]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SAE: Allow SAE password to be configured separately (STA)
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
42 #include "p2p/p2p.h"
43 #include "fst/fst.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
47 #include "ibss_rsn.h"
48 #include "sme.h"
49 #include "gas_query.h"
50 #include "ap.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
53 #include "notify.h"
54 #include "bgscan.h"
55 #include "autoscan.h"
56 #include "bss.h"
57 #include "scan.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
60 #include "wnm_sta.h"
61 #include "wpas_kay.h"
62 #include "mesh.h"
63 #include "dpp_supplicant.h"
64 #ifdef CONFIG_MESH
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
68
69 const char *const wpa_supplicant_version =
70 "wpa_supplicant v" VERSION_STR "\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
72
73 const char *const wpa_supplicant_license =
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
80 ;
81
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1 =
85 "";
86 const char *const wpa_supplicant_full_license2 =
87 "This software may be distributed under the terms of the BSD license.\n"
88 "\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
91 "met:\n"
92 "\n";
93 const char *const wpa_supplicant_full_license3 =
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
96 "\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
100 "\n";
101 const char *const wpa_supplicant_full_license4 =
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
105 "\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5 =
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118 "\n";
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
120
121
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
123
124
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
127 {
128 int i, set = 0;
129
130 for (i = 0; i < NUM_WEP_KEYS; i++) {
131 if (ssid->wep_key_len[i] == 0)
132 continue;
133
134 set = 1;
135 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
136 i, i == ssid->wep_tx_keyidx, NULL, 0,
137 ssid->wep_key[i], ssid->wep_key_len[i]);
138 }
139
140 return set;
141 }
142
143
144 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
145 struct wpa_ssid *ssid)
146 {
147 u8 key[32];
148 size_t keylen;
149 enum wpa_alg alg;
150 u8 seq[6] = { 0 };
151 int ret;
152
153 /* IBSS/WPA-None uses only one key (Group) for both receiving and
154 * sending unicast and multicast packets. */
155
156 if (ssid->mode != WPAS_MODE_IBSS) {
157 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
158 "IBSS/ad-hoc) for WPA-None", ssid->mode);
159 return -1;
160 }
161
162 if (!ssid->psk_set) {
163 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
164 "WPA-None");
165 return -1;
166 }
167
168 switch (wpa_s->group_cipher) {
169 case WPA_CIPHER_CCMP:
170 os_memcpy(key, ssid->psk, 16);
171 keylen = 16;
172 alg = WPA_ALG_CCMP;
173 break;
174 case WPA_CIPHER_GCMP:
175 os_memcpy(key, ssid->psk, 16);
176 keylen = 16;
177 alg = WPA_ALG_GCMP;
178 break;
179 case WPA_CIPHER_TKIP:
180 /* WPA-None uses the same Michael MIC key for both TX and RX */
181 os_memcpy(key, ssid->psk, 16 + 8);
182 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
183 keylen = 32;
184 alg = WPA_ALG_TKIP;
185 break;
186 default:
187 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
188 "WPA-None", wpa_s->group_cipher);
189 return -1;
190 }
191
192 /* TODO: should actually remember the previously used seq#, both for TX
193 * and RX from each STA.. */
194
195 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
196 os_memset(key, 0, sizeof(key));
197 return ret;
198 }
199
200
201 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
202 {
203 struct wpa_supplicant *wpa_s = eloop_ctx;
204 const u8 *bssid = wpa_s->bssid;
205 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
206 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
207 wpa_s->wpa_state == WPA_ASSOCIATING))
208 bssid = wpa_s->pending_bssid;
209 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
210 MAC2STR(bssid));
211 wpa_blacklist_add(wpa_s, bssid);
212 wpa_sm_notify_disassoc(wpa_s->wpa);
213 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
214 wpa_s->reassociate = 1;
215
216 /*
217 * If we timed out, the AP or the local radio may be busy.
218 * So, wait a second until scanning again.
219 */
220 wpa_supplicant_req_scan(wpa_s, 1, 0);
221 }
222
223
224 /**
225 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
226 * @wpa_s: Pointer to wpa_supplicant data
227 * @sec: Number of seconds after which to time out authentication
228 * @usec: Number of microseconds after which to time out authentication
229 *
230 * This function is used to schedule a timeout for the current authentication
231 * attempt.
232 */
233 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
234 int sec, int usec)
235 {
236 if (wpa_s->conf->ap_scan == 0 &&
237 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
238 return;
239
240 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
241 "%d usec", sec, usec);
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
244 }
245
246
247 /**
248 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to cancel authentication timeout scheduled with
252 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
253 * been completed.
254 */
255 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
256 {
257 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
258 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
259 wpa_blacklist_del(wpa_s, wpa_s->bssid);
260 }
261
262
263 /**
264 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
265 * @wpa_s: Pointer to wpa_supplicant data
266 *
267 * This function is used to configure EAPOL state machine based on the selected
268 * authentication mode.
269 */
270 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
271 {
272 #ifdef IEEE8021X_EAPOL
273 struct eapol_config eapol_conf;
274 struct wpa_ssid *ssid = wpa_s->current_ssid;
275
276 #ifdef CONFIG_IBSS_RSN
277 if (ssid->mode == WPAS_MODE_IBSS &&
278 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
279 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
280 /*
281 * RSN IBSS authentication is per-STA and we can disable the
282 * per-BSSID EAPOL authentication.
283 */
284 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
285 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
286 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
287 return;
288 }
289 #endif /* CONFIG_IBSS_RSN */
290
291 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
292 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
293
294 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
295 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
296 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
297 else
298 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
299
300 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
301 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
302 eapol_conf.accept_802_1x_keys = 1;
303 eapol_conf.required_keys = 0;
304 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
305 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
306 }
307 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
308 eapol_conf.required_keys |=
309 EAPOL_REQUIRE_KEY_BROADCAST;
310 }
311
312 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
313 eapol_conf.required_keys = 0;
314 }
315 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
316 eapol_conf.workaround = ssid->eap_workaround;
317 eapol_conf.eap_disabled =
318 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
319 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
320 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
321 eapol_conf.external_sim = wpa_s->conf->external_sim;
322
323 #ifdef CONFIG_WPS
324 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
325 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
326 if (wpa_s->current_bss) {
327 struct wpabuf *ie;
328 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
329 WPS_IE_VENDOR_TYPE);
330 if (ie) {
331 if (wps_is_20(ie))
332 eapol_conf.wps |=
333 EAPOL_PEER_IS_WPS20_AP;
334 wpabuf_free(ie);
335 }
336 }
337 }
338 #endif /* CONFIG_WPS */
339
340 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
341
342 #ifdef CONFIG_MACSEC
343 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
344 ieee802_1x_create_preshared_mka(wpa_s, ssid);
345 else
346 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
347 #endif /* CONFIG_MACSEC */
348 #endif /* IEEE8021X_EAPOL */
349 }
350
351
352 /**
353 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
354 * @wpa_s: Pointer to wpa_supplicant data
355 * @ssid: Configuration data for the network
356 *
357 * This function is used to configure WPA state machine and related parameters
358 * to a mode where WPA is not enabled. This is called as part of the
359 * authentication configuration when the selected network does not use WPA.
360 */
361 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
362 struct wpa_ssid *ssid)
363 {
364 int i;
365
366 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
367 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
368 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
369 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
370 else
371 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
372 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
373 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
374 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
375 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
376 wpa_s->group_cipher = WPA_CIPHER_NONE;
377 wpa_s->mgmt_group_cipher = 0;
378
379 for (i = 0; i < NUM_WEP_KEYS; i++) {
380 if (ssid->wep_key_len[i] > 5) {
381 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
382 wpa_s->group_cipher = WPA_CIPHER_WEP104;
383 break;
384 } else if (ssid->wep_key_len[i] > 0) {
385 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
386 wpa_s->group_cipher = WPA_CIPHER_WEP40;
387 break;
388 }
389 }
390
391 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
392 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
393 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
394 wpa_s->pairwise_cipher);
395 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
396 #ifdef CONFIG_IEEE80211W
397 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
398 wpa_s->mgmt_group_cipher);
399 #endif /* CONFIG_IEEE80211W */
400
401 pmksa_cache_clear_current(wpa_s->wpa);
402 }
403
404
405 void free_hw_features(struct wpa_supplicant *wpa_s)
406 {
407 int i;
408 if (wpa_s->hw.modes == NULL)
409 return;
410
411 for (i = 0; i < wpa_s->hw.num_modes; i++) {
412 os_free(wpa_s->hw.modes[i].channels);
413 os_free(wpa_s->hw.modes[i].rates);
414 }
415
416 os_free(wpa_s->hw.modes);
417 wpa_s->hw.modes = NULL;
418 }
419
420
421 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
422 {
423 struct wpa_bss_tmp_disallowed *bss, *prev;
424
425 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
426 struct wpa_bss_tmp_disallowed, list) {
427 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
428 dl_list_del(&bss->list);
429 os_free(bss);
430 }
431 }
432
433
434 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
435 {
436 struct fils_hlp_req *req;
437
438 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
439 list)) != NULL) {
440 dl_list_del(&req->list);
441 wpabuf_free(req->pkt);
442 os_free(req);
443 }
444 }
445
446
447 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
448 {
449 int i;
450
451 bgscan_deinit(wpa_s);
452 autoscan_deinit(wpa_s);
453 scard_deinit(wpa_s->scard);
454 wpa_s->scard = NULL;
455 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
456 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
457 l2_packet_deinit(wpa_s->l2);
458 wpa_s->l2 = NULL;
459 if (wpa_s->l2_br) {
460 l2_packet_deinit(wpa_s->l2_br);
461 wpa_s->l2_br = NULL;
462 }
463 #ifdef CONFIG_TESTING_OPTIONS
464 l2_packet_deinit(wpa_s->l2_test);
465 wpa_s->l2_test = NULL;
466 os_free(wpa_s->get_pref_freq_list_override);
467 wpa_s->get_pref_freq_list_override = NULL;
468 #endif /* CONFIG_TESTING_OPTIONS */
469
470 if (wpa_s->conf != NULL) {
471 struct wpa_ssid *ssid;
472 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
473 wpas_notify_network_removed(wpa_s, ssid);
474 }
475
476 os_free(wpa_s->confname);
477 wpa_s->confname = NULL;
478
479 os_free(wpa_s->confanother);
480 wpa_s->confanother = NULL;
481
482 wpa_sm_set_eapol(wpa_s->wpa, NULL);
483 eapol_sm_deinit(wpa_s->eapol);
484 wpa_s->eapol = NULL;
485
486 rsn_preauth_deinit(wpa_s->wpa);
487
488 #ifdef CONFIG_TDLS
489 wpa_tdls_deinit(wpa_s->wpa);
490 #endif /* CONFIG_TDLS */
491
492 wmm_ac_clear_saved_tspecs(wpa_s);
493 pmksa_candidate_free(wpa_s->wpa);
494 wpa_sm_deinit(wpa_s->wpa);
495 wpa_s->wpa = NULL;
496 wpa_blacklist_clear(wpa_s);
497
498 wpa_bss_deinit(wpa_s);
499
500 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
501 wpa_supplicant_cancel_scan(wpa_s);
502 wpa_supplicant_cancel_auth_timeout(wpa_s);
503 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
504 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
505 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
506 wpa_s, NULL);
507 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
508
509 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
510
511 wpas_wps_deinit(wpa_s);
512
513 wpabuf_free(wpa_s->pending_eapol_rx);
514 wpa_s->pending_eapol_rx = NULL;
515
516 #ifdef CONFIG_IBSS_RSN
517 ibss_rsn_deinit(wpa_s->ibss_rsn);
518 wpa_s->ibss_rsn = NULL;
519 #endif /* CONFIG_IBSS_RSN */
520
521 sme_deinit(wpa_s);
522
523 #ifdef CONFIG_AP
524 wpa_supplicant_ap_deinit(wpa_s);
525 #endif /* CONFIG_AP */
526
527 wpas_p2p_deinit(wpa_s);
528
529 #ifdef CONFIG_OFFCHANNEL
530 offchannel_deinit(wpa_s);
531 #endif /* CONFIG_OFFCHANNEL */
532
533 wpa_supplicant_cancel_sched_scan(wpa_s);
534
535 os_free(wpa_s->next_scan_freqs);
536 wpa_s->next_scan_freqs = NULL;
537
538 os_free(wpa_s->manual_scan_freqs);
539 wpa_s->manual_scan_freqs = NULL;
540 os_free(wpa_s->select_network_scan_freqs);
541 wpa_s->select_network_scan_freqs = NULL;
542
543 os_free(wpa_s->manual_sched_scan_freqs);
544 wpa_s->manual_sched_scan_freqs = NULL;
545
546 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
547
548 /*
549 * Need to remove any pending gas-query radio work before the
550 * gas_query_deinit() call because gas_query::work has not yet been set
551 * for works that have not been started. gas_query_free() will be unable
552 * to cancel such pending radio works and once the pending gas-query
553 * radio work eventually gets removed, the deinit notification call to
554 * gas_query_start_cb() would result in dereferencing freed memory.
555 */
556 if (wpa_s->radio)
557 radio_remove_works(wpa_s, "gas-query", 0);
558 gas_query_deinit(wpa_s->gas);
559 wpa_s->gas = NULL;
560 gas_server_deinit(wpa_s->gas_server);
561 wpa_s->gas_server = NULL;
562
563 free_hw_features(wpa_s);
564
565 ieee802_1x_dealloc_kay_sm(wpa_s);
566
567 os_free(wpa_s->bssid_filter);
568 wpa_s->bssid_filter = NULL;
569
570 os_free(wpa_s->disallow_aps_bssid);
571 wpa_s->disallow_aps_bssid = NULL;
572 os_free(wpa_s->disallow_aps_ssid);
573 wpa_s->disallow_aps_ssid = NULL;
574
575 wnm_bss_keep_alive_deinit(wpa_s);
576 #ifdef CONFIG_WNM
577 wnm_deallocate_memory(wpa_s);
578 #endif /* CONFIG_WNM */
579
580 ext_password_deinit(wpa_s->ext_pw);
581 wpa_s->ext_pw = NULL;
582
583 wpabuf_free(wpa_s->last_gas_resp);
584 wpa_s->last_gas_resp = NULL;
585 wpabuf_free(wpa_s->prev_gas_resp);
586 wpa_s->prev_gas_resp = NULL;
587
588 os_free(wpa_s->last_scan_res);
589 wpa_s->last_scan_res = NULL;
590
591 #ifdef CONFIG_HS20
592 if (wpa_s->drv_priv)
593 wpa_drv_configure_frame_filters(wpa_s, 0);
594 hs20_deinit(wpa_s);
595 #endif /* CONFIG_HS20 */
596
597 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
598 wpabuf_free(wpa_s->vendor_elem[i]);
599 wpa_s->vendor_elem[i] = NULL;
600 }
601
602 wmm_ac_notify_disassoc(wpa_s);
603
604 wpa_s->sched_scan_plans_num = 0;
605 os_free(wpa_s->sched_scan_plans);
606 wpa_s->sched_scan_plans = NULL;
607
608 #ifdef CONFIG_MBO
609 wpa_s->non_pref_chan_num = 0;
610 os_free(wpa_s->non_pref_chan);
611 wpa_s->non_pref_chan = NULL;
612 #endif /* CONFIG_MBO */
613
614 free_bss_tmp_disallowed(wpa_s);
615
616 wpabuf_free(wpa_s->lci);
617 wpa_s->lci = NULL;
618 wpas_clear_beacon_rep_data(wpa_s);
619
620 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
621 #ifdef CONFIG_MESH
622 {
623 struct external_pmksa_cache *entry;
624
625 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
626 struct external_pmksa_cache,
627 list)) != NULL) {
628 dl_list_del(&entry->list);
629 os_free(entry->pmksa_cache);
630 os_free(entry);
631 }
632 }
633 #endif /* CONFIG_MESH */
634 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
635
636 wpas_flush_fils_hlp_req(wpa_s);
637
638 wpabuf_free(wpa_s->ric_ies);
639 wpa_s->ric_ies = NULL;
640
641 #ifdef CONFIG_DPP
642 wpas_dpp_deinit(wpa_s);
643 #endif /* CONFIG_DPP */
644 }
645
646
647 /**
648 * wpa_clear_keys - Clear keys configured for the driver
649 * @wpa_s: Pointer to wpa_supplicant data
650 * @addr: Previously used BSSID or %NULL if not available
651 *
652 * This function clears the encryption keys that has been previously configured
653 * for the driver.
654 */
655 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
656 {
657 int i, max;
658
659 #ifdef CONFIG_IEEE80211W
660 max = 6;
661 #else /* CONFIG_IEEE80211W */
662 max = 4;
663 #endif /* CONFIG_IEEE80211W */
664
665 /* MLME-DELETEKEYS.request */
666 for (i = 0; i < max; i++) {
667 if (wpa_s->keys_cleared & BIT(i))
668 continue;
669 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
670 NULL, 0);
671 }
672 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
673 !is_zero_ether_addr(addr)) {
674 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
675 0);
676 /* MLME-SETPROTECTION.request(None) */
677 wpa_drv_mlme_setprotection(
678 wpa_s, addr,
679 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
680 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
681 }
682 wpa_s->keys_cleared = (u32) -1;
683 }
684
685
686 /**
687 * wpa_supplicant_state_txt - Get the connection state name as a text string
688 * @state: State (wpa_state; WPA_*)
689 * Returns: The state name as a printable text string
690 */
691 const char * wpa_supplicant_state_txt(enum wpa_states state)
692 {
693 switch (state) {
694 case WPA_DISCONNECTED:
695 return "DISCONNECTED";
696 case WPA_INACTIVE:
697 return "INACTIVE";
698 case WPA_INTERFACE_DISABLED:
699 return "INTERFACE_DISABLED";
700 case WPA_SCANNING:
701 return "SCANNING";
702 case WPA_AUTHENTICATING:
703 return "AUTHENTICATING";
704 case WPA_ASSOCIATING:
705 return "ASSOCIATING";
706 case WPA_ASSOCIATED:
707 return "ASSOCIATED";
708 case WPA_4WAY_HANDSHAKE:
709 return "4WAY_HANDSHAKE";
710 case WPA_GROUP_HANDSHAKE:
711 return "GROUP_HANDSHAKE";
712 case WPA_COMPLETED:
713 return "COMPLETED";
714 default:
715 return "UNKNOWN";
716 }
717 }
718
719
720 #ifdef CONFIG_BGSCAN
721
722 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
723 {
724 const char *name;
725
726 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
727 name = wpa_s->current_ssid->bgscan;
728 else
729 name = wpa_s->conf->bgscan;
730 if (name == NULL || name[0] == '\0')
731 return;
732 if (wpas_driver_bss_selection(wpa_s))
733 return;
734 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
735 return;
736 #ifdef CONFIG_P2P
737 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
738 return;
739 #endif /* CONFIG_P2P */
740
741 bgscan_deinit(wpa_s);
742 if (wpa_s->current_ssid) {
743 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
744 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
745 "bgscan");
746 /*
747 * Live without bgscan; it is only used as a roaming
748 * optimization, so the initial connection is not
749 * affected.
750 */
751 } else {
752 struct wpa_scan_results *scan_res;
753 wpa_s->bgscan_ssid = wpa_s->current_ssid;
754 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
755 0);
756 if (scan_res) {
757 bgscan_notify_scan(wpa_s, scan_res);
758 wpa_scan_results_free(scan_res);
759 }
760 }
761 } else
762 wpa_s->bgscan_ssid = NULL;
763 }
764
765
766 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
767 {
768 if (wpa_s->bgscan_ssid != NULL) {
769 bgscan_deinit(wpa_s);
770 wpa_s->bgscan_ssid = NULL;
771 }
772 }
773
774 #endif /* CONFIG_BGSCAN */
775
776
777 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
778 {
779 if (autoscan_init(wpa_s, 0))
780 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
781 }
782
783
784 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
785 {
786 autoscan_deinit(wpa_s);
787 }
788
789
790 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
791 {
792 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
793 wpa_s->wpa_state == WPA_SCANNING) {
794 autoscan_deinit(wpa_s);
795 wpa_supplicant_start_autoscan(wpa_s);
796 }
797 }
798
799
800 /**
801 * wpa_supplicant_set_state - Set current connection state
802 * @wpa_s: Pointer to wpa_supplicant data
803 * @state: The new connection state
804 *
805 * This function is called whenever the connection state changes, e.g.,
806 * association is completed for WPA/WPA2 4-Way Handshake is started.
807 */
808 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
809 enum wpa_states state)
810 {
811 enum wpa_states old_state = wpa_s->wpa_state;
812
813 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
814 wpa_supplicant_state_txt(wpa_s->wpa_state),
815 wpa_supplicant_state_txt(state));
816
817 if (state == WPA_INTERFACE_DISABLED) {
818 /* Assure normal scan when interface is restored */
819 wpa_s->normal_scans = 0;
820 }
821
822 if (state == WPA_COMPLETED) {
823 wpas_connect_work_done(wpa_s);
824 /* Reinitialize normal_scan counter */
825 wpa_s->normal_scans = 0;
826 }
827
828 #ifdef CONFIG_P2P
829 /*
830 * P2PS client has to reply to Probe Request frames received on the
831 * group operating channel. Enable Probe Request frame reporting for
832 * P2P connected client in case p2p_cli_probe configuration property is
833 * set to 1.
834 */
835 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
836 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
837 wpa_s->current_ssid->p2p_group) {
838 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
839 wpa_dbg(wpa_s, MSG_DEBUG,
840 "P2P: Enable CLI Probe Request RX reporting");
841 wpa_s->p2p_cli_probe =
842 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
843 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
844 wpa_dbg(wpa_s, MSG_DEBUG,
845 "P2P: Disable CLI Probe Request RX reporting");
846 wpa_s->p2p_cli_probe = 0;
847 wpa_drv_probe_req_report(wpa_s, 0);
848 }
849 }
850 #endif /* CONFIG_P2P */
851
852 if (state != WPA_SCANNING)
853 wpa_supplicant_notify_scanning(wpa_s, 0);
854
855 if (state == WPA_COMPLETED && wpa_s->new_connection) {
856 struct wpa_ssid *ssid = wpa_s->current_ssid;
857 int fils_hlp_sent = 0;
858
859 #ifdef CONFIG_SME
860 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
861 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
862 fils_hlp_sent = 1;
863 #endif /* CONFIG_SME */
864 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
865 wpa_auth_alg_fils(wpa_s->auth_alg))
866 fils_hlp_sent = 1;
867
868 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
869 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
870 MACSTR " completed [id=%d id_str=%s%s]",
871 MAC2STR(wpa_s->bssid),
872 ssid ? ssid->id : -1,
873 ssid && ssid->id_str ? ssid->id_str : "",
874 fils_hlp_sent ? " FILS_HLP_SENT" : "");
875 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
876 wpas_clear_temp_disabled(wpa_s, ssid, 1);
877 wpa_blacklist_clear(wpa_s);
878 wpa_s->extra_blacklist_count = 0;
879 wpa_s->new_connection = 0;
880 wpa_drv_set_operstate(wpa_s, 1);
881 #ifndef IEEE8021X_EAPOL
882 wpa_drv_set_supp_port(wpa_s, 1);
883 #endif /* IEEE8021X_EAPOL */
884 wpa_s->after_wps = 0;
885 wpa_s->known_wps_freq = 0;
886 wpas_p2p_completed(wpa_s);
887
888 sme_sched_obss_scan(wpa_s, 1);
889 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
890 state == WPA_ASSOCIATED) {
891 wpa_s->new_connection = 1;
892 wpa_drv_set_operstate(wpa_s, 0);
893 #ifndef IEEE8021X_EAPOL
894 wpa_drv_set_supp_port(wpa_s, 0);
895 #endif /* IEEE8021X_EAPOL */
896 sme_sched_obss_scan(wpa_s, 0);
897 }
898 wpa_s->wpa_state = state;
899
900 #ifdef CONFIG_BGSCAN
901 if (state == WPA_COMPLETED)
902 wpa_supplicant_start_bgscan(wpa_s);
903 else if (state < WPA_ASSOCIATED)
904 wpa_supplicant_stop_bgscan(wpa_s);
905 #endif /* CONFIG_BGSCAN */
906
907 if (state == WPA_AUTHENTICATING)
908 wpa_supplicant_stop_autoscan(wpa_s);
909
910 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
911 wpa_supplicant_start_autoscan(wpa_s);
912
913 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
914 wmm_ac_notify_disassoc(wpa_s);
915
916 if (wpa_s->wpa_state != old_state) {
917 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
918
919 /*
920 * Notify the P2P Device interface about a state change in one
921 * of the interfaces.
922 */
923 wpas_p2p_indicate_state_change(wpa_s);
924
925 if (wpa_s->wpa_state == WPA_COMPLETED ||
926 old_state == WPA_COMPLETED)
927 wpas_notify_auth_changed(wpa_s);
928 }
929 }
930
931
932 void wpa_supplicant_terminate_proc(struct wpa_global *global)
933 {
934 int pending = 0;
935 #ifdef CONFIG_WPS
936 struct wpa_supplicant *wpa_s = global->ifaces;
937 while (wpa_s) {
938 struct wpa_supplicant *next = wpa_s->next;
939 if (wpas_wps_terminate_pending(wpa_s) == 1)
940 pending = 1;
941 #ifdef CONFIG_P2P
942 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
943 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
944 wpas_p2p_disconnect(wpa_s);
945 #endif /* CONFIG_P2P */
946 wpa_s = next;
947 }
948 #endif /* CONFIG_WPS */
949 if (pending)
950 return;
951 eloop_terminate();
952 }
953
954
955 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
956 {
957 struct wpa_global *global = signal_ctx;
958 wpa_supplicant_terminate_proc(global);
959 }
960
961
962 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
963 {
964 enum wpa_states old_state = wpa_s->wpa_state;
965
966 wpa_s->pairwise_cipher = 0;
967 wpa_s->group_cipher = 0;
968 wpa_s->mgmt_group_cipher = 0;
969 wpa_s->key_mgmt = 0;
970 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
971 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
972
973 if (wpa_s->wpa_state != old_state)
974 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
975 }
976
977
978 /**
979 * wpa_supplicant_reload_configuration - Reload configuration data
980 * @wpa_s: Pointer to wpa_supplicant data
981 * Returns: 0 on success or -1 if configuration parsing failed
982 *
983 * This function can be used to request that the configuration data is reloaded
984 * (e.g., after configuration file change). This function is reloading
985 * configuration only for one interface, so this may need to be called multiple
986 * times if %wpa_supplicant is controlling multiple interfaces and all
987 * interfaces need reconfiguration.
988 */
989 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
990 {
991 struct wpa_config *conf;
992 int reconf_ctrl;
993 int old_ap_scan;
994
995 if (wpa_s->confname == NULL)
996 return -1;
997 conf = wpa_config_read(wpa_s->confname, NULL);
998 if (conf == NULL) {
999 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1000 "file '%s' - exiting", wpa_s->confname);
1001 return -1;
1002 }
1003 wpa_config_read(wpa_s->confanother, conf);
1004
1005 conf->changed_parameters = (unsigned int) -1;
1006
1007 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1008 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1009 os_strcmp(conf->ctrl_interface,
1010 wpa_s->conf->ctrl_interface) != 0);
1011
1012 if (reconf_ctrl && wpa_s->ctrl_iface) {
1013 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1014 wpa_s->ctrl_iface = NULL;
1015 }
1016
1017 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1018 if (wpa_s->current_ssid) {
1019 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1020 wpa_s->own_disconnect_req = 1;
1021 wpa_supplicant_deauthenticate(wpa_s,
1022 WLAN_REASON_DEAUTH_LEAVING);
1023 }
1024
1025 /*
1026 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1027 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1028 */
1029 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1030 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1031 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1032 /*
1033 * Clear forced success to clear EAP state for next
1034 * authentication.
1035 */
1036 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1037 }
1038 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1039 wpa_sm_set_config(wpa_s->wpa, NULL);
1040 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1041 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1042 rsn_preauth_deinit(wpa_s->wpa);
1043
1044 old_ap_scan = wpa_s->conf->ap_scan;
1045 wpa_config_free(wpa_s->conf);
1046 wpa_s->conf = conf;
1047 if (old_ap_scan != wpa_s->conf->ap_scan)
1048 wpas_notify_ap_scan_changed(wpa_s);
1049
1050 if (reconf_ctrl)
1051 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1052
1053 wpa_supplicant_update_config(wpa_s);
1054
1055 wpa_supplicant_clear_status(wpa_s);
1056 if (wpa_supplicant_enabled_networks(wpa_s)) {
1057 wpa_s->reassociate = 1;
1058 wpa_supplicant_req_scan(wpa_s, 0, 0);
1059 }
1060 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1061 return 0;
1062 }
1063
1064
1065 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1066 {
1067 struct wpa_global *global = signal_ctx;
1068 struct wpa_supplicant *wpa_s;
1069 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1070 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1071 sig);
1072 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1073 wpa_supplicant_terminate_proc(global);
1074 }
1075 }
1076
1077 if (wpa_debug_reopen_file() < 0) {
1078 /* Ignore errors since we cannot really do much to fix this */
1079 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1080 }
1081 }
1082
1083
1084 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1085 struct wpa_ssid *ssid,
1086 struct wpa_ie_data *ie)
1087 {
1088 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1089 if (ret) {
1090 if (ret == -2) {
1091 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1092 "from association info");
1093 }
1094 return -1;
1095 }
1096
1097 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1098 "cipher suites");
1099 if (!(ie->group_cipher & ssid->group_cipher)) {
1100 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1101 "cipher 0x%x (mask 0x%x) - reject",
1102 ie->group_cipher, ssid->group_cipher);
1103 return -1;
1104 }
1105 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1106 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1107 "cipher 0x%x (mask 0x%x) - reject",
1108 ie->pairwise_cipher, ssid->pairwise_cipher);
1109 return -1;
1110 }
1111 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1112 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1113 "management 0x%x (mask 0x%x) - reject",
1114 ie->key_mgmt, ssid->key_mgmt);
1115 return -1;
1116 }
1117
1118 #ifdef CONFIG_IEEE80211W
1119 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1120 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1121 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1122 "that does not support management frame protection - "
1123 "reject");
1124 return -1;
1125 }
1126 #endif /* CONFIG_IEEE80211W */
1127
1128 return 0;
1129 }
1130
1131
1132 /**
1133 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1134 * @wpa_s: Pointer to wpa_supplicant data
1135 * @bss: Scan results for the selected BSS, or %NULL if not available
1136 * @ssid: Configuration data for the selected network
1137 * @wpa_ie: Buffer for the WPA/RSN IE
1138 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1139 * used buffer length in case the functions returns success.
1140 * Returns: 0 on success or -1 on failure
1141 *
1142 * This function is used to configure authentication and encryption parameters
1143 * based on the network configuration and scan result for the selected BSS (if
1144 * available).
1145 */
1146 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1147 struct wpa_bss *bss, struct wpa_ssid *ssid,
1148 u8 *wpa_ie, size_t *wpa_ie_len)
1149 {
1150 struct wpa_ie_data ie;
1151 int sel, proto;
1152 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1153
1154 if (bss) {
1155 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1156 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1157 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1158 } else
1159 bss_wpa = bss_rsn = bss_osen = NULL;
1160
1161 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1162 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1163 (ie.group_cipher & ssid->group_cipher) &&
1164 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1165 (ie.key_mgmt & ssid->key_mgmt)) {
1166 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1167 proto = WPA_PROTO_RSN;
1168 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1169 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1170 (ie.group_cipher & ssid->group_cipher) &&
1171 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1172 (ie.key_mgmt & ssid->key_mgmt)) {
1173 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1174 proto = WPA_PROTO_WPA;
1175 #ifdef CONFIG_HS20
1176 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1177 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1178 /* TODO: parse OSEN element */
1179 os_memset(&ie, 0, sizeof(ie));
1180 ie.group_cipher = WPA_CIPHER_CCMP;
1181 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1182 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1183 proto = WPA_PROTO_OSEN;
1184 #endif /* CONFIG_HS20 */
1185 } else if (bss) {
1186 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1187 wpa_dbg(wpa_s, MSG_DEBUG,
1188 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1189 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1190 ssid->key_mgmt);
1191 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1192 MAC2STR(bss->bssid),
1193 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1194 bss_wpa ? " WPA" : "",
1195 bss_rsn ? " RSN" : "",
1196 bss_osen ? " OSEN" : "");
1197 if (bss_rsn) {
1198 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1199 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1200 wpa_dbg(wpa_s, MSG_DEBUG,
1201 "Could not parse RSN element");
1202 } else {
1203 wpa_dbg(wpa_s, MSG_DEBUG,
1204 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1205 ie.pairwise_cipher, ie.group_cipher,
1206 ie.key_mgmt);
1207 }
1208 }
1209 if (bss_wpa) {
1210 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1211 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1212 wpa_dbg(wpa_s, MSG_DEBUG,
1213 "Could not parse WPA element");
1214 } else {
1215 wpa_dbg(wpa_s, MSG_DEBUG,
1216 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1217 ie.pairwise_cipher, ie.group_cipher,
1218 ie.key_mgmt);
1219 }
1220 }
1221 return -1;
1222 } else {
1223 if (ssid->proto & WPA_PROTO_OSEN)
1224 proto = WPA_PROTO_OSEN;
1225 else if (ssid->proto & WPA_PROTO_RSN)
1226 proto = WPA_PROTO_RSN;
1227 else
1228 proto = WPA_PROTO_WPA;
1229 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1230 os_memset(&ie, 0, sizeof(ie));
1231 ie.group_cipher = ssid->group_cipher;
1232 ie.pairwise_cipher = ssid->pairwise_cipher;
1233 ie.key_mgmt = ssid->key_mgmt;
1234 #ifdef CONFIG_IEEE80211W
1235 ie.mgmt_group_cipher = 0;
1236 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1237 if (ssid->group_mgmt_cipher &
1238 WPA_CIPHER_BIP_GMAC_256)
1239 ie.mgmt_group_cipher =
1240 WPA_CIPHER_BIP_GMAC_256;
1241 else if (ssid->group_mgmt_cipher &
1242 WPA_CIPHER_BIP_CMAC_256)
1243 ie.mgmt_group_cipher =
1244 WPA_CIPHER_BIP_CMAC_256;
1245 else if (ssid->group_mgmt_cipher &
1246 WPA_CIPHER_BIP_GMAC_128)
1247 ie.mgmt_group_cipher =
1248 WPA_CIPHER_BIP_GMAC_128;
1249 else
1250 ie.mgmt_group_cipher =
1251 WPA_CIPHER_AES_128_CMAC;
1252 }
1253 #endif /* CONFIG_IEEE80211W */
1254 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1255 "based on configuration");
1256 } else
1257 proto = ie.proto;
1258 }
1259
1260 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1261 "pairwise %d key_mgmt %d proto %d",
1262 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1263 #ifdef CONFIG_IEEE80211W
1264 if (ssid->ieee80211w) {
1265 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1266 ie.mgmt_group_cipher);
1267 }
1268 #endif /* CONFIG_IEEE80211W */
1269
1270 wpa_s->wpa_proto = proto;
1271 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1272 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1273 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1274
1275 if (bss || !wpa_s->ap_ies_from_associnfo) {
1276 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1277 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1278 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1279 bss_rsn ? 2 + bss_rsn[1] : 0))
1280 return -1;
1281 }
1282
1283 #ifdef CONFIG_NO_WPA
1284 wpa_s->group_cipher = WPA_CIPHER_NONE;
1285 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1286 #else /* CONFIG_NO_WPA */
1287 sel = ie.group_cipher & ssid->group_cipher;
1288 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1289 if (wpa_s->group_cipher < 0) {
1290 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1291 "cipher");
1292 return -1;
1293 }
1294 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1295 wpa_cipher_txt(wpa_s->group_cipher));
1296
1297 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1298 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1299 if (wpa_s->pairwise_cipher < 0) {
1300 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1301 "cipher");
1302 return -1;
1303 }
1304 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1305 wpa_cipher_txt(wpa_s->pairwise_cipher));
1306 #endif /* CONFIG_NO_WPA */
1307
1308 sel = ie.key_mgmt & ssid->key_mgmt;
1309 #ifdef CONFIG_SAE
1310 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1311 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1312 #endif /* CONFIG_SAE */
1313 if (0) {
1314 #ifdef CONFIG_SUITEB192
1315 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1316 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1317 wpa_dbg(wpa_s, MSG_DEBUG,
1318 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1319 #endif /* CONFIG_SUITEB192 */
1320 #ifdef CONFIG_SUITEB
1321 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1322 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1323 wpa_dbg(wpa_s, MSG_DEBUG,
1324 "WPA: using KEY_MGMT 802.1X with Suite B");
1325 #endif /* CONFIG_SUITEB */
1326 #ifdef CONFIG_FILS
1327 #ifdef CONFIG_IEEE80211R
1328 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1329 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1330 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1331 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1332 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1333 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1334 #endif /* CONFIG_IEEE80211R */
1335 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1336 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1337 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1338 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1339 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1340 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1341 #endif /* CONFIG_FILS */
1342 #ifdef CONFIG_IEEE80211R
1343 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1344 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1345 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1346 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1347 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1348 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1349 #endif /* CONFIG_IEEE80211R */
1350 #ifdef CONFIG_SAE
1351 } else if (sel & WPA_KEY_MGMT_SAE) {
1352 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1353 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1354 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1355 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1356 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1357 #endif /* CONFIG_SAE */
1358 #ifdef CONFIG_IEEE80211W
1359 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1360 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1361 wpa_dbg(wpa_s, MSG_DEBUG,
1362 "WPA: using KEY_MGMT 802.1X with SHA256");
1363 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1364 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1365 wpa_dbg(wpa_s, MSG_DEBUG,
1366 "WPA: using KEY_MGMT PSK with SHA256");
1367 #endif /* CONFIG_IEEE80211W */
1368 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1369 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1370 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1371 } else if (sel & WPA_KEY_MGMT_PSK) {
1372 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1373 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1374 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1375 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1376 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1377 #ifdef CONFIG_HS20
1378 } else if (sel & WPA_KEY_MGMT_OSEN) {
1379 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1380 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1381 #endif /* CONFIG_HS20 */
1382 #ifdef CONFIG_OWE
1383 } else if (sel & WPA_KEY_MGMT_OWE) {
1384 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1385 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1386 #endif /* CONFIG_OWE */
1387 #ifdef CONFIG_DPP
1388 } else if (sel & WPA_KEY_MGMT_DPP) {
1389 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1390 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1391 #endif /* CONFIG_DPP */
1392 } else {
1393 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1394 "authenticated key management type");
1395 return -1;
1396 }
1397
1398 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1399 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1400 wpa_s->pairwise_cipher);
1401 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1402
1403 #ifdef CONFIG_IEEE80211W
1404 sel = ie.mgmt_group_cipher;
1405 if (ssid->group_mgmt_cipher)
1406 sel &= ssid->group_mgmt_cipher;
1407 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1408 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1409 sel = 0;
1410 if (sel & WPA_CIPHER_AES_128_CMAC) {
1411 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1412 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1413 "AES-128-CMAC");
1414 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1415 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1416 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1417 "BIP-GMAC-128");
1418 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1419 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1420 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1421 "BIP-GMAC-256");
1422 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1423 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1424 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1425 "BIP-CMAC-256");
1426 } else {
1427 wpa_s->mgmt_group_cipher = 0;
1428 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1429 }
1430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1431 wpa_s->mgmt_group_cipher);
1432 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1433 wpas_get_ssid_pmf(wpa_s, ssid));
1434 #endif /* CONFIG_IEEE80211W */
1435
1436 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1437 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1438 return -1;
1439 }
1440
1441 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1442 int psk_set = 0;
1443
1444 if (ssid->psk_set) {
1445 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1446 NULL);
1447 psk_set = 1;
1448 }
1449
1450 if (wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password)
1451 psk_set = 1;
1452
1453 #ifndef CONFIG_NO_PBKDF2
1454 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1455 ssid->passphrase) {
1456 u8 psk[PMK_LEN];
1457 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1458 4096, psk, PMK_LEN);
1459 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1460 psk, PMK_LEN);
1461 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1462 psk_set = 1;
1463 os_memset(psk, 0, sizeof(psk));
1464 }
1465 #endif /* CONFIG_NO_PBKDF2 */
1466 #ifdef CONFIG_EXT_PASSWORD
1467 if (ssid->ext_psk) {
1468 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1469 ssid->ext_psk);
1470 char pw_str[64 + 1];
1471 u8 psk[PMK_LEN];
1472
1473 if (pw == NULL) {
1474 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1475 "found from external storage");
1476 return -1;
1477 }
1478
1479 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1480 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1481 "PSK length %d in external storage",
1482 (int) wpabuf_len(pw));
1483 ext_password_free(pw);
1484 return -1;
1485 }
1486
1487 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1488 pw_str[wpabuf_len(pw)] = '\0';
1489
1490 #ifndef CONFIG_NO_PBKDF2
1491 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1492 {
1493 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1494 4096, psk, PMK_LEN);
1495 os_memset(pw_str, 0, sizeof(pw_str));
1496 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1497 "external passphrase)",
1498 psk, PMK_LEN);
1499 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1500 NULL);
1501 psk_set = 1;
1502 os_memset(psk, 0, sizeof(psk));
1503 } else
1504 #endif /* CONFIG_NO_PBKDF2 */
1505 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1506 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1507 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1508 "Invalid PSK hex string");
1509 os_memset(pw_str, 0, sizeof(pw_str));
1510 ext_password_free(pw);
1511 return -1;
1512 }
1513 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1514 NULL);
1515 psk_set = 1;
1516 os_memset(psk, 0, sizeof(psk));
1517 } else {
1518 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1519 "PSK available");
1520 os_memset(pw_str, 0, sizeof(pw_str));
1521 ext_password_free(pw);
1522 return -1;
1523 }
1524
1525 os_memset(pw_str, 0, sizeof(pw_str));
1526 ext_password_free(pw);
1527 }
1528 #endif /* CONFIG_EXT_PASSWORD */
1529
1530 if (!psk_set) {
1531 wpa_msg(wpa_s, MSG_INFO,
1532 "No PSK available for association");
1533 return -1;
1534 }
1535 #ifdef CONFIG_OWE
1536 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1537 /* OWE Diffie-Hellman exchange in (Re)Association
1538 * Request/Response frames set the PMK, so do not override it
1539 * here. */
1540 #endif /* CONFIG_OWE */
1541 } else
1542 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1543
1544 return 0;
1545 }
1546
1547
1548 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1549 {
1550 *pos = 0x00;
1551
1552 switch (idx) {
1553 case 0: /* Bits 0-7 */
1554 break;
1555 case 1: /* Bits 8-15 */
1556 break;
1557 case 2: /* Bits 16-23 */
1558 #ifdef CONFIG_WNM
1559 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1560 *pos |= 0x08; /* Bit 19 - BSS Transition */
1561 #endif /* CONFIG_WNM */
1562 break;
1563 case 3: /* Bits 24-31 */
1564 #ifdef CONFIG_WNM
1565 *pos |= 0x02; /* Bit 25 - SSID List */
1566 #endif /* CONFIG_WNM */
1567 #ifdef CONFIG_INTERWORKING
1568 if (wpa_s->conf->interworking)
1569 *pos |= 0x80; /* Bit 31 - Interworking */
1570 #endif /* CONFIG_INTERWORKING */
1571 break;
1572 case 4: /* Bits 32-39 */
1573 #ifdef CONFIG_INTERWORKING
1574 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1575 *pos |= 0x01; /* Bit 32 - QoS Map */
1576 #endif /* CONFIG_INTERWORKING */
1577 break;
1578 case 5: /* Bits 40-47 */
1579 #ifdef CONFIG_HS20
1580 if (wpa_s->conf->hs20)
1581 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1582 #endif /* CONFIG_HS20 */
1583 #ifdef CONFIG_MBO
1584 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1585 #endif /* CONFIG_MBO */
1586 break;
1587 case 6: /* Bits 48-55 */
1588 break;
1589 case 7: /* Bits 56-63 */
1590 break;
1591 case 8: /* Bits 64-71 */
1592 if (wpa_s->conf->ftm_responder)
1593 *pos |= 0x40; /* Bit 70 - FTM responder */
1594 if (wpa_s->conf->ftm_initiator)
1595 *pos |= 0x80; /* Bit 71 - FTM initiator */
1596 break;
1597 case 9: /* Bits 72-79 */
1598 #ifdef CONFIG_FILS
1599 *pos |= 0x01;
1600 #endif /* CONFIG_FILS */
1601 break;
1602 }
1603 }
1604
1605
1606 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1607 {
1608 u8 *pos = buf;
1609 u8 len = 10, i;
1610
1611 if (len < wpa_s->extended_capa_len)
1612 len = wpa_s->extended_capa_len;
1613 if (buflen < (size_t) len + 2) {
1614 wpa_printf(MSG_INFO,
1615 "Not enough room for building extended capabilities element");
1616 return -1;
1617 }
1618
1619 *pos++ = WLAN_EID_EXT_CAPAB;
1620 *pos++ = len;
1621 for (i = 0; i < len; i++, pos++) {
1622 wpas_ext_capab_byte(wpa_s, pos, i);
1623
1624 if (i < wpa_s->extended_capa_len) {
1625 *pos &= ~wpa_s->extended_capa_mask[i];
1626 *pos |= wpa_s->extended_capa[i];
1627 }
1628 }
1629
1630 while (len > 0 && buf[1 + len] == 0) {
1631 len--;
1632 buf[1] = len;
1633 }
1634 if (len == 0)
1635 return 0;
1636
1637 return 2 + len;
1638 }
1639
1640
1641 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1642 struct wpa_bss *test_bss)
1643 {
1644 struct wpa_bss *bss;
1645
1646 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1647 if (bss == test_bss)
1648 return 1;
1649 }
1650
1651 return 0;
1652 }
1653
1654
1655 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1656 struct wpa_ssid *test_ssid)
1657 {
1658 struct wpa_ssid *ssid;
1659
1660 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1661 if (ssid == test_ssid)
1662 return 1;
1663 }
1664
1665 return 0;
1666 }
1667
1668
1669 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1670 struct wpa_ssid *test_ssid)
1671 {
1672 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1673 return 0;
1674
1675 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1676 }
1677
1678
1679 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1680 {
1681 if (cwork == NULL)
1682 return;
1683 os_free(cwork);
1684 }
1685
1686
1687 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1688 {
1689 struct wpa_connect_work *cwork;
1690 struct wpa_radio_work *work = wpa_s->connect_work;
1691
1692 if (!work)
1693 return;
1694
1695 wpa_s->connect_work = NULL;
1696 cwork = work->ctx;
1697 work->ctx = NULL;
1698 wpas_connect_work_free(cwork);
1699 radio_work_done(work);
1700 }
1701
1702
1703 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1704 {
1705 struct os_reltime now;
1706 u8 addr[ETH_ALEN];
1707
1708 os_get_reltime(&now);
1709 if (wpa_s->last_mac_addr_style == style &&
1710 wpa_s->last_mac_addr_change.sec != 0 &&
1711 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1712 wpa_s->conf->rand_addr_lifetime)) {
1713 wpa_msg(wpa_s, MSG_DEBUG,
1714 "Previously selected random MAC address has not yet expired");
1715 return 0;
1716 }
1717
1718 switch (style) {
1719 case 1:
1720 if (random_mac_addr(addr) < 0)
1721 return -1;
1722 break;
1723 case 2:
1724 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1725 if (random_mac_addr_keep_oui(addr) < 0)
1726 return -1;
1727 break;
1728 default:
1729 return -1;
1730 }
1731
1732 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1733 wpa_msg(wpa_s, MSG_INFO,
1734 "Failed to set random MAC address");
1735 return -1;
1736 }
1737
1738 os_get_reltime(&wpa_s->last_mac_addr_change);
1739 wpa_s->mac_addr_changed = 1;
1740 wpa_s->last_mac_addr_style = style;
1741
1742 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1743 wpa_msg(wpa_s, MSG_INFO,
1744 "Could not update MAC address information");
1745 return -1;
1746 }
1747
1748 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1749 MAC2STR(addr));
1750
1751 return 0;
1752 }
1753
1754
1755 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1756 {
1757 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1758 !wpa_s->conf->preassoc_mac_addr)
1759 return 0;
1760
1761 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1762 }
1763
1764
1765 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1766
1767 /**
1768 * wpa_supplicant_associate - Request association
1769 * @wpa_s: Pointer to wpa_supplicant data
1770 * @bss: Scan results for the selected BSS, or %NULL if not available
1771 * @ssid: Configuration data for the selected network
1772 *
1773 * This function is used to request %wpa_supplicant to associate with a BSS.
1774 */
1775 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1776 struct wpa_bss *bss, struct wpa_ssid *ssid)
1777 {
1778 struct wpa_connect_work *cwork;
1779 int rand_style;
1780
1781 wpa_s->own_disconnect_req = 0;
1782
1783 /*
1784 * If we are starting a new connection, any previously pending EAPOL
1785 * RX cannot be valid anymore.
1786 */
1787 wpabuf_free(wpa_s->pending_eapol_rx);
1788 wpa_s->pending_eapol_rx = NULL;
1789
1790 if (ssid->mac_addr == -1)
1791 rand_style = wpa_s->conf->mac_addr;
1792 else
1793 rand_style = ssid->mac_addr;
1794
1795 wmm_ac_clear_saved_tspecs(wpa_s);
1796 wpa_s->reassoc_same_bss = 0;
1797 wpa_s->reassoc_same_ess = 0;
1798
1799 if (wpa_s->last_ssid == ssid) {
1800 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1801 wpa_s->reassoc_same_ess = 1;
1802 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1803 wmm_ac_save_tspecs(wpa_s);
1804 wpa_s->reassoc_same_bss = 1;
1805 }
1806 }
1807
1808 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
1809 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1810 return;
1811 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1812 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
1813 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1814 wpa_msg(wpa_s, MSG_INFO,
1815 "Could not restore permanent MAC address");
1816 return;
1817 }
1818 wpa_s->mac_addr_changed = 0;
1819 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1820 wpa_msg(wpa_s, MSG_INFO,
1821 "Could not update MAC address information");
1822 return;
1823 }
1824 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1825 }
1826 wpa_s->last_ssid = ssid;
1827
1828 #ifdef CONFIG_IBSS_RSN
1829 ibss_rsn_deinit(wpa_s->ibss_rsn);
1830 wpa_s->ibss_rsn = NULL;
1831 #else /* CONFIG_IBSS_RSN */
1832 if (ssid->mode == WPAS_MODE_IBSS &&
1833 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1834 wpa_msg(wpa_s, MSG_INFO,
1835 "IBSS RSN not supported in the build");
1836 return;
1837 }
1838 #endif /* CONFIG_IBSS_RSN */
1839
1840 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1841 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1842 #ifdef CONFIG_AP
1843 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1844 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1845 "mode");
1846 return;
1847 }
1848 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1849 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1850 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1851 wpas_p2p_ap_setup_failed(wpa_s);
1852 return;
1853 }
1854 wpa_s->current_bss = bss;
1855 #else /* CONFIG_AP */
1856 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1857 "the build");
1858 #endif /* CONFIG_AP */
1859 return;
1860 }
1861
1862 if (ssid->mode == WPAS_MODE_MESH) {
1863 #ifdef CONFIG_MESH
1864 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1865 wpa_msg(wpa_s, MSG_INFO,
1866 "Driver does not support mesh mode");
1867 return;
1868 }
1869 if (bss)
1870 ssid->frequency = bss->freq;
1871 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1872 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1873 return;
1874 }
1875 wpa_s->current_bss = bss;
1876 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1877 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1878 ssid->id);
1879 wpas_notify_mesh_group_started(wpa_s, ssid);
1880 #else /* CONFIG_MESH */
1881 wpa_msg(wpa_s, MSG_ERROR,
1882 "mesh mode support not included in the build");
1883 #endif /* CONFIG_MESH */
1884 return;
1885 }
1886
1887 /*
1888 * Set WPA state machine configuration to match the selected network now
1889 * so that the information is available before wpas_start_assoc_cb()
1890 * gets called. This is needed at least for RSN pre-authentication where
1891 * candidate APs are added to a list based on scan result processing
1892 * before completion of the first association.
1893 */
1894 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
1895
1896 #ifdef CONFIG_DPP
1897 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
1898 return;
1899 #endif /* CONFIG_DPP */
1900
1901 #ifdef CONFIG_TDLS
1902 if (bss)
1903 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1904 bss->ie_len);
1905 #endif /* CONFIG_TDLS */
1906
1907 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1908 ssid->mode == IEEE80211_MODE_INFRA) {
1909 sme_authenticate(wpa_s, bss, ssid);
1910 return;
1911 }
1912
1913 if (wpa_s->connect_work) {
1914 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1915 return;
1916 }
1917
1918 if (radio_work_pending(wpa_s, "connect")) {
1919 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1920 return;
1921 }
1922
1923 #ifdef CONFIG_SME
1924 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
1925 /* Clear possibly set auth_alg, if any, from last attempt. */
1926 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
1927 }
1928 #endif /* CONFIG_SME */
1929
1930 wpas_abort_ongoing_scan(wpa_s);
1931
1932 cwork = os_zalloc(sizeof(*cwork));
1933 if (cwork == NULL)
1934 return;
1935
1936 cwork->bss = bss;
1937 cwork->ssid = ssid;
1938
1939 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1940 wpas_start_assoc_cb, cwork) < 0) {
1941 os_free(cwork);
1942 }
1943 }
1944
1945
1946 static int bss_is_ibss(struct wpa_bss *bss)
1947 {
1948 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1949 IEEE80211_CAP_IBSS;
1950 }
1951
1952
1953 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1954 const struct wpa_ssid *ssid)
1955 {
1956 enum hostapd_hw_mode hw_mode;
1957 struct hostapd_hw_modes *mode = NULL;
1958 u8 channel;
1959 int i;
1960
1961 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1962 if (hw_mode == NUM_HOSTAPD_MODES)
1963 return 0;
1964 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1965 if (wpa_s->hw.modes[i].mode == hw_mode) {
1966 mode = &wpa_s->hw.modes[i];
1967 break;
1968 }
1969 }
1970
1971 if (!mode)
1972 return 0;
1973
1974 return mode->vht_capab != 0;
1975 }
1976
1977
1978 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1979 const struct wpa_ssid *ssid,
1980 struct hostapd_freq_params *freq)
1981 {
1982 enum hostapd_hw_mode hw_mode;
1983 struct hostapd_hw_modes *mode = NULL;
1984 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1985 184, 192 };
1986 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1987 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1988 u8 channel;
1989 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1990 unsigned int j, k;
1991 struct hostapd_freq_params vht_freq;
1992 int chwidth, seg0, seg1;
1993 u32 vht_caps = 0;
1994
1995 freq->freq = ssid->frequency;
1996
1997 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1998 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1999
2000 if (ssid->mode != WPAS_MODE_IBSS)
2001 break;
2002
2003 /* Don't adjust control freq in case of fixed_freq */
2004 if (ssid->fixed_freq)
2005 break;
2006
2007 if (!bss_is_ibss(bss))
2008 continue;
2009
2010 if (ssid->ssid_len == bss->ssid_len &&
2011 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2012 wpa_printf(MSG_DEBUG,
2013 "IBSS already found in scan results, adjust control freq: %d",
2014 bss->freq);
2015 freq->freq = bss->freq;
2016 obss_scan = 0;
2017 break;
2018 }
2019 }
2020
2021 /* For IBSS check HT_IBSS flag */
2022 if (ssid->mode == WPAS_MODE_IBSS &&
2023 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2024 return;
2025
2026 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2027 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2028 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2029 wpa_printf(MSG_DEBUG,
2030 "IBSS: WEP/TKIP detected, do not try to enable HT");
2031 return;
2032 }
2033
2034 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2035 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2036 if (wpa_s->hw.modes[i].mode == hw_mode) {
2037 mode = &wpa_s->hw.modes[i];
2038 break;
2039 }
2040 }
2041
2042 if (!mode)
2043 return;
2044
2045 #ifdef CONFIG_HT_OVERRIDES
2046 if (ssid->disable_ht) {
2047 freq->ht_enabled = 0;
2048 return;
2049 }
2050 #endif /* CONFIG_HT_OVERRIDES */
2051
2052 freq->ht_enabled = ht_supported(mode);
2053 if (!freq->ht_enabled)
2054 return;
2055
2056 /* Setup higher BW only for 5 GHz */
2057 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2058 return;
2059
2060 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2061 pri_chan = &mode->channels[chan_idx];
2062 if (pri_chan->chan == channel)
2063 break;
2064 pri_chan = NULL;
2065 }
2066 if (!pri_chan)
2067 return;
2068
2069 /* Check primary channel flags */
2070 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2071 return;
2072
2073 #ifdef CONFIG_HT_OVERRIDES
2074 if (ssid->disable_ht40)
2075 return;
2076 #endif /* CONFIG_HT_OVERRIDES */
2077
2078 /* Check/setup HT40+/HT40- */
2079 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2080 if (ht40plus[j] == channel) {
2081 ht40 = 1;
2082 break;
2083 }
2084 }
2085
2086 /* Find secondary channel */
2087 for (i = 0; i < mode->num_channels; i++) {
2088 sec_chan = &mode->channels[i];
2089 if (sec_chan->chan == channel + ht40 * 4)
2090 break;
2091 sec_chan = NULL;
2092 }
2093 if (!sec_chan)
2094 return;
2095
2096 /* Check secondary channel flags */
2097 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2098 return;
2099
2100 freq->channel = pri_chan->chan;
2101
2102 if (ht40 == -1) {
2103 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2104 return;
2105 } else {
2106 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2107 return;
2108 }
2109 freq->sec_channel_offset = ht40;
2110
2111 if (obss_scan) {
2112 struct wpa_scan_results *scan_res;
2113
2114 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2115 if (scan_res == NULL) {
2116 /* Back to HT20 */
2117 freq->sec_channel_offset = 0;
2118 return;
2119 }
2120
2121 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2122 sec_chan->chan);
2123 switch (res) {
2124 case 0:
2125 /* Back to HT20 */
2126 freq->sec_channel_offset = 0;
2127 break;
2128 case 1:
2129 /* Configuration allowed */
2130 break;
2131 case 2:
2132 /* Switch pri/sec channels */
2133 freq->freq = hw_get_freq(mode, sec_chan->chan);
2134 freq->sec_channel_offset = -freq->sec_channel_offset;
2135 freq->channel = sec_chan->chan;
2136 break;
2137 default:
2138 freq->sec_channel_offset = 0;
2139 break;
2140 }
2141
2142 wpa_scan_results_free(scan_res);
2143 }
2144
2145 wpa_printf(MSG_DEBUG,
2146 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2147 freq->channel, freq->sec_channel_offset);
2148
2149 if (!drv_supports_vht(wpa_s, ssid))
2150 return;
2151
2152 /* For IBSS check VHT_IBSS flag */
2153 if (ssid->mode == WPAS_MODE_IBSS &&
2154 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2155 return;
2156
2157 vht_freq = *freq;
2158
2159 #ifdef CONFIG_VHT_OVERRIDES
2160 if (ssid->disable_vht) {
2161 freq->vht_enabled = 0;
2162 return;
2163 }
2164 #endif /* CONFIG_VHT_OVERRIDES */
2165
2166 vht_freq.vht_enabled = vht_supported(mode);
2167 if (!vht_freq.vht_enabled)
2168 return;
2169
2170 /* setup center_freq1, bandwidth */
2171 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2172 if (freq->channel >= vht80[j] &&
2173 freq->channel < vht80[j] + 16)
2174 break;
2175 }
2176
2177 if (j == ARRAY_SIZE(vht80))
2178 return;
2179
2180 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2181 struct hostapd_channel_data *chan;
2182
2183 chan = hw_get_channel_chan(mode, i, NULL);
2184 if (!chan)
2185 return;
2186
2187 /* Back to HT configuration if channel not usable */
2188 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2189 return;
2190 }
2191
2192 chwidth = VHT_CHANWIDTH_80MHZ;
2193 seg0 = vht80[j] + 6;
2194 seg1 = 0;
2195
2196 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2197 /* setup center_freq2, bandwidth */
2198 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2199 /* Only accept 80 MHz segments separated by a gap */
2200 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2201 continue;
2202 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2203 struct hostapd_channel_data *chan;
2204
2205 chan = hw_get_channel_chan(mode, i, NULL);
2206 if (!chan)
2207 continue;
2208
2209 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2210 HOSTAPD_CHAN_NO_IR |
2211 HOSTAPD_CHAN_RADAR))
2212 continue;
2213
2214 /* Found a suitable second segment for 80+80 */
2215 chwidth = VHT_CHANWIDTH_80P80MHZ;
2216 vht_caps |=
2217 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2218 seg1 = vht80[k] + 6;
2219 }
2220
2221 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2222 break;
2223 }
2224 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2225 if (freq->freq == 5180) {
2226 chwidth = VHT_CHANWIDTH_160MHZ;
2227 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2228 seg0 = 50;
2229 } else if (freq->freq == 5520) {
2230 chwidth = VHT_CHANWIDTH_160MHZ;
2231 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2232 seg0 = 114;
2233 }
2234 }
2235
2236 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2237 freq->channel, freq->ht_enabled,
2238 vht_freq.vht_enabled,
2239 freq->sec_channel_offset,
2240 chwidth, seg0, seg1, vht_caps) != 0)
2241 return;
2242
2243 *freq = vht_freq;
2244
2245 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2246 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2247 }
2248
2249
2250 #ifdef CONFIG_FILS
2251 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2252 size_t ie_buf_len)
2253 {
2254 struct fils_hlp_req *req;
2255 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2256 const u8 *pos;
2257 u8 *buf = ie_buf;
2258
2259 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2260 list) {
2261 rem_len = ie_buf_len - ie_len;
2262 pos = wpabuf_head(req->pkt);
2263 hdr_len = 1 + 2 * ETH_ALEN + 6;
2264 hlp_len = wpabuf_len(req->pkt);
2265
2266 if (rem_len < 2 + hdr_len + hlp_len) {
2267 wpa_printf(MSG_ERROR,
2268 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2269 (unsigned long) rem_len,
2270 (unsigned long) (2 + hdr_len + hlp_len));
2271 break;
2272 }
2273
2274 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2275 /* Element ID */
2276 *buf++ = WLAN_EID_EXTENSION;
2277 /* Length */
2278 *buf++ = len;
2279 /* Element ID Extension */
2280 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2281 /* Destination MAC address */
2282 os_memcpy(buf, req->dst, ETH_ALEN);
2283 buf += ETH_ALEN;
2284 /* Source MAC address */
2285 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2286 buf += ETH_ALEN;
2287 /* LLC/SNAP Header */
2288 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2289 buf += 6;
2290 /* HLP Packet */
2291 os_memcpy(buf, pos, len - hdr_len);
2292 buf += len - hdr_len;
2293 pos += len - hdr_len;
2294
2295 hlp_len -= len - hdr_len;
2296 ie_len += 2 + len;
2297 rem_len -= 2 + len;
2298
2299 while (hlp_len) {
2300 len = (hlp_len > 255) ? 255 : hlp_len;
2301 if (rem_len < 2 + len)
2302 break;
2303 *buf++ = WLAN_EID_FRAGMENT;
2304 *buf++ = len;
2305 os_memcpy(buf, pos, len);
2306 buf += len;
2307 pos += len;
2308
2309 hlp_len -= len;
2310 ie_len += 2 + len;
2311 rem_len -= 2 + len;
2312 }
2313 }
2314
2315 return ie_len;
2316 }
2317 #endif /* CONFIG_FILS */
2318
2319
2320 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2321 {
2322 struct wpa_connect_work *cwork = work->ctx;
2323 struct wpa_bss *bss = cwork->bss;
2324 struct wpa_ssid *ssid = cwork->ssid;
2325 struct wpa_supplicant *wpa_s = work->wpa_s;
2326 u8 *wpa_ie;
2327 size_t max_wpa_ie_len = 500;
2328 size_t wpa_ie_len;
2329 int use_crypt, ret, i, bssid_changed;
2330 int algs = WPA_AUTH_ALG_OPEN;
2331 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
2332 struct wpa_driver_associate_params params;
2333 int wep_keys_set = 0;
2334 int assoc_failed = 0;
2335 struct wpa_ssid *old_ssid;
2336 u8 prev_bssid[ETH_ALEN];
2337 #ifdef CONFIG_HT_OVERRIDES
2338 struct ieee80211_ht_capabilities htcaps;
2339 struct ieee80211_ht_capabilities htcaps_mask;
2340 #endif /* CONFIG_HT_OVERRIDES */
2341 #ifdef CONFIG_VHT_OVERRIDES
2342 struct ieee80211_vht_capabilities vhtcaps;
2343 struct ieee80211_vht_capabilities vhtcaps_mask;
2344 #endif /* CONFIG_VHT_OVERRIDES */
2345 #ifdef CONFIG_FILS
2346 const u8 *realm, *username, *rrk;
2347 size_t realm_len, username_len, rrk_len;
2348 u16 next_seq_num;
2349 struct fils_hlp_req *req;
2350 #endif /* CONFIG_FILS */
2351
2352 if (deinit) {
2353 if (work->started) {
2354 wpa_s->connect_work = NULL;
2355
2356 /* cancel possible auth. timeout */
2357 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2358 NULL);
2359 }
2360 wpas_connect_work_free(cwork);
2361 return;
2362 }
2363
2364 wpa_s->connect_work = work;
2365
2366 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2367 wpas_network_disabled(wpa_s, ssid)) {
2368 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2369 wpas_connect_work_done(wpa_s);
2370 return;
2371 }
2372
2373 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2374 os_memset(&params, 0, sizeof(params));
2375 wpa_s->reassociate = 0;
2376 wpa_s->eap_expected_failure = 0;
2377 if (bss &&
2378 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2379 #ifdef CONFIG_IEEE80211R
2380 const u8 *ie, *md = NULL;
2381 #endif /* CONFIG_IEEE80211R */
2382 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2383 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2384 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2385 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2386 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2387 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2388 if (bssid_changed)
2389 wpas_notify_bssid_changed(wpa_s);
2390 #ifdef CONFIG_IEEE80211R
2391 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2392 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2393 md = ie + 2;
2394 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2395 if (md) {
2396 /* Prepare for the next transition */
2397 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2398 }
2399 #endif /* CONFIG_IEEE80211R */
2400 #ifdef CONFIG_WPS
2401 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2402 wpa_s->conf->ap_scan == 2 &&
2403 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2404 /* Use ap_scan==1 style network selection to find the network
2405 */
2406 wpas_connect_work_done(wpa_s);
2407 wpa_s->scan_req = MANUAL_SCAN_REQ;
2408 wpa_s->reassociate = 1;
2409 wpa_supplicant_req_scan(wpa_s, 0, 0);
2410 return;
2411 #endif /* CONFIG_WPS */
2412 } else {
2413 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2414 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2415 if (bss)
2416 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2417 else
2418 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2419 }
2420 if (!wpa_s->pno)
2421 wpa_supplicant_cancel_sched_scan(wpa_s);
2422
2423 wpa_supplicant_cancel_scan(wpa_s);
2424
2425 /* Starting new association, so clear the possibly used WPA IE from the
2426 * previous association. */
2427 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2428
2429 #ifdef CONFIG_FILS
2430 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2431 list) {
2432 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2433 2 + 2 * wpabuf_len(req->pkt) / 255;
2434 }
2435 #endif /* CONFIG_FILS */
2436
2437 wpa_ie = os_malloc(max_wpa_ie_len);
2438 if (!wpa_ie) {
2439 wpa_printf(MSG_ERROR,
2440 "Failed to allocate connect IE buffer for %lu bytes",
2441 (unsigned long) max_wpa_ie_len);
2442 wpas_connect_work_done(wpa_s);
2443 return;
2444 }
2445
2446 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2447 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2448 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2449 int try_opportunistic;
2450 const u8 *cache_id = NULL;
2451
2452 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2453 wpa_s->conf->okc :
2454 ssid->proactive_key_caching) &&
2455 (ssid->proto & WPA_PROTO_RSN);
2456 #ifdef CONFIG_FILS
2457 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2458 cache_id = wpa_bss_get_fils_cache_id(bss);
2459 #endif /* CONFIG_FILS */
2460 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2461 ssid, try_opportunistic,
2462 cache_id) == 0)
2463 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2464 wpa_ie_len = max_wpa_ie_len;
2465 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2466 wpa_ie, &wpa_ie_len)) {
2467 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2468 "key management and encryption suites");
2469 wpas_connect_work_done(wpa_s);
2470 os_free(wpa_ie);
2471 return;
2472 }
2473 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2474 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2475 /*
2476 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2477 * use non-WPA since the scan results did not indicate that the
2478 * AP is using WPA or WPA2.
2479 */
2480 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2481 wpa_ie_len = 0;
2482 wpa_s->wpa_proto = 0;
2483 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2484 wpa_ie_len = max_wpa_ie_len;
2485 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2486 wpa_ie, &wpa_ie_len)) {
2487 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2488 "key management and encryption suites (no "
2489 "scan results)");
2490 wpas_connect_work_done(wpa_s);
2491 os_free(wpa_ie);
2492 return;
2493 }
2494 #ifdef CONFIG_WPS
2495 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2496 struct wpabuf *wps_ie;
2497 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2498 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
2499 wpa_ie_len = wpabuf_len(wps_ie);
2500 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2501 } else
2502 wpa_ie_len = 0;
2503 wpabuf_free(wps_ie);
2504 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2505 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2506 params.wps = WPS_MODE_PRIVACY;
2507 else
2508 params.wps = WPS_MODE_OPEN;
2509 wpa_s->wpa_proto = 0;
2510 #endif /* CONFIG_WPS */
2511 } else {
2512 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2513 wpa_ie_len = 0;
2514 wpa_s->wpa_proto = 0;
2515 }
2516
2517 #ifdef IEEE8021X_EAPOL
2518 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2519 if (ssid->leap) {
2520 if (ssid->non_leap == 0)
2521 algs = WPA_AUTH_ALG_LEAP;
2522 else
2523 algs |= WPA_AUTH_ALG_LEAP;
2524 }
2525 }
2526
2527 #ifdef CONFIG_FILS
2528 /* Clear FILS association */
2529 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2530
2531 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2532 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2533 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2534 &username_len, &realm, &realm_len,
2535 &next_seq_num, &rrk, &rrk_len) == 0) {
2536 algs = WPA_AUTH_ALG_FILS;
2537 params.fils_erp_username = username;
2538 params.fils_erp_username_len = username_len;
2539 params.fils_erp_realm = realm;
2540 params.fils_erp_realm_len = realm_len;
2541 params.fils_erp_next_seq_num = next_seq_num;
2542 params.fils_erp_rrk = rrk;
2543 params.fils_erp_rrk_len = rrk_len;
2544 }
2545 #endif /* CONFIG_FILS */
2546 #endif /* IEEE8021X_EAPOL */
2547
2548 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2549 if (ssid->auth_alg) {
2550 algs = ssid->auth_alg;
2551 wpa_dbg(wpa_s, MSG_DEBUG,
2552 "Overriding auth_alg selection: 0x%x", algs);
2553 }
2554
2555 #ifdef CONFIG_P2P
2556 if (wpa_s->global->p2p) {
2557 u8 *pos;
2558 size_t len;
2559 int res;
2560 pos = wpa_ie + wpa_ie_len;
2561 len = max_wpa_ie_len - wpa_ie_len;
2562 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2563 ssid->p2p_group);
2564 if (res >= 0)
2565 wpa_ie_len += res;
2566 }
2567
2568 wpa_s->cross_connect_disallowed = 0;
2569 if (bss) {
2570 struct wpabuf *p2p;
2571 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2572 if (p2p) {
2573 wpa_s->cross_connect_disallowed =
2574 p2p_get_cross_connect_disallowed(p2p);
2575 wpabuf_free(p2p);
2576 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2577 "connection",
2578 wpa_s->cross_connect_disallowed ?
2579 "disallows" : "allows");
2580 }
2581 }
2582
2583 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2584 #endif /* CONFIG_P2P */
2585
2586 if (bss) {
2587 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2588 wpa_ie + wpa_ie_len,
2589 max_wpa_ie_len -
2590 wpa_ie_len);
2591 }
2592
2593 /*
2594 * Workaround: Add Extended Capabilities element only if the AP
2595 * included this element in Beacon/Probe Response frames. Some older
2596 * APs seem to have interoperability issues if this element is
2597 * included, so while the standard may require us to include the
2598 * element in all cases, it is justifiable to skip it to avoid
2599 * interoperability issues.
2600 */
2601 if (ssid->p2p_group)
2602 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2603 else
2604 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2605
2606 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2607 u8 ext_capab[18];
2608 int ext_capab_len;
2609 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2610 sizeof(ext_capab));
2611 if (ext_capab_len > 0 &&
2612 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
2613 u8 *pos = wpa_ie;
2614 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2615 pos += 2 + pos[1];
2616 os_memmove(pos + ext_capab_len, pos,
2617 wpa_ie_len - (pos - wpa_ie));
2618 wpa_ie_len += ext_capab_len;
2619 os_memcpy(pos, ext_capab, ext_capab_len);
2620 }
2621 }
2622
2623 #ifdef CONFIG_HS20
2624 if (is_hs20_network(wpa_s, ssid, bss)) {
2625 struct wpabuf *hs20;
2626
2627 hs20 = wpabuf_alloc(20);
2628 if (hs20) {
2629 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2630 size_t len;
2631
2632 wpas_hs20_add_indication(hs20, pps_mo_id);
2633 len = max_wpa_ie_len - wpa_ie_len;
2634 if (wpabuf_len(hs20) <= len) {
2635 os_memcpy(wpa_ie + wpa_ie_len,
2636 wpabuf_head(hs20), wpabuf_len(hs20));
2637 wpa_ie_len += wpabuf_len(hs20);
2638 }
2639 wpabuf_free(hs20);
2640
2641 hs20_configure_frame_filters(wpa_s);
2642 }
2643 }
2644 #endif /* CONFIG_HS20 */
2645
2646 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2647 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2648 size_t len;
2649
2650 len = max_wpa_ie_len - wpa_ie_len;
2651 if (wpabuf_len(buf) <= len) {
2652 os_memcpy(wpa_ie + wpa_ie_len,
2653 wpabuf_head(buf), wpabuf_len(buf));
2654 wpa_ie_len += wpabuf_len(buf);
2655 }
2656 }
2657
2658 #ifdef CONFIG_FST
2659 if (wpa_s->fst_ies) {
2660 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2661
2662 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
2663 os_memcpy(wpa_ie + wpa_ie_len,
2664 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2665 wpa_ie_len += fst_ies_len;
2666 }
2667 }
2668 #endif /* CONFIG_FST */
2669
2670 #ifdef CONFIG_MBO
2671 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
2672 int len;
2673
2674 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2675 max_wpa_ie_len - wpa_ie_len);
2676 if (len >= 0)
2677 wpa_ie_len += len;
2678 }
2679 #endif /* CONFIG_MBO */
2680
2681 #ifdef CONFIG_FILS
2682 if (algs == WPA_AUTH_ALG_FILS) {
2683 size_t len;
2684
2685 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2686 max_wpa_ie_len - wpa_ie_len);
2687 wpa_ie_len += len;
2688 }
2689 #endif /* CONFIG_FILS */
2690
2691 #ifdef CONFIG_OWE
2692 if (algs == WPA_AUTH_ALG_OPEN &&
2693 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2694 struct wpabuf *owe_ie;
2695 u16 group = OWE_DH_GROUP;
2696
2697 if (ssid->owe_group)
2698 group = ssid->owe_group;
2699 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2700 if (owe_ie &&
2701 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2702 os_memcpy(wpa_ie + wpa_ie_len,
2703 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2704 wpa_ie_len += wpabuf_len(owe_ie);
2705 wpabuf_free(owe_ie);
2706 }
2707 }
2708 #endif /* CONFIG_OWE */
2709
2710 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2711 use_crypt = 1;
2712 cipher_pairwise = wpa_s->pairwise_cipher;
2713 cipher_group = wpa_s->group_cipher;
2714 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
2715 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2716 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2717 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2718 use_crypt = 0;
2719 if (wpa_set_wep_keys(wpa_s, ssid)) {
2720 use_crypt = 1;
2721 wep_keys_set = 1;
2722 }
2723 }
2724 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2725 use_crypt = 0;
2726
2727 #ifdef IEEE8021X_EAPOL
2728 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2729 if ((ssid->eapol_flags &
2730 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2731 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2732 !wep_keys_set) {
2733 use_crypt = 0;
2734 } else {
2735 /* Assume that dynamic WEP-104 keys will be used and
2736 * set cipher suites in order for drivers to expect
2737 * encryption. */
2738 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2739 }
2740 }
2741 #endif /* IEEE8021X_EAPOL */
2742
2743 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2744 /* Set the key before (and later after) association */
2745 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2746 }
2747
2748 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2749 if (bss) {
2750 params.ssid = bss->ssid;
2751 params.ssid_len = bss->ssid_len;
2752 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2753 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
2754 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2755 MACSTR " freq=%u MHz based on scan results "
2756 "(bssid_set=%d wps=%d)",
2757 MAC2STR(bss->bssid), bss->freq,
2758 ssid->bssid_set,
2759 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
2760 params.bssid = bss->bssid;
2761 params.freq.freq = bss->freq;
2762 }
2763 params.bssid_hint = bss->bssid;
2764 params.freq_hint = bss->freq;
2765 params.pbss = bss_is_pbss(bss);
2766 } else {
2767 if (ssid->bssid_hint_set)
2768 params.bssid_hint = ssid->bssid_hint;
2769
2770 params.ssid = ssid->ssid;
2771 params.ssid_len = ssid->ssid_len;
2772 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2773 }
2774
2775 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2776 wpa_s->conf->ap_scan == 2) {
2777 params.bssid = ssid->bssid;
2778 params.fixed_bssid = 1;
2779 }
2780
2781 /* Initial frequency for IBSS/mesh */
2782 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2783 ssid->frequency > 0 && params.freq.freq == 0)
2784 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2785
2786 if (ssid->mode == WPAS_MODE_IBSS) {
2787 params.fixed_freq = ssid->fixed_freq;
2788 if (ssid->beacon_int)
2789 params.beacon_int = ssid->beacon_int;
2790 else
2791 params.beacon_int = wpa_s->conf->beacon_int;
2792 }
2793
2794 params.wpa_ie = wpa_ie;
2795 params.wpa_ie_len = wpa_ie_len;
2796 params.pairwise_suite = cipher_pairwise;
2797 params.group_suite = cipher_group;
2798 params.mgmt_group_suite = cipher_group_mgmt;
2799 params.key_mgmt_suite = wpa_s->key_mgmt;
2800 params.wpa_proto = wpa_s->wpa_proto;
2801 params.auth_alg = algs;
2802 wpa_s->auth_alg = params.auth_alg;
2803 params.mode = ssid->mode;
2804 params.bg_scan_period = ssid->bg_scan_period;
2805 for (i = 0; i < NUM_WEP_KEYS; i++) {
2806 if (ssid->wep_key_len[i])
2807 params.wep_key[i] = ssid->wep_key[i];
2808 params.wep_key_len[i] = ssid->wep_key_len[i];
2809 }
2810 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2811
2812 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2813 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2814 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2815 params.passphrase = ssid->passphrase;
2816 if (ssid->psk_set)
2817 params.psk = ssid->psk;
2818 }
2819
2820 if (wpa_s->conf->key_mgmt_offload) {
2821 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2822 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2823 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2824 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2825 params.req_key_mgmt_offload =
2826 ssid->proactive_key_caching < 0 ?
2827 wpa_s->conf->okc : ssid->proactive_key_caching;
2828 else
2829 params.req_key_mgmt_offload = 1;
2830
2831 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2832 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2833 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2834 ssid->psk_set)
2835 params.psk = ssid->psk;
2836 }
2837
2838 params.drop_unencrypted = use_crypt;
2839
2840 #ifdef CONFIG_IEEE80211W
2841 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2842 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2843 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2844 struct wpa_ie_data ie;
2845 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2846 ie.capabilities &
2847 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2848 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2849 "MFP: require MFP");
2850 params.mgmt_frame_protection =
2851 MGMT_FRAME_PROTECTION_REQUIRED;
2852 }
2853 }
2854 #endif /* CONFIG_IEEE80211W */
2855
2856 params.p2p = ssid->p2p_group;
2857
2858 if (wpa_s->p2pdev->set_sta_uapsd)
2859 params.uapsd = wpa_s->p2pdev->sta_uapsd;
2860 else
2861 params.uapsd = -1;
2862
2863 #ifdef CONFIG_HT_OVERRIDES
2864 os_memset(&htcaps, 0, sizeof(htcaps));
2865 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2866 params.htcaps = (u8 *) &htcaps;
2867 params.htcaps_mask = (u8 *) &htcaps_mask;
2868 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
2869 #endif /* CONFIG_HT_OVERRIDES */
2870 #ifdef CONFIG_VHT_OVERRIDES
2871 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2872 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2873 params.vhtcaps = &vhtcaps;
2874 params.vhtcaps_mask = &vhtcaps_mask;
2875 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
2876 #endif /* CONFIG_VHT_OVERRIDES */
2877
2878 #ifdef CONFIG_P2P
2879 /*
2880 * If multi-channel concurrency is not supported, check for any
2881 * frequency conflict. In case of any frequency conflict, remove the
2882 * least prioritized connection.
2883 */
2884 if (wpa_s->num_multichan_concurrent < 2) {
2885 int freq, num;
2886 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2887 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2888 wpa_printf(MSG_DEBUG,
2889 "Assoc conflicting freq found (%d != %d)",
2890 freq, params.freq.freq);
2891 if (wpas_p2p_handle_frequency_conflicts(
2892 wpa_s, params.freq.freq, ssid) < 0) {
2893 wpas_connect_work_done(wpa_s);
2894 os_free(wpa_ie);
2895 return;
2896 }
2897 }
2898 }
2899 #endif /* CONFIG_P2P */
2900
2901 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
2902 wpa_s->current_ssid)
2903 params.prev_bssid = prev_bssid;
2904
2905 ret = wpa_drv_associate(wpa_s, &params);
2906 os_free(wpa_ie);
2907 if (ret < 0) {
2908 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2909 "failed");
2910 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2911 /*
2912 * The driver is known to mean what is saying, so we
2913 * can stop right here; the association will not
2914 * succeed.
2915 */
2916 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2917 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2918 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2919 return;
2920 }
2921 /* try to continue anyway; new association will be tried again
2922 * after timeout */
2923 assoc_failed = 1;
2924 }
2925
2926 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2927 /* Set the key after the association just in case association
2928 * cleared the previously configured key. */
2929 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2930 /* No need to timeout authentication since there is no key
2931 * management. */
2932 wpa_supplicant_cancel_auth_timeout(wpa_s);
2933 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2934 #ifdef CONFIG_IBSS_RSN
2935 } else if (ssid->mode == WPAS_MODE_IBSS &&
2936 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2937 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2938 /*
2939 * RSN IBSS authentication is per-STA and we can disable the
2940 * per-BSSID authentication.
2941 */
2942 wpa_supplicant_cancel_auth_timeout(wpa_s);
2943 #endif /* CONFIG_IBSS_RSN */
2944 } else {
2945 /* Timeout for IEEE 802.11 authentication and association */
2946 int timeout = 60;
2947
2948 if (assoc_failed) {
2949 /* give IBSS a bit more time */
2950 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2951 } else if (wpa_s->conf->ap_scan == 1) {
2952 /* give IBSS a bit more time */
2953 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2954 }
2955 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2956 }
2957
2958 if (wep_keys_set &&
2959 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2960 /* Set static WEP keys again */
2961 wpa_set_wep_keys(wpa_s, ssid);
2962 }
2963
2964 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2965 /*
2966 * Do not allow EAP session resumption between different
2967 * network configurations.
2968 */
2969 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2970 }
2971 old_ssid = wpa_s->current_ssid;
2972 wpa_s->current_ssid = ssid;
2973
2974 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2975 wpa_s->current_bss = bss;
2976 #ifdef CONFIG_HS20
2977 hs20_configure_frame_filters(wpa_s);
2978 #endif /* CONFIG_HS20 */
2979 }
2980
2981 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2982 wpa_supplicant_initiate_eapol(wpa_s);
2983 if (old_ssid != wpa_s->current_ssid)
2984 wpas_notify_network_changed(wpa_s);
2985 }
2986
2987
2988 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2989 const u8 *addr)
2990 {
2991 struct wpa_ssid *old_ssid;
2992
2993 wpas_connect_work_done(wpa_s);
2994 wpa_clear_keys(wpa_s, addr);
2995 old_ssid = wpa_s->current_ssid;
2996 wpa_supplicant_mark_disassoc(wpa_s);
2997 wpa_sm_set_config(wpa_s->wpa, NULL);
2998 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2999 if (old_ssid != wpa_s->current_ssid)
3000 wpas_notify_network_changed(wpa_s);
3001 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3002 }
3003
3004
3005 /**
3006 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3007 * @wpa_s: Pointer to wpa_supplicant data
3008 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3009 *
3010 * This function is used to request %wpa_supplicant to deauthenticate from the
3011 * current AP.
3012 */
3013 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3014 int reason_code)
3015 {
3016 u8 *addr = NULL;
3017 union wpa_event_data event;
3018 int zero_addr = 0;
3019
3020 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3021 " pending_bssid=" MACSTR " reason=%d state=%s",
3022 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3023 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
3024
3025 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3026 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3027 wpa_s->wpa_state == WPA_ASSOCIATING))
3028 addr = wpa_s->pending_bssid;
3029 else if (!is_zero_ether_addr(wpa_s->bssid))
3030 addr = wpa_s->bssid;
3031 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3032 /*
3033 * When using driver-based BSS selection, we may not know the
3034 * BSSID with which we are currently trying to associate. We
3035 * need to notify the driver of this disconnection even in such
3036 * a case, so use the all zeros address here.
3037 */
3038 addr = wpa_s->bssid;
3039 zero_addr = 1;
3040 }
3041
3042 #ifdef CONFIG_TDLS
3043 wpa_tdls_teardown_peers(wpa_s->wpa);
3044 #endif /* CONFIG_TDLS */
3045
3046 #ifdef CONFIG_MESH
3047 if (wpa_s->ifmsh) {
3048 struct mesh_conf *mconf;
3049
3050 mconf = wpa_s->ifmsh->mconf;
3051 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3052 wpa_s->ifname);
3053 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3054 mconf->meshid_len, reason_code);
3055 wpa_supplicant_leave_mesh(wpa_s);
3056 }
3057 #endif /* CONFIG_MESH */
3058
3059 if (addr) {
3060 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
3061 os_memset(&event, 0, sizeof(event));
3062 event.deauth_info.reason_code = (u16) reason_code;
3063 event.deauth_info.locally_generated = 1;
3064 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
3065 if (zero_addr)
3066 addr = NULL;
3067 }
3068
3069 wpa_supplicant_clear_connection(wpa_s, addr);
3070 }
3071
3072 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3073 struct wpa_ssid *ssid)
3074 {
3075 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3076 return;
3077
3078 ssid->disabled = 0;
3079 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3080 wpas_notify_network_enabled_changed(wpa_s, ssid);
3081
3082 /*
3083 * Try to reassociate since there is no current configuration and a new
3084 * network was made available.
3085 */
3086 if (!wpa_s->current_ssid && !wpa_s->disconnected)
3087 wpa_s->reassociate = 1;
3088 }
3089
3090
3091 /**
3092 * wpa_supplicant_add_network - Add a new network
3093 * @wpa_s: wpa_supplicant structure for a network interface
3094 * Returns: The new network configuration or %NULL if operation failed
3095 *
3096 * This function performs the following operations:
3097 * 1. Adds a new network.
3098 * 2. Send network addition notification.
3099 * 3. Marks the network disabled.
3100 * 4. Set network default parameters.
3101 */
3102 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3103 {
3104 struct wpa_ssid *ssid;
3105
3106 ssid = wpa_config_add_network(wpa_s->conf);
3107 if (!ssid)
3108 return NULL;
3109 wpas_notify_network_added(wpa_s, ssid);
3110 ssid->disabled = 1;
3111 wpa_config_set_network_defaults(ssid);
3112
3113 return ssid;
3114 }
3115
3116
3117 /**
3118 * wpa_supplicant_remove_network - Remove a configured network based on id
3119 * @wpa_s: wpa_supplicant structure for a network interface
3120 * @id: Unique network id to search for
3121 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3122 * could not be removed
3123 *
3124 * This function performs the following operations:
3125 * 1. Removes the network.
3126 * 2. Send network removal notification.
3127 * 3. Update internal state machines.
3128 * 4. Stop any running sched scans.
3129 */
3130 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3131 {
3132 struct wpa_ssid *ssid;
3133 int was_disabled;
3134
3135 ssid = wpa_config_get_network(wpa_s->conf, id);
3136 if (!ssid)
3137 return -1;
3138 wpas_notify_network_removed(wpa_s, ssid);
3139
3140 if (wpa_s->last_ssid == ssid)
3141 wpa_s->last_ssid = NULL;
3142
3143 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3144 #ifdef CONFIG_SME
3145 wpa_s->sme.prev_bssid_set = 0;
3146 #endif /* CONFIG_SME */
3147 /*
3148 * Invalidate the EAP session cache if the current or
3149 * previously used network is removed.
3150 */
3151 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3152 }
3153
3154 if (ssid == wpa_s->current_ssid) {
3155 wpa_sm_set_config(wpa_s->wpa, NULL);
3156 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3157
3158 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3159 wpa_s->own_disconnect_req = 1;
3160 wpa_supplicant_deauthenticate(wpa_s,
3161 WLAN_REASON_DEAUTH_LEAVING);
3162 }
3163
3164 was_disabled = ssid->disabled;
3165
3166 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3167 return -2;
3168
3169 if (!was_disabled && wpa_s->sched_scanning) {
3170 wpa_printf(MSG_DEBUG,
3171 "Stop ongoing sched_scan to remove network from filters");
3172 wpa_supplicant_cancel_sched_scan(wpa_s);
3173 wpa_supplicant_req_scan(wpa_s, 0, 0);
3174 }
3175
3176 return 0;
3177 }
3178
3179
3180 /**
3181 * wpa_supplicant_enable_network - Mark a configured network as enabled
3182 * @wpa_s: wpa_supplicant structure for a network interface
3183 * @ssid: wpa_ssid structure for a configured network or %NULL
3184 *
3185 * Enables the specified network or all networks if no network specified.
3186 */
3187 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3188 struct wpa_ssid *ssid)
3189 {
3190 if (ssid == NULL) {
3191 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3192 wpa_supplicant_enable_one_network(wpa_s, ssid);
3193 } else
3194 wpa_supplicant_enable_one_network(wpa_s, ssid);
3195
3196 if (wpa_s->reassociate && !wpa_s->disconnected &&
3197 (!wpa_s->current_ssid ||
3198 wpa_s->wpa_state == WPA_DISCONNECTED ||
3199 wpa_s->wpa_state == WPA_SCANNING)) {
3200 if (wpa_s->sched_scanning) {
3201 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3202 "new network to scan filters");
3203 wpa_supplicant_cancel_sched_scan(wpa_s);
3204 }
3205
3206 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3207 wpa_s->scan_req = NORMAL_SCAN_REQ;
3208 wpa_supplicant_req_scan(wpa_s, 0, 0);
3209 }
3210 }
3211 }
3212
3213
3214 /**
3215 * wpa_supplicant_disable_network - Mark a configured network as disabled
3216 * @wpa_s: wpa_supplicant structure for a network interface
3217 * @ssid: wpa_ssid structure for a configured network or %NULL
3218 *
3219 * Disables the specified network or all networks if no network specified.
3220 */
3221 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3222 struct wpa_ssid *ssid)
3223 {
3224 struct wpa_ssid *other_ssid;
3225 int was_disabled;
3226
3227 if (ssid == NULL) {
3228 if (wpa_s->sched_scanning)
3229 wpa_supplicant_cancel_sched_scan(wpa_s);
3230
3231 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3232 other_ssid = other_ssid->next) {
3233 was_disabled = other_ssid->disabled;
3234 if (was_disabled == 2)
3235 continue; /* do not change persistent P2P group
3236 * data */
3237
3238 other_ssid->disabled = 1;
3239
3240 if (was_disabled != other_ssid->disabled)
3241 wpas_notify_network_enabled_changed(
3242 wpa_s, other_ssid);
3243 }
3244 if (wpa_s->current_ssid) {
3245 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3246 wpa_s->own_disconnect_req = 1;
3247 wpa_supplicant_deauthenticate(
3248 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3249 }
3250 } else if (ssid->disabled != 2) {
3251 if (ssid == wpa_s->current_ssid) {
3252 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3253 wpa_s->own_disconnect_req = 1;
3254 wpa_supplicant_deauthenticate(
3255 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3256 }
3257
3258 was_disabled = ssid->disabled;
3259
3260 ssid->disabled = 1;
3261
3262 if (was_disabled != ssid->disabled) {
3263 wpas_notify_network_enabled_changed(wpa_s, ssid);
3264 if (wpa_s->sched_scanning) {
3265 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3266 "to remove network from filters");
3267 wpa_supplicant_cancel_sched_scan(wpa_s);
3268 wpa_supplicant_req_scan(wpa_s, 0, 0);
3269 }
3270 }
3271 }
3272 }
3273
3274
3275 /**
3276 * wpa_supplicant_select_network - Attempt association with a network
3277 * @wpa_s: wpa_supplicant structure for a network interface
3278 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3279 */
3280 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3281 struct wpa_ssid *ssid)
3282 {
3283
3284 struct wpa_ssid *other_ssid;
3285 int disconnected = 0;
3286
3287 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
3288 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3289 wpa_s->own_disconnect_req = 1;
3290 wpa_supplicant_deauthenticate(
3291 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3292 disconnected = 1;
3293 }
3294
3295 if (ssid)
3296 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3297
3298 /*
3299 * Mark all other networks disabled or mark all networks enabled if no
3300 * network specified.
3301 */
3302 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3303 other_ssid = other_ssid->next) {
3304 int was_disabled = other_ssid->disabled;
3305 if (was_disabled == 2)
3306 continue; /* do not change persistent P2P group data */
3307
3308 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
3309 if (was_disabled && !other_ssid->disabled)
3310 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
3311
3312 if (was_disabled != other_ssid->disabled)
3313 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
3314 }
3315
3316 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3317 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
3318 /* We are already associated with the selected network */
3319 wpa_printf(MSG_DEBUG, "Already associated with the "
3320 "selected network - do nothing");
3321 return;
3322 }
3323
3324 if (ssid) {
3325 wpa_s->current_ssid = ssid;
3326 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3327 wpa_s->connect_without_scan =
3328 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
3329
3330 /*
3331 * Don't optimize next scan freqs since a new ESS has been
3332 * selected.
3333 */
3334 os_free(wpa_s->next_scan_freqs);
3335 wpa_s->next_scan_freqs = NULL;
3336 } else {
3337 wpa_s->connect_without_scan = NULL;
3338 }
3339
3340 wpa_s->disconnected = 0;
3341 wpa_s->reassociate = 1;
3342
3343 if (wpa_s->connect_without_scan ||
3344 wpa_supplicant_fast_associate(wpa_s) != 1) {
3345 wpa_s->scan_req = NORMAL_SCAN_REQ;
3346 wpas_scan_reset_sched_scan(wpa_s);
3347 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
3348 }
3349
3350 if (ssid)
3351 wpas_notify_network_selected(wpa_s, ssid);
3352 }
3353
3354
3355 /**
3356 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3357 * @wpa_s: wpa_supplicant structure for a network interface
3358 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3359 * @pkcs11_module_path: PKCS #11 module path or NULL
3360 * Returns: 0 on success; -1 on failure
3361 *
3362 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3363 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3364 * module path fails the paths will be reset to the default value (NULL).
3365 */
3366 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3367 const char *pkcs11_engine_path,
3368 const char *pkcs11_module_path)
3369 {
3370 char *pkcs11_engine_path_copy = NULL;
3371 char *pkcs11_module_path_copy = NULL;
3372
3373 if (pkcs11_engine_path != NULL) {
3374 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3375 if (pkcs11_engine_path_copy == NULL)
3376 return -1;
3377 }
3378 if (pkcs11_module_path != NULL) {
3379 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
3380 if (pkcs11_module_path_copy == NULL) {
3381 os_free(pkcs11_engine_path_copy);
3382 return -1;
3383 }
3384 }
3385
3386 os_free(wpa_s->conf->pkcs11_engine_path);
3387 os_free(wpa_s->conf->pkcs11_module_path);
3388 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3389 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3390
3391 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3392 eapol_sm_deinit(wpa_s->eapol);
3393 wpa_s->eapol = NULL;
3394 if (wpa_supplicant_init_eapol(wpa_s)) {
3395 /* Error -> Reset paths to the default value (NULL) once. */
3396 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3397 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3398 NULL);
3399
3400 return -1;
3401 }
3402 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3403
3404 return 0;
3405 }
3406
3407
3408 /**
3409 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3410 * @wpa_s: wpa_supplicant structure for a network interface
3411 * @ap_scan: AP scan mode
3412 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3413 *
3414 */
3415 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3416 {
3417
3418 int old_ap_scan;
3419
3420 if (ap_scan < 0 || ap_scan > 2)
3421 return -1;
3422
3423 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3424 wpa_printf(MSG_INFO,
3425 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3426 }
3427
3428 #ifdef ANDROID
3429 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3430 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3431 wpa_s->wpa_state < WPA_COMPLETED) {
3432 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3433 "associating", wpa_s->conf->ap_scan, ap_scan);
3434 return 0;
3435 }
3436 #endif /* ANDROID */
3437
3438 old_ap_scan = wpa_s->conf->ap_scan;
3439 wpa_s->conf->ap_scan = ap_scan;
3440
3441 if (old_ap_scan != wpa_s->conf->ap_scan)
3442 wpas_notify_ap_scan_changed(wpa_s);
3443
3444 return 0;
3445 }
3446
3447
3448 /**
3449 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3450 * @wpa_s: wpa_supplicant structure for a network interface
3451 * @expire_age: Expiration age in seconds
3452 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3453 *
3454 */
3455 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3456 unsigned int bss_expire_age)
3457 {
3458 if (bss_expire_age < 10) {
3459 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3460 bss_expire_age);
3461 return -1;
3462 }
3463 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3464 bss_expire_age);
3465 wpa_s->conf->bss_expiration_age = bss_expire_age;
3466
3467 return 0;
3468 }
3469
3470
3471 /**
3472 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3473 * @wpa_s: wpa_supplicant structure for a network interface
3474 * @expire_count: number of scans after which an unseen BSS is reclaimed
3475 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3476 *
3477 */
3478 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3479 unsigned int bss_expire_count)
3480 {
3481 if (bss_expire_count < 1) {
3482 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3483 bss_expire_count);
3484 return -1;
3485 }
3486 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3487 bss_expire_count);
3488 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3489
3490 return 0;
3491 }
3492
3493
3494 /**
3495 * wpa_supplicant_set_scan_interval - Set scan interval
3496 * @wpa_s: wpa_supplicant structure for a network interface
3497 * @scan_interval: scan interval in seconds
3498 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3499 *
3500 */
3501 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3502 int scan_interval)
3503 {
3504 if (scan_interval < 0) {
3505 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3506 scan_interval);
3507 return -1;
3508 }
3509 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3510 scan_interval);
3511 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3512
3513 return 0;
3514 }
3515
3516
3517 /**
3518 * wpa_supplicant_set_debug_params - Set global debug params
3519 * @global: wpa_global structure
3520 * @debug_level: debug level
3521 * @debug_timestamp: determines if show timestamp in debug data
3522 * @debug_show_keys: determines if show keys in debug data
3523 * Returns: 0 if succeed or -1 if debug_level has wrong value
3524 */
3525 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3526 int debug_timestamp, int debug_show_keys)
3527 {
3528
3529 int old_level, old_timestamp, old_show_keys;
3530
3531 /* check for allowed debuglevels */
3532 if (debug_level != MSG_EXCESSIVE &&
3533 debug_level != MSG_MSGDUMP &&
3534 debug_level != MSG_DEBUG &&
3535 debug_level != MSG_INFO &&
3536 debug_level != MSG_WARNING &&
3537 debug_level != MSG_ERROR)
3538 return -1;
3539
3540 old_level = wpa_debug_level;
3541 old_timestamp = wpa_debug_timestamp;
3542 old_show_keys = wpa_debug_show_keys;
3543
3544 wpa_debug_level = debug_level;
3545 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3546 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3547
3548 if (wpa_debug_level != old_level)
3549 wpas_notify_debug_level_changed(global);
3550 if (wpa_debug_timestamp != old_timestamp)
3551 wpas_notify_debug_timestamp_changed(global);
3552 if (wpa_debug_show_keys != old_show_keys)
3553 wpas_notify_debug_show_keys_changed(global);
3554
3555 return 0;
3556 }
3557
3558
3559 #ifdef CONFIG_OWE
3560 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
3561 const u8 *entry_ssid, size_t entry_ssid_len)
3562 {
3563 const u8 *owe, *pos, *end;
3564 u8 ssid_len;
3565 struct wpa_bss *bss;
3566
3567 /* Check network profile SSID aganst the SSID in the
3568 * OWE Transition Mode element. */
3569
3570 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
3571 if (!bss)
3572 return 0;
3573
3574 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
3575 if (!owe)
3576 return 0;
3577
3578 pos = owe + 6;
3579 end = owe + 2 + owe[1];
3580
3581 if (end - pos < ETH_ALEN + 1)
3582 return 0;
3583 pos += ETH_ALEN;
3584 ssid_len = *pos++;
3585 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
3586 return 0;
3587
3588 return entry_ssid_len == ssid_len &&
3589 os_memcmp(pos, entry_ssid, ssid_len) == 0;
3590 }
3591 #endif /* CONFIG_OWE */
3592
3593
3594 /**
3595 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3596 * @wpa_s: Pointer to wpa_supplicant data
3597 * Returns: A pointer to the current network structure or %NULL on failure
3598 */
3599 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3600 {
3601 struct wpa_ssid *entry;
3602 u8 ssid[SSID_MAX_LEN];
3603 int res;
3604 size_t ssid_len;
3605 u8 bssid[ETH_ALEN];
3606 int wired;
3607
3608 res = wpa_drv_get_ssid(wpa_s, ssid);
3609 if (res < 0) {
3610 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3611 "driver");
3612 return NULL;
3613 }
3614 ssid_len = res;
3615
3616 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3617 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3618 "driver");
3619 return NULL;
3620 }
3621
3622 wired = wpa_s->conf->ap_scan == 0 &&
3623 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3624
3625 entry = wpa_s->conf->ssid;
3626 while (entry) {
3627 if (!wpas_network_disabled(wpa_s, entry) &&
3628 ((ssid_len == entry->ssid_len &&
3629 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3630 (!entry->bssid_set ||
3631 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3632 return entry;
3633 #ifdef CONFIG_WPS
3634 if (!wpas_network_disabled(wpa_s, entry) &&
3635 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3636 (entry->ssid == NULL || entry->ssid_len == 0) &&
3637 (!entry->bssid_set ||
3638 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3639 return entry;
3640 #endif /* CONFIG_WPS */
3641
3642 #ifdef CONFIG_OWE
3643 if (!wpas_network_disabled(wpa_s, entry) &&
3644 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
3645 entry->ssid_len) &&
3646 (!entry->bssid_set ||
3647 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3648 return entry;
3649 #endif /* CONFIG_OWE */
3650
3651 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3652 entry->ssid_len == 0 &&
3653 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3654 return entry;
3655
3656 entry = entry->next;
3657 }
3658
3659 return NULL;
3660 }
3661
3662
3663 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3664 {
3665 struct wpa_global *global = wpa_s->global;
3666
3667 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3668 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3669 if (global->drv_priv[i] == NULL) {
3670 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3671 "'%s'", wpa_drivers[i]->name);
3672 return -1;
3673 }
3674 }
3675
3676 wpa_s->driver = wpa_drivers[i];
3677 wpa_s->global_drv_priv = global->drv_priv[i];
3678
3679 return 0;
3680 }
3681
3682
3683 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3684 const char *name)
3685 {
3686 int i;
3687 size_t len;
3688 const char *pos, *driver = name;
3689
3690 if (wpa_s == NULL)
3691 return -1;
3692
3693 if (wpa_drivers[0] == NULL) {
3694 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3695 "wpa_supplicant");
3696 return -1;
3697 }
3698
3699 if (name == NULL) {
3700 /* default to first driver in the list */
3701 return select_driver(wpa_s, 0);
3702 }
3703
3704 do {
3705 pos = os_strchr(driver, ',');
3706 if (pos)
3707 len = pos - driver;
3708 else
3709 len = os_strlen(driver);
3710
3711 for (i = 0; wpa_drivers[i]; i++) {
3712 if (os_strlen(wpa_drivers[i]->name) == len &&
3713 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3714 0) {
3715 /* First driver that succeeds wins */
3716 if (select_driver(wpa_s, i) == 0)
3717 return 0;
3718 }
3719 }
3720
3721 driver = pos + 1;
3722 } while (pos);
3723
3724 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3725 return -1;
3726 }
3727
3728
3729 /**
3730 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3731 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3732 * with struct wpa_driver_ops::init()
3733 * @src_addr: Source address of the EAPOL frame
3734 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3735 * @len: Length of the EAPOL data
3736 *
3737 * This function is called for each received EAPOL frame. Most driver
3738 * interfaces rely on more generic OS mechanism for receiving frames through
3739 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3740 * take care of received EAPOL frames and deliver them to the core supplicant
3741 * code by calling this function.
3742 */
3743 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3744 const u8 *buf, size_t len)
3745 {
3746 struct wpa_supplicant *wpa_s = ctx;
3747
3748 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3749 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3750
3751 #ifdef CONFIG_TESTING_OPTIONS
3752 if (wpa_s->ignore_auth_resp) {
3753 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3754 return;
3755 }
3756 #endif /* CONFIG_TESTING_OPTIONS */
3757
3758 #ifdef CONFIG_PEERKEY
3759 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3760 wpa_s->current_ssid->peerkey &&
3761 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3762 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3763 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3764 return;
3765 }
3766 #endif /* CONFIG_PEERKEY */
3767
3768 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3769 (wpa_s->last_eapol_matches_bssid &&
3770 #ifdef CONFIG_AP
3771 !wpa_s->ap_iface &&
3772 #endif /* CONFIG_AP */
3773 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3774 /*
3775 * There is possible race condition between receiving the
3776 * association event and the EAPOL frame since they are coming
3777 * through different paths from the driver. In order to avoid
3778 * issues in trying to process the EAPOL frame before receiving
3779 * association information, lets queue it for processing until
3780 * the association event is received. This may also be needed in
3781 * driver-based roaming case, so also use src_addr != BSSID as a
3782 * trigger if we have previously confirmed that the
3783 * Authenticator uses BSSID as the src_addr (which is not the
3784 * case with wired IEEE 802.1X).
3785 */
3786 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3787 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3788 wpa_supplicant_state_txt(wpa_s->wpa_state),
3789 MAC2STR(wpa_s->bssid));
3790 wpabuf_free(wpa_s->pending_eapol_rx);
3791 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3792 if (wpa_s->pending_eapol_rx) {
3793 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3794 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3795 ETH_ALEN);
3796 }
3797 return;
3798 }
3799
3800 wpa_s->last_eapol_matches_bssid =
3801 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3802
3803 #ifdef CONFIG_AP
3804 if (wpa_s->ap_iface) {
3805 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3806 return;
3807 }
3808 #endif /* CONFIG_AP */
3809
3810 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3811 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3812 "no key management is configured");
3813 return;
3814 }
3815
3816 if (wpa_s->eapol_received == 0 &&
3817 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3818 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3819 wpa_s->wpa_state != WPA_COMPLETED) &&
3820 (wpa_s->current_ssid == NULL ||
3821 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3822 /* Timeout for completing IEEE 802.1X and WPA authentication */
3823 int timeout = 10;
3824
3825 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3826 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3827 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3828 /* Use longer timeout for IEEE 802.1X/EAP */
3829 timeout = 70;
3830 }
3831
3832 #ifdef CONFIG_WPS
3833 if (wpa_s->current_ssid && wpa_s->current_bss &&
3834 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3835 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3836 /*
3837 * Use shorter timeout if going through WPS AP iteration
3838 * for PIN config method with an AP that does not
3839 * advertise Selected Registrar.
3840 */
3841 struct wpabuf *wps_ie;
3842
3843 wps_ie = wpa_bss_get_vendor_ie_multi(
3844 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3845 if (wps_ie &&
3846 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3847 timeout = 10;
3848 wpabuf_free(wps_ie);
3849 }
3850 #endif /* CONFIG_WPS */
3851
3852 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3853 }
3854 wpa_s->eapol_received++;
3855
3856 if (wpa_s->countermeasures) {
3857 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3858 "EAPOL packet");
3859 return;
3860 }
3861
3862 #ifdef CONFIG_IBSS_RSN
3863 if (wpa_s->current_ssid &&
3864 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3865 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3866 return;
3867 }
3868 #endif /* CONFIG_IBSS_RSN */
3869
3870 /* Source address of the incoming EAPOL frame could be compared to the
3871 * current BSSID. However, it is possible that a centralized
3872 * Authenticator could be using another MAC address than the BSSID of
3873 * an AP, so just allow any address to be used for now. The replies are
3874 * still sent to the current BSSID (if available), though. */
3875
3876 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3877 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3878 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
3879 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
3880 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3881 return;
3882 wpa_drv_poll(wpa_s);
3883 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3884 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3885 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3886 /*
3887 * Set portValid = TRUE here since we are going to skip 4-way
3888 * handshake processing which would normally set portValid. We
3889 * need this to allow the EAPOL state machines to be completed
3890 * without going through EAPOL-Key handshake.
3891 */
3892 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3893 }
3894 }
3895
3896
3897 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3898 {
3899 if ((!wpa_s->p2p_mgmt ||
3900 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3901 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3902 l2_packet_deinit(wpa_s->l2);
3903 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3904 wpa_drv_get_mac_addr(wpa_s),
3905 ETH_P_EAPOL,
3906 wpa_supplicant_rx_eapol, wpa_s, 0);
3907 if (wpa_s->l2 == NULL)
3908 return -1;
3909 } else {
3910 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3911 if (addr)
3912 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3913 }
3914
3915 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3916 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3917 return -1;
3918 }
3919
3920 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3921
3922 return 0;
3923 }
3924
3925
3926 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3927 const u8 *buf, size_t len)
3928 {
3929 struct wpa_supplicant *wpa_s = ctx;
3930 const struct l2_ethhdr *eth;
3931
3932 if (len < sizeof(*eth))
3933 return;
3934 eth = (const struct l2_ethhdr *) buf;
3935
3936 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3937 !(eth->h_dest[0] & 0x01)) {
3938 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3939 " (bridge - not for this interface - ignore)",
3940 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3941 return;
3942 }
3943
3944 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3945 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3946 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3947 len - sizeof(*eth));
3948 }
3949
3950
3951 /**
3952 * wpa_supplicant_driver_init - Initialize driver interface parameters
3953 * @wpa_s: Pointer to wpa_supplicant data
3954 * Returns: 0 on success, -1 on failure
3955 *
3956 * This function is called to initialize driver interface parameters.
3957 * wpa_drv_init() must have been called before this function to initialize the
3958 * driver interface.
3959 */
3960 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3961 {
3962 static int interface_count = 0;
3963
3964 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3965 return -1;
3966
3967 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3968 MAC2STR(wpa_s->own_addr));
3969 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3970 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3971
3972 if (wpa_s->bridge_ifname[0]) {
3973 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3974 "interface '%s'", wpa_s->bridge_ifname);
3975 wpa_s->l2_br = l2_packet_init_bridge(
3976 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3977 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3978 if (wpa_s->l2_br == NULL) {
3979 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3980 "connection for the bridge interface '%s'",
3981 wpa_s->bridge_ifname);
3982 return -1;
3983 }
3984 }
3985
3986 if (wpa_s->conf->ap_scan == 2 &&
3987 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3988 wpa_printf(MSG_INFO,
3989 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3990 }
3991
3992 wpa_clear_keys(wpa_s, NULL);
3993
3994 /* Make sure that TKIP countermeasures are not left enabled (could
3995 * happen if wpa_supplicant is killed during countermeasures. */
3996 wpa_drv_set_countermeasures(wpa_s, 0);
3997
3998 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3999 wpa_drv_flush_pmkid(wpa_s);
4000
4001 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
4002 wpa_s->prev_scan_wildcard = 0;
4003
4004 if (wpa_supplicant_enabled_networks(wpa_s)) {
4005 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4006 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4007 interface_count = 0;
4008 }
4009 #ifndef ANDROID
4010 if (!wpa_s->p2p_mgmt &&
4011 wpa_supplicant_delayed_sched_scan(wpa_s,
4012 interface_count % 3,
4013 100000))
4014 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
4015 100000);
4016 #endif /* ANDROID */
4017 interface_count++;
4018 } else
4019 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
4020
4021 return 0;
4022 }
4023
4024
4025 static int wpa_supplicant_daemon(const char *pid_file)
4026 {
4027 wpa_printf(MSG_DEBUG, "Daemonize..");
4028 return os_daemonize(pid_file);
4029 }
4030
4031
4032 static struct wpa_supplicant *
4033 wpa_supplicant_alloc(struct wpa_supplicant *parent)
4034 {
4035 struct wpa_supplicant *wpa_s;
4036
4037 wpa_s = os_zalloc(sizeof(*wpa_s));
4038 if (wpa_s == NULL)
4039 return NULL;
4040 wpa_s->scan_req = INITIAL_SCAN_REQ;
4041 wpa_s->scan_interval = 5;
4042 wpa_s->new_connection = 1;
4043 wpa_s->parent = parent ? parent : wpa_s;
4044 wpa_s->p2pdev = wpa_s->parent;
4045 wpa_s->sched_scanning = 0;
4046
4047 dl_list_init(&wpa_s->bss_tmp_disallowed);
4048 dl_list_init(&wpa_s->fils_hlp_req);
4049
4050 return wpa_s;
4051 }
4052
4053
4054 #ifdef CONFIG_HT_OVERRIDES
4055
4056 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4057 struct ieee80211_ht_capabilities *htcaps,
4058 struct ieee80211_ht_capabilities *htcaps_mask,
4059 const char *ht_mcs)
4060 {
4061 /* parse ht_mcs into hex array */
4062 int i;
4063 const char *tmp = ht_mcs;
4064 char *end = NULL;
4065
4066 /* If ht_mcs is null, do not set anything */
4067 if (!ht_mcs)
4068 return 0;
4069
4070 /* This is what we are setting in the kernel */
4071 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4072
4073 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4074
4075 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4076 long v;
4077
4078 errno = 0;
4079 v = strtol(tmp, &end, 16);
4080
4081 if (errno == 0) {
4082 wpa_msg(wpa_s, MSG_DEBUG,
4083 "htcap value[%i]: %ld end: %p tmp: %p",
4084 i, v, end, tmp);
4085 if (end == tmp)
4086 break;
4087
4088 htcaps->supported_mcs_set[i] = v;
4089 tmp = end;
4090 } else {
4091 wpa_msg(wpa_s, MSG_ERROR,
4092 "Failed to parse ht-mcs: %s, error: %s\n",
4093 ht_mcs, strerror(errno));
4094 return -1;
4095 }
4096 }
4097
4098 /*
4099 * If we were able to parse any values, then set mask for the MCS set.
4100 */
4101 if (i) {
4102 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4103 IEEE80211_HT_MCS_MASK_LEN - 1);
4104 /* skip the 3 reserved bits */
4105 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4106 0x1f;
4107 }
4108
4109 return 0;
4110 }
4111
4112
4113 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4114 struct ieee80211_ht_capabilities *htcaps,
4115 struct ieee80211_ht_capabilities *htcaps_mask,
4116 int disabled)
4117 {
4118 le16 msk;
4119
4120 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4121
4122 if (disabled == -1)
4123 return 0;
4124
4125 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4126 htcaps_mask->ht_capabilities_info |= msk;
4127 if (disabled)
4128 htcaps->ht_capabilities_info &= msk;
4129 else
4130 htcaps->ht_capabilities_info |= msk;
4131
4132 return 0;
4133 }
4134
4135
4136 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4137 struct ieee80211_ht_capabilities *htcaps,
4138 struct ieee80211_ht_capabilities *htcaps_mask,
4139 int factor)
4140 {
4141 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4142
4143 if (factor == -1)
4144 return 0;
4145
4146 if (factor < 0 || factor > 3) {
4147 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4148 "Must be 0-3 or -1", factor);
4149 return -EINVAL;
4150 }
4151
4152 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4153 htcaps->a_mpdu_params &= ~0x3;
4154 htcaps->a_mpdu_params |= factor & 0x3;
4155
4156 return 0;
4157 }
4158
4159
4160 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4161 struct ieee80211_ht_capabilities *htcaps,
4162 struct ieee80211_ht_capabilities *htcaps_mask,
4163 int density)
4164 {
4165 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4166
4167 if (density == -1)
4168 return 0;
4169
4170 if (density < 0 || density > 7) {
4171 wpa_msg(wpa_s, MSG_ERROR,
4172 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4173 density);
4174 return -EINVAL;
4175 }
4176
4177 htcaps_mask->a_mpdu_params |= 0x1C;
4178 htcaps->a_mpdu_params &= ~(0x1C);
4179 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4180
4181 return 0;
4182 }
4183
4184
4185 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4186 struct ieee80211_ht_capabilities *htcaps,
4187 struct ieee80211_ht_capabilities *htcaps_mask,
4188 int disabled)
4189 {
4190 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4191
4192 set_disable_ht40(htcaps, disabled);
4193 set_disable_ht40(htcaps_mask, 0);
4194
4195 return 0;
4196 }
4197
4198
4199 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4200 struct ieee80211_ht_capabilities *htcaps,
4201 struct ieee80211_ht_capabilities *htcaps_mask,
4202 int disabled)
4203 {
4204 /* Masking these out disables SGI */
4205 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4206 HT_CAP_INFO_SHORT_GI40MHZ);
4207
4208 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4209
4210 if (disabled)
4211 htcaps->ht_capabilities_info &= ~msk;
4212 else
4213 htcaps->ht_capabilities_info |= msk;
4214
4215 htcaps_mask->ht_capabilities_info |= msk;
4216
4217 return 0;
4218 }
4219
4220
4221 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4222 struct ieee80211_ht_capabilities *htcaps,
4223 struct ieee80211_ht_capabilities *htcaps_mask,
4224 int disabled)
4225 {
4226 /* Masking these out disables LDPC */
4227 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
4228
4229 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
4230
4231 if (disabled)
4232 htcaps->ht_capabilities_info &= ~msk;
4233 else
4234 htcaps->ht_capabilities_info |= msk;
4235
4236 htcaps_mask->ht_capabilities_info |= msk;
4237
4238 return 0;
4239 }
4240
4241
4242 void wpa_supplicant_apply_ht_overrides(
4243 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4244 struct wpa_driver_associate_params *params)
4245 {
4246 struct ieee80211_ht_capabilities *htcaps;
4247 struct ieee80211_ht_capabilities *htcaps_mask;
4248
4249 if (!ssid)
4250 return;
4251
4252 params->disable_ht = ssid->disable_ht;
4253 if (!params->htcaps || !params->htcaps_mask)
4254 return;
4255
4256 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4257 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4258 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4259 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4260 ssid->disable_max_amsdu);
4261 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4262 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4263 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
4264 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
4265 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
4266
4267 if (ssid->ht40_intolerant) {
4268 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
4269 htcaps->ht_capabilities_info |= bit;
4270 htcaps_mask->ht_capabilities_info |= bit;
4271 }
4272 }
4273
4274 #endif /* CONFIG_HT_OVERRIDES */
4275
4276
4277 #ifdef CONFIG_VHT_OVERRIDES
4278 void wpa_supplicant_apply_vht_overrides(
4279 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4280 struct wpa_driver_associate_params *params)
4281 {
4282 struct ieee80211_vht_capabilities *vhtcaps;
4283 struct ieee80211_vht_capabilities *vhtcaps_mask;
4284
4285 if (!ssid)
4286 return;
4287
4288 params->disable_vht = ssid->disable_vht;
4289
4290 vhtcaps = (void *) params->vhtcaps;
4291 vhtcaps_mask = (void *) params->vhtcaps_mask;
4292
4293 if (!vhtcaps || !vhtcaps_mask)
4294 return;
4295
4296 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4297 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
4298
4299 #ifdef CONFIG_HT_OVERRIDES
4300 /* if max ampdu is <= 3, we have to make the HT cap the same */
4301 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4302 int max_ampdu;
4303
4304 max_ampdu = (ssid->vht_capa &
4305 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4306 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4307
4308 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4309 wpa_set_ampdu_factor(wpa_s,
4310 (void *) params->htcaps,
4311 (void *) params->htcaps_mask,
4312 max_ampdu);
4313 }
4314 #endif /* CONFIG_HT_OVERRIDES */
4315
4316 #define OVERRIDE_MCS(i) \
4317 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4318 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4319 host_to_le16(3 << 2 * (i - 1)); \
4320 vhtcaps->vht_supported_mcs_set.tx_map |= \
4321 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4322 2 * (i - 1)); \
4323 } \
4324 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4325 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4326 host_to_le16(3 << 2 * (i - 1)); \
4327 vhtcaps->vht_supported_mcs_set.rx_map |= \
4328 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4329 2 * (i - 1)); \
4330 }
4331
4332 OVERRIDE_MCS(1);
4333 OVERRIDE_MCS(2);
4334 OVERRIDE_MCS(3);
4335 OVERRIDE_MCS(4);
4336 OVERRIDE_MCS(5);
4337 OVERRIDE_MCS(6);
4338 OVERRIDE_MCS(7);
4339 OVERRIDE_MCS(8);
4340 }
4341 #endif /* CONFIG_VHT_OVERRIDES */
4342
4343
4344 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4345 {
4346 #ifdef PCSC_FUNCS
4347 size_t len;
4348
4349 if (!wpa_s->conf->pcsc_reader)
4350 return 0;
4351
4352 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
4353 if (!wpa_s->scard)
4354 return 1;
4355
4356 if (wpa_s->conf->pcsc_pin &&
4357 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4358 scard_deinit(wpa_s->scard);
4359 wpa_s->scard = NULL;
4360 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4361 return -1;
4362 }
4363
4364 len = sizeof(wpa_s->imsi) - 1;
4365 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4366 scard_deinit(wpa_s->scard);
4367 wpa_s->scard = NULL;
4368 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4369 return -1;
4370 }
4371 wpa_s->imsi[len] = '\0';
4372
4373 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4374
4375 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4376 wpa_s->imsi, wpa_s->mnc_len);
4377
4378 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4379 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4380 #endif /* PCSC_FUNCS */
4381
4382 return 0;
4383 }
4384
4385
4386 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4387 {
4388 char *val, *pos;
4389
4390 ext_password_deinit(wpa_s->ext_pw);
4391 wpa_s->ext_pw = NULL;
4392 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4393
4394 if (!wpa_s->conf->ext_password_backend)
4395 return 0;
4396
4397 val = os_strdup(wpa_s->conf->ext_password_backend);
4398 if (val == NULL)
4399 return -1;
4400 pos = os_strchr(val, ':');
4401 if (pos)
4402 *pos++ = '\0';
4403
4404 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4405
4406 wpa_s->ext_pw = ext_password_init(val, pos);
4407 os_free(val);
4408 if (wpa_s->ext_pw == NULL) {
4409 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4410 return -1;
4411 }
4412 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4413
4414 return 0;
4415 }
4416
4417
4418 #ifdef CONFIG_FST
4419
4420 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4421 {
4422 struct wpa_supplicant *wpa_s = ctx;
4423
4424 return (is_zero_ether_addr(wpa_s->bssid) ||
4425 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4426 }
4427
4428
4429 static void wpas_fst_get_channel_info_cb(void *ctx,
4430 enum hostapd_hw_mode *hw_mode,
4431 u8 *channel)
4432 {
4433 struct wpa_supplicant *wpa_s = ctx;
4434
4435 if (wpa_s->current_bss) {
4436 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4437 channel);
4438 } else if (wpa_s->hw.num_modes) {
4439 *hw_mode = wpa_s->hw.modes[0].mode;
4440 } else {
4441 WPA_ASSERT(0);
4442 *hw_mode = 0;
4443 }
4444 }
4445
4446
4447 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4448 {
4449 struct wpa_supplicant *wpa_s = ctx;
4450
4451 *modes = wpa_s->hw.modes;
4452 return wpa_s->hw.num_modes;
4453 }
4454
4455
4456 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
4457 {
4458 struct wpa_supplicant *wpa_s = ctx;
4459
4460 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
4461 wpa_s->fst_ies = fst_ies;
4462 }
4463
4464
4465 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4466 {
4467 struct wpa_supplicant *wpa_s = ctx;
4468
4469 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4470 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4471 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4472 return -1;
4473 }
4474 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
4475 wpa_s->own_addr, wpa_s->bssid,
4476 wpabuf_head(data), wpabuf_len(data),
4477 0);
4478 }
4479
4480
4481 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4482 {
4483 struct wpa_supplicant *wpa_s = ctx;
4484
4485 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4486 return wpa_s->received_mb_ies;
4487 }
4488
4489
4490 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4491 const u8 *buf, size_t size)
4492 {
4493 struct wpa_supplicant *wpa_s = ctx;
4494 struct mb_ies_info info;
4495
4496 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4497
4498 if (!mb_ies_info_by_ies(&info, buf, size)) {
4499 wpabuf_free(wpa_s->received_mb_ies);
4500 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4501 }
4502 }
4503
4504
4505 static const u8 * wpas_fst_get_peer_first(void *ctx,
4506 struct fst_get_peer_ctx **get_ctx,
4507 Boolean mb_only)
4508 {
4509 struct wpa_supplicant *wpa_s = ctx;
4510
4511 *get_ctx = NULL;
4512 if (!is_zero_ether_addr(wpa_s->bssid))
4513 return (wpa_s->received_mb_ies || !mb_only) ?
4514 wpa_s->bssid : NULL;
4515 return NULL;
4516 }
4517
4518
4519 static const u8 * wpas_fst_get_peer_next(void *ctx,
4520 struct fst_get_peer_ctx **get_ctx,
4521 Boolean mb_only)
4522 {
4523 return NULL;
4524 }
4525
4526 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4527 struct fst_wpa_obj *iface_obj)
4528 {
4529 iface_obj->ctx = wpa_s;
4530 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4531 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4532 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4533 iface_obj->set_ies = wpas_fst_set_ies_cb;
4534 iface_obj->send_action = wpas_fst_send_action_cb;
4535 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4536 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4537 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4538 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4539 }
4540 #endif /* CONFIG_FST */
4541
4542 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4543 const struct wpa_driver_capa *capa)
4544 {
4545 struct wowlan_triggers *triggers;
4546 int ret = 0;
4547
4548 if (!wpa_s->conf->wowlan_triggers)
4549 return 0;
4550
4551 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4552 if (triggers) {
4553 ret = wpa_drv_wowlan(wpa_s, triggers);
4554 os_free(triggers);
4555 }
4556 return ret;
4557 }
4558
4559
4560 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4561 {
4562 if (freq < 3000)
4563 return BAND_2_4_GHZ;
4564 if (freq > 50000)
4565 return BAND_60_GHZ;
4566 return BAND_5_GHZ;
4567 }
4568
4569
4570 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4571 {
4572 int i;
4573 unsigned int band = 0;
4574
4575 if (freqs) {
4576 /* freqs are specified for the radio work */
4577 for (i = 0; freqs[i]; i++)
4578 band |= wpas_freq_to_band(freqs[i]);
4579 } else {
4580 /*
4581 * freqs are not specified, implies all
4582 * the supported freqs by HW
4583 */
4584 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4585 if (wpa_s->hw.modes[i].num_channels != 0) {
4586 if (wpa_s->hw.modes[i].mode ==
4587 HOSTAPD_MODE_IEEE80211B ||
4588 wpa_s->hw.modes[i].mode ==
4589 HOSTAPD_MODE_IEEE80211G)
4590 band |= BAND_2_4_GHZ;
4591 else if (wpa_s->hw.modes[i].mode ==
4592 HOSTAPD_MODE_IEEE80211A)
4593 band |= BAND_5_GHZ;
4594 else if (wpa_s->hw.modes[i].mode ==
4595 HOSTAPD_MODE_IEEE80211AD)
4596 band |= BAND_60_GHZ;
4597 else if (wpa_s->hw.modes[i].mode ==
4598 HOSTAPD_MODE_IEEE80211ANY)
4599 band = BAND_2_4_GHZ | BAND_5_GHZ |
4600 BAND_60_GHZ;
4601 }
4602 }
4603 }
4604
4605 return band;
4606 }
4607
4608
4609 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4610 const char *rn)
4611 {
4612 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4613 struct wpa_radio *radio;
4614
4615 while (rn && iface) {
4616 radio = iface->radio;
4617 if (radio && os_strcmp(rn, radio->name) == 0) {
4618 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4619 wpa_s->ifname, rn);
4620 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4621 return radio;
4622 }
4623
4624 iface = iface->next;
4625 }
4626
4627 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4628 wpa_s->ifname, rn ? rn : "N/A");
4629 radio = os_zalloc(sizeof(*radio));
4630 if (radio == NULL)
4631 return NULL;
4632
4633 if (rn)
4634 os_strlcpy(radio->name, rn, sizeof(radio->name));
4635 dl_list_init(&radio->ifaces);
4636 dl_list_init(&radio->work);
4637 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4638
4639 return radio;
4640 }
4641
4642
4643 static void radio_work_free(struct wpa_radio_work *work)
4644 {
4645 if (work->wpa_s->scan_work == work) {
4646 /* This should not really happen. */
4647 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4648 work->type, work, work->started);
4649 work->wpa_s->scan_work = NULL;
4650 }
4651
4652 #ifdef CONFIG_P2P
4653 if (work->wpa_s->p2p_scan_work == work) {
4654 /* This should not really happen. */
4655 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4656 work->type, work, work->started);
4657 work->wpa_s->p2p_scan_work = NULL;
4658 }
4659 #endif /* CONFIG_P2P */
4660
4661 if (work->started) {
4662 work->wpa_s->radio->num_active_works--;
4663 wpa_dbg(work->wpa_s, MSG_DEBUG,
4664 "radio_work_free('%s'@%p: num_active_works --> %u",
4665 work->type, work,
4666 work->wpa_s->radio->num_active_works);
4667 }
4668
4669 dl_list_del(&work->list);
4670 os_free(work);
4671 }
4672
4673
4674 static int radio_work_is_connect(struct wpa_radio_work *work)
4675 {
4676 return os_strcmp(work->type, "sme-connect") == 0 ||
4677 os_strcmp(work->type, "connect") == 0;
4678 }
4679
4680
4681 static int radio_work_is_scan(struct wpa_radio_work *work)
4682 {
4683 return os_strcmp(work->type, "scan") == 0 ||
4684 os_strcmp(work->type, "p2p-scan") == 0;
4685 }
4686
4687
4688 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4689 {
4690 struct wpa_radio_work *active_work = NULL;
4691 struct wpa_radio_work *tmp;
4692
4693 /* Get the active work to know the type and band. */
4694 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4695 if (tmp->started) {
4696 active_work = tmp;
4697 break;
4698 }
4699 }
4700
4701 if (!active_work) {
4702 /* No active work, start one */
4703 radio->num_active_works = 0;
4704 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4705 list) {
4706 if (os_strcmp(tmp->type, "scan") == 0 &&
4707 radio->external_scan_running &&
4708 (((struct wpa_driver_scan_params *)
4709 tmp->ctx)->only_new_results ||
4710 tmp->wpa_s->clear_driver_scan_cache))
4711 continue;
4712 return tmp;
4713 }
4714 return NULL;
4715 }
4716
4717 if (radio_work_is_connect(active_work)) {
4718 /*
4719 * If the active work is either connect or sme-connect,
4720 * do not parallelize them with other radio works.
4721 */
4722 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4723 "Do not parallelize radio work with %s",
4724 active_work->type);
4725 return NULL;
4726 }
4727
4728 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4729 if (tmp->started)
4730 continue;
4731
4732 /*
4733 * If connect or sme-connect are enqueued, parallelize only
4734 * those operations ahead of them in the queue.
4735 */
4736 if (radio_work_is_connect(tmp))
4737 break;
4738
4739 /* Serialize parallel scan and p2p_scan operations on the same
4740 * interface since the driver_nl80211 mechanism for tracking
4741 * scan cookies does not yet have support for this. */
4742 if (active_work->wpa_s == tmp->wpa_s &&
4743 radio_work_is_scan(active_work) &&
4744 radio_work_is_scan(tmp)) {
4745 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4746 "Do not start work '%s' when another work '%s' is already scheduled",
4747 tmp->type, active_work->type);
4748 continue;
4749 }
4750 /*
4751 * Check that the radio works are distinct and
4752 * on different bands.
4753 */
4754 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4755 (active_work->bands != tmp->bands)) {
4756 /*
4757 * If a scan has to be scheduled through nl80211 scan
4758 * interface and if an external scan is already running,
4759 * do not schedule the scan since it is likely to get
4760 * rejected by kernel.
4761 */
4762 if (os_strcmp(tmp->type, "scan") == 0 &&
4763 radio->external_scan_running &&
4764 (((struct wpa_driver_scan_params *)
4765 tmp->ctx)->only_new_results ||
4766 tmp->wpa_s->clear_driver_scan_cache))
4767 continue;
4768
4769 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4770 "active_work:%s new_work:%s",
4771 active_work->type, tmp->type);
4772 return tmp;
4773 }
4774 }
4775
4776 /* Did not find a radio work to schedule in parallel. */
4777 return NULL;
4778 }
4779
4780
4781 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4782 {
4783 struct wpa_radio *radio = eloop_ctx;
4784 struct wpa_radio_work *work;
4785 struct os_reltime now, diff;
4786 struct wpa_supplicant *wpa_s;
4787
4788 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4789 if (work == NULL) {
4790 radio->num_active_works = 0;
4791 return;
4792 }
4793
4794 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4795 radio_list);
4796
4797 if (!(wpa_s &&
4798 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4799 if (work->started)
4800 return; /* already started and still in progress */
4801
4802 if (wpa_s && wpa_s->radio->external_scan_running) {
4803 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4804 return;
4805 }
4806 } else {
4807 work = NULL;
4808 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4809 /* get the work to schedule next */
4810 work = radio_work_get_next_work(radio);
4811 }
4812 if (!work)
4813 return;
4814 }
4815
4816 wpa_s = work->wpa_s;
4817 os_get_reltime(&now);
4818 os_reltime_sub(&now, &work->time, &diff);
4819 wpa_dbg(wpa_s, MSG_DEBUG,
4820 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4821 work->type, work, diff.sec, diff.usec);
4822 work->started = 1;
4823 work->time = now;
4824 radio->num_active_works++;
4825
4826 work->cb(work, 0);
4827
4828 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4829 radio->num_active_works < MAX_ACTIVE_WORKS)
4830 radio_work_check_next(wpa_s);
4831 }
4832
4833
4834 /*
4835 * This function removes both started and pending radio works running on
4836 * the provided interface's radio.
4837 * Prior to the removal of the radio work, its callback (cb) is called with
4838 * deinit set to be 1. Each work's callback is responsible for clearing its
4839 * internal data and restoring to a correct state.
4840 * @wpa_s: wpa_supplicant data
4841 * @type: type of works to be removed
4842 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4843 * this interface's works.
4844 */
4845 void radio_remove_works(struct wpa_supplicant *wpa_s,
4846 const char *type, int remove_all)
4847 {
4848 struct wpa_radio_work *work, *tmp;
4849 struct wpa_radio *radio = wpa_s->radio;
4850
4851 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4852 list) {
4853 if (type && os_strcmp(type, work->type) != 0)
4854 continue;
4855
4856 /* skip other ifaces' works */
4857 if (!remove_all && work->wpa_s != wpa_s)
4858 continue;
4859
4860 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4861 work->type, work, work->started ? " (started)" : "");
4862 work->cb(work, 1);
4863 radio_work_free(work);
4864 }
4865
4866 /* in case we removed the started work */
4867 radio_work_check_next(wpa_s);
4868 }
4869
4870
4871 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4872 {
4873 struct wpa_radio *radio = wpa_s->radio;
4874
4875 if (!radio)
4876 return;
4877
4878 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4879 wpa_s->ifname, radio->name);
4880 dl_list_del(&wpa_s->radio_list);
4881 radio_remove_works(wpa_s, NULL, 0);
4882 wpa_s->radio = NULL;
4883 if (!dl_list_empty(&radio->ifaces))
4884 return; /* Interfaces remain for this radio */
4885
4886 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4887 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4888 os_free(radio);
4889 }
4890
4891
4892 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4893 {
4894 struct wpa_radio *radio = wpa_s->radio;
4895
4896 if (dl_list_empty(&radio->work))
4897 return;
4898 if (wpa_s->ext_work_in_progress) {
4899 wpa_printf(MSG_DEBUG,
4900 "External radio work in progress - delay start of pending item");
4901 return;
4902 }
4903 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4904 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4905 }
4906
4907
4908 /**
4909 * radio_add_work - Add a radio work item
4910 * @wpa_s: Pointer to wpa_supplicant data
4911 * @freq: Frequency of the offchannel operation in MHz or 0
4912 * @type: Unique identifier for each type of work
4913 * @next: Force as the next work to be executed
4914 * @cb: Callback function for indicating when radio is available
4915 * @ctx: Context pointer for the work (work->ctx in cb())
4916 * Returns: 0 on success, -1 on failure
4917 *
4918 * This function is used to request time for an operation that requires
4919 * exclusive radio control. Once the radio is available, the registered callback
4920 * function will be called. radio_work_done() must be called once the exclusive
4921 * radio operation has been completed, so that the radio is freed for other
4922 * operations. The special case of deinit=1 is used to free the context data
4923 * during interface removal. That does not allow the callback function to start
4924 * the radio operation, i.e., it must free any resources allocated for the radio
4925 * work and return.
4926 *
4927 * The @freq parameter can be used to indicate a single channel on which the
4928 * offchannel operation will occur. This may allow multiple radio work
4929 * operations to be performed in parallel if they apply for the same channel.
4930 * Setting this to 0 indicates that the work item may use multiple channels or
4931 * requires exclusive control of the radio.
4932 */
4933 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4934 const char *type, int next,
4935 void (*cb)(struct wpa_radio_work *work, int deinit),
4936 void *ctx)
4937 {
4938 struct wpa_radio *radio = wpa_s->radio;
4939 struct wpa_radio_work *work;
4940 int was_empty;
4941
4942 work = os_zalloc(sizeof(*work));
4943 if (work == NULL)
4944 return -1;
4945 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4946 os_get_reltime(&work->time);
4947 work->freq = freq;
4948 work->type = type;
4949 work->wpa_s = wpa_s;
4950 work->cb = cb;
4951 work->ctx = ctx;
4952
4953 if (freq)
4954 work->bands = wpas_freq_to_band(freq);
4955 else if (os_strcmp(type, "scan") == 0 ||
4956 os_strcmp(type, "p2p-scan") == 0)
4957 work->bands = wpas_get_bands(wpa_s,
4958 ((struct wpa_driver_scan_params *)
4959 ctx)->freqs);
4960 else
4961 work->bands = wpas_get_bands(wpa_s, NULL);
4962
4963 was_empty = dl_list_empty(&wpa_s->radio->work);
4964 if (next)
4965 dl_list_add(&wpa_s->radio->work, &work->list);
4966 else
4967 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4968 if (was_empty) {
4969 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4970 radio_work_check_next(wpa_s);
4971 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4972 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4973 wpa_dbg(wpa_s, MSG_DEBUG,
4974 "Try to schedule a radio work (num_active_works=%u)",
4975 radio->num_active_works);
4976 radio_work_check_next(wpa_s);
4977 }
4978
4979 return 0;
4980 }
4981
4982
4983 /**
4984 * radio_work_done - Indicate that a radio work item has been completed
4985 * @work: Completed work
4986 *
4987 * This function is called once the callback function registered with
4988 * radio_add_work() has completed its work.
4989 */
4990 void radio_work_done(struct wpa_radio_work *work)
4991 {
4992 struct wpa_supplicant *wpa_s = work->wpa_s;
4993 struct os_reltime now, diff;
4994 unsigned int started = work->started;
4995
4996 os_get_reltime(&now);
4997 os_reltime_sub(&now, &work->time, &diff);
4998 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4999 work->type, work, started ? "done" : "canceled",
5000 diff.sec, diff.usec);
5001 radio_work_free(work);
5002 if (started)
5003 radio_work_check_next(wpa_s);
5004 }
5005
5006
5007 struct wpa_radio_work *
5008 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
5009 {
5010 struct wpa_radio_work *work;
5011 struct wpa_radio *radio = wpa_s->radio;
5012
5013 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5014 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
5015 return work;
5016 }
5017
5018 return NULL;
5019 }
5020
5021
5022 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
5023 struct wpa_interface *iface)
5024 {
5025 const char *ifname, *driver, *rn;
5026
5027 driver = iface->driver;
5028 next_driver:
5029 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5030 return -1;
5031
5032 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5033 if (wpa_s->drv_priv == NULL) {
5034 const char *pos;
5035 pos = driver ? os_strchr(driver, ',') : NULL;
5036 if (pos) {
5037 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5038 "driver interface - try next driver wrapper");
5039 driver = pos + 1;
5040 goto next_driver;
5041 }
5042 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5043 "interface");
5044 return -1;
5045 }
5046 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5047 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5048 "driver_param '%s'", wpa_s->conf->driver_param);
5049 return -1;
5050 }
5051
5052 ifname = wpa_drv_get_ifname(wpa_s);
5053 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5054 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5055 "interface name with '%s'", ifname);
5056 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5057 }
5058
5059 rn = wpa_driver_get_radio_name(wpa_s);
5060 if (rn && rn[0] == '\0')
5061 rn = NULL;
5062
5063 wpa_s->radio = radio_add_interface(wpa_s, rn);
5064 if (wpa_s->radio == NULL)
5065 return -1;
5066
5067 return 0;
5068 }
5069
5070
5071 #ifdef CONFIG_GAS_SERVER
5072
5073 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5074 unsigned int freq, const u8 *dst,
5075 const u8 *src, const u8 *bssid,
5076 const u8 *data, size_t data_len,
5077 enum offchannel_send_action_result result)
5078 {
5079 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5080 " result=%s",
5081 freq, MAC2STR(dst),
5082 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5083 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5084 "FAILED"));
5085 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5086 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5087 }
5088
5089
5090 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5091 struct wpabuf *buf, unsigned int wait_time)
5092 {
5093 struct wpa_supplicant *wpa_s = ctx;
5094 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5095
5096 if (wait_time > wpa_s->max_remain_on_chan)
5097 wait_time = wpa_s->max_remain_on_chan;
5098
5099 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5100 wpabuf_head(buf), wpabuf_len(buf),
5101 wait_time, wpas_gas_server_tx_status, 0);
5102 }
5103
5104 #endif /* CONFIG_GAS_SERVER */
5105
5106 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
5107 struct wpa_interface *iface)
5108 {
5109 struct wpa_driver_capa capa;
5110 int capa_res;
5111 u8 dfs_domain;
5112
5113 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5114 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5115 iface->confname ? iface->confname : "N/A",
5116 iface->driver ? iface->driver : "default",
5117 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5118 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5119
5120 if (iface->confname) {
5121 #ifdef CONFIG_BACKEND_FILE
5122 wpa_s->confname = os_rel2abs_path(iface->confname);
5123 if (wpa_s->confname == NULL) {
5124 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5125 "for configuration file '%s'.",
5126 iface->confname);
5127 return -1;
5128 }
5129 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5130 iface->confname, wpa_s->confname);
5131 #else /* CONFIG_BACKEND_FILE */
5132 wpa_s->confname = os_strdup(iface->confname);
5133 #endif /* CONFIG_BACKEND_FILE */
5134 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
5135 if (wpa_s->conf == NULL) {
5136 wpa_printf(MSG_ERROR, "Failed to read or parse "
5137 "configuration '%s'.", wpa_s->confname);
5138 return -1;
5139 }
5140 wpa_s->confanother = os_rel2abs_path(iface->confanother);
5141 wpa_config_read(wpa_s->confanother, wpa_s->conf);
5142
5143 /*
5144 * Override ctrl_interface and driver_param if set on command
5145 * line.
5146 */
5147 if (iface->ctrl_interface) {
5148 os_free(wpa_s->conf->ctrl_interface);
5149 wpa_s->conf->ctrl_interface =
5150 os_strdup(iface->ctrl_interface);
5151 }
5152
5153 if (iface->driver_param) {
5154 os_free(wpa_s->conf->driver_param);
5155 wpa_s->conf->driver_param =
5156 os_strdup(iface->driver_param);
5157 }
5158
5159 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5160 os_free(wpa_s->conf->ctrl_interface);
5161 wpa_s->conf->ctrl_interface = NULL;
5162 }
5163 } else
5164 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5165 iface->driver_param);
5166
5167 if (wpa_s->conf == NULL) {
5168 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5169 return -1;
5170 }
5171
5172 if (iface->ifname == NULL) {
5173 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5174 return -1;
5175 }
5176 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5177 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5178 iface->ifname);
5179 return -1;
5180 }
5181 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5182
5183 if (iface->bridge_ifname) {
5184 if (os_strlen(iface->bridge_ifname) >=
5185 sizeof(wpa_s->bridge_ifname)) {
5186 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5187 "name '%s'.", iface->bridge_ifname);
5188 return -1;
5189 }
5190 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5191 sizeof(wpa_s->bridge_ifname));
5192 }
5193
5194 /* RSNA Supplicant Key Management - INITIALIZE */
5195 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5196 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5197
5198 /* Initialize driver interface and register driver event handler before
5199 * L2 receive handler so that association events are processed before
5200 * EAPOL-Key packets if both become available for the same select()
5201 * call. */
5202 if (wpas_init_driver(wpa_s, iface) < 0)
5203 return -1;
5204
5205 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5206 return -1;
5207
5208 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5209 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5210 NULL);
5211 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5212
5213 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5214 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5215 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
5216 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5217 "dot11RSNAConfigPMKLifetime");
5218 return -1;
5219 }
5220
5221 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5222 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5223 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
5224 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5225 "dot11RSNAConfigPMKReauthThreshold");
5226 return -1;
5227 }
5228
5229 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5230 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5231 wpa_s->conf->dot11RSNAConfigSATimeout)) {
5232 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5233 "dot11RSNAConfigSATimeout");
5234 return -1;
5235 }
5236
5237 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5238 &wpa_s->hw.num_modes,
5239 &wpa_s->hw.flags,
5240 &dfs_domain);
5241 if (wpa_s->hw.modes) {
5242 u16 i;
5243
5244 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5245 if (wpa_s->hw.modes[i].vht_capab) {
5246 wpa_s->hw_capab = CAPAB_VHT;
5247 break;
5248 }
5249
5250 if (wpa_s->hw.modes[i].ht_capab &
5251 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5252 wpa_s->hw_capab = CAPAB_HT40;
5253 else if (wpa_s->hw.modes[i].ht_capab &&
5254 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5255 wpa_s->hw_capab = CAPAB_HT;
5256 }
5257 }
5258
5259 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5260 if (capa_res == 0) {
5261 wpa_s->drv_capa_known = 1;
5262 wpa_s->drv_flags = capa.flags;
5263 wpa_s->drv_enc = capa.enc;
5264 wpa_s->drv_smps_modes = capa.smps_modes;
5265 wpa_s->drv_rrm_flags = capa.rrm_flags;
5266 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
5267 wpa_s->max_scan_ssids = capa.max_scan_ssids;
5268 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
5269 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5270 wpa_s->max_sched_scan_plan_interval =
5271 capa.max_sched_scan_plan_interval;
5272 wpa_s->max_sched_scan_plan_iterations =
5273 capa.max_sched_scan_plan_iterations;
5274 wpa_s->sched_scan_supported = capa.sched_scan_supported;
5275 wpa_s->max_match_sets = capa.max_match_sets;
5276 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
5277 wpa_s->max_stations = capa.max_stations;
5278 wpa_s->extended_capa = capa.extended_capa;
5279 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5280 wpa_s->extended_capa_len = capa.extended_capa_len;
5281 wpa_s->num_multichan_concurrent =
5282 capa.num_multichan_concurrent;
5283 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
5284
5285 if (capa.mac_addr_rand_scan_supported)
5286 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5287 if (wpa_s->sched_scan_supported &&
5288 capa.mac_addr_rand_sched_scan_supported)
5289 wpa_s->mac_addr_rand_supported |=
5290 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
5291 }
5292 if (wpa_s->max_remain_on_chan == 0)
5293 wpa_s->max_remain_on_chan = 1000;
5294
5295 /*
5296 * Only take p2p_mgmt parameters when P2P Device is supported.
5297 * Doing it here as it determines whether l2_packet_init() will be done
5298 * during wpa_supplicant_driver_init().
5299 */
5300 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5301 wpa_s->p2p_mgmt = iface->p2p_mgmt;
5302 else
5303 iface->p2p_mgmt = 1;
5304
5305 if (wpa_s->num_multichan_concurrent == 0)
5306 wpa_s->num_multichan_concurrent = 1;
5307
5308 if (wpa_supplicant_driver_init(wpa_s) < 0)
5309 return -1;
5310
5311 #ifdef CONFIG_TDLS
5312 if ((!iface->p2p_mgmt ||
5313 !(wpa_s->drv_flags &
5314 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
5315 wpa_tdls_init(wpa_s->wpa))
5316 return -1;
5317 #endif /* CONFIG_TDLS */
5318
5319 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5320 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
5321 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
5322 return -1;
5323 }
5324
5325 #ifdef CONFIG_FST
5326 if (wpa_s->conf->fst_group_id) {
5327 struct fst_iface_cfg cfg;
5328 struct fst_wpa_obj iface_obj;
5329
5330 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5331 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5332 sizeof(cfg.group_id));
5333 cfg.priority = wpa_s->conf->fst_priority;
5334 cfg.llt = wpa_s->conf->fst_llt;
5335
5336 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5337 &iface_obj, &cfg);
5338 if (!wpa_s->fst) {
5339 wpa_msg(wpa_s, MSG_ERROR,
5340 "FST: Cannot attach iface %s to group %s",
5341 wpa_s->ifname, cfg.group_id);
5342 return -1;
5343 }
5344 }
5345 #endif /* CONFIG_FST */
5346
5347 if (wpas_wps_init(wpa_s))
5348 return -1;
5349
5350 #ifdef CONFIG_GAS_SERVER
5351 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5352 if (!wpa_s->gas_server) {
5353 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5354 return -1;
5355 }
5356 #endif /* CONFIG_GAS_SERVER */
5357
5358 #ifdef CONFIG_DPP
5359 if (wpas_dpp_init(wpa_s) < 0)
5360 return -1;
5361 #endif /* CONFIG_DPP */
5362
5363 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5364 return -1;
5365 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5366
5367 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5368 if (wpa_s->ctrl_iface == NULL) {
5369 wpa_printf(MSG_ERROR,
5370 "Failed to initialize control interface '%s'.\n"
5371 "You may have another wpa_supplicant process "
5372 "already running or the file was\n"
5373 "left by an unclean termination of wpa_supplicant "
5374 "in which case you will need\n"
5375 "to manually remove this file before starting "
5376 "wpa_supplicant again.\n",
5377 wpa_s->conf->ctrl_interface);
5378 return -1;
5379 }
5380
5381 wpa_s->gas = gas_query_init(wpa_s);
5382 if (wpa_s->gas == NULL) {
5383 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5384 return -1;
5385 }
5386
5387 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
5388 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
5389 return -1;
5390 }
5391
5392 if (wpa_bss_init(wpa_s) < 0)
5393 return -1;
5394
5395 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5396 #ifdef CONFIG_MESH
5397 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5398 #endif /* CONFIG_MESH */
5399 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5400
5401 /*
5402 * Set Wake-on-WLAN triggers, if configured.
5403 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5404 * have effect anyway when the interface is down).
5405 */
5406 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
5407 return -1;
5408
5409 #ifdef CONFIG_EAP_PROXY
5410 {
5411 size_t len;
5412 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5413 wpa_s->imsi, &len);
5414 if (wpa_s->mnc_len > 0) {
5415 wpa_s->imsi[len] = '\0';
5416 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5417 wpa_s->imsi, wpa_s->mnc_len);
5418 } else {
5419 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5420 }
5421 }
5422 #endif /* CONFIG_EAP_PROXY */
5423
5424 if (pcsc_reader_init(wpa_s) < 0)
5425 return -1;
5426
5427 if (wpas_init_ext_pw(wpa_s) < 0)
5428 return -1;
5429
5430 wpas_rrm_reset(wpa_s);
5431
5432 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5433
5434 #ifdef CONFIG_HS20
5435 hs20_init(wpa_s);
5436 #endif /* CONFIG_HS20 */
5437 #ifdef CONFIG_MBO
5438 if (wpa_s->conf->oce) {
5439 if ((wpa_s->conf->oce & OCE_STA) &&
5440 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5441 wpa_s->enable_oce = OCE_STA;
5442 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5443 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5444 /* TODO: Need to add STA-CFON support */
5445 wpa_printf(MSG_ERROR,
5446 "OCE STA-CFON feature is not yet supported");
5447 }
5448 }
5449 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5450 #endif /* CONFIG_MBO */
5451
5452 wpa_supplicant_set_default_scan_ies(wpa_s);
5453
5454 return 0;
5455 }
5456
5457
5458 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
5459 int notify, int terminate)
5460 {
5461 struct wpa_global *global = wpa_s->global;
5462 struct wpa_supplicant *iface, *prev;
5463
5464 if (wpa_s == wpa_s->parent)
5465 wpas_p2p_group_remove(wpa_s, "*");
5466
5467 iface = global->ifaces;
5468 while (iface) {
5469 if (iface->p2pdev == wpa_s)
5470 iface->p2pdev = iface->parent;
5471 if (iface == wpa_s || iface->parent != wpa_s) {
5472 iface = iface->next;
5473 continue;
5474 }
5475 wpa_printf(MSG_DEBUG,
5476 "Remove remaining child interface %s from parent %s",
5477 iface->ifname, wpa_s->ifname);
5478 prev = iface;
5479 iface = iface->next;
5480 wpa_supplicant_remove_iface(global, prev, terminate);
5481 }
5482
5483 wpa_s->disconnected = 1;
5484 if (wpa_s->drv_priv) {
5485 wpa_supplicant_deauthenticate(wpa_s,
5486 WLAN_REASON_DEAUTH_LEAVING);
5487
5488 wpa_drv_set_countermeasures(wpa_s, 0);
5489 wpa_clear_keys(wpa_s, NULL);
5490 }
5491
5492 wpa_supplicant_cleanup(wpa_s);
5493 wpas_p2p_deinit_iface(wpa_s);
5494
5495 wpas_ctrl_radio_work_flush(wpa_s);
5496 radio_remove_interface(wpa_s);
5497
5498 #ifdef CONFIG_FST
5499 if (wpa_s->fst) {
5500 fst_detach(wpa_s->fst);
5501 wpa_s->fst = NULL;
5502 }
5503 if (wpa_s->received_mb_ies) {
5504 wpabuf_free(wpa_s->received_mb_ies);
5505 wpa_s->received_mb_ies = NULL;
5506 }
5507 #endif /* CONFIG_FST */
5508
5509 if (wpa_s->drv_priv)
5510 wpa_drv_deinit(wpa_s);
5511
5512 if (notify)
5513 wpas_notify_iface_removed(wpa_s);
5514
5515 if (terminate)
5516 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5517
5518 if (wpa_s->ctrl_iface) {
5519 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5520 wpa_s->ctrl_iface = NULL;
5521 }
5522
5523 #ifdef CONFIG_MESH
5524 if (wpa_s->ifmsh) {
5525 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5526 wpa_s->ifmsh = NULL;
5527 }
5528 #endif /* CONFIG_MESH */
5529
5530 if (wpa_s->conf != NULL) {
5531 wpa_config_free(wpa_s->conf);
5532 wpa_s->conf = NULL;
5533 }
5534
5535 os_free(wpa_s->ssids_from_scan_req);
5536
5537 os_free(wpa_s);
5538 }
5539
5540
5541 #ifdef CONFIG_MATCH_IFACE
5542
5543 /**
5544 * wpa_supplicant_match_iface - Match an interface description to a name
5545 * @global: Pointer to global data from wpa_supplicant_init()
5546 * @ifname: Name of the interface to match
5547 * Returns: Pointer to the created interface description or %NULL on failure
5548 */
5549 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5550 const char *ifname)
5551 {
5552 int i;
5553 struct wpa_interface *iface, *miface;
5554
5555 for (i = 0; i < global->params.match_iface_count; i++) {
5556 miface = &global->params.match_ifaces[i];
5557 if (!miface->ifname ||
5558 fnmatch(miface->ifname, ifname, 0) == 0) {
5559 iface = os_zalloc(sizeof(*iface));
5560 if (!iface)
5561 return NULL;
5562 *iface = *miface;
5563 iface->ifname = ifname;
5564 return iface;
5565 }
5566 }
5567
5568 return NULL;
5569 }
5570
5571
5572 /**
5573 * wpa_supplicant_match_existing - Match existing interfaces
5574 * @global: Pointer to global data from wpa_supplicant_init()
5575 * Returns: 0 on success, -1 on failure
5576 */
5577 static int wpa_supplicant_match_existing(struct wpa_global *global)
5578 {
5579 struct if_nameindex *ifi, *ifp;
5580 struct wpa_supplicant *wpa_s;
5581 struct wpa_interface *iface;
5582
5583 ifp = if_nameindex();
5584 if (!ifp) {
5585 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5586 return -1;
5587 }
5588
5589 for (ifi = ifp; ifi->if_name; ifi++) {
5590 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5591 if (wpa_s)
5592 continue;
5593 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5594 if (iface) {
5595 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5596 os_free(iface);
5597 if (wpa_s)
5598 wpa_s->matched = 1;
5599 }
5600 }
5601
5602 if_freenameindex(ifp);
5603 return 0;
5604 }
5605
5606 #endif /* CONFIG_MATCH_IFACE */
5607
5608
5609 /**
5610 * wpa_supplicant_add_iface - Add a new network interface
5611 * @global: Pointer to global data from wpa_supplicant_init()
5612 * @iface: Interface configuration options
5613 * @parent: Parent interface or %NULL to assign new interface as parent
5614 * Returns: Pointer to the created interface or %NULL on failure
5615 *
5616 * This function is used to add new network interfaces for %wpa_supplicant.
5617 * This can be called before wpa_supplicant_run() to add interfaces before the
5618 * main event loop has been started. In addition, new interfaces can be added
5619 * dynamically while %wpa_supplicant is already running. This could happen,
5620 * e.g., when a hotplug network adapter is inserted.
5621 */
5622 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5623 struct wpa_interface *iface,
5624 struct wpa_supplicant *parent)
5625 {
5626 struct wpa_supplicant *wpa_s;
5627 struct wpa_interface t_iface;
5628 struct wpa_ssid *ssid;
5629
5630 if (global == NULL || iface == NULL)
5631 return NULL;
5632
5633 wpa_s = wpa_supplicant_alloc(parent);
5634 if (wpa_s == NULL)
5635 return NULL;
5636
5637 wpa_s->global = global;
5638
5639 t_iface = *iface;
5640 if (global->params.override_driver) {
5641 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5642 "('%s' -> '%s')",
5643 iface->driver, global->params.override_driver);
5644 t_iface.driver = global->params.override_driver;
5645 }
5646 if (global->params.override_ctrl_interface) {
5647 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5648 "ctrl_interface ('%s' -> '%s')",
5649 iface->ctrl_interface,
5650 global->params.override_ctrl_interface);
5651 t_iface.ctrl_interface =
5652 global->params.override_ctrl_interface;
5653 }
5654 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5655 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5656 iface->ifname);
5657 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5658 return NULL;
5659 }
5660
5661 if (iface->p2p_mgmt == 0) {
5662 /* Notify the control interfaces about new iface */
5663 if (wpas_notify_iface_added(wpa_s)) {
5664 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5665 return NULL;
5666 }
5667
5668 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5669 wpas_notify_network_added(wpa_s, ssid);
5670 }
5671
5672 wpa_s->next = global->ifaces;
5673 global->ifaces = wpa_s;
5674
5675 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5676 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5677
5678 #ifdef CONFIG_P2P
5679 if (wpa_s->global->p2p == NULL &&
5680 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5681 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5682 wpas_p2p_add_p2pdev_interface(
5683 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5684 wpa_printf(MSG_INFO,
5685 "P2P: Failed to enable P2P Device interface");
5686 /* Try to continue without. P2P will be disabled. */
5687 }
5688 #endif /* CONFIG_P2P */
5689
5690 return wpa_s;
5691 }
5692
5693
5694 /**
5695 * wpa_supplicant_remove_iface - Remove a network interface
5696 * @global: Pointer to global data from wpa_supplicant_init()
5697 * @wpa_s: Pointer to the network interface to be removed
5698 * Returns: 0 if interface was removed, -1 if interface was not found
5699 *
5700 * This function can be used to dynamically remove network interfaces from
5701 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5702 * addition, this function is used to remove all remaining interfaces when
5703 * %wpa_supplicant is terminated.
5704 */
5705 int wpa_supplicant_remove_iface(struct wpa_global *global,
5706 struct wpa_supplicant *wpa_s,
5707 int terminate)
5708 {
5709 struct wpa_supplicant *prev;
5710 #ifdef CONFIG_MESH
5711 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5712 char *ifname = NULL;
5713 struct wpa_supplicant *parent = wpa_s->parent;
5714 #endif /* CONFIG_MESH */
5715
5716 /* Remove interface from the global list of interfaces */
5717 prev = global->ifaces;
5718 if (prev == wpa_s) {
5719 global->ifaces = wpa_s->next;
5720 } else {
5721 while (prev && prev->next != wpa_s)
5722 prev = prev->next;
5723 if (prev == NULL)
5724 return -1;
5725 prev->next = wpa_s->next;
5726 }
5727
5728 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5729
5730 #ifdef CONFIG_MESH
5731 if (mesh_if_created) {
5732 ifname = os_strdup(wpa_s->ifname);
5733 if (ifname == NULL) {
5734 wpa_dbg(wpa_s, MSG_ERROR,
5735 "mesh: Failed to malloc ifname");
5736 return -1;
5737 }
5738 }
5739 #endif /* CONFIG_MESH */
5740
5741 if (global->p2p_group_formation == wpa_s)
5742 global->p2p_group_formation = NULL;
5743 if (global->p2p_invite_group == wpa_s)
5744 global->p2p_invite_group = NULL;
5745 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5746
5747 #ifdef CONFIG_MESH
5748 if (mesh_if_created) {
5749 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5750 os_free(ifname);
5751 }
5752 #endif /* CONFIG_MESH */
5753
5754 return 0;
5755 }
5756
5757
5758 /**
5759 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5760 * @wpa_s: Pointer to the network interface
5761 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5762 */
5763 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5764 {
5765 const char *eapol_method;
5766
5767 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5768 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5769 return "NO-EAP";
5770 }
5771
5772 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5773 if (eapol_method == NULL)
5774 return "UNKNOWN-EAP";
5775
5776 return eapol_method;
5777 }
5778
5779
5780 /**
5781 * wpa_supplicant_get_iface - Get a new network interface
5782 * @global: Pointer to global data from wpa_supplicant_init()
5783 * @ifname: Interface name
5784 * Returns: Pointer to the interface or %NULL if not found
5785 */
5786 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5787 const char *ifname)
5788 {
5789 struct wpa_supplicant *wpa_s;
5790
5791 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5792 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5793 return wpa_s;
5794 }
5795 return NULL;
5796 }
5797
5798
5799 #ifndef CONFIG_NO_WPA_MSG
5800 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5801 {
5802 struct wpa_supplicant *wpa_s = ctx;
5803 if (wpa_s == NULL)
5804 return NULL;
5805 return wpa_s->ifname;
5806 }
5807 #endif /* CONFIG_NO_WPA_MSG */
5808
5809
5810 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5811 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5812 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5813
5814 /* Periodic cleanup tasks */
5815 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5816 {
5817 struct wpa_global *global = eloop_ctx;
5818 struct wpa_supplicant *wpa_s;
5819
5820 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5821 wpas_periodic, global, NULL);
5822
5823 #ifdef CONFIG_P2P
5824 if (global->p2p)
5825 p2p_expire_peers(global->p2p);
5826 #endif /* CONFIG_P2P */
5827
5828 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5829 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5830 #ifdef CONFIG_AP
5831 ap_periodic(wpa_s);
5832 #endif /* CONFIG_AP */
5833 }
5834 }
5835
5836
5837 /**
5838 * wpa_supplicant_init - Initialize %wpa_supplicant
5839 * @params: Parameters for %wpa_supplicant
5840 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5841 *
5842 * This function is used to initialize %wpa_supplicant. After successful
5843 * initialization, the returned data pointer can be used to add and remove
5844 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5845 */
5846 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5847 {
5848 struct wpa_global *global;
5849 int ret, i;
5850
5851 if (params == NULL)
5852 return NULL;
5853
5854 #ifdef CONFIG_DRIVER_NDIS
5855 {
5856 void driver_ndis_init_ops(void);
5857 driver_ndis_init_ops();
5858 }
5859 #endif /* CONFIG_DRIVER_NDIS */
5860
5861 #ifndef CONFIG_NO_WPA_MSG
5862 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5863 #endif /* CONFIG_NO_WPA_MSG */
5864
5865 if (params->wpa_debug_file_path)
5866 wpa_debug_open_file(params->wpa_debug_file_path);
5867 else
5868 wpa_debug_setup_stdout();
5869 if (params->wpa_debug_syslog)
5870 wpa_debug_open_syslog();
5871 if (params->wpa_debug_tracing) {
5872 ret = wpa_debug_open_linux_tracing();
5873 if (ret) {
5874 wpa_printf(MSG_ERROR,
5875 "Failed to enable trace logging");
5876 return NULL;
5877 }
5878 }
5879
5880 ret = eap_register_methods();
5881 if (ret) {
5882 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5883 if (ret == -2)
5884 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5885 "the same EAP type.");
5886 return NULL;
5887 }
5888
5889 global = os_zalloc(sizeof(*global));
5890 if (global == NULL)
5891 return NULL;
5892 dl_list_init(&global->p2p_srv_bonjour);
5893 dl_list_init(&global->p2p_srv_upnp);
5894 global->params.daemonize = params->daemonize;
5895 global->params.wait_for_monitor = params->wait_for_monitor;
5896 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5897 if (params->pid_file)
5898 global->params.pid_file = os_strdup(params->pid_file);
5899 if (params->ctrl_interface)
5900 global->params.ctrl_interface =
5901 os_strdup(params->ctrl_interface);
5902 if (params->ctrl_interface_group)
5903 global->params.ctrl_interface_group =
5904 os_strdup(params->ctrl_interface_group);
5905 if (params->override_driver)
5906 global->params.override_driver =
5907 os_strdup(params->override_driver);
5908 if (params->override_ctrl_interface)
5909 global->params.override_ctrl_interface =
5910 os_strdup(params->override_ctrl_interface);
5911 #ifdef CONFIG_MATCH_IFACE
5912 global->params.match_iface_count = params->match_iface_count;
5913 if (params->match_iface_count) {
5914 global->params.match_ifaces =
5915 os_calloc(params->match_iface_count,
5916 sizeof(struct wpa_interface));
5917 os_memcpy(global->params.match_ifaces,
5918 params->match_ifaces,
5919 params->match_iface_count *
5920 sizeof(struct wpa_interface));
5921 }
5922 #endif /* CONFIG_MATCH_IFACE */
5923 #ifdef CONFIG_P2P
5924 if (params->conf_p2p_dev)
5925 global->params.conf_p2p_dev =
5926 os_strdup(params->conf_p2p_dev);
5927 #endif /* CONFIG_P2P */
5928 wpa_debug_level = global->params.wpa_debug_level =
5929 params->wpa_debug_level;
5930 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5931 params->wpa_debug_show_keys;
5932 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5933 params->wpa_debug_timestamp;
5934
5935 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5936
5937 if (eloop_init()) {
5938 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5939 wpa_supplicant_deinit(global);
5940 return NULL;
5941 }
5942
5943 random_init(params->entropy_file);
5944
5945 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5946 if (global->ctrl_iface == NULL) {
5947 wpa_supplicant_deinit(global);
5948 return NULL;
5949 }
5950
5951 if (wpas_notify_supplicant_initialized(global)) {
5952 wpa_supplicant_deinit(global);
5953 return NULL;
5954 }
5955
5956 for (i = 0; wpa_drivers[i]; i++)
5957 global->drv_count++;
5958 if (global->drv_count == 0) {
5959 wpa_printf(MSG_ERROR, "No drivers enabled");
5960 wpa_supplicant_deinit(global);
5961 return NULL;
5962 }
5963 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5964 if (global->drv_priv == NULL) {
5965 wpa_supplicant_deinit(global);
5966 return NULL;
5967 }
5968
5969 #ifdef CONFIG_WIFI_DISPLAY
5970 if (wifi_display_init(global) < 0) {
5971 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5972 wpa_supplicant_deinit(global);
5973 return NULL;
5974 }
5975 #endif /* CONFIG_WIFI_DISPLAY */
5976
5977 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5978 wpas_periodic, global, NULL);
5979
5980 return global;
5981 }
5982
5983
5984 /**
5985 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5986 * @global: Pointer to global data from wpa_supplicant_init()
5987 * Returns: 0 after successful event loop run, -1 on failure
5988 *
5989 * This function starts the main event loop and continues running as long as
5990 * there are any remaining events. In most cases, this function is running as
5991 * long as the %wpa_supplicant process in still in use.
5992 */
5993 int wpa_supplicant_run(struct wpa_global *global)
5994 {
5995 struct wpa_supplicant *wpa_s;
5996
5997 if (global->params.daemonize &&
5998 (wpa_supplicant_daemon(global->params.pid_file) ||
5999 eloop_sock_requeue()))
6000 return -1;
6001
6002 #ifdef CONFIG_MATCH_IFACE
6003 if (wpa_supplicant_match_existing(global))
6004 return -1;
6005 #endif
6006
6007 if (global->params.wait_for_monitor) {
6008 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
6009 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6010 wpa_supplicant_ctrl_iface_wait(
6011 wpa_s->ctrl_iface);
6012 }
6013
6014 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6015 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6016
6017 eloop_run();
6018
6019 return 0;
6020 }
6021
6022
6023 /**
6024 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6025 * @global: Pointer to global data from wpa_supplicant_init()
6026 *
6027 * This function is called to deinitialize %wpa_supplicant and to free all
6028 * allocated resources. Remaining network interfaces will also be removed.
6029 */
6030 void wpa_supplicant_deinit(struct wpa_global *global)
6031 {
6032 int i;
6033
6034 if (global == NULL)
6035 return;
6036
6037 eloop_cancel_timeout(wpas_periodic, global, NULL);
6038
6039 #ifdef CONFIG_WIFI_DISPLAY
6040 wifi_display_deinit(global);
6041 #endif /* CONFIG_WIFI_DISPLAY */
6042
6043 while (global->ifaces)
6044 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6045
6046 if (global->ctrl_iface)
6047 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
6048
6049 wpas_notify_supplicant_deinitialized(global);
6050
6051 eap_peer_unregister_methods();
6052 #ifdef CONFIG_AP
6053 eap_server_unregister_methods();
6054 #endif /* CONFIG_AP */
6055
6056 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
6057 if (!global->drv_priv[i])
6058 continue;
6059 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
6060 }
6061 os_free(global->drv_priv);
6062
6063 random_deinit();
6064
6065 eloop_destroy();
6066
6067 if (global->params.pid_file) {
6068 os_daemonize_terminate(global->params.pid_file);
6069 os_free(global->params.pid_file);
6070 }
6071 os_free(global->params.ctrl_interface);
6072 os_free(global->params.ctrl_interface_group);
6073 os_free(global->params.override_driver);
6074 os_free(global->params.override_ctrl_interface);
6075 #ifdef CONFIG_MATCH_IFACE
6076 os_free(global->params.match_ifaces);
6077 #endif /* CONFIG_MATCH_IFACE */
6078 #ifdef CONFIG_P2P
6079 os_free(global->params.conf_p2p_dev);
6080 #endif /* CONFIG_P2P */
6081
6082 os_free(global->p2p_disallow_freq.range);
6083 os_free(global->p2p_go_avoid_freq.range);
6084 os_free(global->add_psk);
6085
6086 os_free(global);
6087 wpa_debug_close_syslog();
6088 wpa_debug_close_file();
6089 wpa_debug_close_linux_tracing();
6090 }
6091
6092
6093 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6094 {
6095 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6096 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6097 char country[3];
6098 country[0] = wpa_s->conf->country[0];
6099 country[1] = wpa_s->conf->country[1];
6100 country[2] = '\0';
6101 if (wpa_drv_set_country(wpa_s, country) < 0) {
6102 wpa_printf(MSG_ERROR, "Failed to set country code "
6103 "'%s'", country);
6104 }
6105 }
6106
6107 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6108 wpas_init_ext_pw(wpa_s);
6109
6110 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6111 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6112
6113 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6114 struct wpa_driver_capa capa;
6115 int res = wpa_drv_get_capa(wpa_s, &capa);
6116
6117 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6118 wpa_printf(MSG_ERROR,
6119 "Failed to update wowlan_triggers to '%s'",
6120 wpa_s->conf->wowlan_triggers);
6121 }
6122
6123 #ifdef CONFIG_WPS
6124 wpas_wps_update_config(wpa_s);
6125 #endif /* CONFIG_WPS */
6126 wpas_p2p_update_config(wpa_s);
6127 wpa_s->conf->changed_parameters = 0;
6128 }
6129
6130
6131 void add_freq(int *freqs, int *num_freqs, int freq)
6132 {
6133 int i;
6134
6135 for (i = 0; i < *num_freqs; i++) {
6136 if (freqs[i] == freq)
6137 return;
6138 }
6139
6140 freqs[*num_freqs] = freq;
6141 (*num_freqs)++;
6142 }
6143
6144
6145 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6146 {
6147 struct wpa_bss *bss, *cbss;
6148 const int max_freqs = 10;
6149 int *freqs;
6150 int num_freqs = 0;
6151
6152 freqs = os_calloc(max_freqs + 1, sizeof(int));
6153 if (freqs == NULL)
6154 return NULL;
6155
6156 cbss = wpa_s->current_bss;
6157
6158 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6159 if (bss == cbss)
6160 continue;
6161 if (bss->ssid_len == cbss->ssid_len &&
6162 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6163 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6164 add_freq(freqs, &num_freqs, bss->freq);
6165 if (num_freqs == max_freqs)
6166 break;
6167 }
6168 }
6169
6170 if (num_freqs == 0) {
6171 os_free(freqs);
6172 freqs = NULL;
6173 }
6174
6175 return freqs;
6176 }
6177
6178
6179 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6180 {
6181 int timeout;
6182 int count;
6183 int *freqs = NULL;
6184
6185 wpas_connect_work_done(wpa_s);
6186
6187 /*
6188 * Remove possible authentication timeout since the connection failed.
6189 */
6190 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6191
6192 /*
6193 * There is no point in blacklisting the AP if this event is
6194 * generated based on local request to disconnect.
6195 */
6196 if (wpa_s->own_disconnect_req) {
6197 wpa_s->own_disconnect_req = 0;
6198 wpa_dbg(wpa_s, MSG_DEBUG,
6199 "Ignore connection failure due to local request to disconnect");
6200 return;
6201 }
6202 if (wpa_s->disconnected) {
6203 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6204 "indication since interface has been put into "
6205 "disconnected state");
6206 return;
6207 }
6208
6209 /*
6210 * Add the failed BSSID into the blacklist and speed up next scan
6211 * attempt if there could be other APs that could accept association.
6212 * The current blacklist count indicates how many times we have tried
6213 * connecting to this AP and multiple attempts mean that other APs are
6214 * either not available or has already been tried, so that we can start
6215 * increasing the delay here to avoid constant scanning.
6216 */
6217 count = wpa_blacklist_add(wpa_s, bssid);
6218 if (count == 1 && wpa_s->current_bss) {
6219 /*
6220 * This BSS was not in the blacklist before. If there is
6221 * another BSS available for the same ESS, we should try that
6222 * next. Otherwise, we may as well try this one once more
6223 * before allowing other, likely worse, ESSes to be considered.
6224 */
6225 freqs = get_bss_freqs_in_ess(wpa_s);
6226 if (freqs) {
6227 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6228 "has been seen; try it next");
6229 wpa_blacklist_add(wpa_s, bssid);
6230 /*
6231 * On the next scan, go through only the known channels
6232 * used in this ESS based on previous scans to speed up
6233 * common load balancing use case.
6234 */
6235 os_free(wpa_s->next_scan_freqs);
6236 wpa_s->next_scan_freqs = freqs;
6237 }
6238 }
6239
6240 /*
6241 * Add previous failure count in case the temporary blacklist was
6242 * cleared due to no other BSSes being available.
6243 */
6244 count += wpa_s->extra_blacklist_count;
6245
6246 if (count > 3 && wpa_s->current_ssid) {
6247 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6248 "consider temporary network disabling");
6249 wpas_auth_failed(wpa_s, "CONN_FAILED");
6250 }
6251
6252 switch (count) {
6253 case 1:
6254 timeout = 100;
6255 break;
6256 case 2:
6257 timeout = 500;
6258 break;
6259 case 3:
6260 timeout = 1000;
6261 break;
6262 case 4:
6263 timeout = 5000;
6264 break;
6265 default:
6266 timeout = 10000;
6267 break;
6268 }
6269
6270 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6271 "ms", count, timeout);
6272
6273 /*
6274 * TODO: if more than one possible AP is available in scan results,
6275 * could try the other ones before requesting a new scan.
6276 */
6277 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6278 1000 * (timeout % 1000));
6279 }
6280
6281
6282 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6283 {
6284 return wpa_s->conf->ap_scan == 2 ||
6285 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6286 }
6287
6288
6289 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6290 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6291 struct wpa_ssid *ssid,
6292 const char *field,
6293 const char *value)
6294 {
6295 #ifdef IEEE8021X_EAPOL
6296 struct eap_peer_config *eap = &ssid->eap;
6297
6298 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6299 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6300 (const u8 *) value, os_strlen(value));
6301
6302 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6303 case WPA_CTRL_REQ_EAP_IDENTITY:
6304 os_free(eap->identity);
6305 eap->identity = (u8 *) os_strdup(value);
6306 eap->identity_len = os_strlen(value);
6307 eap->pending_req_identity = 0;
6308 if (ssid == wpa_s->current_ssid)
6309 wpa_s->reassociate = 1;
6310 break;
6311 case WPA_CTRL_REQ_EAP_PASSWORD:
6312 bin_clear_free(eap->password, eap->password_len);
6313 eap->password = (u8 *) os_strdup(value);
6314 eap->password_len = os_strlen(value);
6315 eap->pending_req_password = 0;
6316 if (ssid == wpa_s->current_ssid)
6317 wpa_s->reassociate = 1;
6318 break;
6319 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
6320 bin_clear_free(eap->new_password, eap->new_password_len);
6321 eap->new_password = (u8 *) os_strdup(value);
6322 eap->new_password_len = os_strlen(value);
6323 eap->pending_req_new_password = 0;
6324 if (ssid == wpa_s->current_ssid)
6325 wpa_s->reassociate = 1;
6326 break;
6327 case WPA_CTRL_REQ_EAP_PIN:
6328 str_clear_free(eap->pin);
6329 eap->pin = os_strdup(value);
6330 eap->pending_req_pin = 0;
6331 if (ssid == wpa_s->current_ssid)
6332 wpa_s->reassociate = 1;
6333 break;
6334 case WPA_CTRL_REQ_EAP_OTP:
6335 bin_clear_free(eap->otp, eap->otp_len);
6336 eap->otp = (u8 *) os_strdup(value);
6337 eap->otp_len = os_strlen(value);
6338 os_free(eap->pending_req_otp);
6339 eap->pending_req_otp = NULL;
6340 eap->pending_req_otp_len = 0;
6341 break;
6342 case WPA_CTRL_REQ_EAP_PASSPHRASE:
6343 str_clear_free(eap->private_key_passwd);
6344 eap->private_key_passwd = os_strdup(value);
6345 eap->pending_req_passphrase = 0;
6346 if (ssid == wpa_s->current_ssid)
6347 wpa_s->reassociate = 1;
6348 break;
6349 case WPA_CTRL_REQ_SIM:
6350 str_clear_free(eap->external_sim_resp);
6351 eap->external_sim_resp = os_strdup(value);
6352 eap->pending_req_sim = 0;
6353 break;
6354 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6355 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6356 return -1;
6357 ssid->mem_only_psk = 1;
6358 if (ssid->passphrase)
6359 wpa_config_update_psk(ssid);
6360 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6361 wpa_supplicant_req_scan(wpa_s, 0, 0);
6362 break;
6363 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6364 if (eap->pending_ext_cert_check != PENDING_CHECK)
6365 return -1;
6366 if (os_strcmp(value, "good") == 0)
6367 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6368 else if (os_strcmp(value, "bad") == 0)
6369 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6370 else
6371 return -1;
6372 break;
6373 default:
6374 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6375 return -1;
6376 }
6377
6378 return 0;
6379 #else /* IEEE8021X_EAPOL */
6380 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6381 return -1;
6382 #endif /* IEEE8021X_EAPOL */
6383 }
6384 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6385
6386
6387 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6388 {
6389 int i;
6390 unsigned int drv_enc;
6391
6392 if (wpa_s->p2p_mgmt)
6393 return 1; /* no normal network profiles on p2p_mgmt interface */
6394
6395 if (ssid == NULL)
6396 return 1;
6397
6398 if (ssid->disabled)
6399 return 1;
6400
6401 if (wpa_s->drv_capa_known)
6402 drv_enc = wpa_s->drv_enc;
6403 else
6404 drv_enc = (unsigned int) -1;
6405
6406 for (i = 0; i < NUM_WEP_KEYS; i++) {
6407 size_t len = ssid->wep_key_len[i];
6408 if (len == 0)
6409 continue;
6410 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6411 continue;
6412 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6413 continue;
6414 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6415 continue;
6416 return 1; /* invalid WEP key */
6417 }
6418
6419 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
6420 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
6421 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
6422 !ssid->mem_only_psk)
6423 return 1;
6424
6425 return 0;
6426 }
6427
6428
6429 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6430 {
6431 #ifdef CONFIG_IEEE80211W
6432 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6433 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6434 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6435 /*
6436 * Driver does not support BIP -- ignore pmf=1 default
6437 * since the connection with PMF would fail and the
6438 * configuration does not require PMF to be enabled.
6439 */
6440 return NO_MGMT_FRAME_PROTECTION;
6441 }
6442
6443 if (ssid &&
6444 (ssid->key_mgmt &
6445 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6446 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6447 /*
6448 * Do not use the default PMF value for non-RSN networks
6449 * since PMF is available only with RSN and pmf=2
6450 * configuration would otherwise prevent connections to
6451 * all open networks.
6452 */
6453 return NO_MGMT_FRAME_PROTECTION;
6454 }
6455
6456 return wpa_s->conf->pmf;
6457 }
6458
6459 return ssid->ieee80211w;
6460 #else /* CONFIG_IEEE80211W */
6461 return NO_MGMT_FRAME_PROTECTION;
6462 #endif /* CONFIG_IEEE80211W */
6463 }
6464
6465
6466 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6467 {
6468 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6469 return 1;
6470 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6471 return 0;
6472 return -1;
6473 }
6474
6475
6476 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
6477 {
6478 struct wpa_ssid *ssid = wpa_s->current_ssid;
6479 int dur;
6480 struct os_reltime now;
6481
6482 if (ssid == NULL) {
6483 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6484 "SSID block");
6485 return;
6486 }
6487
6488 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6489 return;
6490
6491 ssid->auth_failures++;
6492
6493 #ifdef CONFIG_P2P
6494 if (ssid->p2p_group &&
6495 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6496 /*
6497 * Skip the wait time since there is a short timeout on the
6498 * connection to a P2P group.
6499 */
6500 return;
6501 }
6502 #endif /* CONFIG_P2P */
6503
6504 if (ssid->auth_failures > 50)
6505 dur = 300;
6506 else if (ssid->auth_failures > 10)
6507 dur = 120;
6508 else if (ssid->auth_failures > 5)
6509 dur = 90;
6510 else if (ssid->auth_failures > 3)
6511 dur = 60;
6512 else if (ssid->auth_failures > 2)
6513 dur = 30;
6514 else if (ssid->auth_failures > 1)
6515 dur = 20;
6516 else
6517 dur = 10;
6518
6519 if (ssid->auth_failures > 1 &&
6520 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6521 dur += os_random() % (ssid->auth_failures * 10);
6522
6523 os_get_reltime(&now);
6524 if (now.sec + dur <= ssid->disabled_until.sec)
6525 return;
6526
6527 ssid->disabled_until.sec = now.sec + dur;
6528
6529 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
6530 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6531 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
6532 ssid->auth_failures, dur, reason);
6533 }
6534
6535
6536 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6537 struct wpa_ssid *ssid, int clear_failures)
6538 {
6539 if (ssid == NULL)
6540 return;
6541
6542 if (ssid->disabled_until.sec) {
6543 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6544 "id=%d ssid=\"%s\"",
6545 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6546 }
6547 ssid->disabled_until.sec = 0;
6548 ssid->disabled_until.usec = 0;
6549 if (clear_failures)
6550 ssid->auth_failures = 0;
6551 }
6552
6553
6554 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6555 {
6556 size_t i;
6557
6558 if (wpa_s->disallow_aps_bssid == NULL)
6559 return 0;
6560
6561 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6562 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6563 bssid, ETH_ALEN) == 0)
6564 return 1;
6565 }
6566
6567 return 0;
6568 }
6569
6570
6571 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6572 size_t ssid_len)
6573 {
6574 size_t i;
6575
6576 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6577 return 0;
6578
6579 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6580 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6581 if (ssid_len == s->ssid_len &&
6582 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6583 return 1;
6584 }
6585
6586 return 0;
6587 }
6588
6589
6590 /**
6591 * wpas_request_connection - Request a new connection
6592 * @wpa_s: Pointer to the network interface
6593 *
6594 * This function is used to request a new connection to be found. It will mark
6595 * the interface to allow reassociation and request a new scan to find a
6596 * suitable network to connect to.
6597 */
6598 void wpas_request_connection(struct wpa_supplicant *wpa_s)
6599 {
6600 wpa_s->normal_scans = 0;
6601 wpa_s->scan_req = NORMAL_SCAN_REQ;
6602 wpa_supplicant_reinit_autoscan(wpa_s);
6603 wpa_s->extra_blacklist_count = 0;
6604 wpa_s->disconnected = 0;
6605 wpa_s->reassociate = 1;
6606
6607 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6608 wpa_supplicant_req_scan(wpa_s, 0, 0);
6609 else
6610 wpa_s->reattach = 0;
6611 }
6612
6613
6614 /**
6615 * wpas_request_disconnection - Request disconnection
6616 * @wpa_s: Pointer to the network interface
6617 *
6618 * This function is used to request disconnection from the currently connected
6619 * network. This will stop any ongoing scans and initiate deauthentication.
6620 */
6621 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6622 {
6623 #ifdef CONFIG_SME
6624 wpa_s->sme.prev_bssid_set = 0;
6625 #endif /* CONFIG_SME */
6626 wpa_s->reassociate = 0;
6627 wpa_s->disconnected = 1;
6628 wpa_supplicant_cancel_sched_scan(wpa_s);
6629 wpa_supplicant_cancel_scan(wpa_s);
6630 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6631 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6632 }
6633
6634
6635 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6636 struct wpa_used_freq_data *freqs_data,
6637 unsigned int len)
6638 {
6639 unsigned int i;
6640
6641 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6642 len, title);
6643 for (i = 0; i < len; i++) {
6644 struct wpa_used_freq_data *cur = &freqs_data[i];
6645 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6646 i, cur->freq, cur->flags);
6647 }
6648 }
6649
6650
6651 /*
6652 * Find the operating frequencies of any of the virtual interfaces that
6653 * are using the same radio as the current interface, and in addition, get
6654 * information about the interface types that are using the frequency.
6655 */
6656 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6657 struct wpa_used_freq_data *freqs_data,
6658 unsigned int len)
6659 {
6660 struct wpa_supplicant *ifs;
6661 u8 bssid[ETH_ALEN];
6662 int freq;
6663 unsigned int idx = 0, i;
6664
6665 wpa_dbg(wpa_s, MSG_DEBUG,
6666 "Determining shared radio frequencies (max len %u)", len);
6667 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6668
6669 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6670 radio_list) {
6671 if (idx == len)
6672 break;
6673
6674 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6675 continue;
6676
6677 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6678 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6679 ifs->current_ssid->mode == WPAS_MODE_MESH)
6680 freq = ifs->current_ssid->frequency;
6681 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6682 freq = ifs->assoc_freq;
6683 else
6684 continue;
6685
6686 /* Hold only distinct freqs */
6687 for (i = 0; i < idx; i++)
6688 if (freqs_data[i].freq == freq)
6689 break;
6690
6691 if (i == idx)
6692 freqs_data[idx++].freq = freq;
6693
6694 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6695 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6696 WPA_FREQ_USED_BY_P2P_CLIENT :
6697 WPA_FREQ_USED_BY_INFRA_STATION;
6698 }
6699 }
6700
6701 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6702 return idx;
6703 }
6704
6705
6706 /*
6707 * Find the operating frequencies of any of the virtual interfaces that
6708 * are using the same radio as the current interface.
6709 */
6710 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6711 int *freq_array, unsigned int len)
6712 {
6713 struct wpa_used_freq_data *freqs_data;
6714 int num, i;
6715
6716 os_memset(freq_array, 0, sizeof(int) * len);
6717
6718 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6719 if (!freqs_data)
6720 return -1;
6721
6722 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6723 for (i = 0; i < num; i++)
6724 freq_array[i] = freqs_data[i].freq;
6725
6726 os_free(freqs_data);
6727
6728 return num;
6729 }
6730
6731
6732 struct wpa_supplicant *
6733 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6734 {
6735 switch (frame) {
6736 #ifdef CONFIG_P2P
6737 case VENDOR_ELEM_PROBE_REQ_P2P:
6738 case VENDOR_ELEM_PROBE_RESP_P2P:
6739 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6740 case VENDOR_ELEM_BEACON_P2P_GO:
6741 case VENDOR_ELEM_P2P_PD_REQ:
6742 case VENDOR_ELEM_P2P_PD_RESP:
6743 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6744 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6745 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6746 case VENDOR_ELEM_P2P_INV_REQ:
6747 case VENDOR_ELEM_P2P_INV_RESP:
6748 case VENDOR_ELEM_P2P_ASSOC_REQ:
6749 case VENDOR_ELEM_P2P_ASSOC_RESP:
6750 return wpa_s->p2pdev;
6751 #endif /* CONFIG_P2P */
6752 default:
6753 return wpa_s;
6754 }
6755 }
6756
6757
6758 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6759 {
6760 unsigned int i;
6761 char buf[30];
6762
6763 wpa_printf(MSG_DEBUG, "Update vendor elements");
6764
6765 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6766 if (wpa_s->vendor_elem[i]) {
6767 int res;
6768
6769 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6770 if (!os_snprintf_error(sizeof(buf), res)) {
6771 wpa_hexdump_buf(MSG_DEBUG, buf,
6772 wpa_s->vendor_elem[i]);
6773 }
6774 }
6775 }
6776
6777 #ifdef CONFIG_P2P
6778 if (wpa_s->parent == wpa_s &&
6779 wpa_s->global->p2p &&
6780 !wpa_s->global->p2p_disabled)
6781 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6782 #endif /* CONFIG_P2P */
6783 }
6784
6785
6786 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6787 const u8 *elem, size_t len)
6788 {
6789 u8 *ie, *end;
6790
6791 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6792 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6793
6794 for (; ie + 1 < end; ie += 2 + ie[1]) {
6795 if (ie + len > end)
6796 break;
6797 if (os_memcmp(ie, elem, len) != 0)
6798 continue;
6799
6800 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6801 wpabuf_free(wpa_s->vendor_elem[frame]);
6802 wpa_s->vendor_elem[frame] = NULL;
6803 } else {
6804 os_memmove(ie, ie + len, end - (ie + len));
6805 wpa_s->vendor_elem[frame]->used -= len;
6806 }
6807 wpas_vendor_elem_update(wpa_s);
6808 return 0;
6809 }
6810
6811 return -1;
6812 }
6813
6814
6815 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6816 u16 num_modes, enum hostapd_hw_mode mode)
6817 {
6818 u16 i;
6819
6820 for (i = 0; i < num_modes; i++) {
6821 if (modes[i].mode == mode)
6822 return &modes[i];
6823 }
6824
6825 return NULL;
6826 }
6827
6828
6829 static struct
6830 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6831 const u8 *bssid)
6832 {
6833 struct wpa_bss_tmp_disallowed *bss;
6834
6835 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6836 struct wpa_bss_tmp_disallowed, list) {
6837 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6838 return bss;
6839 }
6840
6841 return NULL;
6842 }
6843
6844
6845 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
6846 {
6847 struct wpa_bss_tmp_disallowed *tmp;
6848 unsigned int num_bssid = 0;
6849 u8 *bssids;
6850 int ret;
6851
6852 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
6853 if (!bssids)
6854 return -1;
6855 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
6856 struct wpa_bss_tmp_disallowed, list) {
6857 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
6858 ETH_ALEN);
6859 num_bssid++;
6860 }
6861 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
6862 os_free(bssids);
6863 return ret;
6864 }
6865
6866
6867 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
6868 {
6869 struct wpa_supplicant *wpa_s = eloop_ctx;
6870 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
6871
6872 /* Make sure the bss is not already freed */
6873 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
6874 struct wpa_bss_tmp_disallowed, list) {
6875 if (bss == tmp) {
6876 dl_list_del(&tmp->list);
6877 os_free(tmp);
6878 wpa_set_driver_tmp_disallow_list(wpa_s);
6879 break;
6880 }
6881 }
6882 }
6883
6884
6885 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6886 unsigned int sec)
6887 {
6888 struct wpa_bss_tmp_disallowed *bss;
6889
6890 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6891 if (bss) {
6892 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
6893 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
6894 wpa_s, bss);
6895 return;
6896 }
6897
6898 bss = os_malloc(sizeof(*bss));
6899 if (!bss) {
6900 wpa_printf(MSG_DEBUG,
6901 "Failed to allocate memory for temp disallow BSS");
6902 return;
6903 }
6904
6905 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6906 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6907 wpa_set_driver_tmp_disallow_list(wpa_s);
6908 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
6909 wpa_s, bss);
6910 }
6911
6912
6913 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6914 {
6915 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
6916
6917 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
6918 struct wpa_bss_tmp_disallowed, list) {
6919 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
6920 bss = tmp;
6921 break;
6922 }
6923 }
6924 if (!bss)
6925 return 0;
6926
6927 return 1;
6928 }
Unnamed repository; edit this file 'description' to name the repository.