are any remaining events. In most cases, this function is running as
2464 * long as the %wpa_supplicant process in still in use.
2465 */
2466 int wpa_supplicant_run(struct wpa_global *global)
2467 {
2468 struct wpa_supplicant *wpa_s;
2469
2470 if (global->params.daemonize &&
2471 wpa_supplicant_daemon(global->params.pid_file))
2472 return -1;
2473
2474 if (global->params.wait_for_monitor) {
2475 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2476 if (wpa_s->ctrl_iface)
2477 wpa_supplicant_ctrl_iface_wait(
2478 wpa_s->ctrl_iface);
2479 }
2480
2481 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2482 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
2483
2484 eloop_run();
2485
2486 return 0;
2487 }
2488
2489
2490 /**
2491 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2492 * @global: Pointer to global data from wpa_supplicant_init()
2493 *
2494 * This function is called to deinitialize %wpa_supplicant and to free all
2495 * allocated resources. Remaining network interfaces will also be removed.
2496 */
2497 void wpa_supplicant_deinit(struct wpa_global *global)
2498 {
2499 int i;
2500
2501 if (global == NULL)
2502 return;
2503
2504 #ifdef CONFIG_P2P
2505 wpas_p2p_deinit_global(global);
2506 #endif /* CONFIG_P2P */
2507
2508 while (global->ifaces)
2509 wpa_supplicant_remove_iface(global, global->ifaces);
2510
2511 if (global->ctrl_iface)
2512 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2513
2514 wpas_notify_supplicant_deinitialized(global);
2515
2516 eap_peer_unregister_methods();
2517 #ifdef CONFIG_AP
2518 eap_server_unregister_methods();
2519 #endif /* CONFIG_AP */
2520
2521 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
2522 if (!global->drv_priv[i])
2523 continue;
2524 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
2525 }
2526 os_free(global->drv_priv);
2527
2528 eloop_destroy();
2529
2530 if (global->params.pid_file) {
2531 os_daemonize_terminate(global->params.pid_file);
2532 os_free(global->params.pid_file);
2533 }
2534 os_free(global->params.ctrl_interface);
2535 os_free(global->params.override_driver);
2536 os_free(global->params.override_ctrl_interface);
2537
2538 os_free(global);
2539 wpa_debug_close_syslog();
2540 wpa_debug_close_file();
2541 }
2542
2543
2544 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
2545 {
2546 #ifdef CONFIG_WPS
2547 wpas_wps_update_config(wpa_s);
2548 #endif /* CONFIG_WPS */
2549
2550 #ifdef CONFIG_P2P
2551 wpas_p2p_update_config(wpa_s);
2552 #endif /* CONFIG_P2P */
2553
2554 wpa_s->conf->changed_parameters = 0;
2555 }
2556
2557
2558 void ieee80211_sta_free_hw_features(struct hostapd_hw_modes *hw_features,
2559 size_t num_hw_features)
2560 {
2561 size_t i;
2562
2563 if (hw_features == NULL)
2564 return;
2565
2566 for (i = 0; i < num_hw_features; i++) {
2567 os_free(hw_features[i].channels);
2568 os_free(hw_features[i].rates);
2569 }
2570
2571 os_free(hw_features);
2572 }
2573
2574
2575 static void add_freq(int *freqs, int *num_freqs, int freq)
2576 {
2577 int i;
2578
2579 for (i = 0; i < *num_freqs; i++) {
2580 if (freqs[i] == freq)
2581 return;
2582 }
2583
2584 freqs[*num_freqs] = freq;
2585 (*num_freqs)++;
2586 }
2587
2588
2589 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
2590 {
2591 struct wpa_bss *bss, *cbss;
2592 const int max_freqs = 10;
2593 int *freqs;
2594 int num_freqs = 0;
2595
2596 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
2597 if (freqs == NULL)
2598 return NULL;
2599
2600 cbss = wpa_s->current_bss;
2601
2602 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2603 if (bss == cbss)
2604 continue;
2605 if (bss->ssid_len == cbss->ssid_len &&
2606 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
2607 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
2608 add_freq(freqs, &num_freqs, bss->freq);
2609 if (num_freqs == max_freqs)
2610 break;
2611 }
2612 }
2613
2614 if (num_freqs == 0) {
2615 os_free(freqs);
2616 freqs = NULL;
2617 }
2618
2619 return freqs;
2620 }
2621
2622
2623 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
2624 {
2625 int timeout;
2626 int count;
2627 int *freqs = NULL;
2628
2629 /*
2630 * Add the failed BSSID into the blacklist and speed up next scan
2631 * attempt if there could be other APs that could accept association.
2632 * The current blacklist count indicates how many times we have tried
2633 * connecting to this AP and multiple attempts mean that other APs are
2634 * either not available or has already been tried, so that we can start
2635 * increasing the delay here to avoid constant scanning.
2636 */
2637 count = wpa_blacklist_add(wpa_s, bssid);
2638 if (count == 1 && wpa_s->current_bss) {
2639 /*
2640 * This BSS was not in the blacklist before. If there is
2641 * another BSS available for the same ESS, we should try that
2642 * next. Otherwise, we may as well try this one once more
2643 * before allowing other, likely worse, ESSes to be considered.
2644 */
2645 freqs = get_bss_freqs_in_ess(wpa_s);
2646 if (freqs) {
2647 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
2648 "has been seen; try it next");
2649 wpa_blacklist_add(wpa_s, bssid);
2650 /*
2651 * On the next scan, go through only the known channels
2652 * used in this ESS based on previous scans to speed up
2653 * common load balancing use case.
2654 */
2655 os_free(wpa_s->next_scan_freqs);
2656 wpa_s->next_scan_freqs = freqs;
2657 }
2658 }
2659
2660 switch (count) {
2661 case 1:
2662 timeout = 100;
2663 break;
2664 case 2:
2665 timeout = 500;
2666 break;
2667 case 3:
2668 timeout = 1000;
2669 break;
2670 default:
2671 timeout = 5000;
2672 }
2673
2674 /*
2675 * TODO: if more than one possible AP is available in scan results,
2676 * could try the other ones before requesting a new scan.
2677 */
2678 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
2679 1000 * (timeout % 1000));
2680 }
Unnamed repository; edit this file 'description' to name the repository.