3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
130 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
131 if (ssid
->wep_key_len
[i
] == 0)
135 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
136 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
137 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
144 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
145 struct wpa_ssid
*ssid
)
153 /* IBSS/WPA-None uses only one key (Group) for both receiving and
154 * sending unicast and multicast packets. */
156 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
157 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
158 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
162 if (!ssid
->psk_set
) {
163 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
168 switch (wpa_s
->group_cipher
) {
169 case WPA_CIPHER_CCMP
:
170 os_memcpy(key
, ssid
->psk
, 16);
174 case WPA_CIPHER_GCMP
:
175 os_memcpy(key
, ssid
->psk
, 16);
179 case WPA_CIPHER_TKIP
:
180 /* WPA-None uses the same Michael MIC key for both TX and RX */
181 os_memcpy(key
, ssid
->psk
, 16 + 8);
182 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
187 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
188 "WPA-None", wpa_s
->group_cipher
);
192 /* TODO: should actually remember the previously used seq#, both for TX
193 * and RX from each STA.. */
195 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
196 os_memset(key
, 0, sizeof(key
));
201 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
203 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
204 const u8
*bssid
= wpa_s
->bssid
;
205 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
206 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
207 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
208 bssid
= wpa_s
->pending_bssid
;
209 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
211 wpa_blacklist_add(wpa_s
, bssid
);
212 wpa_sm_notify_disassoc(wpa_s
->wpa
);
213 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
214 wpa_s
->reassociate
= 1;
217 * If we timed out, the AP or the local radio may be busy.
218 * So, wait a second until scanning again.
220 wpa_supplicant_req_scan(wpa_s
, 1, 0);
225 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
226 * @wpa_s: Pointer to wpa_supplicant data
227 * @sec: Number of seconds after which to time out authentication
228 * @usec: Number of microseconds after which to time out authentication
230 * This function is used to schedule a timeout for the current authentication
233 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
236 if (wpa_s
->conf
->ap_scan
== 0 &&
237 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
240 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
241 "%d usec", sec
, usec
);
242 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
243 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
248 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to cancel authentication timeout scheduled with
252 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
255 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
257 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
258 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
259 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
264 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
265 * @wpa_s: Pointer to wpa_supplicant data
267 * This function is used to configure EAPOL state machine based on the selected
268 * authentication mode.
270 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
272 #ifdef IEEE8021X_EAPOL
273 struct eapol_config eapol_conf
;
274 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
276 #ifdef CONFIG_IBSS_RSN
277 if (ssid
->mode
== WPAS_MODE_IBSS
&&
278 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
279 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
281 * RSN IBSS authentication is per-STA and we can disable the
282 * per-BSSID EAPOL authentication.
284 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
285 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
286 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
289 #endif /* CONFIG_IBSS_RSN */
291 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
292 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
294 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
295 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
296 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
298 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
300 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
301 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
302 eapol_conf
.accept_802_1x_keys
= 1;
303 eapol_conf
.required_keys
= 0;
304 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
305 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
307 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
308 eapol_conf
.required_keys
|=
309 EAPOL_REQUIRE_KEY_BROADCAST
;
312 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
313 eapol_conf
.required_keys
= 0;
315 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
316 eapol_conf
.workaround
= ssid
->eap_workaround
;
317 eapol_conf
.eap_disabled
=
318 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
319 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
320 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
321 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
324 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
325 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
326 if (wpa_s
->current_bss
) {
328 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
333 EAPOL_PEER_IS_WPS20_AP
;
338 #endif /* CONFIG_WPS */
340 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
343 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
344 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
346 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
347 #endif /* CONFIG_MACSEC */
348 #endif /* IEEE8021X_EAPOL */
353 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
354 * @wpa_s: Pointer to wpa_supplicant data
355 * @ssid: Configuration data for the network
357 * This function is used to configure WPA state machine and related parameters
358 * to a mode where WPA is not enabled. This is called as part of the
359 * authentication configuration when the selected network does not use WPA.
361 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
362 struct wpa_ssid
*ssid
)
366 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
367 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
368 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
369 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
371 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
372 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
373 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
374 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
375 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
376 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
377 wpa_s
->mgmt_group_cipher
= 0;
379 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
380 if (ssid
->wep_key_len
[i
] > 5) {
381 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
382 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
384 } else if (ssid
->wep_key_len
[i
] > 0) {
385 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
386 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
391 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
392 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
393 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
394 wpa_s
->pairwise_cipher
);
395 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
396 #ifdef CONFIG_IEEE80211W
397 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
398 wpa_s
->mgmt_group_cipher
);
399 #endif /* CONFIG_IEEE80211W */
401 pmksa_cache_clear_current(wpa_s
->wpa
);
405 void free_hw_features(struct wpa_supplicant
*wpa_s
)
408 if (wpa_s
->hw
.modes
== NULL
)
411 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
412 os_free(wpa_s
->hw
.modes
[i
].channels
);
413 os_free(wpa_s
->hw
.modes
[i
].rates
);
416 os_free(wpa_s
->hw
.modes
);
417 wpa_s
->hw
.modes
= NULL
;
421 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
423 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
425 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
426 struct wpa_bss_tmp_disallowed
, list
) {
427 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
428 dl_list_del(&bss
->list
);
434 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
436 struct fils_hlp_req
*req
;
438 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
440 dl_list_del(&req
->list
);
441 wpabuf_free(req
->pkt
);
447 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
451 bgscan_deinit(wpa_s
);
452 autoscan_deinit(wpa_s
);
453 scard_deinit(wpa_s
->scard
);
455 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
456 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
457 l2_packet_deinit(wpa_s
->l2
);
460 l2_packet_deinit(wpa_s
->l2_br
);
463 #ifdef CONFIG_TESTING_OPTIONS
464 l2_packet_deinit(wpa_s
->l2_test
);
465 wpa_s
->l2_test
= NULL
;
466 os_free(wpa_s
->get_pref_freq_list_override
);
467 wpa_s
->get_pref_freq_list_override
= NULL
;
468 #endif /* CONFIG_TESTING_OPTIONS */
470 if (wpa_s
->conf
!= NULL
) {
471 struct wpa_ssid
*ssid
;
472 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
473 wpas_notify_network_removed(wpa_s
, ssid
);
476 os_free(wpa_s
->confname
);
477 wpa_s
->confname
= NULL
;
479 os_free(wpa_s
->confanother
);
480 wpa_s
->confanother
= NULL
;
482 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
483 eapol_sm_deinit(wpa_s
->eapol
);
486 rsn_preauth_deinit(wpa_s
->wpa
);
489 wpa_tdls_deinit(wpa_s
->wpa
);
490 #endif /* CONFIG_TDLS */
492 wmm_ac_clear_saved_tspecs(wpa_s
);
493 pmksa_candidate_free(wpa_s
->wpa
);
494 wpa_sm_deinit(wpa_s
->wpa
);
496 wpa_blacklist_clear(wpa_s
);
498 wpa_bss_deinit(wpa_s
);
500 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
501 wpa_supplicant_cancel_scan(wpa_s
);
502 wpa_supplicant_cancel_auth_timeout(wpa_s
);
503 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
504 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
505 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
507 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
509 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
511 wpas_wps_deinit(wpa_s
);
513 wpabuf_free(wpa_s
->pending_eapol_rx
);
514 wpa_s
->pending_eapol_rx
= NULL
;
516 #ifdef CONFIG_IBSS_RSN
517 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
518 wpa_s
->ibss_rsn
= NULL
;
519 #endif /* CONFIG_IBSS_RSN */
524 wpa_supplicant_ap_deinit(wpa_s
);
525 #endif /* CONFIG_AP */
527 wpas_p2p_deinit(wpa_s
);
529 #ifdef CONFIG_OFFCHANNEL
530 offchannel_deinit(wpa_s
);
531 #endif /* CONFIG_OFFCHANNEL */
533 wpa_supplicant_cancel_sched_scan(wpa_s
);
535 os_free(wpa_s
->next_scan_freqs
);
536 wpa_s
->next_scan_freqs
= NULL
;
538 os_free(wpa_s
->manual_scan_freqs
);
539 wpa_s
->manual_scan_freqs
= NULL
;
540 os_free(wpa_s
->select_network_scan_freqs
);
541 wpa_s
->select_network_scan_freqs
= NULL
;
543 os_free(wpa_s
->manual_sched_scan_freqs
);
544 wpa_s
->manual_sched_scan_freqs
= NULL
;
546 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
549 * Need to remove any pending gas-query radio work before the
550 * gas_query_deinit() call because gas_query::work has not yet been set
551 * for works that have not been started. gas_query_free() will be unable
552 * to cancel such pending radio works and once the pending gas-query
553 * radio work eventually gets removed, the deinit notification call to
554 * gas_query_start_cb() would result in dereferencing freed memory.
557 radio_remove_works(wpa_s
, "gas-query", 0);
558 gas_query_deinit(wpa_s
->gas
);
560 gas_server_deinit(wpa_s
->gas_server
);
561 wpa_s
->gas_server
= NULL
;
563 free_hw_features(wpa_s
);
565 ieee802_1x_dealloc_kay_sm(wpa_s
);
567 os_free(wpa_s
->bssid_filter
);
568 wpa_s
->bssid_filter
= NULL
;
570 os_free(wpa_s
->disallow_aps_bssid
);
571 wpa_s
->disallow_aps_bssid
= NULL
;
572 os_free(wpa_s
->disallow_aps_ssid
);
573 wpa_s
->disallow_aps_ssid
= NULL
;
575 wnm_bss_keep_alive_deinit(wpa_s
);
577 wnm_deallocate_memory(wpa_s
);
578 #endif /* CONFIG_WNM */
580 ext_password_deinit(wpa_s
->ext_pw
);
581 wpa_s
->ext_pw
= NULL
;
583 wpabuf_free(wpa_s
->last_gas_resp
);
584 wpa_s
->last_gas_resp
= NULL
;
585 wpabuf_free(wpa_s
->prev_gas_resp
);
586 wpa_s
->prev_gas_resp
= NULL
;
588 os_free(wpa_s
->last_scan_res
);
589 wpa_s
->last_scan_res
= NULL
;
593 wpa_drv_configure_frame_filters(wpa_s
, 0);
595 #endif /* CONFIG_HS20 */
597 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
598 wpabuf_free(wpa_s
->vendor_elem
[i
]);
599 wpa_s
->vendor_elem
[i
] = NULL
;
602 wmm_ac_notify_disassoc(wpa_s
);
604 wpa_s
->sched_scan_plans_num
= 0;
605 os_free(wpa_s
->sched_scan_plans
);
606 wpa_s
->sched_scan_plans
= NULL
;
609 wpa_s
->non_pref_chan_num
= 0;
610 os_free(wpa_s
->non_pref_chan
);
611 wpa_s
->non_pref_chan
= NULL
;
612 #endif /* CONFIG_MBO */
614 free_bss_tmp_disallowed(wpa_s
);
616 wpabuf_free(wpa_s
->lci
);
618 wpas_clear_beacon_rep_data(wpa_s
);
620 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
623 struct external_pmksa_cache
*entry
;
625 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
626 struct external_pmksa_cache
,
628 dl_list_del(&entry
->list
);
629 os_free(entry
->pmksa_cache
);
633 #endif /* CONFIG_MESH */
634 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
636 wpas_flush_fils_hlp_req(wpa_s
);
638 wpabuf_free(wpa_s
->ric_ies
);
639 wpa_s
->ric_ies
= NULL
;
642 wpas_dpp_deinit(wpa_s
);
643 #endif /* CONFIG_DPP */
648 * wpa_clear_keys - Clear keys configured for the driver
649 * @wpa_s: Pointer to wpa_supplicant data
650 * @addr: Previously used BSSID or %NULL if not available
652 * This function clears the encryption keys that has been previously configured
655 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
659 #ifdef CONFIG_IEEE80211W
661 #else /* CONFIG_IEEE80211W */
663 #endif /* CONFIG_IEEE80211W */
665 /* MLME-DELETEKEYS.request */
666 for (i
= 0; i
< max
; i
++) {
667 if (wpa_s
->keys_cleared
& BIT(i
))
669 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
672 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
673 !is_zero_ether_addr(addr
)) {
674 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
676 /* MLME-SETPROTECTION.request(None) */
677 wpa_drv_mlme_setprotection(
679 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
680 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
682 wpa_s
->keys_cleared
= (u32
) -1;
687 * wpa_supplicant_state_txt - Get the connection state name as a text string
688 * @state: State (wpa_state; WPA_*)
689 * Returns: The state name as a printable text string
691 const char * wpa_supplicant_state_txt(enum wpa_states state
)
694 case WPA_DISCONNECTED
:
695 return "DISCONNECTED";
698 case WPA_INTERFACE_DISABLED
:
699 return "INTERFACE_DISABLED";
702 case WPA_AUTHENTICATING
:
703 return "AUTHENTICATING";
704 case WPA_ASSOCIATING
:
705 return "ASSOCIATING";
708 case WPA_4WAY_HANDSHAKE
:
709 return "4WAY_HANDSHAKE";
710 case WPA_GROUP_HANDSHAKE
:
711 return "GROUP_HANDSHAKE";
722 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
726 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
727 name
= wpa_s
->current_ssid
->bgscan
;
729 name
= wpa_s
->conf
->bgscan
;
730 if (name
== NULL
|| name
[0] == '\0')
732 if (wpas_driver_bss_selection(wpa_s
))
734 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
737 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
739 #endif /* CONFIG_P2P */
741 bgscan_deinit(wpa_s
);
742 if (wpa_s
->current_ssid
) {
743 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
744 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
747 * Live without bgscan; it is only used as a roaming
748 * optimization, so the initial connection is not
752 struct wpa_scan_results
*scan_res
;
753 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
754 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
757 bgscan_notify_scan(wpa_s
, scan_res
);
758 wpa_scan_results_free(scan_res
);
762 wpa_s
->bgscan_ssid
= NULL
;
766 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
768 if (wpa_s
->bgscan_ssid
!= NULL
) {
769 bgscan_deinit(wpa_s
);
770 wpa_s
->bgscan_ssid
= NULL
;
774 #endif /* CONFIG_BGSCAN */
777 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
779 if (autoscan_init(wpa_s
, 0))
780 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
784 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
786 autoscan_deinit(wpa_s
);
790 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
792 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
793 wpa_s
->wpa_state
== WPA_SCANNING
) {
794 autoscan_deinit(wpa_s
);
795 wpa_supplicant_start_autoscan(wpa_s
);
801 * wpa_supplicant_set_state - Set current connection state
802 * @wpa_s: Pointer to wpa_supplicant data
803 * @state: The new connection state
805 * This function is called whenever the connection state changes, e.g.,
806 * association is completed for WPA/WPA2 4-Way Handshake is started.
808 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
809 enum wpa_states state
)
811 enum wpa_states old_state
= wpa_s
->wpa_state
;
813 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
814 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
815 wpa_supplicant_state_txt(state
));
817 if (state
== WPA_INTERFACE_DISABLED
) {
818 /* Assure normal scan when interface is restored */
819 wpa_s
->normal_scans
= 0;
822 if (state
== WPA_COMPLETED
) {
823 wpas_connect_work_done(wpa_s
);
824 /* Reinitialize normal_scan counter */
825 wpa_s
->normal_scans
= 0;
830 * P2PS client has to reply to Probe Request frames received on the
831 * group operating channel. Enable Probe Request frame reporting for
832 * P2P connected client in case p2p_cli_probe configuration property is
835 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
836 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
837 wpa_s
->current_ssid
->p2p_group
) {
838 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
839 wpa_dbg(wpa_s
, MSG_DEBUG
,
840 "P2P: Enable CLI Probe Request RX reporting");
841 wpa_s
->p2p_cli_probe
=
842 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
843 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
844 wpa_dbg(wpa_s
, MSG_DEBUG
,
845 "P2P: Disable CLI Probe Request RX reporting");
846 wpa_s
->p2p_cli_probe
= 0;
847 wpa_drv_probe_req_report(wpa_s
, 0);
850 #endif /* CONFIG_P2P */
852 if (state
!= WPA_SCANNING
)
853 wpa_supplicant_notify_scanning(wpa_s
, 0);
855 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
856 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
857 int fils_hlp_sent
= 0;
860 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
861 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
863 #endif /* CONFIG_SME */
864 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
865 wpa_auth_alg_fils(wpa_s
->auth_alg
))
868 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
869 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
870 MACSTR
" completed [id=%d id_str=%s%s]",
871 MAC2STR(wpa_s
->bssid
),
872 ssid
? ssid
->id
: -1,
873 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
874 fils_hlp_sent
? " FILS_HLP_SENT" : "");
875 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
876 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
877 wpa_blacklist_clear(wpa_s
);
878 wpa_s
->extra_blacklist_count
= 0;
879 wpa_s
->new_connection
= 0;
880 wpa_drv_set_operstate(wpa_s
, 1);
881 #ifndef IEEE8021X_EAPOL
882 wpa_drv_set_supp_port(wpa_s
, 1);
883 #endif /* IEEE8021X_EAPOL */
884 wpa_s
->after_wps
= 0;
885 wpa_s
->known_wps_freq
= 0;
886 wpas_p2p_completed(wpa_s
);
888 sme_sched_obss_scan(wpa_s
, 1);
889 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
890 state
== WPA_ASSOCIATED
) {
891 wpa_s
->new_connection
= 1;
892 wpa_drv_set_operstate(wpa_s
, 0);
893 #ifndef IEEE8021X_EAPOL
894 wpa_drv_set_supp_port(wpa_s
, 0);
895 #endif /* IEEE8021X_EAPOL */
896 sme_sched_obss_scan(wpa_s
, 0);
898 wpa_s
->wpa_state
= state
;
901 if (state
== WPA_COMPLETED
)
902 wpa_supplicant_start_bgscan(wpa_s
);
903 else if (state
< WPA_ASSOCIATED
)
904 wpa_supplicant_stop_bgscan(wpa_s
);
905 #endif /* CONFIG_BGSCAN */
907 if (state
== WPA_AUTHENTICATING
)
908 wpa_supplicant_stop_autoscan(wpa_s
);
910 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
911 wpa_supplicant_start_autoscan(wpa_s
);
913 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
914 wmm_ac_notify_disassoc(wpa_s
);
916 if (wpa_s
->wpa_state
!= old_state
) {
917 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
920 * Notify the P2P Device interface about a state change in one
923 wpas_p2p_indicate_state_change(wpa_s
);
925 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
926 old_state
== WPA_COMPLETED
)
927 wpas_notify_auth_changed(wpa_s
);
932 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
936 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
938 struct wpa_supplicant
*next
= wpa_s
->next
;
939 if (wpas_wps_terminate_pending(wpa_s
) == 1)
942 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
943 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
944 wpas_p2p_disconnect(wpa_s
);
945 #endif /* CONFIG_P2P */
948 #endif /* CONFIG_WPS */
955 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
957 struct wpa_global
*global
= signal_ctx
;
958 wpa_supplicant_terminate_proc(global
);
962 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
964 enum wpa_states old_state
= wpa_s
->wpa_state
;
966 wpa_s
->pairwise_cipher
= 0;
967 wpa_s
->group_cipher
= 0;
968 wpa_s
->mgmt_group_cipher
= 0;
970 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
971 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
973 if (wpa_s
->wpa_state
!= old_state
)
974 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
979 * wpa_supplicant_reload_configuration - Reload configuration data
980 * @wpa_s: Pointer to wpa_supplicant data
981 * Returns: 0 on success or -1 if configuration parsing failed
983 * This function can be used to request that the configuration data is reloaded
984 * (e.g., after configuration file change). This function is reloading
985 * configuration only for one interface, so this may need to be called multiple
986 * times if %wpa_supplicant is controlling multiple interfaces and all
987 * interfaces need reconfiguration.
989 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
991 struct wpa_config
*conf
;
995 if (wpa_s
->confname
== NULL
)
997 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
999 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1000 "file '%s' - exiting", wpa_s
->confname
);
1003 wpa_config_read(wpa_s
->confanother
, conf
);
1005 conf
->changed_parameters
= (unsigned int) -1;
1007 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1008 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1009 os_strcmp(conf
->ctrl_interface
,
1010 wpa_s
->conf
->ctrl_interface
) != 0);
1012 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1013 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1014 wpa_s
->ctrl_iface
= NULL
;
1017 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1018 if (wpa_s
->current_ssid
) {
1019 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1020 wpa_s
->own_disconnect_req
= 1;
1021 wpa_supplicant_deauthenticate(wpa_s
,
1022 WLAN_REASON_DEAUTH_LEAVING
);
1026 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1027 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1029 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1030 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1031 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1033 * Clear forced success to clear EAP state for next
1036 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1038 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1039 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1040 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1041 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1042 rsn_preauth_deinit(wpa_s
->wpa
);
1044 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1045 wpa_config_free(wpa_s
->conf
);
1047 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1048 wpas_notify_ap_scan_changed(wpa_s
);
1051 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1053 wpa_supplicant_update_config(wpa_s
);
1055 wpa_supplicant_clear_status(wpa_s
);
1056 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1057 wpa_s
->reassociate
= 1;
1058 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1060 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1065 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1067 struct wpa_global
*global
= signal_ctx
;
1068 struct wpa_supplicant
*wpa_s
;
1069 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1070 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1072 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1073 wpa_supplicant_terminate_proc(global
);
1077 if (wpa_debug_reopen_file() < 0) {
1078 /* Ignore errors since we cannot really do much to fix this */
1079 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1084 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1085 struct wpa_ssid
*ssid
,
1086 struct wpa_ie_data
*ie
)
1088 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1091 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1092 "from association info");
1097 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1099 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1100 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1101 "cipher 0x%x (mask 0x%x) - reject",
1102 ie
->group_cipher
, ssid
->group_cipher
);
1105 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1106 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1107 "cipher 0x%x (mask 0x%x) - reject",
1108 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1111 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1112 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1113 "management 0x%x (mask 0x%x) - reject",
1114 ie
->key_mgmt
, ssid
->key_mgmt
);
1118 #ifdef CONFIG_IEEE80211W
1119 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1120 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1121 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1122 "that does not support management frame protection - "
1126 #endif /* CONFIG_IEEE80211W */
1133 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1134 * @wpa_s: Pointer to wpa_supplicant data
1135 * @bss: Scan results for the selected BSS, or %NULL if not available
1136 * @ssid: Configuration data for the selected network
1137 * @wpa_ie: Buffer for the WPA/RSN IE
1138 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1139 * used buffer length in case the functions returns success.
1140 * Returns: 0 on success or -1 on failure
1142 * This function is used to configure authentication and encryption parameters
1143 * based on the network configuration and scan result for the selected BSS (if
1146 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1147 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1148 u8
*wpa_ie
, size_t *wpa_ie_len
)
1150 struct wpa_ie_data ie
;
1152 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1155 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1156 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1157 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1159 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1161 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1162 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1163 (ie
.group_cipher
& ssid
->group_cipher
) &&
1164 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1165 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1166 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1167 proto
= WPA_PROTO_RSN
;
1168 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1169 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1170 (ie
.group_cipher
& ssid
->group_cipher
) &&
1171 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1172 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1173 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1174 proto
= WPA_PROTO_WPA
;
1176 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1177 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1178 /* TODO: parse OSEN element */
1179 os_memset(&ie
, 0, sizeof(ie
));
1180 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1181 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1182 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1183 proto
= WPA_PROTO_OSEN
;
1184 #endif /* CONFIG_HS20 */
1186 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1187 wpa_dbg(wpa_s
, MSG_DEBUG
,
1188 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1189 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1191 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1192 MAC2STR(bss
->bssid
),
1193 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1194 bss_wpa
? " WPA" : "",
1195 bss_rsn
? " RSN" : "",
1196 bss_osen
? " OSEN" : "");
1198 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1199 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1200 wpa_dbg(wpa_s
, MSG_DEBUG
,
1201 "Could not parse RSN element");
1203 wpa_dbg(wpa_s
, MSG_DEBUG
,
1204 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1205 ie
.pairwise_cipher
, ie
.group_cipher
,
1210 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1211 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1212 wpa_dbg(wpa_s
, MSG_DEBUG
,
1213 "Could not parse WPA element");
1215 wpa_dbg(wpa_s
, MSG_DEBUG
,
1216 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1217 ie
.pairwise_cipher
, ie
.group_cipher
,
1223 if (ssid
->proto
& WPA_PROTO_OSEN
)
1224 proto
= WPA_PROTO_OSEN
;
1225 else if (ssid
->proto
& WPA_PROTO_RSN
)
1226 proto
= WPA_PROTO_RSN
;
1228 proto
= WPA_PROTO_WPA
;
1229 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1230 os_memset(&ie
, 0, sizeof(ie
));
1231 ie
.group_cipher
= ssid
->group_cipher
;
1232 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1233 ie
.key_mgmt
= ssid
->key_mgmt
;
1234 #ifdef CONFIG_IEEE80211W
1235 ie
.mgmt_group_cipher
= 0;
1236 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1237 if (ssid
->group_mgmt_cipher
&
1238 WPA_CIPHER_BIP_GMAC_256
)
1239 ie
.mgmt_group_cipher
=
1240 WPA_CIPHER_BIP_GMAC_256
;
1241 else if (ssid
->group_mgmt_cipher
&
1242 WPA_CIPHER_BIP_CMAC_256
)
1243 ie
.mgmt_group_cipher
=
1244 WPA_CIPHER_BIP_CMAC_256
;
1245 else if (ssid
->group_mgmt_cipher
&
1246 WPA_CIPHER_BIP_GMAC_128
)
1247 ie
.mgmt_group_cipher
=
1248 WPA_CIPHER_BIP_GMAC_128
;
1250 ie
.mgmt_group_cipher
=
1251 WPA_CIPHER_AES_128_CMAC
;
1253 #endif /* CONFIG_IEEE80211W */
1254 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1255 "based on configuration");
1260 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1261 "pairwise %d key_mgmt %d proto %d",
1262 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1263 #ifdef CONFIG_IEEE80211W
1264 if (ssid
->ieee80211w
) {
1265 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1266 ie
.mgmt_group_cipher
);
1268 #endif /* CONFIG_IEEE80211W */
1270 wpa_s
->wpa_proto
= proto
;
1271 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1272 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1273 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1275 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1276 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1277 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1278 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1279 bss_rsn
? 2 + bss_rsn
[1] : 0))
1283 #ifdef CONFIG_NO_WPA
1284 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1285 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1286 #else /* CONFIG_NO_WPA */
1287 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1288 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1289 if (wpa_s
->group_cipher
< 0) {
1290 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1294 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1295 wpa_cipher_txt(wpa_s
->group_cipher
));
1297 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1298 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1299 if (wpa_s
->pairwise_cipher
< 0) {
1300 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1304 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1305 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1306 #endif /* CONFIG_NO_WPA */
1308 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1310 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1311 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1312 #endif /* CONFIG_SAE */
1314 #ifdef CONFIG_SUITEB192
1315 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1316 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1317 wpa_dbg(wpa_s
, MSG_DEBUG
,
1318 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1319 #endif /* CONFIG_SUITEB192 */
1320 #ifdef CONFIG_SUITEB
1321 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1322 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1323 wpa_dbg(wpa_s
, MSG_DEBUG
,
1324 "WPA: using KEY_MGMT 802.1X with Suite B");
1325 #endif /* CONFIG_SUITEB */
1327 #ifdef CONFIG_IEEE80211R
1328 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1329 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1330 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1331 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1332 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1333 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1334 #endif /* CONFIG_IEEE80211R */
1335 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1336 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1337 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1338 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1339 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1340 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1341 #endif /* CONFIG_FILS */
1342 #ifdef CONFIG_IEEE80211R
1343 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1344 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1345 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1346 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1347 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1348 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1349 #endif /* CONFIG_IEEE80211R */
1351 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1352 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1353 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1354 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1355 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1356 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1357 #endif /* CONFIG_SAE */
1358 #ifdef CONFIG_IEEE80211W
1359 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1360 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1361 wpa_dbg(wpa_s
, MSG_DEBUG
,
1362 "WPA: using KEY_MGMT 802.1X with SHA256");
1363 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1364 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1365 wpa_dbg(wpa_s
, MSG_DEBUG
,
1366 "WPA: using KEY_MGMT PSK with SHA256");
1367 #endif /* CONFIG_IEEE80211W */
1368 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1369 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1370 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1371 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1372 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1373 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1374 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1375 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1376 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1378 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1379 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1380 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1381 #endif /* CONFIG_HS20 */
1383 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1384 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1385 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1386 #endif /* CONFIG_OWE */
1388 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1389 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1390 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1391 #endif /* CONFIG_DPP */
1393 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1394 "authenticated key management type");
1398 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1399 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1400 wpa_s
->pairwise_cipher
);
1401 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1403 #ifdef CONFIG_IEEE80211W
1404 sel
= ie
.mgmt_group_cipher
;
1405 if (ssid
->group_mgmt_cipher
)
1406 sel
&= ssid
->group_mgmt_cipher
;
1407 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1408 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1410 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1411 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1412 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1414 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1415 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1416 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1418 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1419 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1420 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1422 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1423 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1424 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1427 wpa_s
->mgmt_group_cipher
= 0;
1428 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1430 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1431 wpa_s
->mgmt_group_cipher
);
1432 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1433 wpas_get_ssid_pmf(wpa_s
, ssid
));
1434 #endif /* CONFIG_IEEE80211W */
1436 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1437 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1441 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1444 if (ssid
->psk_set
) {
1445 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1450 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
)
1453 #ifndef CONFIG_NO_PBKDF2
1454 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1457 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1458 4096, psk
, PMK_LEN
);
1459 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1461 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1463 os_memset(psk
, 0, sizeof(psk
));
1465 #endif /* CONFIG_NO_PBKDF2 */
1466 #ifdef CONFIG_EXT_PASSWORD
1467 if (ssid
->ext_psk
) {
1468 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1470 char pw_str
[64 + 1];
1474 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1475 "found from external storage");
1479 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1480 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1481 "PSK length %d in external storage",
1482 (int) wpabuf_len(pw
));
1483 ext_password_free(pw
);
1487 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1488 pw_str
[wpabuf_len(pw
)] = '\0';
1490 #ifndef CONFIG_NO_PBKDF2
1491 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1493 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1494 4096, psk
, PMK_LEN
);
1495 os_memset(pw_str
, 0, sizeof(pw_str
));
1496 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1497 "external passphrase)",
1499 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1502 os_memset(psk
, 0, sizeof(psk
));
1504 #endif /* CONFIG_NO_PBKDF2 */
1505 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1506 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1507 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1508 "Invalid PSK hex string");
1509 os_memset(pw_str
, 0, sizeof(pw_str
));
1510 ext_password_free(pw
);
1513 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1516 os_memset(psk
, 0, sizeof(psk
));
1518 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1520 os_memset(pw_str
, 0, sizeof(pw_str
));
1521 ext_password_free(pw
);
1525 os_memset(pw_str
, 0, sizeof(pw_str
));
1526 ext_password_free(pw
);
1528 #endif /* CONFIG_EXT_PASSWORD */
1531 wpa_msg(wpa_s
, MSG_INFO
,
1532 "No PSK available for association");
1536 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1537 /* OWE Diffie-Hellman exchange in (Re)Association
1538 * Request/Response frames set the PMK, so do not override it
1540 #endif /* CONFIG_OWE */
1542 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1548 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1553 case 0: /* Bits 0-7 */
1555 case 1: /* Bits 8-15 */
1557 case 2: /* Bits 16-23 */
1559 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1560 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1561 #endif /* CONFIG_WNM */
1563 case 3: /* Bits 24-31 */
1565 *pos
|= 0x02; /* Bit 25 - SSID List */
1566 #endif /* CONFIG_WNM */
1567 #ifdef CONFIG_INTERWORKING
1568 if (wpa_s
->conf
->interworking
)
1569 *pos
|= 0x80; /* Bit 31 - Interworking */
1570 #endif /* CONFIG_INTERWORKING */
1572 case 4: /* Bits 32-39 */
1573 #ifdef CONFIG_INTERWORKING
1574 if (wpa_s
->drv_flags
/ WPA_DRIVER_FLAGS_QOS_MAPPING
)
1575 *pos
|= 0x01; /* Bit 32 - QoS Map */
1576 #endif /* CONFIG_INTERWORKING */
1578 case 5: /* Bits 40-47 */
1580 if (wpa_s
->conf
->hs20
)
1581 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1582 #endif /* CONFIG_HS20 */
1584 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1585 #endif /* CONFIG_MBO */
1587 case 6: /* Bits 48-55 */
1589 case 7: /* Bits 56-63 */
1591 case 8: /* Bits 64-71 */
1592 if (wpa_s
->conf
->ftm_responder
)
1593 *pos
|= 0x40; /* Bit 70 - FTM responder */
1594 if (wpa_s
->conf
->ftm_initiator
)
1595 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1597 case 9: /* Bits 72-79 */
1600 #endif /* CONFIG_FILS */
1606 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1611 if (len
< wpa_s
->extended_capa_len
)
1612 len
= wpa_s
->extended_capa_len
;
1613 if (buflen
< (size_t) len
+ 2) {
1614 wpa_printf(MSG_INFO
,
1615 "Not enough room for building extended capabilities element");
1619 *pos
++ = WLAN_EID_EXT_CAPAB
;
1621 for (i
= 0; i
< len
; i
++, pos
++) {
1622 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1624 if (i
< wpa_s
->extended_capa_len
) {
1625 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1626 *pos
|= wpa_s
->extended_capa
[i
];
1630 while (len
> 0 && buf
[1 + len
] == 0) {
1641 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1642 struct wpa_bss
*test_bss
)
1644 struct wpa_bss
*bss
;
1646 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1647 if (bss
== test_bss
)
1655 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1656 struct wpa_ssid
*test_ssid
)
1658 struct wpa_ssid
*ssid
;
1660 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1661 if (ssid
== test_ssid
)
1669 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1670 struct wpa_ssid
*test_ssid
)
1672 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1675 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1679 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1687 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1689 struct wpa_connect_work
*cwork
;
1690 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1695 wpa_s
->connect_work
= NULL
;
1698 wpas_connect_work_free(cwork
);
1699 radio_work_done(work
);
1703 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1705 struct os_reltime now
;
1708 os_get_reltime(&now
);
1709 if (wpa_s
->last_mac_addr_style
== style
&&
1710 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1711 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1712 wpa_s
->conf
->rand_addr_lifetime
)) {
1713 wpa_msg(wpa_s
, MSG_DEBUG
,
1714 "Previously selected random MAC address has not yet expired");
1720 if (random_mac_addr(addr
) < 0)
1724 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1725 if (random_mac_addr_keep_oui(addr
) < 0)
1732 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1733 wpa_msg(wpa_s
, MSG_INFO
,
1734 "Failed to set random MAC address");
1738 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1739 wpa_s
->mac_addr_changed
= 1;
1740 wpa_s
->last_mac_addr_style
= style
;
1742 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1743 wpa_msg(wpa_s
, MSG_INFO
,
1744 "Could not update MAC address information");
1748 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1755 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1757 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1758 !wpa_s
->conf
->preassoc_mac_addr
)
1761 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1765 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1768 * wpa_supplicant_associate - Request association
1769 * @wpa_s: Pointer to wpa_supplicant data
1770 * @bss: Scan results for the selected BSS, or %NULL if not available
1771 * @ssid: Configuration data for the selected network
1773 * This function is used to request %wpa_supplicant to associate with a BSS.
1775 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1776 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1778 struct wpa_connect_work
*cwork
;
1781 wpa_s
->own_disconnect_req
= 0;
1784 * If we are starting a new connection, any previously pending EAPOL
1785 * RX cannot be valid anymore.
1787 wpabuf_free(wpa_s
->pending_eapol_rx
);
1788 wpa_s
->pending_eapol_rx
= NULL
;
1790 if (ssid
->mac_addr
== -1)
1791 rand_style
= wpa_s
->conf
->mac_addr
;
1793 rand_style
= ssid
->mac_addr
;
1795 wmm_ac_clear_saved_tspecs(wpa_s
);
1796 wpa_s
->reassoc_same_bss
= 0;
1797 wpa_s
->reassoc_same_ess
= 0;
1799 if (wpa_s
->last_ssid
== ssid
) {
1800 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1801 wpa_s
->reassoc_same_ess
= 1;
1802 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1803 wmm_ac_save_tspecs(wpa_s
);
1804 wpa_s
->reassoc_same_bss
= 1;
1808 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1809 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1811 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1812 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1813 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1814 wpa_msg(wpa_s
, MSG_INFO
,
1815 "Could not restore permanent MAC address");
1818 wpa_s
->mac_addr_changed
= 0;
1819 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1820 wpa_msg(wpa_s
, MSG_INFO
,
1821 "Could not update MAC address information");
1824 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1826 wpa_s
->last_ssid
= ssid
;
1828 #ifdef CONFIG_IBSS_RSN
1829 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1830 wpa_s
->ibss_rsn
= NULL
;
1831 #else /* CONFIG_IBSS_RSN */
1832 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1833 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1834 wpa_msg(wpa_s
, MSG_INFO
,
1835 "IBSS RSN not supported in the build");
1838 #endif /* CONFIG_IBSS_RSN */
1840 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1841 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1843 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1844 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1848 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1849 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1850 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1851 wpas_p2p_ap_setup_failed(wpa_s
);
1854 wpa_s
->current_bss
= bss
;
1855 #else /* CONFIG_AP */
1856 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1858 #endif /* CONFIG_AP */
1862 if (ssid
->mode
== WPAS_MODE_MESH
) {
1864 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1865 wpa_msg(wpa_s
, MSG_INFO
,
1866 "Driver does not support mesh mode");
1870 ssid
->frequency
= bss
->freq
;
1871 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1872 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1875 wpa_s
->current_bss
= bss
;
1876 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1877 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1879 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1880 #else /* CONFIG_MESH */
1881 wpa_msg(wpa_s
, MSG_ERROR
,
1882 "mesh mode support not included in the build");
1883 #endif /* CONFIG_MESH */
1888 * Set WPA state machine configuration to match the selected network now
1889 * so that the information is available before wpas_start_assoc_cb()
1890 * gets called. This is needed at least for RSN pre-authentication where
1891 * candidate APs are added to a list based on scan result processing
1892 * before completion of the first association.
1894 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1897 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
1899 #endif /* CONFIG_DPP */
1903 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
1905 #endif /* CONFIG_TDLS */
1907 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1908 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1909 sme_authenticate(wpa_s
, bss
, ssid
);
1913 if (wpa_s
->connect_work
) {
1914 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
1918 if (radio_work_pending(wpa_s
, "connect")) {
1919 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
1924 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
1925 /* Clear possibly set auth_alg, if any, from last attempt. */
1926 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
1928 #endif /* CONFIG_SME */
1930 wpas_abort_ongoing_scan(wpa_s
);
1932 cwork
= os_zalloc(sizeof(*cwork
));
1939 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
1940 wpas_start_assoc_cb
, cwork
) < 0) {
1946 static int bss_is_ibss(struct wpa_bss
*bss
)
1948 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
1953 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
1954 const struct wpa_ssid
*ssid
)
1956 enum hostapd_hw_mode hw_mode
;
1957 struct hostapd_hw_modes
*mode
= NULL
;
1961 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
1962 if (hw_mode
== NUM_HOSTAPD_MODES
)
1964 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1965 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1966 mode
= &wpa_s
->hw
.modes
[i
];
1974 return mode
->vht_capab
!= 0;
1978 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
1979 const struct wpa_ssid
*ssid
,
1980 struct hostapd_freq_params
*freq
)
1982 enum hostapd_hw_mode hw_mode
;
1983 struct hostapd_hw_modes
*mode
= NULL
;
1984 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1986 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
1987 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
1989 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
1991 struct hostapd_freq_params vht_freq
;
1992 int chwidth
, seg0
, seg1
;
1995 freq
->freq
= ssid
->frequency
;
1997 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
1998 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2000 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2003 /* Don't adjust control freq in case of fixed_freq */
2004 if (ssid
->fixed_freq
)
2007 if (!bss_is_ibss(bss
))
2010 if (ssid
->ssid_len
== bss
->ssid_len
&&
2011 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2012 wpa_printf(MSG_DEBUG
,
2013 "IBSS already found in scan results, adjust control freq: %d",
2015 freq
->freq
= bss
->freq
;
2021 /* For IBSS check HT_IBSS flag */
2022 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2023 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2026 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2027 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2028 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2029 wpa_printf(MSG_DEBUG
,
2030 "IBSS: WEP/TKIP detected, do not try to enable HT");
2034 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2035 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2036 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2037 mode
= &wpa_s
->hw
.modes
[i
];
2045 #ifdef CONFIG_HT_OVERRIDES
2046 if (ssid
->disable_ht
) {
2047 freq
->ht_enabled
= 0;
2050 #endif /* CONFIG_HT_OVERRIDES */
2052 freq
->ht_enabled
= ht_supported(mode
);
2053 if (!freq
->ht_enabled
)
2056 /* Setup higher BW only for 5 GHz */
2057 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2060 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2061 pri_chan
= &mode
->channels
[chan_idx
];
2062 if (pri_chan
->chan
== channel
)
2069 /* Check primary channel flags */
2070 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2073 #ifdef CONFIG_HT_OVERRIDES
2074 if (ssid
->disable_ht40
)
2076 #endif /* CONFIG_HT_OVERRIDES */
2078 /* Check/setup HT40+/HT40- */
2079 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2080 if (ht40plus
[j
] == channel
) {
2086 /* Find secondary channel */
2087 for (i
= 0; i
< mode
->num_channels
; i
++) {
2088 sec_chan
= &mode
->channels
[i
];
2089 if (sec_chan
->chan
== channel
+ ht40
* 4)
2096 /* Check secondary channel flags */
2097 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2100 freq
->channel
= pri_chan
->chan
;
2103 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2106 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2109 freq
->sec_channel_offset
= ht40
;
2112 struct wpa_scan_results
*scan_res
;
2114 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2115 if (scan_res
== NULL
) {
2117 freq
->sec_channel_offset
= 0;
2121 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2126 freq
->sec_channel_offset
= 0;
2129 /* Configuration allowed */
2132 /* Switch pri/sec channels */
2133 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2134 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2135 freq
->channel
= sec_chan
->chan
;
2138 freq
->sec_channel_offset
= 0;
2142 wpa_scan_results_free(scan_res
);
2145 wpa_printf(MSG_DEBUG
,
2146 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2147 freq
->channel
, freq
->sec_channel_offset
);
2149 if (!drv_supports_vht(wpa_s
, ssid
))
2152 /* For IBSS check VHT_IBSS flag */
2153 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2154 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2159 #ifdef CONFIG_VHT_OVERRIDES
2160 if (ssid
->disable_vht
) {
2161 freq
->vht_enabled
= 0;
2164 #endif /* CONFIG_VHT_OVERRIDES */
2166 vht_freq
.vht_enabled
= vht_supported(mode
);
2167 if (!vht_freq
.vht_enabled
)
2170 /* setup center_freq1, bandwidth */
2171 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2172 if (freq
->channel
>= vht80
[j
] &&
2173 freq
->channel
< vht80
[j
] + 16)
2177 if (j
== ARRAY_SIZE(vht80
))
2180 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2181 struct hostapd_channel_data
*chan
;
2183 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2187 /* Back to HT configuration if channel not usable */
2188 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2192 chwidth
= VHT_CHANWIDTH_80MHZ
;
2193 seg0
= vht80
[j
] + 6;
2196 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2197 /* setup center_freq2, bandwidth */
2198 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2199 /* Only accept 80 MHz segments separated by a gap */
2200 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2202 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2203 struct hostapd_channel_data
*chan
;
2205 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2209 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2210 HOSTAPD_CHAN_NO_IR
|
2211 HOSTAPD_CHAN_RADAR
))
2214 /* Found a suitable second segment for 80+80 */
2215 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2217 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2218 seg1
= vht80
[k
] + 6;
2221 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2224 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2225 if (freq
->freq
== 5180) {
2226 chwidth
= VHT_CHANWIDTH_160MHZ
;
2227 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2229 } else if (freq
->freq
== 5520) {
2230 chwidth
= VHT_CHANWIDTH_160MHZ
;
2231 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2236 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2237 freq
->channel
, freq
->ht_enabled
,
2238 vht_freq
.vht_enabled
,
2239 freq
->sec_channel_offset
,
2240 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2245 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2246 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2251 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2254 struct fils_hlp_req
*req
;
2255 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2259 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2261 rem_len
= ie_buf_len
- ie_len
;
2262 pos
= wpabuf_head(req
->pkt
);
2263 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2264 hlp_len
= wpabuf_len(req
->pkt
);
2266 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2267 wpa_printf(MSG_ERROR
,
2268 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2269 (unsigned long) rem_len
,
2270 (unsigned long) (2 + hdr_len
+ hlp_len
));
2274 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2276 *buf
++ = WLAN_EID_EXTENSION
;
2279 /* Element ID Extension */
2280 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2281 /* Destination MAC address */
2282 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2284 /* Source MAC address */
2285 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2287 /* LLC/SNAP Header */
2288 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2291 os_memcpy(buf
, pos
, len
- hdr_len
);
2292 buf
+= len
- hdr_len
;
2293 pos
+= len
- hdr_len
;
2295 hlp_len
-= len
- hdr_len
;
2300 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2301 if (rem_len
< 2 + len
)
2303 *buf
++ = WLAN_EID_FRAGMENT
;
2305 os_memcpy(buf
, pos
, len
);
2317 #endif /* CONFIG_FILS */
2320 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2322 struct wpa_connect_work
*cwork
= work
->ctx
;
2323 struct wpa_bss
*bss
= cwork
->bss
;
2324 struct wpa_ssid
*ssid
= cwork
->ssid
;
2325 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2327 size_t max_wpa_ie_len
= 500;
2329 int use_crypt
, ret
, i
, bssid_changed
;
2330 int algs
= WPA_AUTH_ALG_OPEN
;
2331 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2332 struct wpa_driver_associate_params params
;
2333 int wep_keys_set
= 0;
2334 int assoc_failed
= 0;
2335 struct wpa_ssid
*old_ssid
;
2336 u8 prev_bssid
[ETH_ALEN
];
2337 #ifdef CONFIG_HT_OVERRIDES
2338 struct ieee80211_ht_capabilities htcaps
;
2339 struct ieee80211_ht_capabilities htcaps_mask
;
2340 #endif /* CONFIG_HT_OVERRIDES */
2341 #ifdef CONFIG_VHT_OVERRIDES
2342 struct ieee80211_vht_capabilities vhtcaps
;
2343 struct ieee80211_vht_capabilities vhtcaps_mask
;
2344 #endif /* CONFIG_VHT_OVERRIDES */
2346 const u8
*realm
, *username
, *rrk
;
2347 size_t realm_len
, username_len
, rrk_len
;
2349 struct fils_hlp_req
*req
;
2350 #endif /* CONFIG_FILS */
2353 if (work
->started
) {
2354 wpa_s
->connect_work
= NULL
;
2356 /* cancel possible auth. timeout */
2357 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2360 wpas_connect_work_free(cwork
);
2364 wpa_s
->connect_work
= work
;
2366 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2367 wpas_network_disabled(wpa_s
, ssid
)) {
2368 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2369 wpas_connect_work_done(wpa_s
);
2373 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2374 os_memset(¶ms
, 0, sizeof(params
));
2375 wpa_s
->reassociate
= 0;
2376 wpa_s
->eap_expected_failure
= 0;
2378 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2379 #ifdef CONFIG_IEEE80211R
2380 const u8
*ie
, *md
= NULL
;
2381 #endif /* CONFIG_IEEE80211R */
2382 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2383 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2384 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2385 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2386 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2387 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2389 wpas_notify_bssid_changed(wpa_s
);
2390 #ifdef CONFIG_IEEE80211R
2391 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2392 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2394 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2396 /* Prepare for the next transition */
2397 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2399 #endif /* CONFIG_IEEE80211R */
2401 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2402 wpa_s
->conf
->ap_scan
== 2 &&
2403 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2404 /* Use ap_scan==1 style network selection to find the network
2406 wpas_connect_work_done(wpa_s
);
2407 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2408 wpa_s
->reassociate
= 1;
2409 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2411 #endif /* CONFIG_WPS */
2413 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2414 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2416 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2418 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2421 wpa_supplicant_cancel_sched_scan(wpa_s
);
2423 wpa_supplicant_cancel_scan(wpa_s
);
2425 /* Starting new association, so clear the possibly used WPA IE from the
2426 * previous association. */
2427 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2430 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2432 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2433 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2435 #endif /* CONFIG_FILS */
2437 wpa_ie
= os_malloc(max_wpa_ie_len
);
2439 wpa_printf(MSG_ERROR
,
2440 "Failed to allocate connect IE buffer for %lu bytes",
2441 (unsigned long) max_wpa_ie_len
);
2442 wpas_connect_work_done(wpa_s
);
2446 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2447 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2448 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2449 int try_opportunistic
;
2450 const u8
*cache_id
= NULL
;
2452 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2454 ssid
->proactive_key_caching
) &&
2455 (ssid
->proto
& WPA_PROTO_RSN
);
2457 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2458 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2459 #endif /* CONFIG_FILS */
2460 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2461 ssid
, try_opportunistic
,
2463 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2464 wpa_ie_len
= max_wpa_ie_len
;
2465 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2466 wpa_ie
, &wpa_ie_len
)) {
2467 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2468 "key management and encryption suites");
2469 wpas_connect_work_done(wpa_s
);
2473 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2474 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2476 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2477 * use non-WPA since the scan results did not indicate that the
2478 * AP is using WPA or WPA2.
2480 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2482 wpa_s
->wpa_proto
= 0;
2483 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2484 wpa_ie_len
= max_wpa_ie_len
;
2485 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2486 wpa_ie
, &wpa_ie_len
)) {
2487 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2488 "key management and encryption suites (no "
2490 wpas_connect_work_done(wpa_s
);
2495 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2496 struct wpabuf
*wps_ie
;
2497 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2498 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2499 wpa_ie_len
= wpabuf_len(wps_ie
);
2500 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2503 wpabuf_free(wps_ie
);
2504 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2505 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2506 params
.wps
= WPS_MODE_PRIVACY
;
2508 params
.wps
= WPS_MODE_OPEN
;
2509 wpa_s
->wpa_proto
= 0;
2510 #endif /* CONFIG_WPS */
2512 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2514 wpa_s
->wpa_proto
= 0;
2517 #ifdef IEEE8021X_EAPOL
2518 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2520 if (ssid
->non_leap
== 0)
2521 algs
= WPA_AUTH_ALG_LEAP
;
2523 algs
|= WPA_AUTH_ALG_LEAP
;
2528 /* Clear FILS association */
2529 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2531 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2532 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2533 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2534 &username_len
, &realm
, &realm_len
,
2535 &next_seq_num
, &rrk
, &rrk_len
) == 0) {
2536 algs
= WPA_AUTH_ALG_FILS
;
2537 params
.fils_erp_username
= username
;
2538 params
.fils_erp_username_len
= username_len
;
2539 params
.fils_erp_realm
= realm
;
2540 params
.fils_erp_realm_len
= realm_len
;
2541 params
.fils_erp_next_seq_num
= next_seq_num
;
2542 params
.fils_erp_rrk
= rrk
;
2543 params
.fils_erp_rrk_len
= rrk_len
;
2545 #endif /* CONFIG_FILS */
2546 #endif /* IEEE8021X_EAPOL */
2548 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2549 if (ssid
->auth_alg
) {
2550 algs
= ssid
->auth_alg
;
2551 wpa_dbg(wpa_s
, MSG_DEBUG
,
2552 "Overriding auth_alg selection: 0x%x", algs
);
2556 if (wpa_s
->global
->p2p
) {
2560 pos
= wpa_ie
+ wpa_ie_len
;
2561 len
= max_wpa_ie_len
- wpa_ie_len
;
2562 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2568 wpa_s
->cross_connect_disallowed
= 0;
2571 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2573 wpa_s
->cross_connect_disallowed
=
2574 p2p_get_cross_connect_disallowed(p2p
);
2576 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2578 wpa_s
->cross_connect_disallowed
?
2579 "disallows" : "allows");
2583 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2584 #endif /* CONFIG_P2P */
2587 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2588 wpa_ie
+ wpa_ie_len
,
2594 * Workaround: Add Extended Capabilities element only if the AP
2595 * included this element in Beacon/Probe Response frames. Some older
2596 * APs seem to have interoperability issues if this element is
2597 * included, so while the standard may require us to include the
2598 * element in all cases, it is justifiable to skip it to avoid
2599 * interoperability issues.
2601 if (ssid
->p2p_group
)
2602 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2604 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2606 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2609 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2611 if (ext_capab_len
> 0 &&
2612 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2614 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2616 os_memmove(pos
+ ext_capab_len
, pos
,
2617 wpa_ie_len
- (pos
- wpa_ie
));
2618 wpa_ie_len
+= ext_capab_len
;
2619 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2624 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2625 struct wpabuf
*hs20
;
2627 hs20
= wpabuf_alloc(20);
2629 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2632 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2633 len
= max_wpa_ie_len
- wpa_ie_len
;
2634 if (wpabuf_len(hs20
) <= len
) {
2635 os_memcpy(wpa_ie
+ wpa_ie_len
,
2636 wpabuf_head(hs20
), wpabuf_len(hs20
));
2637 wpa_ie_len
+= wpabuf_len(hs20
);
2641 hs20_configure_frame_filters(wpa_s
);
2644 #endif /* CONFIG_HS20 */
2646 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2647 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2650 len
= max_wpa_ie_len
- wpa_ie_len
;
2651 if (wpabuf_len(buf
) <= len
) {
2652 os_memcpy(wpa_ie
+ wpa_ie_len
,
2653 wpabuf_head(buf
), wpabuf_len(buf
));
2654 wpa_ie_len
+= wpabuf_len(buf
);
2659 if (wpa_s
->fst_ies
) {
2660 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2662 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2663 os_memcpy(wpa_ie
+ wpa_ie_len
,
2664 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2665 wpa_ie_len
+= fst_ies_len
;
2668 #endif /* CONFIG_FST */
2671 if (bss
&& wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
)) {
2674 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2675 max_wpa_ie_len
- wpa_ie_len
);
2679 #endif /* CONFIG_MBO */
2682 if (algs
== WPA_AUTH_ALG_FILS
) {
2685 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2686 max_wpa_ie_len
- wpa_ie_len
);
2689 #endif /* CONFIG_FILS */
2692 if (algs
== WPA_AUTH_ALG_OPEN
&&
2693 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2694 struct wpabuf
*owe_ie
;
2695 u16 group
= OWE_DH_GROUP
;
2697 if (ssid
->owe_group
)
2698 group
= ssid
->owe_group
;
2699 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2701 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2702 os_memcpy(wpa_ie
+ wpa_ie_len
,
2703 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2704 wpa_ie_len
+= wpabuf_len(owe_ie
);
2705 wpabuf_free(owe_ie
);
2708 #endif /* CONFIG_OWE */
2710 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2712 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2713 cipher_group
= wpa_s
->group_cipher
;
2714 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2715 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2716 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2717 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2719 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2724 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2727 #ifdef IEEE8021X_EAPOL
2728 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2729 if ((ssid
->eapol_flags
&
2730 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2731 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2735 /* Assume that dynamic WEP-104 keys will be used and
2736 * set cipher suites in order for drivers to expect
2738 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2741 #endif /* IEEE8021X_EAPOL */
2743 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2744 /* Set the key before (and later after) association */
2745 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2748 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2750 params
.ssid
= bss
->ssid
;
2751 params
.ssid_len
= bss
->ssid_len
;
2752 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2753 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2754 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2755 MACSTR
" freq=%u MHz based on scan results "
2756 "(bssid_set=%d wps=%d)",
2757 MAC2STR(bss
->bssid
), bss
->freq
,
2759 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2760 params
.bssid
= bss
->bssid
;
2761 params
.freq
.freq
= bss
->freq
;
2763 params
.bssid_hint
= bss
->bssid
;
2764 params
.freq_hint
= bss
->freq
;
2765 params
.pbss
= bss_is_pbss(bss
);
2767 if (ssid
->bssid_hint_set
)
2768 params
.bssid_hint
= ssid
->bssid_hint
;
2770 params
.ssid
= ssid
->ssid
;
2771 params
.ssid_len
= ssid
->ssid_len
;
2772 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
2775 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
2776 wpa_s
->conf
->ap_scan
== 2) {
2777 params
.bssid
= ssid
->bssid
;
2778 params
.fixed_bssid
= 1;
2781 /* Initial frequency for IBSS/mesh */
2782 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
2783 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
2784 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
2786 if (ssid
->mode
== WPAS_MODE_IBSS
) {
2787 params
.fixed_freq
= ssid
->fixed_freq
;
2788 if (ssid
->beacon_int
)
2789 params
.beacon_int
= ssid
->beacon_int
;
2791 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
2794 params
.wpa_ie
= wpa_ie
;
2795 params
.wpa_ie_len
= wpa_ie_len
;
2796 params
.pairwise_suite
= cipher_pairwise
;
2797 params
.group_suite
= cipher_group
;
2798 params
.mgmt_group_suite
= cipher_group_mgmt
;
2799 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
2800 params
.wpa_proto
= wpa_s
->wpa_proto
;
2801 params
.auth_alg
= algs
;
2802 wpa_s
->auth_alg
= params
.auth_alg
;
2803 params
.mode
= ssid
->mode
;
2804 params
.bg_scan_period
= ssid
->bg_scan_period
;
2805 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
2806 if (ssid
->wep_key_len
[i
])
2807 params
.wep_key
[i
] = ssid
->wep_key
[i
];
2808 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
2810 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
2812 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
2813 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2814 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
2815 params
.passphrase
= ssid
->passphrase
;
2817 params
.psk
= ssid
->psk
;
2820 if (wpa_s
->conf
->key_mgmt_offload
) {
2821 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
2822 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
2823 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
2824 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
2825 params
.req_key_mgmt_offload
=
2826 ssid
->proactive_key_caching
< 0 ?
2827 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
2829 params
.req_key_mgmt_offload
= 1;
2831 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2832 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
2833 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
2835 params
.psk
= ssid
->psk
;
2838 params
.drop_unencrypted
= use_crypt
;
2840 #ifdef CONFIG_IEEE80211W
2841 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
2842 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
2843 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
2844 struct wpa_ie_data ie
;
2845 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
2847 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
2848 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
2849 "MFP: require MFP");
2850 params
.mgmt_frame_protection
=
2851 MGMT_FRAME_PROTECTION_REQUIRED
;
2854 #endif /* CONFIG_IEEE80211W */
2856 params
.p2p
= ssid
->p2p_group
;
2858 if (wpa_s
->p2pdev
->set_sta_uapsd
)
2859 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
2863 #ifdef CONFIG_HT_OVERRIDES
2864 os_memset(&htcaps
, 0, sizeof(htcaps
));
2865 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
2866 params
.htcaps
= (u8
*) &htcaps
;
2867 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
2868 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
2869 #endif /* CONFIG_HT_OVERRIDES */
2870 #ifdef CONFIG_VHT_OVERRIDES
2871 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
2872 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
2873 params
.vhtcaps
= &vhtcaps
;
2874 params
.vhtcaps_mask
= &vhtcaps_mask
;
2875 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
2876 #endif /* CONFIG_VHT_OVERRIDES */
2880 * If multi-channel concurrency is not supported, check for any
2881 * frequency conflict. In case of any frequency conflict, remove the
2882 * least prioritized connection.
2884 if (wpa_s
->num_multichan_concurrent
< 2) {
2886 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
2887 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
2888 wpa_printf(MSG_DEBUG
,
2889 "Assoc conflicting freq found (%d != %d)",
2890 freq
, params
.freq
.freq
);
2891 if (wpas_p2p_handle_frequency_conflicts(
2892 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
2893 wpas_connect_work_done(wpa_s
);
2899 #endif /* CONFIG_P2P */
2901 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
2902 wpa_s
->current_ssid
)
2903 params
.prev_bssid
= prev_bssid
;
2905 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
2908 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
2910 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
2912 * The driver is known to mean what is saying, so we
2913 * can stop right here; the association will not
2916 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
2917 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2918 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2921 /* try to continue anyway; new association will be tried again
2926 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2927 /* Set the key after the association just in case association
2928 * cleared the previously configured key. */
2929 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2930 /* No need to timeout authentication since there is no key
2932 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2933 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
2934 #ifdef CONFIG_IBSS_RSN
2935 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
2936 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
2937 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
2939 * RSN IBSS authentication is per-STA and we can disable the
2940 * per-BSSID authentication.
2942 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2943 #endif /* CONFIG_IBSS_RSN */
2945 /* Timeout for IEEE 802.11 authentication and association */
2949 /* give IBSS a bit more time */
2950 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
2951 } else if (wpa_s
->conf
->ap_scan
== 1) {
2952 /* give IBSS a bit more time */
2953 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
2955 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
2959 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
2960 /* Set static WEP keys again */
2961 wpa_set_wep_keys(wpa_s
, ssid
);
2964 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
2966 * Do not allow EAP session resumption between different
2967 * network configurations.
2969 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
2971 old_ssid
= wpa_s
->current_ssid
;
2972 wpa_s
->current_ssid
= ssid
;
2974 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
2975 wpa_s
->current_bss
= bss
;
2977 hs20_configure_frame_filters(wpa_s
);
2978 #endif /* CONFIG_HS20 */
2981 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
2982 wpa_supplicant_initiate_eapol(wpa_s
);
2983 if (old_ssid
!= wpa_s
->current_ssid
)
2984 wpas_notify_network_changed(wpa_s
);
2988 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
2991 struct wpa_ssid
*old_ssid
;
2993 wpas_connect_work_done(wpa_s
);
2994 wpa_clear_keys(wpa_s
, addr
);
2995 old_ssid
= wpa_s
->current_ssid
;
2996 wpa_supplicant_mark_disassoc(wpa_s
);
2997 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
2998 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
2999 if (old_ssid
!= wpa_s
->current_ssid
)
3000 wpas_notify_network_changed(wpa_s
);
3001 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3006 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3007 * @wpa_s: Pointer to wpa_supplicant data
3008 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3010 * This function is used to request %wpa_supplicant to deauthenticate from the
3013 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3017 union wpa_event_data event
;
3020 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3021 " pending_bssid=" MACSTR
" reason=%d state=%s",
3022 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3023 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3025 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3026 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3027 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3028 addr
= wpa_s
->pending_bssid
;
3029 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3030 addr
= wpa_s
->bssid
;
3031 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3033 * When using driver-based BSS selection, we may not know the
3034 * BSSID with which we are currently trying to associate. We
3035 * need to notify the driver of this disconnection even in such
3036 * a case, so use the all zeros address here.
3038 addr
= wpa_s
->bssid
;
3043 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3044 #endif /* CONFIG_TDLS */
3048 struct mesh_conf
*mconf
;
3050 mconf
= wpa_s
->ifmsh
->mconf
;
3051 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3053 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3054 mconf
->meshid_len
, reason_code
);
3055 wpa_supplicant_leave_mesh(wpa_s
);
3057 #endif /* CONFIG_MESH */
3060 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3061 os_memset(&event
, 0, sizeof(event
));
3062 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3063 event
.deauth_info
.locally_generated
= 1;
3064 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3069 wpa_supplicant_clear_connection(wpa_s
, addr
);
3072 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3073 struct wpa_ssid
*ssid
)
3075 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3079 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3080 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3083 * Try to reassociate since there is no current configuration and a new
3084 * network was made available.
3086 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3087 wpa_s
->reassociate
= 1;
3092 * wpa_supplicant_add_network - Add a new network
3093 * @wpa_s: wpa_supplicant structure for a network interface
3094 * Returns: The new network configuration or %NULL if operation failed
3096 * This function performs the following operations:
3097 * 1. Adds a new network.
3098 * 2. Send network addition notification.
3099 * 3. Marks the network disabled.
3100 * 4. Set network default parameters.
3102 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3104 struct wpa_ssid
*ssid
;
3106 ssid
= wpa_config_add_network(wpa_s
->conf
);
3109 wpas_notify_network_added(wpa_s
, ssid
);
3111 wpa_config_set_network_defaults(ssid
);
3118 * wpa_supplicant_remove_network - Remove a configured network based on id
3119 * @wpa_s: wpa_supplicant structure for a network interface
3120 * @id: Unique network id to search for
3121 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3122 * could not be removed
3124 * This function performs the following operations:
3125 * 1. Removes the network.
3126 * 2. Send network removal notification.
3127 * 3. Update internal state machines.
3128 * 4. Stop any running sched scans.
3130 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3132 struct wpa_ssid
*ssid
;
3135 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3138 wpas_notify_network_removed(wpa_s
, ssid
);
3140 if (wpa_s
->last_ssid
== ssid
)
3141 wpa_s
->last_ssid
= NULL
;
3143 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3145 wpa_s
->sme
.prev_bssid_set
= 0;
3146 #endif /* CONFIG_SME */
3148 * Invalidate the EAP session cache if the current or
3149 * previously used network is removed.
3151 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3154 if (ssid
== wpa_s
->current_ssid
) {
3155 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3156 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3158 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3159 wpa_s
->own_disconnect_req
= 1;
3160 wpa_supplicant_deauthenticate(wpa_s
,
3161 WLAN_REASON_DEAUTH_LEAVING
);
3164 was_disabled
= ssid
->disabled
;
3166 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3169 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3170 wpa_printf(MSG_DEBUG
,
3171 "Stop ongoing sched_scan to remove network from filters");
3172 wpa_supplicant_cancel_sched_scan(wpa_s
);
3173 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3181 * wpa_supplicant_enable_network - Mark a configured network as enabled
3182 * @wpa_s: wpa_supplicant structure for a network interface
3183 * @ssid: wpa_ssid structure for a configured network or %NULL
3185 * Enables the specified network or all networks if no network specified.
3187 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3188 struct wpa_ssid
*ssid
)
3191 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3192 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3194 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3196 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3197 (!wpa_s
->current_ssid
||
3198 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3199 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3200 if (wpa_s
->sched_scanning
) {
3201 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3202 "new network to scan filters");
3203 wpa_supplicant_cancel_sched_scan(wpa_s
);
3206 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3207 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3208 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3215 * wpa_supplicant_disable_network - Mark a configured network as disabled
3216 * @wpa_s: wpa_supplicant structure for a network interface
3217 * @ssid: wpa_ssid structure for a configured network or %NULL
3219 * Disables the specified network or all networks if no network specified.
3221 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3222 struct wpa_ssid
*ssid
)
3224 struct wpa_ssid
*other_ssid
;
3228 if (wpa_s
->sched_scanning
)
3229 wpa_supplicant_cancel_sched_scan(wpa_s
);
3231 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3232 other_ssid
= other_ssid
->next
) {
3233 was_disabled
= other_ssid
->disabled
;
3234 if (was_disabled
== 2)
3235 continue; /* do not change persistent P2P group
3238 other_ssid
->disabled
= 1;
3240 if (was_disabled
!= other_ssid
->disabled
)
3241 wpas_notify_network_enabled_changed(
3244 if (wpa_s
->current_ssid
) {
3245 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3246 wpa_s
->own_disconnect_req
= 1;
3247 wpa_supplicant_deauthenticate(
3248 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3250 } else if (ssid
->disabled
!= 2) {
3251 if (ssid
== wpa_s
->current_ssid
) {
3252 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3253 wpa_s
->own_disconnect_req
= 1;
3254 wpa_supplicant_deauthenticate(
3255 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3258 was_disabled
= ssid
->disabled
;
3262 if (was_disabled
!= ssid
->disabled
) {
3263 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3264 if (wpa_s
->sched_scanning
) {
3265 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3266 "to remove network from filters");
3267 wpa_supplicant_cancel_sched_scan(wpa_s
);
3268 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3276 * wpa_supplicant_select_network - Attempt association with a network
3277 * @wpa_s: wpa_supplicant structure for a network interface
3278 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3280 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3281 struct wpa_ssid
*ssid
)
3284 struct wpa_ssid
*other_ssid
;
3285 int disconnected
= 0;
3287 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3288 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3289 wpa_s
->own_disconnect_req
= 1;
3290 wpa_supplicant_deauthenticate(
3291 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3296 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3299 * Mark all other networks disabled or mark all networks enabled if no
3300 * network specified.
3302 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3303 other_ssid
= other_ssid
->next
) {
3304 int was_disabled
= other_ssid
->disabled
;
3305 if (was_disabled
== 2)
3306 continue; /* do not change persistent P2P group data */
3308 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3309 if (was_disabled
&& !other_ssid
->disabled
)
3310 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3312 if (was_disabled
!= other_ssid
->disabled
)
3313 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3316 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3317 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3318 /* We are already associated with the selected network */
3319 wpa_printf(MSG_DEBUG
, "Already associated with the "
3320 "selected network - do nothing");
3325 wpa_s
->current_ssid
= ssid
;
3326 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3327 wpa_s
->connect_without_scan
=
3328 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3331 * Don't optimize next scan freqs since a new ESS has been
3334 os_free(wpa_s
->next_scan_freqs
);
3335 wpa_s
->next_scan_freqs
= NULL
;
3337 wpa_s
->connect_without_scan
= NULL
;
3340 wpa_s
->disconnected
= 0;
3341 wpa_s
->reassociate
= 1;
3343 if (wpa_s
->connect_without_scan
||
3344 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3345 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3346 wpas_scan_reset_sched_scan(wpa_s
);
3347 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3351 wpas_notify_network_selected(wpa_s
, ssid
);
3356 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3357 * @wpa_s: wpa_supplicant structure for a network interface
3358 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3359 * @pkcs11_module_path: PKCS #11 module path or NULL
3360 * Returns: 0 on success; -1 on failure
3362 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3363 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3364 * module path fails the paths will be reset to the default value (NULL).
3366 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3367 const char *pkcs11_engine_path
,
3368 const char *pkcs11_module_path
)
3370 char *pkcs11_engine_path_copy
= NULL
;
3371 char *pkcs11_module_path_copy
= NULL
;
3373 if (pkcs11_engine_path
!= NULL
) {
3374 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3375 if (pkcs11_engine_path_copy
== NULL
)
3378 if (pkcs11_module_path
!= NULL
) {
3379 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3380 if (pkcs11_module_path_copy
== NULL
) {
3381 os_free(pkcs11_engine_path_copy
);
3386 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3387 os_free(wpa_s
->conf
->pkcs11_module_path
);
3388 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3389 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3391 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3392 eapol_sm_deinit(wpa_s
->eapol
);
3393 wpa_s
->eapol
= NULL
;
3394 if (wpa_supplicant_init_eapol(wpa_s
)) {
3395 /* Error -> Reset paths to the default value (NULL) once. */
3396 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3397 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3402 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3409 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3410 * @wpa_s: wpa_supplicant structure for a network interface
3411 * @ap_scan: AP scan mode
3412 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3415 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3420 if (ap_scan
< 0 || ap_scan
> 2)
3423 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3424 wpa_printf(MSG_INFO
,
3425 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3429 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3430 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3431 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3432 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3433 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3436 #endif /* ANDROID */
3438 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3439 wpa_s
->conf
->ap_scan
= ap_scan
;
3441 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3442 wpas_notify_ap_scan_changed(wpa_s
);
3449 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3450 * @wpa_s: wpa_supplicant structure for a network interface
3451 * @expire_age: Expiration age in seconds
3452 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3455 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3456 unsigned int bss_expire_age
)
3458 if (bss_expire_age
< 10) {
3459 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3463 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3465 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3472 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3473 * @wpa_s: wpa_supplicant structure for a network interface
3474 * @expire_count: number of scans after which an unseen BSS is reclaimed
3475 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3478 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3479 unsigned int bss_expire_count
)
3481 if (bss_expire_count
< 1) {
3482 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3486 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3488 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3495 * wpa_supplicant_set_scan_interval - Set scan interval
3496 * @wpa_s: wpa_supplicant structure for a network interface
3497 * @scan_interval: scan interval in seconds
3498 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3501 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3504 if (scan_interval
< 0) {
3505 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3509 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3511 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3518 * wpa_supplicant_set_debug_params - Set global debug params
3519 * @global: wpa_global structure
3520 * @debug_level: debug level
3521 * @debug_timestamp: determines if show timestamp in debug data
3522 * @debug_show_keys: determines if show keys in debug data
3523 * Returns: 0 if succeed or -1 if debug_level has wrong value
3525 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3526 int debug_timestamp
, int debug_show_keys
)
3529 int old_level
, old_timestamp
, old_show_keys
;
3531 /* check for allowed debuglevels */
3532 if (debug_level
!= MSG_EXCESSIVE
&&
3533 debug_level
!= MSG_MSGDUMP
&&
3534 debug_level
!= MSG_DEBUG
&&
3535 debug_level
!= MSG_INFO
&&
3536 debug_level
!= MSG_WARNING
&&
3537 debug_level
!= MSG_ERROR
)
3540 old_level
= wpa_debug_level
;
3541 old_timestamp
= wpa_debug_timestamp
;
3542 old_show_keys
= wpa_debug_show_keys
;
3544 wpa_debug_level
= debug_level
;
3545 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3546 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3548 if (wpa_debug_level
!= old_level
)
3549 wpas_notify_debug_level_changed(global
);
3550 if (wpa_debug_timestamp
!= old_timestamp
)
3551 wpas_notify_debug_timestamp_changed(global
);
3552 if (wpa_debug_show_keys
!= old_show_keys
)
3553 wpas_notify_debug_show_keys_changed(global
);
3560 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
3561 const u8
*entry_ssid
, size_t entry_ssid_len
)
3563 const u8
*owe
, *pos
, *end
;
3565 struct wpa_bss
*bss
;
3567 /* Check network profile SSID aganst the SSID in the
3568 * OWE Transition Mode element. */
3570 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
3574 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
3579 end
= owe
+ 2 + owe
[1];
3581 if (end
- pos
< ETH_ALEN
+ 1)
3585 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
3588 return entry_ssid_len
== ssid_len
&&
3589 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
3591 #endif /* CONFIG_OWE */
3595 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3596 * @wpa_s: Pointer to wpa_supplicant data
3597 * Returns: A pointer to the current network structure or %NULL on failure
3599 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3601 struct wpa_ssid
*entry
;
3602 u8 ssid
[SSID_MAX_LEN
];
3608 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3610 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3616 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3617 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3622 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3623 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3625 entry
= wpa_s
->conf
->ssid
;
3627 if (!wpas_network_disabled(wpa_s
, entry
) &&
3628 ((ssid_len
== entry
->ssid_len
&&
3629 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3630 (!entry
->bssid_set
||
3631 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3634 if (!wpas_network_disabled(wpa_s
, entry
) &&
3635 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3636 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3637 (!entry
->bssid_set
||
3638 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3640 #endif /* CONFIG_WPS */
3643 if (!wpas_network_disabled(wpa_s
, entry
) &&
3644 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
3646 (!entry
->bssid_set
||
3647 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3649 #endif /* CONFIG_OWE */
3651 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3652 entry
->ssid_len
== 0 &&
3653 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3656 entry
= entry
->next
;
3663 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3665 struct wpa_global
*global
= wpa_s
->global
;
3667 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3668 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3669 if (global
->drv_priv
[i
] == NULL
) {
3670 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3671 "'%s'", wpa_drivers
[i
]->name
);
3676 wpa_s
->driver
= wpa_drivers
[i
];
3677 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3683 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3688 const char *pos
, *driver
= name
;
3693 if (wpa_drivers
[0] == NULL
) {
3694 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3700 /* default to first driver in the list */
3701 return select_driver(wpa_s
, 0);
3705 pos
= os_strchr(driver
, ',');
3709 len
= os_strlen(driver
);
3711 for (i
= 0; wpa_drivers
[i
]; i
++) {
3712 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3713 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3715 /* First driver that succeeds wins */
3716 if (select_driver(wpa_s
, i
) == 0)
3724 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3730 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3731 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3732 * with struct wpa_driver_ops::init()
3733 * @src_addr: Source address of the EAPOL frame
3734 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3735 * @len: Length of the EAPOL data
3737 * This function is called for each received EAPOL frame. Most driver
3738 * interfaces rely on more generic OS mechanism for receiving frames through
3739 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3740 * take care of received EAPOL frames and deliver them to the core supplicant
3741 * code by calling this function.
3743 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3744 const u8
*buf
, size_t len
)
3746 struct wpa_supplicant
*wpa_s
= ctx
;
3748 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3749 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3751 #ifdef CONFIG_TESTING_OPTIONS
3752 if (wpa_s
->ignore_auth_resp
) {
3753 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3756 #endif /* CONFIG_TESTING_OPTIONS */
3758 #ifdef CONFIG_PEERKEY
3759 if (wpa_s
->wpa_state
> WPA_ASSOCIATED
&& wpa_s
->current_ssid
&&
3760 wpa_s
->current_ssid
->peerkey
&&
3761 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3762 wpa_sm_rx_eapol_peerkey(wpa_s
->wpa
, src_addr
, buf
, len
) == 1) {
3763 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: Processed PeerKey EAPOL-Key");
3766 #endif /* CONFIG_PEERKEY */
3768 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3769 (wpa_s
->last_eapol_matches_bssid
&&
3772 #endif /* CONFIG_AP */
3773 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3775 * There is possible race condition between receiving the
3776 * association event and the EAPOL frame since they are coming
3777 * through different paths from the driver. In order to avoid
3778 * issues in trying to process the EAPOL frame before receiving
3779 * association information, lets queue it for processing until
3780 * the association event is received. This may also be needed in
3781 * driver-based roaming case, so also use src_addr != BSSID as a
3782 * trigger if we have previously confirmed that the
3783 * Authenticator uses BSSID as the src_addr (which is not the
3784 * case with wired IEEE 802.1X).
3786 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
3787 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
3788 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
3789 MAC2STR(wpa_s
->bssid
));
3790 wpabuf_free(wpa_s
->pending_eapol_rx
);
3791 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
3792 if (wpa_s
->pending_eapol_rx
) {
3793 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
3794 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
3800 wpa_s
->last_eapol_matches_bssid
=
3801 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
3804 if (wpa_s
->ap_iface
) {
3805 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
3808 #endif /* CONFIG_AP */
3810 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
3811 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
3812 "no key management is configured");
3816 if (wpa_s
->eapol_received
== 0 &&
3817 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
3818 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
3819 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
3820 (wpa_s
->current_ssid
== NULL
||
3821 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
3822 /* Timeout for completing IEEE 802.1X and WPA authentication */
3825 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
3826 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
3827 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3828 /* Use longer timeout for IEEE 802.1X/EAP */
3833 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
3834 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3835 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
3837 * Use shorter timeout if going through WPS AP iteration
3838 * for PIN config method with an AP that does not
3839 * advertise Selected Registrar.
3841 struct wpabuf
*wps_ie
;
3843 wps_ie
= wpa_bss_get_vendor_ie_multi(
3844 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
3846 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
3848 wpabuf_free(wps_ie
);
3850 #endif /* CONFIG_WPS */
3852 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3854 wpa_s
->eapol_received
++;
3856 if (wpa_s
->countermeasures
) {
3857 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
3862 #ifdef CONFIG_IBSS_RSN
3863 if (wpa_s
->current_ssid
&&
3864 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
3865 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
3868 #endif /* CONFIG_IBSS_RSN */
3870 /* Source address of the incoming EAPOL frame could be compared to the
3871 * current BSSID. However, it is possible that a centralized
3872 * Authenticator could be using another MAC address than the BSSID of
3873 * an AP, so just allow any address to be used for now. The replies are
3874 * still sent to the current BSSID (if available), though. */
3876 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
3877 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
3878 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
3879 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
3880 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
3882 wpa_drv_poll(wpa_s
);
3883 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
3884 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
3885 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
3887 * Set portValid = TRUE here since we are going to skip 4-way
3888 * handshake processing which would normally set portValid. We
3889 * need this to allow the EAPOL state machines to be completed
3890 * without going through EAPOL-Key handshake.
3892 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
3897 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
3899 if ((!wpa_s
->p2p_mgmt
||
3900 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
3901 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
3902 l2_packet_deinit(wpa_s
->l2
);
3903 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
3904 wpa_drv_get_mac_addr(wpa_s
),
3906 wpa_supplicant_rx_eapol
, wpa_s
, 0);
3907 if (wpa_s
->l2
== NULL
)
3910 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
3912 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
3915 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
3916 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
3920 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3926 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
3927 const u8
*buf
, size_t len
)
3929 struct wpa_supplicant
*wpa_s
= ctx
;
3930 const struct l2_ethhdr
*eth
;
3932 if (len
< sizeof(*eth
))
3934 eth
= (const struct l2_ethhdr
*) buf
;
3936 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
3937 !(eth
->h_dest
[0] & 0x01)) {
3938 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3939 " (bridge - not for this interface - ignore)",
3940 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3944 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3945 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3946 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
3947 len
- sizeof(*eth
));
3952 * wpa_supplicant_driver_init - Initialize driver interface parameters
3953 * @wpa_s: Pointer to wpa_supplicant data
3954 * Returns: 0 on success, -1 on failure
3956 * This function is called to initialize driver interface parameters.
3957 * wpa_drv_init() must have been called before this function to initialize the
3960 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
3962 static int interface_count
= 0;
3964 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
3967 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
3968 MAC2STR(wpa_s
->own_addr
));
3969 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
3970 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3972 if (wpa_s
->bridge_ifname
[0]) {
3973 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
3974 "interface '%s'", wpa_s
->bridge_ifname
);
3975 wpa_s
->l2_br
= l2_packet_init_bridge(
3976 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
3977 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
3978 if (wpa_s
->l2_br
== NULL
) {
3979 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
3980 "connection for the bridge interface '%s'",
3981 wpa_s
->bridge_ifname
);
3986 if (wpa_s
->conf
->ap_scan
== 2 &&
3987 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3988 wpa_printf(MSG_INFO
,
3989 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3992 wpa_clear_keys(wpa_s
, NULL
);
3994 /* Make sure that TKIP countermeasures are not left enabled (could
3995 * happen if wpa_supplicant is killed during countermeasures. */
3996 wpa_drv_set_countermeasures(wpa_s
, 0);
3998 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
3999 wpa_drv_flush_pmkid(wpa_s
);
4001 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4002 wpa_s
->prev_scan_wildcard
= 0;
4004 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4005 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4006 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4007 interface_count
= 0;
4010 if (!wpa_s
->p2p_mgmt
&&
4011 wpa_supplicant_delayed_sched_scan(wpa_s
,
4012 interface_count
% 3,
4014 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4016 #endif /* ANDROID */
4019 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4025 static int wpa_supplicant_daemon(const char *pid_file
)
4027 wpa_printf(MSG_DEBUG
, "Daemonize..");
4028 return os_daemonize(pid_file
);
4032 static struct wpa_supplicant
*
4033 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4035 struct wpa_supplicant
*wpa_s
;
4037 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4040 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4041 wpa_s
->scan_interval
= 5;
4042 wpa_s
->new_connection
= 1;
4043 wpa_s
->parent
= parent
? parent
: wpa_s
;
4044 wpa_s
->p2pdev
= wpa_s
->parent
;
4045 wpa_s
->sched_scanning
= 0;
4047 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4048 dl_list_init(&wpa_s
->fils_hlp_req
);
4054 #ifdef CONFIG_HT_OVERRIDES
4056 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4057 struct ieee80211_ht_capabilities
*htcaps
,
4058 struct ieee80211_ht_capabilities
*htcaps_mask
,
4061 /* parse ht_mcs into hex array */
4063 const char *tmp
= ht_mcs
;
4066 /* If ht_mcs is null, do not set anything */
4070 /* This is what we are setting in the kernel */
4071 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4073 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4075 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4079 v
= strtol(tmp
, &end
, 16);
4082 wpa_msg(wpa_s
, MSG_DEBUG
,
4083 "htcap value[%i]: %ld end: %p tmp: %p",
4088 htcaps
->supported_mcs_set
[i
] = v
;
4091 wpa_msg(wpa_s
, MSG_ERROR
,
4092 "Failed to parse ht-mcs: %s, error: %s\n",
4093 ht_mcs
, strerror(errno
));
4099 * If we were able to parse any values, then set mask for the MCS set.
4102 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4103 IEEE80211_HT_MCS_MASK_LEN
- 1);
4104 /* skip the 3 reserved bits */
4105 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4113 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4114 struct ieee80211_ht_capabilities
*htcaps
,
4115 struct ieee80211_ht_capabilities
*htcaps_mask
,
4120 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4125 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4126 htcaps_mask
->ht_capabilities_info
|= msk
;
4128 htcaps
->ht_capabilities_info
&= msk
;
4130 htcaps
->ht_capabilities_info
|= msk
;
4136 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4137 struct ieee80211_ht_capabilities
*htcaps
,
4138 struct ieee80211_ht_capabilities
*htcaps_mask
,
4141 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4146 if (factor
< 0 || factor
> 3) {
4147 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4148 "Must be 0-3 or -1", factor
);
4152 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4153 htcaps
->a_mpdu_params
&= ~0x3;
4154 htcaps
->a_mpdu_params
|= factor
& 0x3;
4160 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4161 struct ieee80211_ht_capabilities
*htcaps
,
4162 struct ieee80211_ht_capabilities
*htcaps_mask
,
4165 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4170 if (density
< 0 || density
> 7) {
4171 wpa_msg(wpa_s
, MSG_ERROR
,
4172 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4177 htcaps_mask
->a_mpdu_params
|= 0x1C;
4178 htcaps
->a_mpdu_params
&= ~(0x1C);
4179 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4185 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4186 struct ieee80211_ht_capabilities
*htcaps
,
4187 struct ieee80211_ht_capabilities
*htcaps_mask
,
4190 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4192 set_disable_ht40(htcaps
, disabled
);
4193 set_disable_ht40(htcaps_mask
, 0);
4199 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4200 struct ieee80211_ht_capabilities
*htcaps
,
4201 struct ieee80211_ht_capabilities
*htcaps_mask
,
4204 /* Masking these out disables SGI */
4205 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4206 HT_CAP_INFO_SHORT_GI40MHZ
);
4208 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4211 htcaps
->ht_capabilities_info
&= ~msk
;
4213 htcaps
->ht_capabilities_info
|= msk
;
4215 htcaps_mask
->ht_capabilities_info
|= msk
;
4221 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4222 struct ieee80211_ht_capabilities
*htcaps
,
4223 struct ieee80211_ht_capabilities
*htcaps_mask
,
4226 /* Masking these out disables LDPC */
4227 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4229 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4232 htcaps
->ht_capabilities_info
&= ~msk
;
4234 htcaps
->ht_capabilities_info
|= msk
;
4236 htcaps_mask
->ht_capabilities_info
|= msk
;
4242 void wpa_supplicant_apply_ht_overrides(
4243 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4244 struct wpa_driver_associate_params
*params
)
4246 struct ieee80211_ht_capabilities
*htcaps
;
4247 struct ieee80211_ht_capabilities
*htcaps_mask
;
4252 params
->disable_ht
= ssid
->disable_ht
;
4253 if (!params
->htcaps
|| !params
->htcaps_mask
)
4256 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4257 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4258 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4259 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4260 ssid
->disable_max_amsdu
);
4261 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4262 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4263 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4264 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4265 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4267 if (ssid
->ht40_intolerant
) {
4268 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4269 htcaps
->ht_capabilities_info
|= bit
;
4270 htcaps_mask
->ht_capabilities_info
|= bit
;
4274 #endif /* CONFIG_HT_OVERRIDES */
4277 #ifdef CONFIG_VHT_OVERRIDES
4278 void wpa_supplicant_apply_vht_overrides(
4279 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4280 struct wpa_driver_associate_params
*params
)
4282 struct ieee80211_vht_capabilities
*vhtcaps
;
4283 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4288 params
->disable_vht
= ssid
->disable_vht
;
4290 vhtcaps
= (void *) params
->vhtcaps
;
4291 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4293 if (!vhtcaps
|| !vhtcaps_mask
)
4296 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4297 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4299 #ifdef CONFIG_HT_OVERRIDES
4300 /* if max ampdu is <= 3, we have to make the HT cap the same */
4301 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4304 max_ampdu
= (ssid
->vht_capa
&
4305 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4306 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4308 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4309 wpa_set_ampdu_factor(wpa_s
,
4310 (void *) params
->htcaps
,
4311 (void *) params
->htcaps_mask
,
4314 #endif /* CONFIG_HT_OVERRIDES */
4316 #define OVERRIDE_MCS(i) \
4317 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4318 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4319 host_to_le16(3 << 2 * (i - 1)); \
4320 vhtcaps->vht_supported_mcs_set.tx_map |= \
4321 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4324 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4325 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4326 host_to_le16(3 << 2 * (i - 1)); \
4327 vhtcaps->vht_supported_mcs_set.rx_map |= \
4328 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4341 #endif /* CONFIG_VHT_OVERRIDES */
4344 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4349 if (!wpa_s
->conf
->pcsc_reader
)
4352 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4356 if (wpa_s
->conf
->pcsc_pin
&&
4357 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4358 scard_deinit(wpa_s
->scard
);
4359 wpa_s
->scard
= NULL
;
4360 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4364 len
= sizeof(wpa_s
->imsi
) - 1;
4365 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4366 scard_deinit(wpa_s
->scard
);
4367 wpa_s
->scard
= NULL
;
4368 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4371 wpa_s
->imsi
[len
] = '\0';
4373 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4375 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4376 wpa_s
->imsi
, wpa_s
->mnc_len
);
4378 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4379 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4380 #endif /* PCSC_FUNCS */
4386 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4390 ext_password_deinit(wpa_s
->ext_pw
);
4391 wpa_s
->ext_pw
= NULL
;
4392 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4394 if (!wpa_s
->conf
->ext_password_backend
)
4397 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4400 pos
= os_strchr(val
, ':');
4404 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4406 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4408 if (wpa_s
->ext_pw
== NULL
) {
4409 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4412 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4420 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4422 struct wpa_supplicant
*wpa_s
= ctx
;
4424 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4425 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4429 static void wpas_fst_get_channel_info_cb(void *ctx
,
4430 enum hostapd_hw_mode
*hw_mode
,
4433 struct wpa_supplicant
*wpa_s
= ctx
;
4435 if (wpa_s
->current_bss
) {
4436 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4438 } else if (wpa_s
->hw
.num_modes
) {
4439 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4447 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4449 struct wpa_supplicant
*wpa_s
= ctx
;
4451 *modes
= wpa_s
->hw
.modes
;
4452 return wpa_s
->hw
.num_modes
;
4456 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4458 struct wpa_supplicant
*wpa_s
= ctx
;
4460 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4461 wpa_s
->fst_ies
= fst_ies
;
4465 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4467 struct wpa_supplicant
*wpa_s
= ctx
;
4469 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4470 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4471 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4474 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4475 wpa_s
->own_addr
, wpa_s
->bssid
,
4476 wpabuf_head(data
), wpabuf_len(data
),
4481 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4483 struct wpa_supplicant
*wpa_s
= ctx
;
4485 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4486 return wpa_s
->received_mb_ies
;
4490 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4491 const u8
*buf
, size_t size
)
4493 struct wpa_supplicant
*wpa_s
= ctx
;
4494 struct mb_ies_info info
;
4496 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4498 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4499 wpabuf_free(wpa_s
->received_mb_ies
);
4500 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4505 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4506 struct fst_get_peer_ctx
**get_ctx
,
4509 struct wpa_supplicant
*wpa_s
= ctx
;
4512 if (!is_zero_ether_addr(wpa_s
->bssid
))
4513 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4514 wpa_s
->bssid
: NULL
;
4519 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4520 struct fst_get_peer_ctx
**get_ctx
,
4526 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4527 struct fst_wpa_obj
*iface_obj
)
4529 iface_obj
->ctx
= wpa_s
;
4530 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4531 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4532 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4533 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4534 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4535 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4536 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4537 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4538 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4540 #endif /* CONFIG_FST */
4542 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4543 const struct wpa_driver_capa
*capa
)
4545 struct wowlan_triggers
*triggers
;
4548 if (!wpa_s
->conf
->wowlan_triggers
)
4551 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4553 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4560 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4563 return BAND_2_4_GHZ
;
4570 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4573 unsigned int band
= 0;
4576 /* freqs are specified for the radio work */
4577 for (i
= 0; freqs
[i
]; i
++)
4578 band
|= wpas_freq_to_band(freqs
[i
]);
4581 * freqs are not specified, implies all
4582 * the supported freqs by HW
4584 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4585 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4586 if (wpa_s
->hw
.modes
[i
].mode
==
4587 HOSTAPD_MODE_IEEE80211B
||
4588 wpa_s
->hw
.modes
[i
].mode
==
4589 HOSTAPD_MODE_IEEE80211G
)
4590 band
|= BAND_2_4_GHZ
;
4591 else if (wpa_s
->hw
.modes
[i
].mode
==
4592 HOSTAPD_MODE_IEEE80211A
)
4594 else if (wpa_s
->hw
.modes
[i
].mode
==
4595 HOSTAPD_MODE_IEEE80211AD
)
4596 band
|= BAND_60_GHZ
;
4597 else if (wpa_s
->hw
.modes
[i
].mode
==
4598 HOSTAPD_MODE_IEEE80211ANY
)
4599 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4609 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4612 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4613 struct wpa_radio
*radio
;
4615 while (rn
&& iface
) {
4616 radio
= iface
->radio
;
4617 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4618 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4620 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4624 iface
= iface
->next
;
4627 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4628 wpa_s
->ifname
, rn
? rn
: "N/A");
4629 radio
= os_zalloc(sizeof(*radio
));
4634 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4635 dl_list_init(&radio
->ifaces
);
4636 dl_list_init(&radio
->work
);
4637 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4643 static void radio_work_free(struct wpa_radio_work
*work
)
4645 if (work
->wpa_s
->scan_work
== work
) {
4646 /* This should not really happen. */
4647 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4648 work
->type
, work
, work
->started
);
4649 work
->wpa_s
->scan_work
= NULL
;
4653 if (work
->wpa_s
->p2p_scan_work
== work
) {
4654 /* This should not really happen. */
4655 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4656 work
->type
, work
, work
->started
);
4657 work
->wpa_s
->p2p_scan_work
= NULL
;
4659 #endif /* CONFIG_P2P */
4661 if (work
->started
) {
4662 work
->wpa_s
->radio
->num_active_works
--;
4663 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4664 "radio_work_free('%s'@%p: num_active_works --> %u",
4666 work
->wpa_s
->radio
->num_active_works
);
4669 dl_list_del(&work
->list
);
4674 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4676 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4677 os_strcmp(work
->type
, "connect") == 0;
4681 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4683 return os_strcmp(work
->type
, "scan") == 0 ||
4684 os_strcmp(work
->type
, "p2p-scan") == 0;
4688 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4690 struct wpa_radio_work
*active_work
= NULL
;
4691 struct wpa_radio_work
*tmp
;
4693 /* Get the active work to know the type and band. */
4694 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4702 /* No active work, start one */
4703 radio
->num_active_works
= 0;
4704 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4706 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4707 radio
->external_scan_running
&&
4708 (((struct wpa_driver_scan_params
*)
4709 tmp
->ctx
)->only_new_results
||
4710 tmp
->wpa_s
->clear_driver_scan_cache
))
4717 if (radio_work_is_connect(active_work
)) {
4719 * If the active work is either connect or sme-connect,
4720 * do not parallelize them with other radio works.
4722 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4723 "Do not parallelize radio work with %s",
4728 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4733 * If connect or sme-connect are enqueued, parallelize only
4734 * those operations ahead of them in the queue.
4736 if (radio_work_is_connect(tmp
))
4739 /* Serialize parallel scan and p2p_scan operations on the same
4740 * interface since the driver_nl80211 mechanism for tracking
4741 * scan cookies does not yet have support for this. */
4742 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4743 radio_work_is_scan(active_work
) &&
4744 radio_work_is_scan(tmp
)) {
4745 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4746 "Do not start work '%s' when another work '%s' is already scheduled",
4747 tmp
->type
, active_work
->type
);
4751 * Check that the radio works are distinct and
4752 * on different bands.
4754 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4755 (active_work
->bands
!= tmp
->bands
)) {
4757 * If a scan has to be scheduled through nl80211 scan
4758 * interface and if an external scan is already running,
4759 * do not schedule the scan since it is likely to get
4760 * rejected by kernel.
4762 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4763 radio
->external_scan_running
&&
4764 (((struct wpa_driver_scan_params
*)
4765 tmp
->ctx
)->only_new_results
||
4766 tmp
->wpa_s
->clear_driver_scan_cache
))
4769 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4770 "active_work:%s new_work:%s",
4771 active_work
->type
, tmp
->type
);
4776 /* Did not find a radio work to schedule in parallel. */
4781 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
4783 struct wpa_radio
*radio
= eloop_ctx
;
4784 struct wpa_radio_work
*work
;
4785 struct os_reltime now
, diff
;
4786 struct wpa_supplicant
*wpa_s
;
4788 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
4790 radio
->num_active_works
= 0;
4794 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
4798 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
4800 return; /* already started and still in progress */
4802 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
4803 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
4808 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4809 /* get the work to schedule next */
4810 work
= radio_work_get_next_work(radio
);
4816 wpa_s
= work
->wpa_s
;
4817 os_get_reltime(&now
);
4818 os_reltime_sub(&now
, &work
->time
, &diff
);
4819 wpa_dbg(wpa_s
, MSG_DEBUG
,
4820 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4821 work
->type
, work
, diff
.sec
, diff
.usec
);
4824 radio
->num_active_works
++;
4828 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
4829 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
4830 radio_work_check_next(wpa_s
);
4835 * This function removes both started and pending radio works running on
4836 * the provided interface's radio.
4837 * Prior to the removal of the radio work, its callback (cb) is called with
4838 * deinit set to be 1. Each work's callback is responsible for clearing its
4839 * internal data and restoring to a correct state.
4840 * @wpa_s: wpa_supplicant data
4841 * @type: type of works to be removed
4842 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4843 * this interface's works.
4845 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
4846 const char *type
, int remove_all
)
4848 struct wpa_radio_work
*work
, *tmp
;
4849 struct wpa_radio
*radio
= wpa_s
->radio
;
4851 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
4853 if (type
&& os_strcmp(type
, work
->type
) != 0)
4856 /* skip other ifaces' works */
4857 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
4860 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
4861 work
->type
, work
, work
->started
? " (started)" : "");
4863 radio_work_free(work
);
4866 /* in case we removed the started work */
4867 radio_work_check_next(wpa_s
);
4871 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
4873 struct wpa_radio
*radio
= wpa_s
->radio
;
4878 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
4879 wpa_s
->ifname
, radio
->name
);
4880 dl_list_del(&wpa_s
->radio_list
);
4881 radio_remove_works(wpa_s
, NULL
, 0);
4882 wpa_s
->radio
= NULL
;
4883 if (!dl_list_empty(&radio
->ifaces
))
4884 return; /* Interfaces remain for this radio */
4886 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
4887 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4892 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
4894 struct wpa_radio
*radio
= wpa_s
->radio
;
4896 if (dl_list_empty(&radio
->work
))
4898 if (wpa_s
->ext_work_in_progress
) {
4899 wpa_printf(MSG_DEBUG
,
4900 "External radio work in progress - delay start of pending item");
4903 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4904 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
4909 * radio_add_work - Add a radio work item
4910 * @wpa_s: Pointer to wpa_supplicant data
4911 * @freq: Frequency of the offchannel operation in MHz or 0
4912 * @type: Unique identifier for each type of work
4913 * @next: Force as the next work to be executed
4914 * @cb: Callback function for indicating when radio is available
4915 * @ctx: Context pointer for the work (work->ctx in cb())
4916 * Returns: 0 on success, -1 on failure
4918 * This function is used to request time for an operation that requires
4919 * exclusive radio control. Once the radio is available, the registered callback
4920 * function will be called. radio_work_done() must be called once the exclusive
4921 * radio operation has been completed, so that the radio is freed for other
4922 * operations. The special case of deinit=1 is used to free the context data
4923 * during interface removal. That does not allow the callback function to start
4924 * the radio operation, i.e., it must free any resources allocated for the radio
4927 * The @freq parameter can be used to indicate a single channel on which the
4928 * offchannel operation will occur. This may allow multiple radio work
4929 * operations to be performed in parallel if they apply for the same channel.
4930 * Setting this to 0 indicates that the work item may use multiple channels or
4931 * requires exclusive control of the radio.
4933 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
4934 const char *type
, int next
,
4935 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
4938 struct wpa_radio
*radio
= wpa_s
->radio
;
4939 struct wpa_radio_work
*work
;
4942 work
= os_zalloc(sizeof(*work
));
4945 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
4946 os_get_reltime(&work
->time
);
4949 work
->wpa_s
= wpa_s
;
4954 work
->bands
= wpas_freq_to_band(freq
);
4955 else if (os_strcmp(type
, "scan") == 0 ||
4956 os_strcmp(type
, "p2p-scan") == 0)
4957 work
->bands
= wpas_get_bands(wpa_s
,
4958 ((struct wpa_driver_scan_params
*)
4961 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
4963 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
4965 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
4967 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
4969 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
4970 radio_work_check_next(wpa_s
);
4971 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
4972 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4973 wpa_dbg(wpa_s
, MSG_DEBUG
,
4974 "Try to schedule a radio work (num_active_works=%u)",
4975 radio
->num_active_works
);
4976 radio_work_check_next(wpa_s
);
4984 * radio_work_done - Indicate that a radio work item has been completed
4985 * @work: Completed work
4987 * This function is called once the callback function registered with
4988 * radio_add_work() has completed its work.
4990 void radio_work_done(struct wpa_radio_work
*work
)
4992 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
4993 struct os_reltime now
, diff
;
4994 unsigned int started
= work
->started
;
4996 os_get_reltime(&now
);
4997 os_reltime_sub(&now
, &work
->time
, &diff
);
4998 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4999 work
->type
, work
, started
? "done" : "canceled",
5000 diff
.sec
, diff
.usec
);
5001 radio_work_free(work
);
5003 radio_work_check_next(wpa_s
);
5007 struct wpa_radio_work
*
5008 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5010 struct wpa_radio_work
*work
;
5011 struct wpa_radio
*radio
= wpa_s
->radio
;
5013 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5014 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5022 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5023 struct wpa_interface
*iface
)
5025 const char *ifname
, *driver
, *rn
;
5027 driver
= iface
->driver
;
5029 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5032 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5033 if (wpa_s
->drv_priv
== NULL
) {
5035 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5037 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5038 "driver interface - try next driver wrapper");
5042 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5046 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5047 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5048 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5052 ifname
= wpa_drv_get_ifname(wpa_s
);
5053 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5054 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5055 "interface name with '%s'", ifname
);
5056 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5059 rn
= wpa_driver_get_radio_name(wpa_s
);
5060 if (rn
&& rn
[0] == '\0')
5063 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5064 if (wpa_s
->radio
== NULL
)
5071 #ifdef CONFIG_GAS_SERVER
5073 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5074 unsigned int freq
, const u8
*dst
,
5075 const u8
*src
, const u8
*bssid
,
5076 const u8
*data
, size_t data_len
,
5077 enum offchannel_send_action_result result
)
5079 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5082 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5083 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5085 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5086 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5090 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5091 struct wpabuf
*buf
, unsigned int wait_time
)
5093 struct wpa_supplicant
*wpa_s
= ctx
;
5094 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5096 if (wait_time
> wpa_s
->max_remain_on_chan
)
5097 wait_time
= wpa_s
->max_remain_on_chan
;
5099 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5100 wpabuf_head(buf
), wpabuf_len(buf
),
5101 wait_time
, wpas_gas_server_tx_status
, 0);
5104 #endif /* CONFIG_GAS_SERVER */
5106 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5107 struct wpa_interface
*iface
)
5109 struct wpa_driver_capa capa
;
5113 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5114 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5115 iface
->confname
? iface
->confname
: "N/A",
5116 iface
->driver
? iface
->driver
: "default",
5117 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5118 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5120 if (iface
->confname
) {
5121 #ifdef CONFIG_BACKEND_FILE
5122 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5123 if (wpa_s
->confname
== NULL
) {
5124 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5125 "for configuration file '%s'.",
5129 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5130 iface
->confname
, wpa_s
->confname
);
5131 #else /* CONFIG_BACKEND_FILE */
5132 wpa_s
->confname
= os_strdup(iface
->confname
);
5133 #endif /* CONFIG_BACKEND_FILE */
5134 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5135 if (wpa_s
->conf
== NULL
) {
5136 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5137 "configuration '%s'.", wpa_s
->confname
);
5140 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5141 wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
);
5144 * Override ctrl_interface and driver_param if set on command
5147 if (iface
->ctrl_interface
) {
5148 os_free(wpa_s
->conf
->ctrl_interface
);
5149 wpa_s
->conf
->ctrl_interface
=
5150 os_strdup(iface
->ctrl_interface
);
5153 if (iface
->driver_param
) {
5154 os_free(wpa_s
->conf
->driver_param
);
5155 wpa_s
->conf
->driver_param
=
5156 os_strdup(iface
->driver_param
);
5159 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5160 os_free(wpa_s
->conf
->ctrl_interface
);
5161 wpa_s
->conf
->ctrl_interface
= NULL
;
5164 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5165 iface
->driver_param
);
5167 if (wpa_s
->conf
== NULL
) {
5168 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5172 if (iface
->ifname
== NULL
) {
5173 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5176 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5177 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5181 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5183 if (iface
->bridge_ifname
) {
5184 if (os_strlen(iface
->bridge_ifname
) >=
5185 sizeof(wpa_s
->bridge_ifname
)) {
5186 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5187 "name '%s'.", iface
->bridge_ifname
);
5190 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5191 sizeof(wpa_s
->bridge_ifname
));
5194 /* RSNA Supplicant Key Management - INITIALIZE */
5195 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5196 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5198 /* Initialize driver interface and register driver event handler before
5199 * L2 receive handler so that association events are processed before
5200 * EAPOL-Key packets if both become available for the same select()
5202 if (wpas_init_driver(wpa_s
, iface
) < 0)
5205 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5208 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5209 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5211 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5213 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5214 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5215 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5216 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5217 "dot11RSNAConfigPMKLifetime");
5221 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5222 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5223 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5224 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5225 "dot11RSNAConfigPMKReauthThreshold");
5229 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5230 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5231 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5232 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5233 "dot11RSNAConfigSATimeout");
5237 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5238 &wpa_s
->hw
.num_modes
,
5241 if (wpa_s
->hw
.modes
) {
5244 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5245 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5246 wpa_s
->hw_capab
= CAPAB_VHT
;
5250 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5251 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5252 wpa_s
->hw_capab
= CAPAB_HT40
;
5253 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5254 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5255 wpa_s
->hw_capab
= CAPAB_HT
;
5259 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5260 if (capa_res
== 0) {
5261 wpa_s
->drv_capa_known
= 1;
5262 wpa_s
->drv_flags
= capa
.flags
;
5263 wpa_s
->drv_enc
= capa
.enc
;
5264 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5265 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5266 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5267 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5268 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5269 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5270 wpa_s
->max_sched_scan_plan_interval
=
5271 capa
.max_sched_scan_plan_interval
;
5272 wpa_s
->max_sched_scan_plan_iterations
=
5273 capa
.max_sched_scan_plan_iterations
;
5274 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5275 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5276 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5277 wpa_s
->max_stations
= capa
.max_stations
;
5278 wpa_s
->extended_capa
= capa
.extended_capa
;
5279 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5280 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5281 wpa_s
->num_multichan_concurrent
=
5282 capa
.num_multichan_concurrent
;
5283 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5285 if (capa
.mac_addr_rand_scan_supported
)
5286 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5287 if (wpa_s
->sched_scan_supported
&&
5288 capa
.mac_addr_rand_sched_scan_supported
)
5289 wpa_s
->mac_addr_rand_supported
|=
5290 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5292 if (wpa_s
->max_remain_on_chan
== 0)
5293 wpa_s
->max_remain_on_chan
= 1000;
5296 * Only take p2p_mgmt parameters when P2P Device is supported.
5297 * Doing it here as it determines whether l2_packet_init() will be done
5298 * during wpa_supplicant_driver_init().
5300 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5301 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5303 iface
->p2p_mgmt
= 1;
5305 if (wpa_s
->num_multichan_concurrent
== 0)
5306 wpa_s
->num_multichan_concurrent
= 1;
5308 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5312 if ((!iface
->p2p_mgmt
||
5313 !(wpa_s
->drv_flags
&
5314 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
5315 wpa_tdls_init(wpa_s
->wpa
))
5317 #endif /* CONFIG_TDLS */
5319 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5320 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5321 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5326 if (wpa_s
->conf
->fst_group_id
) {
5327 struct fst_iface_cfg cfg
;
5328 struct fst_wpa_obj iface_obj
;
5330 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5331 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5332 sizeof(cfg
.group_id
));
5333 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5334 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5336 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5339 wpa_msg(wpa_s
, MSG_ERROR
,
5340 "FST: Cannot attach iface %s to group %s",
5341 wpa_s
->ifname
, cfg
.group_id
);
5345 #endif /* CONFIG_FST */
5347 if (wpas_wps_init(wpa_s
))
5350 #ifdef CONFIG_GAS_SERVER
5351 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5352 if (!wpa_s
->gas_server
) {
5353 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5356 #endif /* CONFIG_GAS_SERVER */
5359 if (wpas_dpp_init(wpa_s
) < 0)
5361 #endif /* CONFIG_DPP */
5363 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5365 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5367 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5368 if (wpa_s
->ctrl_iface
== NULL
) {
5369 wpa_printf(MSG_ERROR
,
5370 "Failed to initialize control interface '%s'.\n"
5371 "You may have another wpa_supplicant process "
5372 "already running or the file was\n"
5373 "left by an unclean termination of wpa_supplicant "
5374 "in which case you will need\n"
5375 "to manually remove this file before starting "
5376 "wpa_supplicant again.\n",
5377 wpa_s
->conf
->ctrl_interface
);
5381 wpa_s
->gas
= gas_query_init(wpa_s
);
5382 if (wpa_s
->gas
== NULL
) {
5383 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5387 if (iface
->p2p_mgmt
&& wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5388 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5392 if (wpa_bss_init(wpa_s
) < 0)
5395 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5397 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5398 #endif /* CONFIG_MESH */
5399 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5402 * Set Wake-on-WLAN triggers, if configured.
5403 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5404 * have effect anyway when the interface is down).
5406 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5409 #ifdef CONFIG_EAP_PROXY
5412 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5414 if (wpa_s
->mnc_len
> 0) {
5415 wpa_s
->imsi
[len
] = '\0';
5416 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5417 wpa_s
->imsi
, wpa_s
->mnc_len
);
5419 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5422 #endif /* CONFIG_EAP_PROXY */
5424 if (pcsc_reader_init(wpa_s
) < 0)
5427 if (wpas_init_ext_pw(wpa_s
) < 0)
5430 wpas_rrm_reset(wpa_s
);
5432 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5436 #endif /* CONFIG_HS20 */
5438 if (wpa_s
->conf
->oce
) {
5439 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5440 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5441 wpa_s
->enable_oce
= OCE_STA
;
5442 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5443 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5444 /* TODO: Need to add STA-CFON support */
5445 wpa_printf(MSG_ERROR
,
5446 "OCE STA-CFON feature is not yet supported");
5449 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5450 #endif /* CONFIG_MBO */
5452 wpa_supplicant_set_default_scan_ies(wpa_s
);
5458 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5459 int notify
, int terminate
)
5461 struct wpa_global
*global
= wpa_s
->global
;
5462 struct wpa_supplicant
*iface
, *prev
;
5464 if (wpa_s
== wpa_s
->parent
)
5465 wpas_p2p_group_remove(wpa_s
, "*");
5467 iface
= global
->ifaces
;
5469 if (iface
->p2pdev
== wpa_s
)
5470 iface
->p2pdev
= iface
->parent
;
5471 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5472 iface
= iface
->next
;
5475 wpa_printf(MSG_DEBUG
,
5476 "Remove remaining child interface %s from parent %s",
5477 iface
->ifname
, wpa_s
->ifname
);
5479 iface
= iface
->next
;
5480 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5483 wpa_s
->disconnected
= 1;
5484 if (wpa_s
->drv_priv
) {
5485 wpa_supplicant_deauthenticate(wpa_s
,
5486 WLAN_REASON_DEAUTH_LEAVING
);
5488 wpa_drv_set_countermeasures(wpa_s
, 0);
5489 wpa_clear_keys(wpa_s
, NULL
);
5492 wpa_supplicant_cleanup(wpa_s
);
5493 wpas_p2p_deinit_iface(wpa_s
);
5495 wpas_ctrl_radio_work_flush(wpa_s
);
5496 radio_remove_interface(wpa_s
);
5500 fst_detach(wpa_s
->fst
);
5503 if (wpa_s
->received_mb_ies
) {
5504 wpabuf_free(wpa_s
->received_mb_ies
);
5505 wpa_s
->received_mb_ies
= NULL
;
5507 #endif /* CONFIG_FST */
5509 if (wpa_s
->drv_priv
)
5510 wpa_drv_deinit(wpa_s
);
5513 wpas_notify_iface_removed(wpa_s
);
5516 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5518 if (wpa_s
->ctrl_iface
) {
5519 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5520 wpa_s
->ctrl_iface
= NULL
;
5525 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5526 wpa_s
->ifmsh
= NULL
;
5528 #endif /* CONFIG_MESH */
5530 if (wpa_s
->conf
!= NULL
) {
5531 wpa_config_free(wpa_s
->conf
);
5535 os_free(wpa_s
->ssids_from_scan_req
);
5541 #ifdef CONFIG_MATCH_IFACE
5544 * wpa_supplicant_match_iface - Match an interface description to a name
5545 * @global: Pointer to global data from wpa_supplicant_init()
5546 * @ifname: Name of the interface to match
5547 * Returns: Pointer to the created interface description or %NULL on failure
5549 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5553 struct wpa_interface
*iface
, *miface
;
5555 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5556 miface
= &global
->params
.match_ifaces
[i
];
5557 if (!miface
->ifname
||
5558 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5559 iface
= os_zalloc(sizeof(*iface
));
5563 iface
->ifname
= ifname
;
5573 * wpa_supplicant_match_existing - Match existing interfaces
5574 * @global: Pointer to global data from wpa_supplicant_init()
5575 * Returns: 0 on success, -1 on failure
5577 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5579 struct if_nameindex
*ifi
, *ifp
;
5580 struct wpa_supplicant
*wpa_s
;
5581 struct wpa_interface
*iface
;
5583 ifp
= if_nameindex();
5585 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5589 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5590 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5593 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5595 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5602 if_freenameindex(ifp
);
5606 #endif /* CONFIG_MATCH_IFACE */
5610 * wpa_supplicant_add_iface - Add a new network interface
5611 * @global: Pointer to global data from wpa_supplicant_init()
5612 * @iface: Interface configuration options
5613 * @parent: Parent interface or %NULL to assign new interface as parent
5614 * Returns: Pointer to the created interface or %NULL on failure
5616 * This function is used to add new network interfaces for %wpa_supplicant.
5617 * This can be called before wpa_supplicant_run() to add interfaces before the
5618 * main event loop has been started. In addition, new interfaces can be added
5619 * dynamically while %wpa_supplicant is already running. This could happen,
5620 * e.g., when a hotplug network adapter is inserted.
5622 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5623 struct wpa_interface
*iface
,
5624 struct wpa_supplicant
*parent
)
5626 struct wpa_supplicant
*wpa_s
;
5627 struct wpa_interface t_iface
;
5628 struct wpa_ssid
*ssid
;
5630 if (global
== NULL
|| iface
== NULL
)
5633 wpa_s
= wpa_supplicant_alloc(parent
);
5637 wpa_s
->global
= global
;
5640 if (global
->params
.override_driver
) {
5641 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5643 iface
->driver
, global
->params
.override_driver
);
5644 t_iface
.driver
= global
->params
.override_driver
;
5646 if (global
->params
.override_ctrl_interface
) {
5647 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5648 "ctrl_interface ('%s' -> '%s')",
5649 iface
->ctrl_interface
,
5650 global
->params
.override_ctrl_interface
);
5651 t_iface
.ctrl_interface
=
5652 global
->params
.override_ctrl_interface
;
5654 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5655 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5657 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5661 if (iface
->p2p_mgmt
== 0) {
5662 /* Notify the control interfaces about new iface */
5663 if (wpas_notify_iface_added(wpa_s
)) {
5664 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5668 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5669 wpas_notify_network_added(wpa_s
, ssid
);
5672 wpa_s
->next
= global
->ifaces
;
5673 global
->ifaces
= wpa_s
;
5675 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5676 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5679 if (wpa_s
->global
->p2p
== NULL
&&
5680 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5681 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5682 wpas_p2p_add_p2pdev_interface(
5683 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5684 wpa_printf(MSG_INFO
,
5685 "P2P: Failed to enable P2P Device interface");
5686 /* Try to continue without. P2P will be disabled. */
5688 #endif /* CONFIG_P2P */
5695 * wpa_supplicant_remove_iface - Remove a network interface
5696 * @global: Pointer to global data from wpa_supplicant_init()
5697 * @wpa_s: Pointer to the network interface to be removed
5698 * Returns: 0 if interface was removed, -1 if interface was not found
5700 * This function can be used to dynamically remove network interfaces from
5701 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5702 * addition, this function is used to remove all remaining interfaces when
5703 * %wpa_supplicant is terminated.
5705 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5706 struct wpa_supplicant
*wpa_s
,
5709 struct wpa_supplicant
*prev
;
5711 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5712 char *ifname
= NULL
;
5713 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5714 #endif /* CONFIG_MESH */
5716 /* Remove interface from the global list of interfaces */
5717 prev
= global
->ifaces
;
5718 if (prev
== wpa_s
) {
5719 global
->ifaces
= wpa_s
->next
;
5721 while (prev
&& prev
->next
!= wpa_s
)
5725 prev
->next
= wpa_s
->next
;
5728 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5731 if (mesh_if_created
) {
5732 ifname
= os_strdup(wpa_s
->ifname
);
5733 if (ifname
== NULL
) {
5734 wpa_dbg(wpa_s
, MSG_ERROR
,
5735 "mesh: Failed to malloc ifname");
5739 #endif /* CONFIG_MESH */
5741 if (global
->p2p_group_formation
== wpa_s
)
5742 global
->p2p_group_formation
= NULL
;
5743 if (global
->p2p_invite_group
== wpa_s
)
5744 global
->p2p_invite_group
= NULL
;
5745 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5748 if (mesh_if_created
) {
5749 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5752 #endif /* CONFIG_MESH */
5759 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5760 * @wpa_s: Pointer to the network interface
5761 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5763 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
5765 const char *eapol_method
;
5767 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
5768 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
5772 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
5773 if (eapol_method
== NULL
)
5774 return "UNKNOWN-EAP";
5776 return eapol_method
;
5781 * wpa_supplicant_get_iface - Get a new network interface
5782 * @global: Pointer to global data from wpa_supplicant_init()
5783 * @ifname: Interface name
5784 * Returns: Pointer to the interface or %NULL if not found
5786 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
5789 struct wpa_supplicant
*wpa_s
;
5791 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5792 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
5799 #ifndef CONFIG_NO_WPA_MSG
5800 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
5802 struct wpa_supplicant
*wpa_s
= ctx
;
5805 return wpa_s
->ifname
;
5807 #endif /* CONFIG_NO_WPA_MSG */
5810 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5811 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5812 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5814 /* Periodic cleanup tasks */
5815 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
5817 struct wpa_global
*global
= eloop_ctx
;
5818 struct wpa_supplicant
*wpa_s
;
5820 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5821 wpas_periodic
, global
, NULL
);
5825 p2p_expire_peers(global
->p2p
);
5826 #endif /* CONFIG_P2P */
5828 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5829 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
5832 #endif /* CONFIG_AP */
5838 * wpa_supplicant_init - Initialize %wpa_supplicant
5839 * @params: Parameters for %wpa_supplicant
5840 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5842 * This function is used to initialize %wpa_supplicant. After successful
5843 * initialization, the returned data pointer can be used to add and remove
5844 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5846 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
5848 struct wpa_global
*global
;
5854 #ifdef CONFIG_DRIVER_NDIS
5856 void driver_ndis_init_ops(void);
5857 driver_ndis_init_ops();
5859 #endif /* CONFIG_DRIVER_NDIS */
5861 #ifndef CONFIG_NO_WPA_MSG
5862 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
5863 #endif /* CONFIG_NO_WPA_MSG */
5865 if (params
->wpa_debug_file_path
)
5866 wpa_debug_open_file(params
->wpa_debug_file_path
);
5868 wpa_debug_setup_stdout();
5869 if (params
->wpa_debug_syslog
)
5870 wpa_debug_open_syslog();
5871 if (params
->wpa_debug_tracing
) {
5872 ret
= wpa_debug_open_linux_tracing();
5874 wpa_printf(MSG_ERROR
,
5875 "Failed to enable trace logging");
5880 ret
= eap_register_methods();
5882 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
5884 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
5885 "the same EAP type.");
5889 global
= os_zalloc(sizeof(*global
));
5892 dl_list_init(&global
->p2p_srv_bonjour
);
5893 dl_list_init(&global
->p2p_srv_upnp
);
5894 global
->params
.daemonize
= params
->daemonize
;
5895 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
5896 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
5897 if (params
->pid_file
)
5898 global
->params
.pid_file
= os_strdup(params
->pid_file
);
5899 if (params
->ctrl_interface
)
5900 global
->params
.ctrl_interface
=
5901 os_strdup(params
->ctrl_interface
);
5902 if (params
->ctrl_interface_group
)
5903 global
->params
.ctrl_interface_group
=
5904 os_strdup(params
->ctrl_interface_group
);
5905 if (params
->override_driver
)
5906 global
->params
.override_driver
=
5907 os_strdup(params
->override_driver
);
5908 if (params
->override_ctrl_interface
)
5909 global
->params
.override_ctrl_interface
=
5910 os_strdup(params
->override_ctrl_interface
);
5911 #ifdef CONFIG_MATCH_IFACE
5912 global
->params
.match_iface_count
= params
->match_iface_count
;
5913 if (params
->match_iface_count
) {
5914 global
->params
.match_ifaces
=
5915 os_calloc(params
->match_iface_count
,
5916 sizeof(struct wpa_interface
));
5917 os_memcpy(global
->params
.match_ifaces
,
5918 params
->match_ifaces
,
5919 params
->match_iface_count
*
5920 sizeof(struct wpa_interface
));
5922 #endif /* CONFIG_MATCH_IFACE */
5924 if (params
->conf_p2p_dev
)
5925 global
->params
.conf_p2p_dev
=
5926 os_strdup(params
->conf_p2p_dev
);
5927 #endif /* CONFIG_P2P */
5928 wpa_debug_level
= global
->params
.wpa_debug_level
=
5929 params
->wpa_debug_level
;
5930 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
5931 params
->wpa_debug_show_keys
;
5932 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
5933 params
->wpa_debug_timestamp
;
5935 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
5938 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
5939 wpa_supplicant_deinit(global
);
5943 random_init(params
->entropy_file
);
5945 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
5946 if (global
->ctrl_iface
== NULL
) {
5947 wpa_supplicant_deinit(global
);
5951 if (wpas_notify_supplicant_initialized(global
)) {
5952 wpa_supplicant_deinit(global
);
5956 for (i
= 0; wpa_drivers
[i
]; i
++)
5957 global
->drv_count
++;
5958 if (global
->drv_count
== 0) {
5959 wpa_printf(MSG_ERROR
, "No drivers enabled");
5960 wpa_supplicant_deinit(global
);
5963 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
5964 if (global
->drv_priv
== NULL
) {
5965 wpa_supplicant_deinit(global
);
5969 #ifdef CONFIG_WIFI_DISPLAY
5970 if (wifi_display_init(global
) < 0) {
5971 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
5972 wpa_supplicant_deinit(global
);
5975 #endif /* CONFIG_WIFI_DISPLAY */
5977 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5978 wpas_periodic
, global
, NULL
);
5985 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5986 * @global: Pointer to global data from wpa_supplicant_init()
5987 * Returns: 0 after successful event loop run, -1 on failure
5989 * This function starts the main event loop and continues running as long as
5990 * there are any remaining events. In most cases, this function is running as
5991 * long as the %wpa_supplicant process in still in use.
5993 int wpa_supplicant_run(struct wpa_global
*global
)
5995 struct wpa_supplicant
*wpa_s
;
5997 if (global
->params
.daemonize
&&
5998 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
5999 eloop_sock_requeue()))
6002 #ifdef CONFIG_MATCH_IFACE
6003 if (wpa_supplicant_match_existing(global
))
6007 if (global
->params
.wait_for_monitor
) {
6008 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6009 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6010 wpa_supplicant_ctrl_iface_wait(
6014 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6015 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6024 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6025 * @global: Pointer to global data from wpa_supplicant_init()
6027 * This function is called to deinitialize %wpa_supplicant and to free all
6028 * allocated resources. Remaining network interfaces will also be removed.
6030 void wpa_supplicant_deinit(struct wpa_global
*global
)
6037 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6039 #ifdef CONFIG_WIFI_DISPLAY
6040 wifi_display_deinit(global
);
6041 #endif /* CONFIG_WIFI_DISPLAY */
6043 while (global
->ifaces
)
6044 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6046 if (global
->ctrl_iface
)
6047 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6049 wpas_notify_supplicant_deinitialized(global
);
6051 eap_peer_unregister_methods();
6053 eap_server_unregister_methods();
6054 #endif /* CONFIG_AP */
6056 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6057 if (!global
->drv_priv
[i
])
6059 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6061 os_free(global
->drv_priv
);
6067 if (global
->params
.pid_file
) {
6068 os_daemonize_terminate(global
->params
.pid_file
);
6069 os_free(global
->params
.pid_file
);
6071 os_free(global
->params
.ctrl_interface
);
6072 os_free(global
->params
.ctrl_interface_group
);
6073 os_free(global
->params
.override_driver
);
6074 os_free(global
->params
.override_ctrl_interface
);
6075 #ifdef CONFIG_MATCH_IFACE
6076 os_free(global
->params
.match_ifaces
);
6077 #endif /* CONFIG_MATCH_IFACE */
6079 os_free(global
->params
.conf_p2p_dev
);
6080 #endif /* CONFIG_P2P */
6082 os_free(global
->p2p_disallow_freq
.range
);
6083 os_free(global
->p2p_go_avoid_freq
.range
);
6084 os_free(global
->add_psk
);
6087 wpa_debug_close_syslog();
6088 wpa_debug_close_file();
6089 wpa_debug_close_linux_tracing();
6093 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6095 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6096 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6098 country
[0] = wpa_s
->conf
->country
[0];
6099 country
[1] = wpa_s
->conf
->country
[1];
6101 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6102 wpa_printf(MSG_ERROR
, "Failed to set country code "
6107 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6108 wpas_init_ext_pw(wpa_s
);
6110 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6111 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6113 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6114 struct wpa_driver_capa capa
;
6115 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6117 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6118 wpa_printf(MSG_ERROR
,
6119 "Failed to update wowlan_triggers to '%s'",
6120 wpa_s
->conf
->wowlan_triggers
);
6124 wpas_wps_update_config(wpa_s
);
6125 #endif /* CONFIG_WPS */
6126 wpas_p2p_update_config(wpa_s
);
6127 wpa_s
->conf
->changed_parameters
= 0;
6131 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6135 for (i
= 0; i
< *num_freqs
; i
++) {
6136 if (freqs
[i
] == freq
)
6140 freqs
[*num_freqs
] = freq
;
6145 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6147 struct wpa_bss
*bss
, *cbss
;
6148 const int max_freqs
= 10;
6152 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6156 cbss
= wpa_s
->current_bss
;
6158 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6161 if (bss
->ssid_len
== cbss
->ssid_len
&&
6162 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6163 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6164 add_freq(freqs
, &num_freqs
, bss
->freq
);
6165 if (num_freqs
== max_freqs
)
6170 if (num_freqs
== 0) {
6179 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6185 wpas_connect_work_done(wpa_s
);
6188 * Remove possible authentication timeout since the connection failed.
6190 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6193 * There is no point in blacklisting the AP if this event is
6194 * generated based on local request to disconnect.
6196 if (wpa_s
->own_disconnect_req
) {
6197 wpa_s
->own_disconnect_req
= 0;
6198 wpa_dbg(wpa_s
, MSG_DEBUG
,
6199 "Ignore connection failure due to local request to disconnect");
6202 if (wpa_s
->disconnected
) {
6203 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6204 "indication since interface has been put into "
6205 "disconnected state");
6210 * Add the failed BSSID into the blacklist and speed up next scan
6211 * attempt if there could be other APs that could accept association.
6212 * The current blacklist count indicates how many times we have tried
6213 * connecting to this AP and multiple attempts mean that other APs are
6214 * either not available or has already been tried, so that we can start
6215 * increasing the delay here to avoid constant scanning.
6217 count
= wpa_blacklist_add(wpa_s
, bssid
);
6218 if (count
== 1 && wpa_s
->current_bss
) {
6220 * This BSS was not in the blacklist before. If there is
6221 * another BSS available for the same ESS, we should try that
6222 * next. Otherwise, we may as well try this one once more
6223 * before allowing other, likely worse, ESSes to be considered.
6225 freqs
= get_bss_freqs_in_ess(wpa_s
);
6227 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6228 "has been seen; try it next");
6229 wpa_blacklist_add(wpa_s
, bssid
);
6231 * On the next scan, go through only the known channels
6232 * used in this ESS based on previous scans to speed up
6233 * common load balancing use case.
6235 os_free(wpa_s
->next_scan_freqs
);
6236 wpa_s
->next_scan_freqs
= freqs
;
6241 * Add previous failure count in case the temporary blacklist was
6242 * cleared due to no other BSSes being available.
6244 count
+= wpa_s
->extra_blacklist_count
;
6246 if (count
> 3 && wpa_s
->current_ssid
) {
6247 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6248 "consider temporary network disabling");
6249 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6270 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6271 "ms", count
, timeout
);
6274 * TODO: if more than one possible AP is available in scan results,
6275 * could try the other ones before requesting a new scan.
6277 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6278 1000 * (timeout
% 1000));
6282 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6284 return wpa_s
->conf
->ap_scan
== 2 ||
6285 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6289 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6290 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6291 struct wpa_ssid
*ssid
,
6295 #ifdef IEEE8021X_EAPOL
6296 struct eap_peer_config
*eap
= &ssid
->eap
;
6298 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6299 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6300 (const u8
*) value
, os_strlen(value
));
6302 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6303 case WPA_CTRL_REQ_EAP_IDENTITY
:
6304 os_free(eap
->identity
);
6305 eap
->identity
= (u8
*) os_strdup(value
);
6306 eap
->identity_len
= os_strlen(value
);
6307 eap
->pending_req_identity
= 0;
6308 if (ssid
== wpa_s
->current_ssid
)
6309 wpa_s
->reassociate
= 1;
6311 case WPA_CTRL_REQ_EAP_PASSWORD
:
6312 bin_clear_free(eap
->password
, eap
->password_len
);
6313 eap
->password
= (u8
*) os_strdup(value
);
6314 eap
->password_len
= os_strlen(value
);
6315 eap
->pending_req_password
= 0;
6316 if (ssid
== wpa_s
->current_ssid
)
6317 wpa_s
->reassociate
= 1;
6319 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6320 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6321 eap
->new_password
= (u8
*) os_strdup(value
);
6322 eap
->new_password_len
= os_strlen(value
);
6323 eap
->pending_req_new_password
= 0;
6324 if (ssid
== wpa_s
->current_ssid
)
6325 wpa_s
->reassociate
= 1;
6327 case WPA_CTRL_REQ_EAP_PIN
:
6328 str_clear_free(eap
->pin
);
6329 eap
->pin
= os_strdup(value
);
6330 eap
->pending_req_pin
= 0;
6331 if (ssid
== wpa_s
->current_ssid
)
6332 wpa_s
->reassociate
= 1;
6334 case WPA_CTRL_REQ_EAP_OTP
:
6335 bin_clear_free(eap
->otp
, eap
->otp_len
);
6336 eap
->otp
= (u8
*) os_strdup(value
);
6337 eap
->otp_len
= os_strlen(value
);
6338 os_free(eap
->pending_req_otp
);
6339 eap
->pending_req_otp
= NULL
;
6340 eap
->pending_req_otp_len
= 0;
6342 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6343 str_clear_free(eap
->private_key_passwd
);
6344 eap
->private_key_passwd
= os_strdup(value
);
6345 eap
->pending_req_passphrase
= 0;
6346 if (ssid
== wpa_s
->current_ssid
)
6347 wpa_s
->reassociate
= 1;
6349 case WPA_CTRL_REQ_SIM
:
6350 str_clear_free(eap
->external_sim_resp
);
6351 eap
->external_sim_resp
= os_strdup(value
);
6352 eap
->pending_req_sim
= 0;
6354 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6355 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6357 ssid
->mem_only_psk
= 1;
6358 if (ssid
->passphrase
)
6359 wpa_config_update_psk(ssid
);
6360 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6361 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6363 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6364 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6366 if (os_strcmp(value
, "good") == 0)
6367 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6368 else if (os_strcmp(value
, "bad") == 0)
6369 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6374 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6379 #else /* IEEE8021X_EAPOL */
6380 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6382 #endif /* IEEE8021X_EAPOL */
6384 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6387 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6390 unsigned int drv_enc
;
6392 if (wpa_s
->p2p_mgmt
)
6393 return 1; /* no normal network profiles on p2p_mgmt interface */
6401 if (wpa_s
->drv_capa_known
)
6402 drv_enc
= wpa_s
->drv_enc
;
6404 drv_enc
= (unsigned int) -1;
6406 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6407 size_t len
= ssid
->wep_key_len
[i
];
6410 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6412 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6414 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6416 return 1; /* invalid WEP key */
6419 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6420 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6421 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
6422 !ssid
->mem_only_psk
)
6429 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6431 #ifdef CONFIG_IEEE80211W
6432 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6433 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6434 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6436 * Driver does not support BIP -- ignore pmf=1 default
6437 * since the connection with PMF would fail and the
6438 * configuration does not require PMF to be enabled.
6440 return NO_MGMT_FRAME_PROTECTION
;
6445 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6446 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6448 * Do not use the default PMF value for non-RSN networks
6449 * since PMF is available only with RSN and pmf=2
6450 * configuration would otherwise prevent connections to
6451 * all open networks.
6453 return NO_MGMT_FRAME_PROTECTION
;
6456 return wpa_s
->conf
->pmf
;
6459 return ssid
->ieee80211w
;
6460 #else /* CONFIG_IEEE80211W */
6461 return NO_MGMT_FRAME_PROTECTION
;
6462 #endif /* CONFIG_IEEE80211W */
6466 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6468 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6470 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6476 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6478 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6480 struct os_reltime now
;
6483 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6488 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6491 ssid
->auth_failures
++;
6494 if (ssid
->p2p_group
&&
6495 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6497 * Skip the wait time since there is a short timeout on the
6498 * connection to a P2P group.
6502 #endif /* CONFIG_P2P */
6504 if (ssid
->auth_failures
> 50)
6506 else if (ssid
->auth_failures
> 10)
6508 else if (ssid
->auth_failures
> 5)
6510 else if (ssid
->auth_failures
> 3)
6512 else if (ssid
->auth_failures
> 2)
6514 else if (ssid
->auth_failures
> 1)
6519 if (ssid
->auth_failures
> 1 &&
6520 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6521 dur
+= os_random() % (ssid
->auth_failures
* 10);
6523 os_get_reltime(&now
);
6524 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6527 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6529 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6530 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6531 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6532 ssid
->auth_failures
, dur
, reason
);
6536 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6537 struct wpa_ssid
*ssid
, int clear_failures
)
6542 if (ssid
->disabled_until
.sec
) {
6543 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6544 "id=%d ssid=\"%s\"",
6545 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6547 ssid
->disabled_until
.sec
= 0;
6548 ssid
->disabled_until
.usec
= 0;
6550 ssid
->auth_failures
= 0;
6554 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6558 if (wpa_s
->disallow_aps_bssid
== NULL
)
6561 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6562 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6563 bssid
, ETH_ALEN
) == 0)
6571 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6576 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6579 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6580 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6581 if (ssid_len
== s
->ssid_len
&&
6582 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6591 * wpas_request_connection - Request a new connection
6592 * @wpa_s: Pointer to the network interface
6594 * This function is used to request a new connection to be found. It will mark
6595 * the interface to allow reassociation and request a new scan to find a
6596 * suitable network to connect to.
6598 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6600 wpa_s
->normal_scans
= 0;
6601 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6602 wpa_supplicant_reinit_autoscan(wpa_s
);
6603 wpa_s
->extra_blacklist_count
= 0;
6604 wpa_s
->disconnected
= 0;
6605 wpa_s
->reassociate
= 1;
6607 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6608 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6610 wpa_s
->reattach
= 0;
6615 * wpas_request_disconnection - Request disconnection
6616 * @wpa_s: Pointer to the network interface
6618 * This function is used to request disconnection from the currently connected
6619 * network. This will stop any ongoing scans and initiate deauthentication.
6621 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6624 wpa_s
->sme
.prev_bssid_set
= 0;
6625 #endif /* CONFIG_SME */
6626 wpa_s
->reassociate
= 0;
6627 wpa_s
->disconnected
= 1;
6628 wpa_supplicant_cancel_sched_scan(wpa_s
);
6629 wpa_supplicant_cancel_scan(wpa_s
);
6630 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6631 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6635 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6636 struct wpa_used_freq_data
*freqs_data
,
6641 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6643 for (i
= 0; i
< len
; i
++) {
6644 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6645 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6646 i
, cur
->freq
, cur
->flags
);
6652 * Find the operating frequencies of any of the virtual interfaces that
6653 * are using the same radio as the current interface, and in addition, get
6654 * information about the interface types that are using the frequency.
6656 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6657 struct wpa_used_freq_data
*freqs_data
,
6660 struct wpa_supplicant
*ifs
;
6663 unsigned int idx
= 0, i
;
6665 wpa_dbg(wpa_s
, MSG_DEBUG
,
6666 "Determining shared radio frequencies (max len %u)", len
);
6667 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6669 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6674 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6677 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6678 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6679 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6680 freq
= ifs
->current_ssid
->frequency
;
6681 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6682 freq
= ifs
->assoc_freq
;
6686 /* Hold only distinct freqs */
6687 for (i
= 0; i
< idx
; i
++)
6688 if (freqs_data
[i
].freq
== freq
)
6692 freqs_data
[idx
++].freq
= freq
;
6694 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6695 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6696 WPA_FREQ_USED_BY_P2P_CLIENT
:
6697 WPA_FREQ_USED_BY_INFRA_STATION
;
6701 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6707 * Find the operating frequencies of any of the virtual interfaces that
6708 * are using the same radio as the current interface.
6710 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6711 int *freq_array
, unsigned int len
)
6713 struct wpa_used_freq_data
*freqs_data
;
6716 os_memset(freq_array
, 0, sizeof(int) * len
);
6718 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6722 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6723 for (i
= 0; i
< num
; i
++)
6724 freq_array
[i
] = freqs_data
[i
].freq
;
6726 os_free(freqs_data
);
6732 struct wpa_supplicant
*
6733 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
6737 case VENDOR_ELEM_PROBE_REQ_P2P
:
6738 case VENDOR_ELEM_PROBE_RESP_P2P
:
6739 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
6740 case VENDOR_ELEM_BEACON_P2P_GO
:
6741 case VENDOR_ELEM_P2P_PD_REQ
:
6742 case VENDOR_ELEM_P2P_PD_RESP
:
6743 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
6744 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
6745 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
6746 case VENDOR_ELEM_P2P_INV_REQ
:
6747 case VENDOR_ELEM_P2P_INV_RESP
:
6748 case VENDOR_ELEM_P2P_ASSOC_REQ
:
6749 case VENDOR_ELEM_P2P_ASSOC_RESP
:
6750 return wpa_s
->p2pdev
;
6751 #endif /* CONFIG_P2P */
6758 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
6763 wpa_printf(MSG_DEBUG
, "Update vendor elements");
6765 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
6766 if (wpa_s
->vendor_elem
[i
]) {
6769 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
6770 if (!os_snprintf_error(sizeof(buf
), res
)) {
6771 wpa_hexdump_buf(MSG_DEBUG
, buf
,
6772 wpa_s
->vendor_elem
[i
]);
6778 if (wpa_s
->parent
== wpa_s
&&
6779 wpa_s
->global
->p2p
&&
6780 !wpa_s
->global
->p2p_disabled
)
6781 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
6782 #endif /* CONFIG_P2P */
6786 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
6787 const u8
*elem
, size_t len
)
6791 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
6792 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
6794 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
6797 if (os_memcmp(ie
, elem
, len
) != 0)
6800 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
6801 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
6802 wpa_s
->vendor_elem
[frame
] = NULL
;
6804 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
6805 wpa_s
->vendor_elem
[frame
]->used
-= len
;
6807 wpas_vendor_elem_update(wpa_s
);
6815 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
6816 u16 num_modes
, enum hostapd_hw_mode mode
)
6820 for (i
= 0; i
< num_modes
; i
++) {
6821 if (modes
[i
].mode
== mode
)
6830 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
6833 struct wpa_bss_tmp_disallowed
*bss
;
6835 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
6836 struct wpa_bss_tmp_disallowed
, list
) {
6837 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
6845 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
6847 struct wpa_bss_tmp_disallowed
*tmp
;
6848 unsigned int num_bssid
= 0;
6852 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
6855 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
6856 struct wpa_bss_tmp_disallowed
, list
) {
6857 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
6861 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
6867 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
6869 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
6870 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
6872 /* Make sure the bss is not already freed */
6873 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
6874 struct wpa_bss_tmp_disallowed
, list
) {
6876 dl_list_del(&tmp
->list
);
6878 wpa_set_driver_tmp_disallow_list(wpa_s
);
6885 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
6888 struct wpa_bss_tmp_disallowed
*bss
;
6890 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
6892 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
6893 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
6898 bss
= os_malloc(sizeof(*bss
));
6900 wpa_printf(MSG_DEBUG
,
6901 "Failed to allocate memory for temp disallow BSS");
6905 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
6906 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
6907 wpa_set_driver_tmp_disallow_list(wpa_s
);
6908 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
6913 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6915 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
6917 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
6918 struct wpa_bss_tmp_disallowed
, list
) {
6919 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {