3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version
=
56 "wpa_supplicant v" VERSION_STR
"\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license
=
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1
=
72 const char *wpa_supplicant_full_license2
=
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3
=
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4
=
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5
=
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
112 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
113 if (ssid
->wep_key_len
[i
] == 0)
117 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
118 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
119 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
127 struct wpa_ssid
*ssid
)
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
137 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
138 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
143 if (!ssid
->psk_set
) {
144 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
149 switch (wpa_s
->group_cipher
) {
150 case WPA_CIPHER_CCMP
:
151 os_memcpy(key
, ssid
->psk
, 16);
155 case WPA_CIPHER_GCMP
:
156 os_memcpy(key
, ssid
->psk
, 16);
160 case WPA_CIPHER_TKIP
:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key
, ssid
->psk
, 16 + 8);
163 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
168 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s
->group_cipher
);
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
176 return wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
180 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
182 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
183 const u8
*bssid
= wpa_s
->bssid
;
184 if (is_zero_ether_addr(bssid
))
185 bssid
= wpa_s
->pending_bssid
;
186 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
188 wpa_blacklist_add(wpa_s
, bssid
);
189 wpa_sm_notify_disassoc(wpa_s
->wpa
);
190 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
191 wpa_s
->reassociate
= 1;
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
197 wpa_supplicant_req_scan(wpa_s
, 1, 0);
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
207 * This function is used to schedule a timeout for the current authentication
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
213 if (wpa_s
->conf
->ap_scan
== 0 &&
214 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
217 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
218 "%d usec", sec
, usec
);
219 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
220 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
234 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
236 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf
;
251 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid
->mode
== WPAS_MODE_IBSS
&&
255 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
256 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
261 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
262 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
263 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
266 #endif /* CONFIG_IBSS_RSN */
268 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
269 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
271 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
272 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
273 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
275 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
277 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
278 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
279 eapol_conf
.accept_802_1x_keys
= 1;
280 eapol_conf
.required_keys
= 0;
281 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
282 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
284 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
285 eapol_conf
.required_keys
|=
286 EAPOL_REQUIRE_KEY_BROADCAST
;
289 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
290 eapol_conf
.required_keys
= 0;
292 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
293 eapol_conf
.workaround
= ssid
->eap_workaround
;
294 eapol_conf
.eap_disabled
=
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
296 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
297 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
298 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
299 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
300 #endif /* IEEE8021X_EAPOL */
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
314 struct wpa_ssid
*ssid
)
318 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
319 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
320 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
321 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
323 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
324 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
327 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
328 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
329 wpa_s
->mgmt_group_cipher
= 0;
331 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
332 if (ssid
->wep_key_len
[i
] > 5) {
333 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
334 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
336 } else if (ssid
->wep_key_len
[i
] > 0) {
337 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
338 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
343 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
344 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
345 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
346 wpa_s
->pairwise_cipher
);
347 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
350 wpa_s
->mgmt_group_cipher
);
351 #endif /* CONFIG_IEEE80211W */
353 pmksa_cache_clear_current(wpa_s
->wpa
);
357 void free_hw_features(struct wpa_supplicant
*wpa_s
)
360 if (wpa_s
->hw
.modes
== NULL
)
363 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
364 os_free(wpa_s
->hw
.modes
[i
].channels
);
365 os_free(wpa_s
->hw
.modes
[i
].rates
);
368 os_free(wpa_s
->hw
.modes
);
369 wpa_s
->hw
.modes
= NULL
;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
375 bgscan_deinit(wpa_s
);
376 autoscan_deinit(wpa_s
);
377 scard_deinit(wpa_s
->scard
);
379 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
380 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
381 l2_packet_deinit(wpa_s
->l2
);
384 l2_packet_deinit(wpa_s
->l2_br
);
388 if (wpa_s
->conf
!= NULL
) {
389 struct wpa_ssid
*ssid
;
390 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
391 wpas_notify_network_removed(wpa_s
, ssid
);
394 os_free(wpa_s
->confname
);
395 wpa_s
->confname
= NULL
;
397 os_free(wpa_s
->confanother
);
398 wpa_s
->confanother
= NULL
;
400 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
401 eapol_sm_deinit(wpa_s
->eapol
);
404 rsn_preauth_deinit(wpa_s
->wpa
);
407 wpa_tdls_deinit(wpa_s
->wpa
);
408 #endif /* CONFIG_TDLS */
410 pmksa_candidate_free(wpa_s
->wpa
);
411 wpa_sm_deinit(wpa_s
->wpa
);
413 wpa_blacklist_clear(wpa_s
);
415 wpa_bss_deinit(wpa_s
);
417 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
418 wpa_supplicant_cancel_scan(wpa_s
);
419 wpa_supplicant_cancel_auth_timeout(wpa_s
);
420 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
421 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
422 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
424 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
426 wpas_wps_deinit(wpa_s
);
428 wpabuf_free(wpa_s
->pending_eapol_rx
);
429 wpa_s
->pending_eapol_rx
= NULL
;
431 #ifdef CONFIG_IBSS_RSN
432 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
433 wpa_s
->ibss_rsn
= NULL
;
434 #endif /* CONFIG_IBSS_RSN */
439 wpa_supplicant_ap_deinit(wpa_s
);
440 #endif /* CONFIG_AP */
443 wpas_p2p_deinit(wpa_s
);
444 #endif /* CONFIG_P2P */
446 #ifdef CONFIG_OFFCHANNEL
447 offchannel_deinit(wpa_s
);
448 #endif /* CONFIG_OFFCHANNEL */
450 wpa_supplicant_cancel_sched_scan(wpa_s
);
452 os_free(wpa_s
->next_scan_freqs
);
453 wpa_s
->next_scan_freqs
= NULL
;
455 os_free(wpa_s
->manual_scan_freqs
);
456 wpa_s
->manual_scan_freqs
= NULL
;
458 gas_query_deinit(wpa_s
->gas
);
461 free_hw_features(wpa_s
);
463 os_free(wpa_s
->bssid_filter
);
464 wpa_s
->bssid_filter
= NULL
;
466 os_free(wpa_s
->disallow_aps_bssid
);
467 wpa_s
->disallow_aps_bssid
= NULL
;
468 os_free(wpa_s
->disallow_aps_ssid
);
469 wpa_s
->disallow_aps_ssid
= NULL
;
471 wnm_bss_keep_alive_deinit(wpa_s
);
473 wnm_deallocate_memory(wpa_s
);
474 #endif /* CONFIG_WNM */
476 ext_password_deinit(wpa_s
->ext_pw
);
477 wpa_s
->ext_pw
= NULL
;
479 wpabuf_free(wpa_s
->last_gas_resp
);
480 wpa_s
->last_gas_resp
= NULL
;
481 wpabuf_free(wpa_s
->prev_gas_resp
);
482 wpa_s
->prev_gas_resp
= NULL
;
484 os_free(wpa_s
->last_scan_res
);
485 wpa_s
->last_scan_res
= NULL
;
490 * wpa_clear_keys - Clear keys configured for the driver
491 * @wpa_s: Pointer to wpa_supplicant data
492 * @addr: Previously used BSSID or %NULL if not available
494 * This function clears the encryption keys that has been previously configured
497 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
501 #ifdef CONFIG_IEEE80211W
503 #else /* CONFIG_IEEE80211W */
505 #endif /* CONFIG_IEEE80211W */
507 /* MLME-DELETEKEYS.request */
508 for (i
= 0; i
< max
; i
++) {
509 if (wpa_s
->keys_cleared
& BIT(i
))
511 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
514 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
515 !is_zero_ether_addr(addr
)) {
516 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
518 /* MLME-SETPROTECTION.request(None) */
519 wpa_drv_mlme_setprotection(
521 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
522 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
524 wpa_s
->keys_cleared
= (u32
) -1;
529 * wpa_supplicant_state_txt - Get the connection state name as a text string
530 * @state: State (wpa_state; WPA_*)
531 * Returns: The state name as a printable text string
533 const char * wpa_supplicant_state_txt(enum wpa_states state
)
536 case WPA_DISCONNECTED
:
537 return "DISCONNECTED";
540 case WPA_INTERFACE_DISABLED
:
541 return "INTERFACE_DISABLED";
544 case WPA_AUTHENTICATING
:
545 return "AUTHENTICATING";
546 case WPA_ASSOCIATING
:
547 return "ASSOCIATING";
550 case WPA_4WAY_HANDSHAKE
:
551 return "4WAY_HANDSHAKE";
552 case WPA_GROUP_HANDSHAKE
:
553 return "GROUP_HANDSHAKE";
564 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
568 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
569 name
= wpa_s
->current_ssid
->bgscan
;
571 name
= wpa_s
->conf
->bgscan
;
574 if (wpas_driver_bss_selection(wpa_s
))
576 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
579 bgscan_deinit(wpa_s
);
580 if (wpa_s
->current_ssid
) {
581 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
582 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
585 * Live without bgscan; it is only used as a roaming
586 * optimization, so the initial connection is not
590 struct wpa_scan_results
*scan_res
;
591 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
592 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
595 bgscan_notify_scan(wpa_s
, scan_res
);
596 wpa_scan_results_free(scan_res
);
600 wpa_s
->bgscan_ssid
= NULL
;
604 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
606 if (wpa_s
->bgscan_ssid
!= NULL
) {
607 bgscan_deinit(wpa_s
);
608 wpa_s
->bgscan_ssid
= NULL
;
612 #endif /* CONFIG_BGSCAN */
615 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
617 if (autoscan_init(wpa_s
, 0))
618 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
622 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
624 autoscan_deinit(wpa_s
);
628 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
630 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
631 wpa_s
->wpa_state
== WPA_SCANNING
) {
632 autoscan_deinit(wpa_s
);
633 wpa_supplicant_start_autoscan(wpa_s
);
639 * wpa_supplicant_set_state - Set current connection state
640 * @wpa_s: Pointer to wpa_supplicant data
641 * @state: The new connection state
643 * This function is called whenever the connection state changes, e.g.,
644 * association is completed for WPA/WPA2 4-Way Handshake is started.
646 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
647 enum wpa_states state
)
649 enum wpa_states old_state
= wpa_s
->wpa_state
;
651 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
652 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
653 wpa_supplicant_state_txt(state
));
655 if (state
== WPA_COMPLETED
)
656 wpas_connect_work_done(wpa_s
);
658 if (state
!= WPA_SCANNING
)
659 wpa_supplicant_notify_scanning(wpa_s
, 0);
661 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
662 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
663 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
664 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
665 MACSTR
" completed [id=%d id_str=%s]",
666 MAC2STR(wpa_s
->bssid
),
667 ssid
? ssid
->id
: -1,
668 ssid
&& ssid
->id_str
? ssid
->id_str
: "");
669 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
670 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
671 wpa_s
->extra_blacklist_count
= 0;
672 wpa_s
->new_connection
= 0;
673 wpa_drv_set_operstate(wpa_s
, 1);
674 #ifndef IEEE8021X_EAPOL
675 wpa_drv_set_supp_port(wpa_s
, 1);
676 #endif /* IEEE8021X_EAPOL */
677 wpa_s
->after_wps
= 0;
678 wpa_s
->known_wps_freq
= 0;
680 wpas_p2p_completed(wpa_s
);
681 #endif /* CONFIG_P2P */
683 sme_sched_obss_scan(wpa_s
, 1);
684 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
685 state
== WPA_ASSOCIATED
) {
686 wpa_s
->new_connection
= 1;
687 wpa_drv_set_operstate(wpa_s
, 0);
688 #ifndef IEEE8021X_EAPOL
689 wpa_drv_set_supp_port(wpa_s
, 0);
690 #endif /* IEEE8021X_EAPOL */
691 sme_sched_obss_scan(wpa_s
, 0);
693 wpa_s
->wpa_state
= state
;
696 if (state
== WPA_COMPLETED
)
697 wpa_supplicant_start_bgscan(wpa_s
);
698 else if (state
< WPA_ASSOCIATED
)
699 wpa_supplicant_stop_bgscan(wpa_s
);
700 #endif /* CONFIG_BGSCAN */
702 if (state
== WPA_AUTHENTICATING
)
703 wpa_supplicant_stop_autoscan(wpa_s
);
705 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
706 wpa_supplicant_start_autoscan(wpa_s
);
708 if (wpa_s
->wpa_state
!= old_state
) {
709 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
711 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
712 old_state
== WPA_COMPLETED
)
713 wpas_notify_auth_changed(wpa_s
);
718 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
722 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
724 struct wpa_supplicant
*next
= wpa_s
->next
;
726 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
727 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
728 wpas_p2p_disconnect(wpa_s
);
729 #endif /* CONFIG_P2P */
730 if (wpas_wps_terminate_pending(wpa_s
) == 1)
734 #endif /* CONFIG_WPS */
741 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
743 struct wpa_global
*global
= signal_ctx
;
744 wpa_supplicant_terminate_proc(global
);
748 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
750 enum wpa_states old_state
= wpa_s
->wpa_state
;
752 wpa_s
->pairwise_cipher
= 0;
753 wpa_s
->group_cipher
= 0;
754 wpa_s
->mgmt_group_cipher
= 0;
756 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
757 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
759 if (wpa_s
->wpa_state
!= old_state
)
760 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
765 * wpa_supplicant_reload_configuration - Reload configuration data
766 * @wpa_s: Pointer to wpa_supplicant data
767 * Returns: 0 on success or -1 if configuration parsing failed
769 * This function can be used to request that the configuration data is reloaded
770 * (e.g., after configuration file change). This function is reloading
771 * configuration only for one interface, so this may need to be called multiple
772 * times if %wpa_supplicant is controlling multiple interfaces and all
773 * interfaces need reconfiguration.
775 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
777 struct wpa_config
*conf
;
781 if (wpa_s
->confname
== NULL
)
783 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
785 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
786 "file '%s' - exiting", wpa_s
->confname
);
789 wpa_config_read(wpa_s
->confanother
, conf
);
791 conf
->changed_parameters
= (unsigned int) -1;
793 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
794 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
795 os_strcmp(conf
->ctrl_interface
,
796 wpa_s
->conf
->ctrl_interface
) != 0);
798 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
799 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
800 wpa_s
->ctrl_iface
= NULL
;
803 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
804 if (wpa_s
->current_ssid
) {
805 wpa_supplicant_deauthenticate(wpa_s
,
806 WLAN_REASON_DEAUTH_LEAVING
);
810 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
811 * pkcs11_engine_path, pkcs11_module_path.
813 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
)) {
815 * Clear forced success to clear EAP state for next
818 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
820 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
821 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
822 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
823 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
824 rsn_preauth_deinit(wpa_s
->wpa
);
826 old_ap_scan
= wpa_s
->conf
->ap_scan
;
827 wpa_config_free(wpa_s
->conf
);
829 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
830 wpas_notify_ap_scan_changed(wpa_s
);
833 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
835 wpa_supplicant_update_config(wpa_s
);
837 wpa_supplicant_clear_status(wpa_s
);
838 if (wpa_supplicant_enabled_networks(wpa_s
)) {
839 wpa_s
->reassociate
= 1;
840 wpa_supplicant_req_scan(wpa_s
, 0, 0);
842 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
847 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
849 struct wpa_global
*global
= signal_ctx
;
850 struct wpa_supplicant
*wpa_s
;
851 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
852 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
854 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
855 wpa_supplicant_terminate_proc(global
);
861 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
862 struct wpa_ssid
*ssid
,
863 struct wpa_ie_data
*ie
)
865 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
868 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
869 "from association info");
874 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
876 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
877 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
878 "cipher 0x%x (mask 0x%x) - reject",
879 ie
->group_cipher
, ssid
->group_cipher
);
882 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
883 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
884 "cipher 0x%x (mask 0x%x) - reject",
885 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
888 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
889 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
890 "management 0x%x (mask 0x%x) - reject",
891 ie
->key_mgmt
, ssid
->key_mgmt
);
895 #ifdef CONFIG_IEEE80211W
896 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
897 (ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
?
898 wpa_s
->conf
->pmf
: ssid
->ieee80211w
) ==
899 MGMT_FRAME_PROTECTION_REQUIRED
) {
900 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
901 "that does not support management frame protection - "
905 #endif /* CONFIG_IEEE80211W */
912 * wpa_supplicant_set_suites - Set authentication and encryption parameters
913 * @wpa_s: Pointer to wpa_supplicant data
914 * @bss: Scan results for the selected BSS, or %NULL if not available
915 * @ssid: Configuration data for the selected network
916 * @wpa_ie: Buffer for the WPA/RSN IE
917 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
918 * used buffer length in case the functions returns success.
919 * Returns: 0 on success or -1 on failure
921 * This function is used to configure authentication and encryption parameters
922 * based on the network configuration and scan result for the selected BSS (if
925 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
926 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
927 u8
*wpa_ie
, size_t *wpa_ie_len
)
929 struct wpa_ie_data ie
;
931 const u8
*bss_wpa
, *bss_rsn
;
934 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
935 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
937 bss_wpa
= bss_rsn
= NULL
;
939 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
940 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
941 (ie
.group_cipher
& ssid
->group_cipher
) &&
942 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
943 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
944 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
945 proto
= WPA_PROTO_RSN
;
946 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
947 wpa_parse_wpa_ie(bss_wpa
, 2 +bss_wpa
[1], &ie
) == 0 &&
948 (ie
.group_cipher
& ssid
->group_cipher
) &&
949 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
950 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
951 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
952 proto
= WPA_PROTO_WPA
;
954 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
957 if (ssid
->proto
& WPA_PROTO_RSN
)
958 proto
= WPA_PROTO_RSN
;
960 proto
= WPA_PROTO_WPA
;
961 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
962 os_memset(&ie
, 0, sizeof(ie
));
963 ie
.group_cipher
= ssid
->group_cipher
;
964 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
965 ie
.key_mgmt
= ssid
->key_mgmt
;
966 #ifdef CONFIG_IEEE80211W
967 ie
.mgmt_group_cipher
=
968 ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
?
969 WPA_CIPHER_AES_128_CMAC
: 0;
970 #endif /* CONFIG_IEEE80211W */
971 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
972 "based on configuration");
977 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
978 "pairwise %d key_mgmt %d proto %d",
979 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
980 #ifdef CONFIG_IEEE80211W
981 if (ssid
->ieee80211w
) {
982 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
983 ie
.mgmt_group_cipher
);
985 #endif /* CONFIG_IEEE80211W */
987 wpa_s
->wpa_proto
= proto
;
988 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
989 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
990 !!(ssid
->proto
& WPA_PROTO_RSN
));
992 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
993 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
994 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
995 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
996 bss_rsn
? 2 + bss_rsn
[1] : 0))
1000 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1001 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1002 if (wpa_s
->group_cipher
< 0) {
1003 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1007 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1008 wpa_cipher_txt(wpa_s
->group_cipher
));
1010 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1011 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1012 if (wpa_s
->pairwise_cipher
< 0) {
1013 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1017 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1018 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1020 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1022 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1023 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1024 #endif /* CONFIG_SAE */
1026 #ifdef CONFIG_IEEE80211R
1027 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1028 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1029 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1030 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1031 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1032 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1033 #endif /* CONFIG_IEEE80211R */
1035 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1036 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1037 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1038 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1039 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1040 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1041 #endif /* CONFIG_SAE */
1042 #ifdef CONFIG_IEEE80211W
1043 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1044 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1045 wpa_dbg(wpa_s
, MSG_DEBUG
,
1046 "WPA: using KEY_MGMT 802.1X with SHA256");
1047 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1048 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1049 wpa_dbg(wpa_s
, MSG_DEBUG
,
1050 "WPA: using KEY_MGMT PSK with SHA256");
1051 #endif /* CONFIG_IEEE80211W */
1052 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1053 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1054 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1055 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1056 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1057 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1058 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1059 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1060 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1062 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1063 "authenticated key management type");
1067 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1068 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1069 wpa_s
->pairwise_cipher
);
1070 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1072 #ifdef CONFIG_IEEE80211W
1073 sel
= ie
.mgmt_group_cipher
;
1074 if ((ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
?
1075 wpa_s
->conf
->pmf
: ssid
->ieee80211w
) == NO_MGMT_FRAME_PROTECTION
||
1076 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1078 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1079 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1080 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1083 wpa_s
->mgmt_group_cipher
= 0;
1084 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1086 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1087 wpa_s
->mgmt_group_cipher
);
1088 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1089 (ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
?
1090 wpa_s
->conf
->pmf
: ssid
->ieee80211w
));
1091 #endif /* CONFIG_IEEE80211W */
1093 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1094 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1098 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1099 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
);
1100 #ifndef CONFIG_NO_PBKDF2
1101 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1104 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1105 4096, psk
, PMK_LEN
);
1106 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1108 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
);
1110 #endif /* CONFIG_NO_PBKDF2 */
1111 #ifdef CONFIG_EXT_PASSWORD
1112 if (ssid
->ext_psk
) {
1113 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1115 char pw_str
[64 + 1];
1119 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1120 "found from external storage");
1124 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1125 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1126 "PSK length %d in external storage",
1127 (int) wpabuf_len(pw
));
1128 ext_password_free(pw
);
1132 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1133 pw_str
[wpabuf_len(pw
)] = '\0';
1135 #ifndef CONFIG_NO_PBKDF2
1136 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1138 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1139 4096, psk
, PMK_LEN
);
1140 os_memset(pw_str
, 0, sizeof(pw_str
));
1141 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1142 "external passphrase)",
1144 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
);
1146 #endif /* CONFIG_NO_PBKDF2 */
1147 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1148 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1149 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1150 "Invalid PSK hex string");
1151 os_memset(pw_str
, 0, sizeof(pw_str
));
1152 ext_password_free(pw
);
1155 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
);
1157 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1159 os_memset(pw_str
, 0, sizeof(pw_str
));
1160 ext_password_free(pw
);
1164 os_memset(pw_str
, 0, sizeof(pw_str
));
1165 ext_password_free(pw
);
1167 #endif /* CONFIG_EXT_PASSWORD */
1169 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1175 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1180 case 0: /* Bits 0-7 */
1182 case 1: /* Bits 8-15 */
1184 case 2: /* Bits 16-23 */
1186 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1187 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1188 #endif /* CONFIG_WNM */
1190 case 3: /* Bits 24-31 */
1192 *pos
|= 0x02; /* Bit 25 - SSID List */
1193 #endif /* CONFIG_WNM */
1194 #ifdef CONFIG_INTERWORKING
1195 if (wpa_s
->conf
->interworking
)
1196 *pos
|= 0x80; /* Bit 31 - Interworking */
1197 #endif /* CONFIG_INTERWORKING */
1199 case 4: /* Bits 32-39 */
1200 #ifdef CONFIG_INTERWORKING
1201 if (wpa_s
->drv_flags
/ WPA_DRIVER_FLAGS_QOS_MAPPING
)
1202 *pos
|= 0x01; /* Bit 32 - QoS Map */
1203 #endif /* CONFIG_INTERWORKING */
1205 case 5: /* Bits 40-47 */
1207 case 6: /* Bits 48-55 */
1213 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
)
1218 if (len
< wpa_s
->extended_capa_len
)
1219 len
= wpa_s
->extended_capa_len
;
1221 *pos
++ = WLAN_EID_EXT_CAPAB
;
1223 for (i
= 0; i
< len
; i
++, pos
++) {
1224 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1226 if (i
< wpa_s
->extended_capa_len
) {
1227 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1228 *pos
|= wpa_s
->extended_capa
[i
];
1232 while (len
> 0 && buf
[1 + len
] == 0) {
1243 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1244 struct wpa_bss
*test_bss
)
1246 struct wpa_bss
*bss
;
1248 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1249 if (bss
== test_bss
)
1257 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1258 struct wpa_ssid
*test_ssid
)
1260 struct wpa_ssid
*ssid
;
1262 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1263 if (ssid
== test_ssid
)
1271 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1272 struct wpa_ssid
*test_ssid
)
1274 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1277 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1281 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1289 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1291 struct wpa_connect_work
*cwork
;
1292 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1297 wpa_s
->connect_work
= NULL
;
1300 wpas_connect_work_free(cwork
);
1301 radio_work_done(work
);
1305 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1308 * wpa_supplicant_associate - Request association
1309 * @wpa_s: Pointer to wpa_supplicant data
1310 * @bss: Scan results for the selected BSS, or %NULL if not available
1311 * @ssid: Configuration data for the selected network
1313 * This function is used to request %wpa_supplicant to associate with a BSS.
1315 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1316 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1318 struct wpa_connect_work
*cwork
;
1320 #ifdef CONFIG_IBSS_RSN
1321 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1322 wpa_s
->ibss_rsn
= NULL
;
1323 #endif /* CONFIG_IBSS_RSN */
1325 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1326 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1328 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1329 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1333 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1334 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1335 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1336 wpas_p2p_ap_setup_failed(wpa_s
);
1339 wpa_s
->current_bss
= bss
;
1340 #else /* CONFIG_AP */
1341 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1343 #endif /* CONFIG_AP */
1349 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
1351 #endif /* CONFIG_TDLS */
1353 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1354 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1355 sme_authenticate(wpa_s
, bss
, ssid
);
1359 if (wpa_s
->connect_work
) {
1360 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
1364 cwork
= os_zalloc(sizeof(*cwork
));
1371 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
1372 wpas_start_assoc_cb
, cwork
) < 0) {
1378 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
1380 struct wpa_connect_work
*cwork
= work
->ctx
;
1381 struct wpa_bss
*bss
= cwork
->bss
;
1382 struct wpa_ssid
*ssid
= cwork
->ssid
;
1383 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
1386 int use_crypt
, ret
, i
, bssid_changed
;
1387 int algs
= WPA_AUTH_ALG_OPEN
;
1388 unsigned int cipher_pairwise
, cipher_group
;
1389 struct wpa_driver_associate_params params
;
1390 int wep_keys_set
= 0;
1391 int assoc_failed
= 0;
1392 struct wpa_ssid
*old_ssid
;
1393 #ifdef CONFIG_HT_OVERRIDES
1394 struct ieee80211_ht_capabilities htcaps
;
1395 struct ieee80211_ht_capabilities htcaps_mask
;
1396 #endif /* CONFIG_HT_OVERRIDES */
1399 wpas_connect_work_free(cwork
);
1403 wpa_s
->connect_work
= work
;
1405 if (!wpas_valid_bss_ssid(wpa_s
, bss
, ssid
)) {
1406 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1407 wpas_connect_work_done(wpa_s
);
1411 os_memset(¶ms
, 0, sizeof(params
));
1412 wpa_s
->reassociate
= 0;
1413 wpa_s
->eap_expected_failure
= 0;
1414 if (bss
&& !wpas_driver_bss_selection(wpa_s
)) {
1415 #ifdef CONFIG_IEEE80211R
1416 const u8
*ie
, *md
= NULL
;
1417 #endif /* CONFIG_IEEE80211R */
1418 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
1419 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
1420 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
1421 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
1422 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
1423 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
1425 wpas_notify_bssid_changed(wpa_s
);
1426 #ifdef CONFIG_IEEE80211R
1427 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
1428 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
1430 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
1432 /* Prepare for the next transition */
1433 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
1435 #endif /* CONFIG_IEEE80211R */
1437 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
1438 wpa_s
->conf
->ap_scan
== 2 &&
1439 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
1440 /* Use ap_scan==1 style network selection to find the network
1442 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
1443 wpa_s
->reassociate
= 1;
1444 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1446 #endif /* CONFIG_WPS */
1448 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
1449 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
1450 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
1452 wpa_supplicant_cancel_sched_scan(wpa_s
);
1453 wpa_supplicant_cancel_scan(wpa_s
);
1455 /* Starting new association, so clear the possibly used WPA IE from the
1456 * previous association. */
1457 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
1459 #ifdef IEEE8021X_EAPOL
1460 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1462 if (ssid
->non_leap
== 0)
1463 algs
= WPA_AUTH_ALG_LEAP
;
1465 algs
|= WPA_AUTH_ALG_LEAP
;
1468 #endif /* IEEE8021X_EAPOL */
1469 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
1470 if (ssid
->auth_alg
) {
1471 algs
= ssid
->auth_alg
;
1472 wpa_dbg(wpa_s
, MSG_DEBUG
, "Overriding auth_alg selection: "
1476 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
1477 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
1478 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
1479 int try_opportunistic
;
1480 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
1482 ssid
->proactive_key_caching
) &&
1483 (ssid
->proto
& WPA_PROTO_RSN
);
1484 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
1485 ssid
, try_opportunistic
) == 0)
1486 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
, 1);
1487 wpa_ie_len
= sizeof(wpa_ie
);
1488 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
1489 wpa_ie
, &wpa_ie_len
)) {
1490 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
1491 "key management and encryption suites");
1494 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
1495 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
1497 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1498 * use non-WPA since the scan results did not indicate that the
1499 * AP is using WPA or WPA2.
1501 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1503 wpa_s
->wpa_proto
= 0;
1504 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
1505 wpa_ie_len
= sizeof(wpa_ie
);
1506 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
1507 wpa_ie
, &wpa_ie_len
)) {
1508 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
1509 "key management and encryption suites (no "
1514 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
1515 struct wpabuf
*wps_ie
;
1516 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
1517 if (wps_ie
&& wpabuf_len(wps_ie
) <= sizeof(wpa_ie
)) {
1518 wpa_ie_len
= wpabuf_len(wps_ie
);
1519 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
1522 wpabuf_free(wps_ie
);
1523 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1524 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
1525 params
.wps
= WPS_MODE_PRIVACY
;
1527 params
.wps
= WPS_MODE_OPEN
;
1528 wpa_s
->wpa_proto
= 0;
1529 #endif /* CONFIG_WPS */
1531 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1533 wpa_s
->wpa_proto
= 0;
1537 if (wpa_s
->global
->p2p
) {
1541 pos
= wpa_ie
+ wpa_ie_len
;
1542 len
= sizeof(wpa_ie
) - wpa_ie_len
;
1543 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
1549 wpa_s
->cross_connect_disallowed
= 0;
1552 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
1554 wpa_s
->cross_connect_disallowed
=
1555 p2p_get_cross_connect_disallowed(p2p
);
1557 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
1559 wpa_s
->cross_connect_disallowed
?
1560 "disallows" : "allows");
1563 #endif /* CONFIG_P2P */
1566 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
1567 struct wpabuf
*hs20
;
1568 hs20
= wpabuf_alloc(20);
1570 wpas_hs20_add_indication(hs20
);
1571 os_memcpy(wpa_ie
+ wpa_ie_len
, wpabuf_head(hs20
),
1573 wpa_ie_len
+= wpabuf_len(hs20
);
1577 #endif /* CONFIG_HS20 */
1580 * Workaround: Add Extended Capabilities element only if the AP
1581 * included this element in Beacon/Probe Response frames. Some older
1582 * APs seem to have interoperability issues if this element is
1583 * included, so while the standard may require us to include the
1584 * element in all cases, it is justifiable to skip it to avoid
1585 * interoperability issues.
1587 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
1590 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
);
1591 if (ext_capab_len
> 0) {
1593 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
1595 os_memmove(pos
+ ext_capab_len
, pos
,
1596 wpa_ie_len
- (pos
- wpa_ie
));
1597 wpa_ie_len
+= ext_capab_len
;
1598 os_memcpy(pos
, ext_capab
, ext_capab_len
);
1602 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
1604 cipher_pairwise
= wpa_s
->pairwise_cipher
;
1605 cipher_group
= wpa_s
->group_cipher
;
1606 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
1607 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1608 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
1610 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
1615 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
1618 #ifdef IEEE8021X_EAPOL
1619 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1620 if ((ssid
->eapol_flags
&
1621 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
1622 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
1626 /* Assume that dynamic WEP-104 keys will be used and
1627 * set cipher suites in order for drivers to expect
1629 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
1632 #endif /* IEEE8021X_EAPOL */
1634 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
1635 /* Set the key before (and later after) association */
1636 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
1639 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
1641 params
.ssid
= bss
->ssid
;
1642 params
.ssid_len
= bss
->ssid_len
;
1643 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
1644 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
1645 MACSTR
" freq=%u MHz based on scan results "
1647 MAC2STR(bss
->bssid
), bss
->freq
,
1649 params
.bssid
= bss
->bssid
;
1650 params
.freq
= bss
->freq
;
1653 params
.ssid
= ssid
->ssid
;
1654 params
.ssid_len
= ssid
->ssid_len
;
1657 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
1658 wpa_s
->conf
->ap_scan
== 2) {
1659 params
.bssid
= ssid
->bssid
;
1660 params
.fixed_bssid
= 1;
1663 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->frequency
> 0 &&
1665 params
.freq
= ssid
->frequency
; /* Initial channel for IBSS */
1666 params
.wpa_ie
= wpa_ie
;
1667 params
.wpa_ie_len
= wpa_ie_len
;
1668 params
.pairwise_suite
= cipher_pairwise
;
1669 params
.group_suite
= cipher_group
;
1670 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
1671 params
.wpa_proto
= wpa_s
->wpa_proto
;
1672 params
.auth_alg
= algs
;
1673 params
.mode
= ssid
->mode
;
1674 params
.bg_scan_period
= ssid
->bg_scan_period
;
1675 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
1676 if (ssid
->wep_key_len
[i
])
1677 params
.wep_key
[i
] = ssid
->wep_key
[i
];
1678 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
1680 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
1682 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
1683 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
1684 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
1685 params
.passphrase
= ssid
->passphrase
;
1687 params
.psk
= ssid
->psk
;
1690 params
.drop_unencrypted
= use_crypt
;
1692 #ifdef CONFIG_IEEE80211W
1693 params
.mgmt_frame_protection
=
1694 ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
?
1695 wpa_s
->conf
->pmf
: ssid
->ieee80211w
;
1696 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
1697 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1698 struct wpa_ie_data ie
;
1699 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
1701 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
1702 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
1703 "MFP: require MFP");
1704 params
.mgmt_frame_protection
=
1705 MGMT_FRAME_PROTECTION_REQUIRED
;
1708 #endif /* CONFIG_IEEE80211W */
1710 params
.p2p
= ssid
->p2p_group
;
1712 if (wpa_s
->parent
->set_sta_uapsd
)
1713 params
.uapsd
= wpa_s
->parent
->sta_uapsd
;
1717 #ifdef CONFIG_HT_OVERRIDES
1718 os_memset(&htcaps
, 0, sizeof(htcaps
));
1719 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
1720 params
.htcaps
= (u8
*) &htcaps
;
1721 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
1722 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
1723 #endif /* CONFIG_HT_OVERRIDES */
1727 * If multi-channel concurrency is not supported, check for any
1728 * frequency conflict. In case of any frequency conflict, remove the
1729 * least prioritized connection.
1731 if (wpa_s
->num_multichan_concurrent
< 2) {
1732 int freq
= wpa_drv_shared_freq(wpa_s
);
1733 if (freq
> 0 && freq
!= params
.freq
) {
1734 wpa_printf(MSG_DEBUG
, "Shared interface with conflicting frequency found (%d != %d)",
1736 if (wpas_p2p_handle_frequency_conflicts(wpa_s
,
1742 #endif /* CONFIG_P2P */
1744 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
1746 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
1748 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
1750 * The driver is known to mean what is saying, so we
1751 * can stop right here; the association will not
1754 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
1755 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1756 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
1759 /* try to continue anyway; new association will be tried again
1764 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
1765 /* Set the key after the association just in case association
1766 * cleared the previously configured key. */
1767 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
1768 /* No need to timeout authentication since there is no key
1770 wpa_supplicant_cancel_auth_timeout(wpa_s
);
1771 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
1772 #ifdef CONFIG_IBSS_RSN
1773 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
1774 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
1775 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
1777 * RSN IBSS authentication is per-STA and we can disable the
1778 * per-BSSID authentication.
1780 wpa_supplicant_cancel_auth_timeout(wpa_s
);
1781 #endif /* CONFIG_IBSS_RSN */
1783 /* Timeout for IEEE 802.11 authentication and association */
1787 /* give IBSS a bit more time */
1788 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
1789 } else if (wpa_s
->conf
->ap_scan
== 1) {
1790 /* give IBSS a bit more time */
1791 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
1793 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
1797 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
1798 /* Set static WEP keys again */
1799 wpa_set_wep_keys(wpa_s
, ssid
);
1802 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
1804 * Do not allow EAP session resumption between different
1805 * network configurations.
1807 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1809 old_ssid
= wpa_s
->current_ssid
;
1810 wpa_s
->current_ssid
= ssid
;
1811 wpa_s
->current_bss
= bss
;
1812 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
1813 wpa_supplicant_initiate_eapol(wpa_s
);
1814 if (old_ssid
!= wpa_s
->current_ssid
)
1815 wpas_notify_network_changed(wpa_s
);
1819 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
1822 struct wpa_ssid
*old_ssid
;
1824 wpa_clear_keys(wpa_s
, addr
);
1825 old_ssid
= wpa_s
->current_ssid
;
1826 wpa_supplicant_mark_disassoc(wpa_s
);
1827 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1828 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1829 if (old_ssid
!= wpa_s
->current_ssid
)
1830 wpas_notify_network_changed(wpa_s
);
1831 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
1836 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1837 * @wpa_s: Pointer to wpa_supplicant data
1838 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1840 * This function is used to request %wpa_supplicant to deauthenticate from the
1843 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
1847 union wpa_event_data event
;
1850 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
1851 " pending_bssid=" MACSTR
" reason=%d state=%s",
1852 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
1853 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
1855 if (!is_zero_ether_addr(wpa_s
->bssid
))
1856 addr
= wpa_s
->bssid
;
1857 else if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
1858 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
1859 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
1860 addr
= wpa_s
->pending_bssid
;
1861 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
1863 * When using driver-based BSS selection, we may not know the
1864 * BSSID with which we are currently trying to associate. We
1865 * need to notify the driver of this disconnection even in such
1866 * a case, so use the all zeros address here.
1868 addr
= wpa_s
->bssid
;
1873 wpa_tdls_teardown_peers(wpa_s
->wpa
);
1874 #endif /* CONFIG_TDLS */
1877 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
1878 os_memset(&event
, 0, sizeof(event
));
1879 event
.deauth_info
.reason_code
= (u16
) reason_code
;
1880 event
.deauth_info
.locally_generated
= 1;
1881 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
1886 wpa_supplicant_clear_connection(wpa_s
, addr
);
1889 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
1890 struct wpa_ssid
*ssid
)
1892 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
1896 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
1897 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
1900 * Try to reassociate since there is no current configuration and a new
1901 * network was made available.
1903 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
1904 wpa_s
->reassociate
= 1;
1909 * wpa_supplicant_enable_network - Mark a configured network as enabled
1910 * @wpa_s: wpa_supplicant structure for a network interface
1911 * @ssid: wpa_ssid structure for a configured network or %NULL
1913 * Enables the specified network or all networks if no network specified.
1915 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
1916 struct wpa_ssid
*ssid
)
1919 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
1920 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
1922 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
1924 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
) {
1925 if (wpa_s
->sched_scanning
) {
1926 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
1927 "new network to scan filters");
1928 wpa_supplicant_cancel_sched_scan(wpa_s
);
1931 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
1932 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1938 * wpa_supplicant_disable_network - Mark a configured network as disabled
1939 * @wpa_s: wpa_supplicant structure for a network interface
1940 * @ssid: wpa_ssid structure for a configured network or %NULL
1942 * Disables the specified network or all networks if no network specified.
1944 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
1945 struct wpa_ssid
*ssid
)
1947 struct wpa_ssid
*other_ssid
;
1951 if (wpa_s
->sched_scanning
)
1952 wpa_supplicant_cancel_sched_scan(wpa_s
);
1954 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1955 other_ssid
= other_ssid
->next
) {
1956 was_disabled
= other_ssid
->disabled
;
1957 if (was_disabled
== 2)
1958 continue; /* do not change persistent P2P group
1961 other_ssid
->disabled
= 1;
1963 if (was_disabled
!= other_ssid
->disabled
)
1964 wpas_notify_network_enabled_changed(
1967 if (wpa_s
->current_ssid
)
1968 wpa_supplicant_deauthenticate(
1969 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1970 } else if (ssid
->disabled
!= 2) {
1971 if (ssid
== wpa_s
->current_ssid
)
1972 wpa_supplicant_deauthenticate(
1973 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1975 was_disabled
= ssid
->disabled
;
1979 if (was_disabled
!= ssid
->disabled
) {
1980 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
1981 if (wpa_s
->sched_scanning
) {
1982 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
1983 "to remove network from filters");
1984 wpa_supplicant_cancel_sched_scan(wpa_s
);
1985 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1993 * wpa_supplicant_select_network - Attempt association with a network
1994 * @wpa_s: wpa_supplicant structure for a network interface
1995 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1997 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
1998 struct wpa_ssid
*ssid
)
2001 struct wpa_ssid
*other_ssid
;
2002 int disconnected
= 0;
2004 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
2005 wpa_supplicant_deauthenticate(
2006 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
2011 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
2014 * Mark all other networks disabled or mark all networks enabled if no
2015 * network specified.
2017 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
2018 other_ssid
= other_ssid
->next
) {
2019 int was_disabled
= other_ssid
->disabled
;
2020 if (was_disabled
== 2)
2021 continue; /* do not change persistent P2P group data */
2023 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
2024 if (was_disabled
&& !other_ssid
->disabled
)
2025 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
2027 if (was_disabled
!= other_ssid
->disabled
)
2028 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
2031 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
2032 /* We are already associated with the selected network */
2033 wpa_printf(MSG_DEBUG
, "Already associated with the "
2034 "selected network - do nothing");
2039 wpa_s
->current_ssid
= ssid
;
2040 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
2042 wpa_s
->connect_without_scan
= NULL
;
2043 wpa_s
->disconnected
= 0;
2044 wpa_s
->reassociate
= 1;
2046 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
2047 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
2050 wpas_notify_network_selected(wpa_s
, ssid
);
2055 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2056 * @wpa_s: wpa_supplicant structure for a network interface
2057 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2058 * @pkcs11_module_path: PKCS #11 module path or NULL
2059 * Returns: 0 on success; -1 on failure
2061 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2062 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2063 * module path fails the paths will be reset to the default value (NULL).
2065 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
2066 const char *pkcs11_engine_path
,
2067 const char *pkcs11_module_path
)
2069 char *pkcs11_engine_path_copy
= NULL
;
2070 char *pkcs11_module_path_copy
= NULL
;
2072 if (pkcs11_engine_path
!= NULL
) {
2073 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
2074 if (pkcs11_engine_path_copy
== NULL
)
2077 if (pkcs11_module_path
!= NULL
) {
2078 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
2079 if (pkcs11_engine_path_copy
== NULL
) {
2080 os_free(pkcs11_engine_path_copy
);
2085 os_free(wpa_s
->conf
->pkcs11_engine_path
);
2086 os_free(wpa_s
->conf
->pkcs11_module_path
);
2087 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
2088 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
2090 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
2091 eapol_sm_deinit(wpa_s
->eapol
);
2092 wpa_s
->eapol
= NULL
;
2093 if (wpa_supplicant_init_eapol(wpa_s
)) {
2094 /* Error -> Reset paths to the default value (NULL) once. */
2095 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
2096 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
2101 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
2108 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2109 * @wpa_s: wpa_supplicant structure for a network interface
2110 * @ap_scan: AP scan mode
2111 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2114 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
2119 if (ap_scan
< 0 || ap_scan
> 2)
2123 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
2124 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
2125 wpa_s
->wpa_state
< WPA_COMPLETED
) {
2126 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
2127 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
2130 #endif /* ANDROID */
2132 old_ap_scan
= wpa_s
->conf
->ap_scan
;
2133 wpa_s
->conf
->ap_scan
= ap_scan
;
2135 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
2136 wpas_notify_ap_scan_changed(wpa_s
);
2143 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2144 * @wpa_s: wpa_supplicant structure for a network interface
2145 * @expire_age: Expiration age in seconds
2146 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2149 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
2150 unsigned int bss_expire_age
)
2152 if (bss_expire_age
< 10) {
2153 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
2157 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
2159 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
2166 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2167 * @wpa_s: wpa_supplicant structure for a network interface
2168 * @expire_count: number of scans after which an unseen BSS is reclaimed
2169 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2172 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
2173 unsigned int bss_expire_count
)
2175 if (bss_expire_count
< 1) {
2176 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
2180 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
2182 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
2189 * wpa_supplicant_set_scan_interval - Set scan interval
2190 * @wpa_s: wpa_supplicant structure for a network interface
2191 * @scan_interval: scan interval in seconds
2192 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2195 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
2198 if (scan_interval
< 0) {
2199 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
2203 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
2205 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
2212 * wpa_supplicant_set_debug_params - Set global debug params
2213 * @global: wpa_global structure
2214 * @debug_level: debug level
2215 * @debug_timestamp: determines if show timestamp in debug data
2216 * @debug_show_keys: determines if show keys in debug data
2217 * Returns: 0 if succeed or -1 if debug_level has wrong value
2219 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
2220 int debug_timestamp
, int debug_show_keys
)
2223 int old_level
, old_timestamp
, old_show_keys
;
2225 /* check for allowed debuglevels */
2226 if (debug_level
!= MSG_EXCESSIVE
&&
2227 debug_level
!= MSG_MSGDUMP
&&
2228 debug_level
!= MSG_DEBUG
&&
2229 debug_level
!= MSG_INFO
&&
2230 debug_level
!= MSG_WARNING
&&
2231 debug_level
!= MSG_ERROR
)
2234 old_level
= wpa_debug_level
;
2235 old_timestamp
= wpa_debug_timestamp
;
2236 old_show_keys
= wpa_debug_show_keys
;
2238 wpa_debug_level
= debug_level
;
2239 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
2240 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
2242 if (wpa_debug_level
!= old_level
)
2243 wpas_notify_debug_level_changed(global
);
2244 if (wpa_debug_timestamp
!= old_timestamp
)
2245 wpas_notify_debug_timestamp_changed(global
);
2246 if (wpa_debug_show_keys
!= old_show_keys
)
2247 wpas_notify_debug_show_keys_changed(global
);
2254 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2255 * @wpa_s: Pointer to wpa_supplicant data
2256 * Returns: A pointer to the current network structure or %NULL on failure
2258 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
2260 struct wpa_ssid
*entry
;
2261 u8 ssid
[MAX_SSID_LEN
];
2267 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
2269 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
2275 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
2276 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
2281 wired
= wpa_s
->conf
->ap_scan
== 0 &&
2282 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
2284 entry
= wpa_s
->conf
->ssid
;
2286 if (!wpas_network_disabled(wpa_s
, entry
) &&
2287 ((ssid_len
== entry
->ssid_len
&&
2288 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
2289 (!entry
->bssid_set
||
2290 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
2293 if (!wpas_network_disabled(wpa_s
, entry
) &&
2294 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
2295 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
2296 (!entry
->bssid_set
||
2297 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
2299 #endif /* CONFIG_WPS */
2301 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
2302 entry
->ssid_len
== 0 &&
2303 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
2306 entry
= entry
->next
;
2313 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
2315 struct wpa_global
*global
= wpa_s
->global
;
2317 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
2318 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init();
2319 if (global
->drv_priv
[i
] == NULL
) {
2320 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
2321 "'%s'", wpa_drivers
[i
]->name
);
2326 wpa_s
->driver
= wpa_drivers
[i
];
2327 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
2333 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
2338 const char *pos
, *driver
= name
;
2343 if (wpa_drivers
[0] == NULL
) {
2344 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
2350 /* default to first driver in the list */
2351 return select_driver(wpa_s
, 0);
2355 pos
= os_strchr(driver
, ',');
2359 len
= os_strlen(driver
);
2361 for (i
= 0; wpa_drivers
[i
]; i
++) {
2362 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
2363 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
2365 /* First driver that succeeds wins */
2366 if (select_driver(wpa_s
, i
) == 0)
2374 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
2380 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2381 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2382 * with struct wpa_driver_ops::init()
2383 * @src_addr: Source address of the EAPOL frame
2384 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2385 * @len: Length of the EAPOL data
2387 * This function is called for each received EAPOL frame. Most driver
2388 * interfaces rely on more generic OS mechanism for receiving frames through
2389 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2390 * take care of received EAPOL frames and deliver them to the core supplicant
2391 * code by calling this function.
2393 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
2394 const u8
*buf
, size_t len
)
2396 struct wpa_supplicant
*wpa_s
= ctx
;
2398 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
2399 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
2401 #ifdef CONFIG_PEERKEY
2402 if (wpa_s
->wpa_state
> WPA_ASSOCIATED
&& wpa_s
->current_ssid
&&
2403 wpa_s
->current_ssid
->peerkey
&&
2404 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
2405 wpa_sm_rx_eapol_peerkey(wpa_s
->wpa
, src_addr
, buf
, len
) == 1) {
2406 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: Processed PeerKey EAPOL-Key");
2409 #endif /* CONFIG_PEERKEY */
2411 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
2412 (wpa_s
->last_eapol_matches_bssid
&&
2415 #endif /* CONFIG_AP */
2416 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
2418 * There is possible race condition between receiving the
2419 * association event and the EAPOL frame since they are coming
2420 * through different paths from the driver. In order to avoid
2421 * issues in trying to process the EAPOL frame before receiving
2422 * association information, lets queue it for processing until
2423 * the association event is received. This may also be needed in
2424 * driver-based roaming case, so also use src_addr != BSSID as a
2425 * trigger if we have previously confirmed that the
2426 * Authenticator uses BSSID as the src_addr (which is not the
2427 * case with wired IEEE 802.1X).
2429 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
2430 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
2431 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
2432 MAC2STR(wpa_s
->bssid
));
2433 wpabuf_free(wpa_s
->pending_eapol_rx
);
2434 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
2435 if (wpa_s
->pending_eapol_rx
) {
2436 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
2437 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
2443 wpa_s
->last_eapol_matches_bssid
=
2444 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
2447 if (wpa_s
->ap_iface
) {
2448 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
2451 #endif /* CONFIG_AP */
2453 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
2454 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
2455 "no key management is configured");
2459 if (wpa_s
->eapol_received
== 0 &&
2460 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
2461 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
2462 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
2463 (wpa_s
->current_ssid
== NULL
||
2464 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
2465 /* Timeout for completing IEEE 802.1X and WPA authentication */
2466 wpa_supplicant_req_auth_timeout(
2468 (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
2469 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
2470 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) ?
2473 wpa_s
->eapol_received
++;
2475 if (wpa_s
->countermeasures
) {
2476 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
2481 #ifdef CONFIG_IBSS_RSN
2482 if (wpa_s
->current_ssid
&&
2483 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
2484 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
2487 #endif /* CONFIG_IBSS_RSN */
2489 /* Source address of the incoming EAPOL frame could be compared to the
2490 * current BSSID. However, it is possible that a centralized
2491 * Authenticator could be using another MAC address than the BSSID of
2492 * an AP, so just allow any address to be used for now. The replies are
2493 * still sent to the current BSSID (if available), though. */
2495 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
2496 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
2497 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
2499 wpa_drv_poll(wpa_s
);
2500 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
2501 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
2502 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
2504 * Set portValid = TRUE here since we are going to skip 4-way
2505 * handshake processing which would normally set portValid. We
2506 * need this to allow the EAPOL state machines to be completed
2507 * without going through EAPOL-Key handshake.
2509 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
2514 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
2516 if (wpa_s
->driver
->send_eapol
) {
2517 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
2519 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
2520 } else if ((!wpa_s
->p2p_mgmt
||
2521 !(wpa_s
->drv_flags
&
2522 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
2523 !(wpa_s
->drv_flags
&
2524 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
2525 l2_packet_deinit(wpa_s
->l2
);
2526 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
2527 wpa_drv_get_mac_addr(wpa_s
),
2529 wpa_supplicant_rx_eapol
, wpa_s
, 0);
2530 if (wpa_s
->l2
== NULL
)
2533 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
2535 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
2538 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
2539 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
2547 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
2548 const u8
*buf
, size_t len
)
2550 struct wpa_supplicant
*wpa_s
= ctx
;
2551 const struct l2_ethhdr
*eth
;
2553 if (len
< sizeof(*eth
))
2555 eth
= (const struct l2_ethhdr
*) buf
;
2557 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
2558 !(eth
->h_dest
[0] & 0x01)) {
2559 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
2560 " (bridge - not for this interface - ignore)",
2561 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
2565 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
2566 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
2567 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
2568 len
- sizeof(*eth
));
2573 * wpa_supplicant_driver_init - Initialize driver interface parameters
2574 * @wpa_s: Pointer to wpa_supplicant data
2575 * Returns: 0 on success, -1 on failure
2577 * This function is called to initialize driver interface parameters.
2578 * wpa_drv_init() must have been called before this function to initialize the
2581 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
2583 static int interface_count
= 0;
2585 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
2588 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
2589 MAC2STR(wpa_s
->own_addr
));
2590 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
2592 if (wpa_s
->bridge_ifname
[0]) {
2593 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
2594 "interface '%s'", wpa_s
->bridge_ifname
);
2595 wpa_s
->l2_br
= l2_packet_init(wpa_s
->bridge_ifname
,
2598 wpa_supplicant_rx_eapol_bridge
,
2600 if (wpa_s
->l2_br
== NULL
) {
2601 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
2602 "connection for the bridge interface '%s'",
2603 wpa_s
->bridge_ifname
);
2608 wpa_clear_keys(wpa_s
, NULL
);
2610 /* Make sure that TKIP countermeasures are not left enabled (could
2611 * happen if wpa_supplicant is killed during countermeasures. */
2612 wpa_drv_set_countermeasures(wpa_s
, 0);
2614 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
2615 wpa_drv_flush_pmkid(wpa_s
);
2617 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
2618 wpa_s
->prev_scan_wildcard
= 0;
2620 if (wpa_supplicant_enabled_networks(wpa_s
)) {
2621 if (wpa_supplicant_delayed_sched_scan(wpa_s
, interface_count
,
2623 wpa_supplicant_req_scan(wpa_s
, interface_count
,
2627 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
2633 static int wpa_supplicant_daemon(const char *pid_file
)
2635 wpa_printf(MSG_DEBUG
, "Daemonize..");
2636 return os_daemonize(pid_file
);
2640 static struct wpa_supplicant
* wpa_supplicant_alloc(void)
2642 struct wpa_supplicant
*wpa_s
;
2644 wpa_s
= os_zalloc(sizeof(*wpa_s
));
2647 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
2648 wpa_s
->scan_interval
= 5;
2649 wpa_s
->new_connection
= 1;
2650 wpa_s
->parent
= wpa_s
;
2651 wpa_s
->sched_scanning
= 0;
2657 #ifdef CONFIG_HT_OVERRIDES
2659 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
2660 struct ieee80211_ht_capabilities
*htcaps
,
2661 struct ieee80211_ht_capabilities
*htcaps_mask
,
2664 /* parse ht_mcs into hex array */
2666 const char *tmp
= ht_mcs
;
2669 /* If ht_mcs is null, do not set anything */
2673 /* This is what we are setting in the kernel */
2674 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
2676 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
2678 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
2680 long v
= strtol(tmp
, &end
, 16);
2682 wpa_msg(wpa_s
, MSG_DEBUG
,
2683 "htcap value[%i]: %ld end: %p tmp: %p",
2688 htcaps
->supported_mcs_set
[i
] = v
;
2691 wpa_msg(wpa_s
, MSG_ERROR
,
2692 "Failed to parse ht-mcs: %s, error: %s\n",
2693 ht_mcs
, strerror(errno
));
2699 * If we were able to parse any values, then set mask for the MCS set.
2702 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
2703 IEEE80211_HT_MCS_MASK_LEN
- 1);
2704 /* skip the 3 reserved bits */
2705 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
2713 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
2714 struct ieee80211_ht_capabilities
*htcaps
,
2715 struct ieee80211_ht_capabilities
*htcaps_mask
,
2720 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
2725 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
2726 htcaps_mask
->ht_capabilities_info
|= msk
;
2728 htcaps
->ht_capabilities_info
&= msk
;
2730 htcaps
->ht_capabilities_info
|= msk
;
2736 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
2737 struct ieee80211_ht_capabilities
*htcaps
,
2738 struct ieee80211_ht_capabilities
*htcaps_mask
,
2741 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
2746 if (factor
< 0 || factor
> 3) {
2747 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
2748 "Must be 0-3 or -1", factor
);
2752 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
2753 htcaps
->a_mpdu_params
&= ~0x3;
2754 htcaps
->a_mpdu_params
|= factor
& 0x3;
2760 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
2761 struct ieee80211_ht_capabilities
*htcaps
,
2762 struct ieee80211_ht_capabilities
*htcaps_mask
,
2765 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
2770 if (density
< 0 || density
> 7) {
2771 wpa_msg(wpa_s
, MSG_ERROR
,
2772 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2777 htcaps_mask
->a_mpdu_params
|= 0x1C;
2778 htcaps
->a_mpdu_params
&= ~(0x1C);
2779 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
2785 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
2786 struct ieee80211_ht_capabilities
*htcaps
,
2787 struct ieee80211_ht_capabilities
*htcaps_mask
,
2790 /* Masking these out disables HT40 */
2791 u16 msk
= host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
|
2792 HT_CAP_INFO_SHORT_GI40MHZ
);
2794 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
2797 htcaps
->ht_capabilities_info
&= ~msk
;
2799 htcaps
->ht_capabilities_info
|= msk
;
2801 htcaps_mask
->ht_capabilities_info
|= msk
;
2807 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
2808 struct ieee80211_ht_capabilities
*htcaps
,
2809 struct ieee80211_ht_capabilities
*htcaps_mask
,
2812 /* Masking these out disables SGI */
2813 u16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
2814 HT_CAP_INFO_SHORT_GI40MHZ
);
2816 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
2819 htcaps
->ht_capabilities_info
&= ~msk
;
2821 htcaps
->ht_capabilities_info
|= msk
;
2823 htcaps_mask
->ht_capabilities_info
|= msk
;
2829 void wpa_supplicant_apply_ht_overrides(
2830 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
2831 struct wpa_driver_associate_params
*params
)
2833 struct ieee80211_ht_capabilities
*htcaps
;
2834 struct ieee80211_ht_capabilities
*htcaps_mask
;
2839 params
->disable_ht
= ssid
->disable_ht
;
2840 if (!params
->htcaps
|| !params
->htcaps_mask
)
2843 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
2844 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
2845 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
2846 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
2847 ssid
->disable_max_amsdu
);
2848 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
2849 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
2850 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
2851 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
2854 #endif /* CONFIG_HT_OVERRIDES */
2857 #ifdef CONFIG_VHT_OVERRIDES
2858 void wpa_supplicant_apply_vht_overrides(
2859 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
2860 struct wpa_driver_associate_params
*params
)
2862 struct ieee80211_vht_capabilities
*vhtcaps
;
2863 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
2868 params
->disable_vht
= ssid
->disable_vht
;
2870 vhtcaps
= (void *) params
->vhtcaps
;
2871 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
2873 if (!vhtcaps
|| !vhtcaps_mask
)
2876 vhtcaps
->vht_capabilities_info
= ssid
->vht_capa
;
2877 vhtcaps_mask
->vht_capabilities_info
= ssid
->vht_capa_mask
;
2879 #define OVERRIDE_MCS(i) \
2880 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2881 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2883 vhtcaps->vht_supported_mcs_set.tx_map |= \
2884 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2886 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2887 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2889 vhtcaps->vht_supported_mcs_set.rx_map |= \
2890 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2902 #endif /* CONFIG_VHT_OVERRIDES */
2905 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
2910 if (!wpa_s
->conf
->pcsc_reader
)
2913 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
2917 if (wpa_s
->conf
->pcsc_pin
&&
2918 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
2919 scard_deinit(wpa_s
->scard
);
2920 wpa_s
->scard
= NULL
;
2921 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
2925 len
= sizeof(wpa_s
->imsi
) - 1;
2926 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
2927 scard_deinit(wpa_s
->scard
);
2928 wpa_s
->scard
= NULL
;
2929 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
2932 wpa_s
->imsi
[len
] = '\0';
2934 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
2936 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
2937 wpa_s
->imsi
, wpa_s
->mnc_len
);
2939 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
2940 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
2941 #endif /* PCSC_FUNCS */
2947 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
2951 ext_password_deinit(wpa_s
->ext_pw
);
2952 wpa_s
->ext_pw
= NULL
;
2953 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
2955 if (!wpa_s
->conf
->ext_password_backend
)
2958 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
2961 pos
= os_strchr(val
, ':');
2965 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
2967 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
2969 if (wpa_s
->ext_pw
== NULL
) {
2970 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
2973 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
2979 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
2982 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
2983 struct wpa_radio
*radio
;
2985 while (rn
&& iface
) {
2986 radio
= iface
->radio
;
2987 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
2988 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
2990 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
2994 iface
= iface
->next
;
2997 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
2998 wpa_s
->ifname
, rn
? rn
: "N/A");
2999 radio
= os_zalloc(sizeof(*radio
));
3004 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
3005 dl_list_init(&radio
->ifaces
);
3006 dl_list_init(&radio
->work
);
3007 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
3013 static void radio_work_free(struct wpa_radio_work
*work
)
3015 if (work
->wpa_s
->scan_work
== work
) {
3016 /* This should not really happen. */
3017 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3018 work
->type
, work
, work
->started
);
3019 work
->wpa_s
->scan_work
= NULL
;
3023 if (work
->wpa_s
->p2p_scan_work
== work
) {
3024 /* This should not really happen. */
3025 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3026 work
->type
, work
, work
->started
);
3027 work
->wpa_s
->p2p_scan_work
= NULL
;
3029 #endif /* CONFIG_P2P */
3031 dl_list_del(&work
->list
);
3036 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
3038 struct wpa_radio
*radio
= eloop_ctx
;
3039 struct wpa_radio_work
*work
;
3040 struct os_reltime now
, diff
;
3041 struct wpa_supplicant
*wpa_s
;
3043 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
3048 return; /* already started and still in progress */
3050 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
3052 if (wpa_s
&& wpa_s
->external_scan_running
) {
3053 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
3057 os_get_reltime(&now
);
3058 os_reltime_sub(&now
, &work
->time
, &diff
);
3059 wpa_dbg(work
->wpa_s
, MSG_DEBUG
, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3060 work
->type
, work
, diff
.sec
, diff
.usec
);
3067 void radio_remove_unstarted_work(struct wpa_supplicant
*wpa_s
, const char *type
)
3069 struct wpa_radio_work
*work
, *tmp
;
3070 struct wpa_radio
*radio
= wpa_s
->radio
;
3072 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
3074 if (type
&& (work
->started
|| os_strcmp(type
, work
->type
) != 0))
3076 if (work
->started
) {
3077 wpa_dbg(wpa_s
, MSG_DEBUG
, "Leaving started radio work '%s'@%p in the list",
3081 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove unstarted radio work '%s'@%p",
3084 radio_work_free(work
);
3089 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
3091 struct wpa_radio
*radio
= wpa_s
->radio
;
3096 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
3097 wpa_s
->ifname
, radio
->name
);
3098 dl_list_del(&wpa_s
->radio_list
);
3099 if (!dl_list_empty(&radio
->ifaces
)) {
3100 wpa_s
->radio
= NULL
;
3101 return; /* Interfaces remain for this radio */
3104 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
3105 radio_remove_unstarted_work(wpa_s
, NULL
);
3106 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
3107 wpa_s
->radio
= NULL
;
3112 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
3114 struct wpa_radio
*radio
= wpa_s
->radio
;
3116 if (dl_list_empty(&radio
->work
))
3118 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
3119 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
3124 * radio_add_work - Add a radio work item
3125 * @wpa_s: Pointer to wpa_supplicant data
3126 * @freq: Frequency of the offchannel operation in MHz or 0
3127 * @type: Unique identifier for each type of work
3128 * @next: Force as the next work to be executed
3129 * @cb: Callback function for indicating when radio is available
3130 * @ctx: Context pointer for the work (work->ctx in cb())
3131 * Returns: 0 on success, -1 on failure
3133 * This function is used to request time for an operation that requires
3134 * exclusive radio control. Once the radio is available, the registered callback
3135 * function will be called. radio_work_done() must be called once the exclusive
3136 * radio operation has been completed, so that the radio is freed for other
3137 * operations. The special case of deinit=1 is used to free the context data
3138 * during interface removal. That does not allow the callback function to start
3139 * the radio operation, i.e., it must free any resources allocated for the radio
3142 * The @freq parameter can be used to indicate a single channel on which the
3143 * offchannel operation will occur. This may allow multiple radio work
3144 * operations to be performed in parallel if they apply for the same channel.
3145 * Setting this to 0 indicates that the work item may use multiple channels or
3146 * requires exclusive control of the radio.
3148 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
3149 const char *type
, int next
,
3150 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
3153 struct wpa_radio_work
*work
;
3156 work
= os_zalloc(sizeof(*work
));
3159 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
3160 os_get_reltime(&work
->time
);
3163 work
->wpa_s
= wpa_s
;
3167 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
3169 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
3171 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
3173 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
3174 radio_work_check_next(wpa_s
);
3182 * radio_work_done - Indicate that a radio work item has been completed
3183 * @work: Completed work
3185 * This function is called once the callback function registered with
3186 * radio_add_work() has completed its work.
3188 void radio_work_done(struct wpa_radio_work
*work
)
3190 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
3191 struct os_reltime now
, diff
;
3192 unsigned int started
= work
->started
;
3194 os_get_reltime(&now
);
3195 os_reltime_sub(&now
, &work
->time
, &diff
);
3196 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3197 work
->type
, work
, started
? "done" : "canceled",
3198 diff
.sec
, diff
.usec
);
3199 radio_work_free(work
);
3201 radio_work_check_next(wpa_s
);
3205 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
3206 struct wpa_interface
*iface
)
3208 const char *ifname
, *driver
, *rn
;
3210 driver
= iface
->driver
;
3212 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
3215 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
3216 if (wpa_s
->drv_priv
== NULL
) {
3218 pos
= driver
? os_strchr(driver
, ',') : NULL
;
3220 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
3221 "driver interface - try next driver wrapper");
3225 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
3229 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
3230 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
3231 "driver_param '%s'", wpa_s
->conf
->driver_param
);
3235 ifname
= wpa_drv_get_ifname(wpa_s
);
3236 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
3237 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
3238 "interface name with '%s'", ifname
);
3239 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
3242 if (wpa_s
->driver
->get_radio_name
)
3243 rn
= wpa_s
->driver
->get_radio_name(wpa_s
->drv_priv
);
3246 if (rn
&& rn
[0] == '\0')
3249 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
3250 if (wpa_s
->radio
== NULL
)
3257 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
3258 struct wpa_interface
*iface
)
3260 struct wpa_driver_capa capa
;
3262 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
3263 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
3264 iface
->confname
? iface
->confname
: "N/A",
3265 iface
->driver
? iface
->driver
: "default",
3266 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
3267 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
3269 if (iface
->confname
) {
3270 #ifdef CONFIG_BACKEND_FILE
3271 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
3272 if (wpa_s
->confname
== NULL
) {
3273 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
3274 "for configuration file '%s'.",
3278 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
3279 iface
->confname
, wpa_s
->confname
);
3280 #else /* CONFIG_BACKEND_FILE */
3281 wpa_s
->confname
= os_strdup(iface
->confname
);
3282 #endif /* CONFIG_BACKEND_FILE */
3283 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
3284 if (wpa_s
->conf
== NULL
) {
3285 wpa_printf(MSG_ERROR
, "Failed to read or parse "
3286 "configuration '%s'.", wpa_s
->confname
);
3289 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
3290 wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
);
3293 * Override ctrl_interface and driver_param if set on command
3296 if (iface
->ctrl_interface
) {
3297 os_free(wpa_s
->conf
->ctrl_interface
);
3298 wpa_s
->conf
->ctrl_interface
=
3299 os_strdup(iface
->ctrl_interface
);
3302 if (iface
->driver_param
) {
3303 os_free(wpa_s
->conf
->driver_param
);
3304 wpa_s
->conf
->driver_param
=
3305 os_strdup(iface
->driver_param
);
3308 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
3309 os_free(wpa_s
->conf
->ctrl_interface
);
3310 wpa_s
->conf
->ctrl_interface
= NULL
;
3313 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
3314 iface
->driver_param
);
3316 if (wpa_s
->conf
== NULL
) {
3317 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
3321 if (iface
->ifname
== NULL
) {
3322 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
3325 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
3326 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
3330 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
3332 if (iface
->bridge_ifname
) {
3333 if (os_strlen(iface
->bridge_ifname
) >=
3334 sizeof(wpa_s
->bridge_ifname
)) {
3335 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
3336 "name '%s'.", iface
->bridge_ifname
);
3339 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
3340 sizeof(wpa_s
->bridge_ifname
));
3343 /* RSNA Supplicant Key Management - INITIALIZE */
3344 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
3345 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
3347 /* Initialize driver interface and register driver event handler before
3348 * L2 receive handler so that association events are processed before
3349 * EAPOL-Key packets if both become available for the same select()
3351 if (wpas_init_driver(wpa_s
, iface
) < 0)
3354 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
3357 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
3358 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
3360 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
3362 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
3363 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
3364 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
3365 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
3366 "dot11RSNAConfigPMKLifetime");
3370 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
3371 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
3372 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
3373 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
3374 "dot11RSNAConfigPMKReauthThreshold");
3378 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
3379 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
3380 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
3381 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
3382 "dot11RSNAConfigSATimeout");
3386 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
3387 &wpa_s
->hw
.num_modes
,
3390 if (wpa_drv_get_capa(wpa_s
, &capa
) == 0) {
3391 wpa_s
->drv_capa_known
= 1;
3392 wpa_s
->drv_flags
= capa
.flags
;
3393 wpa_s
->drv_enc
= capa
.enc
;
3394 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
3395 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
3396 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
3397 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
3398 wpa_s
->max_match_sets
= capa
.max_match_sets
;
3399 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
3400 wpa_s
->max_stations
= capa
.max_stations
;
3401 wpa_s
->extended_capa
= capa
.extended_capa
;
3402 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
3403 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
3404 wpa_s
->num_multichan_concurrent
=
3405 capa
.num_multichan_concurrent
;
3407 if (wpa_s
->max_remain_on_chan
== 0)
3408 wpa_s
->max_remain_on_chan
= 1000;
3411 * Only take p2p_mgmt parameters when P2P Device is supported.
3412 * Doing it here as it determines whether l2_packet_init() will be done
3413 * during wpa_supplicant_driver_init().
3415 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
3416 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
3418 iface
->p2p_mgmt
= 1;
3420 if (wpa_s
->num_multichan_concurrent
== 0)
3421 wpa_s
->num_multichan_concurrent
= 1;
3423 if (wpa_supplicant_driver_init(wpa_s
) < 0)
3427 if ((!iface
->p2p_mgmt
||
3428 !(wpa_s
->drv_flags
&
3429 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
3430 wpa_tdls_init(wpa_s
->wpa
))
3432 #endif /* CONFIG_TDLS */
3434 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
3435 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
3436 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
3440 if (wpas_wps_init(wpa_s
))
3443 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
3445 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3447 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
3448 if (wpa_s
->ctrl_iface
== NULL
) {
3449 wpa_printf(MSG_ERROR
,
3450 "Failed to initialize control interface '%s'.\n"
3451 "You may have another wpa_supplicant process "
3452 "already running or the file was\n"
3453 "left by an unclean termination of wpa_supplicant "
3454 "in which case you will need\n"
3455 "to manually remove this file before starting "
3456 "wpa_supplicant again.\n",
3457 wpa_s
->conf
->ctrl_interface
);
3461 wpa_s
->gas
= gas_query_init(wpa_s
);
3462 if (wpa_s
->gas
== NULL
) {
3463 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
3468 if (iface
->p2p_mgmt
&& wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
3469 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
3472 #endif /* CONFIG_P2P */
3474 if (wpa_bss_init(wpa_s
) < 0)
3477 #ifdef CONFIG_EAP_PROXY
3480 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, wpa_s
->imsi
,
3482 if (wpa_s
->mnc_len
> 0) {
3483 wpa_s
->imsi
[len
] = '\0';
3484 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
3485 wpa_s
->imsi
, wpa_s
->mnc_len
);
3487 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
3490 #endif /* CONFIG_EAP_PROXY */
3492 if (pcsc_reader_init(wpa_s
) < 0)
3495 if (wpas_init_ext_pw(wpa_s
) < 0)
3502 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
3503 int notify
, int terminate
)
3505 wpa_s
->disconnected
= 1;
3506 if (wpa_s
->drv_priv
) {
3507 wpa_supplicant_deauthenticate(wpa_s
,
3508 WLAN_REASON_DEAUTH_LEAVING
);
3510 wpa_drv_set_countermeasures(wpa_s
, 0);
3511 wpa_clear_keys(wpa_s
, NULL
);
3514 wpa_supplicant_cleanup(wpa_s
);
3517 if (wpa_s
== wpa_s
->global
->p2p_init_wpa_s
&& wpa_s
->global
->p2p
) {
3518 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: Disable P2P since removing "
3519 "the management interface is being removed");
3520 wpas_p2p_deinit_global(wpa_s
->global
);
3522 #endif /* CONFIG_P2P */
3524 wpas_ctrl_radio_work_flush(wpa_s
);
3525 radio_remove_interface(wpa_s
);
3527 if (wpa_s
->drv_priv
)
3528 wpa_drv_deinit(wpa_s
);
3531 wpas_notify_iface_removed(wpa_s
);
3534 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
3536 if (wpa_s
->ctrl_iface
) {
3537 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
3538 wpa_s
->ctrl_iface
= NULL
;
3541 if (wpa_s
->conf
!= NULL
) {
3542 wpa_config_free(wpa_s
->conf
);
3551 * wpa_supplicant_add_iface - Add a new network interface
3552 * @global: Pointer to global data from wpa_supplicant_init()
3553 * @iface: Interface configuration options
3554 * Returns: Pointer to the created interface or %NULL on failure
3556 * This function is used to add new network interfaces for %wpa_supplicant.
3557 * This can be called before wpa_supplicant_run() to add interfaces before the
3558 * main event loop has been started. In addition, new interfaces can be added
3559 * dynamically while %wpa_supplicant is already running. This could happen,
3560 * e.g., when a hotplug network adapter is inserted.
3562 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
3563 struct wpa_interface
*iface
)
3565 struct wpa_supplicant
*wpa_s
;
3566 struct wpa_interface t_iface
;
3567 struct wpa_ssid
*ssid
;
3569 if (global
== NULL
|| iface
== NULL
)
3572 wpa_s
= wpa_supplicant_alloc();
3576 wpa_s
->global
= global
;
3579 if (global
->params
.override_driver
) {
3580 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
3582 iface
->driver
, global
->params
.override_driver
);
3583 t_iface
.driver
= global
->params
.override_driver
;
3585 if (global
->params
.override_ctrl_interface
) {
3586 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
3587 "ctrl_interface ('%s' -> '%s')",
3588 iface
->ctrl_interface
,
3589 global
->params
.override_ctrl_interface
);
3590 t_iface
.ctrl_interface
=
3591 global
->params
.override_ctrl_interface
;
3593 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
3594 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
3596 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
3600 /* Notify the control interfaces about new iface */
3601 if (wpas_notify_iface_added(wpa_s
)) {
3602 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
3606 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3607 wpas_notify_network_added(wpa_s
, ssid
);
3609 wpa_s
->next
= global
->ifaces
;
3610 global
->ifaces
= wpa_s
;
3612 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
3613 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3620 * wpa_supplicant_remove_iface - Remove a network interface
3621 * @global: Pointer to global data from wpa_supplicant_init()
3622 * @wpa_s: Pointer to the network interface to be removed
3623 * Returns: 0 if interface was removed, -1 if interface was not found
3625 * This function can be used to dynamically remove network interfaces from
3626 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3627 * addition, this function is used to remove all remaining interfaces when
3628 * %wpa_supplicant is terminated.
3630 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
3631 struct wpa_supplicant
*wpa_s
,
3634 struct wpa_supplicant
*prev
;
3636 /* Remove interface from the global list of interfaces */
3637 prev
= global
->ifaces
;
3638 if (prev
== wpa_s
) {
3639 global
->ifaces
= wpa_s
->next
;
3641 while (prev
&& prev
->next
!= wpa_s
)
3645 prev
->next
= wpa_s
->next
;
3648 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
3650 if (global
->p2p_group_formation
== wpa_s
)
3651 global
->p2p_group_formation
= NULL
;
3652 if (global
->p2p_invite_group
== wpa_s
)
3653 global
->p2p_invite_group
= NULL
;
3654 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
3661 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3662 * @wpa_s: Pointer to the network interface
3663 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3665 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
3667 const char *eapol_method
;
3669 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
3670 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3674 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
3675 if (eapol_method
== NULL
)
3676 return "UNKNOWN-EAP";
3678 return eapol_method
;
3683 * wpa_supplicant_get_iface - Get a new network interface
3684 * @global: Pointer to global data from wpa_supplicant_init()
3685 * @ifname: Interface name
3686 * Returns: Pointer to the interface or %NULL if not found
3688 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
3691 struct wpa_supplicant
*wpa_s
;
3693 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
3694 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
3701 #ifndef CONFIG_NO_WPA_MSG
3702 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
3704 struct wpa_supplicant
*wpa_s
= ctx
;
3707 return wpa_s
->ifname
;
3709 #endif /* CONFIG_NO_WPA_MSG */
3713 * wpa_supplicant_init - Initialize %wpa_supplicant
3714 * @params: Parameters for %wpa_supplicant
3715 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3717 * This function is used to initialize %wpa_supplicant. After successful
3718 * initialization, the returned data pointer can be used to add and remove
3719 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3721 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
3723 struct wpa_global
*global
;
3729 #ifdef CONFIG_DRIVER_NDIS
3731 void driver_ndis_init_ops(void);
3732 driver_ndis_init_ops();
3734 #endif /* CONFIG_DRIVER_NDIS */
3736 #ifndef CONFIG_NO_WPA_MSG
3737 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
3738 #endif /* CONFIG_NO_WPA_MSG */
3740 wpa_debug_open_file(params
->wpa_debug_file_path
);
3741 if (params
->wpa_debug_syslog
)
3742 wpa_debug_open_syslog();
3743 if (params
->wpa_debug_tracing
) {
3744 ret
= wpa_debug_open_linux_tracing();
3746 wpa_printf(MSG_ERROR
,
3747 "Failed to enable trace logging");
3752 ret
= eap_register_methods();
3754 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
3756 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
3757 "the same EAP type.");
3761 global
= os_zalloc(sizeof(*global
));
3764 dl_list_init(&global
->p2p_srv_bonjour
);
3765 dl_list_init(&global
->p2p_srv_upnp
);
3766 global
->params
.daemonize
= params
->daemonize
;
3767 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
3768 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
3769 if (params
->pid_file
)
3770 global
->params
.pid_file
= os_strdup(params
->pid_file
);
3771 if (params
->ctrl_interface
)
3772 global
->params
.ctrl_interface
=
3773 os_strdup(params
->ctrl_interface
);
3774 if (params
->ctrl_interface_group
)
3775 global
->params
.ctrl_interface_group
=
3776 os_strdup(params
->ctrl_interface_group
);
3777 if (params
->override_driver
)
3778 global
->params
.override_driver
=
3779 os_strdup(params
->override_driver
);
3780 if (params
->override_ctrl_interface
)
3781 global
->params
.override_ctrl_interface
=
3782 os_strdup(params
->override_ctrl_interface
);
3783 wpa_debug_level
= global
->params
.wpa_debug_level
=
3784 params
->wpa_debug_level
;
3785 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
3786 params
->wpa_debug_show_keys
;
3787 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
3788 params
->wpa_debug_timestamp
;
3790 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
3793 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
3794 wpa_supplicant_deinit(global
);
3798 random_init(params
->entropy_file
);
3800 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
3801 if (global
->ctrl_iface
== NULL
) {
3802 wpa_supplicant_deinit(global
);
3806 if (wpas_notify_supplicant_initialized(global
)) {
3807 wpa_supplicant_deinit(global
);
3811 for (i
= 0; wpa_drivers
[i
]; i
++)
3812 global
->drv_count
++;
3813 if (global
->drv_count
== 0) {
3814 wpa_printf(MSG_ERROR
, "No drivers enabled");
3815 wpa_supplicant_deinit(global
);
3818 global
->drv_priv
= os_zalloc(global
->drv_count
* sizeof(void *));
3819 if (global
->drv_priv
== NULL
) {
3820 wpa_supplicant_deinit(global
);
3824 #ifdef CONFIG_WIFI_DISPLAY
3825 if (wifi_display_init(global
) < 0) {
3826 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
3827 wpa_supplicant_deinit(global
);
3830 #endif /* CONFIG_WIFI_DISPLAY */
3837 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3838 * @global: Pointer to global data from wpa_supplicant_init()
3839 * Returns: 0 after successful event loop run, -1 on failure
3841 * This function starts the main event loop and continues running as long as
3842 * there are any remaining events. In most cases, this function is running as
3843 * long as the %wpa_supplicant process in still in use.
3845 int wpa_supplicant_run(struct wpa_global
*global
)
3847 struct wpa_supplicant
*wpa_s
;
3849 if (global
->params
.daemonize
&&
3850 wpa_supplicant_daemon(global
->params
.pid_file
))
3853 if (global
->params
.wait_for_monitor
) {
3854 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
3855 if (wpa_s
->ctrl_iface
)
3856 wpa_supplicant_ctrl_iface_wait(
3860 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
3861 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
3870 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3871 * @global: Pointer to global data from wpa_supplicant_init()
3873 * This function is called to deinitialize %wpa_supplicant and to free all
3874 * allocated resources. Remaining network interfaces will also be removed.
3876 void wpa_supplicant_deinit(struct wpa_global
*global
)
3883 #ifdef CONFIG_WIFI_DISPLAY
3884 wifi_display_deinit(global
);
3885 #endif /* CONFIG_WIFI_DISPLAY */
3887 while (global
->ifaces
)
3888 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
3890 if (global
->ctrl_iface
)
3891 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
3893 wpas_notify_supplicant_deinitialized(global
);
3895 eap_peer_unregister_methods();
3897 eap_server_unregister_methods();
3898 #endif /* CONFIG_AP */
3900 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
3901 if (!global
->drv_priv
[i
])
3903 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
3905 os_free(global
->drv_priv
);
3911 if (global
->params
.pid_file
) {
3912 os_daemonize_terminate(global
->params
.pid_file
);
3913 os_free(global
->params
.pid_file
);
3915 os_free(global
->params
.ctrl_interface
);
3916 os_free(global
->params
.ctrl_interface_group
);
3917 os_free(global
->params
.override_driver
);
3918 os_free(global
->params
.override_ctrl_interface
);
3920 os_free(global
->p2p_disallow_freq
.range
);
3921 os_free(global
->add_psk
);
3924 wpa_debug_close_syslog();
3925 wpa_debug_close_file();
3926 wpa_debug_close_linux_tracing();
3930 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
3932 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
3933 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
3935 country
[0] = wpa_s
->conf
->country
[0];
3936 country
[1] = wpa_s
->conf
->country
[1];
3938 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
3939 wpa_printf(MSG_ERROR
, "Failed to set country code "
3944 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
3945 wpas_init_ext_pw(wpa_s
);
3948 wpas_wps_update_config(wpa_s
);
3949 #endif /* CONFIG_WPS */
3952 wpas_p2p_update_config(wpa_s
);
3953 #endif /* CONFIG_P2P */
3955 wpa_s
->conf
->changed_parameters
= 0;
3959 static void add_freq(int *freqs
, int *num_freqs
, int freq
)
3963 for (i
= 0; i
< *num_freqs
; i
++) {
3964 if (freqs
[i
] == freq
)
3968 freqs
[*num_freqs
] = freq
;
3973 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
3975 struct wpa_bss
*bss
, *cbss
;
3976 const int max_freqs
= 10;
3980 freqs
= os_zalloc(sizeof(int) * (max_freqs
+ 1));
3984 cbss
= wpa_s
->current_bss
;
3986 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
3989 if (bss
->ssid_len
== cbss
->ssid_len
&&
3990 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
3991 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
3992 add_freq(freqs
, &num_freqs
, bss
->freq
);
3993 if (num_freqs
== max_freqs
)
3998 if (num_freqs
== 0) {
4007 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
4013 wpas_connect_work_done(wpa_s
);
4016 * Remove possible authentication timeout since the connection failed.
4018 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
4020 if (wpa_s
->disconnected
) {
4022 * There is no point in blacklisting the AP if this event is
4023 * generated based on local request to disconnect.
4025 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
4026 "indication since interface has been put into "
4027 "disconnected state");
4032 * Add the failed BSSID into the blacklist and speed up next scan
4033 * attempt if there could be other APs that could accept association.
4034 * The current blacklist count indicates how many times we have tried
4035 * connecting to this AP and multiple attempts mean that other APs are
4036 * either not available or has already been tried, so that we can start
4037 * increasing the delay here to avoid constant scanning.
4039 count
= wpa_blacklist_add(wpa_s
, bssid
);
4040 if (count
== 1 && wpa_s
->current_bss
) {
4042 * This BSS was not in the blacklist before. If there is
4043 * another BSS available for the same ESS, we should try that
4044 * next. Otherwise, we may as well try this one once more
4045 * before allowing other, likely worse, ESSes to be considered.
4047 freqs
= get_bss_freqs_in_ess(wpa_s
);
4049 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
4050 "has been seen; try it next");
4051 wpa_blacklist_add(wpa_s
, bssid
);
4053 * On the next scan, go through only the known channels
4054 * used in this ESS based on previous scans to speed up
4055 * common load balancing use case.
4057 os_free(wpa_s
->next_scan_freqs
);
4058 wpa_s
->next_scan_freqs
= freqs
;
4063 * Add previous failure count in case the temporary blacklist was
4064 * cleared due to no other BSSes being available.
4066 count
+= wpa_s
->extra_blacklist_count
;
4068 if (count
> 3 && wpa_s
->current_ssid
) {
4069 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
4070 "consider temporary network disabling");
4071 wpas_auth_failed(wpa_s
);
4092 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
4093 "ms", count
, timeout
);
4096 * TODO: if more than one possible AP is available in scan results,
4097 * could try the other ones before requesting a new scan.
4099 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
4100 1000 * (timeout
% 1000));
4104 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
4106 return wpa_s
->conf
->ap_scan
== 2 ||
4107 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
4111 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4112 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
4113 struct wpa_ssid
*ssid
,
4117 #ifdef IEEE8021X_EAPOL
4118 struct eap_peer_config
*eap
= &ssid
->eap
;
4120 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
4121 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
4122 (const u8
*) value
, os_strlen(value
));
4124 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
4125 case WPA_CTRL_REQ_EAP_IDENTITY
:
4126 os_free(eap
->identity
);
4127 eap
->identity
= (u8
*) os_strdup(value
);
4128 eap
->identity_len
= os_strlen(value
);
4129 eap
->pending_req_identity
= 0;
4130 if (ssid
== wpa_s
->current_ssid
)
4131 wpa_s
->reassociate
= 1;
4133 case WPA_CTRL_REQ_EAP_PASSWORD
:
4134 os_free(eap
->password
);
4135 eap
->password
= (u8
*) os_strdup(value
);
4136 eap
->password_len
= os_strlen(value
);
4137 eap
->pending_req_password
= 0;
4138 if (ssid
== wpa_s
->current_ssid
)
4139 wpa_s
->reassociate
= 1;
4141 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
4142 os_free(eap
->new_password
);
4143 eap
->new_password
= (u8
*) os_strdup(value
);
4144 eap
->new_password_len
= os_strlen(value
);
4145 eap
->pending_req_new_password
= 0;
4146 if (ssid
== wpa_s
->current_ssid
)
4147 wpa_s
->reassociate
= 1;
4149 case WPA_CTRL_REQ_EAP_PIN
:
4151 eap
->pin
= os_strdup(value
);
4152 eap
->pending_req_pin
= 0;
4153 if (ssid
== wpa_s
->current_ssid
)
4154 wpa_s
->reassociate
= 1;
4156 case WPA_CTRL_REQ_EAP_OTP
:
4158 eap
->otp
= (u8
*) os_strdup(value
);
4159 eap
->otp_len
= os_strlen(value
);
4160 os_free(eap
->pending_req_otp
);
4161 eap
->pending_req_otp
= NULL
;
4162 eap
->pending_req_otp_len
= 0;
4164 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
4165 os_free(eap
->private_key_passwd
);
4166 eap
->private_key_passwd
= (u8
*) os_strdup(value
);
4167 eap
->pending_req_passphrase
= 0;
4168 if (ssid
== wpa_s
->current_ssid
)
4169 wpa_s
->reassociate
= 1;
4171 case WPA_CTRL_REQ_SIM
:
4172 os_free(eap
->external_sim_resp
);
4173 eap
->external_sim_resp
= os_strdup(value
);
4176 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
4181 #else /* IEEE8021X_EAPOL */
4182 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
4184 #endif /* IEEE8021X_EAPOL */
4186 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4189 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
4192 unsigned int drv_enc
;
4200 if (wpa_s
&& wpa_s
->drv_capa_known
)
4201 drv_enc
= wpa_s
->drv_enc
;
4203 drv_enc
= (unsigned int) -1;
4205 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
4206 size_t len
= ssid
->wep_key_len
[i
];
4209 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
4211 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
4213 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
4215 return 1; /* invalid WEP key */
4218 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
4226 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
4228 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
4230 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
4236 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
)
4238 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
4240 struct os_reltime now
;
4243 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
4248 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
4251 ssid
->auth_failures
++;
4254 if (ssid
->p2p_group
&&
4255 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
4257 * Skip the wait time since there is a short timeout on the
4258 * connection to a P2P group.
4262 #endif /* CONFIG_P2P */
4264 if (ssid
->auth_failures
> 50)
4266 else if (ssid
->auth_failures
> 20)
4268 else if (ssid
->auth_failures
> 10)
4270 else if (ssid
->auth_failures
> 5)
4272 else if (ssid
->auth_failures
> 1)
4277 os_get_reltime(&now
);
4278 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
4281 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
4283 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
4284 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4285 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
4286 ssid
->auth_failures
, dur
);
4290 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
4291 struct wpa_ssid
*ssid
, int clear_failures
)
4296 if (ssid
->disabled_until
.sec
) {
4297 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
4298 "id=%d ssid=\"%s\"",
4299 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
4301 ssid
->disabled_until
.sec
= 0;
4302 ssid
->disabled_until
.usec
= 0;
4304 ssid
->auth_failures
= 0;
4308 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
4312 if (wpa_s
->disallow_aps_bssid
== NULL
)
4315 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
4316 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
4317 bssid
, ETH_ALEN
) == 0)
4325 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
4330 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
4333 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
4334 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
4335 if (ssid_len
== s
->ssid_len
&&
4336 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
4345 * wpas_request_connection - Request a new connection
4346 * @wpa_s: Pointer to the network interface
4348 * This function is used to request a new connection to be found. It will mark
4349 * the interface to allow reassociation and request a new scan to find a
4350 * suitable network to connect to.
4352 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
4354 wpa_s
->normal_scans
= 0;
4355 wpa_supplicant_reinit_autoscan(wpa_s
);
4356 wpa_s
->extra_blacklist_count
= 0;
4357 wpa_s
->disconnected
= 0;
4358 wpa_s
->reassociate
= 1;
4360 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
4361 wpa_supplicant_req_scan(wpa_s
, 0, 0);
4365 void dump_freq_array(struct wpa_supplicant
*wpa_s
, const char *title
,
4366 int *freq_array
, unsigned int len
)
4370 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
4372 for (i
= 0; i
< len
; i
++)
4373 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d", i
, freq_array
[i
]);
4378 * Find the operating frequencies of any of the virtual interfaces that
4379 * are using the same radio as the current interface.
4381 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
4382 int *freq_array
, unsigned int len
)
4384 struct wpa_supplicant
*ifs
;
4387 unsigned int idx
= 0, i
;
4389 wpa_dbg(wpa_s
, MSG_DEBUG
,
4390 "Determining shared radio frequencies (max len %u)", len
);
4391 os_memset(freq_array
, 0, sizeof(int) * len
);
4393 /* First add the frequency of the local interface */
4394 if (wpa_s
->current_ssid
!= NULL
&& wpa_s
->assoc_freq
!= 0) {
4395 if (wpa_s
->current_ssid
->mode
== WPAS_MODE_AP
||
4396 wpa_s
->current_ssid
->mode
== WPAS_MODE_P2P_GO
)
4397 freq_array
[idx
++] = wpa_s
->current_ssid
->frequency
;
4398 else if (wpa_drv_get_bssid(wpa_s
, bssid
) == 0)
4399 freq_array
[idx
++] = wpa_s
->assoc_freq
;
4402 /* If get_radio_name is not supported, use only the local freq */
4403 if (!wpa_s
->driver
->get_radio_name
) {
4404 freq
= wpa_drv_shared_freq(wpa_s
);
4405 if (freq
> 0 && idx
< len
&&
4406 (idx
== 0 || freq_array
[0] != freq
))
4407 freq_array
[idx
++] = freq
;
4408 dump_freq_array(wpa_s
, "No get_radio_name", freq_array
, idx
);
4412 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
4417 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
4420 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
4421 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
)
4422 freq
= ifs
->current_ssid
->frequency
;
4423 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
4424 freq
= ifs
->assoc_freq
;
4428 /* Hold only distinct freqs */
4429 for (i
= 0; i
< idx
; i
++)
4430 if (freq_array
[i
] == freq
)
4434 freq_array
[idx
++] = freq
;
4437 dump_freq_array(wpa_s
, "completed iteration", freq_array
, idx
);