]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Complete sme-connect radio work when clearing connection state
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
23 #include "eloop.h"
24 #include "config.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
28 #include "driver_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "p2p/p2p.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
40 #include "ibss_rsn.h"
41 #include "sme.h"
42 #include "gas_query.h"
43 #include "ap.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
46 #include "notify.h"
47 #include "bgscan.h"
48 #include "autoscan.h"
49 #include "bss.h"
50 #include "scan.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
53 #include "wnm_sta.h"
54 #include "wpas_kay.h"
55
56 const char *wpa_supplicant_version =
57 "wpa_supplicant v" VERSION_STR "\n"
58 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59
60 const char *wpa_supplicant_license =
61 "This software may be distributed under the terms of the BSD license.\n"
62 "See README for more details.\n"
63 #ifdef EAP_TLS_OPENSSL
64 "\nThis product includes software developed by the OpenSSL Project\n"
65 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
66 #endif /* EAP_TLS_OPENSSL */
67 ;
68
69 #ifndef CONFIG_NO_STDOUT_DEBUG
70 /* Long text divided into parts in order to fit in C89 strings size limits. */
71 const char *wpa_supplicant_full_license1 =
72 "";
73 const char *wpa_supplicant_full_license2 =
74 "This software may be distributed under the terms of the BSD license.\n"
75 "\n"
76 "Redistribution and use in source and binary forms, with or without\n"
77 "modification, are permitted provided that the following conditions are\n"
78 "met:\n"
79 "\n";
80 const char *wpa_supplicant_full_license3 =
81 "1. Redistributions of source code must retain the above copyright\n"
82 " notice, this list of conditions and the following disclaimer.\n"
83 "\n"
84 "2. Redistributions in binary form must reproduce the above copyright\n"
85 " notice, this list of conditions and the following disclaimer in the\n"
86 " documentation and/or other materials provided with the distribution.\n"
87 "\n";
88 const char *wpa_supplicant_full_license4 =
89 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
90 " names of its contributors may be used to endorse or promote products\n"
91 " derived from this software without specific prior written permission.\n"
92 "\n"
93 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
94 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
95 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
96 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
97 const char *wpa_supplicant_full_license5 =
98 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
99 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
100 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
101 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
102 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
103 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
104 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 "\n";
106 #endif /* CONFIG_NO_STDOUT_DEBUG */
107
108 /* Configure default/group WEP keys for static WEP */
109 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
110 {
111 int i, set = 0;
112
113 for (i = 0; i < NUM_WEP_KEYS; i++) {
114 if (ssid->wep_key_len[i] == 0)
115 continue;
116
117 set = 1;
118 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
119 i, i == ssid->wep_tx_keyidx, NULL, 0,
120 ssid->wep_key[i], ssid->wep_key_len[i]);
121 }
122
123 return set;
124 }
125
126
127 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
128 struct wpa_ssid *ssid)
129 {
130 u8 key[32];
131 size_t keylen;
132 enum wpa_alg alg;
133 u8 seq[6] = { 0 };
134
135 /* IBSS/WPA-None uses only one key (Group) for both receiving and
136 * sending unicast and multicast packets. */
137
138 if (ssid->mode != WPAS_MODE_IBSS) {
139 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
140 "IBSS/ad-hoc) for WPA-None", ssid->mode);
141 return -1;
142 }
143
144 if (!ssid->psk_set) {
145 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
146 "WPA-None");
147 return -1;
148 }
149
150 switch (wpa_s->group_cipher) {
151 case WPA_CIPHER_CCMP:
152 os_memcpy(key, ssid->psk, 16);
153 keylen = 16;
154 alg = WPA_ALG_CCMP;
155 break;
156 case WPA_CIPHER_GCMP:
157 os_memcpy(key, ssid->psk, 16);
158 keylen = 16;
159 alg = WPA_ALG_GCMP;
160 break;
161 case WPA_CIPHER_TKIP:
162 /* WPA-None uses the same Michael MIC key for both TX and RX */
163 os_memcpy(key, ssid->psk, 16 + 8);
164 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
165 keylen = 32;
166 alg = WPA_ALG_TKIP;
167 break;
168 default:
169 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
170 "WPA-None", wpa_s->group_cipher);
171 return -1;
172 }
173
174 /* TODO: should actually remember the previously used seq#, both for TX
175 * and RX from each STA.. */
176
177 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
178 }
179
180
181 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 {
183 struct wpa_supplicant *wpa_s = eloop_ctx;
184 const u8 *bssid = wpa_s->bssid;
185 if (is_zero_ether_addr(bssid))
186 bssid = wpa_s->pending_bssid;
187 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 MAC2STR(bssid));
189 wpa_blacklist_add(wpa_s, bssid);
190 wpa_sm_notify_disassoc(wpa_s->wpa);
191 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
192 wpa_s->reassociate = 1;
193
194 /*
195 * If we timed out, the AP or the local radio may be busy.
196 * So, wait a second until scanning again.
197 */
198 wpa_supplicant_req_scan(wpa_s, 1, 0);
199 }
200
201
202 /**
203 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
204 * @wpa_s: Pointer to wpa_supplicant data
205 * @sec: Number of seconds after which to time out authentication
206 * @usec: Number of microseconds after which to time out authentication
207 *
208 * This function is used to schedule a timeout for the current authentication
209 * attempt.
210 */
211 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
212 int sec, int usec)
213 {
214 if (wpa_s->conf->ap_scan == 0 &&
215 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
216 return;
217
218 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
219 "%d usec", sec, usec);
220 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
221 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
222 }
223
224
225 /**
226 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
227 * @wpa_s: Pointer to wpa_supplicant data
228 *
229 * This function is used to cancel authentication timeout scheduled with
230 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
231 * been completed.
232 */
233 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 {
235 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
236 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
237 wpa_blacklist_del(wpa_s, wpa_s->bssid);
238 }
239
240
241 /**
242 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
243 * @wpa_s: Pointer to wpa_supplicant data
244 *
245 * This function is used to configure EAPOL state machine based on the selected
246 * authentication mode.
247 */
248 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 {
250 #ifdef IEEE8021X_EAPOL
251 struct eapol_config eapol_conf;
252 struct wpa_ssid *ssid = wpa_s->current_ssid;
253
254 #ifdef CONFIG_IBSS_RSN
255 if (ssid->mode == WPAS_MODE_IBSS &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
257 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 /*
259 * RSN IBSS authentication is per-STA and we can disable the
260 * per-BSSID EAPOL authentication.
261 */
262 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
263 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
264 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
265 return;
266 }
267 #endif /* CONFIG_IBSS_RSN */
268
269 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271
272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
273 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 else
276 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277
278 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
279 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
280 eapol_conf.accept_802_1x_keys = 1;
281 eapol_conf.required_keys = 0;
282 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
283 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 }
285 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
286 eapol_conf.required_keys |=
287 EAPOL_REQUIRE_KEY_BROADCAST;
288 }
289
290 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
291 eapol_conf.required_keys = 0;
292 }
293 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
294 eapol_conf.workaround = ssid->eap_workaround;
295 eapol_conf.eap_disabled =
296 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
298 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
299 eapol_conf.external_sim = wpa_s->conf->external_sim;
300 eapol_conf.wps = wpa_s->key_mgmt == WPA_KEY_MGMT_WPS;
301 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
302 #endif /* IEEE8021X_EAPOL */
303
304 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
305 }
306
307
308 /**
309 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
310 * @wpa_s: Pointer to wpa_supplicant data
311 * @ssid: Configuration data for the network
312 *
313 * This function is used to configure WPA state machine and related parameters
314 * to a mode where WPA is not enabled. This is called as part of the
315 * authentication configuration when the selected network does not use WPA.
316 */
317 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
318 struct wpa_ssid *ssid)
319 {
320 int i;
321
322 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
323 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
324 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
325 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
326 else
327 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
328 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
329 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
330 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
331 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
332 wpa_s->group_cipher = WPA_CIPHER_NONE;
333 wpa_s->mgmt_group_cipher = 0;
334
335 for (i = 0; i < NUM_WEP_KEYS; i++) {
336 if (ssid->wep_key_len[i] > 5) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
338 wpa_s->group_cipher = WPA_CIPHER_WEP104;
339 break;
340 } else if (ssid->wep_key_len[i] > 0) {
341 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
342 wpa_s->group_cipher = WPA_CIPHER_WEP40;
343 break;
344 }
345 }
346
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
350 wpa_s->pairwise_cipher);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
352 #ifdef CONFIG_IEEE80211W
353 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
354 wpa_s->mgmt_group_cipher);
355 #endif /* CONFIG_IEEE80211W */
356
357 pmksa_cache_clear_current(wpa_s->wpa);
358 }
359
360
361 void free_hw_features(struct wpa_supplicant *wpa_s)
362 {
363 int i;
364 if (wpa_s->hw.modes == NULL)
365 return;
366
367 for (i = 0; i < wpa_s->hw.num_modes; i++) {
368 os_free(wpa_s->hw.modes[i].channels);
369 os_free(wpa_s->hw.modes[i].rates);
370 }
371
372 os_free(wpa_s->hw.modes);
373 wpa_s->hw.modes = NULL;
374 }
375
376
377 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
378 {
379 int i;
380
381 bgscan_deinit(wpa_s);
382 autoscan_deinit(wpa_s);
383 scard_deinit(wpa_s->scard);
384 wpa_s->scard = NULL;
385 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
386 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
387 l2_packet_deinit(wpa_s->l2);
388 wpa_s->l2 = NULL;
389 if (wpa_s->l2_br) {
390 l2_packet_deinit(wpa_s->l2_br);
391 wpa_s->l2_br = NULL;
392 }
393
394 if (wpa_s->conf != NULL) {
395 struct wpa_ssid *ssid;
396 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
397 wpas_notify_network_removed(wpa_s, ssid);
398 }
399
400 os_free(wpa_s->confname);
401 wpa_s->confname = NULL;
402
403 os_free(wpa_s->confanother);
404 wpa_s->confanother = NULL;
405
406 wpa_sm_set_eapol(wpa_s->wpa, NULL);
407 eapol_sm_deinit(wpa_s->eapol);
408 wpa_s->eapol = NULL;
409
410 rsn_preauth_deinit(wpa_s->wpa);
411
412 #ifdef CONFIG_TDLS
413 wpa_tdls_deinit(wpa_s->wpa);
414 #endif /* CONFIG_TDLS */
415
416 pmksa_candidate_free(wpa_s->wpa);
417 wpa_sm_deinit(wpa_s->wpa);
418 wpa_s->wpa = NULL;
419 wpa_blacklist_clear(wpa_s);
420
421 wpa_bss_deinit(wpa_s);
422
423 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
424 wpa_supplicant_cancel_scan(wpa_s);
425 wpa_supplicant_cancel_auth_timeout(wpa_s);
426 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
427 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
428 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
429 wpa_s, NULL);
430 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
431
432 wpas_wps_deinit(wpa_s);
433
434 wpabuf_free(wpa_s->pending_eapol_rx);
435 wpa_s->pending_eapol_rx = NULL;
436
437 #ifdef CONFIG_IBSS_RSN
438 ibss_rsn_deinit(wpa_s->ibss_rsn);
439 wpa_s->ibss_rsn = NULL;
440 #endif /* CONFIG_IBSS_RSN */
441
442 sme_deinit(wpa_s);
443
444 #ifdef CONFIG_AP
445 wpa_supplicant_ap_deinit(wpa_s);
446 #endif /* CONFIG_AP */
447
448 wpas_p2p_deinit(wpa_s);
449
450 #ifdef CONFIG_OFFCHANNEL
451 offchannel_deinit(wpa_s);
452 #endif /* CONFIG_OFFCHANNEL */
453
454 wpa_supplicant_cancel_sched_scan(wpa_s);
455
456 os_free(wpa_s->next_scan_freqs);
457 wpa_s->next_scan_freqs = NULL;
458
459 os_free(wpa_s->manual_scan_freqs);
460 wpa_s->manual_scan_freqs = NULL;
461
462 os_free(wpa_s->manual_sched_scan_freqs);
463 wpa_s->manual_sched_scan_freqs = NULL;
464
465 gas_query_deinit(wpa_s->gas);
466 wpa_s->gas = NULL;
467
468 free_hw_features(wpa_s);
469
470 ieee802_1x_dealloc_kay_sm(wpa_s);
471
472 os_free(wpa_s->bssid_filter);
473 wpa_s->bssid_filter = NULL;
474
475 os_free(wpa_s->disallow_aps_bssid);
476 wpa_s->disallow_aps_bssid = NULL;
477 os_free(wpa_s->disallow_aps_ssid);
478 wpa_s->disallow_aps_ssid = NULL;
479
480 wnm_bss_keep_alive_deinit(wpa_s);
481 #ifdef CONFIG_WNM
482 wnm_deallocate_memory(wpa_s);
483 #endif /* CONFIG_WNM */
484
485 ext_password_deinit(wpa_s->ext_pw);
486 wpa_s->ext_pw = NULL;
487
488 wpabuf_free(wpa_s->last_gas_resp);
489 wpa_s->last_gas_resp = NULL;
490 wpabuf_free(wpa_s->prev_gas_resp);
491 wpa_s->prev_gas_resp = NULL;
492
493 os_free(wpa_s->last_scan_res);
494 wpa_s->last_scan_res = NULL;
495
496 #ifdef CONFIG_HS20
497 hs20_deinit(wpa_s);
498 #endif /* CONFIG_HS20 */
499
500 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
501 wpabuf_free(wpa_s->vendor_elem[i]);
502 wpa_s->vendor_elem[i] = NULL;
503 }
504 }
505
506
507 /**
508 * wpa_clear_keys - Clear keys configured for the driver
509 * @wpa_s: Pointer to wpa_supplicant data
510 * @addr: Previously used BSSID or %NULL if not available
511 *
512 * This function clears the encryption keys that has been previously configured
513 * for the driver.
514 */
515 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
516 {
517 int i, max;
518
519 #ifdef CONFIG_IEEE80211W
520 max = 6;
521 #else /* CONFIG_IEEE80211W */
522 max = 4;
523 #endif /* CONFIG_IEEE80211W */
524
525 /* MLME-DELETEKEYS.request */
526 for (i = 0; i < max; i++) {
527 if (wpa_s->keys_cleared & BIT(i))
528 continue;
529 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
530 NULL, 0);
531 }
532 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
533 !is_zero_ether_addr(addr)) {
534 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
535 0);
536 /* MLME-SETPROTECTION.request(None) */
537 wpa_drv_mlme_setprotection(
538 wpa_s, addr,
539 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
540 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
541 }
542 wpa_s->keys_cleared = (u32) -1;
543 }
544
545
546 /**
547 * wpa_supplicant_state_txt - Get the connection state name as a text string
548 * @state: State (wpa_state; WPA_*)
549 * Returns: The state name as a printable text string
550 */
551 const char * wpa_supplicant_state_txt(enum wpa_states state)
552 {
553 switch (state) {
554 case WPA_DISCONNECTED:
555 return "DISCONNECTED";
556 case WPA_INACTIVE:
557 return "INACTIVE";
558 case WPA_INTERFACE_DISABLED:
559 return "INTERFACE_DISABLED";
560 case WPA_SCANNING:
561 return "SCANNING";
562 case WPA_AUTHENTICATING:
563 return "AUTHENTICATING";
564 case WPA_ASSOCIATING:
565 return "ASSOCIATING";
566 case WPA_ASSOCIATED:
567 return "ASSOCIATED";
568 case WPA_4WAY_HANDSHAKE:
569 return "4WAY_HANDSHAKE";
570 case WPA_GROUP_HANDSHAKE:
571 return "GROUP_HANDSHAKE";
572 case WPA_COMPLETED:
573 return "COMPLETED";
574 default:
575 return "UNKNOWN";
576 }
577 }
578
579
580 #ifdef CONFIG_BGSCAN
581
582 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
583 {
584 const char *name;
585
586 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
587 name = wpa_s->current_ssid->bgscan;
588 else
589 name = wpa_s->conf->bgscan;
590 if (name == NULL || name[0] == '\0')
591 return;
592 if (wpas_driver_bss_selection(wpa_s))
593 return;
594 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
595 return;
596 #ifdef CONFIG_P2P
597 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
598 return;
599 #endif /* CONFIG_P2P */
600
601 bgscan_deinit(wpa_s);
602 if (wpa_s->current_ssid) {
603 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
604 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
605 "bgscan");
606 /*
607 * Live without bgscan; it is only used as a roaming
608 * optimization, so the initial connection is not
609 * affected.
610 */
611 } else {
612 struct wpa_scan_results *scan_res;
613 wpa_s->bgscan_ssid = wpa_s->current_ssid;
614 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
615 0);
616 if (scan_res) {
617 bgscan_notify_scan(wpa_s, scan_res);
618 wpa_scan_results_free(scan_res);
619 }
620 }
621 } else
622 wpa_s->bgscan_ssid = NULL;
623 }
624
625
626 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
627 {
628 if (wpa_s->bgscan_ssid != NULL) {
629 bgscan_deinit(wpa_s);
630 wpa_s->bgscan_ssid = NULL;
631 }
632 }
633
634 #endif /* CONFIG_BGSCAN */
635
636
637 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
638 {
639 if (autoscan_init(wpa_s, 0))
640 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
641 }
642
643
644 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
645 {
646 autoscan_deinit(wpa_s);
647 }
648
649
650 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
651 {
652 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
653 wpa_s->wpa_state == WPA_SCANNING) {
654 autoscan_deinit(wpa_s);
655 wpa_supplicant_start_autoscan(wpa_s);
656 }
657 }
658
659
660 /**
661 * wpa_supplicant_set_state - Set current connection state
662 * @wpa_s: Pointer to wpa_supplicant data
663 * @state: The new connection state
664 *
665 * This function is called whenever the connection state changes, e.g.,
666 * association is completed for WPA/WPA2 4-Way Handshake is started.
667 */
668 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
669 enum wpa_states state)
670 {
671 enum wpa_states old_state = wpa_s->wpa_state;
672
673 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
674 wpa_supplicant_state_txt(wpa_s->wpa_state),
675 wpa_supplicant_state_txt(state));
676
677 if (state == WPA_INTERFACE_DISABLED) {
678 /* Assure normal scan when interface is restored */
679 wpa_s->normal_scans = 0;
680 }
681
682 if (state == WPA_COMPLETED) {
683 wpas_connect_work_done(wpa_s);
684 /* Reinitialize normal_scan counter */
685 wpa_s->normal_scans = 0;
686 }
687
688 if (state != WPA_SCANNING)
689 wpa_supplicant_notify_scanning(wpa_s, 0);
690
691 if (state == WPA_COMPLETED && wpa_s->new_connection) {
692 struct wpa_ssid *ssid = wpa_s->current_ssid;
693 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
694 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
695 MACSTR " completed [id=%d id_str=%s]",
696 MAC2STR(wpa_s->bssid),
697 ssid ? ssid->id : -1,
698 ssid && ssid->id_str ? ssid->id_str : "");
699 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
700 wpas_clear_temp_disabled(wpa_s, ssid, 1);
701 wpa_s->extra_blacklist_count = 0;
702 wpa_s->new_connection = 0;
703 wpa_drv_set_operstate(wpa_s, 1);
704 #ifndef IEEE8021X_EAPOL
705 wpa_drv_set_supp_port(wpa_s, 1);
706 #endif /* IEEE8021X_EAPOL */
707 wpa_s->after_wps = 0;
708 wpa_s->known_wps_freq = 0;
709 wpas_p2p_completed(wpa_s);
710
711 sme_sched_obss_scan(wpa_s, 1);
712 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
713 state == WPA_ASSOCIATED) {
714 wpa_s->new_connection = 1;
715 wpa_drv_set_operstate(wpa_s, 0);
716 #ifndef IEEE8021X_EAPOL
717 wpa_drv_set_supp_port(wpa_s, 0);
718 #endif /* IEEE8021X_EAPOL */
719 sme_sched_obss_scan(wpa_s, 0);
720 }
721 wpa_s->wpa_state = state;
722
723 #ifdef CONFIG_BGSCAN
724 if (state == WPA_COMPLETED)
725 wpa_supplicant_start_bgscan(wpa_s);
726 else if (state < WPA_ASSOCIATED)
727 wpa_supplicant_stop_bgscan(wpa_s);
728 #endif /* CONFIG_BGSCAN */
729
730 if (state == WPA_AUTHENTICATING)
731 wpa_supplicant_stop_autoscan(wpa_s);
732
733 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
734 wpa_supplicant_start_autoscan(wpa_s);
735
736 if (wpa_s->wpa_state != old_state) {
737 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
738
739 /*
740 * Notify the P2P Device interface about a state change in one
741 * of the interfaces.
742 */
743 wpas_p2p_indicate_state_change(wpa_s);
744
745 if (wpa_s->wpa_state == WPA_COMPLETED ||
746 old_state == WPA_COMPLETED)
747 wpas_notify_auth_changed(wpa_s);
748 }
749 }
750
751
752 void wpa_supplicant_terminate_proc(struct wpa_global *global)
753 {
754 int pending = 0;
755 #ifdef CONFIG_WPS
756 struct wpa_supplicant *wpa_s = global->ifaces;
757 while (wpa_s) {
758 struct wpa_supplicant *next = wpa_s->next;
759 if (wpas_wps_terminate_pending(wpa_s) == 1)
760 pending = 1;
761 #ifdef CONFIG_P2P
762 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
763 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
764 wpas_p2p_disconnect(wpa_s);
765 #endif /* CONFIG_P2P */
766 wpa_s = next;
767 }
768 #endif /* CONFIG_WPS */
769 if (pending)
770 return;
771 eloop_terminate();
772 }
773
774
775 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
776 {
777 struct wpa_global *global = signal_ctx;
778 wpa_supplicant_terminate_proc(global);
779 }
780
781
782 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
783 {
784 enum wpa_states old_state = wpa_s->wpa_state;
785
786 wpa_s->pairwise_cipher = 0;
787 wpa_s->group_cipher = 0;
788 wpa_s->mgmt_group_cipher = 0;
789 wpa_s->key_mgmt = 0;
790 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
791 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
792
793 if (wpa_s->wpa_state != old_state)
794 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
795 }
796
797
798 /**
799 * wpa_supplicant_reload_configuration - Reload configuration data
800 * @wpa_s: Pointer to wpa_supplicant data
801 * Returns: 0 on success or -1 if configuration parsing failed
802 *
803 * This function can be used to request that the configuration data is reloaded
804 * (e.g., after configuration file change). This function is reloading
805 * configuration only for one interface, so this may need to be called multiple
806 * times if %wpa_supplicant is controlling multiple interfaces and all
807 * interfaces need reconfiguration.
808 */
809 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
810 {
811 struct wpa_config *conf;
812 int reconf_ctrl;
813 int old_ap_scan;
814
815 if (wpa_s->confname == NULL)
816 return -1;
817 conf = wpa_config_read(wpa_s->confname, NULL);
818 if (conf == NULL) {
819 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
820 "file '%s' - exiting", wpa_s->confname);
821 return -1;
822 }
823 wpa_config_read(wpa_s->confanother, conf);
824
825 conf->changed_parameters = (unsigned int) -1;
826
827 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
828 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
829 os_strcmp(conf->ctrl_interface,
830 wpa_s->conf->ctrl_interface) != 0);
831
832 if (reconf_ctrl && wpa_s->ctrl_iface) {
833 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
834 wpa_s->ctrl_iface = NULL;
835 }
836
837 eapol_sm_invalidate_cached_session(wpa_s->eapol);
838 if (wpa_s->current_ssid) {
839 wpa_supplicant_deauthenticate(wpa_s,
840 WLAN_REASON_DEAUTH_LEAVING);
841 }
842
843 /*
844 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
845 * pkcs11_engine_path, pkcs11_module_path.
846 */
847 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
848 /*
849 * Clear forced success to clear EAP state for next
850 * authentication.
851 */
852 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
853 }
854 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
855 wpa_sm_set_config(wpa_s->wpa, NULL);
856 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
857 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
858 rsn_preauth_deinit(wpa_s->wpa);
859
860 old_ap_scan = wpa_s->conf->ap_scan;
861 wpa_config_free(wpa_s->conf);
862 wpa_s->conf = conf;
863 if (old_ap_scan != wpa_s->conf->ap_scan)
864 wpas_notify_ap_scan_changed(wpa_s);
865
866 if (reconf_ctrl)
867 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
868
869 wpa_supplicant_update_config(wpa_s);
870
871 wpa_supplicant_clear_status(wpa_s);
872 if (wpa_supplicant_enabled_networks(wpa_s)) {
873 wpa_s->reassociate = 1;
874 wpa_supplicant_req_scan(wpa_s, 0, 0);
875 }
876 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
877 return 0;
878 }
879
880
881 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
882 {
883 struct wpa_global *global = signal_ctx;
884 struct wpa_supplicant *wpa_s;
885 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
886 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
887 sig);
888 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
889 wpa_supplicant_terminate_proc(global);
890 }
891 }
892 }
893
894
895 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
896 struct wpa_ssid *ssid,
897 struct wpa_ie_data *ie)
898 {
899 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
900 if (ret) {
901 if (ret == -2) {
902 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
903 "from association info");
904 }
905 return -1;
906 }
907
908 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
909 "cipher suites");
910 if (!(ie->group_cipher & ssid->group_cipher)) {
911 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
912 "cipher 0x%x (mask 0x%x) - reject",
913 ie->group_cipher, ssid->group_cipher);
914 return -1;
915 }
916 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
917 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
918 "cipher 0x%x (mask 0x%x) - reject",
919 ie->pairwise_cipher, ssid->pairwise_cipher);
920 return -1;
921 }
922 if (!(ie->key_mgmt & ssid->key_mgmt)) {
923 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
924 "management 0x%x (mask 0x%x) - reject",
925 ie->key_mgmt, ssid->key_mgmt);
926 return -1;
927 }
928
929 #ifdef CONFIG_IEEE80211W
930 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
931 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
932 wpa_s->conf->pmf : ssid->ieee80211w) ==
933 MGMT_FRAME_PROTECTION_REQUIRED) {
934 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
935 "that does not support management frame protection - "
936 "reject");
937 return -1;
938 }
939 #endif /* CONFIG_IEEE80211W */
940
941 return 0;
942 }
943
944
945 /**
946 * wpa_supplicant_set_suites - Set authentication and encryption parameters
947 * @wpa_s: Pointer to wpa_supplicant data
948 * @bss: Scan results for the selected BSS, or %NULL if not available
949 * @ssid: Configuration data for the selected network
950 * @wpa_ie: Buffer for the WPA/RSN IE
951 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
952 * used buffer length in case the functions returns success.
953 * Returns: 0 on success or -1 on failure
954 *
955 * This function is used to configure authentication and encryption parameters
956 * based on the network configuration and scan result for the selected BSS (if
957 * available).
958 */
959 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
960 struct wpa_bss *bss, struct wpa_ssid *ssid,
961 u8 *wpa_ie, size_t *wpa_ie_len)
962 {
963 struct wpa_ie_data ie;
964 int sel, proto;
965 const u8 *bss_wpa, *bss_rsn, *bss_osen;
966
967 if (bss) {
968 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
969 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
970 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
971 } else
972 bss_wpa = bss_rsn = bss_osen = NULL;
973
974 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
975 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
976 (ie.group_cipher & ssid->group_cipher) &&
977 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
978 (ie.key_mgmt & ssid->key_mgmt)) {
979 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
980 proto = WPA_PROTO_RSN;
981 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
982 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
983 (ie.group_cipher & ssid->group_cipher) &&
984 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
985 (ie.key_mgmt & ssid->key_mgmt)) {
986 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
987 proto = WPA_PROTO_WPA;
988 #ifdef CONFIG_HS20
989 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
990 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
991 /* TODO: parse OSEN element */
992 os_memset(&ie, 0, sizeof(ie));
993 ie.group_cipher = WPA_CIPHER_CCMP;
994 ie.pairwise_cipher = WPA_CIPHER_CCMP;
995 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
996 proto = WPA_PROTO_OSEN;
997 #endif /* CONFIG_HS20 */
998 } else if (bss) {
999 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1000 return -1;
1001 } else {
1002 if (ssid->proto & WPA_PROTO_OSEN)
1003 proto = WPA_PROTO_OSEN;
1004 else if (ssid->proto & WPA_PROTO_RSN)
1005 proto = WPA_PROTO_RSN;
1006 else
1007 proto = WPA_PROTO_WPA;
1008 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1009 os_memset(&ie, 0, sizeof(ie));
1010 ie.group_cipher = ssid->group_cipher;
1011 ie.pairwise_cipher = ssid->pairwise_cipher;
1012 ie.key_mgmt = ssid->key_mgmt;
1013 #ifdef CONFIG_IEEE80211W
1014 ie.mgmt_group_cipher =
1015 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1016 WPA_CIPHER_AES_128_CMAC : 0;
1017 #endif /* CONFIG_IEEE80211W */
1018 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1019 "based on configuration");
1020 } else
1021 proto = ie.proto;
1022 }
1023
1024 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1025 "pairwise %d key_mgmt %d proto %d",
1026 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1027 #ifdef CONFIG_IEEE80211W
1028 if (ssid->ieee80211w) {
1029 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1030 ie.mgmt_group_cipher);
1031 }
1032 #endif /* CONFIG_IEEE80211W */
1033
1034 wpa_s->wpa_proto = proto;
1035 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1036 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1037 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1038
1039 if (bss || !wpa_s->ap_ies_from_associnfo) {
1040 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1041 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1042 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1043 bss_rsn ? 2 + bss_rsn[1] : 0))
1044 return -1;
1045 }
1046
1047 sel = ie.group_cipher & ssid->group_cipher;
1048 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1049 if (wpa_s->group_cipher < 0) {
1050 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1051 "cipher");
1052 return -1;
1053 }
1054 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1055 wpa_cipher_txt(wpa_s->group_cipher));
1056
1057 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1058 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1059 if (wpa_s->pairwise_cipher < 0) {
1060 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1061 "cipher");
1062 return -1;
1063 }
1064 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1065 wpa_cipher_txt(wpa_s->pairwise_cipher));
1066
1067 sel = ie.key_mgmt & ssid->key_mgmt;
1068 #ifdef CONFIG_SAE
1069 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1070 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1071 #endif /* CONFIG_SAE */
1072 if (0) {
1073 #ifdef CONFIG_IEEE80211R
1074 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1075 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1076 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1077 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1078 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1079 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1080 #endif /* CONFIG_IEEE80211R */
1081 #ifdef CONFIG_SAE
1082 } else if (sel & WPA_KEY_MGMT_SAE) {
1083 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1084 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1085 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1086 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1087 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1088 #endif /* CONFIG_SAE */
1089 #ifdef CONFIG_IEEE80211W
1090 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1091 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1092 wpa_dbg(wpa_s, MSG_DEBUG,
1093 "WPA: using KEY_MGMT 802.1X with SHA256");
1094 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1095 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1096 wpa_dbg(wpa_s, MSG_DEBUG,
1097 "WPA: using KEY_MGMT PSK with SHA256");
1098 #endif /* CONFIG_IEEE80211W */
1099 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1100 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1102 } else if (sel & WPA_KEY_MGMT_PSK) {
1103 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1104 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1105 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1106 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1107 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1108 #ifdef CONFIG_HS20
1109 } else if (sel & WPA_KEY_MGMT_OSEN) {
1110 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1111 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1112 #endif /* CONFIG_HS20 */
1113 } else {
1114 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1115 "authenticated key management type");
1116 return -1;
1117 }
1118
1119 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1120 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1121 wpa_s->pairwise_cipher);
1122 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1123
1124 #ifdef CONFIG_IEEE80211W
1125 sel = ie.mgmt_group_cipher;
1126 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1127 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1128 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1129 sel = 0;
1130 if (sel & WPA_CIPHER_AES_128_CMAC) {
1131 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1132 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1133 "AES-128-CMAC");
1134 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1135 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1136 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1137 "BIP-GMAC-128");
1138 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1139 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1140 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1141 "BIP-GMAC-256");
1142 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1143 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1144 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1145 "BIP-CMAC-256");
1146 } else {
1147 wpa_s->mgmt_group_cipher = 0;
1148 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1149 }
1150 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1151 wpa_s->mgmt_group_cipher);
1152 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1153 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1154 wpa_s->conf->pmf : ssid->ieee80211w));
1155 #endif /* CONFIG_IEEE80211W */
1156
1157 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1158 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1159 return -1;
1160 }
1161
1162 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1163 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1164 #ifndef CONFIG_NO_PBKDF2
1165 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1166 ssid->passphrase) {
1167 u8 psk[PMK_LEN];
1168 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1169 4096, psk, PMK_LEN);
1170 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1171 psk, PMK_LEN);
1172 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1173 }
1174 #endif /* CONFIG_NO_PBKDF2 */
1175 #ifdef CONFIG_EXT_PASSWORD
1176 if (ssid->ext_psk) {
1177 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1178 ssid->ext_psk);
1179 char pw_str[64 + 1];
1180 u8 psk[PMK_LEN];
1181
1182 if (pw == NULL) {
1183 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1184 "found from external storage");
1185 return -1;
1186 }
1187
1188 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1189 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1190 "PSK length %d in external storage",
1191 (int) wpabuf_len(pw));
1192 ext_password_free(pw);
1193 return -1;
1194 }
1195
1196 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1197 pw_str[wpabuf_len(pw)] = '\0';
1198
1199 #ifndef CONFIG_NO_PBKDF2
1200 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1201 {
1202 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1203 4096, psk, PMK_LEN);
1204 os_memset(pw_str, 0, sizeof(pw_str));
1205 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1206 "external passphrase)",
1207 psk, PMK_LEN);
1208 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1209 } else
1210 #endif /* CONFIG_NO_PBKDF2 */
1211 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1212 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1213 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1214 "Invalid PSK hex string");
1215 os_memset(pw_str, 0, sizeof(pw_str));
1216 ext_password_free(pw);
1217 return -1;
1218 }
1219 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1220 } else {
1221 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1222 "PSK available");
1223 os_memset(pw_str, 0, sizeof(pw_str));
1224 ext_password_free(pw);
1225 return -1;
1226 }
1227
1228 os_memset(pw_str, 0, sizeof(pw_str));
1229 ext_password_free(pw);
1230 }
1231 #endif /* CONFIG_EXT_PASSWORD */
1232 } else
1233 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1234
1235 return 0;
1236 }
1237
1238
1239 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1240 {
1241 *pos = 0x00;
1242
1243 switch (idx) {
1244 case 0: /* Bits 0-7 */
1245 break;
1246 case 1: /* Bits 8-15 */
1247 break;
1248 case 2: /* Bits 16-23 */
1249 #ifdef CONFIG_WNM
1250 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1251 *pos |= 0x08; /* Bit 19 - BSS Transition */
1252 #endif /* CONFIG_WNM */
1253 break;
1254 case 3: /* Bits 24-31 */
1255 #ifdef CONFIG_WNM
1256 *pos |= 0x02; /* Bit 25 - SSID List */
1257 #endif /* CONFIG_WNM */
1258 #ifdef CONFIG_INTERWORKING
1259 if (wpa_s->conf->interworking)
1260 *pos |= 0x80; /* Bit 31 - Interworking */
1261 #endif /* CONFIG_INTERWORKING */
1262 break;
1263 case 4: /* Bits 32-39 */
1264 #ifdef CONFIG_INTERWORKING
1265 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1266 *pos |= 0x01; /* Bit 32 - QoS Map */
1267 #endif /* CONFIG_INTERWORKING */
1268 break;
1269 case 5: /* Bits 40-47 */
1270 #ifdef CONFIG_HS20
1271 if (wpa_s->conf->hs20)
1272 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1273 #endif /* CONFIG_HS20 */
1274 break;
1275 case 6: /* Bits 48-55 */
1276 break;
1277 }
1278 }
1279
1280
1281 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1282 {
1283 u8 *pos = buf;
1284 u8 len = 6, i;
1285
1286 if (len < wpa_s->extended_capa_len)
1287 len = wpa_s->extended_capa_len;
1288 if (buflen < (size_t) len + 2) {
1289 wpa_printf(MSG_INFO,
1290 "Not enough room for building extended capabilities element");
1291 return -1;
1292 }
1293
1294 *pos++ = WLAN_EID_EXT_CAPAB;
1295 *pos++ = len;
1296 for (i = 0; i < len; i++, pos++) {
1297 wpas_ext_capab_byte(wpa_s, pos, i);
1298
1299 if (i < wpa_s->extended_capa_len) {
1300 *pos &= ~wpa_s->extended_capa_mask[i];
1301 *pos |= wpa_s->extended_capa[i];
1302 }
1303 }
1304
1305 while (len > 0 && buf[1 + len] == 0) {
1306 len--;
1307 buf[1] = len;
1308 }
1309 if (len == 0)
1310 return 0;
1311
1312 return 2 + len;
1313 }
1314
1315
1316 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1317 struct wpa_bss *test_bss)
1318 {
1319 struct wpa_bss *bss;
1320
1321 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1322 if (bss == test_bss)
1323 return 1;
1324 }
1325
1326 return 0;
1327 }
1328
1329
1330 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1331 struct wpa_ssid *test_ssid)
1332 {
1333 struct wpa_ssid *ssid;
1334
1335 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1336 if (ssid == test_ssid)
1337 return 1;
1338 }
1339
1340 return 0;
1341 }
1342
1343
1344 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1345 struct wpa_ssid *test_ssid)
1346 {
1347 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1348 return 0;
1349
1350 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1351 }
1352
1353
1354 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1355 {
1356 if (cwork == NULL)
1357 return;
1358 os_free(cwork);
1359 }
1360
1361
1362 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1363 {
1364 struct wpa_connect_work *cwork;
1365 struct wpa_radio_work *work = wpa_s->connect_work;
1366
1367 if (!work)
1368 return;
1369
1370 wpa_s->connect_work = NULL;
1371 cwork = work->ctx;
1372 work->ctx = NULL;
1373 wpas_connect_work_free(cwork);
1374 radio_work_done(work);
1375 }
1376
1377
1378 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1379 {
1380 struct os_reltime now;
1381 u8 addr[ETH_ALEN];
1382
1383 os_get_reltime(&now);
1384 if (wpa_s->last_mac_addr_style == style &&
1385 wpa_s->last_mac_addr_change.sec != 0 &&
1386 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1387 wpa_s->conf->rand_addr_lifetime)) {
1388 wpa_msg(wpa_s, MSG_DEBUG,
1389 "Previously selected random MAC address has not yet expired");
1390 return 0;
1391 }
1392
1393 switch (style) {
1394 case 1:
1395 if (random_mac_addr(addr) < 0)
1396 return -1;
1397 break;
1398 case 2:
1399 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1400 if (random_mac_addr_keep_oui(addr) < 0)
1401 return -1;
1402 break;
1403 default:
1404 return -1;
1405 }
1406
1407 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1408 wpa_msg(wpa_s, MSG_INFO,
1409 "Failed to set random MAC address");
1410 return -1;
1411 }
1412
1413 os_get_reltime(&wpa_s->last_mac_addr_change);
1414 wpa_s->mac_addr_changed = 1;
1415 wpa_s->last_mac_addr_style = style;
1416
1417 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1418 wpa_msg(wpa_s, MSG_INFO,
1419 "Could not update MAC address information");
1420 return -1;
1421 }
1422
1423 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1424 MAC2STR(addr));
1425
1426 return 0;
1427 }
1428
1429
1430 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1431 {
1432 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1433 !wpa_s->conf->preassoc_mac_addr)
1434 return 0;
1435
1436 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1437 }
1438
1439
1440 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1441
1442 /**
1443 * wpa_supplicant_associate - Request association
1444 * @wpa_s: Pointer to wpa_supplicant data
1445 * @bss: Scan results for the selected BSS, or %NULL if not available
1446 * @ssid: Configuration data for the selected network
1447 *
1448 * This function is used to request %wpa_supplicant to associate with a BSS.
1449 */
1450 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1451 struct wpa_bss *bss, struct wpa_ssid *ssid)
1452 {
1453 struct wpa_connect_work *cwork;
1454 int rand_style;
1455
1456 if (ssid->mac_addr == -1)
1457 rand_style = wpa_s->conf->mac_addr;
1458 else
1459 rand_style = ssid->mac_addr;
1460
1461 if (wpa_s->last_ssid == ssid) {
1462 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1463 } else if (rand_style > 0) {
1464 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1465 return;
1466 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1467 } else if (wpa_s->mac_addr_changed) {
1468 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1469 wpa_msg(wpa_s, MSG_INFO,
1470 "Could not restore permanent MAC address");
1471 return;
1472 }
1473 wpa_s->mac_addr_changed = 0;
1474 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1475 wpa_msg(wpa_s, MSG_INFO,
1476 "Could not update MAC address information");
1477 return;
1478 }
1479 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1480 }
1481 wpa_s->last_ssid = ssid;
1482
1483 #ifdef CONFIG_IBSS_RSN
1484 ibss_rsn_deinit(wpa_s->ibss_rsn);
1485 wpa_s->ibss_rsn = NULL;
1486 #endif /* CONFIG_IBSS_RSN */
1487
1488 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1489 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1490 #ifdef CONFIG_AP
1491 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1492 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1493 "mode");
1494 return;
1495 }
1496 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1497 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1498 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1499 wpas_p2p_ap_setup_failed(wpa_s);
1500 return;
1501 }
1502 wpa_s->current_bss = bss;
1503 #else /* CONFIG_AP */
1504 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1505 "the build");
1506 #endif /* CONFIG_AP */
1507 return;
1508 }
1509
1510 #ifdef CONFIG_TDLS
1511 if (bss)
1512 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1513 bss->ie_len);
1514 #endif /* CONFIG_TDLS */
1515
1516 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1517 ssid->mode == IEEE80211_MODE_INFRA) {
1518 sme_authenticate(wpa_s, bss, ssid);
1519 return;
1520 }
1521
1522 if (wpa_s->connect_work) {
1523 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1524 return;
1525 }
1526
1527 if (radio_work_pending(wpa_s, "connect")) {
1528 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1529 return;
1530 }
1531
1532 cwork = os_zalloc(sizeof(*cwork));
1533 if (cwork == NULL)
1534 return;
1535
1536 cwork->bss = bss;
1537 cwork->ssid = ssid;
1538
1539 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1540 wpas_start_assoc_cb, cwork) < 0) {
1541 os_free(cwork);
1542 }
1543 }
1544
1545
1546 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1547 {
1548 struct wpa_connect_work *cwork = work->ctx;
1549 struct wpa_bss *bss = cwork->bss;
1550 struct wpa_ssid *ssid = cwork->ssid;
1551 struct wpa_supplicant *wpa_s = work->wpa_s;
1552 u8 wpa_ie[200];
1553 size_t wpa_ie_len;
1554 int use_crypt, ret, i, bssid_changed;
1555 int algs = WPA_AUTH_ALG_OPEN;
1556 unsigned int cipher_pairwise, cipher_group;
1557 struct wpa_driver_associate_params params;
1558 int wep_keys_set = 0;
1559 int assoc_failed = 0;
1560 struct wpa_ssid *old_ssid;
1561 #ifdef CONFIG_HT_OVERRIDES
1562 struct ieee80211_ht_capabilities htcaps;
1563 struct ieee80211_ht_capabilities htcaps_mask;
1564 #endif /* CONFIG_HT_OVERRIDES */
1565 #ifdef CONFIG_VHT_OVERRIDES
1566 struct ieee80211_vht_capabilities vhtcaps;
1567 struct ieee80211_vht_capabilities vhtcaps_mask;
1568 #endif /* CONFIG_VHT_OVERRIDES */
1569
1570 if (deinit) {
1571 if (work->started) {
1572 wpa_s->connect_work = NULL;
1573
1574 /* cancel possible auth. timeout */
1575 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1576 NULL);
1577 }
1578 wpas_connect_work_free(cwork);
1579 return;
1580 }
1581
1582 wpa_s->connect_work = work;
1583
1584 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1585 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1586 wpas_connect_work_done(wpa_s);
1587 return;
1588 }
1589
1590 os_memset(&params, 0, sizeof(params));
1591 wpa_s->reassociate = 0;
1592 wpa_s->eap_expected_failure = 0;
1593 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1594 #ifdef CONFIG_IEEE80211R
1595 const u8 *ie, *md = NULL;
1596 #endif /* CONFIG_IEEE80211R */
1597 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1598 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1599 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1600 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1601 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1602 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1603 if (bssid_changed)
1604 wpas_notify_bssid_changed(wpa_s);
1605 #ifdef CONFIG_IEEE80211R
1606 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1607 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1608 md = ie + 2;
1609 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1610 if (md) {
1611 /* Prepare for the next transition */
1612 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1613 }
1614 #endif /* CONFIG_IEEE80211R */
1615 #ifdef CONFIG_WPS
1616 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1617 wpa_s->conf->ap_scan == 2 &&
1618 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1619 /* Use ap_scan==1 style network selection to find the network
1620 */
1621 wpa_s->scan_req = MANUAL_SCAN_REQ;
1622 wpa_s->reassociate = 1;
1623 wpa_supplicant_req_scan(wpa_s, 0, 0);
1624 return;
1625 #endif /* CONFIG_WPS */
1626 } else {
1627 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1628 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1629 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1630 }
1631 wpa_supplicant_cancel_sched_scan(wpa_s);
1632 wpa_supplicant_cancel_scan(wpa_s);
1633
1634 /* Starting new association, so clear the possibly used WPA IE from the
1635 * previous association. */
1636 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1637
1638 #ifdef IEEE8021X_EAPOL
1639 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1640 if (ssid->leap) {
1641 if (ssid->non_leap == 0)
1642 algs = WPA_AUTH_ALG_LEAP;
1643 else
1644 algs |= WPA_AUTH_ALG_LEAP;
1645 }
1646 }
1647 #endif /* IEEE8021X_EAPOL */
1648 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1649 if (ssid->auth_alg) {
1650 algs = ssid->auth_alg;
1651 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1652 "0x%x", algs);
1653 }
1654
1655 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1656 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1657 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1658 int try_opportunistic;
1659 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1660 wpa_s->conf->okc :
1661 ssid->proactive_key_caching) &&
1662 (ssid->proto & WPA_PROTO_RSN);
1663 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1664 ssid, try_opportunistic) == 0)
1665 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1666 wpa_ie_len = sizeof(wpa_ie);
1667 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1668 wpa_ie, &wpa_ie_len)) {
1669 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1670 "key management and encryption suites");
1671 return;
1672 }
1673 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1674 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1675 /*
1676 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1677 * use non-WPA since the scan results did not indicate that the
1678 * AP is using WPA or WPA2.
1679 */
1680 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1681 wpa_ie_len = 0;
1682 wpa_s->wpa_proto = 0;
1683 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1684 wpa_ie_len = sizeof(wpa_ie);
1685 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1686 wpa_ie, &wpa_ie_len)) {
1687 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1688 "key management and encryption suites (no "
1689 "scan results)");
1690 return;
1691 }
1692 #ifdef CONFIG_WPS
1693 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1694 struct wpabuf *wps_ie;
1695 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1696 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1697 wpa_ie_len = wpabuf_len(wps_ie);
1698 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1699 } else
1700 wpa_ie_len = 0;
1701 wpabuf_free(wps_ie);
1702 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1703 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1704 params.wps = WPS_MODE_PRIVACY;
1705 else
1706 params.wps = WPS_MODE_OPEN;
1707 wpa_s->wpa_proto = 0;
1708 #endif /* CONFIG_WPS */
1709 } else {
1710 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1711 wpa_ie_len = 0;
1712 wpa_s->wpa_proto = 0;
1713 }
1714
1715 #ifdef CONFIG_P2P
1716 if (wpa_s->global->p2p) {
1717 u8 *pos;
1718 size_t len;
1719 int res;
1720 pos = wpa_ie + wpa_ie_len;
1721 len = sizeof(wpa_ie) - wpa_ie_len;
1722 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1723 ssid->p2p_group);
1724 if (res >= 0)
1725 wpa_ie_len += res;
1726 }
1727
1728 wpa_s->cross_connect_disallowed = 0;
1729 if (bss) {
1730 struct wpabuf *p2p;
1731 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1732 if (p2p) {
1733 wpa_s->cross_connect_disallowed =
1734 p2p_get_cross_connect_disallowed(p2p);
1735 wpabuf_free(p2p);
1736 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1737 "connection",
1738 wpa_s->cross_connect_disallowed ?
1739 "disallows" : "allows");
1740 }
1741 }
1742
1743 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1744 #endif /* CONFIG_P2P */
1745
1746 #ifdef CONFIG_HS20
1747 if (is_hs20_network(wpa_s, ssid, bss)) {
1748 struct wpabuf *hs20;
1749 hs20 = wpabuf_alloc(20);
1750 if (hs20) {
1751 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1752 size_t len;
1753
1754 wpas_hs20_add_indication(hs20, pps_mo_id);
1755 len = sizeof(wpa_ie) - wpa_ie_len;
1756 if (wpabuf_len(hs20) <= len) {
1757 os_memcpy(wpa_ie + wpa_ie_len,
1758 wpabuf_head(hs20), wpabuf_len(hs20));
1759 wpa_ie_len += wpabuf_len(hs20);
1760 }
1761 wpabuf_free(hs20);
1762 }
1763 }
1764 #endif /* CONFIG_HS20 */
1765
1766 /*
1767 * Workaround: Add Extended Capabilities element only if the AP
1768 * included this element in Beacon/Probe Response frames. Some older
1769 * APs seem to have interoperability issues if this element is
1770 * included, so while the standard may require us to include the
1771 * element in all cases, it is justifiable to skip it to avoid
1772 * interoperability issues.
1773 */
1774 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1775 u8 ext_capab[18];
1776 int ext_capab_len;
1777 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
1778 sizeof(ext_capab));
1779 if (ext_capab_len > 0) {
1780 u8 *pos = wpa_ie;
1781 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1782 pos += 2 + pos[1];
1783 os_memmove(pos + ext_capab_len, pos,
1784 wpa_ie_len - (pos - wpa_ie));
1785 wpa_ie_len += ext_capab_len;
1786 os_memcpy(pos, ext_capab, ext_capab_len);
1787 }
1788 }
1789
1790 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1791 use_crypt = 1;
1792 cipher_pairwise = wpa_s->pairwise_cipher;
1793 cipher_group = wpa_s->group_cipher;
1794 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1795 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1796 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1797 use_crypt = 0;
1798 if (wpa_set_wep_keys(wpa_s, ssid)) {
1799 use_crypt = 1;
1800 wep_keys_set = 1;
1801 }
1802 }
1803 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1804 use_crypt = 0;
1805
1806 #ifdef IEEE8021X_EAPOL
1807 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1808 if ((ssid->eapol_flags &
1809 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1810 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1811 !wep_keys_set) {
1812 use_crypt = 0;
1813 } else {
1814 /* Assume that dynamic WEP-104 keys will be used and
1815 * set cipher suites in order for drivers to expect
1816 * encryption. */
1817 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1818 }
1819 }
1820 #endif /* IEEE8021X_EAPOL */
1821
1822 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1823 /* Set the key before (and later after) association */
1824 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1825 }
1826
1827 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1828 if (bss) {
1829 params.ssid = bss->ssid;
1830 params.ssid_len = bss->ssid_len;
1831 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1832 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1833 MACSTR " freq=%u MHz based on scan results "
1834 "(bssid_set=%d)",
1835 MAC2STR(bss->bssid), bss->freq,
1836 ssid->bssid_set);
1837 params.bssid = bss->bssid;
1838 params.freq.freq = bss->freq;
1839 }
1840 params.bssid_hint = bss->bssid;
1841 params.freq_hint = bss->freq;
1842 } else {
1843 params.ssid = ssid->ssid;
1844 params.ssid_len = ssid->ssid_len;
1845 }
1846
1847 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1848 wpa_s->conf->ap_scan == 2) {
1849 params.bssid = ssid->bssid;
1850 params.fixed_bssid = 1;
1851 }
1852
1853 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1854 params.freq.freq == 0) {
1855 enum hostapd_hw_mode hw_mode;
1856 u8 channel;
1857
1858 params.freq.freq = ssid->frequency;
1859
1860 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1861 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1862 if (wpa_s->hw.modes[i].mode == hw_mode) {
1863 struct hostapd_hw_modes *mode;
1864
1865 mode = &wpa_s->hw.modes[i];
1866 params.freq.ht_enabled = ht_supported(mode);
1867 break;
1868 }
1869 }
1870 }
1871
1872 if (ssid->mode == WPAS_MODE_IBSS) {
1873 if (ssid->beacon_int)
1874 params.beacon_int = ssid->beacon_int;
1875 else
1876 params.beacon_int = wpa_s->conf->beacon_int;
1877 }
1878
1879 params.wpa_ie = wpa_ie;
1880 params.wpa_ie_len = wpa_ie_len;
1881 params.pairwise_suite = cipher_pairwise;
1882 params.group_suite = cipher_group;
1883 params.key_mgmt_suite = wpa_s->key_mgmt;
1884 params.wpa_proto = wpa_s->wpa_proto;
1885 params.auth_alg = algs;
1886 params.mode = ssid->mode;
1887 params.bg_scan_period = ssid->bg_scan_period;
1888 for (i = 0; i < NUM_WEP_KEYS; i++) {
1889 if (ssid->wep_key_len[i])
1890 params.wep_key[i] = ssid->wep_key[i];
1891 params.wep_key_len[i] = ssid->wep_key_len[i];
1892 }
1893 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1894
1895 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1896 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1897 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1898 params.passphrase = ssid->passphrase;
1899 if (ssid->psk_set)
1900 params.psk = ssid->psk;
1901 }
1902
1903 params.drop_unencrypted = use_crypt;
1904
1905 #ifdef CONFIG_IEEE80211W
1906 params.mgmt_frame_protection =
1907 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1908 wpa_s->conf->pmf : ssid->ieee80211w;
1909 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1910 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1911 struct wpa_ie_data ie;
1912 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1913 ie.capabilities &
1914 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1915 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1916 "MFP: require MFP");
1917 params.mgmt_frame_protection =
1918 MGMT_FRAME_PROTECTION_REQUIRED;
1919 }
1920 }
1921 #endif /* CONFIG_IEEE80211W */
1922
1923 params.p2p = ssid->p2p_group;
1924
1925 if (wpa_s->parent->set_sta_uapsd)
1926 params.uapsd = wpa_s->parent->sta_uapsd;
1927 else
1928 params.uapsd = -1;
1929
1930 #ifdef CONFIG_HT_OVERRIDES
1931 os_memset(&htcaps, 0, sizeof(htcaps));
1932 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1933 params.htcaps = (u8 *) &htcaps;
1934 params.htcaps_mask = (u8 *) &htcaps_mask;
1935 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1936 #endif /* CONFIG_HT_OVERRIDES */
1937 #ifdef CONFIG_VHT_OVERRIDES
1938 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
1939 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
1940 params.vhtcaps = &vhtcaps;
1941 params.vhtcaps_mask = &vhtcaps_mask;
1942 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, &params);
1943 #endif /* CONFIG_VHT_OVERRIDES */
1944
1945 #ifdef CONFIG_P2P
1946 /*
1947 * If multi-channel concurrency is not supported, check for any
1948 * frequency conflict. In case of any frequency conflict, remove the
1949 * least prioritized connection.
1950 */
1951 if (wpa_s->num_multichan_concurrent < 2) {
1952 int freq, num;
1953 num = get_shared_radio_freqs(wpa_s, &freq, 1);
1954 if (num > 0 && freq > 0 && freq != params.freq.freq) {
1955 wpa_printf(MSG_DEBUG,
1956 "Assoc conflicting freq found (%d != %d)",
1957 freq, params.freq.freq);
1958 if (wpas_p2p_handle_frequency_conflicts(
1959 wpa_s, params.freq.freq, ssid) < 0)
1960 return;
1961 }
1962 }
1963 #endif /* CONFIG_P2P */
1964
1965 ret = wpa_drv_associate(wpa_s, &params);
1966 if (ret < 0) {
1967 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1968 "failed");
1969 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1970 /*
1971 * The driver is known to mean what is saying, so we
1972 * can stop right here; the association will not
1973 * succeed.
1974 */
1975 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1976 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1977 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1978 return;
1979 }
1980 /* try to continue anyway; new association will be tried again
1981 * after timeout */
1982 assoc_failed = 1;
1983 }
1984
1985 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1986 /* Set the key after the association just in case association
1987 * cleared the previously configured key. */
1988 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1989 /* No need to timeout authentication since there is no key
1990 * management. */
1991 wpa_supplicant_cancel_auth_timeout(wpa_s);
1992 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1993 #ifdef CONFIG_IBSS_RSN
1994 } else if (ssid->mode == WPAS_MODE_IBSS &&
1995 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1996 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1997 /*
1998 * RSN IBSS authentication is per-STA and we can disable the
1999 * per-BSSID authentication.
2000 */
2001 wpa_supplicant_cancel_auth_timeout(wpa_s);
2002 #endif /* CONFIG_IBSS_RSN */
2003 } else {
2004 /* Timeout for IEEE 802.11 authentication and association */
2005 int timeout = 60;
2006
2007 if (assoc_failed) {
2008 /* give IBSS a bit more time */
2009 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2010 } else if (wpa_s->conf->ap_scan == 1) {
2011 /* give IBSS a bit more time */
2012 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2013 }
2014 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2015 }
2016
2017 if (wep_keys_set &&
2018 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2019 /* Set static WEP keys again */
2020 wpa_set_wep_keys(wpa_s, ssid);
2021 }
2022
2023 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2024 /*
2025 * Do not allow EAP session resumption between different
2026 * network configurations.
2027 */
2028 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2029 }
2030 old_ssid = wpa_s->current_ssid;
2031 wpa_s->current_ssid = ssid;
2032 wpa_s->current_bss = bss;
2033 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2034 wpa_supplicant_initiate_eapol(wpa_s);
2035 if (old_ssid != wpa_s->current_ssid)
2036 wpas_notify_network_changed(wpa_s);
2037 }
2038
2039
2040 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2041 const u8 *addr)
2042 {
2043 struct wpa_ssid *old_ssid;
2044
2045 wpas_connect_work_done(wpa_s);
2046 wpa_clear_keys(wpa_s, addr);
2047 old_ssid = wpa_s->current_ssid;
2048 wpa_supplicant_mark_disassoc(wpa_s);
2049 wpa_sm_set_config(wpa_s->wpa, NULL);
2050 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2051 if (old_ssid != wpa_s->current_ssid)
2052 wpas_notify_network_changed(wpa_s);
2053 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2054 }
2055
2056
2057 /**
2058 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2059 * @wpa_s: Pointer to wpa_supplicant data
2060 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2061 *
2062 * This function is used to request %wpa_supplicant to deauthenticate from the
2063 * current AP.
2064 */
2065 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2066 int reason_code)
2067 {
2068 u8 *addr = NULL;
2069 union wpa_event_data event;
2070 int zero_addr = 0;
2071
2072 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2073 " pending_bssid=" MACSTR " reason=%d state=%s",
2074 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2075 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2076
2077 if (!is_zero_ether_addr(wpa_s->bssid))
2078 addr = wpa_s->bssid;
2079 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2080 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2081 wpa_s->wpa_state == WPA_ASSOCIATING))
2082 addr = wpa_s->pending_bssid;
2083 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2084 /*
2085 * When using driver-based BSS selection, we may not know the
2086 * BSSID with which we are currently trying to associate. We
2087 * need to notify the driver of this disconnection even in such
2088 * a case, so use the all zeros address here.
2089 */
2090 addr = wpa_s->bssid;
2091 zero_addr = 1;
2092 }
2093
2094 #ifdef CONFIG_TDLS
2095 wpa_tdls_teardown_peers(wpa_s->wpa);
2096 #endif /* CONFIG_TDLS */
2097
2098 if (addr) {
2099 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2100 os_memset(&event, 0, sizeof(event));
2101 event.deauth_info.reason_code = (u16) reason_code;
2102 event.deauth_info.locally_generated = 1;
2103 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2104 if (zero_addr)
2105 addr = NULL;
2106 }
2107
2108 wpa_supplicant_clear_connection(wpa_s, addr);
2109 }
2110
2111 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2112 struct wpa_ssid *ssid)
2113 {
2114 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2115 return;
2116
2117 ssid->disabled = 0;
2118 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2119 wpas_notify_network_enabled_changed(wpa_s, ssid);
2120
2121 /*
2122 * Try to reassociate since there is no current configuration and a new
2123 * network was made available.
2124 */
2125 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2126 wpa_s->reassociate = 1;
2127 }
2128
2129
2130 /**
2131 * wpa_supplicant_enable_network - Mark a configured network as enabled
2132 * @wpa_s: wpa_supplicant structure for a network interface
2133 * @ssid: wpa_ssid structure for a configured network or %NULL
2134 *
2135 * Enables the specified network or all networks if no network specified.
2136 */
2137 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2138 struct wpa_ssid *ssid)
2139 {
2140 if (ssid == NULL) {
2141 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2142 wpa_supplicant_enable_one_network(wpa_s, ssid);
2143 } else
2144 wpa_supplicant_enable_one_network(wpa_s, ssid);
2145
2146 if (wpa_s->reassociate && !wpa_s->disconnected) {
2147 if (wpa_s->sched_scanning) {
2148 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2149 "new network to scan filters");
2150 wpa_supplicant_cancel_sched_scan(wpa_s);
2151 }
2152
2153 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2154 wpa_supplicant_req_scan(wpa_s, 0, 0);
2155 }
2156 }
2157
2158
2159 /**
2160 * wpa_supplicant_disable_network - Mark a configured network as disabled
2161 * @wpa_s: wpa_supplicant structure for a network interface
2162 * @ssid: wpa_ssid structure for a configured network or %NULL
2163 *
2164 * Disables the specified network or all networks if no network specified.
2165 */
2166 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2167 struct wpa_ssid *ssid)
2168 {
2169 struct wpa_ssid *other_ssid;
2170 int was_disabled;
2171
2172 if (ssid == NULL) {
2173 if (wpa_s->sched_scanning)
2174 wpa_supplicant_cancel_sched_scan(wpa_s);
2175
2176 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2177 other_ssid = other_ssid->next) {
2178 was_disabled = other_ssid->disabled;
2179 if (was_disabled == 2)
2180 continue; /* do not change persistent P2P group
2181 * data */
2182
2183 other_ssid->disabled = 1;
2184
2185 if (was_disabled != other_ssid->disabled)
2186 wpas_notify_network_enabled_changed(
2187 wpa_s, other_ssid);
2188 }
2189 if (wpa_s->current_ssid)
2190 wpa_supplicant_deauthenticate(
2191 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2192 } else if (ssid->disabled != 2) {
2193 if (ssid == wpa_s->current_ssid)
2194 wpa_supplicant_deauthenticate(
2195 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2196
2197 was_disabled = ssid->disabled;
2198
2199 ssid->disabled = 1;
2200
2201 if (was_disabled != ssid->disabled) {
2202 wpas_notify_network_enabled_changed(wpa_s, ssid);
2203 if (wpa_s->sched_scanning) {
2204 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2205 "to remove network from filters");
2206 wpa_supplicant_cancel_sched_scan(wpa_s);
2207 wpa_supplicant_req_scan(wpa_s, 0, 0);
2208 }
2209 }
2210 }
2211 }
2212
2213
2214 /**
2215 * wpa_supplicant_select_network - Attempt association with a network
2216 * @wpa_s: wpa_supplicant structure for a network interface
2217 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2218 */
2219 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2220 struct wpa_ssid *ssid)
2221 {
2222
2223 struct wpa_ssid *other_ssid;
2224 int disconnected = 0;
2225
2226 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2227 wpa_supplicant_deauthenticate(
2228 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2229 disconnected = 1;
2230 }
2231
2232 if (ssid)
2233 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2234
2235 /*
2236 * Mark all other networks disabled or mark all networks enabled if no
2237 * network specified.
2238 */
2239 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2240 other_ssid = other_ssid->next) {
2241 int was_disabled = other_ssid->disabled;
2242 if (was_disabled == 2)
2243 continue; /* do not change persistent P2P group data */
2244
2245 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2246 if (was_disabled && !other_ssid->disabled)
2247 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2248
2249 if (was_disabled != other_ssid->disabled)
2250 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2251 }
2252
2253 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2254 /* We are already associated with the selected network */
2255 wpa_printf(MSG_DEBUG, "Already associated with the "
2256 "selected network - do nothing");
2257 return;
2258 }
2259
2260 if (ssid) {
2261 wpa_s->current_ssid = ssid;
2262 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2263 }
2264 wpa_s->connect_without_scan = NULL;
2265 wpa_s->disconnected = 0;
2266 wpa_s->reassociate = 1;
2267
2268 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2269 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2270
2271 if (ssid)
2272 wpas_notify_network_selected(wpa_s, ssid);
2273 }
2274
2275
2276 /**
2277 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2278 * @wpa_s: wpa_supplicant structure for a network interface
2279 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2280 * @pkcs11_module_path: PKCS #11 module path or NULL
2281 * Returns: 0 on success; -1 on failure
2282 *
2283 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2284 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2285 * module path fails the paths will be reset to the default value (NULL).
2286 */
2287 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2288 const char *pkcs11_engine_path,
2289 const char *pkcs11_module_path)
2290 {
2291 char *pkcs11_engine_path_copy = NULL;
2292 char *pkcs11_module_path_copy = NULL;
2293
2294 if (pkcs11_engine_path != NULL) {
2295 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2296 if (pkcs11_engine_path_copy == NULL)
2297 return -1;
2298 }
2299 if (pkcs11_module_path != NULL) {
2300 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2301 if (pkcs11_module_path_copy == NULL) {
2302 os_free(pkcs11_engine_path_copy);
2303 return -1;
2304 }
2305 }
2306
2307 os_free(wpa_s->conf->pkcs11_engine_path);
2308 os_free(wpa_s->conf->pkcs11_module_path);
2309 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2310 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2311
2312 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2313 eapol_sm_deinit(wpa_s->eapol);
2314 wpa_s->eapol = NULL;
2315 if (wpa_supplicant_init_eapol(wpa_s)) {
2316 /* Error -> Reset paths to the default value (NULL) once. */
2317 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2318 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2319 NULL);
2320
2321 return -1;
2322 }
2323 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2324
2325 return 0;
2326 }
2327
2328
2329 /**
2330 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2331 * @wpa_s: wpa_supplicant structure for a network interface
2332 * @ap_scan: AP scan mode
2333 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2334 *
2335 */
2336 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2337 {
2338
2339 int old_ap_scan;
2340
2341 if (ap_scan < 0 || ap_scan > 2)
2342 return -1;
2343
2344 #ifdef ANDROID
2345 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2346 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2347 wpa_s->wpa_state < WPA_COMPLETED) {
2348 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2349 "associating", wpa_s->conf->ap_scan, ap_scan);
2350 return 0;
2351 }
2352 #endif /* ANDROID */
2353
2354 old_ap_scan = wpa_s->conf->ap_scan;
2355 wpa_s->conf->ap_scan = ap_scan;
2356
2357 if (old_ap_scan != wpa_s->conf->ap_scan)
2358 wpas_notify_ap_scan_changed(wpa_s);
2359
2360 return 0;
2361 }
2362
2363
2364 /**
2365 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2366 * @wpa_s: wpa_supplicant structure for a network interface
2367 * @expire_age: Expiration age in seconds
2368 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2369 *
2370 */
2371 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2372 unsigned int bss_expire_age)
2373 {
2374 if (bss_expire_age < 10) {
2375 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2376 bss_expire_age);
2377 return -1;
2378 }
2379 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2380 bss_expire_age);
2381 wpa_s->conf->bss_expiration_age = bss_expire_age;
2382
2383 return 0;
2384 }
2385
2386
2387 /**
2388 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2389 * @wpa_s: wpa_supplicant structure for a network interface
2390 * @expire_count: number of scans after which an unseen BSS is reclaimed
2391 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2392 *
2393 */
2394 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2395 unsigned int bss_expire_count)
2396 {
2397 if (bss_expire_count < 1) {
2398 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2399 bss_expire_count);
2400 return -1;
2401 }
2402 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2403 bss_expire_count);
2404 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2405
2406 return 0;
2407 }
2408
2409
2410 /**
2411 * wpa_supplicant_set_scan_interval - Set scan interval
2412 * @wpa_s: wpa_supplicant structure for a network interface
2413 * @scan_interval: scan interval in seconds
2414 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2415 *
2416 */
2417 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2418 int scan_interval)
2419 {
2420 if (scan_interval < 0) {
2421 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2422 scan_interval);
2423 return -1;
2424 }
2425 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2426 scan_interval);
2427 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2428
2429 return 0;
2430 }
2431
2432
2433 /**
2434 * wpa_supplicant_set_debug_params - Set global debug params
2435 * @global: wpa_global structure
2436 * @debug_level: debug level
2437 * @debug_timestamp: determines if show timestamp in debug data
2438 * @debug_show_keys: determines if show keys in debug data
2439 * Returns: 0 if succeed or -1 if debug_level has wrong value
2440 */
2441 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2442 int debug_timestamp, int debug_show_keys)
2443 {
2444
2445 int old_level, old_timestamp, old_show_keys;
2446
2447 /* check for allowed debuglevels */
2448 if (debug_level != MSG_EXCESSIVE &&
2449 debug_level != MSG_MSGDUMP &&
2450 debug_level != MSG_DEBUG &&
2451 debug_level != MSG_INFO &&
2452 debug_level != MSG_WARNING &&
2453 debug_level != MSG_ERROR)
2454 return -1;
2455
2456 old_level = wpa_debug_level;
2457 old_timestamp = wpa_debug_timestamp;
2458 old_show_keys = wpa_debug_show_keys;
2459
2460 wpa_debug_level = debug_level;
2461 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2462 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2463
2464 if (wpa_debug_level != old_level)
2465 wpas_notify_debug_level_changed(global);
2466 if (wpa_debug_timestamp != old_timestamp)
2467 wpas_notify_debug_timestamp_changed(global);
2468 if (wpa_debug_show_keys != old_show_keys)
2469 wpas_notify_debug_show_keys_changed(global);
2470
2471 return 0;
2472 }
2473
2474
2475 /**
2476 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2477 * @wpa_s: Pointer to wpa_supplicant data
2478 * Returns: A pointer to the current network structure or %NULL on failure
2479 */
2480 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2481 {
2482 struct wpa_ssid *entry;
2483 u8 ssid[MAX_SSID_LEN];
2484 int res;
2485 size_t ssid_len;
2486 u8 bssid[ETH_ALEN];
2487 int wired;
2488
2489 res = wpa_drv_get_ssid(wpa_s, ssid);
2490 if (res < 0) {
2491 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2492 "driver");
2493 return NULL;
2494 }
2495 ssid_len = res;
2496
2497 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2498 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2499 "driver");
2500 return NULL;
2501 }
2502
2503 wired = wpa_s->conf->ap_scan == 0 &&
2504 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2505
2506 entry = wpa_s->conf->ssid;
2507 while (entry) {
2508 if (!wpas_network_disabled(wpa_s, entry) &&
2509 ((ssid_len == entry->ssid_len &&
2510 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2511 (!entry->bssid_set ||
2512 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2513 return entry;
2514 #ifdef CONFIG_WPS
2515 if (!wpas_network_disabled(wpa_s, entry) &&
2516 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2517 (entry->ssid == NULL || entry->ssid_len == 0) &&
2518 (!entry->bssid_set ||
2519 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2520 return entry;
2521 #endif /* CONFIG_WPS */
2522
2523 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2524 entry->ssid_len == 0 &&
2525 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2526 return entry;
2527
2528 entry = entry->next;
2529 }
2530
2531 return NULL;
2532 }
2533
2534
2535 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2536 {
2537 struct wpa_global *global = wpa_s->global;
2538
2539 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2540 global->drv_priv[i] = wpa_drivers[i]->global_init();
2541 if (global->drv_priv[i] == NULL) {
2542 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2543 "'%s'", wpa_drivers[i]->name);
2544 return -1;
2545 }
2546 }
2547
2548 wpa_s->driver = wpa_drivers[i];
2549 wpa_s->global_drv_priv = global->drv_priv[i];
2550
2551 return 0;
2552 }
2553
2554
2555 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2556 const char *name)
2557 {
2558 int i;
2559 size_t len;
2560 const char *pos, *driver = name;
2561
2562 if (wpa_s == NULL)
2563 return -1;
2564
2565 if (wpa_drivers[0] == NULL) {
2566 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2567 "wpa_supplicant");
2568 return -1;
2569 }
2570
2571 if (name == NULL) {
2572 /* default to first driver in the list */
2573 return select_driver(wpa_s, 0);
2574 }
2575
2576 do {
2577 pos = os_strchr(driver, ',');
2578 if (pos)
2579 len = pos - driver;
2580 else
2581 len = os_strlen(driver);
2582
2583 for (i = 0; wpa_drivers[i]; i++) {
2584 if (os_strlen(wpa_drivers[i]->name) == len &&
2585 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2586 0) {
2587 /* First driver that succeeds wins */
2588 if (select_driver(wpa_s, i) == 0)
2589 return 0;
2590 }
2591 }
2592
2593 driver = pos + 1;
2594 } while (pos);
2595
2596 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2597 return -1;
2598 }
2599
2600
2601 /**
2602 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2603 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2604 * with struct wpa_driver_ops::init()
2605 * @src_addr: Source address of the EAPOL frame
2606 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2607 * @len: Length of the EAPOL data
2608 *
2609 * This function is called for each received EAPOL frame. Most driver
2610 * interfaces rely on more generic OS mechanism for receiving frames through
2611 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2612 * take care of received EAPOL frames and deliver them to the core supplicant
2613 * code by calling this function.
2614 */
2615 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2616 const u8 *buf, size_t len)
2617 {
2618 struct wpa_supplicant *wpa_s = ctx;
2619
2620 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2621 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2622
2623 #ifdef CONFIG_PEERKEY
2624 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2625 wpa_s->current_ssid->peerkey &&
2626 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2627 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2628 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2629 return;
2630 }
2631 #endif /* CONFIG_PEERKEY */
2632
2633 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2634 (wpa_s->last_eapol_matches_bssid &&
2635 #ifdef CONFIG_AP
2636 !wpa_s->ap_iface &&
2637 #endif /* CONFIG_AP */
2638 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2639 /*
2640 * There is possible race condition between receiving the
2641 * association event and the EAPOL frame since they are coming
2642 * through different paths from the driver. In order to avoid
2643 * issues in trying to process the EAPOL frame before receiving
2644 * association information, lets queue it for processing until
2645 * the association event is received. This may also be needed in
2646 * driver-based roaming case, so also use src_addr != BSSID as a
2647 * trigger if we have previously confirmed that the
2648 * Authenticator uses BSSID as the src_addr (which is not the
2649 * case with wired IEEE 802.1X).
2650 */
2651 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2652 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2653 wpa_supplicant_state_txt(wpa_s->wpa_state),
2654 MAC2STR(wpa_s->bssid));
2655 wpabuf_free(wpa_s->pending_eapol_rx);
2656 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2657 if (wpa_s->pending_eapol_rx) {
2658 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2659 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2660 ETH_ALEN);
2661 }
2662 return;
2663 }
2664
2665 wpa_s->last_eapol_matches_bssid =
2666 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2667
2668 #ifdef CONFIG_AP
2669 if (wpa_s->ap_iface) {
2670 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2671 return;
2672 }
2673 #endif /* CONFIG_AP */
2674
2675 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2676 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2677 "no key management is configured");
2678 return;
2679 }
2680
2681 if (wpa_s->eapol_received == 0 &&
2682 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2683 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2684 wpa_s->wpa_state != WPA_COMPLETED) &&
2685 (wpa_s->current_ssid == NULL ||
2686 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2687 /* Timeout for completing IEEE 802.1X and WPA authentication */
2688 wpa_supplicant_req_auth_timeout(
2689 wpa_s,
2690 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2691 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2692 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2693 70 : 10, 0);
2694 }
2695 wpa_s->eapol_received++;
2696
2697 if (wpa_s->countermeasures) {
2698 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2699 "EAPOL packet");
2700 return;
2701 }
2702
2703 #ifdef CONFIG_IBSS_RSN
2704 if (wpa_s->current_ssid &&
2705 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2706 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2707 return;
2708 }
2709 #endif /* CONFIG_IBSS_RSN */
2710
2711 /* Source address of the incoming EAPOL frame could be compared to the
2712 * current BSSID. However, it is possible that a centralized
2713 * Authenticator could be using another MAC address than the BSSID of
2714 * an AP, so just allow any address to be used for now. The replies are
2715 * still sent to the current BSSID (if available), though. */
2716
2717 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2718 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2719 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2720 return;
2721 wpa_drv_poll(wpa_s);
2722 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2723 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2724 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2725 /*
2726 * Set portValid = TRUE here since we are going to skip 4-way
2727 * handshake processing which would normally set portValid. We
2728 * need this to allow the EAPOL state machines to be completed
2729 * without going through EAPOL-Key handshake.
2730 */
2731 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2732 }
2733 }
2734
2735
2736 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2737 {
2738 if (wpa_s->driver->send_eapol) {
2739 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2740 if (addr)
2741 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2742 } else if ((!wpa_s->p2p_mgmt ||
2743 !(wpa_s->drv_flags &
2744 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2745 !(wpa_s->drv_flags &
2746 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2747 l2_packet_deinit(wpa_s->l2);
2748 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2749 wpa_drv_get_mac_addr(wpa_s),
2750 ETH_P_EAPOL,
2751 wpa_supplicant_rx_eapol, wpa_s, 0);
2752 if (wpa_s->l2 == NULL)
2753 return -1;
2754 } else {
2755 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2756 if (addr)
2757 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2758 }
2759
2760 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2761 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2762 return -1;
2763 }
2764
2765 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2766
2767 return 0;
2768 }
2769
2770
2771 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2772 const u8 *buf, size_t len)
2773 {
2774 struct wpa_supplicant *wpa_s = ctx;
2775 const struct l2_ethhdr *eth;
2776
2777 if (len < sizeof(*eth))
2778 return;
2779 eth = (const struct l2_ethhdr *) buf;
2780
2781 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2782 !(eth->h_dest[0] & 0x01)) {
2783 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2784 " (bridge - not for this interface - ignore)",
2785 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2786 return;
2787 }
2788
2789 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2790 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2791 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2792 len - sizeof(*eth));
2793 }
2794
2795
2796 /**
2797 * wpa_supplicant_driver_init - Initialize driver interface parameters
2798 * @wpa_s: Pointer to wpa_supplicant data
2799 * Returns: 0 on success, -1 on failure
2800 *
2801 * This function is called to initialize driver interface parameters.
2802 * wpa_drv_init() must have been called before this function to initialize the
2803 * driver interface.
2804 */
2805 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2806 {
2807 static int interface_count = 0;
2808
2809 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2810 return -1;
2811
2812 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2813 MAC2STR(wpa_s->own_addr));
2814 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
2815 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2816
2817 if (wpa_s->bridge_ifname[0]) {
2818 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2819 "interface '%s'", wpa_s->bridge_ifname);
2820 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2821 wpa_s->own_addr,
2822 ETH_P_EAPOL,
2823 wpa_supplicant_rx_eapol_bridge,
2824 wpa_s, 1);
2825 if (wpa_s->l2_br == NULL) {
2826 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2827 "connection for the bridge interface '%s'",
2828 wpa_s->bridge_ifname);
2829 return -1;
2830 }
2831 }
2832
2833 wpa_clear_keys(wpa_s, NULL);
2834
2835 /* Make sure that TKIP countermeasures are not left enabled (could
2836 * happen if wpa_supplicant is killed during countermeasures. */
2837 wpa_drv_set_countermeasures(wpa_s, 0);
2838
2839 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2840 wpa_drv_flush_pmkid(wpa_s);
2841
2842 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2843 wpa_s->prev_scan_wildcard = 0;
2844
2845 if (wpa_supplicant_enabled_networks(wpa_s)) {
2846 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2847 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2848 interface_count = 0;
2849 }
2850 if (!wpa_s->p2p_mgmt &&
2851 wpa_supplicant_delayed_sched_scan(wpa_s,
2852 interface_count % 3,
2853 100000))
2854 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2855 100000);
2856 interface_count++;
2857 } else
2858 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2859
2860 return 0;
2861 }
2862
2863
2864 static int wpa_supplicant_daemon(const char *pid_file)
2865 {
2866 wpa_printf(MSG_DEBUG, "Daemonize..");
2867 return os_daemonize(pid_file);
2868 }
2869
2870
2871 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2872 {
2873 struct wpa_supplicant *wpa_s;
2874
2875 wpa_s = os_zalloc(sizeof(*wpa_s));
2876 if (wpa_s == NULL)
2877 return NULL;
2878 wpa_s->scan_req = INITIAL_SCAN_REQ;
2879 wpa_s->scan_interval = 5;
2880 wpa_s->new_connection = 1;
2881 wpa_s->parent = wpa_s;
2882 wpa_s->sched_scanning = 0;
2883
2884 return wpa_s;
2885 }
2886
2887
2888 #ifdef CONFIG_HT_OVERRIDES
2889
2890 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2891 struct ieee80211_ht_capabilities *htcaps,
2892 struct ieee80211_ht_capabilities *htcaps_mask,
2893 const char *ht_mcs)
2894 {
2895 /* parse ht_mcs into hex array */
2896 int i;
2897 const char *tmp = ht_mcs;
2898 char *end = NULL;
2899
2900 /* If ht_mcs is null, do not set anything */
2901 if (!ht_mcs)
2902 return 0;
2903
2904 /* This is what we are setting in the kernel */
2905 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2906
2907 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2908
2909 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2910 errno = 0;
2911 long v = strtol(tmp, &end, 16);
2912 if (errno == 0) {
2913 wpa_msg(wpa_s, MSG_DEBUG,
2914 "htcap value[%i]: %ld end: %p tmp: %p",
2915 i, v, end, tmp);
2916 if (end == tmp)
2917 break;
2918
2919 htcaps->supported_mcs_set[i] = v;
2920 tmp = end;
2921 } else {
2922 wpa_msg(wpa_s, MSG_ERROR,
2923 "Failed to parse ht-mcs: %s, error: %s\n",
2924 ht_mcs, strerror(errno));
2925 return -1;
2926 }
2927 }
2928
2929 /*
2930 * If we were able to parse any values, then set mask for the MCS set.
2931 */
2932 if (i) {
2933 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2934 IEEE80211_HT_MCS_MASK_LEN - 1);
2935 /* skip the 3 reserved bits */
2936 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2937 0x1f;
2938 }
2939
2940 return 0;
2941 }
2942
2943
2944 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2945 struct ieee80211_ht_capabilities *htcaps,
2946 struct ieee80211_ht_capabilities *htcaps_mask,
2947 int disabled)
2948 {
2949 le16 msk;
2950
2951 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2952
2953 if (disabled == -1)
2954 return 0;
2955
2956 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2957 htcaps_mask->ht_capabilities_info |= msk;
2958 if (disabled)
2959 htcaps->ht_capabilities_info &= msk;
2960 else
2961 htcaps->ht_capabilities_info |= msk;
2962
2963 return 0;
2964 }
2965
2966
2967 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2968 struct ieee80211_ht_capabilities *htcaps,
2969 struct ieee80211_ht_capabilities *htcaps_mask,
2970 int factor)
2971 {
2972 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2973
2974 if (factor == -1)
2975 return 0;
2976
2977 if (factor < 0 || factor > 3) {
2978 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2979 "Must be 0-3 or -1", factor);
2980 return -EINVAL;
2981 }
2982
2983 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2984 htcaps->a_mpdu_params &= ~0x3;
2985 htcaps->a_mpdu_params |= factor & 0x3;
2986
2987 return 0;
2988 }
2989
2990
2991 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2992 struct ieee80211_ht_capabilities *htcaps,
2993 struct ieee80211_ht_capabilities *htcaps_mask,
2994 int density)
2995 {
2996 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2997
2998 if (density == -1)
2999 return 0;
3000
3001 if (density < 0 || density > 7) {
3002 wpa_msg(wpa_s, MSG_ERROR,
3003 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3004 density);
3005 return -EINVAL;
3006 }
3007
3008 htcaps_mask->a_mpdu_params |= 0x1C;
3009 htcaps->a_mpdu_params &= ~(0x1C);
3010 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3011
3012 return 0;
3013 }
3014
3015
3016 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3017 struct ieee80211_ht_capabilities *htcaps,
3018 struct ieee80211_ht_capabilities *htcaps_mask,
3019 int disabled)
3020 {
3021 /* Masking these out disables HT40 */
3022 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3023 HT_CAP_INFO_SHORT_GI40MHZ);
3024
3025 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3026
3027 if (disabled)
3028 htcaps->ht_capabilities_info &= ~msk;
3029 else
3030 htcaps->ht_capabilities_info |= msk;
3031
3032 htcaps_mask->ht_capabilities_info |= msk;
3033
3034 return 0;
3035 }
3036
3037
3038 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3039 struct ieee80211_ht_capabilities *htcaps,
3040 struct ieee80211_ht_capabilities *htcaps_mask,
3041 int disabled)
3042 {
3043 /* Masking these out disables SGI */
3044 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3045 HT_CAP_INFO_SHORT_GI40MHZ);
3046
3047 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3048
3049 if (disabled)
3050 htcaps->ht_capabilities_info &= ~msk;
3051 else
3052 htcaps->ht_capabilities_info |= msk;
3053
3054 htcaps_mask->ht_capabilities_info |= msk;
3055
3056 return 0;
3057 }
3058
3059
3060 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3061 struct ieee80211_ht_capabilities *htcaps,
3062 struct ieee80211_ht_capabilities *htcaps_mask,
3063 int disabled)
3064 {
3065 /* Masking these out disables LDPC */
3066 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3067
3068 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3069
3070 if (disabled)
3071 htcaps->ht_capabilities_info &= ~msk;
3072 else
3073 htcaps->ht_capabilities_info |= msk;
3074
3075 htcaps_mask->ht_capabilities_info |= msk;
3076
3077 return 0;
3078 }
3079
3080
3081 void wpa_supplicant_apply_ht_overrides(
3082 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3083 struct wpa_driver_associate_params *params)
3084 {
3085 struct ieee80211_ht_capabilities *htcaps;
3086 struct ieee80211_ht_capabilities *htcaps_mask;
3087
3088 if (!ssid)
3089 return;
3090
3091 params->disable_ht = ssid->disable_ht;
3092 if (!params->htcaps || !params->htcaps_mask)
3093 return;
3094
3095 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3096 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3097 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3098 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3099 ssid->disable_max_amsdu);
3100 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3101 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3102 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3103 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3104 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3105
3106 if (ssid->ht40_intolerant) {
3107 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3108 htcaps->ht_capabilities_info |= bit;
3109 htcaps_mask->ht_capabilities_info |= bit;
3110 }
3111 }
3112
3113 #endif /* CONFIG_HT_OVERRIDES */
3114
3115
3116 #ifdef CONFIG_VHT_OVERRIDES
3117 void wpa_supplicant_apply_vht_overrides(
3118 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3119 struct wpa_driver_associate_params *params)
3120 {
3121 struct ieee80211_vht_capabilities *vhtcaps;
3122 struct ieee80211_vht_capabilities *vhtcaps_mask;
3123 #ifdef CONFIG_HT_OVERRIDES
3124 int max_ampdu;
3125 const u32 max_ampdu_mask = VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
3126 #endif /* CONFIG_HT_OVERRIDES */
3127
3128 if (!ssid)
3129 return;
3130
3131 params->disable_vht = ssid->disable_vht;
3132
3133 vhtcaps = (void *) params->vhtcaps;
3134 vhtcaps_mask = (void *) params->vhtcaps_mask;
3135
3136 if (!vhtcaps || !vhtcaps_mask)
3137 return;
3138
3139 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3140 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3141
3142 #ifdef CONFIG_HT_OVERRIDES
3143 /* if max ampdu is <= 3, we have to make the HT cap the same */
3144 if (ssid->vht_capa_mask & max_ampdu_mask) {
3145 max_ampdu = (ssid->vht_capa & max_ampdu_mask) >>
3146 find_first_bit(max_ampdu_mask);
3147
3148 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3149 wpa_set_ampdu_factor(wpa_s,
3150 (void *) params->htcaps,
3151 (void *) params->htcaps_mask,
3152 max_ampdu);
3153 }
3154 #endif /* CONFIG_HT_OVERRIDES */
3155
3156 #define OVERRIDE_MCS(i) \
3157 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3158 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3159 3 << 2 * (i - 1); \
3160 vhtcaps->vht_supported_mcs_set.tx_map |= \
3161 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3162 } \
3163 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3164 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3165 3 << 2 * (i - 1); \
3166 vhtcaps->vht_supported_mcs_set.rx_map |= \
3167 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3168 }
3169
3170 OVERRIDE_MCS(1);
3171 OVERRIDE_MCS(2);
3172 OVERRIDE_MCS(3);
3173 OVERRIDE_MCS(4);
3174 OVERRIDE_MCS(5);
3175 OVERRIDE_MCS(6);
3176 OVERRIDE_MCS(7);
3177 OVERRIDE_MCS(8);
3178 }
3179 #endif /* CONFIG_VHT_OVERRIDES */
3180
3181
3182 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3183 {
3184 #ifdef PCSC_FUNCS
3185 size_t len;
3186
3187 if (!wpa_s->conf->pcsc_reader)
3188 return 0;
3189
3190 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3191 if (!wpa_s->scard)
3192 return 1;
3193
3194 if (wpa_s->conf->pcsc_pin &&
3195 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3196 scard_deinit(wpa_s->scard);
3197 wpa_s->scard = NULL;
3198 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3199 return -1;
3200 }
3201
3202 len = sizeof(wpa_s->imsi) - 1;
3203 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3204 scard_deinit(wpa_s->scard);
3205 wpa_s->scard = NULL;
3206 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3207 return -1;
3208 }
3209 wpa_s->imsi[len] = '\0';
3210
3211 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3212
3213 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3214 wpa_s->imsi, wpa_s->mnc_len);
3215
3216 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3217 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3218 #endif /* PCSC_FUNCS */
3219
3220 return 0;
3221 }
3222
3223
3224 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3225 {
3226 char *val, *pos;
3227
3228 ext_password_deinit(wpa_s->ext_pw);
3229 wpa_s->ext_pw = NULL;
3230 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3231
3232 if (!wpa_s->conf->ext_password_backend)
3233 return 0;
3234
3235 val = os_strdup(wpa_s->conf->ext_password_backend);
3236 if (val == NULL)
3237 return -1;
3238 pos = os_strchr(val, ':');
3239 if (pos)
3240 *pos++ = '\0';
3241
3242 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3243
3244 wpa_s->ext_pw = ext_password_init(val, pos);
3245 os_free(val);
3246 if (wpa_s->ext_pw == NULL) {
3247 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3248 return -1;
3249 }
3250 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3251
3252 return 0;
3253 }
3254
3255
3256 static int wpas_check_wowlan_trigger(const char *start, const char *trigger,
3257 int capa_trigger, u8 *param_trigger)
3258 {
3259 if (os_strcmp(start, trigger) != 0)
3260 return 0;
3261 if (!capa_trigger)
3262 return 0;
3263
3264 *param_trigger = 1;
3265 return 1;
3266 }
3267
3268
3269 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3270 struct wpa_driver_capa *capa)
3271 {
3272 struct wowlan_triggers triggers;
3273 char *start, *end, *buf;
3274 int last, ret;
3275
3276 if (!wpa_s->conf->wowlan_triggers)
3277 return 0;
3278
3279 buf = os_strdup(wpa_s->conf->wowlan_triggers);
3280 if (buf == NULL)
3281 return -1;
3282
3283 os_memset(&triggers, 0, sizeof(triggers));
3284
3285 #define CHECK_TRIGGER(trigger) \
3286 wpas_check_wowlan_trigger(start, #trigger, \
3287 capa->wowlan_triggers.trigger, \
3288 &triggers.trigger)
3289
3290 start = buf;
3291 while (*start != '\0') {
3292 while (isblank(*start))
3293 start++;
3294 if (*start == '\0')
3295 break;
3296 end = start;
3297 while (!isblank(*end) && *end != '\0')
3298 end++;
3299 last = *end == '\0';
3300 *end = '\0';
3301
3302 if (!CHECK_TRIGGER(any) &&
3303 !CHECK_TRIGGER(disconnect) &&
3304 !CHECK_TRIGGER(magic_pkt) &&
3305 !CHECK_TRIGGER(gtk_rekey_failure) &&
3306 !CHECK_TRIGGER(eap_identity_req) &&
3307 !CHECK_TRIGGER(four_way_handshake) &&
3308 !CHECK_TRIGGER(rfkill_release)) {
3309 wpa_printf(MSG_DEBUG,
3310 "Unknown/unsupported wowlan trigger '%s'",
3311 start);
3312 ret = -1;
3313 goto out;
3314 }
3315
3316 if (last)
3317 break;
3318 start = end + 1;
3319 }
3320 #undef CHECK_TRIGGER
3321
3322 ret = wpa_drv_wowlan(wpa_s, &triggers);
3323 out:
3324 os_free(buf);
3325 return ret;
3326 }
3327
3328
3329 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3330 const char *rn)
3331 {
3332 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3333 struct wpa_radio *radio;
3334
3335 while (rn && iface) {
3336 radio = iface->radio;
3337 if (radio && os_strcmp(rn, radio->name) == 0) {
3338 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3339 wpa_s->ifname, rn);
3340 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3341 return radio;
3342 }
3343
3344 iface = iface->next;
3345 }
3346
3347 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3348 wpa_s->ifname, rn ? rn : "N/A");
3349 radio = os_zalloc(sizeof(*radio));
3350 if (radio == NULL)
3351 return NULL;
3352
3353 if (rn)
3354 os_strlcpy(radio->name, rn, sizeof(radio->name));
3355 dl_list_init(&radio->ifaces);
3356 dl_list_init(&radio->work);
3357 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3358
3359 return radio;
3360 }
3361
3362
3363 static void radio_work_free(struct wpa_radio_work *work)
3364 {
3365 if (work->wpa_s->scan_work == work) {
3366 /* This should not really happen. */
3367 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3368 work->type, work, work->started);
3369 work->wpa_s->scan_work = NULL;
3370 }
3371
3372 #ifdef CONFIG_P2P
3373 if (work->wpa_s->p2p_scan_work == work) {
3374 /* This should not really happen. */
3375 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3376 work->type, work, work->started);
3377 work->wpa_s->p2p_scan_work = NULL;
3378 }
3379 #endif /* CONFIG_P2P */
3380
3381 dl_list_del(&work->list);
3382 os_free(work);
3383 }
3384
3385
3386 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3387 {
3388 struct wpa_radio *radio = eloop_ctx;
3389 struct wpa_radio_work *work;
3390 struct os_reltime now, diff;
3391 struct wpa_supplicant *wpa_s;
3392
3393 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3394 if (work == NULL)
3395 return;
3396
3397 if (work->started)
3398 return; /* already started and still in progress */
3399
3400 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3401 radio_list);
3402 if (wpa_s && wpa_s->external_scan_running) {
3403 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3404 return;
3405 }
3406
3407 os_get_reltime(&now);
3408 os_reltime_sub(&now, &work->time, &diff);
3409 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3410 work->type, work, diff.sec, diff.usec);
3411 work->started = 1;
3412 work->time = now;
3413 work->cb(work, 0);
3414 }
3415
3416
3417 /*
3418 * This function removes both started and pending radio works running on
3419 * the provided interface's radio.
3420 * Prior to the removal of the radio work, its callback (cb) is called with
3421 * deinit set to be 1. Each work's callback is responsible for clearing its
3422 * internal data and restoring to a correct state.
3423 * @wpa_s: wpa_supplicant data
3424 * @type: type of works to be removed
3425 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3426 * this interface's works.
3427 */
3428 void radio_remove_works(struct wpa_supplicant *wpa_s,
3429 const char *type, int remove_all)
3430 {
3431 struct wpa_radio_work *work, *tmp;
3432 struct wpa_radio *radio = wpa_s->radio;
3433
3434 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3435 list) {
3436 if (type && os_strcmp(type, work->type) != 0)
3437 continue;
3438
3439 /* skip other ifaces' works */
3440 if (!remove_all && work->wpa_s != wpa_s)
3441 continue;
3442
3443 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3444 work->type, work, work->started ? " (started)" : "");
3445 work->cb(work, 1);
3446 radio_work_free(work);
3447 }
3448
3449 /* in case we removed the started work */
3450 radio_work_check_next(wpa_s);
3451 }
3452
3453
3454 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3455 {
3456 struct wpa_radio *radio = wpa_s->radio;
3457
3458 if (!radio)
3459 return;
3460
3461 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3462 wpa_s->ifname, radio->name);
3463 dl_list_del(&wpa_s->radio_list);
3464 radio_remove_works(wpa_s, NULL, 0);
3465 wpa_s->radio = NULL;
3466 if (!dl_list_empty(&radio->ifaces))
3467 return; /* Interfaces remain for this radio */
3468
3469 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3470 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3471 os_free(radio);
3472 }
3473
3474
3475 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3476 {
3477 struct wpa_radio *radio = wpa_s->radio;
3478
3479 if (dl_list_empty(&radio->work))
3480 return;
3481 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3482 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3483 }
3484
3485
3486 /**
3487 * radio_add_work - Add a radio work item
3488 * @wpa_s: Pointer to wpa_supplicant data
3489 * @freq: Frequency of the offchannel operation in MHz or 0
3490 * @type: Unique identifier for each type of work
3491 * @next: Force as the next work to be executed
3492 * @cb: Callback function for indicating when radio is available
3493 * @ctx: Context pointer for the work (work->ctx in cb())
3494 * Returns: 0 on success, -1 on failure
3495 *
3496 * This function is used to request time for an operation that requires
3497 * exclusive radio control. Once the radio is available, the registered callback
3498 * function will be called. radio_work_done() must be called once the exclusive
3499 * radio operation has been completed, so that the radio is freed for other
3500 * operations. The special case of deinit=1 is used to free the context data
3501 * during interface removal. That does not allow the callback function to start
3502 * the radio operation, i.e., it must free any resources allocated for the radio
3503 * work and return.
3504 *
3505 * The @freq parameter can be used to indicate a single channel on which the
3506 * offchannel operation will occur. This may allow multiple radio work
3507 * operations to be performed in parallel if they apply for the same channel.
3508 * Setting this to 0 indicates that the work item may use multiple channels or
3509 * requires exclusive control of the radio.
3510 */
3511 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3512 const char *type, int next,
3513 void (*cb)(struct wpa_radio_work *work, int deinit),
3514 void *ctx)
3515 {
3516 struct wpa_radio_work *work;
3517 int was_empty;
3518
3519 work = os_zalloc(sizeof(*work));
3520 if (work == NULL)
3521 return -1;
3522 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3523 os_get_reltime(&work->time);
3524 work->freq = freq;
3525 work->type = type;
3526 work->wpa_s = wpa_s;
3527 work->cb = cb;
3528 work->ctx = ctx;
3529
3530 was_empty = dl_list_empty(&wpa_s->radio->work);
3531 if (next)
3532 dl_list_add(&wpa_s->radio->work, &work->list);
3533 else
3534 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3535 if (was_empty) {
3536 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3537 radio_work_check_next(wpa_s);
3538 }
3539
3540 return 0;
3541 }
3542
3543
3544 /**
3545 * radio_work_done - Indicate that a radio work item has been completed
3546 * @work: Completed work
3547 *
3548 * This function is called once the callback function registered with
3549 * radio_add_work() has completed its work.
3550 */
3551 void radio_work_done(struct wpa_radio_work *work)
3552 {
3553 struct wpa_supplicant *wpa_s = work->wpa_s;
3554 struct os_reltime now, diff;
3555 unsigned int started = work->started;
3556
3557 os_get_reltime(&now);
3558 os_reltime_sub(&now, &work->time, &diff);
3559 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3560 work->type, work, started ? "done" : "canceled",
3561 diff.sec, diff.usec);
3562 radio_work_free(work);
3563 if (started)
3564 radio_work_check_next(wpa_s);
3565 }
3566
3567
3568 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3569 {
3570 struct wpa_radio_work *work;
3571 struct wpa_radio *radio = wpa_s->radio;
3572
3573 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3574 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3575 return 1;
3576 }
3577
3578 return 0;
3579 }
3580
3581
3582 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3583 struct wpa_interface *iface)
3584 {
3585 const char *ifname, *driver, *rn;
3586
3587 driver = iface->driver;
3588 next_driver:
3589 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3590 return -1;
3591
3592 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3593 if (wpa_s->drv_priv == NULL) {
3594 const char *pos;
3595 pos = driver ? os_strchr(driver, ',') : NULL;
3596 if (pos) {
3597 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3598 "driver interface - try next driver wrapper");
3599 driver = pos + 1;
3600 goto next_driver;
3601 }
3602 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3603 "interface");
3604 return -1;
3605 }
3606 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3607 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3608 "driver_param '%s'", wpa_s->conf->driver_param);
3609 return -1;
3610 }
3611
3612 ifname = wpa_drv_get_ifname(wpa_s);
3613 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3614 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3615 "interface name with '%s'", ifname);
3616 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3617 }
3618
3619 rn = wpa_driver_get_radio_name(wpa_s);
3620 if (rn && rn[0] == '\0')
3621 rn = NULL;
3622
3623 wpa_s->radio = radio_add_interface(wpa_s, rn);
3624 if (wpa_s->radio == NULL)
3625 return -1;
3626
3627 return 0;
3628 }
3629
3630
3631 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3632 struct wpa_interface *iface)
3633 {
3634 struct wpa_driver_capa capa;
3635
3636 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3637 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3638 iface->confname ? iface->confname : "N/A",
3639 iface->driver ? iface->driver : "default",
3640 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3641 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3642
3643 if (iface->confname) {
3644 #ifdef CONFIG_BACKEND_FILE
3645 wpa_s->confname = os_rel2abs_path(iface->confname);
3646 if (wpa_s->confname == NULL) {
3647 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3648 "for configuration file '%s'.",
3649 iface->confname);
3650 return -1;
3651 }
3652 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3653 iface->confname, wpa_s->confname);
3654 #else /* CONFIG_BACKEND_FILE */
3655 wpa_s->confname = os_strdup(iface->confname);
3656 #endif /* CONFIG_BACKEND_FILE */
3657 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3658 if (wpa_s->conf == NULL) {
3659 wpa_printf(MSG_ERROR, "Failed to read or parse "
3660 "configuration '%s'.", wpa_s->confname);
3661 return -1;
3662 }
3663 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3664 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3665
3666 /*
3667 * Override ctrl_interface and driver_param if set on command
3668 * line.
3669 */
3670 if (iface->ctrl_interface) {
3671 os_free(wpa_s->conf->ctrl_interface);
3672 wpa_s->conf->ctrl_interface =
3673 os_strdup(iface->ctrl_interface);
3674 }
3675
3676 if (iface->driver_param) {
3677 os_free(wpa_s->conf->driver_param);
3678 wpa_s->conf->driver_param =
3679 os_strdup(iface->driver_param);
3680 }
3681
3682 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3683 os_free(wpa_s->conf->ctrl_interface);
3684 wpa_s->conf->ctrl_interface = NULL;
3685 }
3686 } else
3687 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3688 iface->driver_param);
3689
3690 if (wpa_s->conf == NULL) {
3691 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3692 return -1;
3693 }
3694
3695 if (iface->ifname == NULL) {
3696 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3697 return -1;
3698 }
3699 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3700 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3701 iface->ifname);
3702 return -1;
3703 }
3704 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3705
3706 if (iface->bridge_ifname) {
3707 if (os_strlen(iface->bridge_ifname) >=
3708 sizeof(wpa_s->bridge_ifname)) {
3709 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3710 "name '%s'.", iface->bridge_ifname);
3711 return -1;
3712 }
3713 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3714 sizeof(wpa_s->bridge_ifname));
3715 }
3716
3717 /* RSNA Supplicant Key Management - INITIALIZE */
3718 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3719 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3720
3721 /* Initialize driver interface and register driver event handler before
3722 * L2 receive handler so that association events are processed before
3723 * EAPOL-Key packets if both become available for the same select()
3724 * call. */
3725 if (wpas_init_driver(wpa_s, iface) < 0)
3726 return -1;
3727
3728 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3729 return -1;
3730
3731 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3732 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3733 NULL);
3734 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3735
3736 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3737 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3738 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3739 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3740 "dot11RSNAConfigPMKLifetime");
3741 return -1;
3742 }
3743
3744 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3745 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3746 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3747 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3748 "dot11RSNAConfigPMKReauthThreshold");
3749 return -1;
3750 }
3751
3752 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3753 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3754 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3755 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3756 "dot11RSNAConfigSATimeout");
3757 return -1;
3758 }
3759
3760 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3761 &wpa_s->hw.num_modes,
3762 &wpa_s->hw.flags);
3763
3764 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3765 wpa_s->drv_capa_known = 1;
3766 wpa_s->drv_flags = capa.flags;
3767 wpa_s->drv_enc = capa.enc;
3768 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3769 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3770 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3771 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3772 wpa_s->max_match_sets = capa.max_match_sets;
3773 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3774 wpa_s->max_stations = capa.max_stations;
3775 wpa_s->extended_capa = capa.extended_capa;
3776 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3777 wpa_s->extended_capa_len = capa.extended_capa_len;
3778 wpa_s->num_multichan_concurrent =
3779 capa.num_multichan_concurrent;
3780 }
3781 if (wpa_s->max_remain_on_chan == 0)
3782 wpa_s->max_remain_on_chan = 1000;
3783
3784 /*
3785 * Only take p2p_mgmt parameters when P2P Device is supported.
3786 * Doing it here as it determines whether l2_packet_init() will be done
3787 * during wpa_supplicant_driver_init().
3788 */
3789 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3790 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3791 else
3792 iface->p2p_mgmt = 1;
3793
3794 if (wpa_s->num_multichan_concurrent == 0)
3795 wpa_s->num_multichan_concurrent = 1;
3796
3797 if (wpa_supplicant_driver_init(wpa_s) < 0)
3798 return -1;
3799
3800 #ifdef CONFIG_TDLS
3801 if ((!iface->p2p_mgmt ||
3802 !(wpa_s->drv_flags &
3803 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3804 wpa_tdls_init(wpa_s->wpa))
3805 return -1;
3806 #endif /* CONFIG_TDLS */
3807
3808 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3809 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3810 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3811 return -1;
3812 }
3813
3814 if (wpas_wps_init(wpa_s))
3815 return -1;
3816
3817 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3818 return -1;
3819 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3820
3821 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3822 if (wpa_s->ctrl_iface == NULL) {
3823 wpa_printf(MSG_ERROR,
3824 "Failed to initialize control interface '%s'.\n"
3825 "You may have another wpa_supplicant process "
3826 "already running or the file was\n"
3827 "left by an unclean termination of wpa_supplicant "
3828 "in which case you will need\n"
3829 "to manually remove this file before starting "
3830 "wpa_supplicant again.\n",
3831 wpa_s->conf->ctrl_interface);
3832 return -1;
3833 }
3834
3835 wpa_s->gas = gas_query_init(wpa_s);
3836 if (wpa_s->gas == NULL) {
3837 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3838 return -1;
3839 }
3840
3841 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3842 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3843 return -1;
3844 }
3845
3846 if (wpa_bss_init(wpa_s) < 0)
3847 return -1;
3848
3849 /*
3850 * Set Wake-on-WLAN triggers, if configured.
3851 * Note: We don't restore/remove the triggers on shutdown (it doesn't
3852 * have effect anyway when the interface is down).
3853 */
3854 if (wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
3855 return -1;
3856
3857 #ifdef CONFIG_EAP_PROXY
3858 {
3859 size_t len;
3860 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3861 &len);
3862 if (wpa_s->mnc_len > 0) {
3863 wpa_s->imsi[len] = '\0';
3864 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3865 wpa_s->imsi, wpa_s->mnc_len);
3866 } else {
3867 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3868 }
3869 }
3870 #endif /* CONFIG_EAP_PROXY */
3871
3872 if (pcsc_reader_init(wpa_s) < 0)
3873 return -1;
3874
3875 if (wpas_init_ext_pw(wpa_s) < 0)
3876 return -1;
3877
3878 return 0;
3879 }
3880
3881
3882 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3883 int notify, int terminate)
3884 {
3885 wpa_s->disconnected = 1;
3886 if (wpa_s->drv_priv) {
3887 wpa_supplicant_deauthenticate(wpa_s,
3888 WLAN_REASON_DEAUTH_LEAVING);
3889
3890 wpa_drv_set_countermeasures(wpa_s, 0);
3891 wpa_clear_keys(wpa_s, NULL);
3892 }
3893
3894 wpa_supplicant_cleanup(wpa_s);
3895 wpas_p2p_deinit_iface(wpa_s);
3896
3897 wpas_ctrl_radio_work_flush(wpa_s);
3898 radio_remove_interface(wpa_s);
3899
3900 if (wpa_s->drv_priv)
3901 wpa_drv_deinit(wpa_s);
3902
3903 if (notify)
3904 wpas_notify_iface_removed(wpa_s);
3905
3906 if (terminate)
3907 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3908
3909 if (wpa_s->ctrl_iface) {
3910 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3911 wpa_s->ctrl_iface = NULL;
3912 }
3913
3914 if (wpa_s->conf != NULL) {
3915 wpa_config_free(wpa_s->conf);
3916 wpa_s->conf = NULL;
3917 }
3918
3919 os_free(wpa_s);
3920 }
3921
3922
3923 /**
3924 * wpa_supplicant_add_iface - Add a new network interface
3925 * @global: Pointer to global data from wpa_supplicant_init()
3926 * @iface: Interface configuration options
3927 * Returns: Pointer to the created interface or %NULL on failure
3928 *
3929 * This function is used to add new network interfaces for %wpa_supplicant.
3930 * This can be called before wpa_supplicant_run() to add interfaces before the
3931 * main event loop has been started. In addition, new interfaces can be added
3932 * dynamically while %wpa_supplicant is already running. This could happen,
3933 * e.g., when a hotplug network adapter is inserted.
3934 */
3935 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3936 struct wpa_interface *iface)
3937 {
3938 struct wpa_supplicant *wpa_s;
3939 struct wpa_interface t_iface;
3940 struct wpa_ssid *ssid;
3941
3942 if (global == NULL || iface == NULL)
3943 return NULL;
3944
3945 wpa_s = wpa_supplicant_alloc();
3946 if (wpa_s == NULL)
3947 return NULL;
3948
3949 wpa_s->global = global;
3950
3951 t_iface = *iface;
3952 if (global->params.override_driver) {
3953 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3954 "('%s' -> '%s')",
3955 iface->driver, global->params.override_driver);
3956 t_iface.driver = global->params.override_driver;
3957 }
3958 if (global->params.override_ctrl_interface) {
3959 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3960 "ctrl_interface ('%s' -> '%s')",
3961 iface->ctrl_interface,
3962 global->params.override_ctrl_interface);
3963 t_iface.ctrl_interface =
3964 global->params.override_ctrl_interface;
3965 }
3966 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3967 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3968 iface->ifname);
3969 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3970 return NULL;
3971 }
3972
3973 /* Notify the control interfaces about new iface */
3974 if (wpas_notify_iface_added(wpa_s)) {
3975 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3976 return NULL;
3977 }
3978
3979 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3980 wpas_notify_network_added(wpa_s, ssid);
3981
3982 wpa_s->next = global->ifaces;
3983 global->ifaces = wpa_s;
3984
3985 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3986 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3987
3988 return wpa_s;
3989 }
3990
3991
3992 /**
3993 * wpa_supplicant_remove_iface - Remove a network interface
3994 * @global: Pointer to global data from wpa_supplicant_init()
3995 * @wpa_s: Pointer to the network interface to be removed
3996 * Returns: 0 if interface was removed, -1 if interface was not found
3997 *
3998 * This function can be used to dynamically remove network interfaces from
3999 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
4000 * addition, this function is used to remove all remaining interfaces when
4001 * %wpa_supplicant is terminated.
4002 */
4003 int wpa_supplicant_remove_iface(struct wpa_global *global,
4004 struct wpa_supplicant *wpa_s,
4005 int terminate)
4006 {
4007 struct wpa_supplicant *prev;
4008
4009 /* Remove interface from the global list of interfaces */
4010 prev = global->ifaces;
4011 if (prev == wpa_s) {
4012 global->ifaces = wpa_s->next;
4013 } else {
4014 while (prev && prev->next != wpa_s)
4015 prev = prev->next;
4016 if (prev == NULL)
4017 return -1;
4018 prev->next = wpa_s->next;
4019 }
4020
4021 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
4022
4023 if (global->p2p_group_formation == wpa_s)
4024 global->p2p_group_formation = NULL;
4025 if (global->p2p_invite_group == wpa_s)
4026 global->p2p_invite_group = NULL;
4027 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
4028
4029 return 0;
4030 }
4031
4032
4033 /**
4034 * wpa_supplicant_get_eap_mode - Get the current EAP mode
4035 * @wpa_s: Pointer to the network interface
4036 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
4037 */
4038 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
4039 {
4040 const char *eapol_method;
4041
4042 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
4043 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4044 return "NO-EAP";
4045 }
4046
4047 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
4048 if (eapol_method == NULL)
4049 return "UNKNOWN-EAP";
4050
4051 return eapol_method;
4052 }
4053
4054
4055 /**
4056 * wpa_supplicant_get_iface - Get a new network interface
4057 * @global: Pointer to global data from wpa_supplicant_init()
4058 * @ifname: Interface name
4059 * Returns: Pointer to the interface or %NULL if not found
4060 */
4061 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
4062 const char *ifname)
4063 {
4064 struct wpa_supplicant *wpa_s;
4065
4066 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4067 if (os_strcmp(wpa_s->ifname, ifname) == 0)
4068 return wpa_s;
4069 }
4070 return NULL;
4071 }
4072
4073
4074 #ifndef CONFIG_NO_WPA_MSG
4075 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
4076 {
4077 struct wpa_supplicant *wpa_s = ctx;
4078 if (wpa_s == NULL)
4079 return NULL;
4080 return wpa_s->ifname;
4081 }
4082 #endif /* CONFIG_NO_WPA_MSG */
4083
4084
4085 /**
4086 * wpa_supplicant_init - Initialize %wpa_supplicant
4087 * @params: Parameters for %wpa_supplicant
4088 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
4089 *
4090 * This function is used to initialize %wpa_supplicant. After successful
4091 * initialization, the returned data pointer can be used to add and remove
4092 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
4093 */
4094 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
4095 {
4096 struct wpa_global *global;
4097 int ret, i;
4098
4099 if (params == NULL)
4100 return NULL;
4101
4102 #ifdef CONFIG_DRIVER_NDIS
4103 {
4104 void driver_ndis_init_ops(void);
4105 driver_ndis_init_ops();
4106 }
4107 #endif /* CONFIG_DRIVER_NDIS */
4108
4109 #ifndef CONFIG_NO_WPA_MSG
4110 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4111 #endif /* CONFIG_NO_WPA_MSG */
4112
4113 wpa_debug_open_file(params->wpa_debug_file_path);
4114 if (params->wpa_debug_syslog)
4115 wpa_debug_open_syslog();
4116 if (params->wpa_debug_tracing) {
4117 ret = wpa_debug_open_linux_tracing();
4118 if (ret) {
4119 wpa_printf(MSG_ERROR,
4120 "Failed to enable trace logging");
4121 return NULL;
4122 }
4123 }
4124
4125 ret = eap_register_methods();
4126 if (ret) {
4127 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4128 if (ret == -2)
4129 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4130 "the same EAP type.");
4131 return NULL;
4132 }
4133
4134 global = os_zalloc(sizeof(*global));
4135 if (global == NULL)
4136 return NULL;
4137 dl_list_init(&global->p2p_srv_bonjour);
4138 dl_list_init(&global->p2p_srv_upnp);
4139 global->params.daemonize = params->daemonize;
4140 global->params.wait_for_monitor = params->wait_for_monitor;
4141 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4142 if (params->pid_file)
4143 global->params.pid_file = os_strdup(params->pid_file);
4144 if (params->ctrl_interface)
4145 global->params.ctrl_interface =
4146 os_strdup(params->ctrl_interface);
4147 if (params->ctrl_interface_group)
4148 global->params.ctrl_interface_group =
4149 os_strdup(params->ctrl_interface_group);
4150 if (params->override_driver)
4151 global->params.override_driver =
4152 os_strdup(params->override_driver);
4153 if (params->override_ctrl_interface)
4154 global->params.override_ctrl_interface =
4155 os_strdup(params->override_ctrl_interface);
4156 wpa_debug_level = global->params.wpa_debug_level =
4157 params->wpa_debug_level;
4158 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4159 params->wpa_debug_show_keys;
4160 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4161 params->wpa_debug_timestamp;
4162
4163 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4164
4165 if (eloop_init()) {
4166 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4167 wpa_supplicant_deinit(global);
4168 return NULL;
4169 }
4170
4171 random_init(params->entropy_file);
4172
4173 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4174 if (global->ctrl_iface == NULL) {
4175 wpa_supplicant_deinit(global);
4176 return NULL;
4177 }
4178
4179 if (wpas_notify_supplicant_initialized(global)) {
4180 wpa_supplicant_deinit(global);
4181 return NULL;
4182 }
4183
4184 for (i = 0; wpa_drivers[i]; i++)
4185 global->drv_count++;
4186 if (global->drv_count == 0) {
4187 wpa_printf(MSG_ERROR, "No drivers enabled");
4188 wpa_supplicant_deinit(global);
4189 return NULL;
4190 }
4191 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
4192 if (global->drv_priv == NULL) {
4193 wpa_supplicant_deinit(global);
4194 return NULL;
4195 }
4196
4197 #ifdef CONFIG_WIFI_DISPLAY
4198 if (wifi_display_init(global) < 0) {
4199 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4200 wpa_supplicant_deinit(global);
4201 return NULL;
4202 }
4203 #endif /* CONFIG_WIFI_DISPLAY */
4204
4205 return global;
4206 }
4207
4208
4209 /**
4210 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4211 * @global: Pointer to global data from wpa_supplicant_init()
4212 * Returns: 0 after successful event loop run, -1 on failure
4213 *
4214 * This function starts the main event loop and continues running as long as
4215 * there are any remaining events. In most cases, this function is running as
4216 * long as the %wpa_supplicant process in still in use.
4217 */
4218 int wpa_supplicant_run(struct wpa_global *global)
4219 {
4220 struct wpa_supplicant *wpa_s;
4221
4222 if (global->params.daemonize &&
4223 wpa_supplicant_daemon(global->params.pid_file))
4224 return -1;
4225
4226 if (global->params.wait_for_monitor) {
4227 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4228 if (wpa_s->ctrl_iface)
4229 wpa_supplicant_ctrl_iface_wait(
4230 wpa_s->ctrl_iface);
4231 }
4232
4233 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4234 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4235
4236 eloop_run();
4237
4238 return 0;
4239 }
4240
4241
4242 /**
4243 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4244 * @global: Pointer to global data from wpa_supplicant_init()
4245 *
4246 * This function is called to deinitialize %wpa_supplicant and to free all
4247 * allocated resources. Remaining network interfaces will also be removed.
4248 */
4249 void wpa_supplicant_deinit(struct wpa_global *global)
4250 {
4251 int i;
4252
4253 if (global == NULL)
4254 return;
4255
4256 #ifdef CONFIG_WIFI_DISPLAY
4257 wifi_display_deinit(global);
4258 #endif /* CONFIG_WIFI_DISPLAY */
4259
4260 while (global->ifaces)
4261 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4262
4263 if (global->ctrl_iface)
4264 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4265
4266 wpas_notify_supplicant_deinitialized(global);
4267
4268 eap_peer_unregister_methods();
4269 #ifdef CONFIG_AP
4270 eap_server_unregister_methods();
4271 #endif /* CONFIG_AP */
4272
4273 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4274 if (!global->drv_priv[i])
4275 continue;
4276 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4277 }
4278 os_free(global->drv_priv);
4279
4280 random_deinit();
4281
4282 eloop_destroy();
4283
4284 if (global->params.pid_file) {
4285 os_daemonize_terminate(global->params.pid_file);
4286 os_free(global->params.pid_file);
4287 }
4288 os_free(global->params.ctrl_interface);
4289 os_free(global->params.ctrl_interface_group);
4290 os_free(global->params.override_driver);
4291 os_free(global->params.override_ctrl_interface);
4292
4293 os_free(global->p2p_disallow_freq.range);
4294 os_free(global->p2p_go_avoid_freq.range);
4295 os_free(global->add_psk);
4296
4297 os_free(global);
4298 wpa_debug_close_syslog();
4299 wpa_debug_close_file();
4300 wpa_debug_close_linux_tracing();
4301 }
4302
4303
4304 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4305 {
4306 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4307 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4308 char country[3];
4309 country[0] = wpa_s->conf->country[0];
4310 country[1] = wpa_s->conf->country[1];
4311 country[2] = '\0';
4312 if (wpa_drv_set_country(wpa_s, country) < 0) {
4313 wpa_printf(MSG_ERROR, "Failed to set country code "
4314 "'%s'", country);
4315 }
4316 }
4317
4318 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4319 wpas_init_ext_pw(wpa_s);
4320
4321 #ifdef CONFIG_WPS
4322 wpas_wps_update_config(wpa_s);
4323 #endif /* CONFIG_WPS */
4324 wpas_p2p_update_config(wpa_s);
4325 wpa_s->conf->changed_parameters = 0;
4326 }
4327
4328
4329 static void add_freq(int *freqs, int *num_freqs, int freq)
4330 {
4331 int i;
4332
4333 for (i = 0; i < *num_freqs; i++) {
4334 if (freqs[i] == freq)
4335 return;
4336 }
4337
4338 freqs[*num_freqs] = freq;
4339 (*num_freqs)++;
4340 }
4341
4342
4343 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4344 {
4345 struct wpa_bss *bss, *cbss;
4346 const int max_freqs = 10;
4347 int *freqs;
4348 int num_freqs = 0;
4349
4350 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4351 if (freqs == NULL)
4352 return NULL;
4353
4354 cbss = wpa_s->current_bss;
4355
4356 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4357 if (bss == cbss)
4358 continue;
4359 if (bss->ssid_len == cbss->ssid_len &&
4360 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4361 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4362 add_freq(freqs, &num_freqs, bss->freq);
4363 if (num_freqs == max_freqs)
4364 break;
4365 }
4366 }
4367
4368 if (num_freqs == 0) {
4369 os_free(freqs);
4370 freqs = NULL;
4371 }
4372
4373 return freqs;
4374 }
4375
4376
4377 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4378 {
4379 int timeout;
4380 int count;
4381 int *freqs = NULL;
4382
4383 wpas_connect_work_done(wpa_s);
4384
4385 /*
4386 * Remove possible authentication timeout since the connection failed.
4387 */
4388 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4389
4390 if (wpa_s->disconnected) {
4391 /*
4392 * There is no point in blacklisting the AP if this event is
4393 * generated based on local request to disconnect.
4394 */
4395 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4396 "indication since interface has been put into "
4397 "disconnected state");
4398 return;
4399 }
4400
4401 /*
4402 * Add the failed BSSID into the blacklist and speed up next scan
4403 * attempt if there could be other APs that could accept association.
4404 * The current blacklist count indicates how many times we have tried
4405 * connecting to this AP and multiple attempts mean that other APs are
4406 * either not available or has already been tried, so that we can start
4407 * increasing the delay here to avoid constant scanning.
4408 */
4409 count = wpa_blacklist_add(wpa_s, bssid);
4410 if (count == 1 && wpa_s->current_bss) {
4411 /*
4412 * This BSS was not in the blacklist before. If there is
4413 * another BSS available for the same ESS, we should try that
4414 * next. Otherwise, we may as well try this one once more
4415 * before allowing other, likely worse, ESSes to be considered.
4416 */
4417 freqs = get_bss_freqs_in_ess(wpa_s);
4418 if (freqs) {
4419 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4420 "has been seen; try it next");
4421 wpa_blacklist_add(wpa_s, bssid);
4422 /*
4423 * On the next scan, go through only the known channels
4424 * used in this ESS based on previous scans to speed up
4425 * common load balancing use case.
4426 */
4427 os_free(wpa_s->next_scan_freqs);
4428 wpa_s->next_scan_freqs = freqs;
4429 }
4430 }
4431
4432 /*
4433 * Add previous failure count in case the temporary blacklist was
4434 * cleared due to no other BSSes being available.
4435 */
4436 count += wpa_s->extra_blacklist_count;
4437
4438 if (count > 3 && wpa_s->current_ssid) {
4439 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4440 "consider temporary network disabling");
4441 wpas_auth_failed(wpa_s, "CONN_FAILED");
4442 }
4443
4444 switch (count) {
4445 case 1:
4446 timeout = 100;
4447 break;
4448 case 2:
4449 timeout = 500;
4450 break;
4451 case 3:
4452 timeout = 1000;
4453 break;
4454 case 4:
4455 timeout = 5000;
4456 break;
4457 default:
4458 timeout = 10000;
4459 break;
4460 }
4461
4462 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4463 "ms", count, timeout);
4464
4465 /*
4466 * TODO: if more than one possible AP is available in scan results,
4467 * could try the other ones before requesting a new scan.
4468 */
4469 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4470 1000 * (timeout % 1000));
4471 }
4472
4473
4474 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4475 {
4476 return wpa_s->conf->ap_scan == 2 ||
4477 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4478 }
4479
4480
4481 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4482 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4483 struct wpa_ssid *ssid,
4484 const char *field,
4485 const char *value)
4486 {
4487 #ifdef IEEE8021X_EAPOL
4488 struct eap_peer_config *eap = &ssid->eap;
4489
4490 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4491 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4492 (const u8 *) value, os_strlen(value));
4493
4494 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4495 case WPA_CTRL_REQ_EAP_IDENTITY:
4496 os_free(eap->identity);
4497 eap->identity = (u8 *) os_strdup(value);
4498 eap->identity_len = os_strlen(value);
4499 eap->pending_req_identity = 0;
4500 if (ssid == wpa_s->current_ssid)
4501 wpa_s->reassociate = 1;
4502 break;
4503 case WPA_CTRL_REQ_EAP_PASSWORD:
4504 bin_clear_free(eap->password, eap->password_len);
4505 eap->password = (u8 *) os_strdup(value);
4506 eap->password_len = os_strlen(value);
4507 eap->pending_req_password = 0;
4508 if (ssid == wpa_s->current_ssid)
4509 wpa_s->reassociate = 1;
4510 break;
4511 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4512 bin_clear_free(eap->new_password, eap->new_password_len);
4513 eap->new_password = (u8 *) os_strdup(value);
4514 eap->new_password_len = os_strlen(value);
4515 eap->pending_req_new_password = 0;
4516 if (ssid == wpa_s->current_ssid)
4517 wpa_s->reassociate = 1;
4518 break;
4519 case WPA_CTRL_REQ_EAP_PIN:
4520 str_clear_free(eap->pin);
4521 eap->pin = os_strdup(value);
4522 eap->pending_req_pin = 0;
4523 if (ssid == wpa_s->current_ssid)
4524 wpa_s->reassociate = 1;
4525 break;
4526 case WPA_CTRL_REQ_EAP_OTP:
4527 bin_clear_free(eap->otp, eap->otp_len);
4528 eap->otp = (u8 *) os_strdup(value);
4529 eap->otp_len = os_strlen(value);
4530 os_free(eap->pending_req_otp);
4531 eap->pending_req_otp = NULL;
4532 eap->pending_req_otp_len = 0;
4533 break;
4534 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4535 str_clear_free(eap->private_key_passwd);
4536 eap->private_key_passwd = os_strdup(value);
4537 eap->pending_req_passphrase = 0;
4538 if (ssid == wpa_s->current_ssid)
4539 wpa_s->reassociate = 1;
4540 break;
4541 case WPA_CTRL_REQ_SIM:
4542 str_clear_free(eap->external_sim_resp);
4543 eap->external_sim_resp = os_strdup(value);
4544 break;
4545 default:
4546 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4547 return -1;
4548 }
4549
4550 return 0;
4551 #else /* IEEE8021X_EAPOL */
4552 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4553 return -1;
4554 #endif /* IEEE8021X_EAPOL */
4555 }
4556 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4557
4558
4559 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4560 {
4561 int i;
4562 unsigned int drv_enc;
4563
4564 if (ssid == NULL)
4565 return 1;
4566
4567 if (ssid->disabled)
4568 return 1;
4569
4570 if (wpa_s && wpa_s->drv_capa_known)
4571 drv_enc = wpa_s->drv_enc;
4572 else
4573 drv_enc = (unsigned int) -1;
4574
4575 for (i = 0; i < NUM_WEP_KEYS; i++) {
4576 size_t len = ssid->wep_key_len[i];
4577 if (len == 0)
4578 continue;
4579 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4580 continue;
4581 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4582 continue;
4583 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4584 continue;
4585 return 1; /* invalid WEP key */
4586 }
4587
4588 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4589 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4590 return 1;
4591
4592 return 0;
4593 }
4594
4595
4596 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4597 {
4598 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4599 return 1;
4600 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4601 return 0;
4602 return -1;
4603 }
4604
4605
4606 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
4607 {
4608 struct wpa_ssid *ssid = wpa_s->current_ssid;
4609 int dur;
4610 struct os_reltime now;
4611
4612 if (ssid == NULL) {
4613 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4614 "SSID block");
4615 return;
4616 }
4617
4618 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4619 return;
4620
4621 ssid->auth_failures++;
4622
4623 #ifdef CONFIG_P2P
4624 if (ssid->p2p_group &&
4625 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4626 /*
4627 * Skip the wait time since there is a short timeout on the
4628 * connection to a P2P group.
4629 */
4630 return;
4631 }
4632 #endif /* CONFIG_P2P */
4633
4634 if (ssid->auth_failures > 50)
4635 dur = 300;
4636 else if (ssid->auth_failures > 10)
4637 dur = 120;
4638 else if (ssid->auth_failures > 5)
4639 dur = 90;
4640 else if (ssid->auth_failures > 3)
4641 dur = 60;
4642 else if (ssid->auth_failures > 2)
4643 dur = 30;
4644 else if (ssid->auth_failures > 1)
4645 dur = 20;
4646 else
4647 dur = 10;
4648
4649 if (ssid->auth_failures > 1 &&
4650 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4651 dur += os_random() % (ssid->auth_failures * 10);
4652
4653 os_get_reltime(&now);
4654 if (now.sec + dur <= ssid->disabled_until.sec)
4655 return;
4656
4657 ssid->disabled_until.sec = now.sec + dur;
4658
4659 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4660 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
4661 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4662 ssid->auth_failures, dur, reason);
4663 }
4664
4665
4666 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4667 struct wpa_ssid *ssid, int clear_failures)
4668 {
4669 if (ssid == NULL)
4670 return;
4671
4672 if (ssid->disabled_until.sec) {
4673 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4674 "id=%d ssid=\"%s\"",
4675 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4676 }
4677 ssid->disabled_until.sec = 0;
4678 ssid->disabled_until.usec = 0;
4679 if (clear_failures)
4680 ssid->auth_failures = 0;
4681 }
4682
4683
4684 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4685 {
4686 size_t i;
4687
4688 if (wpa_s->disallow_aps_bssid == NULL)
4689 return 0;
4690
4691 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4692 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4693 bssid, ETH_ALEN) == 0)
4694 return 1;
4695 }
4696
4697 return 0;
4698 }
4699
4700
4701 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4702 size_t ssid_len)
4703 {
4704 size_t i;
4705
4706 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4707 return 0;
4708
4709 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4710 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4711 if (ssid_len == s->ssid_len &&
4712 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4713 return 1;
4714 }
4715
4716 return 0;
4717 }
4718
4719
4720 /**
4721 * wpas_request_connection - Request a new connection
4722 * @wpa_s: Pointer to the network interface
4723 *
4724 * This function is used to request a new connection to be found. It will mark
4725 * the interface to allow reassociation and request a new scan to find a
4726 * suitable network to connect to.
4727 */
4728 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4729 {
4730 wpa_s->normal_scans = 0;
4731 wpa_supplicant_reinit_autoscan(wpa_s);
4732 wpa_s->extra_blacklist_count = 0;
4733 wpa_s->disconnected = 0;
4734 wpa_s->reassociate = 1;
4735
4736 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4737 wpa_supplicant_req_scan(wpa_s, 0, 0);
4738 }
4739
4740
4741 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
4742 struct wpa_used_freq_data *freqs_data,
4743 unsigned int len)
4744 {
4745 unsigned int i;
4746
4747 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4748 len, title);
4749 for (i = 0; i < len; i++) {
4750 struct wpa_used_freq_data *cur = &freqs_data[i];
4751 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
4752 i, cur->freq, cur->flags);
4753 }
4754 }
4755
4756
4757 /*
4758 * Find the operating frequencies of any of the virtual interfaces that
4759 * are using the same radio as the current interface, and in addition, get
4760 * information about the interface types that are using the frequency.
4761 */
4762 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
4763 struct wpa_used_freq_data *freqs_data,
4764 unsigned int len)
4765 {
4766 struct wpa_supplicant *ifs;
4767 u8 bssid[ETH_ALEN];
4768 int freq;
4769 unsigned int idx = 0, i;
4770
4771 wpa_dbg(wpa_s, MSG_DEBUG,
4772 "Determining shared radio frequencies (max len %u)", len);
4773 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
4774
4775 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4776 radio_list) {
4777 if (idx == len)
4778 break;
4779
4780 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4781 continue;
4782
4783 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4784 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4785 freq = ifs->current_ssid->frequency;
4786 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4787 freq = ifs->assoc_freq;
4788 else
4789 continue;
4790
4791 /* Hold only distinct freqs */
4792 for (i = 0; i < idx; i++)
4793 if (freqs_data[i].freq == freq)
4794 break;
4795
4796 if (i == idx)
4797 freqs_data[idx++].freq = freq;
4798
4799 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
4800 freqs_data[i].flags = ifs->current_ssid->p2p_group ?
4801 WPA_FREQ_USED_BY_P2P_CLIENT :
4802 WPA_FREQ_USED_BY_INFRA_STATION;
4803 }
4804 }
4805
4806 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
4807 return idx;
4808 }
4809
4810
4811 /*
4812 * Find the operating frequencies of any of the virtual interfaces that
4813 * are using the same radio as the current interface.
4814 */
4815 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4816 int *freq_array, unsigned int len)
4817 {
4818 struct wpa_used_freq_data *freqs_data;
4819 int num, i;
4820
4821 os_memset(freq_array, 0, sizeof(int) * len);
4822
4823 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
4824 if (!freqs_data)
4825 return -1;
4826
4827 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
4828 for (i = 0; i < num; i++)
4829 freq_array[i] = freqs_data[i].freq;
4830
4831 os_free(freqs_data);
4832
4833 return num;
4834 }
Unnamed repository; edit this file 'description' to name the repository.