]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Note HT overrides in debug log only if set
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
42 #include "p2p/p2p.h"
43 #include "fst/fst.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
47 #include "ibss_rsn.h"
48 #include "sme.h"
49 #include "gas_query.h"
50 #include "ap.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
53 #include "notify.h"
54 #include "bgscan.h"
55 #include "autoscan.h"
56 #include "bss.h"
57 #include "scan.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
60 #include "wnm_sta.h"
61 #include "wpas_kay.h"
62 #include "mesh.h"
63 #include "dpp_supplicant.h"
64 #ifdef CONFIG_MESH
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
68
69 const char *const wpa_supplicant_version =
70 "wpa_supplicant v" VERSION_STR "\n"
71 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
72
73 const char *const wpa_supplicant_license =
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
80 ;
81
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1 =
85 "";
86 const char *const wpa_supplicant_full_license2 =
87 "This software may be distributed under the terms of the BSD license.\n"
88 "\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
91 "met:\n"
92 "\n";
93 const char *const wpa_supplicant_full_license3 =
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
96 "\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
100 "\n";
101 const char *const wpa_supplicant_full_license4 =
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
105 "\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5 =
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118 "\n";
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
120
121
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
125 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
126
127
128 /* Configure default/group WEP keys for static WEP */
129 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
130 {
131 int i, set = 0;
132
133 for (i = 0; i < NUM_WEP_KEYS; i++) {
134 if (ssid->wep_key_len[i] == 0)
135 continue;
136
137 set = 1;
138 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
139 i, i == ssid->wep_tx_keyidx, NULL, 0,
140 ssid->wep_key[i], ssid->wep_key_len[i]);
141 }
142
143 return set;
144 }
145
146
147 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
148 struct wpa_ssid *ssid)
149 {
150 u8 key[32];
151 size_t keylen;
152 enum wpa_alg alg;
153 u8 seq[6] = { 0 };
154 int ret;
155
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
158
159 if (ssid->mode != WPAS_MODE_IBSS) {
160 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid->mode);
162 return -1;
163 }
164
165 if (!ssid->psk_set) {
166 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
167 "WPA-None");
168 return -1;
169 }
170
171 switch (wpa_s->group_cipher) {
172 case WPA_CIPHER_CCMP:
173 os_memcpy(key, ssid->psk, 16);
174 keylen = 16;
175 alg = WPA_ALG_CCMP;
176 break;
177 case WPA_CIPHER_GCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_GCMP;
181 break;
182 case WPA_CIPHER_TKIP:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key, ssid->psk, 16 + 8);
185 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
186 keylen = 32;
187 alg = WPA_ALG_TKIP;
188 break;
189 default:
190 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s->group_cipher);
192 return -1;
193 }
194
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
197
198 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
199 os_memset(key, 0, sizeof(key));
200 return ret;
201 }
202
203
204 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
205 {
206 struct wpa_supplicant *wpa_s = eloop_ctx;
207 const u8 *bssid = wpa_s->bssid;
208 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
209 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
210 wpa_s->wpa_state == WPA_ASSOCIATING))
211 bssid = wpa_s->pending_bssid;
212 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
213 MAC2STR(bssid));
214 wpa_blacklist_add(wpa_s, bssid);
215 wpa_sm_notify_disassoc(wpa_s->wpa);
216 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
217 wpa_s->reassociate = 1;
218
219 /*
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
222 */
223 wpa_supplicant_req_scan(wpa_s, 1, 0);
224 }
225
226
227 /**
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
232 *
233 * This function is used to schedule a timeout for the current authentication
234 * attempt.
235 */
236 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
237 int sec, int usec)
238 {
239 if (wpa_s->conf->ap_scan == 0 &&
240 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
241 return;
242
243 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
244 "%d usec", sec, usec);
245 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
246 wpa_s->last_auth_timeout_sec = sec;
247 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
248 }
249
250
251 /*
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
255 */
256 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
257 {
258 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
259
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
261 wpa_dbg(wpa_s, MSG_DEBUG,
262 "Authentication timeout restart: %d sec", new_sec);
263 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
264 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
265 wpa_s, NULL);
266 }
267 }
268
269
270 /**
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
273 *
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
276 * been completed.
277 */
278 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
279 {
280 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
282 wpa_blacklist_del(wpa_s, wpa_s->bssid);
283 os_free(wpa_s->last_con_fail_realm);
284 wpa_s->last_con_fail_realm = NULL;
285 wpa_s->last_con_fail_realm_len = 0;
286 }
287
288
289 /**
290 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
291 * @wpa_s: Pointer to wpa_supplicant data
292 *
293 * This function is used to configure EAPOL state machine based on the selected
294 * authentication mode.
295 */
296 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
297 {
298 #ifdef IEEE8021X_EAPOL
299 struct eapol_config eapol_conf;
300 struct wpa_ssid *ssid = wpa_s->current_ssid;
301
302 #ifdef CONFIG_IBSS_RSN
303 if (ssid->mode == WPAS_MODE_IBSS &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
305 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
306 /*
307 * RSN IBSS authentication is per-STA and we can disable the
308 * per-BSSID EAPOL authentication.
309 */
310 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
311 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
312 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
313 return;
314 }
315 #endif /* CONFIG_IBSS_RSN */
316
317 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
318 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
319
320 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
321 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
322 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
323 else
324 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
325
326 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
327 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
328 eapol_conf.accept_802_1x_keys = 1;
329 eapol_conf.required_keys = 0;
330 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
331 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
332 }
333 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
334 eapol_conf.required_keys |=
335 EAPOL_REQUIRE_KEY_BROADCAST;
336 }
337
338 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
339 eapol_conf.required_keys = 0;
340 }
341 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
342 eapol_conf.workaround = ssid->eap_workaround;
343 eapol_conf.eap_disabled =
344 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
345 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
346 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
347 eapol_conf.external_sim = wpa_s->conf->external_sim;
348
349 #ifdef CONFIG_WPS
350 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
351 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
352 if (wpa_s->current_bss) {
353 struct wpabuf *ie;
354 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
355 WPS_IE_VENDOR_TYPE);
356 if (ie) {
357 if (wps_is_20(ie))
358 eapol_conf.wps |=
359 EAPOL_PEER_IS_WPS20_AP;
360 wpabuf_free(ie);
361 }
362 }
363 }
364 #endif /* CONFIG_WPS */
365
366 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
367
368 #ifdef CONFIG_MACSEC
369 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
370 ieee802_1x_create_preshared_mka(wpa_s, ssid);
371 else
372 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
373 #endif /* CONFIG_MACSEC */
374 #endif /* IEEE8021X_EAPOL */
375 }
376
377
378 /**
379 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
380 * @wpa_s: Pointer to wpa_supplicant data
381 * @ssid: Configuration data for the network
382 *
383 * This function is used to configure WPA state machine and related parameters
384 * to a mode where WPA is not enabled. This is called as part of the
385 * authentication configuration when the selected network does not use WPA.
386 */
387 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
388 struct wpa_ssid *ssid)
389 {
390 int i;
391
392 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
393 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
394 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
395 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
396 else
397 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
398 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
399 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
400 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
401 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
402 wpa_s->group_cipher = WPA_CIPHER_NONE;
403 wpa_s->mgmt_group_cipher = 0;
404
405 for (i = 0; i < NUM_WEP_KEYS; i++) {
406 if (ssid->wep_key_len[i] > 5) {
407 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
408 wpa_s->group_cipher = WPA_CIPHER_WEP104;
409 break;
410 } else if (ssid->wep_key_len[i] > 0) {
411 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
412 wpa_s->group_cipher = WPA_CIPHER_WEP40;
413 break;
414 }
415 }
416
417 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
418 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
419 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
420 wpa_s->pairwise_cipher);
421 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
422 #ifdef CONFIG_IEEE80211W
423 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
424 wpa_s->mgmt_group_cipher);
425 #endif /* CONFIG_IEEE80211W */
426
427 pmksa_cache_clear_current(wpa_s->wpa);
428 }
429
430
431 void free_hw_features(struct wpa_supplicant *wpa_s)
432 {
433 int i;
434 if (wpa_s->hw.modes == NULL)
435 return;
436
437 for (i = 0; i < wpa_s->hw.num_modes; i++) {
438 os_free(wpa_s->hw.modes[i].channels);
439 os_free(wpa_s->hw.modes[i].rates);
440 }
441
442 os_free(wpa_s->hw.modes);
443 wpa_s->hw.modes = NULL;
444 }
445
446
447 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
448 {
449 struct wpa_bss_tmp_disallowed *bss, *prev;
450
451 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
452 struct wpa_bss_tmp_disallowed, list) {
453 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
454 dl_list_del(&bss->list);
455 os_free(bss);
456 }
457 }
458
459
460 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
461 {
462 struct fils_hlp_req *req;
463
464 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
465 list)) != NULL) {
466 dl_list_del(&req->list);
467 wpabuf_free(req->pkt);
468 os_free(req);
469 }
470 }
471
472
473 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
474 {
475 int i;
476
477 bgscan_deinit(wpa_s);
478 autoscan_deinit(wpa_s);
479 scard_deinit(wpa_s->scard);
480 wpa_s->scard = NULL;
481 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
482 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
483 l2_packet_deinit(wpa_s->l2);
484 wpa_s->l2 = NULL;
485 if (wpa_s->l2_br) {
486 l2_packet_deinit(wpa_s->l2_br);
487 wpa_s->l2_br = NULL;
488 }
489 #ifdef CONFIG_TESTING_OPTIONS
490 l2_packet_deinit(wpa_s->l2_test);
491 wpa_s->l2_test = NULL;
492 os_free(wpa_s->get_pref_freq_list_override);
493 wpa_s->get_pref_freq_list_override = NULL;
494 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
495 wpa_s->last_assoc_req_wpa_ie = NULL;
496 #endif /* CONFIG_TESTING_OPTIONS */
497
498 if (wpa_s->conf != NULL) {
499 struct wpa_ssid *ssid;
500 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
501 wpas_notify_network_removed(wpa_s, ssid);
502 }
503
504 os_free(wpa_s->confname);
505 wpa_s->confname = NULL;
506
507 os_free(wpa_s->confanother);
508 wpa_s->confanother = NULL;
509
510 os_free(wpa_s->last_con_fail_realm);
511 wpa_s->last_con_fail_realm = NULL;
512 wpa_s->last_con_fail_realm_len = 0;
513
514 wpa_sm_set_eapol(wpa_s->wpa, NULL);
515 eapol_sm_deinit(wpa_s->eapol);
516 wpa_s->eapol = NULL;
517
518 rsn_preauth_deinit(wpa_s->wpa);
519
520 #ifdef CONFIG_TDLS
521 wpa_tdls_deinit(wpa_s->wpa);
522 #endif /* CONFIG_TDLS */
523
524 wmm_ac_clear_saved_tspecs(wpa_s);
525 pmksa_candidate_free(wpa_s->wpa);
526 wpa_sm_deinit(wpa_s->wpa);
527 wpa_s->wpa = NULL;
528 wpa_blacklist_clear(wpa_s);
529
530 wpa_bss_deinit(wpa_s);
531
532 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
533 wpa_supplicant_cancel_scan(wpa_s);
534 wpa_supplicant_cancel_auth_timeout(wpa_s);
535 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
536 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
537 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
538 wpa_s, NULL);
539 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
540
541 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
542
543 wpas_wps_deinit(wpa_s);
544
545 wpabuf_free(wpa_s->pending_eapol_rx);
546 wpa_s->pending_eapol_rx = NULL;
547
548 #ifdef CONFIG_IBSS_RSN
549 ibss_rsn_deinit(wpa_s->ibss_rsn);
550 wpa_s->ibss_rsn = NULL;
551 #endif /* CONFIG_IBSS_RSN */
552
553 sme_deinit(wpa_s);
554
555 #ifdef CONFIG_AP
556 wpa_supplicant_ap_deinit(wpa_s);
557 #endif /* CONFIG_AP */
558
559 wpas_p2p_deinit(wpa_s);
560
561 #ifdef CONFIG_OFFCHANNEL
562 offchannel_deinit(wpa_s);
563 #endif /* CONFIG_OFFCHANNEL */
564
565 wpa_supplicant_cancel_sched_scan(wpa_s);
566
567 os_free(wpa_s->next_scan_freqs);
568 wpa_s->next_scan_freqs = NULL;
569
570 os_free(wpa_s->manual_scan_freqs);
571 wpa_s->manual_scan_freqs = NULL;
572 os_free(wpa_s->select_network_scan_freqs);
573 wpa_s->select_network_scan_freqs = NULL;
574
575 os_free(wpa_s->manual_sched_scan_freqs);
576 wpa_s->manual_sched_scan_freqs = NULL;
577
578 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
579
580 /*
581 * Need to remove any pending gas-query radio work before the
582 * gas_query_deinit() call because gas_query::work has not yet been set
583 * for works that have not been started. gas_query_free() will be unable
584 * to cancel such pending radio works and once the pending gas-query
585 * radio work eventually gets removed, the deinit notification call to
586 * gas_query_start_cb() would result in dereferencing freed memory.
587 */
588 if (wpa_s->radio)
589 radio_remove_works(wpa_s, "gas-query", 0);
590 gas_query_deinit(wpa_s->gas);
591 wpa_s->gas = NULL;
592 gas_server_deinit(wpa_s->gas_server);
593 wpa_s->gas_server = NULL;
594
595 free_hw_features(wpa_s);
596
597 ieee802_1x_dealloc_kay_sm(wpa_s);
598
599 os_free(wpa_s->bssid_filter);
600 wpa_s->bssid_filter = NULL;
601
602 os_free(wpa_s->disallow_aps_bssid);
603 wpa_s->disallow_aps_bssid = NULL;
604 os_free(wpa_s->disallow_aps_ssid);
605 wpa_s->disallow_aps_ssid = NULL;
606
607 wnm_bss_keep_alive_deinit(wpa_s);
608 #ifdef CONFIG_WNM
609 wnm_deallocate_memory(wpa_s);
610 #endif /* CONFIG_WNM */
611
612 ext_password_deinit(wpa_s->ext_pw);
613 wpa_s->ext_pw = NULL;
614
615 wpabuf_free(wpa_s->last_gas_resp);
616 wpa_s->last_gas_resp = NULL;
617 wpabuf_free(wpa_s->prev_gas_resp);
618 wpa_s->prev_gas_resp = NULL;
619
620 os_free(wpa_s->last_scan_res);
621 wpa_s->last_scan_res = NULL;
622
623 #ifdef CONFIG_HS20
624 if (wpa_s->drv_priv)
625 wpa_drv_configure_frame_filters(wpa_s, 0);
626 hs20_deinit(wpa_s);
627 #endif /* CONFIG_HS20 */
628
629 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
630 wpabuf_free(wpa_s->vendor_elem[i]);
631 wpa_s->vendor_elem[i] = NULL;
632 }
633
634 wmm_ac_notify_disassoc(wpa_s);
635
636 wpa_s->sched_scan_plans_num = 0;
637 os_free(wpa_s->sched_scan_plans);
638 wpa_s->sched_scan_plans = NULL;
639
640 #ifdef CONFIG_MBO
641 wpa_s->non_pref_chan_num = 0;
642 os_free(wpa_s->non_pref_chan);
643 wpa_s->non_pref_chan = NULL;
644 #endif /* CONFIG_MBO */
645
646 free_bss_tmp_disallowed(wpa_s);
647
648 wpabuf_free(wpa_s->lci);
649 wpa_s->lci = NULL;
650 wpas_clear_beacon_rep_data(wpa_s);
651
652 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
653 #ifdef CONFIG_MESH
654 {
655 struct external_pmksa_cache *entry;
656
657 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
658 struct external_pmksa_cache,
659 list)) != NULL) {
660 dl_list_del(&entry->list);
661 os_free(entry->pmksa_cache);
662 os_free(entry);
663 }
664 }
665 #endif /* CONFIG_MESH */
666 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
667
668 wpas_flush_fils_hlp_req(wpa_s);
669
670 wpabuf_free(wpa_s->ric_ies);
671 wpa_s->ric_ies = NULL;
672
673 #ifdef CONFIG_DPP
674 wpas_dpp_deinit(wpa_s);
675 #endif /* CONFIG_DPP */
676 }
677
678
679 /**
680 * wpa_clear_keys - Clear keys configured for the driver
681 * @wpa_s: Pointer to wpa_supplicant data
682 * @addr: Previously used BSSID or %NULL if not available
683 *
684 * This function clears the encryption keys that has been previously configured
685 * for the driver.
686 */
687 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
688 {
689 int i, max;
690
691 #ifdef CONFIG_IEEE80211W
692 max = 6;
693 #else /* CONFIG_IEEE80211W */
694 max = 4;
695 #endif /* CONFIG_IEEE80211W */
696
697 /* MLME-DELETEKEYS.request */
698 for (i = 0; i < max; i++) {
699 if (wpa_s->keys_cleared & BIT(i))
700 continue;
701 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
702 NULL, 0);
703 }
704 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
705 !is_zero_ether_addr(addr)) {
706 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
707 0);
708 /* MLME-SETPROTECTION.request(None) */
709 wpa_drv_mlme_setprotection(
710 wpa_s, addr,
711 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
712 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
713 }
714 wpa_s->keys_cleared = (u32) -1;
715 }
716
717
718 /**
719 * wpa_supplicant_state_txt - Get the connection state name as a text string
720 * @state: State (wpa_state; WPA_*)
721 * Returns: The state name as a printable text string
722 */
723 const char * wpa_supplicant_state_txt(enum wpa_states state)
724 {
725 switch (state) {
726 case WPA_DISCONNECTED:
727 return "DISCONNECTED";
728 case WPA_INACTIVE:
729 return "INACTIVE";
730 case WPA_INTERFACE_DISABLED:
731 return "INTERFACE_DISABLED";
732 case WPA_SCANNING:
733 return "SCANNING";
734 case WPA_AUTHENTICATING:
735 return "AUTHENTICATING";
736 case WPA_ASSOCIATING:
737 return "ASSOCIATING";
738 case WPA_ASSOCIATED:
739 return "ASSOCIATED";
740 case WPA_4WAY_HANDSHAKE:
741 return "4WAY_HANDSHAKE";
742 case WPA_GROUP_HANDSHAKE:
743 return "GROUP_HANDSHAKE";
744 case WPA_COMPLETED:
745 return "COMPLETED";
746 default:
747 return "UNKNOWN";
748 }
749 }
750
751
752 #ifdef CONFIG_BGSCAN
753
754 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
755 {
756 const char *name;
757
758 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
759 name = wpa_s->current_ssid->bgscan;
760 else
761 name = wpa_s->conf->bgscan;
762 if (name == NULL || name[0] == '\0')
763 return;
764 if (wpas_driver_bss_selection(wpa_s))
765 return;
766 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
767 return;
768 #ifdef CONFIG_P2P
769 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
770 return;
771 #endif /* CONFIG_P2P */
772
773 bgscan_deinit(wpa_s);
774 if (wpa_s->current_ssid) {
775 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
776 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
777 "bgscan");
778 /*
779 * Live without bgscan; it is only used as a roaming
780 * optimization, so the initial connection is not
781 * affected.
782 */
783 } else {
784 struct wpa_scan_results *scan_res;
785 wpa_s->bgscan_ssid = wpa_s->current_ssid;
786 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
787 0);
788 if (scan_res) {
789 bgscan_notify_scan(wpa_s, scan_res);
790 wpa_scan_results_free(scan_res);
791 }
792 }
793 } else
794 wpa_s->bgscan_ssid = NULL;
795 }
796
797
798 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
799 {
800 if (wpa_s->bgscan_ssid != NULL) {
801 bgscan_deinit(wpa_s);
802 wpa_s->bgscan_ssid = NULL;
803 }
804 }
805
806 #endif /* CONFIG_BGSCAN */
807
808
809 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
810 {
811 if (autoscan_init(wpa_s, 0))
812 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
813 }
814
815
816 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
817 {
818 autoscan_deinit(wpa_s);
819 }
820
821
822 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
823 {
824 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
825 wpa_s->wpa_state == WPA_SCANNING) {
826 autoscan_deinit(wpa_s);
827 wpa_supplicant_start_autoscan(wpa_s);
828 }
829 }
830
831
832 /**
833 * wpa_supplicant_set_state - Set current connection state
834 * @wpa_s: Pointer to wpa_supplicant data
835 * @state: The new connection state
836 *
837 * This function is called whenever the connection state changes, e.g.,
838 * association is completed for WPA/WPA2 4-Way Handshake is started.
839 */
840 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
841 enum wpa_states state)
842 {
843 enum wpa_states old_state = wpa_s->wpa_state;
844
845 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
846 wpa_supplicant_state_txt(wpa_s->wpa_state),
847 wpa_supplicant_state_txt(state));
848
849 if (state == WPA_COMPLETED &&
850 os_reltime_initialized(&wpa_s->roam_start)) {
851 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
852 wpa_s->roam_start.sec = 0;
853 wpa_s->roam_start.usec = 0;
854 wpas_notify_auth_changed(wpa_s);
855 wpas_notify_roam_time(wpa_s);
856 wpas_notify_roam_complete(wpa_s);
857 } else if (state == WPA_DISCONNECTED &&
858 os_reltime_initialized(&wpa_s->roam_start)) {
859 wpa_s->roam_start.sec = 0;
860 wpa_s->roam_start.usec = 0;
861 wpa_s->roam_time.sec = 0;
862 wpa_s->roam_time.usec = 0;
863 wpas_notify_roam_complete(wpa_s);
864 }
865
866 if (state == WPA_INTERFACE_DISABLED) {
867 /* Assure normal scan when interface is restored */
868 wpa_s->normal_scans = 0;
869 }
870
871 if (state == WPA_COMPLETED) {
872 wpas_connect_work_done(wpa_s);
873 /* Reinitialize normal_scan counter */
874 wpa_s->normal_scans = 0;
875 }
876
877 #ifdef CONFIG_P2P
878 /*
879 * P2PS client has to reply to Probe Request frames received on the
880 * group operating channel. Enable Probe Request frame reporting for
881 * P2P connected client in case p2p_cli_probe configuration property is
882 * set to 1.
883 */
884 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
885 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
886 wpa_s->current_ssid->p2p_group) {
887 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
888 wpa_dbg(wpa_s, MSG_DEBUG,
889 "P2P: Enable CLI Probe Request RX reporting");
890 wpa_s->p2p_cli_probe =
891 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
892 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
893 wpa_dbg(wpa_s, MSG_DEBUG,
894 "P2P: Disable CLI Probe Request RX reporting");
895 wpa_s->p2p_cli_probe = 0;
896 wpa_drv_probe_req_report(wpa_s, 0);
897 }
898 }
899 #endif /* CONFIG_P2P */
900
901 if (state != WPA_SCANNING)
902 wpa_supplicant_notify_scanning(wpa_s, 0);
903
904 if (state == WPA_COMPLETED && wpa_s->new_connection) {
905 struct wpa_ssid *ssid = wpa_s->current_ssid;
906 int fils_hlp_sent = 0;
907
908 #ifdef CONFIG_SME
909 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
910 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
911 fils_hlp_sent = 1;
912 #endif /* CONFIG_SME */
913 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
914 wpa_auth_alg_fils(wpa_s->auth_alg))
915 fils_hlp_sent = 1;
916
917 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
918 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
919 MACSTR " completed [id=%d id_str=%s%s]",
920 MAC2STR(wpa_s->bssid),
921 ssid ? ssid->id : -1,
922 ssid && ssid->id_str ? ssid->id_str : "",
923 fils_hlp_sent ? " FILS_HLP_SENT" : "");
924 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
925 wpas_clear_temp_disabled(wpa_s, ssid, 1);
926 wpa_blacklist_clear(wpa_s);
927 wpa_s->extra_blacklist_count = 0;
928 wpa_s->new_connection = 0;
929 wpa_drv_set_operstate(wpa_s, 1);
930 #ifndef IEEE8021X_EAPOL
931 wpa_drv_set_supp_port(wpa_s, 1);
932 #endif /* IEEE8021X_EAPOL */
933 wpa_s->after_wps = 0;
934 wpa_s->known_wps_freq = 0;
935 wpas_p2p_completed(wpa_s);
936
937 sme_sched_obss_scan(wpa_s, 1);
938
939 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
940 if (!fils_hlp_sent && ssid && ssid->eap.erp)
941 wpas_update_fils_connect_params(wpa_s);
942 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
943 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
944 state == WPA_ASSOCIATED) {
945 wpa_s->new_connection = 1;
946 wpa_drv_set_operstate(wpa_s, 0);
947 #ifndef IEEE8021X_EAPOL
948 wpa_drv_set_supp_port(wpa_s, 0);
949 #endif /* IEEE8021X_EAPOL */
950 sme_sched_obss_scan(wpa_s, 0);
951 }
952 wpa_s->wpa_state = state;
953
954 #ifdef CONFIG_BGSCAN
955 if (state == WPA_COMPLETED)
956 wpa_supplicant_start_bgscan(wpa_s);
957 else if (state < WPA_ASSOCIATED)
958 wpa_supplicant_stop_bgscan(wpa_s);
959 #endif /* CONFIG_BGSCAN */
960
961 if (state == WPA_AUTHENTICATING)
962 wpa_supplicant_stop_autoscan(wpa_s);
963
964 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
965 wpa_supplicant_start_autoscan(wpa_s);
966
967 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
968 wmm_ac_notify_disassoc(wpa_s);
969
970 if (wpa_s->wpa_state != old_state) {
971 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
972
973 /*
974 * Notify the P2P Device interface about a state change in one
975 * of the interfaces.
976 */
977 wpas_p2p_indicate_state_change(wpa_s);
978
979 if (wpa_s->wpa_state == WPA_COMPLETED ||
980 old_state == WPA_COMPLETED)
981 wpas_notify_auth_changed(wpa_s);
982 }
983 }
984
985
986 void wpa_supplicant_terminate_proc(struct wpa_global *global)
987 {
988 int pending = 0;
989 #ifdef CONFIG_WPS
990 struct wpa_supplicant *wpa_s = global->ifaces;
991 while (wpa_s) {
992 struct wpa_supplicant *next = wpa_s->next;
993 if (wpas_wps_terminate_pending(wpa_s) == 1)
994 pending = 1;
995 #ifdef CONFIG_P2P
996 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
997 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
998 wpas_p2p_disconnect(wpa_s);
999 #endif /* CONFIG_P2P */
1000 wpa_s = next;
1001 }
1002 #endif /* CONFIG_WPS */
1003 if (pending)
1004 return;
1005 eloop_terminate();
1006 }
1007
1008
1009 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1010 {
1011 struct wpa_global *global = signal_ctx;
1012 wpa_supplicant_terminate_proc(global);
1013 }
1014
1015
1016 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1017 {
1018 enum wpa_states old_state = wpa_s->wpa_state;
1019
1020 wpa_s->pairwise_cipher = 0;
1021 wpa_s->group_cipher = 0;
1022 wpa_s->mgmt_group_cipher = 0;
1023 wpa_s->key_mgmt = 0;
1024 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1025 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1026
1027 if (wpa_s->wpa_state != old_state)
1028 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1029 }
1030
1031
1032 /**
1033 * wpa_supplicant_reload_configuration - Reload configuration data
1034 * @wpa_s: Pointer to wpa_supplicant data
1035 * Returns: 0 on success or -1 if configuration parsing failed
1036 *
1037 * This function can be used to request that the configuration data is reloaded
1038 * (e.g., after configuration file change). This function is reloading
1039 * configuration only for one interface, so this may need to be called multiple
1040 * times if %wpa_supplicant is controlling multiple interfaces and all
1041 * interfaces need reconfiguration.
1042 */
1043 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1044 {
1045 struct wpa_config *conf;
1046 int reconf_ctrl;
1047 int old_ap_scan;
1048
1049 if (wpa_s->confname == NULL)
1050 return -1;
1051 conf = wpa_config_read(wpa_s->confname, NULL);
1052 if (conf == NULL) {
1053 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1054 "file '%s' - exiting", wpa_s->confname);
1055 return -1;
1056 }
1057 if (wpa_s->confanother &&
1058 !wpa_config_read(wpa_s->confanother, conf)) {
1059 wpa_msg(wpa_s, MSG_ERROR,
1060 "Failed to parse the configuration file '%s' - exiting",
1061 wpa_s->confanother);
1062 return -1;
1063 }
1064
1065 conf->changed_parameters = (unsigned int) -1;
1066
1067 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1068 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1069 os_strcmp(conf->ctrl_interface,
1070 wpa_s->conf->ctrl_interface) != 0);
1071
1072 if (reconf_ctrl && wpa_s->ctrl_iface) {
1073 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1074 wpa_s->ctrl_iface = NULL;
1075 }
1076
1077 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1078 if (wpa_s->current_ssid) {
1079 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1080 wpa_s->own_disconnect_req = 1;
1081 wpa_supplicant_deauthenticate(wpa_s,
1082 WLAN_REASON_DEAUTH_LEAVING);
1083 }
1084
1085 /*
1086 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1087 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1088 */
1089 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1090 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1091 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1092 /*
1093 * Clear forced success to clear EAP state for next
1094 * authentication.
1095 */
1096 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1097 }
1098 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1099 wpa_sm_set_config(wpa_s->wpa, NULL);
1100 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1101 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1102 rsn_preauth_deinit(wpa_s->wpa);
1103
1104 old_ap_scan = wpa_s->conf->ap_scan;
1105 wpa_config_free(wpa_s->conf);
1106 wpa_s->conf = conf;
1107 if (old_ap_scan != wpa_s->conf->ap_scan)
1108 wpas_notify_ap_scan_changed(wpa_s);
1109
1110 if (reconf_ctrl)
1111 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1112
1113 wpa_supplicant_update_config(wpa_s);
1114
1115 wpa_supplicant_clear_status(wpa_s);
1116 if (wpa_supplicant_enabled_networks(wpa_s)) {
1117 wpa_s->reassociate = 1;
1118 wpa_supplicant_req_scan(wpa_s, 0, 0);
1119 }
1120 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1121 return 0;
1122 }
1123
1124
1125 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1126 {
1127 struct wpa_global *global = signal_ctx;
1128 struct wpa_supplicant *wpa_s;
1129 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1130 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1131 sig);
1132 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1133 wpa_supplicant_terminate_proc(global);
1134 }
1135 }
1136
1137 if (wpa_debug_reopen_file() < 0) {
1138 /* Ignore errors since we cannot really do much to fix this */
1139 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1140 }
1141 }
1142
1143
1144 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1145 struct wpa_ssid *ssid,
1146 struct wpa_ie_data *ie)
1147 {
1148 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1149 if (ret) {
1150 if (ret == -2) {
1151 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1152 "from association info");
1153 }
1154 return -1;
1155 }
1156
1157 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1158 "cipher suites");
1159 if (!(ie->group_cipher & ssid->group_cipher)) {
1160 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1161 "cipher 0x%x (mask 0x%x) - reject",
1162 ie->group_cipher, ssid->group_cipher);
1163 return -1;
1164 }
1165 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1166 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1167 "cipher 0x%x (mask 0x%x) - reject",
1168 ie->pairwise_cipher, ssid->pairwise_cipher);
1169 return -1;
1170 }
1171 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1172 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1173 "management 0x%x (mask 0x%x) - reject",
1174 ie->key_mgmt, ssid->key_mgmt);
1175 return -1;
1176 }
1177
1178 #ifdef CONFIG_IEEE80211W
1179 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1180 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1181 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1182 "that does not support management frame protection - "
1183 "reject");
1184 return -1;
1185 }
1186 #endif /* CONFIG_IEEE80211W */
1187
1188 return 0;
1189 }
1190
1191
1192 /**
1193 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1194 * @wpa_s: Pointer to wpa_supplicant data
1195 * @bss: Scan results for the selected BSS, or %NULL if not available
1196 * @ssid: Configuration data for the selected network
1197 * @wpa_ie: Buffer for the WPA/RSN IE
1198 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1199 * used buffer length in case the functions returns success.
1200 * Returns: 0 on success or -1 on failure
1201 *
1202 * This function is used to configure authentication and encryption parameters
1203 * based on the network configuration and scan result for the selected BSS (if
1204 * available).
1205 */
1206 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1207 struct wpa_bss *bss, struct wpa_ssid *ssid,
1208 u8 *wpa_ie, size_t *wpa_ie_len)
1209 {
1210 struct wpa_ie_data ie;
1211 int sel, proto;
1212 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1213
1214 if (bss) {
1215 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1216 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1217 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1218 } else
1219 bss_wpa = bss_rsn = bss_osen = NULL;
1220
1221 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1222 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1223 (ie.group_cipher & ssid->group_cipher) &&
1224 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1225 (ie.key_mgmt & ssid->key_mgmt)) {
1226 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1227 proto = WPA_PROTO_RSN;
1228 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1229 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1230 (ie.group_cipher & ssid->group_cipher) &&
1231 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1232 (ie.key_mgmt & ssid->key_mgmt)) {
1233 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1234 proto = WPA_PROTO_WPA;
1235 #ifdef CONFIG_HS20
1236 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1237 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1238 (ie.group_cipher & ssid->group_cipher) &&
1239 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1240 (ie.key_mgmt & ssid->key_mgmt)) {
1241 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1242 proto = WPA_PROTO_OSEN;
1243 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1244 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1245 (ie.group_cipher & ssid->group_cipher) &&
1246 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1247 (ie.key_mgmt & ssid->key_mgmt)) {
1248 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1249 proto = WPA_PROTO_RSN;
1250 #endif /* CONFIG_HS20 */
1251 } else if (bss) {
1252 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1253 wpa_dbg(wpa_s, MSG_DEBUG,
1254 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1255 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1256 ssid->key_mgmt);
1257 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1258 MAC2STR(bss->bssid),
1259 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1260 bss_wpa ? " WPA" : "",
1261 bss_rsn ? " RSN" : "",
1262 bss_osen ? " OSEN" : "");
1263 if (bss_rsn) {
1264 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1265 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1266 wpa_dbg(wpa_s, MSG_DEBUG,
1267 "Could not parse RSN element");
1268 } else {
1269 wpa_dbg(wpa_s, MSG_DEBUG,
1270 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1271 ie.pairwise_cipher, ie.group_cipher,
1272 ie.key_mgmt);
1273 }
1274 }
1275 if (bss_wpa) {
1276 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1277 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1278 wpa_dbg(wpa_s, MSG_DEBUG,
1279 "Could not parse WPA element");
1280 } else {
1281 wpa_dbg(wpa_s, MSG_DEBUG,
1282 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1283 ie.pairwise_cipher, ie.group_cipher,
1284 ie.key_mgmt);
1285 }
1286 }
1287 return -1;
1288 } else {
1289 if (ssid->proto & WPA_PROTO_OSEN)
1290 proto = WPA_PROTO_OSEN;
1291 else if (ssid->proto & WPA_PROTO_RSN)
1292 proto = WPA_PROTO_RSN;
1293 else
1294 proto = WPA_PROTO_WPA;
1295 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1296 os_memset(&ie, 0, sizeof(ie));
1297 ie.group_cipher = ssid->group_cipher;
1298 ie.pairwise_cipher = ssid->pairwise_cipher;
1299 ie.key_mgmt = ssid->key_mgmt;
1300 #ifdef CONFIG_IEEE80211W
1301 ie.mgmt_group_cipher = 0;
1302 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1303 if (ssid->group_mgmt_cipher &
1304 WPA_CIPHER_BIP_GMAC_256)
1305 ie.mgmt_group_cipher =
1306 WPA_CIPHER_BIP_GMAC_256;
1307 else if (ssid->group_mgmt_cipher &
1308 WPA_CIPHER_BIP_CMAC_256)
1309 ie.mgmt_group_cipher =
1310 WPA_CIPHER_BIP_CMAC_256;
1311 else if (ssid->group_mgmt_cipher &
1312 WPA_CIPHER_BIP_GMAC_128)
1313 ie.mgmt_group_cipher =
1314 WPA_CIPHER_BIP_GMAC_128;
1315 else
1316 ie.mgmt_group_cipher =
1317 WPA_CIPHER_AES_128_CMAC;
1318 }
1319 #endif /* CONFIG_IEEE80211W */
1320 #ifdef CONFIG_OWE
1321 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1322 !ssid->owe_only &&
1323 !bss_wpa && !bss_rsn && !bss_osen) {
1324 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1325 wpa_s->wpa_proto = 0;
1326 *wpa_ie_len = 0;
1327 return 0;
1328 }
1329 #endif /* CONFIG_OWE */
1330 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1331 "based on configuration");
1332 } else
1333 proto = ie.proto;
1334 }
1335
1336 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1337 "pairwise %d key_mgmt %d proto %d",
1338 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1339 #ifdef CONFIG_IEEE80211W
1340 if (ssid->ieee80211w) {
1341 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1342 ie.mgmt_group_cipher);
1343 }
1344 #endif /* CONFIG_IEEE80211W */
1345
1346 wpa_s->wpa_proto = proto;
1347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1349 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1350
1351 if (bss || !wpa_s->ap_ies_from_associnfo) {
1352 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1353 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1354 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1355 bss_rsn ? 2 + bss_rsn[1] : 0))
1356 return -1;
1357 }
1358
1359 #ifdef CONFIG_NO_WPA
1360 wpa_s->group_cipher = WPA_CIPHER_NONE;
1361 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1362 #else /* CONFIG_NO_WPA */
1363 sel = ie.group_cipher & ssid->group_cipher;
1364 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1365 if (wpa_s->group_cipher < 0) {
1366 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1367 "cipher");
1368 return -1;
1369 }
1370 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1371 wpa_cipher_txt(wpa_s->group_cipher));
1372
1373 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1374 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1375 if (wpa_s->pairwise_cipher < 0) {
1376 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1377 "cipher");
1378 return -1;
1379 }
1380 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1381 wpa_cipher_txt(wpa_s->pairwise_cipher));
1382 #endif /* CONFIG_NO_WPA */
1383
1384 sel = ie.key_mgmt & ssid->key_mgmt;
1385 #ifdef CONFIG_SAE
1386 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1387 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1388 #endif /* CONFIG_SAE */
1389 if (0) {
1390 #ifdef CONFIG_SUITEB192
1391 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1392 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1393 wpa_dbg(wpa_s, MSG_DEBUG,
1394 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1395 #endif /* CONFIG_SUITEB192 */
1396 #ifdef CONFIG_SUITEB
1397 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1398 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1399 wpa_dbg(wpa_s, MSG_DEBUG,
1400 "WPA: using KEY_MGMT 802.1X with Suite B");
1401 #endif /* CONFIG_SUITEB */
1402 #ifdef CONFIG_FILS
1403 #ifdef CONFIG_IEEE80211R
1404 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1405 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1406 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1407 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1408 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1409 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1410 #endif /* CONFIG_IEEE80211R */
1411 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1412 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1413 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1414 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1415 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1416 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1417 #endif /* CONFIG_FILS */
1418 #ifdef CONFIG_IEEE80211R
1419 #ifdef CONFIG_SHA384
1420 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) {
1421 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1422 wpa_dbg(wpa_s, MSG_DEBUG,
1423 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1424 if (pmksa_cache_get_current(wpa_s->wpa)) {
1425 /* PMKSA caching with FT is not fully functional, so
1426 * disable the case for now. */
1427 wpa_dbg(wpa_s, MSG_DEBUG,
1428 "WPA: Disable PMKSA caching for FT/802.1X connection");
1429 pmksa_cache_clear_current(wpa_s->wpa);
1430 }
1431 #endif /* CONFIG_SHA384 */
1432 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1433 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1434 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1435 if (pmksa_cache_get_current(wpa_s->wpa)) {
1436 /* PMKSA caching with FT is not fully functional, so
1437 * disable the case for now. */
1438 wpa_dbg(wpa_s, MSG_DEBUG,
1439 "WPA: Disable PMKSA caching for FT/802.1X connection");
1440 pmksa_cache_clear_current(wpa_s->wpa);
1441 }
1442 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1443 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1444 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1445 #endif /* CONFIG_IEEE80211R */
1446 #ifdef CONFIG_SAE
1447 } else if (sel & WPA_KEY_MGMT_SAE) {
1448 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1449 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1450 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1451 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1452 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1453 #endif /* CONFIG_SAE */
1454 #ifdef CONFIG_IEEE80211W
1455 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1456 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1457 wpa_dbg(wpa_s, MSG_DEBUG,
1458 "WPA: using KEY_MGMT 802.1X with SHA256");
1459 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1460 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1461 wpa_dbg(wpa_s, MSG_DEBUG,
1462 "WPA: using KEY_MGMT PSK with SHA256");
1463 #endif /* CONFIG_IEEE80211W */
1464 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1465 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1466 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1467 } else if (sel & WPA_KEY_MGMT_PSK) {
1468 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1469 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1470 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1471 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1472 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1473 #ifdef CONFIG_HS20
1474 } else if (sel & WPA_KEY_MGMT_OSEN) {
1475 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1476 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1477 #endif /* CONFIG_HS20 */
1478 #ifdef CONFIG_OWE
1479 } else if (sel & WPA_KEY_MGMT_OWE) {
1480 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1481 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1482 #endif /* CONFIG_OWE */
1483 #ifdef CONFIG_DPP
1484 } else if (sel & WPA_KEY_MGMT_DPP) {
1485 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1486 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1487 #endif /* CONFIG_DPP */
1488 } else {
1489 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1490 "authenticated key management type");
1491 return -1;
1492 }
1493
1494 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1495 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1496 wpa_s->pairwise_cipher);
1497 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1498
1499 #ifdef CONFIG_IEEE80211W
1500 sel = ie.mgmt_group_cipher;
1501 if (ssid->group_mgmt_cipher)
1502 sel &= ssid->group_mgmt_cipher;
1503 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1504 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1505 sel = 0;
1506 if (sel & WPA_CIPHER_AES_128_CMAC) {
1507 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1508 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1509 "AES-128-CMAC");
1510 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1511 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1512 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1513 "BIP-GMAC-128");
1514 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1515 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1516 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1517 "BIP-GMAC-256");
1518 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1519 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1520 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1521 "BIP-CMAC-256");
1522 } else {
1523 wpa_s->mgmt_group_cipher = 0;
1524 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1525 }
1526 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1527 wpa_s->mgmt_group_cipher);
1528 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1529 wpas_get_ssid_pmf(wpa_s, ssid));
1530 #endif /* CONFIG_IEEE80211W */
1531 #ifdef CONFIG_OCV
1532 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1533 #endif /* CONFIG_OCV */
1534
1535 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1536 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1537 return -1;
1538 }
1539
1540 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1541 int psk_set = 0;
1542 int sae_only;
1543
1544 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1545 WPA_KEY_MGMT_FT_PSK |
1546 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1547
1548 if (ssid->psk_set && !sae_only) {
1549 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1550 ssid->psk, PMK_LEN);
1551 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1552 NULL);
1553 psk_set = 1;
1554 }
1555
1556 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1557 (ssid->sae_password || ssid->passphrase))
1558 psk_set = 1;
1559
1560 #ifndef CONFIG_NO_PBKDF2
1561 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1562 ssid->passphrase && !sae_only) {
1563 u8 psk[PMK_LEN];
1564 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1565 4096, psk, PMK_LEN);
1566 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1567 psk, PMK_LEN);
1568 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1569 psk_set = 1;
1570 os_memset(psk, 0, sizeof(psk));
1571 }
1572 #endif /* CONFIG_NO_PBKDF2 */
1573 #ifdef CONFIG_EXT_PASSWORD
1574 if (ssid->ext_psk && !sae_only) {
1575 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1576 ssid->ext_psk);
1577 char pw_str[64 + 1];
1578 u8 psk[PMK_LEN];
1579
1580 if (pw == NULL) {
1581 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1582 "found from external storage");
1583 return -1;
1584 }
1585
1586 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1587 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1588 "PSK length %d in external storage",
1589 (int) wpabuf_len(pw));
1590 ext_password_free(pw);
1591 return -1;
1592 }
1593
1594 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1595 pw_str[wpabuf_len(pw)] = '\0';
1596
1597 #ifndef CONFIG_NO_PBKDF2
1598 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1599 {
1600 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1601 4096, psk, PMK_LEN);
1602 os_memset(pw_str, 0, sizeof(pw_str));
1603 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1604 "external passphrase)",
1605 psk, PMK_LEN);
1606 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1607 NULL);
1608 psk_set = 1;
1609 os_memset(psk, 0, sizeof(psk));
1610 } else
1611 #endif /* CONFIG_NO_PBKDF2 */
1612 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1613 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1614 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1615 "Invalid PSK hex string");
1616 os_memset(pw_str, 0, sizeof(pw_str));
1617 ext_password_free(pw);
1618 return -1;
1619 }
1620 wpa_hexdump_key(MSG_MSGDUMP,
1621 "PSK (from external PSK)",
1622 psk, PMK_LEN);
1623 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1624 NULL);
1625 psk_set = 1;
1626 os_memset(psk, 0, sizeof(psk));
1627 } else {
1628 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1629 "PSK available");
1630 os_memset(pw_str, 0, sizeof(pw_str));
1631 ext_password_free(pw);
1632 return -1;
1633 }
1634
1635 os_memset(pw_str, 0, sizeof(pw_str));
1636 ext_password_free(pw);
1637 }
1638 #endif /* CONFIG_EXT_PASSWORD */
1639
1640 if (!psk_set) {
1641 wpa_msg(wpa_s, MSG_INFO,
1642 "No PSK available for association");
1643 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1644 return -1;
1645 }
1646 #ifdef CONFIG_OWE
1647 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1648 /* OWE Diffie-Hellman exchange in (Re)Association
1649 * Request/Response frames set the PMK, so do not override it
1650 * here. */
1651 #endif /* CONFIG_OWE */
1652 } else
1653 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1654
1655 return 0;
1656 }
1657
1658
1659 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1660 {
1661 *pos = 0x00;
1662
1663 switch (idx) {
1664 case 0: /* Bits 0-7 */
1665 break;
1666 case 1: /* Bits 8-15 */
1667 if (wpa_s->conf->coloc_intf_reporting) {
1668 /* Bit 13 - Collocated Interference Reporting */
1669 *pos |= 0x20;
1670 }
1671 break;
1672 case 2: /* Bits 16-23 */
1673 #ifdef CONFIG_WNM
1674 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1675 *pos |= 0x08; /* Bit 19 - BSS Transition */
1676 #endif /* CONFIG_WNM */
1677 break;
1678 case 3: /* Bits 24-31 */
1679 #ifdef CONFIG_WNM
1680 *pos |= 0x02; /* Bit 25 - SSID List */
1681 #endif /* CONFIG_WNM */
1682 #ifdef CONFIG_INTERWORKING
1683 if (wpa_s->conf->interworking)
1684 *pos |= 0x80; /* Bit 31 - Interworking */
1685 #endif /* CONFIG_INTERWORKING */
1686 break;
1687 case 4: /* Bits 32-39 */
1688 #ifdef CONFIG_INTERWORKING
1689 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1690 *pos |= 0x01; /* Bit 32 - QoS Map */
1691 #endif /* CONFIG_INTERWORKING */
1692 break;
1693 case 5: /* Bits 40-47 */
1694 #ifdef CONFIG_HS20
1695 if (wpa_s->conf->hs20)
1696 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1697 #endif /* CONFIG_HS20 */
1698 #ifdef CONFIG_MBO
1699 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1700 #endif /* CONFIG_MBO */
1701 break;
1702 case 6: /* Bits 48-55 */
1703 break;
1704 case 7: /* Bits 56-63 */
1705 break;
1706 case 8: /* Bits 64-71 */
1707 if (wpa_s->conf->ftm_responder)
1708 *pos |= 0x40; /* Bit 70 - FTM responder */
1709 if (wpa_s->conf->ftm_initiator)
1710 *pos |= 0x80; /* Bit 71 - FTM initiator */
1711 break;
1712 case 9: /* Bits 72-79 */
1713 #ifdef CONFIG_FILS
1714 if (!wpa_s->disable_fils)
1715 *pos |= 0x01;
1716 #endif /* CONFIG_FILS */
1717 break;
1718 }
1719 }
1720
1721
1722 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1723 {
1724 u8 *pos = buf;
1725 u8 len = 10, i;
1726
1727 if (len < wpa_s->extended_capa_len)
1728 len = wpa_s->extended_capa_len;
1729 if (buflen < (size_t) len + 2) {
1730 wpa_printf(MSG_INFO,
1731 "Not enough room for building extended capabilities element");
1732 return -1;
1733 }
1734
1735 *pos++ = WLAN_EID_EXT_CAPAB;
1736 *pos++ = len;
1737 for (i = 0; i < len; i++, pos++) {
1738 wpas_ext_capab_byte(wpa_s, pos, i);
1739
1740 if (i < wpa_s->extended_capa_len) {
1741 *pos &= ~wpa_s->extended_capa_mask[i];
1742 *pos |= wpa_s->extended_capa[i];
1743 }
1744 }
1745
1746 while (len > 0 && buf[1 + len] == 0) {
1747 len--;
1748 buf[1] = len;
1749 }
1750 if (len == 0)
1751 return 0;
1752
1753 return 2 + len;
1754 }
1755
1756
1757 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1758 struct wpa_bss *test_bss)
1759 {
1760 struct wpa_bss *bss;
1761
1762 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1763 if (bss == test_bss)
1764 return 1;
1765 }
1766
1767 return 0;
1768 }
1769
1770
1771 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1772 struct wpa_ssid *test_ssid)
1773 {
1774 struct wpa_ssid *ssid;
1775
1776 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1777 if (ssid == test_ssid)
1778 return 1;
1779 }
1780
1781 return 0;
1782 }
1783
1784
1785 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1786 struct wpa_ssid *test_ssid)
1787 {
1788 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1789 return 0;
1790
1791 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1792 }
1793
1794
1795 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1796 {
1797 if (cwork == NULL)
1798 return;
1799 os_free(cwork);
1800 }
1801
1802
1803 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1804 {
1805 struct wpa_connect_work *cwork;
1806 struct wpa_radio_work *work = wpa_s->connect_work;
1807
1808 if (!work)
1809 return;
1810
1811 wpa_s->connect_work = NULL;
1812 cwork = work->ctx;
1813 work->ctx = NULL;
1814 wpas_connect_work_free(cwork);
1815 radio_work_done(work);
1816 }
1817
1818
1819 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1820 {
1821 struct os_reltime now;
1822 u8 addr[ETH_ALEN];
1823
1824 os_get_reltime(&now);
1825 if (wpa_s->last_mac_addr_style == style &&
1826 wpa_s->last_mac_addr_change.sec != 0 &&
1827 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1828 wpa_s->conf->rand_addr_lifetime)) {
1829 wpa_msg(wpa_s, MSG_DEBUG,
1830 "Previously selected random MAC address has not yet expired");
1831 return 0;
1832 }
1833
1834 switch (style) {
1835 case 1:
1836 if (random_mac_addr(addr) < 0)
1837 return -1;
1838 break;
1839 case 2:
1840 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1841 if (random_mac_addr_keep_oui(addr) < 0)
1842 return -1;
1843 break;
1844 default:
1845 return -1;
1846 }
1847
1848 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1849 wpa_msg(wpa_s, MSG_INFO,
1850 "Failed to set random MAC address");
1851 return -1;
1852 }
1853
1854 os_get_reltime(&wpa_s->last_mac_addr_change);
1855 wpa_s->mac_addr_changed = 1;
1856 wpa_s->last_mac_addr_style = style;
1857
1858 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1859 wpa_msg(wpa_s, MSG_INFO,
1860 "Could not update MAC address information");
1861 return -1;
1862 }
1863
1864 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1865 MAC2STR(addr));
1866
1867 return 0;
1868 }
1869
1870
1871 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1872 {
1873 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1874 !wpa_s->conf->preassoc_mac_addr)
1875 return 0;
1876
1877 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1878 }
1879
1880
1881 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1882
1883 /**
1884 * wpa_supplicant_associate - Request association
1885 * @wpa_s: Pointer to wpa_supplicant data
1886 * @bss: Scan results for the selected BSS, or %NULL if not available
1887 * @ssid: Configuration data for the selected network
1888 *
1889 * This function is used to request %wpa_supplicant to associate with a BSS.
1890 */
1891 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1892 struct wpa_bss *bss, struct wpa_ssid *ssid)
1893 {
1894 struct wpa_connect_work *cwork;
1895 int rand_style;
1896
1897 wpa_s->own_disconnect_req = 0;
1898
1899 /*
1900 * If we are starting a new connection, any previously pending EAPOL
1901 * RX cannot be valid anymore.
1902 */
1903 wpabuf_free(wpa_s->pending_eapol_rx);
1904 wpa_s->pending_eapol_rx = NULL;
1905
1906 if (ssid->mac_addr == -1)
1907 rand_style = wpa_s->conf->mac_addr;
1908 else
1909 rand_style = ssid->mac_addr;
1910
1911 wmm_ac_clear_saved_tspecs(wpa_s);
1912 wpa_s->reassoc_same_bss = 0;
1913 wpa_s->reassoc_same_ess = 0;
1914 #ifdef CONFIG_TESTING_OPTIONS
1915 wpa_s->testing_resend_assoc = 0;
1916 #endif /* CONFIG_TESTING_OPTIONS */
1917
1918 if (wpa_s->last_ssid == ssid) {
1919 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1920 wpa_s->reassoc_same_ess = 1;
1921 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1922 wmm_ac_save_tspecs(wpa_s);
1923 wpa_s->reassoc_same_bss = 1;
1924 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
1925 os_get_reltime(&wpa_s->roam_start);
1926 }
1927 }
1928
1929 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
1930 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1931 return;
1932 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1933 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
1934 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1935 wpa_msg(wpa_s, MSG_INFO,
1936 "Could not restore permanent MAC address");
1937 return;
1938 }
1939 wpa_s->mac_addr_changed = 0;
1940 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1941 wpa_msg(wpa_s, MSG_INFO,
1942 "Could not update MAC address information");
1943 return;
1944 }
1945 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1946 }
1947 wpa_s->last_ssid = ssid;
1948
1949 #ifdef CONFIG_IBSS_RSN
1950 ibss_rsn_deinit(wpa_s->ibss_rsn);
1951 wpa_s->ibss_rsn = NULL;
1952 #else /* CONFIG_IBSS_RSN */
1953 if (ssid->mode == WPAS_MODE_IBSS &&
1954 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1955 wpa_msg(wpa_s, MSG_INFO,
1956 "IBSS RSN not supported in the build");
1957 return;
1958 }
1959 #endif /* CONFIG_IBSS_RSN */
1960
1961 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1962 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1963 #ifdef CONFIG_AP
1964 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1965 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1966 "mode");
1967 return;
1968 }
1969 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1970 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1971 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1972 wpas_p2p_ap_setup_failed(wpa_s);
1973 return;
1974 }
1975 wpa_s->current_bss = bss;
1976 #else /* CONFIG_AP */
1977 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1978 "the build");
1979 #endif /* CONFIG_AP */
1980 return;
1981 }
1982
1983 if (ssid->mode == WPAS_MODE_MESH) {
1984 #ifdef CONFIG_MESH
1985 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1986 wpa_msg(wpa_s, MSG_INFO,
1987 "Driver does not support mesh mode");
1988 return;
1989 }
1990 if (bss)
1991 ssid->frequency = bss->freq;
1992 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1993 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1994 return;
1995 }
1996 wpa_s->current_bss = bss;
1997 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1998 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1999 ssid->id);
2000 wpas_notify_mesh_group_started(wpa_s, ssid);
2001 #else /* CONFIG_MESH */
2002 wpa_msg(wpa_s, MSG_ERROR,
2003 "mesh mode support not included in the build");
2004 #endif /* CONFIG_MESH */
2005 return;
2006 }
2007
2008 /*
2009 * Set WPA state machine configuration to match the selected network now
2010 * so that the information is available before wpas_start_assoc_cb()
2011 * gets called. This is needed at least for RSN pre-authentication where
2012 * candidate APs are added to a list based on scan result processing
2013 * before completion of the first association.
2014 */
2015 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2016
2017 #ifdef CONFIG_DPP
2018 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2019 return;
2020 #endif /* CONFIG_DPP */
2021
2022 #ifdef CONFIG_TDLS
2023 if (bss)
2024 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2025 bss->ie_len);
2026 #endif /* CONFIG_TDLS */
2027
2028 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2029 ssid->mode == IEEE80211_MODE_INFRA) {
2030 sme_authenticate(wpa_s, bss, ssid);
2031 return;
2032 }
2033
2034 if (wpa_s->connect_work) {
2035 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2036 return;
2037 }
2038
2039 if (radio_work_pending(wpa_s, "connect")) {
2040 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2041 return;
2042 }
2043
2044 #ifdef CONFIG_SME
2045 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2046 /* Clear possibly set auth_alg, if any, from last attempt. */
2047 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2048 }
2049 #endif /* CONFIG_SME */
2050
2051 wpas_abort_ongoing_scan(wpa_s);
2052
2053 cwork = os_zalloc(sizeof(*cwork));
2054 if (cwork == NULL)
2055 return;
2056
2057 cwork->bss = bss;
2058 cwork->ssid = ssid;
2059
2060 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2061 wpas_start_assoc_cb, cwork) < 0) {
2062 os_free(cwork);
2063 }
2064 }
2065
2066
2067 static int bss_is_ibss(struct wpa_bss *bss)
2068 {
2069 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2070 IEEE80211_CAP_IBSS;
2071 }
2072
2073
2074 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2075 const struct wpa_ssid *ssid)
2076 {
2077 enum hostapd_hw_mode hw_mode;
2078 struct hostapd_hw_modes *mode = NULL;
2079 u8 channel;
2080 int i;
2081
2082 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2083 if (hw_mode == NUM_HOSTAPD_MODES)
2084 return 0;
2085 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2086 if (wpa_s->hw.modes[i].mode == hw_mode) {
2087 mode = &wpa_s->hw.modes[i];
2088 break;
2089 }
2090 }
2091
2092 if (!mode)
2093 return 0;
2094
2095 return mode->vht_capab != 0;
2096 }
2097
2098
2099 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2100 const struct wpa_ssid *ssid,
2101 struct hostapd_freq_params *freq)
2102 {
2103 enum hostapd_hw_mode hw_mode;
2104 struct hostapd_hw_modes *mode = NULL;
2105 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2106 184, 192 };
2107 int vht80[] = { 36, 52, 100, 116, 132, 149 };
2108 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2109 u8 channel;
2110 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2111 unsigned int j, k;
2112 struct hostapd_freq_params vht_freq;
2113 int chwidth, seg0, seg1;
2114 u32 vht_caps = 0;
2115
2116 freq->freq = ssid->frequency;
2117
2118 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2119 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2120
2121 if (ssid->mode != WPAS_MODE_IBSS)
2122 break;
2123
2124 /* Don't adjust control freq in case of fixed_freq */
2125 if (ssid->fixed_freq)
2126 break;
2127
2128 if (!bss_is_ibss(bss))
2129 continue;
2130
2131 if (ssid->ssid_len == bss->ssid_len &&
2132 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2133 wpa_printf(MSG_DEBUG,
2134 "IBSS already found in scan results, adjust control freq: %d",
2135 bss->freq);
2136 freq->freq = bss->freq;
2137 obss_scan = 0;
2138 break;
2139 }
2140 }
2141
2142 /* For IBSS check HT_IBSS flag */
2143 if (ssid->mode == WPAS_MODE_IBSS &&
2144 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2145 return;
2146
2147 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2148 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2149 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2150 wpa_printf(MSG_DEBUG,
2151 "IBSS: WEP/TKIP detected, do not try to enable HT");
2152 return;
2153 }
2154
2155 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2156 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2157 if (wpa_s->hw.modes[i].mode == hw_mode) {
2158 mode = &wpa_s->hw.modes[i];
2159 break;
2160 }
2161 }
2162
2163 if (!mode)
2164 return;
2165
2166 #ifdef CONFIG_HT_OVERRIDES
2167 if (ssid->disable_ht) {
2168 freq->ht_enabled = 0;
2169 return;
2170 }
2171 #endif /* CONFIG_HT_OVERRIDES */
2172
2173 freq->ht_enabled = ht_supported(mode);
2174 if (!freq->ht_enabled)
2175 return;
2176
2177 /* Setup higher BW only for 5 GHz */
2178 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2179 return;
2180
2181 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2182 pri_chan = &mode->channels[chan_idx];
2183 if (pri_chan->chan == channel)
2184 break;
2185 pri_chan = NULL;
2186 }
2187 if (!pri_chan)
2188 return;
2189
2190 /* Check primary channel flags */
2191 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2192 return;
2193
2194 freq->channel = pri_chan->chan;
2195
2196 #ifdef CONFIG_HT_OVERRIDES
2197 if (ssid->disable_ht40) {
2198 if (ssid->disable_vht)
2199 return;
2200 goto skip_ht40;
2201 }
2202 #endif /* CONFIG_HT_OVERRIDES */
2203
2204 /* Check/setup HT40+/HT40- */
2205 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2206 if (ht40plus[j] == channel) {
2207 ht40 = 1;
2208 break;
2209 }
2210 }
2211
2212 /* Find secondary channel */
2213 for (i = 0; i < mode->num_channels; i++) {
2214 sec_chan = &mode->channels[i];
2215 if (sec_chan->chan == channel + ht40 * 4)
2216 break;
2217 sec_chan = NULL;
2218 }
2219 if (!sec_chan)
2220 return;
2221
2222 /* Check secondary channel flags */
2223 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2224 return;
2225
2226 if (ht40 == -1) {
2227 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2228 return;
2229 } else {
2230 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2231 return;
2232 }
2233 freq->sec_channel_offset = ht40;
2234
2235 if (obss_scan) {
2236 struct wpa_scan_results *scan_res;
2237
2238 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2239 if (scan_res == NULL) {
2240 /* Back to HT20 */
2241 freq->sec_channel_offset = 0;
2242 return;
2243 }
2244
2245 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2246 sec_chan->chan);
2247 switch (res) {
2248 case 0:
2249 /* Back to HT20 */
2250 freq->sec_channel_offset = 0;
2251 break;
2252 case 1:
2253 /* Configuration allowed */
2254 break;
2255 case 2:
2256 /* Switch pri/sec channels */
2257 freq->freq = hw_get_freq(mode, sec_chan->chan);
2258 freq->sec_channel_offset = -freq->sec_channel_offset;
2259 freq->channel = sec_chan->chan;
2260 break;
2261 default:
2262 freq->sec_channel_offset = 0;
2263 break;
2264 }
2265
2266 wpa_scan_results_free(scan_res);
2267 }
2268
2269 #ifdef CONFIG_HT_OVERRIDES
2270 skip_ht40:
2271 #endif /* CONFIG_HT_OVERRIDES */
2272 wpa_printf(MSG_DEBUG,
2273 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2274 freq->channel, freq->sec_channel_offset);
2275
2276 if (!drv_supports_vht(wpa_s, ssid))
2277 return;
2278
2279 /* For IBSS check VHT_IBSS flag */
2280 if (ssid->mode == WPAS_MODE_IBSS &&
2281 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2282 return;
2283
2284 vht_freq = *freq;
2285
2286 #ifdef CONFIG_VHT_OVERRIDES
2287 if (ssid->disable_vht) {
2288 freq->vht_enabled = 0;
2289 return;
2290 }
2291 #endif /* CONFIG_VHT_OVERRIDES */
2292
2293 vht_freq.vht_enabled = vht_supported(mode);
2294 if (!vht_freq.vht_enabled)
2295 return;
2296
2297 /* setup center_freq1, bandwidth */
2298 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2299 if (freq->channel >= vht80[j] &&
2300 freq->channel < vht80[j] + 16)
2301 break;
2302 }
2303
2304 if (j == ARRAY_SIZE(vht80))
2305 return;
2306
2307 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2308 struct hostapd_channel_data *chan;
2309
2310 chan = hw_get_channel_chan(mode, i, NULL);
2311 if (!chan)
2312 return;
2313
2314 /* Back to HT configuration if channel not usable */
2315 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2316 return;
2317 }
2318
2319 chwidth = VHT_CHANWIDTH_80MHZ;
2320 seg0 = vht80[j] + 6;
2321 seg1 = 0;
2322
2323 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2324 /* setup center_freq2, bandwidth */
2325 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2326 /* Only accept 80 MHz segments separated by a gap */
2327 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2328 continue;
2329 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2330 struct hostapd_channel_data *chan;
2331
2332 chan = hw_get_channel_chan(mode, i, NULL);
2333 if (!chan)
2334 continue;
2335
2336 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2337 HOSTAPD_CHAN_NO_IR |
2338 HOSTAPD_CHAN_RADAR))
2339 continue;
2340
2341 /* Found a suitable second segment for 80+80 */
2342 chwidth = VHT_CHANWIDTH_80P80MHZ;
2343 vht_caps |=
2344 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2345 seg1 = vht80[k] + 6;
2346 }
2347
2348 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2349 break;
2350 }
2351 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2352 if (freq->freq == 5180) {
2353 chwidth = VHT_CHANWIDTH_160MHZ;
2354 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2355 seg0 = 50;
2356 } else if (freq->freq == 5520) {
2357 chwidth = VHT_CHANWIDTH_160MHZ;
2358 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2359 seg0 = 114;
2360 }
2361 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_USE_HT) {
2362 chwidth = VHT_CHANWIDTH_USE_HT;
2363 seg0 = vht80[j] + 2;
2364 #ifdef CONFIG_HT_OVERRIDES
2365 if (ssid->disable_ht40)
2366 seg0 = 0;
2367 #endif /* CONFIG_HT_OVERRIDES */
2368 }
2369
2370 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2371 freq->channel, freq->ht_enabled,
2372 vht_freq.vht_enabled,
2373 freq->sec_channel_offset,
2374 chwidth, seg0, seg1, vht_caps) != 0)
2375 return;
2376
2377 *freq = vht_freq;
2378
2379 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2380 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2381 }
2382
2383
2384 #ifdef CONFIG_FILS
2385 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2386 size_t ie_buf_len)
2387 {
2388 struct fils_hlp_req *req;
2389 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2390 const u8 *pos;
2391 u8 *buf = ie_buf;
2392
2393 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2394 list) {
2395 rem_len = ie_buf_len - ie_len;
2396 pos = wpabuf_head(req->pkt);
2397 hdr_len = 1 + 2 * ETH_ALEN + 6;
2398 hlp_len = wpabuf_len(req->pkt);
2399
2400 if (rem_len < 2 + hdr_len + hlp_len) {
2401 wpa_printf(MSG_ERROR,
2402 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2403 (unsigned long) rem_len,
2404 (unsigned long) (2 + hdr_len + hlp_len));
2405 break;
2406 }
2407
2408 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2409 /* Element ID */
2410 *buf++ = WLAN_EID_EXTENSION;
2411 /* Length */
2412 *buf++ = len;
2413 /* Element ID Extension */
2414 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2415 /* Destination MAC address */
2416 os_memcpy(buf, req->dst, ETH_ALEN);
2417 buf += ETH_ALEN;
2418 /* Source MAC address */
2419 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2420 buf += ETH_ALEN;
2421 /* LLC/SNAP Header */
2422 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2423 buf += 6;
2424 /* HLP Packet */
2425 os_memcpy(buf, pos, len - hdr_len);
2426 buf += len - hdr_len;
2427 pos += len - hdr_len;
2428
2429 hlp_len -= len - hdr_len;
2430 ie_len += 2 + len;
2431 rem_len -= 2 + len;
2432
2433 while (hlp_len) {
2434 len = (hlp_len > 255) ? 255 : hlp_len;
2435 if (rem_len < 2 + len)
2436 break;
2437 *buf++ = WLAN_EID_FRAGMENT;
2438 *buf++ = len;
2439 os_memcpy(buf, pos, len);
2440 buf += len;
2441 pos += len;
2442
2443 hlp_len -= len;
2444 ie_len += 2 + len;
2445 rem_len -= 2 + len;
2446 }
2447 }
2448
2449 return ie_len;
2450 }
2451
2452
2453 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2454 {
2455 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2456 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2457 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2458 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2459 }
2460
2461
2462 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2463 {
2464 #ifdef CONFIG_FILS_SK_PFS
2465 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2466 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2467 #else /* CONFIG_FILS_SK_PFS */
2468 return 0;
2469 #endif /* CONFIG_FILS_SK_PFS */
2470 }
2471
2472 #endif /* CONFIG_FILS */
2473
2474
2475 static u8 * wpas_populate_assoc_ies(
2476 struct wpa_supplicant *wpa_s,
2477 struct wpa_bss *bss, struct wpa_ssid *ssid,
2478 struct wpa_driver_associate_params *params,
2479 enum wpa_drv_update_connect_params_mask *mask)
2480 {
2481 u8 *wpa_ie;
2482 size_t max_wpa_ie_len = 500;
2483 size_t wpa_ie_len;
2484 int algs = WPA_AUTH_ALG_OPEN;
2485 #ifdef CONFIG_MBO
2486 const u8 *mbo_ie;
2487 #endif
2488 #ifdef CONFIG_FILS
2489 const u8 *realm, *username, *rrk;
2490 size_t realm_len, username_len, rrk_len;
2491 u16 next_seq_num;
2492 struct fils_hlp_req *req;
2493
2494 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2495 list) {
2496 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2497 2 + 2 * wpabuf_len(req->pkt) / 255;
2498 }
2499 #endif /* CONFIG_FILS */
2500
2501 wpa_ie = os_malloc(max_wpa_ie_len);
2502 if (!wpa_ie) {
2503 wpa_printf(MSG_ERROR,
2504 "Failed to allocate connect IE buffer for %lu bytes",
2505 (unsigned long) max_wpa_ie_len);
2506 return NULL;
2507 }
2508
2509 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2510 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2511 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2512 int try_opportunistic;
2513 const u8 *cache_id = NULL;
2514
2515 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2516 wpa_s->conf->okc :
2517 ssid->proactive_key_caching) &&
2518 (ssid->proto & WPA_PROTO_RSN);
2519 #ifdef CONFIG_FILS
2520 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2521 cache_id = wpa_bss_get_fils_cache_id(bss);
2522 #endif /* CONFIG_FILS */
2523 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2524 ssid, try_opportunistic,
2525 cache_id, 0) == 0)
2526 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2527 wpa_ie_len = max_wpa_ie_len;
2528 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2529 wpa_ie, &wpa_ie_len)) {
2530 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2531 "key management and encryption suites");
2532 os_free(wpa_ie);
2533 return NULL;
2534 }
2535 #ifdef CONFIG_HS20
2536 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2537 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2538 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2539 wpa_ie_len = max_wpa_ie_len;
2540 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2541 wpa_ie, &wpa_ie_len)) {
2542 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2543 "key management and encryption suites");
2544 os_free(wpa_ie);
2545 return NULL;
2546 }
2547 #endif /* CONFIG_HS20 */
2548 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2549 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2550 /*
2551 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2552 * use non-WPA since the scan results did not indicate that the
2553 * AP is using WPA or WPA2.
2554 */
2555 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2556 wpa_ie_len = 0;
2557 wpa_s->wpa_proto = 0;
2558 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2559 wpa_ie_len = max_wpa_ie_len;
2560 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2561 wpa_ie, &wpa_ie_len)) {
2562 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2563 "key management and encryption suites (no "
2564 "scan results)");
2565 os_free(wpa_ie);
2566 return NULL;
2567 }
2568 #ifdef CONFIG_WPS
2569 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2570 struct wpabuf *wps_ie;
2571 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2572 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
2573 wpa_ie_len = wpabuf_len(wps_ie);
2574 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2575 } else
2576 wpa_ie_len = 0;
2577 wpabuf_free(wps_ie);
2578 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2579 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2580 params->wps = WPS_MODE_PRIVACY;
2581 else
2582 params->wps = WPS_MODE_OPEN;
2583 wpa_s->wpa_proto = 0;
2584 #endif /* CONFIG_WPS */
2585 } else {
2586 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2587 wpa_ie_len = 0;
2588 wpa_s->wpa_proto = 0;
2589 }
2590
2591 #ifdef IEEE8021X_EAPOL
2592 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2593 if (ssid->leap) {
2594 if (ssid->non_leap == 0)
2595 algs = WPA_AUTH_ALG_LEAP;
2596 else
2597 algs |= WPA_AUTH_ALG_LEAP;
2598 }
2599 }
2600
2601 #ifdef CONFIG_FILS
2602 /* Clear FILS association */
2603 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2604
2605 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2606 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2607 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2608 &username_len, &realm, &realm_len,
2609 &next_seq_num, &rrk, &rrk_len) == 0 &&
2610 (!wpa_s->last_con_fail_realm ||
2611 wpa_s->last_con_fail_realm_len != realm_len ||
2612 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
2613 algs = WPA_AUTH_ALG_FILS;
2614 params->fils_erp_username = username;
2615 params->fils_erp_username_len = username_len;
2616 params->fils_erp_realm = realm;
2617 params->fils_erp_realm_len = realm_len;
2618 params->fils_erp_next_seq_num = next_seq_num;
2619 params->fils_erp_rrk = rrk;
2620 params->fils_erp_rrk_len = rrk_len;
2621
2622 if (mask)
2623 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
2624 }
2625 #endif /* CONFIG_FILS */
2626 #endif /* IEEE8021X_EAPOL */
2627 #ifdef CONFIG_SAE
2628 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2629 algs = WPA_AUTH_ALG_SAE;
2630 #endif /* CONFIG_SAE */
2631
2632 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2633 if (ssid->auth_alg) {
2634 algs = ssid->auth_alg;
2635 wpa_dbg(wpa_s, MSG_DEBUG,
2636 "Overriding auth_alg selection: 0x%x", algs);
2637 }
2638
2639 #ifdef CONFIG_P2P
2640 if (wpa_s->global->p2p) {
2641 u8 *pos;
2642 size_t len;
2643 int res;
2644 pos = wpa_ie + wpa_ie_len;
2645 len = max_wpa_ie_len - wpa_ie_len;
2646 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2647 ssid->p2p_group);
2648 if (res >= 0)
2649 wpa_ie_len += res;
2650 }
2651
2652 wpa_s->cross_connect_disallowed = 0;
2653 if (bss) {
2654 struct wpabuf *p2p;
2655 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2656 if (p2p) {
2657 wpa_s->cross_connect_disallowed =
2658 p2p_get_cross_connect_disallowed(p2p);
2659 wpabuf_free(p2p);
2660 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2661 "connection",
2662 wpa_s->cross_connect_disallowed ?
2663 "disallows" : "allows");
2664 }
2665 }
2666
2667 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2668 #endif /* CONFIG_P2P */
2669
2670 if (bss) {
2671 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
2672 wpa_ie + wpa_ie_len,
2673 max_wpa_ie_len -
2674 wpa_ie_len);
2675 }
2676
2677 /*
2678 * Workaround: Add Extended Capabilities element only if the AP
2679 * included this element in Beacon/Probe Response frames. Some older
2680 * APs seem to have interoperability issues if this element is
2681 * included, so while the standard may require us to include the
2682 * element in all cases, it is justifiable to skip it to avoid
2683 * interoperability issues.
2684 */
2685 if (ssid->p2p_group)
2686 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2687 else
2688 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2689
2690 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2691 u8 ext_capab[18];
2692 int ext_capab_len;
2693 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2694 sizeof(ext_capab));
2695 if (ext_capab_len > 0 &&
2696 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
2697 u8 *pos = wpa_ie;
2698 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2699 pos += 2 + pos[1];
2700 os_memmove(pos + ext_capab_len, pos,
2701 wpa_ie_len - (pos - wpa_ie));
2702 wpa_ie_len += ext_capab_len;
2703 os_memcpy(pos, ext_capab, ext_capab_len);
2704 }
2705 }
2706
2707 #ifdef CONFIG_HS20
2708 if (is_hs20_network(wpa_s, ssid, bss)) {
2709 struct wpabuf *hs20;
2710
2711 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
2712 if (hs20) {
2713 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2714 size_t len;
2715
2716 wpas_hs20_add_indication(hs20, pps_mo_id,
2717 get_hs20_version(bss));
2718 wpas_hs20_add_roam_cons_sel(hs20, ssid);
2719 len = max_wpa_ie_len - wpa_ie_len;
2720 if (wpabuf_len(hs20) <= len) {
2721 os_memcpy(wpa_ie + wpa_ie_len,
2722 wpabuf_head(hs20), wpabuf_len(hs20));
2723 wpa_ie_len += wpabuf_len(hs20);
2724 }
2725 wpabuf_free(hs20);
2726
2727 hs20_configure_frame_filters(wpa_s);
2728 }
2729 }
2730 #endif /* CONFIG_HS20 */
2731
2732 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2733 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2734 size_t len;
2735
2736 len = max_wpa_ie_len - wpa_ie_len;
2737 if (wpabuf_len(buf) <= len) {
2738 os_memcpy(wpa_ie + wpa_ie_len,
2739 wpabuf_head(buf), wpabuf_len(buf));
2740 wpa_ie_len += wpabuf_len(buf);
2741 }
2742 }
2743
2744 #ifdef CONFIG_FST
2745 if (wpa_s->fst_ies) {
2746 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2747
2748 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
2749 os_memcpy(wpa_ie + wpa_ie_len,
2750 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2751 wpa_ie_len += fst_ies_len;
2752 }
2753 }
2754 #endif /* CONFIG_FST */
2755
2756 #ifdef CONFIG_MBO
2757 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2758 if (mbo_ie) {
2759 int len;
2760
2761 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2762 max_wpa_ie_len - wpa_ie_len,
2763 !!mbo_attr_from_mbo_ie(mbo_ie,
2764 OCE_ATTR_ID_CAPA_IND));
2765 if (len >= 0)
2766 wpa_ie_len += len;
2767 }
2768 #endif /* CONFIG_MBO */
2769
2770 #ifdef CONFIG_FILS
2771 if (algs == WPA_AUTH_ALG_FILS) {
2772 size_t len;
2773
2774 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2775 max_wpa_ie_len - wpa_ie_len);
2776 wpa_ie_len += len;
2777 }
2778 #endif /* CONFIG_FILS */
2779
2780 #ifdef CONFIG_OWE
2781 #ifdef CONFIG_TESTING_OPTIONS
2782 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2783 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2784 } else
2785 #endif /* CONFIG_TESTING_OPTIONS */
2786 if (algs == WPA_AUTH_ALG_OPEN &&
2787 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2788 struct wpabuf *owe_ie;
2789 u16 group;
2790
2791 if (ssid->owe_group) {
2792 group = ssid->owe_group;
2793 } else if (wpa_s->assoc_status_code ==
2794 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2795 if (wpa_s->last_owe_group == 19)
2796 group = 20;
2797 else if (wpa_s->last_owe_group == 20)
2798 group = 21;
2799 else
2800 group = OWE_DH_GROUP;
2801 } else {
2802 group = OWE_DH_GROUP;
2803 }
2804
2805 wpa_s->last_owe_group = group;
2806 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
2807 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2808 if (owe_ie &&
2809 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2810 os_memcpy(wpa_ie + wpa_ie_len,
2811 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2812 wpa_ie_len += wpabuf_len(owe_ie);
2813 wpabuf_free(owe_ie);
2814 }
2815 }
2816 #endif /* CONFIG_OWE */
2817
2818 #ifdef CONFIG_IEEE80211R
2819 /*
2820 * Add MDIE under these conditions: the network profile allows FT,
2821 * the AP supports FT, and the mobility domain ID matches.
2822 */
2823 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
2824 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2825
2826 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
2827 size_t len = 0;
2828 const u8 *md = mdie + 2;
2829 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
2830
2831 if (os_memcmp(md, wpa_md,
2832 MOBILITY_DOMAIN_ID_LEN) == 0) {
2833 /* Add mobility domain IE */
2834 len = wpa_ft_add_mdie(
2835 wpa_s->wpa, wpa_ie + wpa_ie_len,
2836 max_wpa_ie_len - wpa_ie_len, mdie);
2837 wpa_ie_len += len;
2838 }
2839 #ifdef CONFIG_SME
2840 if (len > 0 && wpa_s->sme.ft_used &&
2841 wpa_sm_has_ptk(wpa_s->wpa)) {
2842 wpa_dbg(wpa_s, MSG_DEBUG,
2843 "SME: Trying to use FT over-the-air");
2844 algs |= WPA_AUTH_ALG_FT;
2845 }
2846 #endif /* CONFIG_SME */
2847 }
2848 }
2849 #endif /* CONFIG_IEEE80211R */
2850
2851 if (ssid->multi_ap_backhaul_sta) {
2852 size_t multi_ap_ie_len;
2853
2854 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
2855 max_wpa_ie_len - wpa_ie_len,
2856 MULTI_AP_BACKHAUL_STA);
2857 if (multi_ap_ie_len == 0) {
2858 wpa_printf(MSG_ERROR,
2859 "Multi-AP: Failed to build Multi-AP IE");
2860 os_free(wpa_ie);
2861 return NULL;
2862 }
2863 wpa_ie_len += multi_ap_ie_len;
2864 }
2865
2866 params->wpa_ie = wpa_ie;
2867 params->wpa_ie_len = wpa_ie_len;
2868 params->auth_alg = algs;
2869 if (mask)
2870 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
2871
2872 return wpa_ie;
2873 }
2874
2875
2876 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2877 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
2878 {
2879 struct wpa_driver_associate_params params;
2880 enum wpa_drv_update_connect_params_mask mask = 0;
2881 u8 *wpa_ie;
2882
2883 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
2884 return; /* nothing to do */
2885
2886 os_memset(&params, 0, sizeof(params));
2887 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
2888 wpa_s->current_ssid, &params, &mask);
2889 if (!wpa_ie)
2890 return;
2891
2892 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
2893 os_free(wpa_ie);
2894 return;
2895 }
2896
2897 wpa_s->auth_alg = params.auth_alg;
2898 wpa_drv_update_connect_params(wpa_s, &params, mask);
2899 os_free(wpa_ie);
2900 }
2901 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2902
2903
2904 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2905 {
2906 struct wpa_connect_work *cwork = work->ctx;
2907 struct wpa_bss *bss = cwork->bss;
2908 struct wpa_ssid *ssid = cwork->ssid;
2909 struct wpa_supplicant *wpa_s = work->wpa_s;
2910 u8 *wpa_ie;
2911 int use_crypt, ret, i, bssid_changed;
2912 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
2913 struct wpa_driver_associate_params params;
2914 int wep_keys_set = 0;
2915 int assoc_failed = 0;
2916 struct wpa_ssid *old_ssid;
2917 u8 prev_bssid[ETH_ALEN];
2918 #ifdef CONFIG_HT_OVERRIDES
2919 struct ieee80211_ht_capabilities htcaps;
2920 struct ieee80211_ht_capabilities htcaps_mask;
2921 #endif /* CONFIG_HT_OVERRIDES */
2922 #ifdef CONFIG_VHT_OVERRIDES
2923 struct ieee80211_vht_capabilities vhtcaps;
2924 struct ieee80211_vht_capabilities vhtcaps_mask;
2925 #endif /* CONFIG_VHT_OVERRIDES */
2926
2927 if (deinit) {
2928 if (work->started) {
2929 wpa_s->connect_work = NULL;
2930
2931 /* cancel possible auth. timeout */
2932 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2933 NULL);
2934 }
2935 wpas_connect_work_free(cwork);
2936 return;
2937 }
2938
2939 wpa_s->connect_work = work;
2940
2941 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2942 wpas_network_disabled(wpa_s, ssid)) {
2943 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2944 wpas_connect_work_done(wpa_s);
2945 return;
2946 }
2947
2948 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2949 os_memset(&params, 0, sizeof(params));
2950 wpa_s->reassociate = 0;
2951 wpa_s->eap_expected_failure = 0;
2952 if (bss &&
2953 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2954 #ifdef CONFIG_IEEE80211R
2955 const u8 *ie, *md = NULL;
2956 #endif /* CONFIG_IEEE80211R */
2957 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2958 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2959 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2960 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2961 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2962 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2963 if (bssid_changed)
2964 wpas_notify_bssid_changed(wpa_s);
2965 #ifdef CONFIG_IEEE80211R
2966 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2967 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2968 md = ie + 2;
2969 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2970 if (md) {
2971 /* Prepare for the next transition */
2972 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2973 }
2974 #endif /* CONFIG_IEEE80211R */
2975 #ifdef CONFIG_WPS
2976 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2977 wpa_s->conf->ap_scan == 2 &&
2978 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2979 /* Use ap_scan==1 style network selection to find the network
2980 */
2981 wpas_connect_work_done(wpa_s);
2982 wpa_s->scan_req = MANUAL_SCAN_REQ;
2983 wpa_s->reassociate = 1;
2984 wpa_supplicant_req_scan(wpa_s, 0, 0);
2985 return;
2986 #endif /* CONFIG_WPS */
2987 } else {
2988 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2989 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2990 if (bss)
2991 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2992 else
2993 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2994 }
2995 if (!wpa_s->pno)
2996 wpa_supplicant_cancel_sched_scan(wpa_s);
2997
2998 wpa_supplicant_cancel_scan(wpa_s);
2999
3000 /* Starting new association, so clear the possibly used WPA IE from the
3001 * previous association. */
3002 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3003
3004 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
3005 if (!wpa_ie) {
3006 wpas_connect_work_done(wpa_s);
3007 return;
3008 }
3009
3010 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3011 use_crypt = 1;
3012 cipher_pairwise = wpa_s->pairwise_cipher;
3013 cipher_group = wpa_s->group_cipher;
3014 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3015 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3016 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3017 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3018 use_crypt = 0;
3019 if (wpa_set_wep_keys(wpa_s, ssid)) {
3020 use_crypt = 1;
3021 wep_keys_set = 1;
3022 }
3023 }
3024 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3025 use_crypt = 0;
3026
3027 #ifdef IEEE8021X_EAPOL
3028 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3029 if ((ssid->eapol_flags &
3030 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3031 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3032 !wep_keys_set) {
3033 use_crypt = 0;
3034 } else {
3035 /* Assume that dynamic WEP-104 keys will be used and
3036 * set cipher suites in order for drivers to expect
3037 * encryption. */
3038 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3039 }
3040 }
3041 #endif /* IEEE8021X_EAPOL */
3042
3043 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3044 /* Set the key before (and later after) association */
3045 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3046 }
3047
3048 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3049 if (bss) {
3050 params.ssid = bss->ssid;
3051 params.ssid_len = bss->ssid_len;
3052 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3053 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3054 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3055 MACSTR " freq=%u MHz based on scan results "
3056 "(bssid_set=%d wps=%d)",
3057 MAC2STR(bss->bssid), bss->freq,
3058 ssid->bssid_set,
3059 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3060 params.bssid = bss->bssid;
3061 params.freq.freq = bss->freq;
3062 }
3063 params.bssid_hint = bss->bssid;
3064 params.freq_hint = bss->freq;
3065 params.pbss = bss_is_pbss(bss);
3066 } else {
3067 if (ssid->bssid_hint_set)
3068 params.bssid_hint = ssid->bssid_hint;
3069
3070 params.ssid = ssid->ssid;
3071 params.ssid_len = ssid->ssid_len;
3072 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3073 }
3074
3075 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3076 wpa_s->conf->ap_scan == 2) {
3077 params.bssid = ssid->bssid;
3078 params.fixed_bssid = 1;
3079 }
3080
3081 /* Initial frequency for IBSS/mesh */
3082 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3083 ssid->frequency > 0 && params.freq.freq == 0)
3084 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
3085
3086 if (ssid->mode == WPAS_MODE_IBSS) {
3087 params.fixed_freq = ssid->fixed_freq;
3088 if (ssid->beacon_int)
3089 params.beacon_int = ssid->beacon_int;
3090 else
3091 params.beacon_int = wpa_s->conf->beacon_int;
3092 }
3093
3094 params.pairwise_suite = cipher_pairwise;
3095 params.group_suite = cipher_group;
3096 params.mgmt_group_suite = cipher_group_mgmt;
3097 params.key_mgmt_suite = wpa_s->key_mgmt;
3098 params.wpa_proto = wpa_s->wpa_proto;
3099 wpa_s->auth_alg = params.auth_alg;
3100 params.mode = ssid->mode;
3101 params.bg_scan_period = ssid->bg_scan_period;
3102 for (i = 0; i < NUM_WEP_KEYS; i++) {
3103 if (ssid->wep_key_len[i])
3104 params.wep_key[i] = ssid->wep_key[i];
3105 params.wep_key_len[i] = ssid->wep_key_len[i];
3106 }
3107 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3108
3109 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3110 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3111 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3112 params.passphrase = ssid->passphrase;
3113 if (ssid->psk_set)
3114 params.psk = ssid->psk;
3115 }
3116
3117 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3118 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3119 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3120 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3121 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3122 params.req_key_mgmt_offload = 1;
3123
3124 if (wpa_s->conf->key_mgmt_offload) {
3125 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3126 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3127 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3128 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3129 params.req_key_mgmt_offload =
3130 ssid->proactive_key_caching < 0 ?
3131 wpa_s->conf->okc : ssid->proactive_key_caching;
3132 else
3133 params.req_key_mgmt_offload = 1;
3134
3135 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3136 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3137 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3138 ssid->psk_set)
3139 params.psk = ssid->psk;
3140 }
3141
3142 params.drop_unencrypted = use_crypt;
3143
3144 #ifdef CONFIG_IEEE80211W
3145 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3146 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3147 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3148 struct wpa_ie_data ie;
3149 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3150 ie.capabilities &
3151 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3152 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3153 "MFP: require MFP");
3154 params.mgmt_frame_protection =
3155 MGMT_FRAME_PROTECTION_REQUIRED;
3156 #ifdef CONFIG_OWE
3157 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3158 !ssid->owe_only) {
3159 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3160 #endif /* CONFIG_OWE */
3161 }
3162 }
3163 #endif /* CONFIG_IEEE80211W */
3164
3165 params.p2p = ssid->p2p_group;
3166
3167 if (wpa_s->p2pdev->set_sta_uapsd)
3168 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3169 else
3170 params.uapsd = -1;
3171
3172 #ifdef CONFIG_HT_OVERRIDES
3173 os_memset(&htcaps, 0, sizeof(htcaps));
3174 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3175 params.htcaps = (u8 *) &htcaps;
3176 params.htcaps_mask = (u8 *) &htcaps_mask;
3177 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3178 #endif /* CONFIG_HT_OVERRIDES */
3179 #ifdef CONFIG_VHT_OVERRIDES
3180 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3181 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3182 params.vhtcaps = &vhtcaps;
3183 params.vhtcaps_mask = &vhtcaps_mask;
3184 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
3185 #endif /* CONFIG_VHT_OVERRIDES */
3186
3187 #ifdef CONFIG_P2P
3188 /*
3189 * If multi-channel concurrency is not supported, check for any
3190 * frequency conflict. In case of any frequency conflict, remove the
3191 * least prioritized connection.
3192 */
3193 if (wpa_s->num_multichan_concurrent < 2) {
3194 int freq, num;
3195 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3196 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3197 wpa_printf(MSG_DEBUG,
3198 "Assoc conflicting freq found (%d != %d)",
3199 freq, params.freq.freq);
3200 if (wpas_p2p_handle_frequency_conflicts(
3201 wpa_s, params.freq.freq, ssid) < 0) {
3202 wpas_connect_work_done(wpa_s);
3203 os_free(wpa_ie);
3204 return;
3205 }
3206 }
3207 }
3208 #endif /* CONFIG_P2P */
3209
3210 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3211 wpa_s->current_ssid)
3212 params.prev_bssid = prev_bssid;
3213
3214 ret = wpa_drv_associate(wpa_s, &params);
3215 os_free(wpa_ie);
3216 if (ret < 0) {
3217 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3218 "failed");
3219 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3220 /*
3221 * The driver is known to mean what is saying, so we
3222 * can stop right here; the association will not
3223 * succeed.
3224 */
3225 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
3226 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3227 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3228 return;
3229 }
3230 /* try to continue anyway; new association will be tried again
3231 * after timeout */
3232 assoc_failed = 1;
3233 }
3234
3235 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3236 /* Set the key after the association just in case association
3237 * cleared the previously configured key. */
3238 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3239 /* No need to timeout authentication since there is no key
3240 * management. */
3241 wpa_supplicant_cancel_auth_timeout(wpa_s);
3242 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
3243 #ifdef CONFIG_IBSS_RSN
3244 } else if (ssid->mode == WPAS_MODE_IBSS &&
3245 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3246 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3247 /*
3248 * RSN IBSS authentication is per-STA and we can disable the
3249 * per-BSSID authentication.
3250 */
3251 wpa_supplicant_cancel_auth_timeout(wpa_s);
3252 #endif /* CONFIG_IBSS_RSN */
3253 } else {
3254 /* Timeout for IEEE 802.11 authentication and association */
3255 int timeout = 60;
3256
3257 if (assoc_failed) {
3258 /* give IBSS a bit more time */
3259 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
3260 } else if (wpa_s->conf->ap_scan == 1) {
3261 /* give IBSS a bit more time */
3262 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
3263 }
3264 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3265 }
3266
3267 if (wep_keys_set &&
3268 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
3269 /* Set static WEP keys again */
3270 wpa_set_wep_keys(wpa_s, ssid);
3271 }
3272
3273 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3274 /*
3275 * Do not allow EAP session resumption between different
3276 * network configurations.
3277 */
3278 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3279 }
3280 old_ssid = wpa_s->current_ssid;
3281 wpa_s->current_ssid = ssid;
3282
3283 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
3284 wpa_s->current_bss = bss;
3285 #ifdef CONFIG_HS20
3286 hs20_configure_frame_filters(wpa_s);
3287 #endif /* CONFIG_HS20 */
3288 }
3289
3290 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3291 wpa_supplicant_initiate_eapol(wpa_s);
3292 if (old_ssid != wpa_s->current_ssid)
3293 wpas_notify_network_changed(wpa_s);
3294 }
3295
3296
3297 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3298 const u8 *addr)
3299 {
3300 struct wpa_ssid *old_ssid;
3301
3302 wpas_connect_work_done(wpa_s);
3303 wpa_clear_keys(wpa_s, addr);
3304 old_ssid = wpa_s->current_ssid;
3305 wpa_supplicant_mark_disassoc(wpa_s);
3306 wpa_sm_set_config(wpa_s->wpa, NULL);
3307 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3308 if (old_ssid != wpa_s->current_ssid)
3309 wpas_notify_network_changed(wpa_s);
3310 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3311 }
3312
3313
3314 /**
3315 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3316 * @wpa_s: Pointer to wpa_supplicant data
3317 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3318 *
3319 * This function is used to request %wpa_supplicant to deauthenticate from the
3320 * current AP.
3321 */
3322 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3323 int reason_code)
3324 {
3325 u8 *addr = NULL;
3326 union wpa_event_data event;
3327 int zero_addr = 0;
3328
3329 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3330 " pending_bssid=" MACSTR " reason=%d state=%s",
3331 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3332 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
3333
3334 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3335 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3336 wpa_s->wpa_state == WPA_ASSOCIATING))
3337 addr = wpa_s->pending_bssid;
3338 else if (!is_zero_ether_addr(wpa_s->bssid))
3339 addr = wpa_s->bssid;
3340 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3341 /*
3342 * When using driver-based BSS selection, we may not know the
3343 * BSSID with which we are currently trying to associate. We
3344 * need to notify the driver of this disconnection even in such
3345 * a case, so use the all zeros address here.
3346 */
3347 addr = wpa_s->bssid;
3348 zero_addr = 1;
3349 }
3350
3351 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3352 wpa_s->enabled_4addr_mode = 0;
3353
3354 #ifdef CONFIG_TDLS
3355 wpa_tdls_teardown_peers(wpa_s->wpa);
3356 #endif /* CONFIG_TDLS */
3357
3358 #ifdef CONFIG_MESH
3359 if (wpa_s->ifmsh) {
3360 struct mesh_conf *mconf;
3361
3362 mconf = wpa_s->ifmsh->mconf;
3363 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3364 wpa_s->ifname);
3365 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3366 mconf->meshid_len, reason_code);
3367 wpa_supplicant_leave_mesh(wpa_s);
3368 }
3369 #endif /* CONFIG_MESH */
3370
3371 if (addr) {
3372 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
3373 os_memset(&event, 0, sizeof(event));
3374 event.deauth_info.reason_code = (u16) reason_code;
3375 event.deauth_info.locally_generated = 1;
3376 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
3377 if (zero_addr)
3378 addr = NULL;
3379 }
3380
3381 wpa_supplicant_clear_connection(wpa_s, addr);
3382 }
3383
3384 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3385 struct wpa_ssid *ssid)
3386 {
3387 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3388 return;
3389
3390 ssid->disabled = 0;
3391 ssid->owe_transition_bss_select_count = 0;
3392 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3393 wpas_notify_network_enabled_changed(wpa_s, ssid);
3394
3395 /*
3396 * Try to reassociate since there is no current configuration and a new
3397 * network was made available.
3398 */
3399 if (!wpa_s->current_ssid && !wpa_s->disconnected)
3400 wpa_s->reassociate = 1;
3401 }
3402
3403
3404 /**
3405 * wpa_supplicant_add_network - Add a new network
3406 * @wpa_s: wpa_supplicant structure for a network interface
3407 * Returns: The new network configuration or %NULL if operation failed
3408 *
3409 * This function performs the following operations:
3410 * 1. Adds a new network.
3411 * 2. Send network addition notification.
3412 * 3. Marks the network disabled.
3413 * 4. Set network default parameters.
3414 */
3415 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3416 {
3417 struct wpa_ssid *ssid;
3418
3419 ssid = wpa_config_add_network(wpa_s->conf);
3420 if (!ssid)
3421 return NULL;
3422 wpas_notify_network_added(wpa_s, ssid);
3423 ssid->disabled = 1;
3424 wpa_config_set_network_defaults(ssid);
3425
3426 return ssid;
3427 }
3428
3429
3430 /**
3431 * wpa_supplicant_remove_network - Remove a configured network based on id
3432 * @wpa_s: wpa_supplicant structure for a network interface
3433 * @id: Unique network id to search for
3434 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3435 * could not be removed
3436 *
3437 * This function performs the following operations:
3438 * 1. Removes the network.
3439 * 2. Send network removal notification.
3440 * 3. Update internal state machines.
3441 * 4. Stop any running sched scans.
3442 */
3443 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3444 {
3445 struct wpa_ssid *ssid;
3446 int was_disabled;
3447
3448 ssid = wpa_config_get_network(wpa_s->conf, id);
3449 if (!ssid)
3450 return -1;
3451 wpas_notify_network_removed(wpa_s, ssid);
3452
3453 if (wpa_s->last_ssid == ssid)
3454 wpa_s->last_ssid = NULL;
3455
3456 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3457 #ifdef CONFIG_SME
3458 wpa_s->sme.prev_bssid_set = 0;
3459 #endif /* CONFIG_SME */
3460 /*
3461 * Invalidate the EAP session cache if the current or
3462 * previously used network is removed.
3463 */
3464 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3465 }
3466
3467 if (ssid == wpa_s->current_ssid) {
3468 wpa_sm_set_config(wpa_s->wpa, NULL);
3469 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3470
3471 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3472 wpa_s->own_disconnect_req = 1;
3473 wpa_supplicant_deauthenticate(wpa_s,
3474 WLAN_REASON_DEAUTH_LEAVING);
3475 }
3476
3477 was_disabled = ssid->disabled;
3478
3479 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3480 return -2;
3481
3482 if (!was_disabled && wpa_s->sched_scanning) {
3483 wpa_printf(MSG_DEBUG,
3484 "Stop ongoing sched_scan to remove network from filters");
3485 wpa_supplicant_cancel_sched_scan(wpa_s);
3486 wpa_supplicant_req_scan(wpa_s, 0, 0);
3487 }
3488
3489 return 0;
3490 }
3491
3492
3493 /**
3494 * wpa_supplicant_enable_network - Mark a configured network as enabled
3495 * @wpa_s: wpa_supplicant structure for a network interface
3496 * @ssid: wpa_ssid structure for a configured network or %NULL
3497 *
3498 * Enables the specified network or all networks if no network specified.
3499 */
3500 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3501 struct wpa_ssid *ssid)
3502 {
3503 if (ssid == NULL) {
3504 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3505 wpa_supplicant_enable_one_network(wpa_s, ssid);
3506 } else
3507 wpa_supplicant_enable_one_network(wpa_s, ssid);
3508
3509 if (wpa_s->reassociate && !wpa_s->disconnected &&
3510 (!wpa_s->current_ssid ||
3511 wpa_s->wpa_state == WPA_DISCONNECTED ||
3512 wpa_s->wpa_state == WPA_SCANNING)) {
3513 if (wpa_s->sched_scanning) {
3514 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3515 "new network to scan filters");
3516 wpa_supplicant_cancel_sched_scan(wpa_s);
3517 }
3518
3519 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3520 wpa_s->scan_req = NORMAL_SCAN_REQ;
3521 wpa_supplicant_req_scan(wpa_s, 0, 0);
3522 }
3523 }
3524 }
3525
3526
3527 /**
3528 * wpa_supplicant_disable_network - Mark a configured network as disabled
3529 * @wpa_s: wpa_supplicant structure for a network interface
3530 * @ssid: wpa_ssid structure for a configured network or %NULL
3531 *
3532 * Disables the specified network or all networks if no network specified.
3533 */
3534 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3535 struct wpa_ssid *ssid)
3536 {
3537 struct wpa_ssid *other_ssid;
3538 int was_disabled;
3539
3540 if (ssid == NULL) {
3541 if (wpa_s->sched_scanning)
3542 wpa_supplicant_cancel_sched_scan(wpa_s);
3543
3544 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3545 other_ssid = other_ssid->next) {
3546 was_disabled = other_ssid->disabled;
3547 if (was_disabled == 2)
3548 continue; /* do not change persistent P2P group
3549 * data */
3550
3551 other_ssid->disabled = 1;
3552
3553 if (was_disabled != other_ssid->disabled)
3554 wpas_notify_network_enabled_changed(
3555 wpa_s, other_ssid);
3556 }
3557 if (wpa_s->current_ssid) {
3558 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3559 wpa_s->own_disconnect_req = 1;
3560 wpa_supplicant_deauthenticate(
3561 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3562 }
3563 } else if (ssid->disabled != 2) {
3564 if (ssid == wpa_s->current_ssid) {
3565 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3566 wpa_s->own_disconnect_req = 1;
3567 wpa_supplicant_deauthenticate(
3568 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3569 }
3570
3571 was_disabled = ssid->disabled;
3572
3573 ssid->disabled = 1;
3574
3575 if (was_disabled != ssid->disabled) {
3576 wpas_notify_network_enabled_changed(wpa_s, ssid);
3577 if (wpa_s->sched_scanning) {
3578 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3579 "to remove network from filters");
3580 wpa_supplicant_cancel_sched_scan(wpa_s);
3581 wpa_supplicant_req_scan(wpa_s, 0, 0);
3582 }
3583 }
3584 }
3585 }
3586
3587
3588 /**
3589 * wpa_supplicant_select_network - Attempt association with a network
3590 * @wpa_s: wpa_supplicant structure for a network interface
3591 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3592 */
3593 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3594 struct wpa_ssid *ssid)
3595 {
3596
3597 struct wpa_ssid *other_ssid;
3598 int disconnected = 0;
3599
3600 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
3601 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3602 wpa_s->own_disconnect_req = 1;
3603 wpa_supplicant_deauthenticate(
3604 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3605 disconnected = 1;
3606 }
3607
3608 if (ssid)
3609 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3610
3611 /*
3612 * Mark all other networks disabled or mark all networks enabled if no
3613 * network specified.
3614 */
3615 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3616 other_ssid = other_ssid->next) {
3617 int was_disabled = other_ssid->disabled;
3618 if (was_disabled == 2)
3619 continue; /* do not change persistent P2P group data */
3620
3621 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
3622 if (was_disabled && !other_ssid->disabled)
3623 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
3624
3625 if (was_disabled != other_ssid->disabled)
3626 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
3627 }
3628
3629 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3630 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
3631 /* We are already associated with the selected network */
3632 wpa_printf(MSG_DEBUG, "Already associated with the "
3633 "selected network - do nothing");
3634 return;
3635 }
3636
3637 if (ssid) {
3638 wpa_s->current_ssid = ssid;
3639 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3640 wpa_s->connect_without_scan =
3641 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
3642
3643 /*
3644 * Don't optimize next scan freqs since a new ESS has been
3645 * selected.
3646 */
3647 os_free(wpa_s->next_scan_freqs);
3648 wpa_s->next_scan_freqs = NULL;
3649 } else {
3650 wpa_s->connect_without_scan = NULL;
3651 }
3652
3653 wpa_s->disconnected = 0;
3654 wpa_s->reassociate = 1;
3655 wpa_s->last_owe_group = 0;
3656 if (ssid)
3657 ssid->owe_transition_bss_select_count = 0;
3658
3659 if (wpa_s->connect_without_scan ||
3660 wpa_supplicant_fast_associate(wpa_s) != 1) {
3661 wpa_s->scan_req = NORMAL_SCAN_REQ;
3662 wpas_scan_reset_sched_scan(wpa_s);
3663 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
3664 }
3665
3666 if (ssid)
3667 wpas_notify_network_selected(wpa_s, ssid);
3668 }
3669
3670
3671 /**
3672 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3673 * @wpa_s: wpa_supplicant structure for a network interface
3674 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3675 * @pkcs11_module_path: PKCS #11 module path or NULL
3676 * Returns: 0 on success; -1 on failure
3677 *
3678 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3679 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3680 * module path fails the paths will be reset to the default value (NULL).
3681 */
3682 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3683 const char *pkcs11_engine_path,
3684 const char *pkcs11_module_path)
3685 {
3686 char *pkcs11_engine_path_copy = NULL;
3687 char *pkcs11_module_path_copy = NULL;
3688
3689 if (pkcs11_engine_path != NULL) {
3690 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3691 if (pkcs11_engine_path_copy == NULL)
3692 return -1;
3693 }
3694 if (pkcs11_module_path != NULL) {
3695 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
3696 if (pkcs11_module_path_copy == NULL) {
3697 os_free(pkcs11_engine_path_copy);
3698 return -1;
3699 }
3700 }
3701
3702 os_free(wpa_s->conf->pkcs11_engine_path);
3703 os_free(wpa_s->conf->pkcs11_module_path);
3704 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3705 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3706
3707 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3708 eapol_sm_deinit(wpa_s->eapol);
3709 wpa_s->eapol = NULL;
3710 if (wpa_supplicant_init_eapol(wpa_s)) {
3711 /* Error -> Reset paths to the default value (NULL) once. */
3712 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3713 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3714 NULL);
3715
3716 return -1;
3717 }
3718 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3719
3720 return 0;
3721 }
3722
3723
3724 /**
3725 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3726 * @wpa_s: wpa_supplicant structure for a network interface
3727 * @ap_scan: AP scan mode
3728 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3729 *
3730 */
3731 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3732 {
3733
3734 int old_ap_scan;
3735
3736 if (ap_scan < 0 || ap_scan > 2)
3737 return -1;
3738
3739 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3740 wpa_printf(MSG_INFO,
3741 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3742 }
3743
3744 #ifdef ANDROID
3745 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3746 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3747 wpa_s->wpa_state < WPA_COMPLETED) {
3748 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3749 "associating", wpa_s->conf->ap_scan, ap_scan);
3750 return 0;
3751 }
3752 #endif /* ANDROID */
3753
3754 old_ap_scan = wpa_s->conf->ap_scan;
3755 wpa_s->conf->ap_scan = ap_scan;
3756
3757 if (old_ap_scan != wpa_s->conf->ap_scan)
3758 wpas_notify_ap_scan_changed(wpa_s);
3759
3760 return 0;
3761 }
3762
3763
3764 /**
3765 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3766 * @wpa_s: wpa_supplicant structure for a network interface
3767 * @expire_age: Expiration age in seconds
3768 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3769 *
3770 */
3771 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3772 unsigned int bss_expire_age)
3773 {
3774 if (bss_expire_age < 10) {
3775 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3776 bss_expire_age);
3777 return -1;
3778 }
3779 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3780 bss_expire_age);
3781 wpa_s->conf->bss_expiration_age = bss_expire_age;
3782
3783 return 0;
3784 }
3785
3786
3787 /**
3788 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3789 * @wpa_s: wpa_supplicant structure for a network interface
3790 * @expire_count: number of scans after which an unseen BSS is reclaimed
3791 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3792 *
3793 */
3794 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3795 unsigned int bss_expire_count)
3796 {
3797 if (bss_expire_count < 1) {
3798 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3799 bss_expire_count);
3800 return -1;
3801 }
3802 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3803 bss_expire_count);
3804 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3805
3806 return 0;
3807 }
3808
3809
3810 /**
3811 * wpa_supplicant_set_scan_interval - Set scan interval
3812 * @wpa_s: wpa_supplicant structure for a network interface
3813 * @scan_interval: scan interval in seconds
3814 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3815 *
3816 */
3817 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3818 int scan_interval)
3819 {
3820 if (scan_interval < 0) {
3821 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3822 scan_interval);
3823 return -1;
3824 }
3825 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3826 scan_interval);
3827 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3828
3829 return 0;
3830 }
3831
3832
3833 /**
3834 * wpa_supplicant_set_debug_params - Set global debug params
3835 * @global: wpa_global structure
3836 * @debug_level: debug level
3837 * @debug_timestamp: determines if show timestamp in debug data
3838 * @debug_show_keys: determines if show keys in debug data
3839 * Returns: 0 if succeed or -1 if debug_level has wrong value
3840 */
3841 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3842 int debug_timestamp, int debug_show_keys)
3843 {
3844
3845 int old_level, old_timestamp, old_show_keys;
3846
3847 /* check for allowed debuglevels */
3848 if (debug_level != MSG_EXCESSIVE &&
3849 debug_level != MSG_MSGDUMP &&
3850 debug_level != MSG_DEBUG &&
3851 debug_level != MSG_INFO &&
3852 debug_level != MSG_WARNING &&
3853 debug_level != MSG_ERROR)
3854 return -1;
3855
3856 old_level = wpa_debug_level;
3857 old_timestamp = wpa_debug_timestamp;
3858 old_show_keys = wpa_debug_show_keys;
3859
3860 wpa_debug_level = debug_level;
3861 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3862 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3863
3864 if (wpa_debug_level != old_level)
3865 wpas_notify_debug_level_changed(global);
3866 if (wpa_debug_timestamp != old_timestamp)
3867 wpas_notify_debug_timestamp_changed(global);
3868 if (wpa_debug_show_keys != old_show_keys)
3869 wpas_notify_debug_show_keys_changed(global);
3870
3871 return 0;
3872 }
3873
3874
3875 #ifdef CONFIG_OWE
3876 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
3877 const u8 *entry_ssid, size_t entry_ssid_len)
3878 {
3879 const u8 *owe, *pos, *end;
3880 u8 ssid_len;
3881 struct wpa_bss *bss;
3882
3883 /* Check network profile SSID aganst the SSID in the
3884 * OWE Transition Mode element. */
3885
3886 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
3887 if (!bss)
3888 return 0;
3889
3890 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
3891 if (!owe)
3892 return 0;
3893
3894 pos = owe + 6;
3895 end = owe + 2 + owe[1];
3896
3897 if (end - pos < ETH_ALEN + 1)
3898 return 0;
3899 pos += ETH_ALEN;
3900 ssid_len = *pos++;
3901 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
3902 return 0;
3903
3904 return entry_ssid_len == ssid_len &&
3905 os_memcmp(pos, entry_ssid, ssid_len) == 0;
3906 }
3907 #endif /* CONFIG_OWE */
3908
3909
3910 /**
3911 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3912 * @wpa_s: Pointer to wpa_supplicant data
3913 * Returns: A pointer to the current network structure or %NULL on failure
3914 */
3915 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3916 {
3917 struct wpa_ssid *entry;
3918 u8 ssid[SSID_MAX_LEN];
3919 int res;
3920 size_t ssid_len;
3921 u8 bssid[ETH_ALEN];
3922 int wired;
3923
3924 res = wpa_drv_get_ssid(wpa_s, ssid);
3925 if (res < 0) {
3926 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3927 "driver");
3928 return NULL;
3929 }
3930 ssid_len = res;
3931
3932 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3933 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3934 "driver");
3935 return NULL;
3936 }
3937
3938 wired = wpa_s->conf->ap_scan == 0 &&
3939 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3940
3941 entry = wpa_s->conf->ssid;
3942 while (entry) {
3943 if (!wpas_network_disabled(wpa_s, entry) &&
3944 ((ssid_len == entry->ssid_len &&
3945 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3946 (!entry->bssid_set ||
3947 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3948 return entry;
3949 #ifdef CONFIG_WPS
3950 if (!wpas_network_disabled(wpa_s, entry) &&
3951 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3952 (entry->ssid == NULL || entry->ssid_len == 0) &&
3953 (!entry->bssid_set ||
3954 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3955 return entry;
3956 #endif /* CONFIG_WPS */
3957
3958 #ifdef CONFIG_OWE
3959 if (!wpas_network_disabled(wpa_s, entry) &&
3960 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
3961 entry->ssid_len) &&
3962 (!entry->bssid_set ||
3963 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3964 return entry;
3965 #endif /* CONFIG_OWE */
3966
3967 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3968 entry->ssid_len == 0 &&
3969 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3970 return entry;
3971
3972 entry = entry->next;
3973 }
3974
3975 return NULL;
3976 }
3977
3978
3979 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3980 {
3981 struct wpa_global *global = wpa_s->global;
3982
3983 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3984 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3985 if (global->drv_priv[i] == NULL) {
3986 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3987 "'%s'", wpa_drivers[i]->name);
3988 return -1;
3989 }
3990 }
3991
3992 wpa_s->driver = wpa_drivers[i];
3993 wpa_s->global_drv_priv = global->drv_priv[i];
3994
3995 return 0;
3996 }
3997
3998
3999 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4000 const char *name)
4001 {
4002 int i;
4003 size_t len;
4004 const char *pos, *driver = name;
4005
4006 if (wpa_s == NULL)
4007 return -1;
4008
4009 if (wpa_drivers[0] == NULL) {
4010 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4011 "wpa_supplicant");
4012 return -1;
4013 }
4014
4015 if (name == NULL) {
4016 /* default to first driver in the list */
4017 return select_driver(wpa_s, 0);
4018 }
4019
4020 do {
4021 pos = os_strchr(driver, ',');
4022 if (pos)
4023 len = pos - driver;
4024 else
4025 len = os_strlen(driver);
4026
4027 for (i = 0; wpa_drivers[i]; i++) {
4028 if (os_strlen(wpa_drivers[i]->name) == len &&
4029 os_strncmp(driver, wpa_drivers[i]->name, len) ==
4030 0) {
4031 /* First driver that succeeds wins */
4032 if (select_driver(wpa_s, i) == 0)
4033 return 0;
4034 }
4035 }
4036
4037 driver = pos + 1;
4038 } while (pos);
4039
4040 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
4041 return -1;
4042 }
4043
4044
4045 /**
4046 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4047 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4048 * with struct wpa_driver_ops::init()
4049 * @src_addr: Source address of the EAPOL frame
4050 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4051 * @len: Length of the EAPOL data
4052 *
4053 * This function is called for each received EAPOL frame. Most driver
4054 * interfaces rely on more generic OS mechanism for receiving frames through
4055 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4056 * take care of received EAPOL frames and deliver them to the core supplicant
4057 * code by calling this function.
4058 */
4059 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4060 const u8 *buf, size_t len)
4061 {
4062 struct wpa_supplicant *wpa_s = ctx;
4063
4064 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
4065 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4066
4067 #ifdef CONFIG_TESTING_OPTIONS
4068 if (wpa_s->ignore_auth_resp) {
4069 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4070 return;
4071 }
4072 #endif /* CONFIG_TESTING_OPTIONS */
4073
4074 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4075 (wpa_s->last_eapol_matches_bssid &&
4076 #ifdef CONFIG_AP
4077 !wpa_s->ap_iface &&
4078 #endif /* CONFIG_AP */
4079 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
4080 /*
4081 * There is possible race condition between receiving the
4082 * association event and the EAPOL frame since they are coming
4083 * through different paths from the driver. In order to avoid
4084 * issues in trying to process the EAPOL frame before receiving
4085 * association information, lets queue it for processing until
4086 * the association event is received. This may also be needed in
4087 * driver-based roaming case, so also use src_addr != BSSID as a
4088 * trigger if we have previously confirmed that the
4089 * Authenticator uses BSSID as the src_addr (which is not the
4090 * case with wired IEEE 802.1X).
4091 */
4092 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
4093 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4094 wpa_supplicant_state_txt(wpa_s->wpa_state),
4095 MAC2STR(wpa_s->bssid));
4096 wpabuf_free(wpa_s->pending_eapol_rx);
4097 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4098 if (wpa_s->pending_eapol_rx) {
4099 os_get_reltime(&wpa_s->pending_eapol_rx_time);
4100 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4101 ETH_ALEN);
4102 }
4103 return;
4104 }
4105
4106 wpa_s->last_eapol_matches_bssid =
4107 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4108
4109 #ifdef CONFIG_AP
4110 if (wpa_s->ap_iface) {
4111 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4112 return;
4113 }
4114 #endif /* CONFIG_AP */
4115
4116 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
4117 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4118 "no key management is configured");
4119 return;
4120 }
4121
4122 if (wpa_s->eapol_received == 0 &&
4123 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
4124 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
4125 wpa_s->wpa_state != WPA_COMPLETED) &&
4126 (wpa_s->current_ssid == NULL ||
4127 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
4128 /* Timeout for completing IEEE 802.1X and WPA authentication */
4129 int timeout = 10;
4130
4131 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4132 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4133 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4134 /* Use longer timeout for IEEE 802.1X/EAP */
4135 timeout = 70;
4136 }
4137
4138 #ifdef CONFIG_WPS
4139 if (wpa_s->current_ssid && wpa_s->current_bss &&
4140 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4141 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4142 /*
4143 * Use shorter timeout if going through WPS AP iteration
4144 * for PIN config method with an AP that does not
4145 * advertise Selected Registrar.
4146 */
4147 struct wpabuf *wps_ie;
4148
4149 wps_ie = wpa_bss_get_vendor_ie_multi(
4150 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
4151 if (wps_ie &&
4152 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
4153 timeout = 10;
4154 wpabuf_free(wps_ie);
4155 }
4156 #endif /* CONFIG_WPS */
4157
4158 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4159 }
4160 wpa_s->eapol_received++;
4161
4162 if (wpa_s->countermeasures) {
4163 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4164 "EAPOL packet");
4165 return;
4166 }
4167
4168 #ifdef CONFIG_IBSS_RSN
4169 if (wpa_s->current_ssid &&
4170 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
4171 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4172 return;
4173 }
4174 #endif /* CONFIG_IBSS_RSN */
4175
4176 /* Source address of the incoming EAPOL frame could be compared to the
4177 * current BSSID. However, it is possible that a centralized
4178 * Authenticator could be using another MAC address than the BSSID of
4179 * an AP, so just allow any address to be used for now. The replies are
4180 * still sent to the current BSSID (if available), though. */
4181
4182 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
4183 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
4184 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
4185 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
4186 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4187 return;
4188 wpa_drv_poll(wpa_s);
4189 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
4190 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
4191 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
4192 /*
4193 * Set portValid = TRUE here since we are going to skip 4-way
4194 * handshake processing which would normally set portValid. We
4195 * need this to allow the EAPOL state machines to be completed
4196 * without going through EAPOL-Key handshake.
4197 */
4198 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4199 }
4200 }
4201
4202
4203 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
4204 {
4205 if ((!wpa_s->p2p_mgmt ||
4206 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4207 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
4208 l2_packet_deinit(wpa_s->l2);
4209 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4210 wpa_drv_get_mac_addr(wpa_s),
4211 ETH_P_EAPOL,
4212 wpa_supplicant_rx_eapol, wpa_s, 0);
4213 if (wpa_s->l2 == NULL)
4214 return -1;
4215
4216 if (l2_packet_set_packet_filter(wpa_s->l2,
4217 L2_PACKET_FILTER_PKTTYPE))
4218 wpa_dbg(wpa_s, MSG_DEBUG,
4219 "Failed to attach pkt_type filter");
4220 } else {
4221 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4222 if (addr)
4223 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
4224 }
4225
4226 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
4227 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
4228 return -1;
4229 }
4230
4231 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4232
4233 return 0;
4234 }
4235
4236
4237 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4238 const u8 *buf, size_t len)
4239 {
4240 struct wpa_supplicant *wpa_s = ctx;
4241 const struct l2_ethhdr *eth;
4242
4243 if (len < sizeof(*eth))
4244 return;
4245 eth = (const struct l2_ethhdr *) buf;
4246
4247 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4248 !(eth->h_dest[0] & 0x01)) {
4249 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4250 " (bridge - not for this interface - ignore)",
4251 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4252 return;
4253 }
4254
4255 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4256 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4257 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4258 len - sizeof(*eth));
4259 }
4260
4261
4262 /**
4263 * wpa_supplicant_driver_init - Initialize driver interface parameters
4264 * @wpa_s: Pointer to wpa_supplicant data
4265 * Returns: 0 on success, -1 on failure
4266 *
4267 * This function is called to initialize driver interface parameters.
4268 * wpa_drv_init() must have been called before this function to initialize the
4269 * driver interface.
4270 */
4271 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4272 {
4273 static int interface_count = 0;
4274
4275 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4276 return -1;
4277
4278 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4279 MAC2STR(wpa_s->own_addr));
4280 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
4281 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4282
4283 if (wpa_s->bridge_ifname[0]) {
4284 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4285 "interface '%s'", wpa_s->bridge_ifname);
4286 wpa_s->l2_br = l2_packet_init_bridge(
4287 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4288 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
4289 if (wpa_s->l2_br == NULL) {
4290 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4291 "connection for the bridge interface '%s'",
4292 wpa_s->bridge_ifname);
4293 return -1;
4294 }
4295 }
4296
4297 if (wpa_s->conf->ap_scan == 2 &&
4298 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4299 wpa_printf(MSG_INFO,
4300 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4301 }
4302
4303 wpa_clear_keys(wpa_s, NULL);
4304
4305 /* Make sure that TKIP countermeasures are not left enabled (could
4306 * happen if wpa_supplicant is killed during countermeasures. */
4307 wpa_drv_set_countermeasures(wpa_s, 0);
4308
4309 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
4310 wpa_drv_flush_pmkid(wpa_s);
4311
4312 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
4313 wpa_s->prev_scan_wildcard = 0;
4314
4315 if (wpa_supplicant_enabled_networks(wpa_s)) {
4316 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4317 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4318 interface_count = 0;
4319 }
4320 #ifndef ANDROID
4321 if (!wpa_s->p2p_mgmt &&
4322 wpa_supplicant_delayed_sched_scan(wpa_s,
4323 interface_count % 3,
4324 100000))
4325 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
4326 100000);
4327 #endif /* ANDROID */
4328 interface_count++;
4329 } else
4330 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
4331
4332 return 0;
4333 }
4334
4335
4336 static int wpa_supplicant_daemon(const char *pid_file)
4337 {
4338 wpa_printf(MSG_DEBUG, "Daemonize..");
4339 return os_daemonize(pid_file);
4340 }
4341
4342
4343 static struct wpa_supplicant *
4344 wpa_supplicant_alloc(struct wpa_supplicant *parent)
4345 {
4346 struct wpa_supplicant *wpa_s;
4347
4348 wpa_s = os_zalloc(sizeof(*wpa_s));
4349 if (wpa_s == NULL)
4350 return NULL;
4351 wpa_s->scan_req = INITIAL_SCAN_REQ;
4352 wpa_s->scan_interval = 5;
4353 wpa_s->new_connection = 1;
4354 wpa_s->parent = parent ? parent : wpa_s;
4355 wpa_s->p2pdev = wpa_s->parent;
4356 wpa_s->sched_scanning = 0;
4357
4358 dl_list_init(&wpa_s->bss_tmp_disallowed);
4359 dl_list_init(&wpa_s->fils_hlp_req);
4360
4361 return wpa_s;
4362 }
4363
4364
4365 #ifdef CONFIG_HT_OVERRIDES
4366
4367 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4368 struct ieee80211_ht_capabilities *htcaps,
4369 struct ieee80211_ht_capabilities *htcaps_mask,
4370 const char *ht_mcs)
4371 {
4372 /* parse ht_mcs into hex array */
4373 int i;
4374 const char *tmp = ht_mcs;
4375 char *end = NULL;
4376
4377 /* If ht_mcs is null, do not set anything */
4378 if (!ht_mcs)
4379 return 0;
4380
4381 /* This is what we are setting in the kernel */
4382 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4383
4384 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4385
4386 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4387 long v;
4388
4389 errno = 0;
4390 v = strtol(tmp, &end, 16);
4391
4392 if (errno == 0) {
4393 wpa_msg(wpa_s, MSG_DEBUG,
4394 "htcap value[%i]: %ld end: %p tmp: %p",
4395 i, v, end, tmp);
4396 if (end == tmp)
4397 break;
4398
4399 htcaps->supported_mcs_set[i] = v;
4400 tmp = end;
4401 } else {
4402 wpa_msg(wpa_s, MSG_ERROR,
4403 "Failed to parse ht-mcs: %s, error: %s\n",
4404 ht_mcs, strerror(errno));
4405 return -1;
4406 }
4407 }
4408
4409 /*
4410 * If we were able to parse any values, then set mask for the MCS set.
4411 */
4412 if (i) {
4413 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4414 IEEE80211_HT_MCS_MASK_LEN - 1);
4415 /* skip the 3 reserved bits */
4416 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4417 0x1f;
4418 }
4419
4420 return 0;
4421 }
4422
4423
4424 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4425 struct ieee80211_ht_capabilities *htcaps,
4426 struct ieee80211_ht_capabilities *htcaps_mask,
4427 int disabled)
4428 {
4429 le16 msk;
4430
4431 if (disabled == -1)
4432 return 0;
4433
4434 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4435
4436 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4437 htcaps_mask->ht_capabilities_info |= msk;
4438 if (disabled)
4439 htcaps->ht_capabilities_info &= msk;
4440 else
4441 htcaps->ht_capabilities_info |= msk;
4442
4443 return 0;
4444 }
4445
4446
4447 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4448 struct ieee80211_ht_capabilities *htcaps,
4449 struct ieee80211_ht_capabilities *htcaps_mask,
4450 int factor)
4451 {
4452 if (factor == -1)
4453 return 0;
4454
4455 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4456
4457 if (factor < 0 || factor > 3) {
4458 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4459 "Must be 0-3 or -1", factor);
4460 return -EINVAL;
4461 }
4462
4463 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4464 htcaps->a_mpdu_params &= ~0x3;
4465 htcaps->a_mpdu_params |= factor & 0x3;
4466
4467 return 0;
4468 }
4469
4470
4471 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4472 struct ieee80211_ht_capabilities *htcaps,
4473 struct ieee80211_ht_capabilities *htcaps_mask,
4474 int density)
4475 {
4476 if (density == -1)
4477 return 0;
4478
4479 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4480
4481 if (density < 0 || density > 7) {
4482 wpa_msg(wpa_s, MSG_ERROR,
4483 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4484 density);
4485 return -EINVAL;
4486 }
4487
4488 htcaps_mask->a_mpdu_params |= 0x1C;
4489 htcaps->a_mpdu_params &= ~(0x1C);
4490 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4491
4492 return 0;
4493 }
4494
4495
4496 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4497 struct ieee80211_ht_capabilities *htcaps,
4498 struct ieee80211_ht_capabilities *htcaps_mask,
4499 int disabled)
4500 {
4501 if (disabled)
4502 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4503
4504 set_disable_ht40(htcaps, disabled);
4505 set_disable_ht40(htcaps_mask, 0);
4506
4507 return 0;
4508 }
4509
4510
4511 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4512 struct ieee80211_ht_capabilities *htcaps,
4513 struct ieee80211_ht_capabilities *htcaps_mask,
4514 int disabled)
4515 {
4516 /* Masking these out disables SGI */
4517 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4518 HT_CAP_INFO_SHORT_GI40MHZ);
4519
4520 if (disabled)
4521 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4522
4523 if (disabled)
4524 htcaps->ht_capabilities_info &= ~msk;
4525 else
4526 htcaps->ht_capabilities_info |= msk;
4527
4528 htcaps_mask->ht_capabilities_info |= msk;
4529
4530 return 0;
4531 }
4532
4533
4534 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4535 struct ieee80211_ht_capabilities *htcaps,
4536 struct ieee80211_ht_capabilities *htcaps_mask,
4537 int disabled)
4538 {
4539 /* Masking these out disables LDPC */
4540 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
4541
4542 if (disabled)
4543 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
4544
4545 if (disabled)
4546 htcaps->ht_capabilities_info &= ~msk;
4547 else
4548 htcaps->ht_capabilities_info |= msk;
4549
4550 htcaps_mask->ht_capabilities_info |= msk;
4551
4552 return 0;
4553 }
4554
4555
4556 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
4557 struct ieee80211_ht_capabilities *htcaps,
4558 struct ieee80211_ht_capabilities *htcaps_mask,
4559 int tx_stbc)
4560 {
4561 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
4562
4563 if (tx_stbc == -1)
4564 return 0;
4565
4566 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
4567
4568 if (tx_stbc < 0 || tx_stbc > 1) {
4569 wpa_msg(wpa_s, MSG_ERROR,
4570 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
4571 return -EINVAL;
4572 }
4573
4574 htcaps_mask->ht_capabilities_info |= msk;
4575 htcaps->ht_capabilities_info &= ~msk;
4576 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
4577
4578 return 0;
4579 }
4580
4581
4582 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
4583 struct ieee80211_ht_capabilities *htcaps,
4584 struct ieee80211_ht_capabilities *htcaps_mask,
4585 int rx_stbc)
4586 {
4587 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
4588
4589 if (rx_stbc == -1)
4590 return 0;
4591
4592 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
4593
4594 if (rx_stbc < 0 || rx_stbc > 3) {
4595 wpa_msg(wpa_s, MSG_ERROR,
4596 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
4597 return -EINVAL;
4598 }
4599
4600 htcaps_mask->ht_capabilities_info |= msk;
4601 htcaps->ht_capabilities_info &= ~msk;
4602 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
4603
4604 return 0;
4605 }
4606
4607
4608 void wpa_supplicant_apply_ht_overrides(
4609 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4610 struct wpa_driver_associate_params *params)
4611 {
4612 struct ieee80211_ht_capabilities *htcaps;
4613 struct ieee80211_ht_capabilities *htcaps_mask;
4614
4615 if (!ssid)
4616 return;
4617
4618 params->disable_ht = ssid->disable_ht;
4619 if (!params->htcaps || !params->htcaps_mask)
4620 return;
4621
4622 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4623 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4624 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4625 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4626 ssid->disable_max_amsdu);
4627 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4628 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4629 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
4630 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
4631 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
4632 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
4633 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
4634
4635 if (ssid->ht40_intolerant) {
4636 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
4637 htcaps->ht_capabilities_info |= bit;
4638 htcaps_mask->ht_capabilities_info |= bit;
4639 }
4640 }
4641
4642 #endif /* CONFIG_HT_OVERRIDES */
4643
4644
4645 #ifdef CONFIG_VHT_OVERRIDES
4646 void wpa_supplicant_apply_vht_overrides(
4647 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4648 struct wpa_driver_associate_params *params)
4649 {
4650 struct ieee80211_vht_capabilities *vhtcaps;
4651 struct ieee80211_vht_capabilities *vhtcaps_mask;
4652
4653 if (!ssid)
4654 return;
4655
4656 params->disable_vht = ssid->disable_vht;
4657
4658 vhtcaps = (void *) params->vhtcaps;
4659 vhtcaps_mask = (void *) params->vhtcaps_mask;
4660
4661 if (!vhtcaps || !vhtcaps_mask)
4662 return;
4663
4664 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4665 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
4666
4667 #ifdef CONFIG_HT_OVERRIDES
4668 if (ssid->disable_sgi) {
4669 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
4670 VHT_CAP_SHORT_GI_160);
4671 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
4672 VHT_CAP_SHORT_GI_160);
4673 wpa_msg(wpa_s, MSG_DEBUG,
4674 "disable-sgi override specified, vht-caps: 0x%x",
4675 vhtcaps->vht_capabilities_info);
4676 }
4677
4678 /* if max ampdu is <= 3, we have to make the HT cap the same */
4679 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4680 int max_ampdu;
4681
4682 max_ampdu = (ssid->vht_capa &
4683 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4684 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4685
4686 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4687 wpa_set_ampdu_factor(wpa_s,
4688 (void *) params->htcaps,
4689 (void *) params->htcaps_mask,
4690 max_ampdu);
4691 }
4692 #endif /* CONFIG_HT_OVERRIDES */
4693
4694 #define OVERRIDE_MCS(i) \
4695 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4696 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4697 host_to_le16(3 << 2 * (i - 1)); \
4698 vhtcaps->vht_supported_mcs_set.tx_map |= \
4699 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4700 2 * (i - 1)); \
4701 } \
4702 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4703 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4704 host_to_le16(3 << 2 * (i - 1)); \
4705 vhtcaps->vht_supported_mcs_set.rx_map |= \
4706 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4707 2 * (i - 1)); \
4708 }
4709
4710 OVERRIDE_MCS(1);
4711 OVERRIDE_MCS(2);
4712 OVERRIDE_MCS(3);
4713 OVERRIDE_MCS(4);
4714 OVERRIDE_MCS(5);
4715 OVERRIDE_MCS(6);
4716 OVERRIDE_MCS(7);
4717 OVERRIDE_MCS(8);
4718 }
4719 #endif /* CONFIG_VHT_OVERRIDES */
4720
4721
4722 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4723 {
4724 #ifdef PCSC_FUNCS
4725 size_t len;
4726
4727 if (!wpa_s->conf->pcsc_reader)
4728 return 0;
4729
4730 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
4731 if (!wpa_s->scard)
4732 return 1;
4733
4734 if (wpa_s->conf->pcsc_pin &&
4735 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4736 scard_deinit(wpa_s->scard);
4737 wpa_s->scard = NULL;
4738 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4739 return -1;
4740 }
4741
4742 len = sizeof(wpa_s->imsi) - 1;
4743 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4744 scard_deinit(wpa_s->scard);
4745 wpa_s->scard = NULL;
4746 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4747 return -1;
4748 }
4749 wpa_s->imsi[len] = '\0';
4750
4751 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4752
4753 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4754 wpa_s->imsi, wpa_s->mnc_len);
4755
4756 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4757 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4758 #endif /* PCSC_FUNCS */
4759
4760 return 0;
4761 }
4762
4763
4764 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4765 {
4766 char *val, *pos;
4767
4768 ext_password_deinit(wpa_s->ext_pw);
4769 wpa_s->ext_pw = NULL;
4770 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4771
4772 if (!wpa_s->conf->ext_password_backend)
4773 return 0;
4774
4775 val = os_strdup(wpa_s->conf->ext_password_backend);
4776 if (val == NULL)
4777 return -1;
4778 pos = os_strchr(val, ':');
4779 if (pos)
4780 *pos++ = '\0';
4781
4782 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4783
4784 wpa_s->ext_pw = ext_password_init(val, pos);
4785 os_free(val);
4786 if (wpa_s->ext_pw == NULL) {
4787 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4788 return -1;
4789 }
4790 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4791
4792 return 0;
4793 }
4794
4795
4796 #ifdef CONFIG_FST
4797
4798 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4799 {
4800 struct wpa_supplicant *wpa_s = ctx;
4801
4802 return (is_zero_ether_addr(wpa_s->bssid) ||
4803 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4804 }
4805
4806
4807 static void wpas_fst_get_channel_info_cb(void *ctx,
4808 enum hostapd_hw_mode *hw_mode,
4809 u8 *channel)
4810 {
4811 struct wpa_supplicant *wpa_s = ctx;
4812
4813 if (wpa_s->current_bss) {
4814 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4815 channel);
4816 } else if (wpa_s->hw.num_modes) {
4817 *hw_mode = wpa_s->hw.modes[0].mode;
4818 } else {
4819 WPA_ASSERT(0);
4820 *hw_mode = 0;
4821 }
4822 }
4823
4824
4825 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4826 {
4827 struct wpa_supplicant *wpa_s = ctx;
4828
4829 *modes = wpa_s->hw.modes;
4830 return wpa_s->hw.num_modes;
4831 }
4832
4833
4834 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
4835 {
4836 struct wpa_supplicant *wpa_s = ctx;
4837
4838 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
4839 wpa_s->fst_ies = fst_ies;
4840 }
4841
4842
4843 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4844 {
4845 struct wpa_supplicant *wpa_s = ctx;
4846
4847 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4848 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4849 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4850 return -1;
4851 }
4852 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
4853 wpa_s->own_addr, wpa_s->bssid,
4854 wpabuf_head(data), wpabuf_len(data),
4855 0);
4856 }
4857
4858
4859 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4860 {
4861 struct wpa_supplicant *wpa_s = ctx;
4862
4863 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4864 return wpa_s->received_mb_ies;
4865 }
4866
4867
4868 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4869 const u8 *buf, size_t size)
4870 {
4871 struct wpa_supplicant *wpa_s = ctx;
4872 struct mb_ies_info info;
4873
4874 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4875
4876 if (!mb_ies_info_by_ies(&info, buf, size)) {
4877 wpabuf_free(wpa_s->received_mb_ies);
4878 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4879 }
4880 }
4881
4882
4883 static const u8 * wpas_fst_get_peer_first(void *ctx,
4884 struct fst_get_peer_ctx **get_ctx,
4885 Boolean mb_only)
4886 {
4887 struct wpa_supplicant *wpa_s = ctx;
4888
4889 *get_ctx = NULL;
4890 if (!is_zero_ether_addr(wpa_s->bssid))
4891 return (wpa_s->received_mb_ies || !mb_only) ?
4892 wpa_s->bssid : NULL;
4893 return NULL;
4894 }
4895
4896
4897 static const u8 * wpas_fst_get_peer_next(void *ctx,
4898 struct fst_get_peer_ctx **get_ctx,
4899 Boolean mb_only)
4900 {
4901 return NULL;
4902 }
4903
4904 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4905 struct fst_wpa_obj *iface_obj)
4906 {
4907 iface_obj->ctx = wpa_s;
4908 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4909 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4910 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4911 iface_obj->set_ies = wpas_fst_set_ies_cb;
4912 iface_obj->send_action = wpas_fst_send_action_cb;
4913 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4914 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4915 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4916 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4917 }
4918 #endif /* CONFIG_FST */
4919
4920 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4921 const struct wpa_driver_capa *capa)
4922 {
4923 struct wowlan_triggers *triggers;
4924 int ret = 0;
4925
4926 if (!wpa_s->conf->wowlan_triggers)
4927 return 0;
4928
4929 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4930 if (triggers) {
4931 ret = wpa_drv_wowlan(wpa_s, triggers);
4932 os_free(triggers);
4933 }
4934 return ret;
4935 }
4936
4937
4938 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4939 {
4940 if (freq < 3000)
4941 return BAND_2_4_GHZ;
4942 if (freq > 50000)
4943 return BAND_60_GHZ;
4944 return BAND_5_GHZ;
4945 }
4946
4947
4948 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4949 {
4950 int i;
4951 unsigned int band = 0;
4952
4953 if (freqs) {
4954 /* freqs are specified for the radio work */
4955 for (i = 0; freqs[i]; i++)
4956 band |= wpas_freq_to_band(freqs[i]);
4957 } else {
4958 /*
4959 * freqs are not specified, implies all
4960 * the supported freqs by HW
4961 */
4962 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4963 if (wpa_s->hw.modes[i].num_channels != 0) {
4964 if (wpa_s->hw.modes[i].mode ==
4965 HOSTAPD_MODE_IEEE80211B ||
4966 wpa_s->hw.modes[i].mode ==
4967 HOSTAPD_MODE_IEEE80211G)
4968 band |= BAND_2_4_GHZ;
4969 else if (wpa_s->hw.modes[i].mode ==
4970 HOSTAPD_MODE_IEEE80211A)
4971 band |= BAND_5_GHZ;
4972 else if (wpa_s->hw.modes[i].mode ==
4973 HOSTAPD_MODE_IEEE80211AD)
4974 band |= BAND_60_GHZ;
4975 else if (wpa_s->hw.modes[i].mode ==
4976 HOSTAPD_MODE_IEEE80211ANY)
4977 band = BAND_2_4_GHZ | BAND_5_GHZ |
4978 BAND_60_GHZ;
4979 }
4980 }
4981 }
4982
4983 return band;
4984 }
4985
4986
4987 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4988 const char *rn)
4989 {
4990 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4991 struct wpa_radio *radio;
4992
4993 while (rn && iface) {
4994 radio = iface->radio;
4995 if (radio && os_strcmp(rn, radio->name) == 0) {
4996 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4997 wpa_s->ifname, rn);
4998 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4999 return radio;
5000 }
5001
5002 iface = iface->next;
5003 }
5004
5005 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5006 wpa_s->ifname, rn ? rn : "N/A");
5007 radio = os_zalloc(sizeof(*radio));
5008 if (radio == NULL)
5009 return NULL;
5010
5011 if (rn)
5012 os_strlcpy(radio->name, rn, sizeof(radio->name));
5013 dl_list_init(&radio->ifaces);
5014 dl_list_init(&radio->work);
5015 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5016
5017 return radio;
5018 }
5019
5020
5021 static void radio_work_free(struct wpa_radio_work *work)
5022 {
5023 if (work->wpa_s->scan_work == work) {
5024 /* This should not really happen. */
5025 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5026 work->type, work, work->started);
5027 work->wpa_s->scan_work = NULL;
5028 }
5029
5030 #ifdef CONFIG_P2P
5031 if (work->wpa_s->p2p_scan_work == work) {
5032 /* This should not really happen. */
5033 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5034 work->type, work, work->started);
5035 work->wpa_s->p2p_scan_work = NULL;
5036 }
5037 #endif /* CONFIG_P2P */
5038
5039 if (work->started) {
5040 work->wpa_s->radio->num_active_works--;
5041 wpa_dbg(work->wpa_s, MSG_DEBUG,
5042 "radio_work_free('%s'@%p): num_active_works --> %u",
5043 work->type, work,
5044 work->wpa_s->radio->num_active_works);
5045 }
5046
5047 dl_list_del(&work->list);
5048 os_free(work);
5049 }
5050
5051
5052 static int radio_work_is_connect(struct wpa_radio_work *work)
5053 {
5054 return os_strcmp(work->type, "sme-connect") == 0 ||
5055 os_strcmp(work->type, "connect") == 0;
5056 }
5057
5058
5059 static int radio_work_is_scan(struct wpa_radio_work *work)
5060 {
5061 return os_strcmp(work->type, "scan") == 0 ||
5062 os_strcmp(work->type, "p2p-scan") == 0;
5063 }
5064
5065
5066 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5067 {
5068 struct wpa_radio_work *active_work = NULL;
5069 struct wpa_radio_work *tmp;
5070
5071 /* Get the active work to know the type and band. */
5072 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5073 if (tmp->started) {
5074 active_work = tmp;
5075 break;
5076 }
5077 }
5078
5079 if (!active_work) {
5080 /* No active work, start one */
5081 radio->num_active_works = 0;
5082 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5083 list) {
5084 if (os_strcmp(tmp->type, "scan") == 0 &&
5085 radio->external_scan_running &&
5086 (((struct wpa_driver_scan_params *)
5087 tmp->ctx)->only_new_results ||
5088 tmp->wpa_s->clear_driver_scan_cache))
5089 continue;
5090 return tmp;
5091 }
5092 return NULL;
5093 }
5094
5095 if (radio_work_is_connect(active_work)) {
5096 /*
5097 * If the active work is either connect or sme-connect,
5098 * do not parallelize them with other radio works.
5099 */
5100 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5101 "Do not parallelize radio work with %s",
5102 active_work->type);
5103 return NULL;
5104 }
5105
5106 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5107 if (tmp->started)
5108 continue;
5109
5110 /*
5111 * If connect or sme-connect are enqueued, parallelize only
5112 * those operations ahead of them in the queue.
5113 */
5114 if (radio_work_is_connect(tmp))
5115 break;
5116
5117 /* Serialize parallel scan and p2p_scan operations on the same
5118 * interface since the driver_nl80211 mechanism for tracking
5119 * scan cookies does not yet have support for this. */
5120 if (active_work->wpa_s == tmp->wpa_s &&
5121 radio_work_is_scan(active_work) &&
5122 radio_work_is_scan(tmp)) {
5123 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5124 "Do not start work '%s' when another work '%s' is already scheduled",
5125 tmp->type, active_work->type);
5126 continue;
5127 }
5128 /*
5129 * Check that the radio works are distinct and
5130 * on different bands.
5131 */
5132 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5133 (active_work->bands != tmp->bands)) {
5134 /*
5135 * If a scan has to be scheduled through nl80211 scan
5136 * interface and if an external scan is already running,
5137 * do not schedule the scan since it is likely to get
5138 * rejected by kernel.
5139 */
5140 if (os_strcmp(tmp->type, "scan") == 0 &&
5141 radio->external_scan_running &&
5142 (((struct wpa_driver_scan_params *)
5143 tmp->ctx)->only_new_results ||
5144 tmp->wpa_s->clear_driver_scan_cache))
5145 continue;
5146
5147 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5148 "active_work:%s new_work:%s",
5149 active_work->type, tmp->type);
5150 return tmp;
5151 }
5152 }
5153
5154 /* Did not find a radio work to schedule in parallel. */
5155 return NULL;
5156 }
5157
5158
5159 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5160 {
5161 struct wpa_radio *radio = eloop_ctx;
5162 struct wpa_radio_work *work;
5163 struct os_reltime now, diff;
5164 struct wpa_supplicant *wpa_s;
5165
5166 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
5167 if (work == NULL) {
5168 radio->num_active_works = 0;
5169 return;
5170 }
5171
5172 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5173 radio_list);
5174
5175 if (!(wpa_s &&
5176 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5177 if (work->started)
5178 return; /* already started and still in progress */
5179
5180 if (wpa_s && wpa_s->radio->external_scan_running) {
5181 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5182 return;
5183 }
5184 } else {
5185 work = NULL;
5186 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5187 /* get the work to schedule next */
5188 work = radio_work_get_next_work(radio);
5189 }
5190 if (!work)
5191 return;
5192 }
5193
5194 wpa_s = work->wpa_s;
5195 os_get_reltime(&now);
5196 os_reltime_sub(&now, &work->time, &diff);
5197 wpa_dbg(wpa_s, MSG_DEBUG,
5198 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5199 work->type, work, diff.sec, diff.usec);
5200 work->started = 1;
5201 work->time = now;
5202 radio->num_active_works++;
5203
5204 work->cb(work, 0);
5205
5206 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5207 radio->num_active_works < MAX_ACTIVE_WORKS)
5208 radio_work_check_next(wpa_s);
5209 }
5210
5211
5212 /*
5213 * This function removes both started and pending radio works running on
5214 * the provided interface's radio.
5215 * Prior to the removal of the radio work, its callback (cb) is called with
5216 * deinit set to be 1. Each work's callback is responsible for clearing its
5217 * internal data and restoring to a correct state.
5218 * @wpa_s: wpa_supplicant data
5219 * @type: type of works to be removed
5220 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5221 * this interface's works.
5222 */
5223 void radio_remove_works(struct wpa_supplicant *wpa_s,
5224 const char *type, int remove_all)
5225 {
5226 struct wpa_radio_work *work, *tmp;
5227 struct wpa_radio *radio = wpa_s->radio;
5228
5229 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5230 list) {
5231 if (type && os_strcmp(type, work->type) != 0)
5232 continue;
5233
5234 /* skip other ifaces' works */
5235 if (!remove_all && work->wpa_s != wpa_s)
5236 continue;
5237
5238 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5239 work->type, work, work->started ? " (started)" : "");
5240 work->cb(work, 1);
5241 radio_work_free(work);
5242 }
5243
5244 /* in case we removed the started work */
5245 radio_work_check_next(wpa_s);
5246 }
5247
5248
5249 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5250 {
5251 struct wpa_radio_work *work;
5252 struct wpa_radio *radio = wpa_s->radio;
5253
5254 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5255 if (work->ctx != ctx)
5256 continue;
5257 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5258 work->type, work, work->started ? " (started)" : "");
5259 radio_work_free(work);
5260 break;
5261 }
5262 }
5263
5264
5265 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5266 {
5267 struct wpa_radio *radio = wpa_s->radio;
5268
5269 if (!radio)
5270 return;
5271
5272 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5273 wpa_s->ifname, radio->name);
5274 dl_list_del(&wpa_s->radio_list);
5275 radio_remove_works(wpa_s, NULL, 0);
5276 wpa_s->radio = NULL;
5277 if (!dl_list_empty(&radio->ifaces))
5278 return; /* Interfaces remain for this radio */
5279
5280 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
5281 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5282 os_free(radio);
5283 }
5284
5285
5286 void radio_work_check_next(struct wpa_supplicant *wpa_s)
5287 {
5288 struct wpa_radio *radio = wpa_s->radio;
5289
5290 if (dl_list_empty(&radio->work))
5291 return;
5292 if (wpa_s->ext_work_in_progress) {
5293 wpa_printf(MSG_DEBUG,
5294 "External radio work in progress - delay start of pending item");
5295 return;
5296 }
5297 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5298 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5299 }
5300
5301
5302 /**
5303 * radio_add_work - Add a radio work item
5304 * @wpa_s: Pointer to wpa_supplicant data
5305 * @freq: Frequency of the offchannel operation in MHz or 0
5306 * @type: Unique identifier for each type of work
5307 * @next: Force as the next work to be executed
5308 * @cb: Callback function for indicating when radio is available
5309 * @ctx: Context pointer for the work (work->ctx in cb())
5310 * Returns: 0 on success, -1 on failure
5311 *
5312 * This function is used to request time for an operation that requires
5313 * exclusive radio control. Once the radio is available, the registered callback
5314 * function will be called. radio_work_done() must be called once the exclusive
5315 * radio operation has been completed, so that the radio is freed for other
5316 * operations. The special case of deinit=1 is used to free the context data
5317 * during interface removal. That does not allow the callback function to start
5318 * the radio operation, i.e., it must free any resources allocated for the radio
5319 * work and return.
5320 *
5321 * The @freq parameter can be used to indicate a single channel on which the
5322 * offchannel operation will occur. This may allow multiple radio work
5323 * operations to be performed in parallel if they apply for the same channel.
5324 * Setting this to 0 indicates that the work item may use multiple channels or
5325 * requires exclusive control of the radio.
5326 */
5327 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5328 const char *type, int next,
5329 void (*cb)(struct wpa_radio_work *work, int deinit),
5330 void *ctx)
5331 {
5332 struct wpa_radio *radio = wpa_s->radio;
5333 struct wpa_radio_work *work;
5334 int was_empty;
5335
5336 work = os_zalloc(sizeof(*work));
5337 if (work == NULL)
5338 return -1;
5339 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5340 os_get_reltime(&work->time);
5341 work->freq = freq;
5342 work->type = type;
5343 work->wpa_s = wpa_s;
5344 work->cb = cb;
5345 work->ctx = ctx;
5346
5347 if (freq)
5348 work->bands = wpas_freq_to_band(freq);
5349 else if (os_strcmp(type, "scan") == 0 ||
5350 os_strcmp(type, "p2p-scan") == 0)
5351 work->bands = wpas_get_bands(wpa_s,
5352 ((struct wpa_driver_scan_params *)
5353 ctx)->freqs);
5354 else
5355 work->bands = wpas_get_bands(wpa_s, NULL);
5356
5357 was_empty = dl_list_empty(&wpa_s->radio->work);
5358 if (next)
5359 dl_list_add(&wpa_s->radio->work, &work->list);
5360 else
5361 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5362 if (was_empty) {
5363 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5364 radio_work_check_next(wpa_s);
5365 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5366 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5367 wpa_dbg(wpa_s, MSG_DEBUG,
5368 "Try to schedule a radio work (num_active_works=%u)",
5369 radio->num_active_works);
5370 radio_work_check_next(wpa_s);
5371 }
5372
5373 return 0;
5374 }
5375
5376
5377 /**
5378 * radio_work_done - Indicate that a radio work item has been completed
5379 * @work: Completed work
5380 *
5381 * This function is called once the callback function registered with
5382 * radio_add_work() has completed its work.
5383 */
5384 void radio_work_done(struct wpa_radio_work *work)
5385 {
5386 struct wpa_supplicant *wpa_s = work->wpa_s;
5387 struct os_reltime now, diff;
5388 unsigned int started = work->started;
5389
5390 os_get_reltime(&now);
5391 os_reltime_sub(&now, &work->time, &diff);
5392 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5393 work->type, work, started ? "done" : "canceled",
5394 diff.sec, diff.usec);
5395 radio_work_free(work);
5396 if (started)
5397 radio_work_check_next(wpa_s);
5398 }
5399
5400
5401 struct wpa_radio_work *
5402 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
5403 {
5404 struct wpa_radio_work *work;
5405 struct wpa_radio *radio = wpa_s->radio;
5406
5407 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5408 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
5409 return work;
5410 }
5411
5412 return NULL;
5413 }
5414
5415
5416 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
5417 const struct wpa_interface *iface)
5418 {
5419 const char *ifname, *driver, *rn;
5420
5421 driver = iface->driver;
5422 next_driver:
5423 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5424 return -1;
5425
5426 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5427 if (wpa_s->drv_priv == NULL) {
5428 const char *pos;
5429 pos = driver ? os_strchr(driver, ',') : NULL;
5430 if (pos) {
5431 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5432 "driver interface - try next driver wrapper");
5433 driver = pos + 1;
5434 goto next_driver;
5435 }
5436 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5437 "interface");
5438 return -1;
5439 }
5440 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5441 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5442 "driver_param '%s'", wpa_s->conf->driver_param);
5443 return -1;
5444 }
5445
5446 ifname = wpa_drv_get_ifname(wpa_s);
5447 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5448 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5449 "interface name with '%s'", ifname);
5450 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5451 }
5452
5453 rn = wpa_driver_get_radio_name(wpa_s);
5454 if (rn && rn[0] == '\0')
5455 rn = NULL;
5456
5457 wpa_s->radio = radio_add_interface(wpa_s, rn);
5458 if (wpa_s->radio == NULL)
5459 return -1;
5460
5461 return 0;
5462 }
5463
5464
5465 #ifdef CONFIG_GAS_SERVER
5466
5467 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5468 unsigned int freq, const u8 *dst,
5469 const u8 *src, const u8 *bssid,
5470 const u8 *data, size_t data_len,
5471 enum offchannel_send_action_result result)
5472 {
5473 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5474 " result=%s",
5475 freq, MAC2STR(dst),
5476 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5477 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5478 "FAILED"));
5479 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5480 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5481 }
5482
5483
5484 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5485 struct wpabuf *buf, unsigned int wait_time)
5486 {
5487 struct wpa_supplicant *wpa_s = ctx;
5488 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5489
5490 if (wait_time > wpa_s->max_remain_on_chan)
5491 wait_time = wpa_s->max_remain_on_chan;
5492
5493 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5494 wpabuf_head(buf), wpabuf_len(buf),
5495 wait_time, wpas_gas_server_tx_status, 0);
5496 }
5497
5498 #endif /* CONFIG_GAS_SERVER */
5499
5500 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
5501 const struct wpa_interface *iface)
5502 {
5503 struct wpa_driver_capa capa;
5504 int capa_res;
5505 u8 dfs_domain;
5506
5507 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5508 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5509 iface->confname ? iface->confname : "N/A",
5510 iface->driver ? iface->driver : "default",
5511 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5512 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5513
5514 if (iface->confname) {
5515 #ifdef CONFIG_BACKEND_FILE
5516 wpa_s->confname = os_rel2abs_path(iface->confname);
5517 if (wpa_s->confname == NULL) {
5518 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5519 "for configuration file '%s'.",
5520 iface->confname);
5521 return -1;
5522 }
5523 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5524 iface->confname, wpa_s->confname);
5525 #else /* CONFIG_BACKEND_FILE */
5526 wpa_s->confname = os_strdup(iface->confname);
5527 #endif /* CONFIG_BACKEND_FILE */
5528 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
5529 if (wpa_s->conf == NULL) {
5530 wpa_printf(MSG_ERROR, "Failed to read or parse "
5531 "configuration '%s'.", wpa_s->confname);
5532 return -1;
5533 }
5534 wpa_s->confanother = os_rel2abs_path(iface->confanother);
5535 if (wpa_s->confanother &&
5536 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5537 wpa_printf(MSG_ERROR,
5538 "Failed to read or parse configuration '%s'.",
5539 wpa_s->confanother);
5540 return -1;
5541 }
5542
5543 /*
5544 * Override ctrl_interface and driver_param if set on command
5545 * line.
5546 */
5547 if (iface->ctrl_interface) {
5548 os_free(wpa_s->conf->ctrl_interface);
5549 wpa_s->conf->ctrl_interface =
5550 os_strdup(iface->ctrl_interface);
5551 }
5552
5553 if (iface->driver_param) {
5554 os_free(wpa_s->conf->driver_param);
5555 wpa_s->conf->driver_param =
5556 os_strdup(iface->driver_param);
5557 }
5558
5559 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5560 os_free(wpa_s->conf->ctrl_interface);
5561 wpa_s->conf->ctrl_interface = NULL;
5562 }
5563 } else
5564 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5565 iface->driver_param);
5566
5567 if (wpa_s->conf == NULL) {
5568 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5569 return -1;
5570 }
5571
5572 if (iface->ifname == NULL) {
5573 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5574 return -1;
5575 }
5576 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5577 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5578 iface->ifname);
5579 return -1;
5580 }
5581 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5582
5583 if (iface->bridge_ifname) {
5584 if (os_strlen(iface->bridge_ifname) >=
5585 sizeof(wpa_s->bridge_ifname)) {
5586 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5587 "name '%s'.", iface->bridge_ifname);
5588 return -1;
5589 }
5590 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5591 sizeof(wpa_s->bridge_ifname));
5592 }
5593
5594 /* RSNA Supplicant Key Management - INITIALIZE */
5595 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5596 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5597
5598 /* Initialize driver interface and register driver event handler before
5599 * L2 receive handler so that association events are processed before
5600 * EAPOL-Key packets if both become available for the same select()
5601 * call. */
5602 if (wpas_init_driver(wpa_s, iface) < 0)
5603 return -1;
5604
5605 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5606 return -1;
5607
5608 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5609 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5610 NULL);
5611 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5612
5613 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5614 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5615 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
5616 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5617 "dot11RSNAConfigPMKLifetime");
5618 return -1;
5619 }
5620
5621 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5622 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5623 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
5624 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5625 "dot11RSNAConfigPMKReauthThreshold");
5626 return -1;
5627 }
5628
5629 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5630 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5631 wpa_s->conf->dot11RSNAConfigSATimeout)) {
5632 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5633 "dot11RSNAConfigSATimeout");
5634 return -1;
5635 }
5636
5637 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5638 &wpa_s->hw.num_modes,
5639 &wpa_s->hw.flags,
5640 &dfs_domain);
5641 if (wpa_s->hw.modes) {
5642 u16 i;
5643
5644 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5645 if (wpa_s->hw.modes[i].vht_capab) {
5646 wpa_s->hw_capab = CAPAB_VHT;
5647 break;
5648 }
5649
5650 if (wpa_s->hw.modes[i].ht_capab &
5651 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5652 wpa_s->hw_capab = CAPAB_HT40;
5653 else if (wpa_s->hw.modes[i].ht_capab &&
5654 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5655 wpa_s->hw_capab = CAPAB_HT;
5656 }
5657 }
5658
5659 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5660 if (capa_res == 0) {
5661 wpa_s->drv_capa_known = 1;
5662 wpa_s->drv_flags = capa.flags;
5663 wpa_s->drv_enc = capa.enc;
5664 wpa_s->drv_smps_modes = capa.smps_modes;
5665 wpa_s->drv_rrm_flags = capa.rrm_flags;
5666 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
5667 wpa_s->max_scan_ssids = capa.max_scan_ssids;
5668 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
5669 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5670 wpa_s->max_sched_scan_plan_interval =
5671 capa.max_sched_scan_plan_interval;
5672 wpa_s->max_sched_scan_plan_iterations =
5673 capa.max_sched_scan_plan_iterations;
5674 wpa_s->sched_scan_supported = capa.sched_scan_supported;
5675 wpa_s->max_match_sets = capa.max_match_sets;
5676 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
5677 wpa_s->max_stations = capa.max_stations;
5678 wpa_s->extended_capa = capa.extended_capa;
5679 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5680 wpa_s->extended_capa_len = capa.extended_capa_len;
5681 wpa_s->num_multichan_concurrent =
5682 capa.num_multichan_concurrent;
5683 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
5684
5685 if (capa.mac_addr_rand_scan_supported)
5686 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5687 if (wpa_s->sched_scan_supported &&
5688 capa.mac_addr_rand_sched_scan_supported)
5689 wpa_s->mac_addr_rand_supported |=
5690 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
5691
5692 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
5693 if (wpa_s->extended_capa &&
5694 wpa_s->extended_capa_len >= 3 &&
5695 wpa_s->extended_capa[2] & 0x40)
5696 wpa_s->multi_bss_support = 1;
5697 }
5698 if (wpa_s->max_remain_on_chan == 0)
5699 wpa_s->max_remain_on_chan = 1000;
5700
5701 /*
5702 * Only take p2p_mgmt parameters when P2P Device is supported.
5703 * Doing it here as it determines whether l2_packet_init() will be done
5704 * during wpa_supplicant_driver_init().
5705 */
5706 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5707 wpa_s->p2p_mgmt = iface->p2p_mgmt;
5708
5709 if (wpa_s->num_multichan_concurrent == 0)
5710 wpa_s->num_multichan_concurrent = 1;
5711
5712 if (wpa_supplicant_driver_init(wpa_s) < 0)
5713 return -1;
5714
5715 #ifdef CONFIG_TDLS
5716 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5717 return -1;
5718 #endif /* CONFIG_TDLS */
5719
5720 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5721 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
5722 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
5723 return -1;
5724 }
5725
5726 #ifdef CONFIG_FST
5727 if (wpa_s->conf->fst_group_id) {
5728 struct fst_iface_cfg cfg;
5729 struct fst_wpa_obj iface_obj;
5730
5731 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5732 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5733 sizeof(cfg.group_id));
5734 cfg.priority = wpa_s->conf->fst_priority;
5735 cfg.llt = wpa_s->conf->fst_llt;
5736
5737 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5738 &iface_obj, &cfg);
5739 if (!wpa_s->fst) {
5740 wpa_msg(wpa_s, MSG_ERROR,
5741 "FST: Cannot attach iface %s to group %s",
5742 wpa_s->ifname, cfg.group_id);
5743 return -1;
5744 }
5745 }
5746 #endif /* CONFIG_FST */
5747
5748 if (wpas_wps_init(wpa_s))
5749 return -1;
5750
5751 #ifdef CONFIG_GAS_SERVER
5752 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5753 if (!wpa_s->gas_server) {
5754 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5755 return -1;
5756 }
5757 #endif /* CONFIG_GAS_SERVER */
5758
5759 #ifdef CONFIG_DPP
5760 if (wpas_dpp_init(wpa_s) < 0)
5761 return -1;
5762 #endif /* CONFIG_DPP */
5763
5764 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5765 return -1;
5766 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5767
5768 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5769 if (wpa_s->ctrl_iface == NULL) {
5770 wpa_printf(MSG_ERROR,
5771 "Failed to initialize control interface '%s'.\n"
5772 "You may have another wpa_supplicant process "
5773 "already running or the file was\n"
5774 "left by an unclean termination of wpa_supplicant "
5775 "in which case you will need\n"
5776 "to manually remove this file before starting "
5777 "wpa_supplicant again.\n",
5778 wpa_s->conf->ctrl_interface);
5779 return -1;
5780 }
5781
5782 wpa_s->gas = gas_query_init(wpa_s);
5783 if (wpa_s->gas == NULL) {
5784 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5785 return -1;
5786 }
5787
5788 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
5789 wpa_s->p2p_mgmt) &&
5790 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
5791 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
5792 return -1;
5793 }
5794
5795 if (wpa_bss_init(wpa_s) < 0)
5796 return -1;
5797
5798 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5799 #ifdef CONFIG_MESH
5800 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5801 #endif /* CONFIG_MESH */
5802 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5803
5804 /*
5805 * Set Wake-on-WLAN triggers, if configured.
5806 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5807 * have effect anyway when the interface is down).
5808 */
5809 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
5810 return -1;
5811
5812 #ifdef CONFIG_EAP_PROXY
5813 {
5814 size_t len;
5815 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5816 wpa_s->imsi, &len);
5817 if (wpa_s->mnc_len > 0) {
5818 wpa_s->imsi[len] = '\0';
5819 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5820 wpa_s->imsi, wpa_s->mnc_len);
5821 } else {
5822 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5823 }
5824 }
5825 #endif /* CONFIG_EAP_PROXY */
5826
5827 if (pcsc_reader_init(wpa_s) < 0)
5828 return -1;
5829
5830 if (wpas_init_ext_pw(wpa_s) < 0)
5831 return -1;
5832
5833 wpas_rrm_reset(wpa_s);
5834
5835 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5836
5837 #ifdef CONFIG_HS20
5838 hs20_init(wpa_s);
5839 #endif /* CONFIG_HS20 */
5840 #ifdef CONFIG_MBO
5841 if (wpa_s->conf->oce) {
5842 if ((wpa_s->conf->oce & OCE_STA) &&
5843 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5844 wpa_s->enable_oce = OCE_STA;
5845 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5846 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5847 /* TODO: Need to add STA-CFON support */
5848 wpa_printf(MSG_ERROR,
5849 "OCE STA-CFON feature is not yet supported");
5850 }
5851 }
5852 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5853 #endif /* CONFIG_MBO */
5854
5855 wpa_supplicant_set_default_scan_ies(wpa_s);
5856
5857 return 0;
5858 }
5859
5860
5861 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
5862 int notify, int terminate)
5863 {
5864 struct wpa_global *global = wpa_s->global;
5865 struct wpa_supplicant *iface, *prev;
5866
5867 if (wpa_s == wpa_s->parent)
5868 wpas_p2p_group_remove(wpa_s, "*");
5869
5870 iface = global->ifaces;
5871 while (iface) {
5872 if (iface->p2pdev == wpa_s)
5873 iface->p2pdev = iface->parent;
5874 if (iface == wpa_s || iface->parent != wpa_s) {
5875 iface = iface->next;
5876 continue;
5877 }
5878 wpa_printf(MSG_DEBUG,
5879 "Remove remaining child interface %s from parent %s",
5880 iface->ifname, wpa_s->ifname);
5881 prev = iface;
5882 iface = iface->next;
5883 wpa_supplicant_remove_iface(global, prev, terminate);
5884 }
5885
5886 wpa_s->disconnected = 1;
5887 if (wpa_s->drv_priv) {
5888 wpa_supplicant_deauthenticate(wpa_s,
5889 WLAN_REASON_DEAUTH_LEAVING);
5890
5891 wpa_drv_set_countermeasures(wpa_s, 0);
5892 wpa_clear_keys(wpa_s, NULL);
5893 }
5894
5895 wpa_supplicant_cleanup(wpa_s);
5896 wpas_p2p_deinit_iface(wpa_s);
5897
5898 wpas_ctrl_radio_work_flush(wpa_s);
5899 radio_remove_interface(wpa_s);
5900
5901 #ifdef CONFIG_FST
5902 if (wpa_s->fst) {
5903 fst_detach(wpa_s->fst);
5904 wpa_s->fst = NULL;
5905 }
5906 if (wpa_s->received_mb_ies) {
5907 wpabuf_free(wpa_s->received_mb_ies);
5908 wpa_s->received_mb_ies = NULL;
5909 }
5910 #endif /* CONFIG_FST */
5911
5912 if (wpa_s->drv_priv)
5913 wpa_drv_deinit(wpa_s);
5914
5915 if (notify)
5916 wpas_notify_iface_removed(wpa_s);
5917
5918 if (terminate)
5919 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5920
5921 if (wpa_s->ctrl_iface) {
5922 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5923 wpa_s->ctrl_iface = NULL;
5924 }
5925
5926 #ifdef CONFIG_MESH
5927 if (wpa_s->ifmsh) {
5928 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5929 wpa_s->ifmsh = NULL;
5930 }
5931 #endif /* CONFIG_MESH */
5932
5933 if (wpa_s->conf != NULL) {
5934 wpa_config_free(wpa_s->conf);
5935 wpa_s->conf = NULL;
5936 }
5937
5938 os_free(wpa_s->ssids_from_scan_req);
5939
5940 os_free(wpa_s);
5941 }
5942
5943
5944 #ifdef CONFIG_MATCH_IFACE
5945
5946 /**
5947 * wpa_supplicant_match_iface - Match an interface description to a name
5948 * @global: Pointer to global data from wpa_supplicant_init()
5949 * @ifname: Name of the interface to match
5950 * Returns: Pointer to the created interface description or %NULL on failure
5951 */
5952 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5953 const char *ifname)
5954 {
5955 int i;
5956 struct wpa_interface *iface, *miface;
5957
5958 for (i = 0; i < global->params.match_iface_count; i++) {
5959 miface = &global->params.match_ifaces[i];
5960 if (!miface->ifname ||
5961 fnmatch(miface->ifname, ifname, 0) == 0) {
5962 iface = os_zalloc(sizeof(*iface));
5963 if (!iface)
5964 return NULL;
5965 *iface = *miface;
5966 iface->ifname = ifname;
5967 return iface;
5968 }
5969 }
5970
5971 return NULL;
5972 }
5973
5974
5975 /**
5976 * wpa_supplicant_match_existing - Match existing interfaces
5977 * @global: Pointer to global data from wpa_supplicant_init()
5978 * Returns: 0 on success, -1 on failure
5979 */
5980 static int wpa_supplicant_match_existing(struct wpa_global *global)
5981 {
5982 struct if_nameindex *ifi, *ifp;
5983 struct wpa_supplicant *wpa_s;
5984 struct wpa_interface *iface;
5985
5986 ifp = if_nameindex();
5987 if (!ifp) {
5988 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5989 return -1;
5990 }
5991
5992 for (ifi = ifp; ifi->if_name; ifi++) {
5993 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5994 if (wpa_s)
5995 continue;
5996 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5997 if (iface) {
5998 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5999 os_free(iface);
6000 if (wpa_s)
6001 wpa_s->matched = 1;
6002 }
6003 }
6004
6005 if_freenameindex(ifp);
6006 return 0;
6007 }
6008
6009 #endif /* CONFIG_MATCH_IFACE */
6010
6011
6012 /**
6013 * wpa_supplicant_add_iface - Add a new network interface
6014 * @global: Pointer to global data from wpa_supplicant_init()
6015 * @iface: Interface configuration options
6016 * @parent: Parent interface or %NULL to assign new interface as parent
6017 * Returns: Pointer to the created interface or %NULL on failure
6018 *
6019 * This function is used to add new network interfaces for %wpa_supplicant.
6020 * This can be called before wpa_supplicant_run() to add interfaces before the
6021 * main event loop has been started. In addition, new interfaces can be added
6022 * dynamically while %wpa_supplicant is already running. This could happen,
6023 * e.g., when a hotplug network adapter is inserted.
6024 */
6025 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
6026 struct wpa_interface *iface,
6027 struct wpa_supplicant *parent)
6028 {
6029 struct wpa_supplicant *wpa_s;
6030 struct wpa_interface t_iface;
6031 struct wpa_ssid *ssid;
6032
6033 if (global == NULL || iface == NULL)
6034 return NULL;
6035
6036 wpa_s = wpa_supplicant_alloc(parent);
6037 if (wpa_s == NULL)
6038 return NULL;
6039
6040 wpa_s->global = global;
6041
6042 t_iface = *iface;
6043 if (global->params.override_driver) {
6044 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6045 "('%s' -> '%s')",
6046 iface->driver, global->params.override_driver);
6047 t_iface.driver = global->params.override_driver;
6048 }
6049 if (global->params.override_ctrl_interface) {
6050 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6051 "ctrl_interface ('%s' -> '%s')",
6052 iface->ctrl_interface,
6053 global->params.override_ctrl_interface);
6054 t_iface.ctrl_interface =
6055 global->params.override_ctrl_interface;
6056 }
6057 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6058 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6059 iface->ifname);
6060 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6061 return NULL;
6062 }
6063
6064 if (iface->p2p_mgmt == 0) {
6065 /* Notify the control interfaces about new iface */
6066 if (wpas_notify_iface_added(wpa_s)) {
6067 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6068 return NULL;
6069 }
6070
6071 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6072 wpas_notify_network_added(wpa_s, ssid);
6073 }
6074
6075 wpa_s->next = global->ifaces;
6076 global->ifaces = wpa_s;
6077
6078 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
6079 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6080
6081 #ifdef CONFIG_P2P
6082 if (wpa_s->global->p2p == NULL &&
6083 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
6084 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
6085 wpas_p2p_add_p2pdev_interface(
6086 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
6087 wpa_printf(MSG_INFO,
6088 "P2P: Failed to enable P2P Device interface");
6089 /* Try to continue without. P2P will be disabled. */
6090 }
6091 #endif /* CONFIG_P2P */
6092
6093 return wpa_s;
6094 }
6095
6096
6097 /**
6098 * wpa_supplicant_remove_iface - Remove a network interface
6099 * @global: Pointer to global data from wpa_supplicant_init()
6100 * @wpa_s: Pointer to the network interface to be removed
6101 * Returns: 0 if interface was removed, -1 if interface was not found
6102 *
6103 * This function can be used to dynamically remove network interfaces from
6104 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6105 * addition, this function is used to remove all remaining interfaces when
6106 * %wpa_supplicant is terminated.
6107 */
6108 int wpa_supplicant_remove_iface(struct wpa_global *global,
6109 struct wpa_supplicant *wpa_s,
6110 int terminate)
6111 {
6112 struct wpa_supplicant *prev;
6113 #ifdef CONFIG_MESH
6114 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6115 char *ifname = NULL;
6116 struct wpa_supplicant *parent = wpa_s->parent;
6117 #endif /* CONFIG_MESH */
6118
6119 /* Remove interface from the global list of interfaces */
6120 prev = global->ifaces;
6121 if (prev == wpa_s) {
6122 global->ifaces = wpa_s->next;
6123 } else {
6124 while (prev && prev->next != wpa_s)
6125 prev = prev->next;
6126 if (prev == NULL)
6127 return -1;
6128 prev->next = wpa_s->next;
6129 }
6130
6131 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6132
6133 #ifdef CONFIG_MESH
6134 if (mesh_if_created) {
6135 ifname = os_strdup(wpa_s->ifname);
6136 if (ifname == NULL) {
6137 wpa_dbg(wpa_s, MSG_ERROR,
6138 "mesh: Failed to malloc ifname");
6139 return -1;
6140 }
6141 }
6142 #endif /* CONFIG_MESH */
6143
6144 if (global->p2p_group_formation == wpa_s)
6145 global->p2p_group_formation = NULL;
6146 if (global->p2p_invite_group == wpa_s)
6147 global->p2p_invite_group = NULL;
6148 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6149
6150 #ifdef CONFIG_MESH
6151 if (mesh_if_created) {
6152 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
6153 os_free(ifname);
6154 }
6155 #endif /* CONFIG_MESH */
6156
6157 return 0;
6158 }
6159
6160
6161 /**
6162 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6163 * @wpa_s: Pointer to the network interface
6164 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6165 */
6166 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6167 {
6168 const char *eapol_method;
6169
6170 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6171 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6172 return "NO-EAP";
6173 }
6174
6175 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6176 if (eapol_method == NULL)
6177 return "UNKNOWN-EAP";
6178
6179 return eapol_method;
6180 }
6181
6182
6183 /**
6184 * wpa_supplicant_get_iface - Get a new network interface
6185 * @global: Pointer to global data from wpa_supplicant_init()
6186 * @ifname: Interface name
6187 * Returns: Pointer to the interface or %NULL if not found
6188 */
6189 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6190 const char *ifname)
6191 {
6192 struct wpa_supplicant *wpa_s;
6193
6194 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6195 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6196 return wpa_s;
6197 }
6198 return NULL;
6199 }
6200
6201
6202 #ifndef CONFIG_NO_WPA_MSG
6203 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6204 {
6205 struct wpa_supplicant *wpa_s = ctx;
6206 if (wpa_s == NULL)
6207 return NULL;
6208 return wpa_s->ifname;
6209 }
6210 #endif /* CONFIG_NO_WPA_MSG */
6211
6212
6213 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6214 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6215 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6216
6217 /* Periodic cleanup tasks */
6218 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6219 {
6220 struct wpa_global *global = eloop_ctx;
6221 struct wpa_supplicant *wpa_s;
6222
6223 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6224 wpas_periodic, global, NULL);
6225
6226 #ifdef CONFIG_P2P
6227 if (global->p2p)
6228 p2p_expire_peers(global->p2p);
6229 #endif /* CONFIG_P2P */
6230
6231 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6232 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
6233 #ifdef CONFIG_AP
6234 ap_periodic(wpa_s);
6235 #endif /* CONFIG_AP */
6236 }
6237 }
6238
6239
6240 /**
6241 * wpa_supplicant_init - Initialize %wpa_supplicant
6242 * @params: Parameters for %wpa_supplicant
6243 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6244 *
6245 * This function is used to initialize %wpa_supplicant. After successful
6246 * initialization, the returned data pointer can be used to add and remove
6247 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6248 */
6249 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6250 {
6251 struct wpa_global *global;
6252 int ret, i;
6253
6254 if (params == NULL)
6255 return NULL;
6256
6257 #ifdef CONFIG_DRIVER_NDIS
6258 {
6259 void driver_ndis_init_ops(void);
6260 driver_ndis_init_ops();
6261 }
6262 #endif /* CONFIG_DRIVER_NDIS */
6263
6264 #ifndef CONFIG_NO_WPA_MSG
6265 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
6266 #endif /* CONFIG_NO_WPA_MSG */
6267
6268 if (params->wpa_debug_file_path)
6269 wpa_debug_open_file(params->wpa_debug_file_path);
6270 else
6271 wpa_debug_setup_stdout();
6272 if (params->wpa_debug_syslog)
6273 wpa_debug_open_syslog();
6274 if (params->wpa_debug_tracing) {
6275 ret = wpa_debug_open_linux_tracing();
6276 if (ret) {
6277 wpa_printf(MSG_ERROR,
6278 "Failed to enable trace logging");
6279 return NULL;
6280 }
6281 }
6282
6283 ret = eap_register_methods();
6284 if (ret) {
6285 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6286 if (ret == -2)
6287 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6288 "the same EAP type.");
6289 return NULL;
6290 }
6291
6292 global = os_zalloc(sizeof(*global));
6293 if (global == NULL)
6294 return NULL;
6295 dl_list_init(&global->p2p_srv_bonjour);
6296 dl_list_init(&global->p2p_srv_upnp);
6297 global->params.daemonize = params->daemonize;
6298 global->params.wait_for_monitor = params->wait_for_monitor;
6299 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6300 if (params->pid_file)
6301 global->params.pid_file = os_strdup(params->pid_file);
6302 if (params->ctrl_interface)
6303 global->params.ctrl_interface =
6304 os_strdup(params->ctrl_interface);
6305 if (params->ctrl_interface_group)
6306 global->params.ctrl_interface_group =
6307 os_strdup(params->ctrl_interface_group);
6308 if (params->override_driver)
6309 global->params.override_driver =
6310 os_strdup(params->override_driver);
6311 if (params->override_ctrl_interface)
6312 global->params.override_ctrl_interface =
6313 os_strdup(params->override_ctrl_interface);
6314 #ifdef CONFIG_MATCH_IFACE
6315 global->params.match_iface_count = params->match_iface_count;
6316 if (params->match_iface_count) {
6317 global->params.match_ifaces =
6318 os_calloc(params->match_iface_count,
6319 sizeof(struct wpa_interface));
6320 os_memcpy(global->params.match_ifaces,
6321 params->match_ifaces,
6322 params->match_iface_count *
6323 sizeof(struct wpa_interface));
6324 }
6325 #endif /* CONFIG_MATCH_IFACE */
6326 #ifdef CONFIG_P2P
6327 if (params->conf_p2p_dev)
6328 global->params.conf_p2p_dev =
6329 os_strdup(params->conf_p2p_dev);
6330 #endif /* CONFIG_P2P */
6331 wpa_debug_level = global->params.wpa_debug_level =
6332 params->wpa_debug_level;
6333 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6334 params->wpa_debug_show_keys;
6335 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6336 params->wpa_debug_timestamp;
6337
6338 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6339
6340 if (eloop_init()) {
6341 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6342 wpa_supplicant_deinit(global);
6343 return NULL;
6344 }
6345
6346 random_init(params->entropy_file);
6347
6348 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6349 if (global->ctrl_iface == NULL) {
6350 wpa_supplicant_deinit(global);
6351 return NULL;
6352 }
6353
6354 if (wpas_notify_supplicant_initialized(global)) {
6355 wpa_supplicant_deinit(global);
6356 return NULL;
6357 }
6358
6359 for (i = 0; wpa_drivers[i]; i++)
6360 global->drv_count++;
6361 if (global->drv_count == 0) {
6362 wpa_printf(MSG_ERROR, "No drivers enabled");
6363 wpa_supplicant_deinit(global);
6364 return NULL;
6365 }
6366 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
6367 if (global->drv_priv == NULL) {
6368 wpa_supplicant_deinit(global);
6369 return NULL;
6370 }
6371
6372 #ifdef CONFIG_WIFI_DISPLAY
6373 if (wifi_display_init(global) < 0) {
6374 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6375 wpa_supplicant_deinit(global);
6376 return NULL;
6377 }
6378 #endif /* CONFIG_WIFI_DISPLAY */
6379
6380 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6381 wpas_periodic, global, NULL);
6382
6383 return global;
6384 }
6385
6386
6387 /**
6388 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6389 * @global: Pointer to global data from wpa_supplicant_init()
6390 * Returns: 0 after successful event loop run, -1 on failure
6391 *
6392 * This function starts the main event loop and continues running as long as
6393 * there are any remaining events. In most cases, this function is running as
6394 * long as the %wpa_supplicant process in still in use.
6395 */
6396 int wpa_supplicant_run(struct wpa_global *global)
6397 {
6398 struct wpa_supplicant *wpa_s;
6399
6400 if (global->params.daemonize &&
6401 (wpa_supplicant_daemon(global->params.pid_file) ||
6402 eloop_sock_requeue()))
6403 return -1;
6404
6405 #ifdef CONFIG_MATCH_IFACE
6406 if (wpa_supplicant_match_existing(global))
6407 return -1;
6408 #endif
6409
6410 if (global->params.wait_for_monitor) {
6411 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
6412 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6413 wpa_supplicant_ctrl_iface_wait(
6414 wpa_s->ctrl_iface);
6415 }
6416
6417 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6418 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6419
6420 eloop_run();
6421
6422 return 0;
6423 }
6424
6425
6426 /**
6427 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6428 * @global: Pointer to global data from wpa_supplicant_init()
6429 *
6430 * This function is called to deinitialize %wpa_supplicant and to free all
6431 * allocated resources. Remaining network interfaces will also be removed.
6432 */
6433 void wpa_supplicant_deinit(struct wpa_global *global)
6434 {
6435 int i;
6436
6437 if (global == NULL)
6438 return;
6439
6440 eloop_cancel_timeout(wpas_periodic, global, NULL);
6441
6442 #ifdef CONFIG_WIFI_DISPLAY
6443 wifi_display_deinit(global);
6444 #endif /* CONFIG_WIFI_DISPLAY */
6445
6446 while (global->ifaces)
6447 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6448
6449 if (global->ctrl_iface)
6450 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
6451
6452 wpas_notify_supplicant_deinitialized(global);
6453
6454 eap_peer_unregister_methods();
6455 #ifdef CONFIG_AP
6456 eap_server_unregister_methods();
6457 #endif /* CONFIG_AP */
6458
6459 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
6460 if (!global->drv_priv[i])
6461 continue;
6462 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
6463 }
6464 os_free(global->drv_priv);
6465
6466 random_deinit();
6467
6468 eloop_destroy();
6469
6470 if (global->params.pid_file) {
6471 os_daemonize_terminate(global->params.pid_file);
6472 os_free(global->params.pid_file);
6473 }
6474 os_free(global->params.ctrl_interface);
6475 os_free(global->params.ctrl_interface_group);
6476 os_free(global->params.override_driver);
6477 os_free(global->params.override_ctrl_interface);
6478 #ifdef CONFIG_MATCH_IFACE
6479 os_free(global->params.match_ifaces);
6480 #endif /* CONFIG_MATCH_IFACE */
6481 #ifdef CONFIG_P2P
6482 os_free(global->params.conf_p2p_dev);
6483 #endif /* CONFIG_P2P */
6484
6485 os_free(global->p2p_disallow_freq.range);
6486 os_free(global->p2p_go_avoid_freq.range);
6487 os_free(global->add_psk);
6488
6489 os_free(global);
6490 wpa_debug_close_syslog();
6491 wpa_debug_close_file();
6492 wpa_debug_close_linux_tracing();
6493 }
6494
6495
6496 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6497 {
6498 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6499 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6500 char country[3];
6501 country[0] = wpa_s->conf->country[0];
6502 country[1] = wpa_s->conf->country[1];
6503 country[2] = '\0';
6504 if (wpa_drv_set_country(wpa_s, country) < 0) {
6505 wpa_printf(MSG_ERROR, "Failed to set country code "
6506 "'%s'", country);
6507 }
6508 }
6509
6510 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6511 wpas_init_ext_pw(wpa_s);
6512
6513 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6514 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6515
6516 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6517 struct wpa_driver_capa capa;
6518 int res = wpa_drv_get_capa(wpa_s, &capa);
6519
6520 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6521 wpa_printf(MSG_ERROR,
6522 "Failed to update wowlan_triggers to '%s'",
6523 wpa_s->conf->wowlan_triggers);
6524 }
6525
6526 #ifdef CONFIG_WPS
6527 wpas_wps_update_config(wpa_s);
6528 #endif /* CONFIG_WPS */
6529 wpas_p2p_update_config(wpa_s);
6530 wpa_s->conf->changed_parameters = 0;
6531 }
6532
6533
6534 void add_freq(int *freqs, int *num_freqs, int freq)
6535 {
6536 int i;
6537
6538 for (i = 0; i < *num_freqs; i++) {
6539 if (freqs[i] == freq)
6540 return;
6541 }
6542
6543 freqs[*num_freqs] = freq;
6544 (*num_freqs)++;
6545 }
6546
6547
6548 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6549 {
6550 struct wpa_bss *bss, *cbss;
6551 const int max_freqs = 10;
6552 int *freqs;
6553 int num_freqs = 0;
6554
6555 freqs = os_calloc(max_freqs + 1, sizeof(int));
6556 if (freqs == NULL)
6557 return NULL;
6558
6559 cbss = wpa_s->current_bss;
6560
6561 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6562 if (bss == cbss)
6563 continue;
6564 if (bss->ssid_len == cbss->ssid_len &&
6565 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6566 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6567 add_freq(freqs, &num_freqs, bss->freq);
6568 if (num_freqs == max_freqs)
6569 break;
6570 }
6571 }
6572
6573 if (num_freqs == 0) {
6574 os_free(freqs);
6575 freqs = NULL;
6576 }
6577
6578 return freqs;
6579 }
6580
6581
6582 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6583 {
6584 int timeout;
6585 int count;
6586 int *freqs = NULL;
6587
6588 wpas_connect_work_done(wpa_s);
6589
6590 /*
6591 * Remove possible authentication timeout since the connection failed.
6592 */
6593 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6594
6595 /*
6596 * There is no point in blacklisting the AP if this event is
6597 * generated based on local request to disconnect.
6598 */
6599 if (wpa_s->own_disconnect_req) {
6600 wpa_s->own_disconnect_req = 0;
6601 wpa_dbg(wpa_s, MSG_DEBUG,
6602 "Ignore connection failure due to local request to disconnect");
6603 return;
6604 }
6605 if (wpa_s->disconnected) {
6606 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6607 "indication since interface has been put into "
6608 "disconnected state");
6609 return;
6610 }
6611
6612 /*
6613 * Add the failed BSSID into the blacklist and speed up next scan
6614 * attempt if there could be other APs that could accept association.
6615 * The current blacklist count indicates how many times we have tried
6616 * connecting to this AP and multiple attempts mean that other APs are
6617 * either not available or has already been tried, so that we can start
6618 * increasing the delay here to avoid constant scanning.
6619 */
6620 count = wpa_blacklist_add(wpa_s, bssid);
6621 if (count == 1 && wpa_s->current_bss) {
6622 /*
6623 * This BSS was not in the blacklist before. If there is
6624 * another BSS available for the same ESS, we should try that
6625 * next. Otherwise, we may as well try this one once more
6626 * before allowing other, likely worse, ESSes to be considered.
6627 */
6628 freqs = get_bss_freqs_in_ess(wpa_s);
6629 if (freqs) {
6630 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6631 "has been seen; try it next");
6632 wpa_blacklist_add(wpa_s, bssid);
6633 /*
6634 * On the next scan, go through only the known channels
6635 * used in this ESS based on previous scans to speed up
6636 * common load balancing use case.
6637 */
6638 os_free(wpa_s->next_scan_freqs);
6639 wpa_s->next_scan_freqs = freqs;
6640 }
6641 }
6642
6643 /*
6644 * Add previous failure count in case the temporary blacklist was
6645 * cleared due to no other BSSes being available.
6646 */
6647 count += wpa_s->extra_blacklist_count;
6648
6649 if (count > 3 && wpa_s->current_ssid) {
6650 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6651 "consider temporary network disabling");
6652 wpas_auth_failed(wpa_s, "CONN_FAILED");
6653 }
6654
6655 switch (count) {
6656 case 1:
6657 timeout = 100;
6658 break;
6659 case 2:
6660 timeout = 500;
6661 break;
6662 case 3:
6663 timeout = 1000;
6664 break;
6665 case 4:
6666 timeout = 5000;
6667 break;
6668 default:
6669 timeout = 10000;
6670 break;
6671 }
6672
6673 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6674 "ms", count, timeout);
6675
6676 /*
6677 * TODO: if more than one possible AP is available in scan results,
6678 * could try the other ones before requesting a new scan.
6679 */
6680 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6681 1000 * (timeout % 1000));
6682 }
6683
6684
6685 #ifdef CONFIG_FILS
6686 void fils_connection_failure(struct wpa_supplicant *wpa_s)
6687 {
6688 struct wpa_ssid *ssid = wpa_s->current_ssid;
6689 const u8 *realm, *username, *rrk;
6690 size_t realm_len, username_len, rrk_len;
6691 u16 next_seq_num;
6692
6693 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
6694 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
6695 &username, &username_len,
6696 &realm, &realm_len, &next_seq_num,
6697 &rrk, &rrk_len) != 0 ||
6698 !realm)
6699 return;
6700
6701 wpa_hexdump_ascii(MSG_DEBUG,
6702 "FILS: Store last connection failure realm",
6703 realm, realm_len);
6704 os_free(wpa_s->last_con_fail_realm);
6705 wpa_s->last_con_fail_realm = os_malloc(realm_len);
6706 if (wpa_s->last_con_fail_realm) {
6707 wpa_s->last_con_fail_realm_len = realm_len;
6708 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
6709 }
6710 }
6711 #endif /* CONFIG_FILS */
6712
6713
6714 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6715 {
6716 return wpa_s->conf->ap_scan == 2 ||
6717 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6718 }
6719
6720
6721 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6722 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6723 struct wpa_ssid *ssid,
6724 const char *field,
6725 const char *value)
6726 {
6727 #ifdef IEEE8021X_EAPOL
6728 struct eap_peer_config *eap = &ssid->eap;
6729
6730 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6731 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6732 (const u8 *) value, os_strlen(value));
6733
6734 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6735 case WPA_CTRL_REQ_EAP_IDENTITY:
6736 os_free(eap->identity);
6737 eap->identity = (u8 *) os_strdup(value);
6738 eap->identity_len = os_strlen(value);
6739 eap->pending_req_identity = 0;
6740 if (ssid == wpa_s->current_ssid)
6741 wpa_s->reassociate = 1;
6742 break;
6743 case WPA_CTRL_REQ_EAP_PASSWORD:
6744 bin_clear_free(eap->password, eap->password_len);
6745 eap->password = (u8 *) os_strdup(value);
6746 eap->password_len = os_strlen(value);
6747 eap->pending_req_password = 0;
6748 if (ssid == wpa_s->current_ssid)
6749 wpa_s->reassociate = 1;
6750 break;
6751 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
6752 bin_clear_free(eap->new_password, eap->new_password_len);
6753 eap->new_password = (u8 *) os_strdup(value);
6754 eap->new_password_len = os_strlen(value);
6755 eap->pending_req_new_password = 0;
6756 if (ssid == wpa_s->current_ssid)
6757 wpa_s->reassociate = 1;
6758 break;
6759 case WPA_CTRL_REQ_EAP_PIN:
6760 str_clear_free(eap->pin);
6761 eap->pin = os_strdup(value);
6762 eap->pending_req_pin = 0;
6763 if (ssid == wpa_s->current_ssid)
6764 wpa_s->reassociate = 1;
6765 break;
6766 case WPA_CTRL_REQ_EAP_OTP:
6767 bin_clear_free(eap->otp, eap->otp_len);
6768 eap->otp = (u8 *) os_strdup(value);
6769 eap->otp_len = os_strlen(value);
6770 os_free(eap->pending_req_otp);
6771 eap->pending_req_otp = NULL;
6772 eap->pending_req_otp_len = 0;
6773 break;
6774 case WPA_CTRL_REQ_EAP_PASSPHRASE:
6775 str_clear_free(eap->private_key_passwd);
6776 eap->private_key_passwd = os_strdup(value);
6777 eap->pending_req_passphrase = 0;
6778 if (ssid == wpa_s->current_ssid)
6779 wpa_s->reassociate = 1;
6780 break;
6781 case WPA_CTRL_REQ_SIM:
6782 str_clear_free(eap->external_sim_resp);
6783 eap->external_sim_resp = os_strdup(value);
6784 eap->pending_req_sim = 0;
6785 break;
6786 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6787 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6788 return -1;
6789 ssid->mem_only_psk = 1;
6790 if (ssid->passphrase)
6791 wpa_config_update_psk(ssid);
6792 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6793 wpa_supplicant_req_scan(wpa_s, 0, 0);
6794 break;
6795 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6796 if (eap->pending_ext_cert_check != PENDING_CHECK)
6797 return -1;
6798 if (os_strcmp(value, "good") == 0)
6799 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6800 else if (os_strcmp(value, "bad") == 0)
6801 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6802 else
6803 return -1;
6804 break;
6805 default:
6806 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6807 return -1;
6808 }
6809
6810 return 0;
6811 #else /* IEEE8021X_EAPOL */
6812 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6813 return -1;
6814 #endif /* IEEE8021X_EAPOL */
6815 }
6816 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6817
6818
6819 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6820 {
6821 int i;
6822 unsigned int drv_enc;
6823
6824 if (wpa_s->p2p_mgmt)
6825 return 1; /* no normal network profiles on p2p_mgmt interface */
6826
6827 if (ssid == NULL)
6828 return 1;
6829
6830 if (ssid->disabled)
6831 return 1;
6832
6833 if (wpa_s->drv_capa_known)
6834 drv_enc = wpa_s->drv_enc;
6835 else
6836 drv_enc = (unsigned int) -1;
6837
6838 for (i = 0; i < NUM_WEP_KEYS; i++) {
6839 size_t len = ssid->wep_key_len[i];
6840 if (len == 0)
6841 continue;
6842 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6843 continue;
6844 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6845 continue;
6846 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6847 continue;
6848 return 1; /* invalid WEP key */
6849 }
6850
6851 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
6852 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
6853 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
6854 !ssid->mem_only_psk)
6855 return 1;
6856
6857 return 0;
6858 }
6859
6860
6861 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6862 {
6863 #ifdef CONFIG_IEEE80211W
6864 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6865 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6866 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6867 /*
6868 * Driver does not support BIP -- ignore pmf=1 default
6869 * since the connection with PMF would fail and the
6870 * configuration does not require PMF to be enabled.
6871 */
6872 return NO_MGMT_FRAME_PROTECTION;
6873 }
6874
6875 if (ssid &&
6876 (ssid->key_mgmt &
6877 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6878 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6879 /*
6880 * Do not use the default PMF value for non-RSN networks
6881 * since PMF is available only with RSN and pmf=2
6882 * configuration would otherwise prevent connections to
6883 * all open networks.
6884 */
6885 return NO_MGMT_FRAME_PROTECTION;
6886 }
6887
6888 return wpa_s->conf->pmf;
6889 }
6890
6891 return ssid->ieee80211w;
6892 #else /* CONFIG_IEEE80211W */
6893 return NO_MGMT_FRAME_PROTECTION;
6894 #endif /* CONFIG_IEEE80211W */
6895 }
6896
6897
6898 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6899 {
6900 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6901 return 1;
6902 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6903 return 0;
6904 return -1;
6905 }
6906
6907
6908 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
6909 {
6910 struct wpa_ssid *ssid = wpa_s->current_ssid;
6911 int dur;
6912 struct os_reltime now;
6913
6914 if (ssid == NULL) {
6915 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6916 "SSID block");
6917 return;
6918 }
6919
6920 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6921 return;
6922
6923 ssid->auth_failures++;
6924
6925 #ifdef CONFIG_P2P
6926 if (ssid->p2p_group &&
6927 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6928 /*
6929 * Skip the wait time since there is a short timeout on the
6930 * connection to a P2P group.
6931 */
6932 return;
6933 }
6934 #endif /* CONFIG_P2P */
6935
6936 if (ssid->auth_failures > 50)
6937 dur = 300;
6938 else if (ssid->auth_failures > 10)
6939 dur = 120;
6940 else if (ssid->auth_failures > 5)
6941 dur = 90;
6942 else if (ssid->auth_failures > 3)
6943 dur = 60;
6944 else if (ssid->auth_failures > 2)
6945 dur = 30;
6946 else if (ssid->auth_failures > 1)
6947 dur = 20;
6948 else
6949 dur = 10;
6950
6951 if (ssid->auth_failures > 1 &&
6952 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6953 dur += os_random() % (ssid->auth_failures * 10);
6954
6955 os_get_reltime(&now);
6956 if (now.sec + dur <= ssid->disabled_until.sec)
6957 return;
6958
6959 ssid->disabled_until.sec = now.sec + dur;
6960
6961 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
6962 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6963 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
6964 ssid->auth_failures, dur, reason);
6965 }
6966
6967
6968 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6969 struct wpa_ssid *ssid, int clear_failures)
6970 {
6971 if (ssid == NULL)
6972 return;
6973
6974 if (ssid->disabled_until.sec) {
6975 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6976 "id=%d ssid=\"%s\"",
6977 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6978 }
6979 ssid->disabled_until.sec = 0;
6980 ssid->disabled_until.usec = 0;
6981 if (clear_failures)
6982 ssid->auth_failures = 0;
6983 }
6984
6985
6986 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6987 {
6988 size_t i;
6989
6990 if (wpa_s->disallow_aps_bssid == NULL)
6991 return 0;
6992
6993 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6994 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6995 bssid, ETH_ALEN) == 0)
6996 return 1;
6997 }
6998
6999 return 0;
7000 }
7001
7002
7003 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7004 size_t ssid_len)
7005 {
7006 size_t i;
7007
7008 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7009 return 0;
7010
7011 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7012 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7013 if (ssid_len == s->ssid_len &&
7014 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7015 return 1;
7016 }
7017
7018 return 0;
7019 }
7020
7021
7022 /**
7023 * wpas_request_connection - Request a new connection
7024 * @wpa_s: Pointer to the network interface
7025 *
7026 * This function is used to request a new connection to be found. It will mark
7027 * the interface to allow reassociation and request a new scan to find a
7028 * suitable network to connect to.
7029 */
7030 void wpas_request_connection(struct wpa_supplicant *wpa_s)
7031 {
7032 wpa_s->normal_scans = 0;
7033 wpa_s->scan_req = NORMAL_SCAN_REQ;
7034 wpa_supplicant_reinit_autoscan(wpa_s);
7035 wpa_s->extra_blacklist_count = 0;
7036 wpa_s->disconnected = 0;
7037 wpa_s->reassociate = 1;
7038 wpa_s->last_owe_group = 0;
7039
7040 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7041 wpa_supplicant_req_scan(wpa_s, 0, 0);
7042 else
7043 wpa_s->reattach = 0;
7044 }
7045
7046
7047 /**
7048 * wpas_request_disconnection - Request disconnection
7049 * @wpa_s: Pointer to the network interface
7050 *
7051 * This function is used to request disconnection from the currently connected
7052 * network. This will stop any ongoing scans and initiate deauthentication.
7053 */
7054 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7055 {
7056 #ifdef CONFIG_SME
7057 wpa_s->sme.prev_bssid_set = 0;
7058 #endif /* CONFIG_SME */
7059 wpa_s->reassociate = 0;
7060 wpa_s->disconnected = 1;
7061 wpa_supplicant_cancel_sched_scan(wpa_s);
7062 wpa_supplicant_cancel_scan(wpa_s);
7063 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7064 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
7065 }
7066
7067
7068 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7069 struct wpa_used_freq_data *freqs_data,
7070 unsigned int len)
7071 {
7072 unsigned int i;
7073
7074 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7075 len, title);
7076 for (i = 0; i < len; i++) {
7077 struct wpa_used_freq_data *cur = &freqs_data[i];
7078 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7079 i, cur->freq, cur->flags);
7080 }
7081 }
7082
7083
7084 /*
7085 * Find the operating frequencies of any of the virtual interfaces that
7086 * are using the same radio as the current interface, and in addition, get
7087 * information about the interface types that are using the frequency.
7088 */
7089 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7090 struct wpa_used_freq_data *freqs_data,
7091 unsigned int len)
7092 {
7093 struct wpa_supplicant *ifs;
7094 u8 bssid[ETH_ALEN];
7095 int freq;
7096 unsigned int idx = 0, i;
7097
7098 wpa_dbg(wpa_s, MSG_DEBUG,
7099 "Determining shared radio frequencies (max len %u)", len);
7100 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
7101
7102 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7103 radio_list) {
7104 if (idx == len)
7105 break;
7106
7107 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7108 continue;
7109
7110 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
7111 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7112 ifs->current_ssid->mode == WPAS_MODE_MESH)
7113 freq = ifs->current_ssid->frequency;
7114 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7115 freq = ifs->assoc_freq;
7116 else
7117 continue;
7118
7119 /* Hold only distinct freqs */
7120 for (i = 0; i < idx; i++)
7121 if (freqs_data[i].freq == freq)
7122 break;
7123
7124 if (i == idx)
7125 freqs_data[idx++].freq = freq;
7126
7127 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
7128 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
7129 WPA_FREQ_USED_BY_P2P_CLIENT :
7130 WPA_FREQ_USED_BY_INFRA_STATION;
7131 }
7132 }
7133
7134 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
7135 return idx;
7136 }
7137
7138
7139 /*
7140 * Find the operating frequencies of any of the virtual interfaces that
7141 * are using the same radio as the current interface.
7142 */
7143 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7144 int *freq_array, unsigned int len)
7145 {
7146 struct wpa_used_freq_data *freqs_data;
7147 int num, i;
7148
7149 os_memset(freq_array, 0, sizeof(int) * len);
7150
7151 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7152 if (!freqs_data)
7153 return -1;
7154
7155 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7156 for (i = 0; i < num; i++)
7157 freq_array[i] = freqs_data[i].freq;
7158
7159 os_free(freqs_data);
7160
7161 return num;
7162 }
7163
7164
7165 struct wpa_supplicant *
7166 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7167 {
7168 switch (frame) {
7169 #ifdef CONFIG_P2P
7170 case VENDOR_ELEM_PROBE_REQ_P2P:
7171 case VENDOR_ELEM_PROBE_RESP_P2P:
7172 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7173 case VENDOR_ELEM_BEACON_P2P_GO:
7174 case VENDOR_ELEM_P2P_PD_REQ:
7175 case VENDOR_ELEM_P2P_PD_RESP:
7176 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7177 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7178 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7179 case VENDOR_ELEM_P2P_INV_REQ:
7180 case VENDOR_ELEM_P2P_INV_RESP:
7181 case VENDOR_ELEM_P2P_ASSOC_REQ:
7182 case VENDOR_ELEM_P2P_ASSOC_RESP:
7183 return wpa_s->p2pdev;
7184 #endif /* CONFIG_P2P */
7185 default:
7186 return wpa_s;
7187 }
7188 }
7189
7190
7191 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7192 {
7193 unsigned int i;
7194 char buf[30];
7195
7196 wpa_printf(MSG_DEBUG, "Update vendor elements");
7197
7198 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7199 if (wpa_s->vendor_elem[i]) {
7200 int res;
7201
7202 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7203 if (!os_snprintf_error(sizeof(buf), res)) {
7204 wpa_hexdump_buf(MSG_DEBUG, buf,
7205 wpa_s->vendor_elem[i]);
7206 }
7207 }
7208 }
7209
7210 #ifdef CONFIG_P2P
7211 if (wpa_s->parent == wpa_s &&
7212 wpa_s->global->p2p &&
7213 !wpa_s->global->p2p_disabled)
7214 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7215 #endif /* CONFIG_P2P */
7216 }
7217
7218
7219 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7220 const u8 *elem, size_t len)
7221 {
7222 u8 *ie, *end;
7223
7224 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7225 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7226
7227 for (; ie + 1 < end; ie += 2 + ie[1]) {
7228 if (ie + len > end)
7229 break;
7230 if (os_memcmp(ie, elem, len) != 0)
7231 continue;
7232
7233 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7234 wpabuf_free(wpa_s->vendor_elem[frame]);
7235 wpa_s->vendor_elem[frame] = NULL;
7236 } else {
7237 os_memmove(ie, ie + len, end - (ie + len));
7238 wpa_s->vendor_elem[frame]->used -= len;
7239 }
7240 wpas_vendor_elem_update(wpa_s);
7241 return 0;
7242 }
7243
7244 return -1;
7245 }
7246
7247
7248 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7249 u16 num_modes, enum hostapd_hw_mode mode)
7250 {
7251 u16 i;
7252
7253 for (i = 0; i < num_modes; i++) {
7254 if (modes[i].mode == mode)
7255 return &modes[i];
7256 }
7257
7258 return NULL;
7259 }
7260
7261
7262 static struct
7263 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7264 const u8 *bssid)
7265 {
7266 struct wpa_bss_tmp_disallowed *bss;
7267
7268 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7269 struct wpa_bss_tmp_disallowed, list) {
7270 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7271 return bss;
7272 }
7273
7274 return NULL;
7275 }
7276
7277
7278 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7279 {
7280 struct wpa_bss_tmp_disallowed *tmp;
7281 unsigned int num_bssid = 0;
7282 u8 *bssids;
7283 int ret;
7284
7285 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7286 if (!bssids)
7287 return -1;
7288 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7289 struct wpa_bss_tmp_disallowed, list) {
7290 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7291 ETH_ALEN);
7292 num_bssid++;
7293 }
7294 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7295 os_free(bssids);
7296 return ret;
7297 }
7298
7299
7300 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7301 {
7302 struct wpa_supplicant *wpa_s = eloop_ctx;
7303 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7304
7305 /* Make sure the bss is not already freed */
7306 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7307 struct wpa_bss_tmp_disallowed, list) {
7308 if (bss == tmp) {
7309 dl_list_del(&tmp->list);
7310 os_free(tmp);
7311 wpa_set_driver_tmp_disallow_list(wpa_s);
7312 break;
7313 }
7314 }
7315 }
7316
7317
7318 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7319 unsigned int sec, int rssi_threshold)
7320 {
7321 struct wpa_bss_tmp_disallowed *bss;
7322
7323 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7324 if (bss) {
7325 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7326 goto finish;
7327 }
7328
7329 bss = os_malloc(sizeof(*bss));
7330 if (!bss) {
7331 wpa_printf(MSG_DEBUG,
7332 "Failed to allocate memory for temp disallow BSS");
7333 return;
7334 }
7335
7336 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7337 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
7338 wpa_set_driver_tmp_disallow_list(wpa_s);
7339
7340 finish:
7341 bss->rssi_threshold = rssi_threshold;
7342 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7343 wpa_s, bss);
7344 }
7345
7346
7347 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7348 struct wpa_bss *bss)
7349 {
7350 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
7351
7352 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7353 struct wpa_bss_tmp_disallowed, list) {
7354 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7355 disallowed = tmp;
7356 break;
7357 }
7358 }
7359 if (!disallowed)
7360 return 0;
7361
7362 if (disallowed->rssi_threshold != 0 &&
7363 bss->level > disallowed->rssi_threshold)
7364 return 0;
7365
7366 return 1;
7367 }
Unnamed repository; edit this file 'description' to name the repository.