3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_server/eap_methods.h"
25 #include "rsn_supp/wpa.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
31 #include "ctrl_iface.h"
32 #include "pcsc_funcs.h"
33 #include "common/version.h"
34 #include "rsn_supp/preauth.h"
35 #include "rsn_supp/pmksa_cache.h"
36 #include "common/wpa_ctrl.h"
38 #include "common/ieee802_11_defs.h"
40 #include "blacklist.h"
41 #include "wpas_glue.h"
42 #include "wps_supplicant.h"
46 #include "p2p_supplicant.h"
52 const char *wpa_supplicant_version
=
53 "wpa_supplicant v" VERSION_STR
"\n"
54 "Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors";
56 const char *wpa_supplicant_license
=
57 "This program is free software. You can distribute it and/or modify it\n"
58 "under the terms of the GNU General Public License version 2.\n"
60 "Alternatively, this software may be distributed under the terms of the\n"
61 "BSD license. See README and COPYING for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1
=
71 "This program is free software; you can redistribute it and/or modify\n"
72 "it under the terms of the GNU General Public License version 2 as\n"
73 "published by the Free Software Foundation.\n"
75 "This program is distributed in the hope that it will be useful,\n"
76 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
77 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
78 "GNU General Public License for more details.\n"
80 const char *wpa_supplicant_full_license2
=
81 "You should have received a copy of the GNU General Public License\n"
82 "along with this program; if not, write to the Free Software\n"
83 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
85 "Alternatively, this software may be distributed under the terms of the\n"
88 "Redistribution and use in source and binary forms, with or without\n"
89 "modification, are permitted provided that the following conditions are\n"
92 const char *wpa_supplicant_full_license3
=
93 "1. Redistributions of source code must retain the above copyright\n"
94 " notice, this list of conditions and the following disclaimer.\n"
96 "2. Redistributions in binary form must reproduce the above copyright\n"
97 " notice, this list of conditions and the following disclaimer in the\n"
98 " documentation and/or other materials provided with the distribution.\n"
100 const char *wpa_supplicant_full_license4
=
101 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
102 " names of its contributors may be used to endorse or promote products\n"
103 " derived from this software without specific prior written permission.\n"
105 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
106 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
107 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
108 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
109 const char *wpa_supplicant_full_license5
=
110 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
111 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
112 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
113 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
114 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
115 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
116 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118 #endif /* CONFIG_NO_STDOUT_DEBUG */
120 extern int wpa_debug_level
;
121 extern int wpa_debug_show_keys
;
122 extern int wpa_debug_timestamp
;
123 extern struct wpa_driver_ops
*wpa_drivers
[];
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
130 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
131 if (ssid
->wep_key_len
[i
] == 0)
135 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
136 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
137 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
144 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
145 struct wpa_ssid
*ssid
)
152 /* IBSS/WPA-None uses only one key (Group) for both receiving and
153 * sending unicast and multicast packets. */
155 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
156 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
157 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
161 if (!ssid
->psk_set
) {
162 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
167 switch (wpa_s
->group_cipher
) {
168 case WPA_CIPHER_CCMP
:
169 os_memcpy(key
, ssid
->psk
, 16);
173 case WPA_CIPHER_TKIP
:
174 /* WPA-None uses the same Michael MIC key for both TX and RX */
175 os_memcpy(key
, ssid
->psk
, 16 + 8);
176 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
181 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
182 "WPA-None", wpa_s
->group_cipher
);
186 /* TODO: should actually remember the previously used seq#, both for TX
187 * and RX from each STA.. */
189 return wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
193 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
195 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
196 const u8
*bssid
= wpa_s
->bssid
;
197 if (is_zero_ether_addr(bssid
))
198 bssid
= wpa_s
->pending_bssid
;
199 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
201 wpa_blacklist_add(wpa_s
, bssid
);
202 wpa_sm_notify_disassoc(wpa_s
->wpa
);
203 wpa_supplicant_disassociate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
204 wpa_s
->reassociate
= 1;
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
210 wpa_supplicant_req_scan(wpa_s
, 1, 0);
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
220 * This function is used to schedule a timeout for the current authentication
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
226 if (wpa_s
->conf
&& wpa_s
->conf
->ap_scan
== 0 &&
227 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
230 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
231 "%d usec", sec
, usec
);
232 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
233 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
247 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
249 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf
;
264 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid
->mode
== WPAS_MODE_IBSS
&&
268 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
269 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
274 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
275 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
276 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
279 #endif /* CONFIG_IBSS_RSN */
281 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
282 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
284 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
285 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
286 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
288 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
290 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
291 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
292 eapol_conf
.accept_802_1x_keys
= 1;
293 eapol_conf
.required_keys
= 0;
294 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
295 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
297 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
298 eapol_conf
.required_keys
|=
299 EAPOL_REQUIRE_KEY_BROADCAST
;
302 if (wpa_s
->conf
&& (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
303 eapol_conf
.required_keys
= 0;
306 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
307 eapol_conf
.workaround
= ssid
->eap_workaround
;
308 eapol_conf
.eap_disabled
=
309 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
311 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
312 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
313 #endif /* IEEE8021X_EAPOL */
318 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
319 * @wpa_s: Pointer to wpa_supplicant data
320 * @ssid: Configuration data for the network
322 * This function is used to configure WPA state machine and related parameters
323 * to a mode where WPA is not enabled. This is called as part of the
324 * authentication configuration when the selected network does not use WPA.
326 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
327 struct wpa_ssid
*ssid
)
331 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
332 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
333 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
334 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
336 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
337 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
338 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
339 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
340 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
341 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
342 wpa_s
->mgmt_group_cipher
= 0;
344 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
345 if (ssid
->wep_key_len
[i
] > 5) {
346 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
347 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
349 } else if (ssid
->wep_key_len
[i
] > 0) {
350 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
351 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
356 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
357 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
358 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
359 wpa_s
->pairwise_cipher
);
360 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
361 #ifdef CONFIG_IEEE80211W
362 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
363 wpa_s
->mgmt_group_cipher
);
364 #endif /* CONFIG_IEEE80211W */
366 pmksa_cache_clear_current(wpa_s
->wpa
);
370 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
372 bgscan_deinit(wpa_s
);
373 scard_deinit(wpa_s
->scard
);
375 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
376 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
377 l2_packet_deinit(wpa_s
->l2
);
380 l2_packet_deinit(wpa_s
->l2_br
);
384 if (wpa_s
->ctrl_iface
) {
385 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
386 wpa_s
->ctrl_iface
= NULL
;
388 if (wpa_s
->conf
!= NULL
) {
389 struct wpa_ssid
*ssid
;
390 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
391 wpas_notify_network_removed(wpa_s
, ssid
);
392 wpa_config_free(wpa_s
->conf
);
396 os_free(wpa_s
->confname
);
397 wpa_s
->confname
= NULL
;
399 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
400 eapol_sm_deinit(wpa_s
->eapol
);
403 rsn_preauth_deinit(wpa_s
->wpa
);
405 pmksa_candidate_free(wpa_s
->wpa
);
406 wpa_sm_deinit(wpa_s
->wpa
);
408 wpa_blacklist_clear(wpa_s
);
410 wpa_bss_deinit(wpa_s
);
412 wpa_supplicant_cancel_scan(wpa_s
);
413 wpa_supplicant_cancel_auth_timeout(wpa_s
);
415 ieee80211_sta_deinit(wpa_s
);
417 wpas_wps_deinit(wpa_s
);
419 wpabuf_free(wpa_s
->pending_eapol_rx
);
420 wpa_s
->pending_eapol_rx
= NULL
;
422 #ifdef CONFIG_IBSS_RSN
423 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
424 wpa_s
->ibss_rsn
= NULL
;
425 #endif /* CONFIG_IBSS_RSN */
430 wpa_supplicant_ap_deinit(wpa_s
);
431 #endif /* CONFIG_AP */
434 wpas_p2p_deinit(wpa_s
);
435 #endif /* CONFIG_P2P */
437 os_free(wpa_s
->next_scan_freqs
);
438 wpa_s
->next_scan_freqs
= NULL
;
443 * wpa_clear_keys - Clear keys configured for the driver
444 * @wpa_s: Pointer to wpa_supplicant data
445 * @addr: Previously used BSSID or %NULL if not available
447 * This function clears the encryption keys that has been previously configured
450 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
452 if (wpa_s
->keys_cleared
) {
453 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
454 * timing issues with keys being cleared just before new keys
455 * are set or just after association or something similar. This
456 * shows up in group key handshake failing often because of the
457 * client not receiving the first encrypted packets correctly.
458 * Skipping some of the extra key clearing steps seems to help
459 * in completing group key handshake more reliably. */
460 wpa_dbg(wpa_s
, MSG_DEBUG
, "No keys have been configured - "
461 "skip key clearing");
465 /* MLME-DELETEKEYS.request */
466 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 0, 0, NULL
, 0, NULL
, 0);
467 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 1, 0, NULL
, 0, NULL
, 0);
468 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 2, 0, NULL
, 0, NULL
, 0);
469 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 3, 0, NULL
, 0, NULL
, 0);
470 #ifdef CONFIG_IEEE80211W
471 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 4, 0, NULL
, 0, NULL
, 0);
472 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 5, 0, NULL
, 0, NULL
, 0);
473 #endif /* CONFIG_IEEE80211W */
475 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
477 /* MLME-SETPROTECTION.request(None) */
478 wpa_drv_mlme_setprotection(
480 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
481 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
483 wpa_s
->keys_cleared
= 1;
488 * wpa_supplicant_state_txt - Get the connection state name as a text string
489 * @state: State (wpa_state; WPA_*)
490 * Returns: The state name as a printable text string
492 const char * wpa_supplicant_state_txt(enum wpa_states state
)
495 case WPA_DISCONNECTED
:
496 return "DISCONNECTED";
499 case WPA_INTERFACE_DISABLED
:
500 return "INTERFACE_DISABLED";
503 case WPA_AUTHENTICATING
:
504 return "AUTHENTICATING";
505 case WPA_ASSOCIATING
:
506 return "ASSOCIATING";
509 case WPA_4WAY_HANDSHAKE
:
510 return "4WAY_HANDSHAKE";
511 case WPA_GROUP_HANDSHAKE
:
512 return "GROUP_HANDSHAKE";
522 * wpa_supplicant_set_state - Set current connection state
523 * @wpa_s: Pointer to wpa_supplicant data
524 * @state: The new connection state
526 * This function is called whenever the connection state changes, e.g.,
527 * association is completed for WPA/WPA2 4-Way Handshake is started.
529 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
530 enum wpa_states state
)
532 enum wpa_states old_state
= wpa_s
->wpa_state
;
534 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
535 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
536 wpa_supplicant_state_txt(state
));
538 if (state
!= WPA_SCANNING
)
539 wpa_supplicant_notify_scanning(wpa_s
, 0);
541 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
542 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
543 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
544 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
545 MACSTR
" completed %s [id=%d id_str=%s]",
546 MAC2STR(wpa_s
->bssid
), wpa_s
->reassociated_connection
?
547 "(reauth)" : "(auth)",
548 ssid
? ssid
->id
: -1,
549 ssid
&& ssid
->id_str
? ssid
->id_str
: "");
550 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
551 wpa_s
->new_connection
= 0;
552 wpa_s
->reassociated_connection
= 1;
553 wpa_drv_set_operstate(wpa_s
, 1);
554 #ifndef IEEE8021X_EAPOL
555 wpa_drv_set_supp_port(wpa_s
, 1);
556 #endif /* IEEE8021X_EAPOL */
557 wpa_s
->after_wps
= 0;
559 wpas_p2p_completed(wpa_s
);
560 #endif /* CONFIG_P2P */
561 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
562 state
== WPA_ASSOCIATED
) {
563 wpa_s
->new_connection
= 1;
564 wpa_drv_set_operstate(wpa_s
, 0);
565 #ifndef IEEE8021X_EAPOL
566 wpa_drv_set_supp_port(wpa_s
, 0);
567 #endif /* IEEE8021X_EAPOL */
569 wpa_s
->wpa_state
= state
;
571 if (wpa_s
->wpa_state
!= old_state
)
572 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
576 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
580 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
582 if (wpas_wps_terminate_pending(wpa_s
) == 1)
586 #endif /* CONFIG_WPS */
593 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
595 struct wpa_global
*global
= signal_ctx
;
596 struct wpa_supplicant
*wpa_s
;
597 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
598 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
"- signal %d "
601 wpa_supplicant_terminate_proc(global
);
605 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
607 enum wpa_states old_state
= wpa_s
->wpa_state
;
609 wpa_s
->pairwise_cipher
= 0;
610 wpa_s
->group_cipher
= 0;
611 wpa_s
->mgmt_group_cipher
= 0;
613 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
614 wpa_s
->wpa_state
= WPA_DISCONNECTED
;
616 if (wpa_s
->wpa_state
!= old_state
)
617 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
622 * wpa_supplicant_reload_configuration - Reload configuration data
623 * @wpa_s: Pointer to wpa_supplicant data
624 * Returns: 0 on success or -1 if configuration parsing failed
626 * This function can be used to request that the configuration data is reloaded
627 * (e.g., after configuration file change). This function is reloading
628 * configuration only for one interface, so this may need to be called multiple
629 * times if %wpa_supplicant is controlling multiple interfaces and all
630 * interfaces need reconfiguration.
632 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
634 struct wpa_config
*conf
;
635 struct wpa_ssid
*old_ssid
;
639 if (wpa_s
->confname
== NULL
)
641 conf
= wpa_config_read(wpa_s
->confname
);
643 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
644 "file '%s' - exiting", wpa_s
->confname
);
647 conf
->changed_parameters
= (unsigned int) -1;
649 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
650 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
651 os_strcmp(conf
->ctrl_interface
,
652 wpa_s
->conf
->ctrl_interface
) != 0);
654 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
655 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
656 wpa_s
->ctrl_iface
= NULL
;
659 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
660 old_ssid
= wpa_s
->current_ssid
;
661 wpa_s
->current_ssid
= NULL
;
662 if (old_ssid
!= wpa_s
->current_ssid
)
663 wpas_notify_network_changed(wpa_s
);
666 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
667 * pkcs11_engine_path, pkcs11_module_path.
669 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
)) {
671 * Clear forced success to clear EAP state for next
674 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
676 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
677 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
678 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
679 rsn_preauth_deinit(wpa_s
->wpa
);
681 old_ap_scan
= wpa_s
->conf
->ap_scan
;
682 wpa_config_free(wpa_s
->conf
);
684 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
685 wpas_notify_ap_scan_changed(wpa_s
);
688 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
690 wpa_supplicant_update_config(wpa_s
);
692 wpa_supplicant_clear_status(wpa_s
);
693 if (wpa_supplicant_enabled_networks(wpa_s
->conf
)) {
694 wpa_s
->reassociate
= 1;
695 wpa_supplicant_req_scan(wpa_s
, 0, 0);
697 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
702 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
704 struct wpa_global
*global
= signal_ctx
;
705 struct wpa_supplicant
*wpa_s
;
706 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
707 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
709 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
710 wpa_supplicant_terminate_proc(global
);
716 enum wpa_cipher
cipher_suite2driver(int cipher
)
719 case WPA_CIPHER_NONE
:
721 case WPA_CIPHER_WEP40
:
723 case WPA_CIPHER_WEP104
:
724 return CIPHER_WEP104
;
725 case WPA_CIPHER_CCMP
:
727 case WPA_CIPHER_TKIP
:
734 enum wpa_key_mgmt
key_mgmt2driver(int key_mgmt
)
737 case WPA_KEY_MGMT_NONE
:
738 return KEY_MGMT_NONE
;
739 case WPA_KEY_MGMT_IEEE8021X_NO_WPA
:
740 return KEY_MGMT_802_1X_NO_WPA
;
741 case WPA_KEY_MGMT_IEEE8021X
:
742 return KEY_MGMT_802_1X
;
743 case WPA_KEY_MGMT_WPA_NONE
:
744 return KEY_MGMT_WPA_NONE
;
745 case WPA_KEY_MGMT_FT_IEEE8021X
:
746 return KEY_MGMT_FT_802_1X
;
747 case WPA_KEY_MGMT_FT_PSK
:
748 return KEY_MGMT_FT_PSK
;
749 case WPA_KEY_MGMT_IEEE8021X_SHA256
:
750 return KEY_MGMT_802_1X_SHA256
;
751 case WPA_KEY_MGMT_PSK_SHA256
:
752 return KEY_MGMT_PSK_SHA256
;
753 case WPA_KEY_MGMT_WPS
:
755 case WPA_KEY_MGMT_PSK
:
762 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
763 struct wpa_ssid
*ssid
,
764 struct wpa_ie_data
*ie
)
766 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
769 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
770 "from association info");
775 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
777 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
778 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
779 "cipher 0x%x (mask 0x%x) - reject",
780 ie
->group_cipher
, ssid
->group_cipher
);
783 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
784 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
785 "cipher 0x%x (mask 0x%x) - reject",
786 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
789 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
790 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
791 "management 0x%x (mask 0x%x) - reject",
792 ie
->key_mgmt
, ssid
->key_mgmt
);
796 #ifdef CONFIG_IEEE80211W
797 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
798 ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_REQUIRED
) {
799 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
800 "that does not support management frame protection - "
804 #endif /* CONFIG_IEEE80211W */
811 * wpa_supplicant_set_suites - Set authentication and encryption parameters
812 * @wpa_s: Pointer to wpa_supplicant data
813 * @bss: Scan results for the selected BSS, or %NULL if not available
814 * @ssid: Configuration data for the selected network
815 * @wpa_ie: Buffer for the WPA/RSN IE
816 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
817 * used buffer length in case the functions returns success.
818 * Returns: 0 on success or -1 on failure
820 * This function is used to configure authentication and encryption parameters
821 * based on the network configuration and scan result for the selected BSS (if
824 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
825 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
826 u8
*wpa_ie
, size_t *wpa_ie_len
)
828 struct wpa_ie_data ie
;
830 const u8
*bss_wpa
, *bss_rsn
;
833 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
834 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
836 bss_wpa
= bss_rsn
= NULL
;
838 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
839 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
840 (ie
.group_cipher
& ssid
->group_cipher
) &&
841 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
842 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
843 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
844 proto
= WPA_PROTO_RSN
;
845 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
846 wpa_parse_wpa_ie(bss_wpa
, 2 +bss_wpa
[1], &ie
) == 0 &&
847 (ie
.group_cipher
& ssid
->group_cipher
) &&
848 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
849 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
850 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
851 proto
= WPA_PROTO_WPA
;
853 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
856 if (ssid
->proto
& WPA_PROTO_RSN
)
857 proto
= WPA_PROTO_RSN
;
859 proto
= WPA_PROTO_WPA
;
860 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
861 os_memset(&ie
, 0, sizeof(ie
));
862 ie
.group_cipher
= ssid
->group_cipher
;
863 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
864 ie
.key_mgmt
= ssid
->key_mgmt
;
865 #ifdef CONFIG_IEEE80211W
866 ie
.mgmt_group_cipher
=
867 ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
?
868 WPA_CIPHER_AES_128_CMAC
: 0;
869 #endif /* CONFIG_IEEE80211W */
870 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
871 "based on configuration");
876 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
877 "pairwise %d key_mgmt %d proto %d",
878 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
879 #ifdef CONFIG_IEEE80211W
880 if (ssid
->ieee80211w
) {
881 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
882 ie
.mgmt_group_cipher
);
884 #endif /* CONFIG_IEEE80211W */
886 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
887 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
888 !!(ssid
->proto
& WPA_PROTO_RSN
));
890 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
891 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
892 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
893 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
894 bss_rsn
? 2 + bss_rsn
[1] : 0))
898 sel
= ie
.group_cipher
& ssid
->group_cipher
;
899 if (sel
& WPA_CIPHER_CCMP
) {
900 wpa_s
->group_cipher
= WPA_CIPHER_CCMP
;
901 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK CCMP");
902 } else if (sel
& WPA_CIPHER_TKIP
) {
903 wpa_s
->group_cipher
= WPA_CIPHER_TKIP
;
904 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK TKIP");
905 } else if (sel
& WPA_CIPHER_WEP104
) {
906 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
907 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK WEP104");
908 } else if (sel
& WPA_CIPHER_WEP40
) {
909 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
910 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK WEP40");
912 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
917 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
918 if (sel
& WPA_CIPHER_CCMP
) {
919 wpa_s
->pairwise_cipher
= WPA_CIPHER_CCMP
;
920 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK CCMP");
921 } else if (sel
& WPA_CIPHER_TKIP
) {
922 wpa_s
->pairwise_cipher
= WPA_CIPHER_TKIP
;
923 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK TKIP");
924 } else if (sel
& WPA_CIPHER_NONE
) {
925 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
926 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK NONE");
928 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
933 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
935 #ifdef CONFIG_IEEE80211R
936 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
937 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
938 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
939 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
940 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
941 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
942 #endif /* CONFIG_IEEE80211R */
943 #ifdef CONFIG_IEEE80211W
944 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
945 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
946 wpa_dbg(wpa_s
, MSG_DEBUG
,
947 "WPA: using KEY_MGMT 802.1X with SHA256");
948 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
949 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
950 wpa_dbg(wpa_s
, MSG_DEBUG
,
951 "WPA: using KEY_MGMT PSK with SHA256");
952 #endif /* CONFIG_IEEE80211W */
953 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
954 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
955 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
956 } else if (sel
& WPA_KEY_MGMT_PSK
) {
957 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
958 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
959 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
960 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
961 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
963 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
964 "authenticated key management type");
968 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
969 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
970 wpa_s
->pairwise_cipher
);
971 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
973 #ifdef CONFIG_IEEE80211W
974 sel
= ie
.mgmt_group_cipher
;
975 if (ssid
->ieee80211w
== NO_MGMT_FRAME_PROTECTION
||
976 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
978 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
979 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
980 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
983 wpa_s
->mgmt_group_cipher
= 0;
984 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
986 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
987 wpa_s
->mgmt_group_cipher
);
988 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
, ssid
->ieee80211w
);
989 #endif /* CONFIG_IEEE80211W */
991 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
992 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
997 (WPA_KEY_MGMT_PSK
| WPA_KEY_MGMT_FT_PSK
| WPA_KEY_MGMT_PSK_SHA256
))
998 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
);
1000 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1007 * wpa_supplicant_associate - Request association
1008 * @wpa_s: Pointer to wpa_supplicant data
1009 * @bss: Scan results for the selected BSS, or %NULL if not available
1010 * @ssid: Configuration data for the selected network
1012 * This function is used to request %wpa_supplicant to associate with a BSS.
1014 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1015 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1019 int use_crypt
, ret
, i
, bssid_changed
;
1020 int algs
= WPA_AUTH_ALG_OPEN
;
1021 enum wpa_cipher cipher_pairwise
, cipher_group
;
1022 struct wpa_driver_associate_params params
;
1023 int wep_keys_set
= 0;
1024 struct wpa_driver_capa capa
;
1025 int assoc_failed
= 0;
1026 struct wpa_ssid
*old_ssid
;
1028 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1029 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1031 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1032 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1036 wpa_supplicant_create_ap(wpa_s
, ssid
);
1037 wpa_s
->current_bss
= bss
;
1038 #else /* CONFIG_AP */
1039 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1041 #endif /* CONFIG_AP */
1045 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1046 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1047 sme_authenticate(wpa_s
, bss
, ssid
);
1051 os_memset(¶ms
, 0, sizeof(params
));
1052 wpa_s
->reassociate
= 0;
1054 #ifdef CONFIG_IEEE80211R
1055 const u8
*ie
, *md
= NULL
;
1056 #endif /* CONFIG_IEEE80211R */
1057 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
1058 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
1059 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
1060 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
1061 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
1062 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
1064 wpas_notify_bssid_changed(wpa_s
);
1065 #ifdef CONFIG_IEEE80211R
1066 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
1067 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
1069 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
1071 /* Prepare for the next transition */
1072 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
1074 #endif /* CONFIG_IEEE80211R */
1076 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
1077 wpa_s
->conf
->ap_scan
== 2 &&
1078 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
1079 /* Use ap_scan==1 style network selection to find the network
1081 wpa_s
->scan_req
= 2;
1082 wpa_s
->reassociate
= 1;
1083 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1085 #endif /* CONFIG_WPS */
1087 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
1088 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
1089 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
1091 wpa_supplicant_cancel_scan(wpa_s
);
1093 /* Starting new association, so clear the possibly used WPA IE from the
1094 * previous association. */
1095 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
1097 #ifdef IEEE8021X_EAPOL
1098 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1100 if (ssid
->non_leap
== 0)
1101 algs
= WPA_AUTH_ALG_LEAP
;
1103 algs
|= WPA_AUTH_ALG_LEAP
;
1106 #endif /* IEEE8021X_EAPOL */
1107 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
1108 if (ssid
->auth_alg
) {
1109 algs
= ssid
->auth_alg
;
1110 wpa_dbg(wpa_s
, MSG_DEBUG
, "Overriding auth_alg selection: "
1114 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
1115 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
1116 (ssid
->key_mgmt
& (WPA_KEY_MGMT_IEEE8021X
| WPA_KEY_MGMT_PSK
|
1117 WPA_KEY_MGMT_FT_IEEE8021X
|
1118 WPA_KEY_MGMT_FT_PSK
|
1119 WPA_KEY_MGMT_IEEE8021X_SHA256
|
1120 WPA_KEY_MGMT_PSK_SHA256
))) {
1121 int try_opportunistic
;
1122 try_opportunistic
= ssid
->proactive_key_caching
&&
1123 (ssid
->proto
& WPA_PROTO_RSN
);
1124 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
1125 wpa_s
->current_ssid
,
1126 try_opportunistic
) == 0)
1127 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
, 1);
1128 wpa_ie_len
= sizeof(wpa_ie
);
1129 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
1130 wpa_ie
, &wpa_ie_len
)) {
1131 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
1132 "key management and encryption suites");
1135 } else if (ssid
->key_mgmt
&
1136 (WPA_KEY_MGMT_PSK
| WPA_KEY_MGMT_IEEE8021X
|
1137 WPA_KEY_MGMT_WPA_NONE
| WPA_KEY_MGMT_FT_PSK
|
1138 WPA_KEY_MGMT_FT_IEEE8021X
| WPA_KEY_MGMT_PSK_SHA256
|
1139 WPA_KEY_MGMT_IEEE8021X_SHA256
)) {
1140 wpa_ie_len
= sizeof(wpa_ie
);
1141 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
1142 wpa_ie
, &wpa_ie_len
)) {
1143 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
1144 "key management and encryption suites (no "
1149 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
1150 struct wpabuf
*wps_ie
;
1151 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
1152 if (wps_ie
&& wpabuf_len(wps_ie
) <= sizeof(wpa_ie
)) {
1153 wpa_ie_len
= wpabuf_len(wps_ie
);
1154 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
1157 wpabuf_free(wps_ie
);
1158 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1159 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
1160 params
.wps
= WPS_MODE_PRIVACY
;
1162 params
.wps
= WPS_MODE_OPEN
;
1163 #endif /* CONFIG_WPS */
1165 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1170 if (wpa_s
->global
->p2p
) {
1175 p2p_group
= wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_CAPABLE
;
1176 pos
= wpa_ie
+ wpa_ie_len
;
1177 len
= sizeof(wpa_ie
) - wpa_ie_len
;
1178 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
, p2p_group
);
1183 wpa_s
->cross_connect_disallowed
= 0;
1186 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
1188 wpa_s
->cross_connect_disallowed
=
1189 p2p_get_cross_connect_disallowed(p2p
);
1191 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
1193 wpa_s
->cross_connect_disallowed
?
1194 "disallows" : "allows");
1197 #endif /* CONFIG_P2P */
1199 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
1201 cipher_pairwise
= cipher_suite2driver(wpa_s
->pairwise_cipher
);
1202 cipher_group
= cipher_suite2driver(wpa_s
->group_cipher
);
1203 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
1204 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1205 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
1207 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
1212 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
1215 #ifdef IEEE8021X_EAPOL
1216 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1217 if ((ssid
->eapol_flags
&
1218 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
1219 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
1223 /* Assume that dynamic WEP-104 keys will be used and
1224 * set cipher suites in order for drivers to expect
1226 cipher_pairwise
= cipher_group
= CIPHER_WEP104
;
1229 #endif /* IEEE8021X_EAPOL */
1231 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
1232 /* Set the key before (and later after) association */
1233 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
1236 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
1238 params
.bssid
= bss
->bssid
;
1239 params
.ssid
= bss
->ssid
;
1240 params
.ssid_len
= bss
->ssid_len
;
1241 params
.freq
= bss
->freq
;
1243 params
.ssid
= ssid
->ssid
;
1244 params
.ssid_len
= ssid
->ssid_len
;
1246 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->frequency
> 0 &&
1248 params
.freq
= ssid
->frequency
; /* Initial channel for IBSS */
1249 params
.wpa_ie
= wpa_ie
;
1250 params
.wpa_ie_len
= wpa_ie_len
;
1251 params
.pairwise_suite
= cipher_pairwise
;
1252 params
.group_suite
= cipher_group
;
1253 params
.key_mgmt_suite
= key_mgmt2driver(wpa_s
->key_mgmt
);
1254 params
.auth_alg
= algs
;
1255 params
.mode
= ssid
->mode
;
1256 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
1257 if (ssid
->wep_key_len
[i
])
1258 params
.wep_key
[i
] = ssid
->wep_key
[i
];
1259 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
1261 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
1263 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
1264 (params
.key_mgmt_suite
== KEY_MGMT_PSK
||
1265 params
.key_mgmt_suite
== KEY_MGMT_FT_PSK
)) {
1266 params
.passphrase
= ssid
->passphrase
;
1268 params
.psk
= ssid
->psk
;
1271 params
.drop_unencrypted
= use_crypt
;
1273 #ifdef CONFIG_IEEE80211W
1274 params
.mgmt_frame_protection
= ssid
->ieee80211w
;
1275 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
1276 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1277 struct wpa_ie_data ie
;
1278 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
1280 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
1281 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
1282 "MFP: require MFP");
1283 params
.mgmt_frame_protection
=
1284 MGMT_FRAME_PROTECTION_REQUIRED
;
1287 #endif /* CONFIG_IEEE80211W */
1290 if (wpa_s
->global
->p2p
&&
1291 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_CAPABLE
))
1293 #endif /* CONFIG_P2P */
1295 if (wpa_s
->parent
->set_sta_uapsd
)
1296 params
.uapsd
= wpa_s
->parent
->sta_uapsd
;
1300 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1301 ret
= ieee80211_sta_associate(wpa_s
, ¶ms
);
1303 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
1305 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
1307 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
1309 * The driver is known to mean what is saying, so we
1310 * can stop right here; the association will not
1313 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
1314 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
1317 /* try to continue anyway; new association will be tried again
1322 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
1323 /* Set the key after the association just in case association
1324 * cleared the previously configured key. */
1325 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
1326 /* No need to timeout authentication since there is no key
1328 wpa_supplicant_cancel_auth_timeout(wpa_s
);
1329 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
1330 #ifdef CONFIG_IBSS_RSN
1331 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
1332 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
1333 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
1334 ibss_rsn_set_psk(wpa_s
->ibss_rsn
, ssid
->psk
);
1336 * RSN IBSS authentication is per-STA and we can disable the
1337 * per-BSSID authentication.
1339 wpa_supplicant_cancel_auth_timeout(wpa_s
);
1340 #endif /* CONFIG_IBSS_RSN */
1342 /* Timeout for IEEE 802.11 authentication and association */
1346 /* give IBSS a bit more time */
1347 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
1348 } else if (wpa_s
->conf
->ap_scan
== 1) {
1349 /* give IBSS a bit more time */
1350 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
1352 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
1355 if (wep_keys_set
&& wpa_drv_get_capa(wpa_s
, &capa
) == 0 &&
1356 capa
.flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
) {
1357 /* Set static WEP keys again */
1358 wpa_set_wep_keys(wpa_s
, ssid
);
1361 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
1363 * Do not allow EAP session resumption between different
1364 * network configurations.
1366 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1368 old_ssid
= wpa_s
->current_ssid
;
1369 wpa_s
->current_ssid
= ssid
;
1370 wpa_s
->current_bss
= bss
;
1371 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
1372 wpa_supplicant_initiate_eapol(wpa_s
);
1373 if (old_ssid
!= wpa_s
->current_ssid
)
1374 wpas_notify_network_changed(wpa_s
);
1378 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
1381 struct wpa_ssid
*old_ssid
;
1383 wpa_clear_keys(wpa_s
, addr
);
1384 wpa_supplicant_mark_disassoc(wpa_s
);
1385 old_ssid
= wpa_s
->current_ssid
;
1386 wpa_s
->current_ssid
= NULL
;
1387 wpa_s
->current_bss
= NULL
;
1388 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1389 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1390 if (old_ssid
!= wpa_s
->current_ssid
)
1391 wpas_notify_network_changed(wpa_s
);
1392 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
1397 * wpa_supplicant_disassociate - Disassociate the current connection
1398 * @wpa_s: Pointer to wpa_supplicant data
1399 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1401 * This function is used to request %wpa_supplicant to disassociate with the
1404 void wpa_supplicant_disassociate(struct wpa_supplicant
*wpa_s
,
1409 if (!is_zero_ether_addr(wpa_s
->bssid
)) {
1410 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1411 ieee80211_sta_disassociate(wpa_s
, reason_code
);
1413 wpa_drv_disassociate(wpa_s
, wpa_s
->bssid
, reason_code
);
1414 addr
= wpa_s
->bssid
;
1417 wpa_supplicant_clear_connection(wpa_s
, addr
);
1422 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1423 * @wpa_s: Pointer to wpa_supplicant data
1424 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1426 * This function is used to request %wpa_supplicant to deauthenticate from the
1429 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
1434 if (!is_zero_ether_addr(wpa_s
->bssid
)) {
1435 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1436 ieee80211_sta_deauthenticate(wpa_s
, reason_code
);
1438 wpa_drv_deauthenticate(wpa_s
, wpa_s
->bssid
,
1440 addr
= wpa_s
->bssid
;
1443 wpa_supplicant_clear_connection(wpa_s
, addr
);
1448 * wpa_supplicant_enable_network - Mark a configured network as enabled
1449 * @wpa_s: wpa_supplicant structure for a network interface
1450 * @ssid: wpa_ssid structure for a configured network or %NULL
1452 * Enables the specified network or all networks if no network specified.
1454 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
1455 struct wpa_ssid
*ssid
)
1457 struct wpa_ssid
*other_ssid
;
1461 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1462 other_ssid
= other_ssid
->next
) {
1463 if (other_ssid
->disabled
== 2)
1464 continue; /* do not change persistent P2P group
1466 if (other_ssid
== wpa_s
->current_ssid
&&
1467 other_ssid
->disabled
)
1468 wpa_s
->reassociate
= 1;
1470 was_disabled
= other_ssid
->disabled
;
1472 other_ssid
->disabled
= 0;
1474 if (was_disabled
!= other_ssid
->disabled
)
1475 wpas_notify_network_enabled_changed(
1478 if (wpa_s
->reassociate
)
1479 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1480 } else if (ssid
->disabled
&& ssid
->disabled
!= 2) {
1481 if (wpa_s
->current_ssid
== NULL
) {
1483 * Try to reassociate since there is no current
1484 * configuration and a new network was made available.
1486 wpa_s
->reassociate
= 1;
1487 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1490 was_disabled
= ssid
->disabled
;
1494 if (was_disabled
!= ssid
->disabled
)
1495 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
1501 * wpa_supplicant_disable_network - Mark a configured network as disabled
1502 * @wpa_s: wpa_supplicant structure for a network interface
1503 * @ssid: wpa_ssid structure for a configured network or %NULL
1505 * Disables the specified network or all networks if no network specified.
1507 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
1508 struct wpa_ssid
*ssid
)
1510 struct wpa_ssid
*other_ssid
;
1514 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1515 other_ssid
= other_ssid
->next
) {
1516 was_disabled
= other_ssid
->disabled
;
1517 if (was_disabled
== 2)
1518 continue; /* do not change persistent P2P group
1521 other_ssid
->disabled
= 1;
1523 if (was_disabled
!= other_ssid
->disabled
)
1524 wpas_notify_network_enabled_changed(
1527 if (wpa_s
->current_ssid
)
1528 wpa_supplicant_disassociate(
1529 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1530 } else if (ssid
->disabled
!= 2) {
1531 if (ssid
== wpa_s
->current_ssid
)
1532 wpa_supplicant_disassociate(
1533 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1535 was_disabled
= ssid
->disabled
;
1539 if (was_disabled
!= ssid
->disabled
)
1540 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
1546 * wpa_supplicant_select_network - Attempt association with a network
1547 * @wpa_s: wpa_supplicant structure for a network interface
1548 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1550 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
1551 struct wpa_ssid
*ssid
)
1554 struct wpa_ssid
*other_ssid
;
1556 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
)
1557 wpa_supplicant_disassociate(
1558 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1561 * Mark all other networks disabled or mark all networks enabled if no
1562 * network specified.
1564 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1565 other_ssid
= other_ssid
->next
) {
1566 int was_disabled
= other_ssid
->disabled
;
1567 if (was_disabled
== 2)
1568 continue; /* do not change persistent P2P group data */
1570 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
1572 if (was_disabled
!= other_ssid
->disabled
)
1573 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
1575 wpa_s
->disconnected
= 0;
1576 wpa_s
->reassociate
= 1;
1577 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1580 wpas_notify_network_selected(wpa_s
, ssid
);
1585 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1586 * @wpa_s: wpa_supplicant structure for a network interface
1587 * @ap_scan: AP scan mode
1588 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1591 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
1596 if (ap_scan
< 0 || ap_scan
> 2)
1599 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1600 wpa_s
->conf
->ap_scan
= ap_scan
;
1602 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1603 wpas_notify_ap_scan_changed(wpa_s
);
1610 * wpa_supplicant_set_debug_params - Set global debug params
1611 * @global: wpa_global structure
1612 * @debug_level: debug level
1613 * @debug_timestamp: determines if show timestamp in debug data
1614 * @debug_show_keys: determines if show keys in debug data
1615 * Returns: 0 if succeed or -1 if debug_level has wrong value
1617 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
1618 int debug_timestamp
, int debug_show_keys
)
1621 int old_level
, old_timestamp
, old_show_keys
;
1623 /* check for allowed debuglevels */
1624 if (debug_level
!= MSG_MSGDUMP
&&
1625 debug_level
!= MSG_DEBUG
&&
1626 debug_level
!= MSG_INFO
&&
1627 debug_level
!= MSG_WARNING
&&
1628 debug_level
!= MSG_ERROR
)
1631 old_level
= wpa_debug_level
;
1632 old_timestamp
= wpa_debug_timestamp
;
1633 old_show_keys
= wpa_debug_show_keys
;
1635 wpa_debug_level
= debug_level
;
1636 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
1637 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
1639 if (wpa_debug_level
!= old_level
)
1640 wpas_notify_debug_level_changed(global
);
1641 if (wpa_debug_timestamp
!= old_timestamp
)
1642 wpas_notify_debug_timestamp_changed(global
);
1643 if (wpa_debug_show_keys
!= old_show_keys
)
1644 wpas_notify_debug_show_keys_changed(global
);
1651 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1652 * @wpa_s: Pointer to wpa_supplicant data
1653 * Returns: A pointer to the current network structure or %NULL on failure
1655 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
1657 struct wpa_ssid
*entry
;
1658 u8 ssid
[MAX_SSID_LEN
];
1664 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
) {
1665 if (ieee80211_sta_get_ssid(wpa_s
, ssid
, &ssid_len
)) {
1666 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
1671 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
1673 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
1680 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1681 os_memcpy(bssid
, wpa_s
->bssid
, ETH_ALEN
);
1682 else if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
1683 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
1688 wired
= wpa_s
->conf
->ap_scan
== 0 &&
1689 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
1691 entry
= wpa_s
->conf
->ssid
;
1693 if (!entry
->disabled
&&
1694 ((ssid_len
== entry
->ssid_len
&&
1695 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
1696 (!entry
->bssid_set
||
1697 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
1700 if (!entry
->disabled
&&
1701 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
1702 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
1703 (!entry
->bssid_set
||
1704 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
1706 #endif /* CONFIG_WPS */
1707 entry
= entry
->next
;
1714 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
1719 const char *pos
, *driver
= name
;
1724 if (wpa_drivers
[0] == NULL
) {
1725 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
1731 /* default to first driver in the list */
1732 wpa_s
->driver
= wpa_drivers
[0];
1733 wpa_s
->global_drv_priv
= wpa_s
->global
->drv_priv
[0];
1738 pos
= os_strchr(driver
, ',');
1742 len
= os_strlen(driver
);
1744 for (i
= 0; wpa_drivers
[i
]; i
++) {
1745 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
1746 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
1748 wpa_s
->driver
= wpa_drivers
[i
];
1749 wpa_s
->global_drv_priv
=
1750 wpa_s
->global
->drv_priv
[i
];
1758 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
1764 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1765 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1766 * with struct wpa_driver_ops::init()
1767 * @src_addr: Source address of the EAPOL frame
1768 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1769 * @len: Length of the EAPOL data
1771 * This function is called for each received EAPOL frame. Most driver
1772 * interfaces rely on more generic OS mechanism for receiving frames through
1773 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1774 * take care of received EAPOL frames and deliver them to the core supplicant
1775 * code by calling this function.
1777 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
1778 const u8
*buf
, size_t len
)
1780 struct wpa_supplicant
*wpa_s
= ctx
;
1782 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
1783 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
1785 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
) {
1787 * There is possible race condition between receiving the
1788 * association event and the EAPOL frame since they are coming
1789 * through different paths from the driver. In order to avoid
1790 * issues in trying to process the EAPOL frame before receiving
1791 * association information, lets queue it for processing until
1792 * the association event is received.
1794 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
1795 "of received EAPOL frame");
1796 wpabuf_free(wpa_s
->pending_eapol_rx
);
1797 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
1798 if (wpa_s
->pending_eapol_rx
) {
1799 os_get_time(&wpa_s
->pending_eapol_rx_time
);
1800 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
1807 if (wpa_s
->ap_iface
) {
1808 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
1811 #endif /* CONFIG_AP */
1813 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
1814 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
1815 "no key management is configured");
1819 if (wpa_s
->eapol_received
== 0 &&
1820 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
1821 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1822 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
1823 (wpa_s
->current_ssid
== NULL
||
1824 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
1825 /* Timeout for completing IEEE 802.1X and WPA authentication */
1826 wpa_supplicant_req_auth_timeout(
1828 (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
1829 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
1830 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) ?
1833 wpa_s
->eapol_received
++;
1835 if (wpa_s
->countermeasures
) {
1836 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
1841 #ifdef CONFIG_IBSS_RSN
1842 if (wpa_s
->current_ssid
&&
1843 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
1844 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
1847 #endif /* CONFIG_IBSS_RSN */
1849 /* Source address of the incoming EAPOL frame could be compared to the
1850 * current BSSID. However, it is possible that a centralized
1851 * Authenticator could be using another MAC address than the BSSID of
1852 * an AP, so just allow any address to be used for now. The replies are
1853 * still sent to the current BSSID (if available), though. */
1855 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
1856 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
1857 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
1859 wpa_drv_poll(wpa_s
);
1860 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
1861 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
1862 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
1864 * Set portValid = TRUE here since we are going to skip 4-way
1865 * handshake processing which would normally set portValid. We
1866 * need this to allow the EAPOL state machines to be completed
1867 * without going through EAPOL-Key handshake.
1869 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
1875 * wpa_supplicant_driver_init - Initialize driver interface parameters
1876 * @wpa_s: Pointer to wpa_supplicant data
1877 * Returns: 0 on success, -1 on failure
1879 * This function is called to initialize driver interface parameters.
1880 * wpa_drv_init() must have been called before this function to initialize the
1883 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
1885 static int interface_count
= 0;
1887 if (wpa_s
->driver
->send_eapol
) {
1888 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
1890 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
1891 } else if (!(wpa_s
->drv_flags
&
1892 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
1893 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
1894 wpa_drv_get_mac_addr(wpa_s
),
1896 wpa_supplicant_rx_eapol
, wpa_s
, 0);
1897 if (wpa_s
->l2
== NULL
)
1900 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
1902 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
1905 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
1906 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
1910 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
1911 MAC2STR(wpa_s
->own_addr
));
1913 if (wpa_s
->bridge_ifname
[0]) {
1914 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
1915 "interface '%s'", wpa_s
->bridge_ifname
);
1916 wpa_s
->l2_br
= l2_packet_init(wpa_s
->bridge_ifname
,
1919 wpa_supplicant_rx_eapol
, wpa_s
,
1921 if (wpa_s
->l2_br
== NULL
) {
1922 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
1923 "connection for the bridge interface '%s'",
1924 wpa_s
->bridge_ifname
);
1929 wpa_clear_keys(wpa_s
, NULL
);
1931 /* Make sure that TKIP countermeasures are not left enabled (could
1932 * happen if wpa_supplicant is killed during countermeasures. */
1933 wpa_drv_set_countermeasures(wpa_s
, 0);
1935 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
1936 wpa_drv_flush_pmkid(wpa_s
);
1938 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
1939 if (wpa_supplicant_enabled_networks(wpa_s
->conf
)) {
1940 wpa_supplicant_req_scan(wpa_s
, interface_count
, 100000);
1943 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
1949 static int wpa_supplicant_daemon(const char *pid_file
)
1951 wpa_printf(MSG_DEBUG
, "Daemonize..");
1952 return os_daemonize(pid_file
);
1956 static struct wpa_supplicant
* wpa_supplicant_alloc(void)
1958 struct wpa_supplicant
*wpa_s
;
1960 wpa_s
= os_zalloc(sizeof(*wpa_s
));
1963 wpa_s
->scan_req
= 1;
1964 wpa_s
->new_connection
= 1;
1965 wpa_s
->parent
= wpa_s
;
1971 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
1972 struct wpa_interface
*iface
)
1974 const char *ifname
, *driver
;
1975 struct wpa_driver_capa capa
;
1977 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
1978 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
1979 iface
->confname
? iface
->confname
: "N/A",
1980 iface
->driver
? iface
->driver
: "default",
1981 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
1982 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
1984 if (iface
->confname
) {
1985 #ifdef CONFIG_BACKEND_FILE
1986 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
1987 if (wpa_s
->confname
== NULL
) {
1988 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
1989 "for configuration file '%s'.",
1993 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
1994 iface
->confname
, wpa_s
->confname
);
1995 #else /* CONFIG_BACKEND_FILE */
1996 wpa_s
->confname
= os_strdup(iface
->confname
);
1997 #endif /* CONFIG_BACKEND_FILE */
1998 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
);
1999 if (wpa_s
->conf
== NULL
) {
2000 wpa_printf(MSG_ERROR
, "Failed to read or parse "
2001 "configuration '%s'.", wpa_s
->confname
);
2006 * Override ctrl_interface and driver_param if set on command
2009 if (iface
->ctrl_interface
) {
2010 os_free(wpa_s
->conf
->ctrl_interface
);
2011 wpa_s
->conf
->ctrl_interface
=
2012 os_strdup(iface
->ctrl_interface
);
2015 if (iface
->driver_param
) {
2016 os_free(wpa_s
->conf
->driver_param
);
2017 wpa_s
->conf
->driver_param
=
2018 os_strdup(iface
->driver_param
);
2021 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
2022 iface
->driver_param
);
2024 if (wpa_s
->conf
== NULL
) {
2025 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
2029 if (iface
->ifname
== NULL
) {
2030 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
2033 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
2034 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
2038 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
2040 if (iface
->bridge_ifname
) {
2041 if (os_strlen(iface
->bridge_ifname
) >=
2042 sizeof(wpa_s
->bridge_ifname
)) {
2043 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
2044 "name '%s'.", iface
->bridge_ifname
);
2047 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
2048 sizeof(wpa_s
->bridge_ifname
));
2051 /* RSNA Supplicant Key Management - INITIALIZE */
2052 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
2053 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
2055 /* Initialize driver interface and register driver event handler before
2056 * L2 receive handler so that association events are processed before
2057 * EAPOL-Key packets if both become available for the same select()
2059 driver
= iface
->driver
;
2061 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
2064 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
2065 if (wpa_s
->drv_priv
== NULL
) {
2067 pos
= driver
? os_strchr(driver
, ',') : NULL
;
2069 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
2070 "driver interface - try next driver wrapper");
2074 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
2078 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
2079 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
2080 "driver_param '%s'", wpa_s
->conf
->driver_param
);
2084 ifname
= wpa_drv_get_ifname(wpa_s
);
2085 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
2086 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
2087 "interface name with '%s'", ifname
);
2088 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
2091 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
2094 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
2095 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
2097 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
2099 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
2100 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
2101 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
2102 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
2103 "dot11RSNAConfigPMKLifetime");
2107 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
2108 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
2109 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
2110 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
2111 "dot11RSNAConfigPMKReauthThreshold");
2115 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
2116 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
2117 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
2118 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
2119 "dot11RSNAConfigSATimeout");
2123 if (wpa_drv_get_capa(wpa_s
, &capa
) == 0) {
2124 wpa_s
->drv_flags
= capa
.flags
;
2125 if (capa
.flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
) {
2126 if (ieee80211_sta_init(wpa_s
))
2129 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
2130 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
2131 wpa_s
->max_stations
= capa
.max_stations
;
2133 if (wpa_s
->max_remain_on_chan
== 0)
2134 wpa_s
->max_remain_on_chan
= 1000;
2136 if (wpa_supplicant_driver_init(wpa_s
) < 0)
2139 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
2140 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
2141 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
2145 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
2147 if (wpas_wps_init(wpa_s
))
2150 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
2152 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
2154 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
2155 if (wpa_s
->ctrl_iface
== NULL
) {
2156 wpa_printf(MSG_ERROR
,
2157 "Failed to initialize control interface '%s'.\n"
2158 "You may have another wpa_supplicant process "
2159 "already running or the file was\n"
2160 "left by an unclean termination of wpa_supplicant "
2161 "in which case you will need\n"
2162 "to manually remove this file before starting "
2163 "wpa_supplicant again.\n",
2164 wpa_s
->conf
->ctrl_interface
);
2168 #ifdef CONFIG_IBSS_RSN
2169 wpa_s
->ibss_rsn
= ibss_rsn_init(wpa_s
);
2170 if (!wpa_s
->ibss_rsn
) {
2171 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to init IBSS RSN");
2174 #endif /* CONFIG_IBSS_RSN */
2177 if (wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
2178 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
2181 #endif /* CONFIG_P2P */
2183 if (wpa_bss_init(wpa_s
) < 0)
2190 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
2193 if (wpa_s
->drv_priv
) {
2194 wpa_supplicant_deauthenticate(wpa_s
,
2195 WLAN_REASON_DEAUTH_LEAVING
);
2197 wpa_drv_set_countermeasures(wpa_s
, 0);
2198 wpa_clear_keys(wpa_s
, NULL
);
2201 wpa_supplicant_cleanup(wpa_s
);
2204 wpas_notify_iface_removed(wpa_s
);
2206 if (wpa_s
->drv_priv
)
2207 wpa_drv_deinit(wpa_s
);
2212 * wpa_supplicant_add_iface - Add a new network interface
2213 * @global: Pointer to global data from wpa_supplicant_init()
2214 * @iface: Interface configuration options
2215 * Returns: Pointer to the created interface or %NULL on failure
2217 * This function is used to add new network interfaces for %wpa_supplicant.
2218 * This can be called before wpa_supplicant_run() to add interfaces before the
2219 * main event loop has been started. In addition, new interfaces can be added
2220 * dynamically while %wpa_supplicant is already running. This could happen,
2221 * e.g., when a hotplug network adapter is inserted.
2223 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
2224 struct wpa_interface
*iface
)
2226 struct wpa_supplicant
*wpa_s
;
2227 struct wpa_interface t_iface
;
2228 struct wpa_ssid
*ssid
;
2230 if (global
== NULL
|| iface
== NULL
)
2233 wpa_s
= wpa_supplicant_alloc();
2237 wpa_s
->global
= global
;
2240 if (global
->params
.override_driver
) {
2241 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
2243 iface
->driver
, global
->params
.override_driver
);
2244 t_iface
.driver
= global
->params
.override_driver
;
2246 if (global
->params
.override_ctrl_interface
) {
2247 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
2248 "ctrl_interface ('%s' -> '%s')",
2249 iface
->ctrl_interface
,
2250 global
->params
.override_ctrl_interface
);
2251 t_iface
.ctrl_interface
=
2252 global
->params
.override_ctrl_interface
;
2254 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
2255 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
2257 wpa_supplicant_deinit_iface(wpa_s
, 0);
2262 /* Notify the control interfaces about new iface */
2263 if (wpas_notify_iface_added(wpa_s
)) {
2264 wpa_supplicant_deinit_iface(wpa_s
, 1);
2269 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
2270 wpas_notify_network_added(wpa_s
, ssid
);
2272 wpa_s
->next
= global
->ifaces
;
2273 global
->ifaces
= wpa_s
;
2275 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
2282 * wpa_supplicant_remove_iface - Remove a network interface
2283 * @global: Pointer to global data from wpa_supplicant_init()
2284 * @wpa_s: Pointer to the network interface to be removed
2285 * Returns: 0 if interface was removed, -1 if interface was not found
2287 * This function can be used to dynamically remove network interfaces from
2288 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2289 * addition, this function is used to remove all remaining interfaces when
2290 * %wpa_supplicant is terminated.
2292 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
2293 struct wpa_supplicant
*wpa_s
)
2295 struct wpa_supplicant
*prev
;
2297 /* Remove interface from the global list of interfaces */
2298 prev
= global
->ifaces
;
2299 if (prev
== wpa_s
) {
2300 global
->ifaces
= wpa_s
->next
;
2302 while (prev
&& prev
->next
!= wpa_s
)
2306 prev
->next
= wpa_s
->next
;
2309 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
2311 if (global
->p2p_group_formation
== wpa_s
)
2312 global
->p2p_group_formation
= NULL
;
2313 wpa_supplicant_deinit_iface(wpa_s
, 1);
2321 * wpa_supplicant_get_iface - Get a new network interface
2322 * @global: Pointer to global data from wpa_supplicant_init()
2323 * @ifname: Interface name
2324 * Returns: Pointer to the interface or %NULL if not found
2326 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
2329 struct wpa_supplicant
*wpa_s
;
2331 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
2332 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
2339 #ifndef CONFIG_NO_WPA_MSG
2340 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
2342 struct wpa_supplicant
*wpa_s
= ctx
;
2345 return wpa_s
->ifname
;
2347 #endif /* CONFIG_NO_WPA_MSG */
2351 * wpa_supplicant_init - Initialize %wpa_supplicant
2352 * @params: Parameters for %wpa_supplicant
2353 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2355 * This function is used to initialize %wpa_supplicant. After successful
2356 * initialization, the returned data pointer can be used to add and remove
2357 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2359 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
2361 struct wpa_global
*global
;
2367 #ifndef CONFIG_NO_WPA_MSG
2368 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
2369 #endif /* CONFIG_NO_WPA_MSG */
2371 wpa_debug_open_file(params
->wpa_debug_file_path
);
2372 if (params
->wpa_debug_syslog
)
2373 wpa_debug_open_syslog();
2375 ret
= eap_register_methods();
2377 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
2379 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
2380 "the same EAP type.");
2384 global
= os_zalloc(sizeof(*global
));
2387 dl_list_init(&global
->p2p_srv_bonjour
);
2388 dl_list_init(&global
->p2p_srv_upnp
);
2389 global
->params
.daemonize
= params
->daemonize
;
2390 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
2391 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
2392 if (params
->pid_file
)
2393 global
->params
.pid_file
= os_strdup(params
->pid_file
);
2394 if (params
->ctrl_interface
)
2395 global
->params
.ctrl_interface
=
2396 os_strdup(params
->ctrl_interface
);
2397 if (params
->override_driver
)
2398 global
->params
.override_driver
=
2399 os_strdup(params
->override_driver
);
2400 if (params
->override_ctrl_interface
)
2401 global
->params
.override_ctrl_interface
=
2402 os_strdup(params
->override_ctrl_interface
);
2403 wpa_debug_level
= global
->params
.wpa_debug_level
=
2404 params
->wpa_debug_level
;
2405 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
2406 params
->wpa_debug_show_keys
;
2407 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
2408 params
->wpa_debug_timestamp
;
2410 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
2413 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
2414 wpa_supplicant_deinit(global
);
2418 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
2419 if (global
->ctrl_iface
== NULL
) {
2420 wpa_supplicant_deinit(global
);
2424 if (wpas_notify_supplicant_initialized(global
)) {
2425 wpa_supplicant_deinit(global
);
2429 for (i
= 0; wpa_drivers
[i
]; i
++)
2430 global
->drv_count
++;
2431 if (global
->drv_count
== 0) {
2432 wpa_printf(MSG_ERROR
, "No drivers enabled");
2433 wpa_supplicant_deinit(global
);
2436 global
->drv_priv
= os_zalloc(global
->drv_count
* sizeof(void *));
2437 if (global
->drv_priv
== NULL
) {
2438 wpa_supplicant_deinit(global
);
2441 for (i
= 0; wpa_drivers
[i
]; i
++) {
2442 if (!wpa_drivers
[i
]->global_init
)
2444 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init();
2445 if (global
->drv_priv
[i
] == NULL
) {
2446 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
2447 "'%s'", wpa_drivers
[i
]->name
);
2448 wpa_supplicant_deinit(global
);
2458 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2459 * @global: Pointer to global data from wpa_supplicant_init()
2460 * Returns: 0 after successful event loop run, -1 on failure
2462 * This function starts the main event loop and continues running as long as
2463 * there are any remaining events. In most cases, this function is running as
2464 * long as the %wpa_supplicant process in still in use.
2466 int wpa_supplicant_run(struct wpa_global
*global
)
2468 struct wpa_supplicant
*wpa_s
;
2470 if (global
->params
.daemonize
&&
2471 wpa_supplicant_daemon(global
->params
.pid_file
))
2474 if (global
->params
.wait_for_monitor
) {
2475 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
2476 if (wpa_s
->ctrl_iface
)
2477 wpa_supplicant_ctrl_iface_wait(
2481 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
2482 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
2491 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2492 * @global: Pointer to global data from wpa_supplicant_init()
2494 * This function is called to deinitialize %wpa_supplicant and to free all
2495 * allocated resources. Remaining network interfaces will also be removed.
2497 void wpa_supplicant_deinit(struct wpa_global
*global
)
2505 wpas_p2p_deinit_global(global
);
2506 #endif /* CONFIG_P2P */
2508 while (global
->ifaces
)
2509 wpa_supplicant_remove_iface(global
, global
->ifaces
);
2511 if (global
->ctrl_iface
)
2512 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
2514 wpas_notify_supplicant_deinitialized(global
);
2516 eap_peer_unregister_methods();
2518 eap_server_unregister_methods();
2519 #endif /* CONFIG_AP */
2521 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
2522 if (!global
->drv_priv
[i
])
2524 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
2526 os_free(global
->drv_priv
);
2530 if (global
->params
.pid_file
) {
2531 os_daemonize_terminate(global
->params
.pid_file
);
2532 os_free(global
->params
.pid_file
);
2534 os_free(global
->params
.ctrl_interface
);
2535 os_free(global
->params
.override_driver
);
2536 os_free(global
->params
.override_ctrl_interface
);
2539 wpa_debug_close_syslog();
2540 wpa_debug_close_file();
2544 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
2547 wpas_wps_update_config(wpa_s
);
2548 #endif /* CONFIG_WPS */
2551 wpas_p2p_update_config(wpa_s
);
2552 #endif /* CONFIG_P2P */
2554 wpa_s
->conf
->changed_parameters
= 0;
2558 void ieee80211_sta_free_hw_features(struct hostapd_hw_modes
*hw_features
,
2559 size_t num_hw_features
)
2563 if (hw_features
== NULL
)
2566 for (i
= 0; i
< num_hw_features
; i
++) {
2567 os_free(hw_features
[i
].channels
);
2568 os_free(hw_features
[i
].rates
);
2571 os_free(hw_features
);
2575 static void add_freq(int *freqs
, int *num_freqs
, int freq
)
2579 for (i
= 0; i
< *num_freqs
; i
++) {
2580 if (freqs
[i
] == freq
)
2584 freqs
[*num_freqs
] = freq
;
2589 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
2591 struct wpa_bss
*bss
, *cbss
;
2592 const int max_freqs
= 10;
2596 freqs
= os_zalloc(sizeof(int) * (max_freqs
+ 1));
2600 cbss
= wpa_s
->current_bss
;
2602 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
2605 if (bss
->ssid_len
== cbss
->ssid_len
&&
2606 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
2607 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
2608 add_freq(freqs
, &num_freqs
, bss
->freq
);
2609 if (num_freqs
== max_freqs
)
2614 if (num_freqs
== 0) {
2623 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
2630 * Add the failed BSSID into the blacklist and speed up next scan
2631 * attempt if there could be other APs that could accept association.
2632 * The current blacklist count indicates how many times we have tried
2633 * connecting to this AP and multiple attempts mean that other APs are
2634 * either not available or has already been tried, so that we can start
2635 * increasing the delay here to avoid constant scanning.
2637 count
= wpa_blacklist_add(wpa_s
, bssid
);
2638 if (count
== 1 && wpa_s
->current_bss
) {
2640 * This BSS was not in the blacklist before. If there is
2641 * another BSS available for the same ESS, we should try that
2642 * next. Otherwise, we may as well try this one once more
2643 * before allowing other, likely worse, ESSes to be considered.
2645 freqs
= get_bss_freqs_in_ess(wpa_s
);
2647 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
2648 "has been seen; try it next");
2649 wpa_blacklist_add(wpa_s
, bssid
);
2651 * On the next scan, go through only the known channels
2652 * used in this ESS based on previous scans to speed up
2653 * common load balancing use case.
2655 os_free(wpa_s
->next_scan_freqs
);
2656 wpa_s
->next_scan_freqs
= freqs
;
2675 * TODO: if more than one possible AP is available in scan results,
2676 * could try the other ones before requesting a new scan.
2678 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
2679 1000 * (timeout
% 1000));