]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
FILS: Set FILS Capability bit in management frames from station
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "p2p/p2p.h"
42 #include "fst/fst.h"
43 #include "blacklist.h"
44 #include "wpas_glue.h"
45 #include "wps_supplicant.h"
46 #include "ibss_rsn.h"
47 #include "sme.h"
48 #include "gas_query.h"
49 #include "ap.h"
50 #include "p2p_supplicant.h"
51 #include "wifi_display.h"
52 #include "notify.h"
53 #include "bgscan.h"
54 #include "autoscan.h"
55 #include "bss.h"
56 #include "scan.h"
57 #include "offchannel.h"
58 #include "hs20_supplicant.h"
59 #include "wnm_sta.h"
60 #include "wpas_kay.h"
61 #include "mesh.h"
62
63 const char *const wpa_supplicant_version =
64 "wpa_supplicant v" VERSION_STR "\n"
65 "Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors";
66
67 const char *const wpa_supplicant_license =
68 "This software may be distributed under the terms of the BSD license.\n"
69 "See README for more details.\n"
70 #ifdef EAP_TLS_OPENSSL
71 "\nThis product includes software developed by the OpenSSL Project\n"
72 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
73 #endif /* EAP_TLS_OPENSSL */
74 ;
75
76 #ifndef CONFIG_NO_STDOUT_DEBUG
77 /* Long text divided into parts in order to fit in C89 strings size limits. */
78 const char *const wpa_supplicant_full_license1 =
79 "";
80 const char *const wpa_supplicant_full_license2 =
81 "This software may be distributed under the terms of the BSD license.\n"
82 "\n"
83 "Redistribution and use in source and binary forms, with or without\n"
84 "modification, are permitted provided that the following conditions are\n"
85 "met:\n"
86 "\n";
87 const char *const wpa_supplicant_full_license3 =
88 "1. Redistributions of source code must retain the above copyright\n"
89 " notice, this list of conditions and the following disclaimer.\n"
90 "\n"
91 "2. Redistributions in binary form must reproduce the above copyright\n"
92 " notice, this list of conditions and the following disclaimer in the\n"
93 " documentation and/or other materials provided with the distribution.\n"
94 "\n";
95 const char *const wpa_supplicant_full_license4 =
96 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
97 " names of its contributors may be used to endorse or promote products\n"
98 " derived from this software without specific prior written permission.\n"
99 "\n"
100 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
101 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
102 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
103 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
104 const char *const wpa_supplicant_full_license5 =
105 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
106 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
107 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
108 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
109 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
110 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
111 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
112 "\n";
113 #endif /* CONFIG_NO_STDOUT_DEBUG */
114
115 /* Configure default/group WEP keys for static WEP */
116 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
117 {
118 int i, set = 0;
119
120 for (i = 0; i < NUM_WEP_KEYS; i++) {
121 if (ssid->wep_key_len[i] == 0)
122 continue;
123
124 set = 1;
125 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
126 i, i == ssid->wep_tx_keyidx, NULL, 0,
127 ssid->wep_key[i], ssid->wep_key_len[i]);
128 }
129
130 return set;
131 }
132
133
134 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
135 struct wpa_ssid *ssid)
136 {
137 u8 key[32];
138 size_t keylen;
139 enum wpa_alg alg;
140 u8 seq[6] = { 0 };
141 int ret;
142
143 /* IBSS/WPA-None uses only one key (Group) for both receiving and
144 * sending unicast and multicast packets. */
145
146 if (ssid->mode != WPAS_MODE_IBSS) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
148 "IBSS/ad-hoc) for WPA-None", ssid->mode);
149 return -1;
150 }
151
152 if (!ssid->psk_set) {
153 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 "WPA-None");
155 return -1;
156 }
157
158 switch (wpa_s->group_cipher) {
159 case WPA_CIPHER_CCMP:
160 os_memcpy(key, ssid->psk, 16);
161 keylen = 16;
162 alg = WPA_ALG_CCMP;
163 break;
164 case WPA_CIPHER_GCMP:
165 os_memcpy(key, ssid->psk, 16);
166 keylen = 16;
167 alg = WPA_ALG_GCMP;
168 break;
169 case WPA_CIPHER_TKIP:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key, ssid->psk, 16 + 8);
172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 keylen = 32;
174 alg = WPA_ALG_TKIP;
175 break;
176 default:
177 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s->group_cipher);
179 return -1;
180 }
181
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
184
185 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
186 os_memset(key, 0, sizeof(key));
187 return ret;
188 }
189
190
191 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
192 {
193 struct wpa_supplicant *wpa_s = eloop_ctx;
194 const u8 *bssid = wpa_s->bssid;
195 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
196 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
197 wpa_s->wpa_state == WPA_ASSOCIATING))
198 bssid = wpa_s->pending_bssid;
199 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
200 MAC2STR(bssid));
201 wpa_blacklist_add(wpa_s, bssid);
202 wpa_sm_notify_disassoc(wpa_s->wpa);
203 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
204 wpa_s->reassociate = 1;
205
206 /*
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
209 */
210 wpa_supplicant_req_scan(wpa_s, 1, 0);
211 }
212
213
214 /**
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
219 *
220 * This function is used to schedule a timeout for the current authentication
221 * attempt.
222 */
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 int sec, int usec)
225 {
226 if (wpa_s->conf->ap_scan == 0 &&
227 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 return;
229
230 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
231 "%d usec", sec, usec);
232 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
233 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
234 }
235
236
237 /**
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
240 *
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 * been completed.
244 */
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
246 {
247 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
249 wpa_blacklist_del(wpa_s, wpa_s->bssid);
250 }
251
252
253 /**
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
256 *
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
259 */
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
261 {
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf;
264 struct wpa_ssid *ssid = wpa_s->current_ssid;
265
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid->mode == WPAS_MODE_IBSS &&
268 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
270 /*
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
273 */
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 return;
278 }
279 #endif /* CONFIG_IBSS_RSN */
280
281 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
282 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
283
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
285 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
286 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
287 else
288 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
289
290 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
291 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
292 eapol_conf.accept_802_1x_keys = 1;
293 eapol_conf.required_keys = 0;
294 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
295 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
296 }
297 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
298 eapol_conf.required_keys |=
299 EAPOL_REQUIRE_KEY_BROADCAST;
300 }
301
302 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
303 eapol_conf.required_keys = 0;
304 }
305 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
306 eapol_conf.workaround = ssid->eap_workaround;
307 eapol_conf.eap_disabled =
308 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
309 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
311 eapol_conf.external_sim = wpa_s->conf->external_sim;
312
313 #ifdef CONFIG_WPS
314 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
315 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
316 if (wpa_s->current_bss) {
317 struct wpabuf *ie;
318 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
319 WPS_IE_VENDOR_TYPE);
320 if (ie) {
321 if (wps_is_20(ie))
322 eapol_conf.wps |=
323 EAPOL_PEER_IS_WPS20_AP;
324 wpabuf_free(ie);
325 }
326 }
327 }
328 #endif /* CONFIG_WPS */
329
330 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
331
332 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
333 #endif /* IEEE8021X_EAPOL */
334 }
335
336
337 /**
338 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
339 * @wpa_s: Pointer to wpa_supplicant data
340 * @ssid: Configuration data for the network
341 *
342 * This function is used to configure WPA state machine and related parameters
343 * to a mode where WPA is not enabled. This is called as part of the
344 * authentication configuration when the selected network does not use WPA.
345 */
346 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
347 struct wpa_ssid *ssid)
348 {
349 int i;
350
351 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
352 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
353 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
354 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
355 else
356 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
357 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
358 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
359 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
360 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
361 wpa_s->group_cipher = WPA_CIPHER_NONE;
362 wpa_s->mgmt_group_cipher = 0;
363
364 for (i = 0; i < NUM_WEP_KEYS; i++) {
365 if (ssid->wep_key_len[i] > 5) {
366 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
367 wpa_s->group_cipher = WPA_CIPHER_WEP104;
368 break;
369 } else if (ssid->wep_key_len[i] > 0) {
370 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
371 wpa_s->group_cipher = WPA_CIPHER_WEP40;
372 break;
373 }
374 }
375
376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
377 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
378 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
379 wpa_s->pairwise_cipher);
380 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
381 #ifdef CONFIG_IEEE80211W
382 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
383 wpa_s->mgmt_group_cipher);
384 #endif /* CONFIG_IEEE80211W */
385
386 pmksa_cache_clear_current(wpa_s->wpa);
387 }
388
389
390 void free_hw_features(struct wpa_supplicant *wpa_s)
391 {
392 int i;
393 if (wpa_s->hw.modes == NULL)
394 return;
395
396 for (i = 0; i < wpa_s->hw.num_modes; i++) {
397 os_free(wpa_s->hw.modes[i].channels);
398 os_free(wpa_s->hw.modes[i].rates);
399 }
400
401 os_free(wpa_s->hw.modes);
402 wpa_s->hw.modes = NULL;
403 }
404
405
406 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
407 {
408 struct wpa_bss_tmp_disallowed *bss, *prev;
409
410 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
411 struct wpa_bss_tmp_disallowed, list) {
412 dl_list_del(&bss->list);
413 os_free(bss);
414 }
415 }
416
417
418 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
419 {
420 int i;
421
422 bgscan_deinit(wpa_s);
423 autoscan_deinit(wpa_s);
424 scard_deinit(wpa_s->scard);
425 wpa_s->scard = NULL;
426 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
427 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
428 l2_packet_deinit(wpa_s->l2);
429 wpa_s->l2 = NULL;
430 if (wpa_s->l2_br) {
431 l2_packet_deinit(wpa_s->l2_br);
432 wpa_s->l2_br = NULL;
433 }
434 #ifdef CONFIG_TESTING_OPTIONS
435 l2_packet_deinit(wpa_s->l2_test);
436 wpa_s->l2_test = NULL;
437 #endif /* CONFIG_TESTING_OPTIONS */
438
439 if (wpa_s->conf != NULL) {
440 struct wpa_ssid *ssid;
441 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
442 wpas_notify_network_removed(wpa_s, ssid);
443 }
444
445 os_free(wpa_s->confname);
446 wpa_s->confname = NULL;
447
448 os_free(wpa_s->confanother);
449 wpa_s->confanother = NULL;
450
451 wpa_sm_set_eapol(wpa_s->wpa, NULL);
452 eapol_sm_deinit(wpa_s->eapol);
453 wpa_s->eapol = NULL;
454
455 rsn_preauth_deinit(wpa_s->wpa);
456
457 #ifdef CONFIG_TDLS
458 wpa_tdls_deinit(wpa_s->wpa);
459 #endif /* CONFIG_TDLS */
460
461 wmm_ac_clear_saved_tspecs(wpa_s);
462 pmksa_candidate_free(wpa_s->wpa);
463 wpa_sm_deinit(wpa_s->wpa);
464 wpa_s->wpa = NULL;
465 wpa_blacklist_clear(wpa_s);
466
467 wpa_bss_deinit(wpa_s);
468
469 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
470 wpa_supplicant_cancel_scan(wpa_s);
471 wpa_supplicant_cancel_auth_timeout(wpa_s);
472 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
473 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
474 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
475 wpa_s, NULL);
476 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
477
478 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
479
480 wpas_wps_deinit(wpa_s);
481
482 wpabuf_free(wpa_s->pending_eapol_rx);
483 wpa_s->pending_eapol_rx = NULL;
484
485 #ifdef CONFIG_IBSS_RSN
486 ibss_rsn_deinit(wpa_s->ibss_rsn);
487 wpa_s->ibss_rsn = NULL;
488 #endif /* CONFIG_IBSS_RSN */
489
490 sme_deinit(wpa_s);
491
492 #ifdef CONFIG_AP
493 wpa_supplicant_ap_deinit(wpa_s);
494 #endif /* CONFIG_AP */
495
496 wpas_p2p_deinit(wpa_s);
497
498 #ifdef CONFIG_OFFCHANNEL
499 offchannel_deinit(wpa_s);
500 #endif /* CONFIG_OFFCHANNEL */
501
502 wpa_supplicant_cancel_sched_scan(wpa_s);
503
504 os_free(wpa_s->next_scan_freqs);
505 wpa_s->next_scan_freqs = NULL;
506
507 os_free(wpa_s->manual_scan_freqs);
508 wpa_s->manual_scan_freqs = NULL;
509
510 os_free(wpa_s->manual_sched_scan_freqs);
511 wpa_s->manual_sched_scan_freqs = NULL;
512
513 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
514
515 /*
516 * Need to remove any pending gas-query radio work before the
517 * gas_query_deinit() call because gas_query::work has not yet been set
518 * for works that have not been started. gas_query_free() will be unable
519 * to cancel such pending radio works and once the pending gas-query
520 * radio work eventually gets removed, the deinit notification call to
521 * gas_query_start_cb() would result in dereferencing freed memory.
522 */
523 if (wpa_s->radio)
524 radio_remove_works(wpa_s, "gas-query", 0);
525 gas_query_deinit(wpa_s->gas);
526 wpa_s->gas = NULL;
527
528 free_hw_features(wpa_s);
529
530 ieee802_1x_dealloc_kay_sm(wpa_s);
531
532 os_free(wpa_s->bssid_filter);
533 wpa_s->bssid_filter = NULL;
534
535 os_free(wpa_s->disallow_aps_bssid);
536 wpa_s->disallow_aps_bssid = NULL;
537 os_free(wpa_s->disallow_aps_ssid);
538 wpa_s->disallow_aps_ssid = NULL;
539
540 wnm_bss_keep_alive_deinit(wpa_s);
541 #ifdef CONFIG_WNM
542 wnm_deallocate_memory(wpa_s);
543 #endif /* CONFIG_WNM */
544
545 ext_password_deinit(wpa_s->ext_pw);
546 wpa_s->ext_pw = NULL;
547
548 wpabuf_free(wpa_s->last_gas_resp);
549 wpa_s->last_gas_resp = NULL;
550 wpabuf_free(wpa_s->prev_gas_resp);
551 wpa_s->prev_gas_resp = NULL;
552
553 os_free(wpa_s->last_scan_res);
554 wpa_s->last_scan_res = NULL;
555
556 #ifdef CONFIG_HS20
557 if (wpa_s->drv_priv)
558 wpa_drv_configure_frame_filters(wpa_s, 0);
559 hs20_deinit(wpa_s);
560 #endif /* CONFIG_HS20 */
561
562 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
563 wpabuf_free(wpa_s->vendor_elem[i]);
564 wpa_s->vendor_elem[i] = NULL;
565 }
566
567 wmm_ac_notify_disassoc(wpa_s);
568
569 wpa_s->sched_scan_plans_num = 0;
570 os_free(wpa_s->sched_scan_plans);
571 wpa_s->sched_scan_plans = NULL;
572
573 #ifdef CONFIG_MBO
574 wpa_s->non_pref_chan_num = 0;
575 os_free(wpa_s->non_pref_chan);
576 wpa_s->non_pref_chan = NULL;
577 #endif /* CONFIG_MBO */
578
579 free_bss_tmp_disallowed(wpa_s);
580
581 wpabuf_free(wpa_s->lci);
582 wpa_s->lci = NULL;
583 }
584
585
586 /**
587 * wpa_clear_keys - Clear keys configured for the driver
588 * @wpa_s: Pointer to wpa_supplicant data
589 * @addr: Previously used BSSID or %NULL if not available
590 *
591 * This function clears the encryption keys that has been previously configured
592 * for the driver.
593 */
594 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
595 {
596 int i, max;
597
598 #ifdef CONFIG_IEEE80211W
599 max = 6;
600 #else /* CONFIG_IEEE80211W */
601 max = 4;
602 #endif /* CONFIG_IEEE80211W */
603
604 /* MLME-DELETEKEYS.request */
605 for (i = 0; i < max; i++) {
606 if (wpa_s->keys_cleared & BIT(i))
607 continue;
608 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
609 NULL, 0);
610 }
611 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
612 !is_zero_ether_addr(addr)) {
613 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
614 0);
615 /* MLME-SETPROTECTION.request(None) */
616 wpa_drv_mlme_setprotection(
617 wpa_s, addr,
618 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
619 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
620 }
621 wpa_s->keys_cleared = (u32) -1;
622 }
623
624
625 /**
626 * wpa_supplicant_state_txt - Get the connection state name as a text string
627 * @state: State (wpa_state; WPA_*)
628 * Returns: The state name as a printable text string
629 */
630 const char * wpa_supplicant_state_txt(enum wpa_states state)
631 {
632 switch (state) {
633 case WPA_DISCONNECTED:
634 return "DISCONNECTED";
635 case WPA_INACTIVE:
636 return "INACTIVE";
637 case WPA_INTERFACE_DISABLED:
638 return "INTERFACE_DISABLED";
639 case WPA_SCANNING:
640 return "SCANNING";
641 case WPA_AUTHENTICATING:
642 return "AUTHENTICATING";
643 case WPA_ASSOCIATING:
644 return "ASSOCIATING";
645 case WPA_ASSOCIATED:
646 return "ASSOCIATED";
647 case WPA_4WAY_HANDSHAKE:
648 return "4WAY_HANDSHAKE";
649 case WPA_GROUP_HANDSHAKE:
650 return "GROUP_HANDSHAKE";
651 case WPA_COMPLETED:
652 return "COMPLETED";
653 default:
654 return "UNKNOWN";
655 }
656 }
657
658
659 #ifdef CONFIG_BGSCAN
660
661 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
662 {
663 const char *name;
664
665 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
666 name = wpa_s->current_ssid->bgscan;
667 else
668 name = wpa_s->conf->bgscan;
669 if (name == NULL || name[0] == '\0')
670 return;
671 if (wpas_driver_bss_selection(wpa_s))
672 return;
673 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
674 return;
675 #ifdef CONFIG_P2P
676 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
677 return;
678 #endif /* CONFIG_P2P */
679
680 bgscan_deinit(wpa_s);
681 if (wpa_s->current_ssid) {
682 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
683 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
684 "bgscan");
685 /*
686 * Live without bgscan; it is only used as a roaming
687 * optimization, so the initial connection is not
688 * affected.
689 */
690 } else {
691 struct wpa_scan_results *scan_res;
692 wpa_s->bgscan_ssid = wpa_s->current_ssid;
693 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
694 0);
695 if (scan_res) {
696 bgscan_notify_scan(wpa_s, scan_res);
697 wpa_scan_results_free(scan_res);
698 }
699 }
700 } else
701 wpa_s->bgscan_ssid = NULL;
702 }
703
704
705 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
706 {
707 if (wpa_s->bgscan_ssid != NULL) {
708 bgscan_deinit(wpa_s);
709 wpa_s->bgscan_ssid = NULL;
710 }
711 }
712
713 #endif /* CONFIG_BGSCAN */
714
715
716 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
717 {
718 if (autoscan_init(wpa_s, 0))
719 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
720 }
721
722
723 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
724 {
725 autoscan_deinit(wpa_s);
726 }
727
728
729 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
730 {
731 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
732 wpa_s->wpa_state == WPA_SCANNING) {
733 autoscan_deinit(wpa_s);
734 wpa_supplicant_start_autoscan(wpa_s);
735 }
736 }
737
738
739 /**
740 * wpa_supplicant_set_state - Set current connection state
741 * @wpa_s: Pointer to wpa_supplicant data
742 * @state: The new connection state
743 *
744 * This function is called whenever the connection state changes, e.g.,
745 * association is completed for WPA/WPA2 4-Way Handshake is started.
746 */
747 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
748 enum wpa_states state)
749 {
750 enum wpa_states old_state = wpa_s->wpa_state;
751
752 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
753 wpa_supplicant_state_txt(wpa_s->wpa_state),
754 wpa_supplicant_state_txt(state));
755
756 if (state == WPA_INTERFACE_DISABLED) {
757 /* Assure normal scan when interface is restored */
758 wpa_s->normal_scans = 0;
759 }
760
761 if (state == WPA_COMPLETED) {
762 wpas_connect_work_done(wpa_s);
763 /* Reinitialize normal_scan counter */
764 wpa_s->normal_scans = 0;
765 }
766
767 #ifdef CONFIG_P2P
768 /*
769 * P2PS client has to reply to Probe Request frames received on the
770 * group operating channel. Enable Probe Request frame reporting for
771 * P2P connected client in case p2p_cli_probe configuration property is
772 * set to 1.
773 */
774 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
775 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
776 wpa_s->current_ssid->p2p_group) {
777 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
778 wpa_dbg(wpa_s, MSG_DEBUG,
779 "P2P: Enable CLI Probe Request RX reporting");
780 wpa_s->p2p_cli_probe =
781 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
782 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
783 wpa_dbg(wpa_s, MSG_DEBUG,
784 "P2P: Disable CLI Probe Request RX reporting");
785 wpa_s->p2p_cli_probe = 0;
786 wpa_drv_probe_req_report(wpa_s, 0);
787 }
788 }
789 #endif /* CONFIG_P2P */
790
791 if (state != WPA_SCANNING)
792 wpa_supplicant_notify_scanning(wpa_s, 0);
793
794 if (state == WPA_COMPLETED && wpa_s->new_connection) {
795 struct wpa_ssid *ssid = wpa_s->current_ssid;
796 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
797 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
798 MACSTR " completed [id=%d id_str=%s]",
799 MAC2STR(wpa_s->bssid),
800 ssid ? ssid->id : -1,
801 ssid && ssid->id_str ? ssid->id_str : "");
802 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
803 wpas_clear_temp_disabled(wpa_s, ssid, 1);
804 wpa_blacklist_clear(wpa_s);
805 wpa_s->extra_blacklist_count = 0;
806 wpa_s->new_connection = 0;
807 wpa_drv_set_operstate(wpa_s, 1);
808 #ifndef IEEE8021X_EAPOL
809 wpa_drv_set_supp_port(wpa_s, 1);
810 #endif /* IEEE8021X_EAPOL */
811 wpa_s->after_wps = 0;
812 wpa_s->known_wps_freq = 0;
813 wpas_p2p_completed(wpa_s);
814
815 sme_sched_obss_scan(wpa_s, 1);
816 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
817 state == WPA_ASSOCIATED) {
818 wpa_s->new_connection = 1;
819 wpa_drv_set_operstate(wpa_s, 0);
820 #ifndef IEEE8021X_EAPOL
821 wpa_drv_set_supp_port(wpa_s, 0);
822 #endif /* IEEE8021X_EAPOL */
823 sme_sched_obss_scan(wpa_s, 0);
824 }
825 wpa_s->wpa_state = state;
826
827 #ifdef CONFIG_BGSCAN
828 if (state == WPA_COMPLETED)
829 wpa_supplicant_start_bgscan(wpa_s);
830 else if (state < WPA_ASSOCIATED)
831 wpa_supplicant_stop_bgscan(wpa_s);
832 #endif /* CONFIG_BGSCAN */
833
834 if (state == WPA_AUTHENTICATING)
835 wpa_supplicant_stop_autoscan(wpa_s);
836
837 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
838 wpa_supplicant_start_autoscan(wpa_s);
839
840 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
841 wmm_ac_notify_disassoc(wpa_s);
842
843 if (wpa_s->wpa_state != old_state) {
844 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
845
846 /*
847 * Notify the P2P Device interface about a state change in one
848 * of the interfaces.
849 */
850 wpas_p2p_indicate_state_change(wpa_s);
851
852 if (wpa_s->wpa_state == WPA_COMPLETED ||
853 old_state == WPA_COMPLETED)
854 wpas_notify_auth_changed(wpa_s);
855 }
856 }
857
858
859 void wpa_supplicant_terminate_proc(struct wpa_global *global)
860 {
861 int pending = 0;
862 #ifdef CONFIG_WPS
863 struct wpa_supplicant *wpa_s = global->ifaces;
864 while (wpa_s) {
865 struct wpa_supplicant *next = wpa_s->next;
866 if (wpas_wps_terminate_pending(wpa_s) == 1)
867 pending = 1;
868 #ifdef CONFIG_P2P
869 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
870 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
871 wpas_p2p_disconnect(wpa_s);
872 #endif /* CONFIG_P2P */
873 wpa_s = next;
874 }
875 #endif /* CONFIG_WPS */
876 if (pending)
877 return;
878 eloop_terminate();
879 }
880
881
882 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
883 {
884 struct wpa_global *global = signal_ctx;
885 wpa_supplicant_terminate_proc(global);
886 }
887
888
889 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
890 {
891 enum wpa_states old_state = wpa_s->wpa_state;
892
893 wpa_s->pairwise_cipher = 0;
894 wpa_s->group_cipher = 0;
895 wpa_s->mgmt_group_cipher = 0;
896 wpa_s->key_mgmt = 0;
897 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
898 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
899
900 if (wpa_s->wpa_state != old_state)
901 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
902 }
903
904
905 /**
906 * wpa_supplicant_reload_configuration - Reload configuration data
907 * @wpa_s: Pointer to wpa_supplicant data
908 * Returns: 0 on success or -1 if configuration parsing failed
909 *
910 * This function can be used to request that the configuration data is reloaded
911 * (e.g., after configuration file change). This function is reloading
912 * configuration only for one interface, so this may need to be called multiple
913 * times if %wpa_supplicant is controlling multiple interfaces and all
914 * interfaces need reconfiguration.
915 */
916 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
917 {
918 struct wpa_config *conf;
919 int reconf_ctrl;
920 int old_ap_scan;
921
922 if (wpa_s->confname == NULL)
923 return -1;
924 conf = wpa_config_read(wpa_s->confname, NULL);
925 if (conf == NULL) {
926 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
927 "file '%s' - exiting", wpa_s->confname);
928 return -1;
929 }
930 wpa_config_read(wpa_s->confanother, conf);
931
932 conf->changed_parameters = (unsigned int) -1;
933
934 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
935 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
936 os_strcmp(conf->ctrl_interface,
937 wpa_s->conf->ctrl_interface) != 0);
938
939 if (reconf_ctrl && wpa_s->ctrl_iface) {
940 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
941 wpa_s->ctrl_iface = NULL;
942 }
943
944 eapol_sm_invalidate_cached_session(wpa_s->eapol);
945 if (wpa_s->current_ssid) {
946 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
947 wpa_s->own_disconnect_req = 1;
948 wpa_supplicant_deauthenticate(wpa_s,
949 WLAN_REASON_DEAUTH_LEAVING);
950 }
951
952 /*
953 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
954 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
955 */
956 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
957 /*
958 * Clear forced success to clear EAP state for next
959 * authentication.
960 */
961 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
962 }
963 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
964 wpa_sm_set_config(wpa_s->wpa, NULL);
965 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
966 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
967 rsn_preauth_deinit(wpa_s->wpa);
968
969 old_ap_scan = wpa_s->conf->ap_scan;
970 wpa_config_free(wpa_s->conf);
971 wpa_s->conf = conf;
972 if (old_ap_scan != wpa_s->conf->ap_scan)
973 wpas_notify_ap_scan_changed(wpa_s);
974
975 if (reconf_ctrl)
976 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
977
978 wpa_supplicant_update_config(wpa_s);
979
980 wpa_supplicant_clear_status(wpa_s);
981 if (wpa_supplicant_enabled_networks(wpa_s)) {
982 wpa_s->reassociate = 1;
983 wpa_supplicant_req_scan(wpa_s, 0, 0);
984 }
985 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
986 return 0;
987 }
988
989
990 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
991 {
992 struct wpa_global *global = signal_ctx;
993 struct wpa_supplicant *wpa_s;
994 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
995 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
996 sig);
997 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
998 wpa_supplicant_terminate_proc(global);
999 }
1000 }
1001
1002 if (wpa_debug_reopen_file() < 0) {
1003 /* Ignore errors since we cannot really do much to fix this */
1004 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1005 }
1006 }
1007
1008
1009 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1010 struct wpa_ssid *ssid,
1011 struct wpa_ie_data *ie)
1012 {
1013 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1014 if (ret) {
1015 if (ret == -2) {
1016 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1017 "from association info");
1018 }
1019 return -1;
1020 }
1021
1022 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1023 "cipher suites");
1024 if (!(ie->group_cipher & ssid->group_cipher)) {
1025 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1026 "cipher 0x%x (mask 0x%x) - reject",
1027 ie->group_cipher, ssid->group_cipher);
1028 return -1;
1029 }
1030 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1031 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1032 "cipher 0x%x (mask 0x%x) - reject",
1033 ie->pairwise_cipher, ssid->pairwise_cipher);
1034 return -1;
1035 }
1036 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1037 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1038 "management 0x%x (mask 0x%x) - reject",
1039 ie->key_mgmt, ssid->key_mgmt);
1040 return -1;
1041 }
1042
1043 #ifdef CONFIG_IEEE80211W
1044 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1045 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1046 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1047 "that does not support management frame protection - "
1048 "reject");
1049 return -1;
1050 }
1051 #endif /* CONFIG_IEEE80211W */
1052
1053 return 0;
1054 }
1055
1056
1057 /**
1058 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1059 * @wpa_s: Pointer to wpa_supplicant data
1060 * @bss: Scan results for the selected BSS, or %NULL if not available
1061 * @ssid: Configuration data for the selected network
1062 * @wpa_ie: Buffer for the WPA/RSN IE
1063 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1064 * used buffer length in case the functions returns success.
1065 * Returns: 0 on success or -1 on failure
1066 *
1067 * This function is used to configure authentication and encryption parameters
1068 * based on the network configuration and scan result for the selected BSS (if
1069 * available).
1070 */
1071 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1072 struct wpa_bss *bss, struct wpa_ssid *ssid,
1073 u8 *wpa_ie, size_t *wpa_ie_len)
1074 {
1075 struct wpa_ie_data ie;
1076 int sel, proto;
1077 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1078
1079 if (bss) {
1080 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1081 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1082 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1083 } else
1084 bss_wpa = bss_rsn = bss_osen = NULL;
1085
1086 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1087 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1088 (ie.group_cipher & ssid->group_cipher) &&
1089 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1090 (ie.key_mgmt & ssid->key_mgmt)) {
1091 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1092 proto = WPA_PROTO_RSN;
1093 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1094 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1095 (ie.group_cipher & ssid->group_cipher) &&
1096 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1097 (ie.key_mgmt & ssid->key_mgmt)) {
1098 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1099 proto = WPA_PROTO_WPA;
1100 #ifdef CONFIG_HS20
1101 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1102 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1103 /* TODO: parse OSEN element */
1104 os_memset(&ie, 0, sizeof(ie));
1105 ie.group_cipher = WPA_CIPHER_CCMP;
1106 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1107 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1108 proto = WPA_PROTO_OSEN;
1109 #endif /* CONFIG_HS20 */
1110 } else if (bss) {
1111 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1112 wpa_dbg(wpa_s, MSG_DEBUG,
1113 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1114 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1115 ssid->key_mgmt);
1116 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1117 MAC2STR(bss->bssid),
1118 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1119 bss_wpa ? " WPA" : "",
1120 bss_rsn ? " RSN" : "",
1121 bss_osen ? " OSEN" : "");
1122 if (bss_rsn) {
1123 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1124 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1125 wpa_dbg(wpa_s, MSG_DEBUG,
1126 "Could not parse RSN element");
1127 } else {
1128 wpa_dbg(wpa_s, MSG_DEBUG,
1129 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1130 ie.pairwise_cipher, ie.group_cipher,
1131 ie.key_mgmt);
1132 }
1133 }
1134 if (bss_wpa) {
1135 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1136 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1137 wpa_dbg(wpa_s, MSG_DEBUG,
1138 "Could not parse WPA element");
1139 } else {
1140 wpa_dbg(wpa_s, MSG_DEBUG,
1141 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1142 ie.pairwise_cipher, ie.group_cipher,
1143 ie.key_mgmt);
1144 }
1145 }
1146 return -1;
1147 } else {
1148 if (ssid->proto & WPA_PROTO_OSEN)
1149 proto = WPA_PROTO_OSEN;
1150 else if (ssid->proto & WPA_PROTO_RSN)
1151 proto = WPA_PROTO_RSN;
1152 else
1153 proto = WPA_PROTO_WPA;
1154 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1155 os_memset(&ie, 0, sizeof(ie));
1156 ie.group_cipher = ssid->group_cipher;
1157 ie.pairwise_cipher = ssid->pairwise_cipher;
1158 ie.key_mgmt = ssid->key_mgmt;
1159 #ifdef CONFIG_IEEE80211W
1160 ie.mgmt_group_cipher =
1161 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1162 WPA_CIPHER_AES_128_CMAC : 0;
1163 #endif /* CONFIG_IEEE80211W */
1164 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1165 "based on configuration");
1166 } else
1167 proto = ie.proto;
1168 }
1169
1170 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1171 "pairwise %d key_mgmt %d proto %d",
1172 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1173 #ifdef CONFIG_IEEE80211W
1174 if (ssid->ieee80211w) {
1175 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1176 ie.mgmt_group_cipher);
1177 }
1178 #endif /* CONFIG_IEEE80211W */
1179
1180 wpa_s->wpa_proto = proto;
1181 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1182 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1183 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1184
1185 if (bss || !wpa_s->ap_ies_from_associnfo) {
1186 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1187 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1188 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1189 bss_rsn ? 2 + bss_rsn[1] : 0))
1190 return -1;
1191 }
1192
1193 #ifdef CONFIG_NO_WPA
1194 wpa_s->group_cipher = WPA_CIPHER_NONE;
1195 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1196 #else /* CONFIG_NO_WPA */
1197 sel = ie.group_cipher & ssid->group_cipher;
1198 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1199 if (wpa_s->group_cipher < 0) {
1200 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1201 "cipher");
1202 return -1;
1203 }
1204 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1205 wpa_cipher_txt(wpa_s->group_cipher));
1206
1207 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1208 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1209 if (wpa_s->pairwise_cipher < 0) {
1210 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1211 "cipher");
1212 return -1;
1213 }
1214 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1215 wpa_cipher_txt(wpa_s->pairwise_cipher));
1216 #endif /* CONFIG_NO_WPA */
1217
1218 sel = ie.key_mgmt & ssid->key_mgmt;
1219 #ifdef CONFIG_SAE
1220 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1221 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1222 #endif /* CONFIG_SAE */
1223 if (0) {
1224 #ifdef CONFIG_SUITEB192
1225 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1226 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1227 wpa_dbg(wpa_s, MSG_DEBUG,
1228 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1229 #endif /* CONFIG_SUITEB192 */
1230 #ifdef CONFIG_SUITEB
1231 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1232 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1233 wpa_dbg(wpa_s, MSG_DEBUG,
1234 "WPA: using KEY_MGMT 802.1X with Suite B");
1235 #endif /* CONFIG_SUITEB */
1236 #ifdef CONFIG_IEEE80211R
1237 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1238 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1239 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1240 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1241 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1242 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1243 #endif /* CONFIG_IEEE80211R */
1244 #ifdef CONFIG_SAE
1245 } else if (sel & WPA_KEY_MGMT_SAE) {
1246 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1247 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1248 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1249 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1250 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1251 #endif /* CONFIG_SAE */
1252 #ifdef CONFIG_IEEE80211W
1253 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1254 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1255 wpa_dbg(wpa_s, MSG_DEBUG,
1256 "WPA: using KEY_MGMT 802.1X with SHA256");
1257 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1258 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1259 wpa_dbg(wpa_s, MSG_DEBUG,
1260 "WPA: using KEY_MGMT PSK with SHA256");
1261 #endif /* CONFIG_IEEE80211W */
1262 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1263 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1264 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1265 } else if (sel & WPA_KEY_MGMT_PSK) {
1266 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1267 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1268 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1269 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1270 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1271 #ifdef CONFIG_HS20
1272 } else if (sel & WPA_KEY_MGMT_OSEN) {
1273 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1274 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1275 #endif /* CONFIG_HS20 */
1276 } else {
1277 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1278 "authenticated key management type");
1279 return -1;
1280 }
1281
1282 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1283 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1284 wpa_s->pairwise_cipher);
1285 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1286
1287 #ifdef CONFIG_IEEE80211W
1288 sel = ie.mgmt_group_cipher;
1289 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1290 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1291 sel = 0;
1292 if (sel & WPA_CIPHER_AES_128_CMAC) {
1293 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1294 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1295 "AES-128-CMAC");
1296 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1297 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1298 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1299 "BIP-GMAC-128");
1300 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1301 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1302 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1303 "BIP-GMAC-256");
1304 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1305 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1306 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1307 "BIP-CMAC-256");
1308 } else {
1309 wpa_s->mgmt_group_cipher = 0;
1310 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1311 }
1312 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1313 wpa_s->mgmt_group_cipher);
1314 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1315 wpas_get_ssid_pmf(wpa_s, ssid));
1316 #endif /* CONFIG_IEEE80211W */
1317
1318 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1319 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1320 return -1;
1321 }
1322
1323 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1324 int psk_set = 0;
1325
1326 if (ssid->psk_set) {
1327 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1328 NULL);
1329 psk_set = 1;
1330 }
1331 #ifndef CONFIG_NO_PBKDF2
1332 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1333 ssid->passphrase) {
1334 u8 psk[PMK_LEN];
1335 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1336 4096, psk, PMK_LEN);
1337 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1338 psk, PMK_LEN);
1339 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1340 psk_set = 1;
1341 os_memset(psk, 0, sizeof(psk));
1342 }
1343 #endif /* CONFIG_NO_PBKDF2 */
1344 #ifdef CONFIG_EXT_PASSWORD
1345 if (ssid->ext_psk) {
1346 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1347 ssid->ext_psk);
1348 char pw_str[64 + 1];
1349 u8 psk[PMK_LEN];
1350
1351 if (pw == NULL) {
1352 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1353 "found from external storage");
1354 return -1;
1355 }
1356
1357 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1358 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1359 "PSK length %d in external storage",
1360 (int) wpabuf_len(pw));
1361 ext_password_free(pw);
1362 return -1;
1363 }
1364
1365 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1366 pw_str[wpabuf_len(pw)] = '\0';
1367
1368 #ifndef CONFIG_NO_PBKDF2
1369 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1370 {
1371 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1372 4096, psk, PMK_LEN);
1373 os_memset(pw_str, 0, sizeof(pw_str));
1374 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1375 "external passphrase)",
1376 psk, PMK_LEN);
1377 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1378 NULL);
1379 psk_set = 1;
1380 os_memset(psk, 0, sizeof(psk));
1381 } else
1382 #endif /* CONFIG_NO_PBKDF2 */
1383 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1384 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1385 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1386 "Invalid PSK hex string");
1387 os_memset(pw_str, 0, sizeof(pw_str));
1388 ext_password_free(pw);
1389 return -1;
1390 }
1391 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1392 NULL);
1393 psk_set = 1;
1394 os_memset(psk, 0, sizeof(psk));
1395 } else {
1396 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1397 "PSK available");
1398 os_memset(pw_str, 0, sizeof(pw_str));
1399 ext_password_free(pw);
1400 return -1;
1401 }
1402
1403 os_memset(pw_str, 0, sizeof(pw_str));
1404 ext_password_free(pw);
1405 }
1406 #endif /* CONFIG_EXT_PASSWORD */
1407
1408 if (!psk_set) {
1409 wpa_msg(wpa_s, MSG_INFO,
1410 "No PSK available for association");
1411 return -1;
1412 }
1413 } else
1414 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1415
1416 return 0;
1417 }
1418
1419
1420 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1421 {
1422 *pos = 0x00;
1423
1424 switch (idx) {
1425 case 0: /* Bits 0-7 */
1426 break;
1427 case 1: /* Bits 8-15 */
1428 break;
1429 case 2: /* Bits 16-23 */
1430 #ifdef CONFIG_WNM
1431 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1432 *pos |= 0x08; /* Bit 19 - BSS Transition */
1433 #endif /* CONFIG_WNM */
1434 break;
1435 case 3: /* Bits 24-31 */
1436 #ifdef CONFIG_WNM
1437 *pos |= 0x02; /* Bit 25 - SSID List */
1438 #endif /* CONFIG_WNM */
1439 #ifdef CONFIG_INTERWORKING
1440 if (wpa_s->conf->interworking)
1441 *pos |= 0x80; /* Bit 31 - Interworking */
1442 #endif /* CONFIG_INTERWORKING */
1443 break;
1444 case 4: /* Bits 32-39 */
1445 #ifdef CONFIG_INTERWORKING
1446 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1447 *pos |= 0x01; /* Bit 32 - QoS Map */
1448 #endif /* CONFIG_INTERWORKING */
1449 break;
1450 case 5: /* Bits 40-47 */
1451 #ifdef CONFIG_HS20
1452 if (wpa_s->conf->hs20)
1453 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1454 #endif /* CONFIG_HS20 */
1455 #ifdef CONFIG_MBO
1456 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1457 #endif /* CONFIG_MBO */
1458 break;
1459 case 6: /* Bits 48-55 */
1460 break;
1461 case 7: /* Bits 56-63 */
1462 break;
1463 case 8: /* Bits 64-71 */
1464 if (wpa_s->conf->ftm_responder)
1465 *pos |= 0x40; /* Bit 70 - FTM responder */
1466 if (wpa_s->conf->ftm_initiator)
1467 *pos |= 0x80; /* Bit 71 - FTM initiator */
1468 break;
1469 case 9: /* Bits 72-79 */
1470 #ifdef CONFIG_FILS
1471 *pos |= 0x01;
1472 #endif /* CONFIG_FILS */
1473 break;
1474 }
1475 }
1476
1477
1478 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1479 {
1480 u8 *pos = buf;
1481 u8 len = 10, i;
1482
1483 if (len < wpa_s->extended_capa_len)
1484 len = wpa_s->extended_capa_len;
1485 if (buflen < (size_t) len + 2) {
1486 wpa_printf(MSG_INFO,
1487 "Not enough room for building extended capabilities element");
1488 return -1;
1489 }
1490
1491 *pos++ = WLAN_EID_EXT_CAPAB;
1492 *pos++ = len;
1493 for (i = 0; i < len; i++, pos++) {
1494 wpas_ext_capab_byte(wpa_s, pos, i);
1495
1496 if (i < wpa_s->extended_capa_len) {
1497 *pos &= ~wpa_s->extended_capa_mask[i];
1498 *pos |= wpa_s->extended_capa[i];
1499 }
1500 }
1501
1502 while (len > 0 && buf[1 + len] == 0) {
1503 len--;
1504 buf[1] = len;
1505 }
1506 if (len == 0)
1507 return 0;
1508
1509 return 2 + len;
1510 }
1511
1512
1513 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1514 struct wpa_bss *test_bss)
1515 {
1516 struct wpa_bss *bss;
1517
1518 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1519 if (bss == test_bss)
1520 return 1;
1521 }
1522
1523 return 0;
1524 }
1525
1526
1527 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1528 struct wpa_ssid *test_ssid)
1529 {
1530 struct wpa_ssid *ssid;
1531
1532 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1533 if (ssid == test_ssid)
1534 return 1;
1535 }
1536
1537 return 0;
1538 }
1539
1540
1541 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1542 struct wpa_ssid *test_ssid)
1543 {
1544 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1545 return 0;
1546
1547 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1548 }
1549
1550
1551 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1552 {
1553 if (cwork == NULL)
1554 return;
1555 os_free(cwork);
1556 }
1557
1558
1559 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1560 {
1561 struct wpa_connect_work *cwork;
1562 struct wpa_radio_work *work = wpa_s->connect_work;
1563
1564 if (!work)
1565 return;
1566
1567 wpa_s->connect_work = NULL;
1568 cwork = work->ctx;
1569 work->ctx = NULL;
1570 wpas_connect_work_free(cwork);
1571 radio_work_done(work);
1572 }
1573
1574
1575 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1576 {
1577 struct os_reltime now;
1578 u8 addr[ETH_ALEN];
1579
1580 os_get_reltime(&now);
1581 if (wpa_s->last_mac_addr_style == style &&
1582 wpa_s->last_mac_addr_change.sec != 0 &&
1583 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1584 wpa_s->conf->rand_addr_lifetime)) {
1585 wpa_msg(wpa_s, MSG_DEBUG,
1586 "Previously selected random MAC address has not yet expired");
1587 return 0;
1588 }
1589
1590 switch (style) {
1591 case 1:
1592 if (random_mac_addr(addr) < 0)
1593 return -1;
1594 break;
1595 case 2:
1596 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1597 if (random_mac_addr_keep_oui(addr) < 0)
1598 return -1;
1599 break;
1600 default:
1601 return -1;
1602 }
1603
1604 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1605 wpa_msg(wpa_s, MSG_INFO,
1606 "Failed to set random MAC address");
1607 return -1;
1608 }
1609
1610 os_get_reltime(&wpa_s->last_mac_addr_change);
1611 wpa_s->mac_addr_changed = 1;
1612 wpa_s->last_mac_addr_style = style;
1613
1614 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1615 wpa_msg(wpa_s, MSG_INFO,
1616 "Could not update MAC address information");
1617 return -1;
1618 }
1619
1620 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1621 MAC2STR(addr));
1622
1623 return 0;
1624 }
1625
1626
1627 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1628 {
1629 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1630 !wpa_s->conf->preassoc_mac_addr)
1631 return 0;
1632
1633 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1634 }
1635
1636
1637 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1638
1639 /**
1640 * wpa_supplicant_associate - Request association
1641 * @wpa_s: Pointer to wpa_supplicant data
1642 * @bss: Scan results for the selected BSS, or %NULL if not available
1643 * @ssid: Configuration data for the selected network
1644 *
1645 * This function is used to request %wpa_supplicant to associate with a BSS.
1646 */
1647 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1648 struct wpa_bss *bss, struct wpa_ssid *ssid)
1649 {
1650 struct wpa_connect_work *cwork;
1651 int rand_style;
1652
1653 wpa_s->own_disconnect_req = 0;
1654
1655 /*
1656 * If we are starting a new connection, any previously pending EAPOL
1657 * RX cannot be valid anymore.
1658 */
1659 wpabuf_free(wpa_s->pending_eapol_rx);
1660 wpa_s->pending_eapol_rx = NULL;
1661
1662 if (ssid->mac_addr == -1)
1663 rand_style = wpa_s->conf->mac_addr;
1664 else
1665 rand_style = ssid->mac_addr;
1666
1667 wmm_ac_clear_saved_tspecs(wpa_s);
1668 wpa_s->reassoc_same_bss = 0;
1669 wpa_s->reassoc_same_ess = 0;
1670
1671 if (wpa_s->last_ssid == ssid) {
1672 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1673 wpa_s->reassoc_same_ess = 1;
1674 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1675 wmm_ac_save_tspecs(wpa_s);
1676 wpa_s->reassoc_same_bss = 1;
1677 }
1678 } else if (rand_style > 0) {
1679 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1680 return;
1681 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1682 } else if (wpa_s->mac_addr_changed) {
1683 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1684 wpa_msg(wpa_s, MSG_INFO,
1685 "Could not restore permanent MAC address");
1686 return;
1687 }
1688 wpa_s->mac_addr_changed = 0;
1689 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1690 wpa_msg(wpa_s, MSG_INFO,
1691 "Could not update MAC address information");
1692 return;
1693 }
1694 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1695 }
1696 wpa_s->last_ssid = ssid;
1697
1698 #ifdef CONFIG_IBSS_RSN
1699 ibss_rsn_deinit(wpa_s->ibss_rsn);
1700 wpa_s->ibss_rsn = NULL;
1701 #endif /* CONFIG_IBSS_RSN */
1702
1703 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1704 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1705 #ifdef CONFIG_AP
1706 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1707 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1708 "mode");
1709 return;
1710 }
1711 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1712 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1713 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1714 wpas_p2p_ap_setup_failed(wpa_s);
1715 return;
1716 }
1717 wpa_s->current_bss = bss;
1718 #else /* CONFIG_AP */
1719 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1720 "the build");
1721 #endif /* CONFIG_AP */
1722 return;
1723 }
1724
1725 if (ssid->mode == WPAS_MODE_MESH) {
1726 #ifdef CONFIG_MESH
1727 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1728 wpa_msg(wpa_s, MSG_INFO,
1729 "Driver does not support mesh mode");
1730 return;
1731 }
1732 if (bss)
1733 ssid->frequency = bss->freq;
1734 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1735 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1736 return;
1737 }
1738 wpa_s->current_bss = bss;
1739 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1740 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1741 ssid->id);
1742 #else /* CONFIG_MESH */
1743 wpa_msg(wpa_s, MSG_ERROR,
1744 "mesh mode support not included in the build");
1745 #endif /* CONFIG_MESH */
1746 return;
1747 }
1748
1749 #ifdef CONFIG_TDLS
1750 if (bss)
1751 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1752 bss->ie_len);
1753 #endif /* CONFIG_TDLS */
1754
1755 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1756 ssid->mode == IEEE80211_MODE_INFRA) {
1757 sme_authenticate(wpa_s, bss, ssid);
1758 return;
1759 }
1760
1761 if (wpa_s->connect_work) {
1762 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1763 return;
1764 }
1765
1766 if (radio_work_pending(wpa_s, "connect")) {
1767 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1768 return;
1769 }
1770
1771 wpas_abort_ongoing_scan(wpa_s);
1772
1773 cwork = os_zalloc(sizeof(*cwork));
1774 if (cwork == NULL)
1775 return;
1776
1777 cwork->bss = bss;
1778 cwork->ssid = ssid;
1779
1780 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1781 wpas_start_assoc_cb, cwork) < 0) {
1782 os_free(cwork);
1783 }
1784 }
1785
1786
1787 static int bss_is_ibss(struct wpa_bss *bss)
1788 {
1789 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1790 IEEE80211_CAP_IBSS;
1791 }
1792
1793
1794 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1795 const struct wpa_ssid *ssid)
1796 {
1797 enum hostapd_hw_mode hw_mode;
1798 struct hostapd_hw_modes *mode = NULL;
1799 u8 channel;
1800 int i;
1801
1802 #ifdef CONFIG_HT_OVERRIDES
1803 if (ssid->disable_ht)
1804 return 0;
1805 #endif /* CONFIG_HT_OVERRIDES */
1806
1807 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1808 if (hw_mode == NUM_HOSTAPD_MODES)
1809 return 0;
1810 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1811 if (wpa_s->hw.modes[i].mode == hw_mode) {
1812 mode = &wpa_s->hw.modes[i];
1813 break;
1814 }
1815 }
1816
1817 if (!mode)
1818 return 0;
1819
1820 return mode->vht_capab != 0;
1821 }
1822
1823
1824 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1825 const struct wpa_ssid *ssid,
1826 struct hostapd_freq_params *freq)
1827 {
1828 enum hostapd_hw_mode hw_mode;
1829 struct hostapd_hw_modes *mode = NULL;
1830 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1831 184, 192 };
1832 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1833 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1834 u8 channel;
1835 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1836 unsigned int j, k;
1837 struct hostapd_freq_params vht_freq;
1838 int chwidth, seg0, seg1;
1839 u32 vht_caps = 0;
1840
1841 freq->freq = ssid->frequency;
1842
1843 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1844 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1845
1846 if (ssid->mode != WPAS_MODE_IBSS)
1847 break;
1848
1849 /* Don't adjust control freq in case of fixed_freq */
1850 if (ssid->fixed_freq)
1851 break;
1852
1853 if (!bss_is_ibss(bss))
1854 continue;
1855
1856 if (ssid->ssid_len == bss->ssid_len &&
1857 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1858 wpa_printf(MSG_DEBUG,
1859 "IBSS already found in scan results, adjust control freq: %d",
1860 bss->freq);
1861 freq->freq = bss->freq;
1862 obss_scan = 0;
1863 break;
1864 }
1865 }
1866
1867 /* For IBSS check HT_IBSS flag */
1868 if (ssid->mode == WPAS_MODE_IBSS &&
1869 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1870 return;
1871
1872 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1873 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1874 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1875 wpa_printf(MSG_DEBUG,
1876 "IBSS: WEP/TKIP detected, do not try to enable HT");
1877 return;
1878 }
1879
1880 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1881 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1882 if (wpa_s->hw.modes[i].mode == hw_mode) {
1883 mode = &wpa_s->hw.modes[i];
1884 break;
1885 }
1886 }
1887
1888 if (!mode)
1889 return;
1890
1891 #ifdef CONFIG_HT_OVERRIDES
1892 if (ssid->disable_ht) {
1893 freq->ht_enabled = 0;
1894 return;
1895 }
1896 #endif /* CONFIG_HT_OVERRIDES */
1897
1898 freq->ht_enabled = ht_supported(mode);
1899 if (!freq->ht_enabled)
1900 return;
1901
1902 /* Setup higher BW only for 5 GHz */
1903 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1904 return;
1905
1906 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1907 pri_chan = &mode->channels[chan_idx];
1908 if (pri_chan->chan == channel)
1909 break;
1910 pri_chan = NULL;
1911 }
1912 if (!pri_chan)
1913 return;
1914
1915 /* Check primary channel flags */
1916 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1917 return;
1918
1919 #ifdef CONFIG_HT_OVERRIDES
1920 if (ssid->disable_ht40)
1921 return;
1922 #endif /* CONFIG_HT_OVERRIDES */
1923
1924 /* Check/setup HT40+/HT40- */
1925 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1926 if (ht40plus[j] == channel) {
1927 ht40 = 1;
1928 break;
1929 }
1930 }
1931
1932 /* Find secondary channel */
1933 for (i = 0; i < mode->num_channels; i++) {
1934 sec_chan = &mode->channels[i];
1935 if (sec_chan->chan == channel + ht40 * 4)
1936 break;
1937 sec_chan = NULL;
1938 }
1939 if (!sec_chan)
1940 return;
1941
1942 /* Check secondary channel flags */
1943 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1944 return;
1945
1946 freq->channel = pri_chan->chan;
1947
1948 if (ht40 == -1) {
1949 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1950 return;
1951 } else {
1952 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1953 return;
1954 }
1955 freq->sec_channel_offset = ht40;
1956
1957 if (obss_scan) {
1958 struct wpa_scan_results *scan_res;
1959
1960 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1961 if (scan_res == NULL) {
1962 /* Back to HT20 */
1963 freq->sec_channel_offset = 0;
1964 return;
1965 }
1966
1967 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1968 sec_chan->chan);
1969 switch (res) {
1970 case 0:
1971 /* Back to HT20 */
1972 freq->sec_channel_offset = 0;
1973 break;
1974 case 1:
1975 /* Configuration allowed */
1976 break;
1977 case 2:
1978 /* Switch pri/sec channels */
1979 freq->freq = hw_get_freq(mode, sec_chan->chan);
1980 freq->sec_channel_offset = -freq->sec_channel_offset;
1981 freq->channel = sec_chan->chan;
1982 break;
1983 default:
1984 freq->sec_channel_offset = 0;
1985 break;
1986 }
1987
1988 wpa_scan_results_free(scan_res);
1989 }
1990
1991 wpa_printf(MSG_DEBUG,
1992 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1993 freq->channel, freq->sec_channel_offset);
1994
1995 if (!drv_supports_vht(wpa_s, ssid))
1996 return;
1997
1998 /* For IBSS check VHT_IBSS flag */
1999 if (ssid->mode == WPAS_MODE_IBSS &&
2000 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2001 return;
2002
2003 vht_freq = *freq;
2004
2005 vht_freq.vht_enabled = vht_supported(mode);
2006 if (!vht_freq.vht_enabled)
2007 return;
2008
2009 /* setup center_freq1, bandwidth */
2010 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2011 if (freq->channel >= vht80[j] &&
2012 freq->channel < vht80[j] + 16)
2013 break;
2014 }
2015
2016 if (j == ARRAY_SIZE(vht80))
2017 return;
2018
2019 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2020 struct hostapd_channel_data *chan;
2021
2022 chan = hw_get_channel_chan(mode, i, NULL);
2023 if (!chan)
2024 return;
2025
2026 /* Back to HT configuration if channel not usable */
2027 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2028 return;
2029 }
2030
2031 chwidth = VHT_CHANWIDTH_80MHZ;
2032 seg0 = vht80[j] + 6;
2033 seg1 = 0;
2034
2035 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2036 /* setup center_freq2, bandwidth */
2037 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2038 /* Only accept 80 MHz segments separated by a gap */
2039 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2040 continue;
2041 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2042 struct hostapd_channel_data *chan;
2043
2044 chan = hw_get_channel_chan(mode, i, NULL);
2045 if (!chan)
2046 continue;
2047
2048 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2049 HOSTAPD_CHAN_NO_IR |
2050 HOSTAPD_CHAN_RADAR))
2051 continue;
2052
2053 /* Found a suitable second segment for 80+80 */
2054 chwidth = VHT_CHANWIDTH_80P80MHZ;
2055 vht_caps |=
2056 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2057 seg1 = vht80[k] + 6;
2058 }
2059
2060 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2061 break;
2062 }
2063 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2064 if (freq->freq == 5180) {
2065 chwidth = VHT_CHANWIDTH_160MHZ;
2066 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2067 seg0 = 50;
2068 } else if (freq->freq == 5520) {
2069 chwidth = VHT_CHANWIDTH_160MHZ;
2070 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2071 seg0 = 114;
2072 }
2073 }
2074
2075 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2076 freq->channel, freq->ht_enabled,
2077 vht_freq.vht_enabled,
2078 freq->sec_channel_offset,
2079 chwidth, seg0, seg1, vht_caps) != 0)
2080 return;
2081
2082 *freq = vht_freq;
2083
2084 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2085 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2086 }
2087
2088
2089 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2090 {
2091 struct wpa_connect_work *cwork = work->ctx;
2092 struct wpa_bss *bss = cwork->bss;
2093 struct wpa_ssid *ssid = cwork->ssid;
2094 struct wpa_supplicant *wpa_s = work->wpa_s;
2095 u8 wpa_ie[200];
2096 size_t wpa_ie_len;
2097 int use_crypt, ret, i, bssid_changed;
2098 int algs = WPA_AUTH_ALG_OPEN;
2099 unsigned int cipher_pairwise, cipher_group;
2100 struct wpa_driver_associate_params params;
2101 int wep_keys_set = 0;
2102 int assoc_failed = 0;
2103 struct wpa_ssid *old_ssid;
2104 u8 prev_bssid[ETH_ALEN];
2105 #ifdef CONFIG_HT_OVERRIDES
2106 struct ieee80211_ht_capabilities htcaps;
2107 struct ieee80211_ht_capabilities htcaps_mask;
2108 #endif /* CONFIG_HT_OVERRIDES */
2109 #ifdef CONFIG_VHT_OVERRIDES
2110 struct ieee80211_vht_capabilities vhtcaps;
2111 struct ieee80211_vht_capabilities vhtcaps_mask;
2112 #endif /* CONFIG_VHT_OVERRIDES */
2113 #ifdef CONFIG_MBO
2114 const u8 *mbo = NULL;
2115 #endif /* CONFIG_MBO */
2116
2117 if (deinit) {
2118 if (work->started) {
2119 wpa_s->connect_work = NULL;
2120
2121 /* cancel possible auth. timeout */
2122 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2123 NULL);
2124 }
2125 wpas_connect_work_free(cwork);
2126 return;
2127 }
2128
2129 wpa_s->connect_work = work;
2130
2131 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2132 wpas_network_disabled(wpa_s, ssid)) {
2133 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2134 wpas_connect_work_done(wpa_s);
2135 return;
2136 }
2137
2138 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2139 os_memset(&params, 0, sizeof(params));
2140 wpa_s->reassociate = 0;
2141 wpa_s->eap_expected_failure = 0;
2142 if (bss &&
2143 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2144 #ifdef CONFIG_IEEE80211R
2145 const u8 *ie, *md = NULL;
2146 #endif /* CONFIG_IEEE80211R */
2147 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2148 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2149 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2150 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2151 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2152 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2153 if (bssid_changed)
2154 wpas_notify_bssid_changed(wpa_s);
2155 #ifdef CONFIG_IEEE80211R
2156 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2157 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2158 md = ie + 2;
2159 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2160 if (md) {
2161 /* Prepare for the next transition */
2162 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2163 }
2164 #endif /* CONFIG_IEEE80211R */
2165 #ifdef CONFIG_WPS
2166 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2167 wpa_s->conf->ap_scan == 2 &&
2168 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2169 /* Use ap_scan==1 style network selection to find the network
2170 */
2171 wpas_connect_work_done(wpa_s);
2172 wpa_s->scan_req = MANUAL_SCAN_REQ;
2173 wpa_s->reassociate = 1;
2174 wpa_supplicant_req_scan(wpa_s, 0, 0);
2175 return;
2176 #endif /* CONFIG_WPS */
2177 } else {
2178 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2179 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2180 if (bss)
2181 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2182 else
2183 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2184 }
2185 if (!wpa_s->pno)
2186 wpa_supplicant_cancel_sched_scan(wpa_s);
2187
2188 wpa_supplicant_cancel_scan(wpa_s);
2189
2190 /* Starting new association, so clear the possibly used WPA IE from the
2191 * previous association. */
2192 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2193
2194 #ifdef IEEE8021X_EAPOL
2195 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2196 if (ssid->leap) {
2197 if (ssid->non_leap == 0)
2198 algs = WPA_AUTH_ALG_LEAP;
2199 else
2200 algs |= WPA_AUTH_ALG_LEAP;
2201 }
2202 }
2203 #endif /* IEEE8021X_EAPOL */
2204 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2205 if (ssid->auth_alg) {
2206 algs = ssid->auth_alg;
2207 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2208 "0x%x", algs);
2209 }
2210
2211 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2212 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2213 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2214 int try_opportunistic;
2215 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2216 wpa_s->conf->okc :
2217 ssid->proactive_key_caching) &&
2218 (ssid->proto & WPA_PROTO_RSN);
2219 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2220 ssid, try_opportunistic) == 0)
2221 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2222 wpa_ie_len = sizeof(wpa_ie);
2223 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2224 wpa_ie, &wpa_ie_len)) {
2225 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2226 "key management and encryption suites");
2227 wpas_connect_work_done(wpa_s);
2228 return;
2229 }
2230 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2231 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2232 /*
2233 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2234 * use non-WPA since the scan results did not indicate that the
2235 * AP is using WPA or WPA2.
2236 */
2237 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2238 wpa_ie_len = 0;
2239 wpa_s->wpa_proto = 0;
2240 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2241 wpa_ie_len = sizeof(wpa_ie);
2242 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2243 wpa_ie, &wpa_ie_len)) {
2244 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2245 "key management and encryption suites (no "
2246 "scan results)");
2247 wpas_connect_work_done(wpa_s);
2248 return;
2249 }
2250 #ifdef CONFIG_WPS
2251 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2252 struct wpabuf *wps_ie;
2253 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2254 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2255 wpa_ie_len = wpabuf_len(wps_ie);
2256 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2257 } else
2258 wpa_ie_len = 0;
2259 wpabuf_free(wps_ie);
2260 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2261 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2262 params.wps = WPS_MODE_PRIVACY;
2263 else
2264 params.wps = WPS_MODE_OPEN;
2265 wpa_s->wpa_proto = 0;
2266 #endif /* CONFIG_WPS */
2267 } else {
2268 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2269 wpa_ie_len = 0;
2270 wpa_s->wpa_proto = 0;
2271 }
2272
2273 #ifdef CONFIG_P2P
2274 if (wpa_s->global->p2p) {
2275 u8 *pos;
2276 size_t len;
2277 int res;
2278 pos = wpa_ie + wpa_ie_len;
2279 len = sizeof(wpa_ie) - wpa_ie_len;
2280 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2281 ssid->p2p_group);
2282 if (res >= 0)
2283 wpa_ie_len += res;
2284 }
2285
2286 wpa_s->cross_connect_disallowed = 0;
2287 if (bss) {
2288 struct wpabuf *p2p;
2289 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2290 if (p2p) {
2291 wpa_s->cross_connect_disallowed =
2292 p2p_get_cross_connect_disallowed(p2p);
2293 wpabuf_free(p2p);
2294 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2295 "connection",
2296 wpa_s->cross_connect_disallowed ?
2297 "disallows" : "allows");
2298 }
2299 }
2300
2301 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2302 #endif /* CONFIG_P2P */
2303
2304 #ifdef CONFIG_MBO
2305 if (bss) {
2306 mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE);
2307 if (mbo) {
2308 int len;
2309
2310 len = wpas_mbo_supp_op_class_ie(wpa_s, bss->freq,
2311 wpa_ie + wpa_ie_len,
2312 sizeof(wpa_ie) -
2313 wpa_ie_len);
2314 if (len > 0)
2315 wpa_ie_len += len;
2316 }
2317 }
2318 #endif /* CONFIG_MBO */
2319
2320 /*
2321 * Workaround: Add Extended Capabilities element only if the AP
2322 * included this element in Beacon/Probe Response frames. Some older
2323 * APs seem to have interoperability issues if this element is
2324 * included, so while the standard may require us to include the
2325 * element in all cases, it is justifiable to skip it to avoid
2326 * interoperability issues.
2327 */
2328 if (ssid->p2p_group)
2329 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2330 else
2331 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2332
2333 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2334 u8 ext_capab[18];
2335 int ext_capab_len;
2336 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2337 sizeof(ext_capab));
2338 if (ext_capab_len > 0) {
2339 u8 *pos = wpa_ie;
2340 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2341 pos += 2 + pos[1];
2342 os_memmove(pos + ext_capab_len, pos,
2343 wpa_ie_len - (pos - wpa_ie));
2344 wpa_ie_len += ext_capab_len;
2345 os_memcpy(pos, ext_capab, ext_capab_len);
2346 }
2347 }
2348
2349 #ifdef CONFIG_HS20
2350 if (is_hs20_network(wpa_s, ssid, bss)) {
2351 struct wpabuf *hs20;
2352
2353 hs20 = wpabuf_alloc(20);
2354 if (hs20) {
2355 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2356 size_t len;
2357
2358 wpas_hs20_add_indication(hs20, pps_mo_id);
2359 len = sizeof(wpa_ie) - wpa_ie_len;
2360 if (wpabuf_len(hs20) <= len) {
2361 os_memcpy(wpa_ie + wpa_ie_len,
2362 wpabuf_head(hs20), wpabuf_len(hs20));
2363 wpa_ie_len += wpabuf_len(hs20);
2364 }
2365 wpabuf_free(hs20);
2366
2367 hs20_configure_frame_filters(wpa_s);
2368 }
2369 }
2370 #endif /* CONFIG_HS20 */
2371
2372 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2373 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2374 size_t len;
2375
2376 len = sizeof(wpa_ie) - wpa_ie_len;
2377 if (wpabuf_len(buf) <= len) {
2378 os_memcpy(wpa_ie + wpa_ie_len,
2379 wpabuf_head(buf), wpabuf_len(buf));
2380 wpa_ie_len += wpabuf_len(buf);
2381 }
2382 }
2383
2384 #ifdef CONFIG_FST
2385 if (wpa_s->fst_ies) {
2386 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2387
2388 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2389 os_memcpy(wpa_ie + wpa_ie_len,
2390 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2391 wpa_ie_len += fst_ies_len;
2392 }
2393 }
2394 #endif /* CONFIG_FST */
2395
2396 #ifdef CONFIG_MBO
2397 if (mbo) {
2398 int len;
2399
2400 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2401 sizeof(wpa_ie) - wpa_ie_len);
2402 if (len >= 0)
2403 wpa_ie_len += len;
2404 }
2405 #endif /* CONFIG_MBO */
2406
2407 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2408 use_crypt = 1;
2409 cipher_pairwise = wpa_s->pairwise_cipher;
2410 cipher_group = wpa_s->group_cipher;
2411 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2412 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2413 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2414 use_crypt = 0;
2415 if (wpa_set_wep_keys(wpa_s, ssid)) {
2416 use_crypt = 1;
2417 wep_keys_set = 1;
2418 }
2419 }
2420 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2421 use_crypt = 0;
2422
2423 #ifdef IEEE8021X_EAPOL
2424 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2425 if ((ssid->eapol_flags &
2426 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2427 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2428 !wep_keys_set) {
2429 use_crypt = 0;
2430 } else {
2431 /* Assume that dynamic WEP-104 keys will be used and
2432 * set cipher suites in order for drivers to expect
2433 * encryption. */
2434 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2435 }
2436 }
2437 #endif /* IEEE8021X_EAPOL */
2438
2439 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2440 /* Set the key before (and later after) association */
2441 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2442 }
2443
2444 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2445 if (bss) {
2446 params.ssid = bss->ssid;
2447 params.ssid_len = bss->ssid_len;
2448 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2449 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2450 MACSTR " freq=%u MHz based on scan results "
2451 "(bssid_set=%d)",
2452 MAC2STR(bss->bssid), bss->freq,
2453 ssid->bssid_set);
2454 params.bssid = bss->bssid;
2455 params.freq.freq = bss->freq;
2456 }
2457 params.bssid_hint = bss->bssid;
2458 params.freq_hint = bss->freq;
2459 params.pbss = bss_is_pbss(bss);
2460 } else {
2461 params.ssid = ssid->ssid;
2462 params.ssid_len = ssid->ssid_len;
2463 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2464 }
2465
2466 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2467 wpa_s->conf->ap_scan == 2) {
2468 params.bssid = ssid->bssid;
2469 params.fixed_bssid = 1;
2470 }
2471
2472 /* Initial frequency for IBSS/mesh */
2473 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2474 ssid->frequency > 0 && params.freq.freq == 0)
2475 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2476
2477 if (ssid->mode == WPAS_MODE_IBSS) {
2478 params.fixed_freq = ssid->fixed_freq;
2479 if (ssid->beacon_int)
2480 params.beacon_int = ssid->beacon_int;
2481 else
2482 params.beacon_int = wpa_s->conf->beacon_int;
2483 }
2484
2485 params.wpa_ie = wpa_ie;
2486 params.wpa_ie_len = wpa_ie_len;
2487 params.pairwise_suite = cipher_pairwise;
2488 params.group_suite = cipher_group;
2489 params.key_mgmt_suite = wpa_s->key_mgmt;
2490 params.wpa_proto = wpa_s->wpa_proto;
2491 params.auth_alg = algs;
2492 params.mode = ssid->mode;
2493 params.bg_scan_period = ssid->bg_scan_period;
2494 for (i = 0; i < NUM_WEP_KEYS; i++) {
2495 if (ssid->wep_key_len[i])
2496 params.wep_key[i] = ssid->wep_key[i];
2497 params.wep_key_len[i] = ssid->wep_key_len[i];
2498 }
2499 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2500
2501 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2502 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2503 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2504 params.passphrase = ssid->passphrase;
2505 if (ssid->psk_set)
2506 params.psk = ssid->psk;
2507 }
2508
2509 if (wpa_s->conf->key_mgmt_offload) {
2510 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2511 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2512 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2513 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2514 params.req_key_mgmt_offload =
2515 ssid->proactive_key_caching < 0 ?
2516 wpa_s->conf->okc : ssid->proactive_key_caching;
2517 else
2518 params.req_key_mgmt_offload = 1;
2519
2520 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2521 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2522 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2523 ssid->psk_set)
2524 params.psk = ssid->psk;
2525 }
2526
2527 params.drop_unencrypted = use_crypt;
2528
2529 #ifdef CONFIG_IEEE80211W
2530 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2531 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2532 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2533 struct wpa_ie_data ie;
2534 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2535 ie.capabilities &
2536 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2537 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2538 "MFP: require MFP");
2539 params.mgmt_frame_protection =
2540 MGMT_FRAME_PROTECTION_REQUIRED;
2541 }
2542 }
2543 #endif /* CONFIG_IEEE80211W */
2544
2545 params.p2p = ssid->p2p_group;
2546
2547 if (wpa_s->p2pdev->set_sta_uapsd)
2548 params.uapsd = wpa_s->p2pdev->sta_uapsd;
2549 else
2550 params.uapsd = -1;
2551
2552 #ifdef CONFIG_HT_OVERRIDES
2553 os_memset(&htcaps, 0, sizeof(htcaps));
2554 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2555 params.htcaps = (u8 *) &htcaps;
2556 params.htcaps_mask = (u8 *) &htcaps_mask;
2557 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
2558 #endif /* CONFIG_HT_OVERRIDES */
2559 #ifdef CONFIG_VHT_OVERRIDES
2560 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2561 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2562 params.vhtcaps = &vhtcaps;
2563 params.vhtcaps_mask = &vhtcaps_mask;
2564 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
2565 #endif /* CONFIG_VHT_OVERRIDES */
2566
2567 #ifdef CONFIG_P2P
2568 /*
2569 * If multi-channel concurrency is not supported, check for any
2570 * frequency conflict. In case of any frequency conflict, remove the
2571 * least prioritized connection.
2572 */
2573 if (wpa_s->num_multichan_concurrent < 2) {
2574 int freq, num;
2575 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2576 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2577 wpa_printf(MSG_DEBUG,
2578 "Assoc conflicting freq found (%d != %d)",
2579 freq, params.freq.freq);
2580 if (wpas_p2p_handle_frequency_conflicts(
2581 wpa_s, params.freq.freq, ssid) < 0) {
2582 wpas_connect_work_done(wpa_s);
2583 return;
2584 }
2585 }
2586 }
2587 #endif /* CONFIG_P2P */
2588
2589 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
2590 wpa_s->current_ssid)
2591 params.prev_bssid = prev_bssid;
2592
2593 ret = wpa_drv_associate(wpa_s, &params);
2594 if (ret < 0) {
2595 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2596 "failed");
2597 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2598 /*
2599 * The driver is known to mean what is saying, so we
2600 * can stop right here; the association will not
2601 * succeed.
2602 */
2603 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2604 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2605 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2606 return;
2607 }
2608 /* try to continue anyway; new association will be tried again
2609 * after timeout */
2610 assoc_failed = 1;
2611 }
2612
2613 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2614 /* Set the key after the association just in case association
2615 * cleared the previously configured key. */
2616 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2617 /* No need to timeout authentication since there is no key
2618 * management. */
2619 wpa_supplicant_cancel_auth_timeout(wpa_s);
2620 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2621 #ifdef CONFIG_IBSS_RSN
2622 } else if (ssid->mode == WPAS_MODE_IBSS &&
2623 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2624 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2625 /*
2626 * RSN IBSS authentication is per-STA and we can disable the
2627 * per-BSSID authentication.
2628 */
2629 wpa_supplicant_cancel_auth_timeout(wpa_s);
2630 #endif /* CONFIG_IBSS_RSN */
2631 } else {
2632 /* Timeout for IEEE 802.11 authentication and association */
2633 int timeout = 60;
2634
2635 if (assoc_failed) {
2636 /* give IBSS a bit more time */
2637 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2638 } else if (wpa_s->conf->ap_scan == 1) {
2639 /* give IBSS a bit more time */
2640 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2641 }
2642 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2643 }
2644
2645 if (wep_keys_set &&
2646 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2647 /* Set static WEP keys again */
2648 wpa_set_wep_keys(wpa_s, ssid);
2649 }
2650
2651 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2652 /*
2653 * Do not allow EAP session resumption between different
2654 * network configurations.
2655 */
2656 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2657 }
2658 old_ssid = wpa_s->current_ssid;
2659 wpa_s->current_ssid = ssid;
2660
2661 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2662 wpa_s->current_bss = bss;
2663 #ifdef CONFIG_HS20
2664 hs20_configure_frame_filters(wpa_s);
2665 #endif /* CONFIG_HS20 */
2666 }
2667
2668 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2669 wpa_supplicant_initiate_eapol(wpa_s);
2670 if (old_ssid != wpa_s->current_ssid)
2671 wpas_notify_network_changed(wpa_s);
2672 }
2673
2674
2675 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2676 const u8 *addr)
2677 {
2678 struct wpa_ssid *old_ssid;
2679
2680 wpas_connect_work_done(wpa_s);
2681 wpa_clear_keys(wpa_s, addr);
2682 old_ssid = wpa_s->current_ssid;
2683 wpa_supplicant_mark_disassoc(wpa_s);
2684 wpa_sm_set_config(wpa_s->wpa, NULL);
2685 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2686 if (old_ssid != wpa_s->current_ssid)
2687 wpas_notify_network_changed(wpa_s);
2688 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2689 }
2690
2691
2692 /**
2693 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2694 * @wpa_s: Pointer to wpa_supplicant data
2695 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2696 *
2697 * This function is used to request %wpa_supplicant to deauthenticate from the
2698 * current AP.
2699 */
2700 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2701 int reason_code)
2702 {
2703 u8 *addr = NULL;
2704 union wpa_event_data event;
2705 int zero_addr = 0;
2706
2707 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2708 " pending_bssid=" MACSTR " reason=%d state=%s",
2709 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2710 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2711
2712 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2713 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2714 wpa_s->wpa_state == WPA_ASSOCIATING))
2715 addr = wpa_s->pending_bssid;
2716 else if (!is_zero_ether_addr(wpa_s->bssid))
2717 addr = wpa_s->bssid;
2718 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2719 /*
2720 * When using driver-based BSS selection, we may not know the
2721 * BSSID with which we are currently trying to associate. We
2722 * need to notify the driver of this disconnection even in such
2723 * a case, so use the all zeros address here.
2724 */
2725 addr = wpa_s->bssid;
2726 zero_addr = 1;
2727 }
2728
2729 #ifdef CONFIG_TDLS
2730 wpa_tdls_teardown_peers(wpa_s->wpa);
2731 #endif /* CONFIG_TDLS */
2732
2733 #ifdef CONFIG_MESH
2734 if (wpa_s->ifmsh) {
2735 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2736 wpa_s->ifname);
2737 wpa_supplicant_leave_mesh(wpa_s);
2738 }
2739 #endif /* CONFIG_MESH */
2740
2741 if (addr) {
2742 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2743 os_memset(&event, 0, sizeof(event));
2744 event.deauth_info.reason_code = (u16) reason_code;
2745 event.deauth_info.locally_generated = 1;
2746 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2747 if (zero_addr)
2748 addr = NULL;
2749 }
2750
2751 wpa_supplicant_clear_connection(wpa_s, addr);
2752 }
2753
2754 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2755 struct wpa_ssid *ssid)
2756 {
2757 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2758 return;
2759
2760 ssid->disabled = 0;
2761 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2762 wpas_notify_network_enabled_changed(wpa_s, ssid);
2763
2764 /*
2765 * Try to reassociate since there is no current configuration and a new
2766 * network was made available.
2767 */
2768 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2769 wpa_s->reassociate = 1;
2770 }
2771
2772
2773 /**
2774 * wpa_supplicant_add_network - Add a new network
2775 * @wpa_s: wpa_supplicant structure for a network interface
2776 * Returns: The new network configuration or %NULL if operation failed
2777 *
2778 * This function performs the following operations:
2779 * 1. Adds a new network.
2780 * 2. Send network addition notification.
2781 * 3. Marks the network disabled.
2782 * 4. Set network default parameters.
2783 */
2784 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
2785 {
2786 struct wpa_ssid *ssid;
2787
2788 ssid = wpa_config_add_network(wpa_s->conf);
2789 if (!ssid)
2790 return NULL;
2791 wpas_notify_network_added(wpa_s, ssid);
2792 ssid->disabled = 1;
2793 wpa_config_set_network_defaults(ssid);
2794
2795 return ssid;
2796 }
2797
2798
2799 /**
2800 * wpa_supplicant_remove_network - Remove a configured network based on id
2801 * @wpa_s: wpa_supplicant structure for a network interface
2802 * @id: Unique network id to search for
2803 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
2804 * could not be removed
2805 *
2806 * This function performs the following operations:
2807 * 1. Removes the network.
2808 * 2. Send network removal notification.
2809 * 3. Update internal state machines.
2810 * 4. Stop any running sched scans.
2811 */
2812 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
2813 {
2814 struct wpa_ssid *ssid;
2815 int was_disabled;
2816
2817 ssid = wpa_config_get_network(wpa_s->conf, id);
2818 if (!ssid)
2819 return -1;
2820 wpas_notify_network_removed(wpa_s, ssid);
2821
2822 if (wpa_s->last_ssid == ssid)
2823 wpa_s->last_ssid = NULL;
2824
2825 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
2826 #ifdef CONFIG_SME
2827 wpa_s->sme.prev_bssid_set = 0;
2828 #endif /* CONFIG_SME */
2829 /*
2830 * Invalidate the EAP session cache if the current or
2831 * previously used network is removed.
2832 */
2833 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2834 }
2835
2836 if (ssid == wpa_s->current_ssid) {
2837 wpa_sm_set_config(wpa_s->wpa, NULL);
2838 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2839
2840 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2841 wpa_s->own_disconnect_req = 1;
2842 wpa_supplicant_deauthenticate(wpa_s,
2843 WLAN_REASON_DEAUTH_LEAVING);
2844 }
2845
2846 was_disabled = ssid->disabled;
2847
2848 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
2849 return -2;
2850
2851 if (!was_disabled && wpa_s->sched_scanning) {
2852 wpa_printf(MSG_DEBUG,
2853 "Stop ongoing sched_scan to remove network from filters");
2854 wpa_supplicant_cancel_sched_scan(wpa_s);
2855 wpa_supplicant_req_scan(wpa_s, 0, 0);
2856 }
2857
2858 return 0;
2859 }
2860
2861
2862 /**
2863 * wpa_supplicant_enable_network - Mark a configured network as enabled
2864 * @wpa_s: wpa_supplicant structure for a network interface
2865 * @ssid: wpa_ssid structure for a configured network or %NULL
2866 *
2867 * Enables the specified network or all networks if no network specified.
2868 */
2869 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2870 struct wpa_ssid *ssid)
2871 {
2872 if (ssid == NULL) {
2873 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2874 wpa_supplicant_enable_one_network(wpa_s, ssid);
2875 } else
2876 wpa_supplicant_enable_one_network(wpa_s, ssid);
2877
2878 if (wpa_s->reassociate && !wpa_s->disconnected &&
2879 (!wpa_s->current_ssid ||
2880 wpa_s->wpa_state == WPA_DISCONNECTED ||
2881 wpa_s->wpa_state == WPA_SCANNING)) {
2882 if (wpa_s->sched_scanning) {
2883 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2884 "new network to scan filters");
2885 wpa_supplicant_cancel_sched_scan(wpa_s);
2886 }
2887
2888 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2889 wpa_s->scan_req = NORMAL_SCAN_REQ;
2890 wpa_supplicant_req_scan(wpa_s, 0, 0);
2891 }
2892 }
2893 }
2894
2895
2896 /**
2897 * wpa_supplicant_disable_network - Mark a configured network as disabled
2898 * @wpa_s: wpa_supplicant structure for a network interface
2899 * @ssid: wpa_ssid structure for a configured network or %NULL
2900 *
2901 * Disables the specified network or all networks if no network specified.
2902 */
2903 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2904 struct wpa_ssid *ssid)
2905 {
2906 struct wpa_ssid *other_ssid;
2907 int was_disabled;
2908
2909 if (ssid == NULL) {
2910 if (wpa_s->sched_scanning)
2911 wpa_supplicant_cancel_sched_scan(wpa_s);
2912
2913 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2914 other_ssid = other_ssid->next) {
2915 was_disabled = other_ssid->disabled;
2916 if (was_disabled == 2)
2917 continue; /* do not change persistent P2P group
2918 * data */
2919
2920 other_ssid->disabled = 1;
2921
2922 if (was_disabled != other_ssid->disabled)
2923 wpas_notify_network_enabled_changed(
2924 wpa_s, other_ssid);
2925 }
2926 if (wpa_s->current_ssid)
2927 wpa_supplicant_deauthenticate(
2928 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2929 } else if (ssid->disabled != 2) {
2930 if (ssid == wpa_s->current_ssid)
2931 wpa_supplicant_deauthenticate(
2932 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2933
2934 was_disabled = ssid->disabled;
2935
2936 ssid->disabled = 1;
2937
2938 if (was_disabled != ssid->disabled) {
2939 wpas_notify_network_enabled_changed(wpa_s, ssid);
2940 if (wpa_s->sched_scanning) {
2941 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2942 "to remove network from filters");
2943 wpa_supplicant_cancel_sched_scan(wpa_s);
2944 wpa_supplicant_req_scan(wpa_s, 0, 0);
2945 }
2946 }
2947 }
2948 }
2949
2950
2951 /**
2952 * wpa_supplicant_select_network - Attempt association with a network
2953 * @wpa_s: wpa_supplicant structure for a network interface
2954 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2955 */
2956 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2957 struct wpa_ssid *ssid)
2958 {
2959
2960 struct wpa_ssid *other_ssid;
2961 int disconnected = 0;
2962
2963 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2964 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2965 wpa_s->own_disconnect_req = 1;
2966 wpa_supplicant_deauthenticate(
2967 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2968 disconnected = 1;
2969 }
2970
2971 if (ssid)
2972 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2973
2974 /*
2975 * Mark all other networks disabled or mark all networks enabled if no
2976 * network specified.
2977 */
2978 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2979 other_ssid = other_ssid->next) {
2980 int was_disabled = other_ssid->disabled;
2981 if (was_disabled == 2)
2982 continue; /* do not change persistent P2P group data */
2983
2984 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2985 if (was_disabled && !other_ssid->disabled)
2986 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2987
2988 if (was_disabled != other_ssid->disabled)
2989 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2990 }
2991
2992 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
2993 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2994 /* We are already associated with the selected network */
2995 wpa_printf(MSG_DEBUG, "Already associated with the "
2996 "selected network - do nothing");
2997 return;
2998 }
2999
3000 if (ssid) {
3001 wpa_s->current_ssid = ssid;
3002 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3003 wpa_s->connect_without_scan =
3004 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
3005
3006 /*
3007 * Don't optimize next scan freqs since a new ESS has been
3008 * selected.
3009 */
3010 os_free(wpa_s->next_scan_freqs);
3011 wpa_s->next_scan_freqs = NULL;
3012 } else {
3013 wpa_s->connect_without_scan = NULL;
3014 }
3015
3016 wpa_s->disconnected = 0;
3017 wpa_s->reassociate = 1;
3018
3019 if (wpa_s->connect_without_scan ||
3020 wpa_supplicant_fast_associate(wpa_s) != 1) {
3021 wpa_s->scan_req = NORMAL_SCAN_REQ;
3022 wpas_scan_reset_sched_scan(wpa_s);
3023 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
3024 }
3025
3026 if (ssid)
3027 wpas_notify_network_selected(wpa_s, ssid);
3028 }
3029
3030
3031 /**
3032 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3033 * @wpa_s: wpa_supplicant structure for a network interface
3034 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3035 * @pkcs11_module_path: PKCS #11 module path or NULL
3036 * Returns: 0 on success; -1 on failure
3037 *
3038 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3039 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3040 * module path fails the paths will be reset to the default value (NULL).
3041 */
3042 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3043 const char *pkcs11_engine_path,
3044 const char *pkcs11_module_path)
3045 {
3046 char *pkcs11_engine_path_copy = NULL;
3047 char *pkcs11_module_path_copy = NULL;
3048
3049 if (pkcs11_engine_path != NULL) {
3050 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3051 if (pkcs11_engine_path_copy == NULL)
3052 return -1;
3053 }
3054 if (pkcs11_module_path != NULL) {
3055 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
3056 if (pkcs11_module_path_copy == NULL) {
3057 os_free(pkcs11_engine_path_copy);
3058 return -1;
3059 }
3060 }
3061
3062 os_free(wpa_s->conf->pkcs11_engine_path);
3063 os_free(wpa_s->conf->pkcs11_module_path);
3064 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3065 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3066
3067 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3068 eapol_sm_deinit(wpa_s->eapol);
3069 wpa_s->eapol = NULL;
3070 if (wpa_supplicant_init_eapol(wpa_s)) {
3071 /* Error -> Reset paths to the default value (NULL) once. */
3072 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3073 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3074 NULL);
3075
3076 return -1;
3077 }
3078 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3079
3080 return 0;
3081 }
3082
3083
3084 /**
3085 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3086 * @wpa_s: wpa_supplicant structure for a network interface
3087 * @ap_scan: AP scan mode
3088 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3089 *
3090 */
3091 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3092 {
3093
3094 int old_ap_scan;
3095
3096 if (ap_scan < 0 || ap_scan > 2)
3097 return -1;
3098
3099 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3100 wpa_printf(MSG_INFO,
3101 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3102 }
3103
3104 #ifdef ANDROID
3105 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3106 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3107 wpa_s->wpa_state < WPA_COMPLETED) {
3108 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3109 "associating", wpa_s->conf->ap_scan, ap_scan);
3110 return 0;
3111 }
3112 #endif /* ANDROID */
3113
3114 old_ap_scan = wpa_s->conf->ap_scan;
3115 wpa_s->conf->ap_scan = ap_scan;
3116
3117 if (old_ap_scan != wpa_s->conf->ap_scan)
3118 wpas_notify_ap_scan_changed(wpa_s);
3119
3120 return 0;
3121 }
3122
3123
3124 /**
3125 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3126 * @wpa_s: wpa_supplicant structure for a network interface
3127 * @expire_age: Expiration age in seconds
3128 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3129 *
3130 */
3131 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3132 unsigned int bss_expire_age)
3133 {
3134 if (bss_expire_age < 10) {
3135 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3136 bss_expire_age);
3137 return -1;
3138 }
3139 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3140 bss_expire_age);
3141 wpa_s->conf->bss_expiration_age = bss_expire_age;
3142
3143 return 0;
3144 }
3145
3146
3147 /**
3148 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3149 * @wpa_s: wpa_supplicant structure for a network interface
3150 * @expire_count: number of scans after which an unseen BSS is reclaimed
3151 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3152 *
3153 */
3154 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3155 unsigned int bss_expire_count)
3156 {
3157 if (bss_expire_count < 1) {
3158 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3159 bss_expire_count);
3160 return -1;
3161 }
3162 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3163 bss_expire_count);
3164 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3165
3166 return 0;
3167 }
3168
3169
3170 /**
3171 * wpa_supplicant_set_scan_interval - Set scan interval
3172 * @wpa_s: wpa_supplicant structure for a network interface
3173 * @scan_interval: scan interval in seconds
3174 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3175 *
3176 */
3177 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3178 int scan_interval)
3179 {
3180 if (scan_interval < 0) {
3181 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3182 scan_interval);
3183 return -1;
3184 }
3185 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3186 scan_interval);
3187 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3188
3189 return 0;
3190 }
3191
3192
3193 /**
3194 * wpa_supplicant_set_debug_params - Set global debug params
3195 * @global: wpa_global structure
3196 * @debug_level: debug level
3197 * @debug_timestamp: determines if show timestamp in debug data
3198 * @debug_show_keys: determines if show keys in debug data
3199 * Returns: 0 if succeed or -1 if debug_level has wrong value
3200 */
3201 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3202 int debug_timestamp, int debug_show_keys)
3203 {
3204
3205 int old_level, old_timestamp, old_show_keys;
3206
3207 /* check for allowed debuglevels */
3208 if (debug_level != MSG_EXCESSIVE &&
3209 debug_level != MSG_MSGDUMP &&
3210 debug_level != MSG_DEBUG &&
3211 debug_level != MSG_INFO &&
3212 debug_level != MSG_WARNING &&
3213 debug_level != MSG_ERROR)
3214 return -1;
3215
3216 old_level = wpa_debug_level;
3217 old_timestamp = wpa_debug_timestamp;
3218 old_show_keys = wpa_debug_show_keys;
3219
3220 wpa_debug_level = debug_level;
3221 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3222 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3223
3224 if (wpa_debug_level != old_level)
3225 wpas_notify_debug_level_changed(global);
3226 if (wpa_debug_timestamp != old_timestamp)
3227 wpas_notify_debug_timestamp_changed(global);
3228 if (wpa_debug_show_keys != old_show_keys)
3229 wpas_notify_debug_show_keys_changed(global);
3230
3231 return 0;
3232 }
3233
3234
3235 /**
3236 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3237 * @wpa_s: Pointer to wpa_supplicant data
3238 * Returns: A pointer to the current network structure or %NULL on failure
3239 */
3240 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3241 {
3242 struct wpa_ssid *entry;
3243 u8 ssid[SSID_MAX_LEN];
3244 int res;
3245 size_t ssid_len;
3246 u8 bssid[ETH_ALEN];
3247 int wired;
3248
3249 res = wpa_drv_get_ssid(wpa_s, ssid);
3250 if (res < 0) {
3251 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3252 "driver");
3253 return NULL;
3254 }
3255 ssid_len = res;
3256
3257 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3258 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3259 "driver");
3260 return NULL;
3261 }
3262
3263 wired = wpa_s->conf->ap_scan == 0 &&
3264 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3265
3266 entry = wpa_s->conf->ssid;
3267 while (entry) {
3268 if (!wpas_network_disabled(wpa_s, entry) &&
3269 ((ssid_len == entry->ssid_len &&
3270 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3271 (!entry->bssid_set ||
3272 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3273 return entry;
3274 #ifdef CONFIG_WPS
3275 if (!wpas_network_disabled(wpa_s, entry) &&
3276 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3277 (entry->ssid == NULL || entry->ssid_len == 0) &&
3278 (!entry->bssid_set ||
3279 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3280 return entry;
3281 #endif /* CONFIG_WPS */
3282
3283 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3284 entry->ssid_len == 0 &&
3285 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3286 return entry;
3287
3288 entry = entry->next;
3289 }
3290
3291 return NULL;
3292 }
3293
3294
3295 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3296 {
3297 struct wpa_global *global = wpa_s->global;
3298
3299 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3300 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3301 if (global->drv_priv[i] == NULL) {
3302 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3303 "'%s'", wpa_drivers[i]->name);
3304 return -1;
3305 }
3306 }
3307
3308 wpa_s->driver = wpa_drivers[i];
3309 wpa_s->global_drv_priv = global->drv_priv[i];
3310
3311 return 0;
3312 }
3313
3314
3315 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3316 const char *name)
3317 {
3318 int i;
3319 size_t len;
3320 const char *pos, *driver = name;
3321
3322 if (wpa_s == NULL)
3323 return -1;
3324
3325 if (wpa_drivers[0] == NULL) {
3326 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3327 "wpa_supplicant");
3328 return -1;
3329 }
3330
3331 if (name == NULL) {
3332 /* default to first driver in the list */
3333 return select_driver(wpa_s, 0);
3334 }
3335
3336 do {
3337 pos = os_strchr(driver, ',');
3338 if (pos)
3339 len = pos - driver;
3340 else
3341 len = os_strlen(driver);
3342
3343 for (i = 0; wpa_drivers[i]; i++) {
3344 if (os_strlen(wpa_drivers[i]->name) == len &&
3345 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3346 0) {
3347 /* First driver that succeeds wins */
3348 if (select_driver(wpa_s, i) == 0)
3349 return 0;
3350 }
3351 }
3352
3353 driver = pos + 1;
3354 } while (pos);
3355
3356 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3357 return -1;
3358 }
3359
3360
3361 /**
3362 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3363 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3364 * with struct wpa_driver_ops::init()
3365 * @src_addr: Source address of the EAPOL frame
3366 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3367 * @len: Length of the EAPOL data
3368 *
3369 * This function is called for each received EAPOL frame. Most driver
3370 * interfaces rely on more generic OS mechanism for receiving frames through
3371 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3372 * take care of received EAPOL frames and deliver them to the core supplicant
3373 * code by calling this function.
3374 */
3375 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3376 const u8 *buf, size_t len)
3377 {
3378 struct wpa_supplicant *wpa_s = ctx;
3379
3380 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3381 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3382
3383 #ifdef CONFIG_TESTING_OPTIONS
3384 if (wpa_s->ignore_auth_resp) {
3385 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3386 return;
3387 }
3388 #endif /* CONFIG_TESTING_OPTIONS */
3389
3390 #ifdef CONFIG_PEERKEY
3391 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3392 wpa_s->current_ssid->peerkey &&
3393 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3394 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3395 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3396 return;
3397 }
3398 #endif /* CONFIG_PEERKEY */
3399
3400 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3401 (wpa_s->last_eapol_matches_bssid &&
3402 #ifdef CONFIG_AP
3403 !wpa_s->ap_iface &&
3404 #endif /* CONFIG_AP */
3405 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3406 /*
3407 * There is possible race condition between receiving the
3408 * association event and the EAPOL frame since they are coming
3409 * through different paths from the driver. In order to avoid
3410 * issues in trying to process the EAPOL frame before receiving
3411 * association information, lets queue it for processing until
3412 * the association event is received. This may also be needed in
3413 * driver-based roaming case, so also use src_addr != BSSID as a
3414 * trigger if we have previously confirmed that the
3415 * Authenticator uses BSSID as the src_addr (which is not the
3416 * case with wired IEEE 802.1X).
3417 */
3418 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3419 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3420 wpa_supplicant_state_txt(wpa_s->wpa_state),
3421 MAC2STR(wpa_s->bssid));
3422 wpabuf_free(wpa_s->pending_eapol_rx);
3423 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3424 if (wpa_s->pending_eapol_rx) {
3425 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3426 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3427 ETH_ALEN);
3428 }
3429 return;
3430 }
3431
3432 wpa_s->last_eapol_matches_bssid =
3433 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3434
3435 #ifdef CONFIG_AP
3436 if (wpa_s->ap_iface) {
3437 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3438 return;
3439 }
3440 #endif /* CONFIG_AP */
3441
3442 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3443 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3444 "no key management is configured");
3445 return;
3446 }
3447
3448 if (wpa_s->eapol_received == 0 &&
3449 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3450 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3451 wpa_s->wpa_state != WPA_COMPLETED) &&
3452 (wpa_s->current_ssid == NULL ||
3453 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3454 /* Timeout for completing IEEE 802.1X and WPA authentication */
3455 int timeout = 10;
3456
3457 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3458 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3459 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3460 /* Use longer timeout for IEEE 802.1X/EAP */
3461 timeout = 70;
3462 }
3463
3464 #ifdef CONFIG_WPS
3465 if (wpa_s->current_ssid && wpa_s->current_bss &&
3466 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3467 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3468 /*
3469 * Use shorter timeout if going through WPS AP iteration
3470 * for PIN config method with an AP that does not
3471 * advertise Selected Registrar.
3472 */
3473 struct wpabuf *wps_ie;
3474
3475 wps_ie = wpa_bss_get_vendor_ie_multi(
3476 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3477 if (wps_ie &&
3478 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3479 timeout = 10;
3480 wpabuf_free(wps_ie);
3481 }
3482 #endif /* CONFIG_WPS */
3483
3484 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3485 }
3486 wpa_s->eapol_received++;
3487
3488 if (wpa_s->countermeasures) {
3489 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3490 "EAPOL packet");
3491 return;
3492 }
3493
3494 #ifdef CONFIG_IBSS_RSN
3495 if (wpa_s->current_ssid &&
3496 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3497 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3498 return;
3499 }
3500 #endif /* CONFIG_IBSS_RSN */
3501
3502 /* Source address of the incoming EAPOL frame could be compared to the
3503 * current BSSID. However, it is possible that a centralized
3504 * Authenticator could be using another MAC address than the BSSID of
3505 * an AP, so just allow any address to be used for now. The replies are
3506 * still sent to the current BSSID (if available), though. */
3507
3508 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3509 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3510 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3511 return;
3512 wpa_drv_poll(wpa_s);
3513 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3514 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3515 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3516 /*
3517 * Set portValid = TRUE here since we are going to skip 4-way
3518 * handshake processing which would normally set portValid. We
3519 * need this to allow the EAPOL state machines to be completed
3520 * without going through EAPOL-Key handshake.
3521 */
3522 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3523 }
3524 }
3525
3526
3527 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3528 {
3529 if ((!wpa_s->p2p_mgmt ||
3530 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3531 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3532 l2_packet_deinit(wpa_s->l2);
3533 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3534 wpa_drv_get_mac_addr(wpa_s),
3535 ETH_P_EAPOL,
3536 wpa_supplicant_rx_eapol, wpa_s, 0);
3537 if (wpa_s->l2 == NULL)
3538 return -1;
3539 } else {
3540 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3541 if (addr)
3542 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3543 }
3544
3545 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3546 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3547 return -1;
3548 }
3549
3550 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3551
3552 return 0;
3553 }
3554
3555
3556 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3557 const u8 *buf, size_t len)
3558 {
3559 struct wpa_supplicant *wpa_s = ctx;
3560 const struct l2_ethhdr *eth;
3561
3562 if (len < sizeof(*eth))
3563 return;
3564 eth = (const struct l2_ethhdr *) buf;
3565
3566 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3567 !(eth->h_dest[0] & 0x01)) {
3568 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3569 " (bridge - not for this interface - ignore)",
3570 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3571 return;
3572 }
3573
3574 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3575 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3576 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3577 len - sizeof(*eth));
3578 }
3579
3580
3581 /**
3582 * wpa_supplicant_driver_init - Initialize driver interface parameters
3583 * @wpa_s: Pointer to wpa_supplicant data
3584 * Returns: 0 on success, -1 on failure
3585 *
3586 * This function is called to initialize driver interface parameters.
3587 * wpa_drv_init() must have been called before this function to initialize the
3588 * driver interface.
3589 */
3590 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3591 {
3592 static int interface_count = 0;
3593
3594 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3595 return -1;
3596
3597 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3598 MAC2STR(wpa_s->own_addr));
3599 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3600 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3601
3602 if (wpa_s->bridge_ifname[0]) {
3603 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3604 "interface '%s'", wpa_s->bridge_ifname);
3605 wpa_s->l2_br = l2_packet_init_bridge(
3606 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3607 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3608 if (wpa_s->l2_br == NULL) {
3609 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3610 "connection for the bridge interface '%s'",
3611 wpa_s->bridge_ifname);
3612 return -1;
3613 }
3614 }
3615
3616 if (wpa_s->conf->ap_scan == 2 &&
3617 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3618 wpa_printf(MSG_INFO,
3619 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3620 }
3621
3622 wpa_clear_keys(wpa_s, NULL);
3623
3624 /* Make sure that TKIP countermeasures are not left enabled (could
3625 * happen if wpa_supplicant is killed during countermeasures. */
3626 wpa_drv_set_countermeasures(wpa_s, 0);
3627
3628 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3629 wpa_drv_flush_pmkid(wpa_s);
3630
3631 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3632 wpa_s->prev_scan_wildcard = 0;
3633
3634 if (wpa_supplicant_enabled_networks(wpa_s)) {
3635 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3636 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3637 interface_count = 0;
3638 }
3639 #ifndef ANDROID
3640 if (!wpa_s->p2p_mgmt &&
3641 wpa_supplicant_delayed_sched_scan(wpa_s,
3642 interface_count % 3,
3643 100000))
3644 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3645 100000);
3646 #endif /* ANDROID */
3647 interface_count++;
3648 } else
3649 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3650
3651 return 0;
3652 }
3653
3654
3655 static int wpa_supplicant_daemon(const char *pid_file)
3656 {
3657 wpa_printf(MSG_DEBUG, "Daemonize..");
3658 return os_daemonize(pid_file);
3659 }
3660
3661
3662 static struct wpa_supplicant *
3663 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3664 {
3665 struct wpa_supplicant *wpa_s;
3666
3667 wpa_s = os_zalloc(sizeof(*wpa_s));
3668 if (wpa_s == NULL)
3669 return NULL;
3670 wpa_s->scan_req = INITIAL_SCAN_REQ;
3671 wpa_s->scan_interval = 5;
3672 wpa_s->new_connection = 1;
3673 wpa_s->parent = parent ? parent : wpa_s;
3674 wpa_s->p2pdev = wpa_s->parent;
3675 wpa_s->sched_scanning = 0;
3676
3677 dl_list_init(&wpa_s->bss_tmp_disallowed);
3678
3679 return wpa_s;
3680 }
3681
3682
3683 #ifdef CONFIG_HT_OVERRIDES
3684
3685 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3686 struct ieee80211_ht_capabilities *htcaps,
3687 struct ieee80211_ht_capabilities *htcaps_mask,
3688 const char *ht_mcs)
3689 {
3690 /* parse ht_mcs into hex array */
3691 int i;
3692 const char *tmp = ht_mcs;
3693 char *end = NULL;
3694
3695 /* If ht_mcs is null, do not set anything */
3696 if (!ht_mcs)
3697 return 0;
3698
3699 /* This is what we are setting in the kernel */
3700 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3701
3702 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3703
3704 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3705 errno = 0;
3706 long v = strtol(tmp, &end, 16);
3707 if (errno == 0) {
3708 wpa_msg(wpa_s, MSG_DEBUG,
3709 "htcap value[%i]: %ld end: %p tmp: %p",
3710 i, v, end, tmp);
3711 if (end == tmp)
3712 break;
3713
3714 htcaps->supported_mcs_set[i] = v;
3715 tmp = end;
3716 } else {
3717 wpa_msg(wpa_s, MSG_ERROR,
3718 "Failed to parse ht-mcs: %s, error: %s\n",
3719 ht_mcs, strerror(errno));
3720 return -1;
3721 }
3722 }
3723
3724 /*
3725 * If we were able to parse any values, then set mask for the MCS set.
3726 */
3727 if (i) {
3728 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3729 IEEE80211_HT_MCS_MASK_LEN - 1);
3730 /* skip the 3 reserved bits */
3731 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3732 0x1f;
3733 }
3734
3735 return 0;
3736 }
3737
3738
3739 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3740 struct ieee80211_ht_capabilities *htcaps,
3741 struct ieee80211_ht_capabilities *htcaps_mask,
3742 int disabled)
3743 {
3744 le16 msk;
3745
3746 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3747
3748 if (disabled == -1)
3749 return 0;
3750
3751 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3752 htcaps_mask->ht_capabilities_info |= msk;
3753 if (disabled)
3754 htcaps->ht_capabilities_info &= msk;
3755 else
3756 htcaps->ht_capabilities_info |= msk;
3757
3758 return 0;
3759 }
3760
3761
3762 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3763 struct ieee80211_ht_capabilities *htcaps,
3764 struct ieee80211_ht_capabilities *htcaps_mask,
3765 int factor)
3766 {
3767 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3768
3769 if (factor == -1)
3770 return 0;
3771
3772 if (factor < 0 || factor > 3) {
3773 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3774 "Must be 0-3 or -1", factor);
3775 return -EINVAL;
3776 }
3777
3778 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3779 htcaps->a_mpdu_params &= ~0x3;
3780 htcaps->a_mpdu_params |= factor & 0x3;
3781
3782 return 0;
3783 }
3784
3785
3786 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3787 struct ieee80211_ht_capabilities *htcaps,
3788 struct ieee80211_ht_capabilities *htcaps_mask,
3789 int density)
3790 {
3791 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3792
3793 if (density == -1)
3794 return 0;
3795
3796 if (density < 0 || density > 7) {
3797 wpa_msg(wpa_s, MSG_ERROR,
3798 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3799 density);
3800 return -EINVAL;
3801 }
3802
3803 htcaps_mask->a_mpdu_params |= 0x1C;
3804 htcaps->a_mpdu_params &= ~(0x1C);
3805 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3806
3807 return 0;
3808 }
3809
3810
3811 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3812 struct ieee80211_ht_capabilities *htcaps,
3813 struct ieee80211_ht_capabilities *htcaps_mask,
3814 int disabled)
3815 {
3816 /* Masking these out disables HT40 */
3817 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3818 HT_CAP_INFO_SHORT_GI40MHZ);
3819
3820 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3821
3822 if (disabled)
3823 htcaps->ht_capabilities_info &= ~msk;
3824 else
3825 htcaps->ht_capabilities_info |= msk;
3826
3827 htcaps_mask->ht_capabilities_info |= msk;
3828
3829 return 0;
3830 }
3831
3832
3833 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3834 struct ieee80211_ht_capabilities *htcaps,
3835 struct ieee80211_ht_capabilities *htcaps_mask,
3836 int disabled)
3837 {
3838 /* Masking these out disables SGI */
3839 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3840 HT_CAP_INFO_SHORT_GI40MHZ);
3841
3842 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3843
3844 if (disabled)
3845 htcaps->ht_capabilities_info &= ~msk;
3846 else
3847 htcaps->ht_capabilities_info |= msk;
3848
3849 htcaps_mask->ht_capabilities_info |= msk;
3850
3851 return 0;
3852 }
3853
3854
3855 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3856 struct ieee80211_ht_capabilities *htcaps,
3857 struct ieee80211_ht_capabilities *htcaps_mask,
3858 int disabled)
3859 {
3860 /* Masking these out disables LDPC */
3861 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3862
3863 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3864
3865 if (disabled)
3866 htcaps->ht_capabilities_info &= ~msk;
3867 else
3868 htcaps->ht_capabilities_info |= msk;
3869
3870 htcaps_mask->ht_capabilities_info |= msk;
3871
3872 return 0;
3873 }
3874
3875
3876 void wpa_supplicant_apply_ht_overrides(
3877 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3878 struct wpa_driver_associate_params *params)
3879 {
3880 struct ieee80211_ht_capabilities *htcaps;
3881 struct ieee80211_ht_capabilities *htcaps_mask;
3882
3883 if (!ssid)
3884 return;
3885
3886 params->disable_ht = ssid->disable_ht;
3887 if (!params->htcaps || !params->htcaps_mask)
3888 return;
3889
3890 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3891 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3892 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3893 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3894 ssid->disable_max_amsdu);
3895 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3896 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3897 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3898 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3899 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3900
3901 if (ssid->ht40_intolerant) {
3902 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3903 htcaps->ht_capabilities_info |= bit;
3904 htcaps_mask->ht_capabilities_info |= bit;
3905 }
3906 }
3907
3908 #endif /* CONFIG_HT_OVERRIDES */
3909
3910
3911 #ifdef CONFIG_VHT_OVERRIDES
3912 void wpa_supplicant_apply_vht_overrides(
3913 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3914 struct wpa_driver_associate_params *params)
3915 {
3916 struct ieee80211_vht_capabilities *vhtcaps;
3917 struct ieee80211_vht_capabilities *vhtcaps_mask;
3918
3919 if (!ssid)
3920 return;
3921
3922 params->disable_vht = ssid->disable_vht;
3923
3924 vhtcaps = (void *) params->vhtcaps;
3925 vhtcaps_mask = (void *) params->vhtcaps_mask;
3926
3927 if (!vhtcaps || !vhtcaps_mask)
3928 return;
3929
3930 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
3931 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
3932
3933 #ifdef CONFIG_HT_OVERRIDES
3934 /* if max ampdu is <= 3, we have to make the HT cap the same */
3935 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3936 int max_ampdu;
3937
3938 max_ampdu = (ssid->vht_capa &
3939 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3940 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3941
3942 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3943 wpa_set_ampdu_factor(wpa_s,
3944 (void *) params->htcaps,
3945 (void *) params->htcaps_mask,
3946 max_ampdu);
3947 }
3948 #endif /* CONFIG_HT_OVERRIDES */
3949
3950 #define OVERRIDE_MCS(i) \
3951 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3952 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3953 host_to_le16(3 << 2 * (i - 1)); \
3954 vhtcaps->vht_supported_mcs_set.tx_map |= \
3955 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
3956 2 * (i - 1)); \
3957 } \
3958 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3959 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3960 host_to_le16(3 << 2 * (i - 1)); \
3961 vhtcaps->vht_supported_mcs_set.rx_map |= \
3962 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
3963 2 * (i - 1)); \
3964 }
3965
3966 OVERRIDE_MCS(1);
3967 OVERRIDE_MCS(2);
3968 OVERRIDE_MCS(3);
3969 OVERRIDE_MCS(4);
3970 OVERRIDE_MCS(5);
3971 OVERRIDE_MCS(6);
3972 OVERRIDE_MCS(7);
3973 OVERRIDE_MCS(8);
3974 }
3975 #endif /* CONFIG_VHT_OVERRIDES */
3976
3977
3978 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3979 {
3980 #ifdef PCSC_FUNCS
3981 size_t len;
3982
3983 if (!wpa_s->conf->pcsc_reader)
3984 return 0;
3985
3986 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3987 if (!wpa_s->scard)
3988 return 1;
3989
3990 if (wpa_s->conf->pcsc_pin &&
3991 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3992 scard_deinit(wpa_s->scard);
3993 wpa_s->scard = NULL;
3994 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3995 return -1;
3996 }
3997
3998 len = sizeof(wpa_s->imsi) - 1;
3999 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4000 scard_deinit(wpa_s->scard);
4001 wpa_s->scard = NULL;
4002 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4003 return -1;
4004 }
4005 wpa_s->imsi[len] = '\0';
4006
4007 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4008
4009 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4010 wpa_s->imsi, wpa_s->mnc_len);
4011
4012 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4013 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4014 #endif /* PCSC_FUNCS */
4015
4016 return 0;
4017 }
4018
4019
4020 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4021 {
4022 char *val, *pos;
4023
4024 ext_password_deinit(wpa_s->ext_pw);
4025 wpa_s->ext_pw = NULL;
4026 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4027
4028 if (!wpa_s->conf->ext_password_backend)
4029 return 0;
4030
4031 val = os_strdup(wpa_s->conf->ext_password_backend);
4032 if (val == NULL)
4033 return -1;
4034 pos = os_strchr(val, ':');
4035 if (pos)
4036 *pos++ = '\0';
4037
4038 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4039
4040 wpa_s->ext_pw = ext_password_init(val, pos);
4041 os_free(val);
4042 if (wpa_s->ext_pw == NULL) {
4043 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4044 return -1;
4045 }
4046 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4047
4048 return 0;
4049 }
4050
4051
4052 #ifdef CONFIG_FST
4053
4054 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4055 {
4056 struct wpa_supplicant *wpa_s = ctx;
4057
4058 return (is_zero_ether_addr(wpa_s->bssid) ||
4059 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4060 }
4061
4062
4063 static void wpas_fst_get_channel_info_cb(void *ctx,
4064 enum hostapd_hw_mode *hw_mode,
4065 u8 *channel)
4066 {
4067 struct wpa_supplicant *wpa_s = ctx;
4068
4069 if (wpa_s->current_bss) {
4070 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4071 channel);
4072 } else if (wpa_s->hw.num_modes) {
4073 *hw_mode = wpa_s->hw.modes[0].mode;
4074 } else {
4075 WPA_ASSERT(0);
4076 *hw_mode = 0;
4077 }
4078 }
4079
4080
4081 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4082 {
4083 struct wpa_supplicant *wpa_s = ctx;
4084
4085 *modes = wpa_s->hw.modes;
4086 return wpa_s->hw.num_modes;
4087 }
4088
4089
4090 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
4091 {
4092 struct wpa_supplicant *wpa_s = ctx;
4093
4094 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
4095 wpa_s->fst_ies = fst_ies;
4096 }
4097
4098
4099 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4100 {
4101 struct wpa_supplicant *wpa_s = ctx;
4102
4103 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
4104 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
4105 wpa_s->own_addr, wpa_s->bssid,
4106 wpabuf_head(data), wpabuf_len(data),
4107 0);
4108 }
4109
4110
4111 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4112 {
4113 struct wpa_supplicant *wpa_s = ctx;
4114
4115 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4116 return wpa_s->received_mb_ies;
4117 }
4118
4119
4120 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4121 const u8 *buf, size_t size)
4122 {
4123 struct wpa_supplicant *wpa_s = ctx;
4124 struct mb_ies_info info;
4125
4126 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4127
4128 if (!mb_ies_info_by_ies(&info, buf, size)) {
4129 wpabuf_free(wpa_s->received_mb_ies);
4130 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4131 }
4132 }
4133
4134
4135 static const u8 * wpas_fst_get_peer_first(void *ctx,
4136 struct fst_get_peer_ctx **get_ctx,
4137 Boolean mb_only)
4138 {
4139 struct wpa_supplicant *wpa_s = ctx;
4140
4141 *get_ctx = NULL;
4142 if (!is_zero_ether_addr(wpa_s->bssid))
4143 return (wpa_s->received_mb_ies || !mb_only) ?
4144 wpa_s->bssid : NULL;
4145 return NULL;
4146 }
4147
4148
4149 static const u8 * wpas_fst_get_peer_next(void *ctx,
4150 struct fst_get_peer_ctx **get_ctx,
4151 Boolean mb_only)
4152 {
4153 return NULL;
4154 }
4155
4156 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4157 struct fst_wpa_obj *iface_obj)
4158 {
4159 iface_obj->ctx = wpa_s;
4160 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4161 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4162 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4163 iface_obj->set_ies = wpas_fst_set_ies_cb;
4164 iface_obj->send_action = wpas_fst_send_action_cb;
4165 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4166 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4167 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4168 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4169 }
4170 #endif /* CONFIG_FST */
4171
4172 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4173 const struct wpa_driver_capa *capa)
4174 {
4175 struct wowlan_triggers *triggers;
4176 int ret = 0;
4177
4178 if (!wpa_s->conf->wowlan_triggers)
4179 return 0;
4180
4181 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4182 if (triggers) {
4183 ret = wpa_drv_wowlan(wpa_s, triggers);
4184 os_free(triggers);
4185 }
4186 return ret;
4187 }
4188
4189
4190 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4191 {
4192 if (freq < 3000)
4193 return BAND_2_4_GHZ;
4194 if (freq > 50000)
4195 return BAND_60_GHZ;
4196 return BAND_5_GHZ;
4197 }
4198
4199
4200 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4201 {
4202 int i;
4203 unsigned int band = 0;
4204
4205 if (freqs) {
4206 /* freqs are specified for the radio work */
4207 for (i = 0; freqs[i]; i++)
4208 band |= wpas_freq_to_band(freqs[i]);
4209 } else {
4210 /*
4211 * freqs are not specified, implies all
4212 * the supported freqs by HW
4213 */
4214 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4215 if (wpa_s->hw.modes[i].num_channels != 0) {
4216 if (wpa_s->hw.modes[i].mode ==
4217 HOSTAPD_MODE_IEEE80211B ||
4218 wpa_s->hw.modes[i].mode ==
4219 HOSTAPD_MODE_IEEE80211G)
4220 band |= BAND_2_4_GHZ;
4221 else if (wpa_s->hw.modes[i].mode ==
4222 HOSTAPD_MODE_IEEE80211A)
4223 band |= BAND_5_GHZ;
4224 else if (wpa_s->hw.modes[i].mode ==
4225 HOSTAPD_MODE_IEEE80211AD)
4226 band |= BAND_60_GHZ;
4227 else if (wpa_s->hw.modes[i].mode ==
4228 HOSTAPD_MODE_IEEE80211ANY)
4229 band = BAND_2_4_GHZ | BAND_5_GHZ |
4230 BAND_60_GHZ;
4231 }
4232 }
4233 }
4234
4235 return band;
4236 }
4237
4238
4239 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4240 const char *rn)
4241 {
4242 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4243 struct wpa_radio *radio;
4244
4245 while (rn && iface) {
4246 radio = iface->radio;
4247 if (radio && os_strcmp(rn, radio->name) == 0) {
4248 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4249 wpa_s->ifname, rn);
4250 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4251 return radio;
4252 }
4253
4254 iface = iface->next;
4255 }
4256
4257 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4258 wpa_s->ifname, rn ? rn : "N/A");
4259 radio = os_zalloc(sizeof(*radio));
4260 if (radio == NULL)
4261 return NULL;
4262
4263 if (rn)
4264 os_strlcpy(radio->name, rn, sizeof(radio->name));
4265 dl_list_init(&radio->ifaces);
4266 dl_list_init(&radio->work);
4267 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4268
4269 return radio;
4270 }
4271
4272
4273 static void radio_work_free(struct wpa_radio_work *work)
4274 {
4275 if (work->wpa_s->scan_work == work) {
4276 /* This should not really happen. */
4277 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4278 work->type, work, work->started);
4279 work->wpa_s->scan_work = NULL;
4280 }
4281
4282 #ifdef CONFIG_P2P
4283 if (work->wpa_s->p2p_scan_work == work) {
4284 /* This should not really happen. */
4285 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4286 work->type, work, work->started);
4287 work->wpa_s->p2p_scan_work = NULL;
4288 }
4289 #endif /* CONFIG_P2P */
4290
4291 if (work->started) {
4292 work->wpa_s->radio->num_active_works--;
4293 wpa_dbg(work->wpa_s, MSG_DEBUG,
4294 "radio_work_free('%s'@%p: num_active_works --> %u",
4295 work->type, work,
4296 work->wpa_s->radio->num_active_works);
4297 }
4298
4299 dl_list_del(&work->list);
4300 os_free(work);
4301 }
4302
4303
4304 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4305 {
4306 struct wpa_radio_work *active_work = NULL;
4307 struct wpa_radio_work *tmp;
4308
4309 /* Get the active work to know the type and band. */
4310 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4311 if (tmp->started) {
4312 active_work = tmp;
4313 break;
4314 }
4315 }
4316
4317 if (!active_work) {
4318 /* No active work, start one */
4319 radio->num_active_works = 0;
4320 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4321 list) {
4322 if (os_strcmp(tmp->type, "scan") == 0 &&
4323 radio->external_scan_running &&
4324 (((struct wpa_driver_scan_params *)
4325 tmp->ctx)->only_new_results ||
4326 tmp->wpa_s->clear_driver_scan_cache))
4327 continue;
4328 return tmp;
4329 }
4330 return NULL;
4331 }
4332
4333 if (os_strcmp(active_work->type, "sme-connect") == 0 ||
4334 os_strcmp(active_work->type, "connect") == 0) {
4335 /*
4336 * If the active work is either connect or sme-connect,
4337 * do not parallelize them with other radio works.
4338 */
4339 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4340 "Do not parallelize radio work with %s",
4341 active_work->type);
4342 return NULL;
4343 }
4344
4345 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4346 if (tmp->started)
4347 continue;
4348
4349 /*
4350 * If connect or sme-connect are enqueued, parallelize only
4351 * those operations ahead of them in the queue.
4352 */
4353 if (os_strcmp(tmp->type, "connect") == 0 ||
4354 os_strcmp(tmp->type, "sme-connect") == 0)
4355 break;
4356
4357 /*
4358 * Check that the radio works are distinct and
4359 * on different bands.
4360 */
4361 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4362 (active_work->bands != tmp->bands)) {
4363 /*
4364 * If a scan has to be scheduled through nl80211 scan
4365 * interface and if an external scan is already running,
4366 * do not schedule the scan since it is likely to get
4367 * rejected by kernel.
4368 */
4369 if (os_strcmp(tmp->type, "scan") == 0 &&
4370 radio->external_scan_running &&
4371 (((struct wpa_driver_scan_params *)
4372 tmp->ctx)->only_new_results ||
4373 tmp->wpa_s->clear_driver_scan_cache))
4374 continue;
4375
4376 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4377 "active_work:%s new_work:%s",
4378 active_work->type, tmp->type);
4379 return tmp;
4380 }
4381 }
4382
4383 /* Did not find a radio work to schedule in parallel. */
4384 return NULL;
4385 }
4386
4387
4388 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4389 {
4390 struct wpa_radio *radio = eloop_ctx;
4391 struct wpa_radio_work *work;
4392 struct os_reltime now, diff;
4393 struct wpa_supplicant *wpa_s;
4394
4395 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4396 if (work == NULL) {
4397 radio->num_active_works = 0;
4398 return;
4399 }
4400
4401 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4402 radio_list);
4403
4404 if (!(wpa_s &&
4405 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4406 if (work->started)
4407 return; /* already started and still in progress */
4408
4409 if (wpa_s && wpa_s->radio->external_scan_running) {
4410 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4411 return;
4412 }
4413 } else {
4414 work = NULL;
4415 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4416 /* get the work to schedule next */
4417 work = radio_work_get_next_work(radio);
4418 }
4419 if (!work)
4420 return;
4421 }
4422
4423 wpa_s = work->wpa_s;
4424 os_get_reltime(&now);
4425 os_reltime_sub(&now, &work->time, &diff);
4426 wpa_dbg(wpa_s, MSG_DEBUG,
4427 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4428 work->type, work, diff.sec, diff.usec);
4429 work->started = 1;
4430 work->time = now;
4431 radio->num_active_works++;
4432
4433 work->cb(work, 0);
4434
4435 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4436 radio->num_active_works < MAX_ACTIVE_WORKS)
4437 radio_work_check_next(wpa_s);
4438 }
4439
4440
4441 /*
4442 * This function removes both started and pending radio works running on
4443 * the provided interface's radio.
4444 * Prior to the removal of the radio work, its callback (cb) is called with
4445 * deinit set to be 1. Each work's callback is responsible for clearing its
4446 * internal data and restoring to a correct state.
4447 * @wpa_s: wpa_supplicant data
4448 * @type: type of works to be removed
4449 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4450 * this interface's works.
4451 */
4452 void radio_remove_works(struct wpa_supplicant *wpa_s,
4453 const char *type, int remove_all)
4454 {
4455 struct wpa_radio_work *work, *tmp;
4456 struct wpa_radio *radio = wpa_s->radio;
4457
4458 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4459 list) {
4460 if (type && os_strcmp(type, work->type) != 0)
4461 continue;
4462
4463 /* skip other ifaces' works */
4464 if (!remove_all && work->wpa_s != wpa_s)
4465 continue;
4466
4467 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4468 work->type, work, work->started ? " (started)" : "");
4469 work->cb(work, 1);
4470 radio_work_free(work);
4471 }
4472
4473 /* in case we removed the started work */
4474 radio_work_check_next(wpa_s);
4475 }
4476
4477
4478 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4479 {
4480 struct wpa_radio *radio = wpa_s->radio;
4481
4482 if (!radio)
4483 return;
4484
4485 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4486 wpa_s->ifname, radio->name);
4487 dl_list_del(&wpa_s->radio_list);
4488 radio_remove_works(wpa_s, NULL, 0);
4489 wpa_s->radio = NULL;
4490 if (!dl_list_empty(&radio->ifaces))
4491 return; /* Interfaces remain for this radio */
4492
4493 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4494 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4495 os_free(radio);
4496 }
4497
4498
4499 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4500 {
4501 struct wpa_radio *radio = wpa_s->radio;
4502
4503 if (dl_list_empty(&radio->work))
4504 return;
4505 if (wpa_s->ext_work_in_progress) {
4506 wpa_printf(MSG_DEBUG,
4507 "External radio work in progress - delay start of pending item");
4508 return;
4509 }
4510 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4511 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4512 }
4513
4514
4515 /**
4516 * radio_add_work - Add a radio work item
4517 * @wpa_s: Pointer to wpa_supplicant data
4518 * @freq: Frequency of the offchannel operation in MHz or 0
4519 * @type: Unique identifier for each type of work
4520 * @next: Force as the next work to be executed
4521 * @cb: Callback function for indicating when radio is available
4522 * @ctx: Context pointer for the work (work->ctx in cb())
4523 * Returns: 0 on success, -1 on failure
4524 *
4525 * This function is used to request time for an operation that requires
4526 * exclusive radio control. Once the radio is available, the registered callback
4527 * function will be called. radio_work_done() must be called once the exclusive
4528 * radio operation has been completed, so that the radio is freed for other
4529 * operations. The special case of deinit=1 is used to free the context data
4530 * during interface removal. That does not allow the callback function to start
4531 * the radio operation, i.e., it must free any resources allocated for the radio
4532 * work and return.
4533 *
4534 * The @freq parameter can be used to indicate a single channel on which the
4535 * offchannel operation will occur. This may allow multiple radio work
4536 * operations to be performed in parallel if they apply for the same channel.
4537 * Setting this to 0 indicates that the work item may use multiple channels or
4538 * requires exclusive control of the radio.
4539 */
4540 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4541 const char *type, int next,
4542 void (*cb)(struct wpa_radio_work *work, int deinit),
4543 void *ctx)
4544 {
4545 struct wpa_radio *radio = wpa_s->radio;
4546 struct wpa_radio_work *work;
4547 int was_empty;
4548
4549 work = os_zalloc(sizeof(*work));
4550 if (work == NULL)
4551 return -1;
4552 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4553 os_get_reltime(&work->time);
4554 work->freq = freq;
4555 work->type = type;
4556 work->wpa_s = wpa_s;
4557 work->cb = cb;
4558 work->ctx = ctx;
4559
4560 if (freq)
4561 work->bands = wpas_freq_to_band(freq);
4562 else if (os_strcmp(type, "scan") == 0 ||
4563 os_strcmp(type, "p2p-scan") == 0)
4564 work->bands = wpas_get_bands(wpa_s,
4565 ((struct wpa_driver_scan_params *)
4566 ctx)->freqs);
4567 else
4568 work->bands = wpas_get_bands(wpa_s, NULL);
4569
4570 was_empty = dl_list_empty(&wpa_s->radio->work);
4571 if (next)
4572 dl_list_add(&wpa_s->radio->work, &work->list);
4573 else
4574 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4575 if (was_empty) {
4576 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4577 radio_work_check_next(wpa_s);
4578 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4579 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4580 wpa_dbg(wpa_s, MSG_DEBUG,
4581 "Try to schedule a radio work (num_active_works=%u)",
4582 radio->num_active_works);
4583 radio_work_check_next(wpa_s);
4584 }
4585
4586 return 0;
4587 }
4588
4589
4590 /**
4591 * radio_work_done - Indicate that a radio work item has been completed
4592 * @work: Completed work
4593 *
4594 * This function is called once the callback function registered with
4595 * radio_add_work() has completed its work.
4596 */
4597 void radio_work_done(struct wpa_radio_work *work)
4598 {
4599 struct wpa_supplicant *wpa_s = work->wpa_s;
4600 struct os_reltime now, diff;
4601 unsigned int started = work->started;
4602
4603 os_get_reltime(&now);
4604 os_reltime_sub(&now, &work->time, &diff);
4605 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4606 work->type, work, started ? "done" : "canceled",
4607 diff.sec, diff.usec);
4608 radio_work_free(work);
4609 if (started)
4610 radio_work_check_next(wpa_s);
4611 }
4612
4613
4614 struct wpa_radio_work *
4615 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4616 {
4617 struct wpa_radio_work *work;
4618 struct wpa_radio *radio = wpa_s->radio;
4619
4620 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4621 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4622 return work;
4623 }
4624
4625 return NULL;
4626 }
4627
4628
4629 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4630 struct wpa_interface *iface)
4631 {
4632 const char *ifname, *driver, *rn;
4633
4634 driver = iface->driver;
4635 next_driver:
4636 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4637 return -1;
4638
4639 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4640 if (wpa_s->drv_priv == NULL) {
4641 const char *pos;
4642 pos = driver ? os_strchr(driver, ',') : NULL;
4643 if (pos) {
4644 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4645 "driver interface - try next driver wrapper");
4646 driver = pos + 1;
4647 goto next_driver;
4648 }
4649 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4650 "interface");
4651 return -1;
4652 }
4653 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4654 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4655 "driver_param '%s'", wpa_s->conf->driver_param);
4656 return -1;
4657 }
4658
4659 ifname = wpa_drv_get_ifname(wpa_s);
4660 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4661 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4662 "interface name with '%s'", ifname);
4663 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4664 }
4665
4666 rn = wpa_driver_get_radio_name(wpa_s);
4667 if (rn && rn[0] == '\0')
4668 rn = NULL;
4669
4670 wpa_s->radio = radio_add_interface(wpa_s, rn);
4671 if (wpa_s->radio == NULL)
4672 return -1;
4673
4674 return 0;
4675 }
4676
4677
4678 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4679 struct wpa_interface *iface)
4680 {
4681 struct wpa_driver_capa capa;
4682 int capa_res;
4683
4684 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4685 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4686 iface->confname ? iface->confname : "N/A",
4687 iface->driver ? iface->driver : "default",
4688 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4689 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4690
4691 if (iface->confname) {
4692 #ifdef CONFIG_BACKEND_FILE
4693 wpa_s->confname = os_rel2abs_path(iface->confname);
4694 if (wpa_s->confname == NULL) {
4695 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4696 "for configuration file '%s'.",
4697 iface->confname);
4698 return -1;
4699 }
4700 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4701 iface->confname, wpa_s->confname);
4702 #else /* CONFIG_BACKEND_FILE */
4703 wpa_s->confname = os_strdup(iface->confname);
4704 #endif /* CONFIG_BACKEND_FILE */
4705 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4706 if (wpa_s->conf == NULL) {
4707 wpa_printf(MSG_ERROR, "Failed to read or parse "
4708 "configuration '%s'.", wpa_s->confname);
4709 return -1;
4710 }
4711 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4712 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4713
4714 /*
4715 * Override ctrl_interface and driver_param if set on command
4716 * line.
4717 */
4718 if (iface->ctrl_interface) {
4719 os_free(wpa_s->conf->ctrl_interface);
4720 wpa_s->conf->ctrl_interface =
4721 os_strdup(iface->ctrl_interface);
4722 }
4723
4724 if (iface->driver_param) {
4725 os_free(wpa_s->conf->driver_param);
4726 wpa_s->conf->driver_param =
4727 os_strdup(iface->driver_param);
4728 }
4729
4730 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4731 os_free(wpa_s->conf->ctrl_interface);
4732 wpa_s->conf->ctrl_interface = NULL;
4733 }
4734 } else
4735 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4736 iface->driver_param);
4737
4738 if (wpa_s->conf == NULL) {
4739 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4740 return -1;
4741 }
4742
4743 if (iface->ifname == NULL) {
4744 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4745 return -1;
4746 }
4747 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4748 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4749 iface->ifname);
4750 return -1;
4751 }
4752 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4753
4754 if (iface->bridge_ifname) {
4755 if (os_strlen(iface->bridge_ifname) >=
4756 sizeof(wpa_s->bridge_ifname)) {
4757 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4758 "name '%s'.", iface->bridge_ifname);
4759 return -1;
4760 }
4761 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4762 sizeof(wpa_s->bridge_ifname));
4763 }
4764
4765 /* RSNA Supplicant Key Management - INITIALIZE */
4766 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4767 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4768
4769 /* Initialize driver interface and register driver event handler before
4770 * L2 receive handler so that association events are processed before
4771 * EAPOL-Key packets if both become available for the same select()
4772 * call. */
4773 if (wpas_init_driver(wpa_s, iface) < 0)
4774 return -1;
4775
4776 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4777 return -1;
4778
4779 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4780 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4781 NULL);
4782 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4783
4784 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4785 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4786 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4787 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4788 "dot11RSNAConfigPMKLifetime");
4789 return -1;
4790 }
4791
4792 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4793 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4794 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4795 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4796 "dot11RSNAConfigPMKReauthThreshold");
4797 return -1;
4798 }
4799
4800 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4801 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4802 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4803 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4804 "dot11RSNAConfigSATimeout");
4805 return -1;
4806 }
4807
4808 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4809 &wpa_s->hw.num_modes,
4810 &wpa_s->hw.flags);
4811 if (wpa_s->hw.modes) {
4812 u16 i;
4813
4814 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4815 if (wpa_s->hw.modes[i].vht_capab) {
4816 wpa_s->hw_capab = CAPAB_VHT;
4817 break;
4818 }
4819
4820 if (wpa_s->hw.modes[i].ht_capab &
4821 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4822 wpa_s->hw_capab = CAPAB_HT40;
4823 else if (wpa_s->hw.modes[i].ht_capab &&
4824 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4825 wpa_s->hw_capab = CAPAB_HT;
4826 }
4827 }
4828
4829 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4830 if (capa_res == 0) {
4831 wpa_s->drv_capa_known = 1;
4832 wpa_s->drv_flags = capa.flags;
4833 wpa_s->drv_enc = capa.enc;
4834 wpa_s->drv_smps_modes = capa.smps_modes;
4835 wpa_s->drv_rrm_flags = capa.rrm_flags;
4836 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4837 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4838 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4839 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
4840 wpa_s->max_sched_scan_plan_interval =
4841 capa.max_sched_scan_plan_interval;
4842 wpa_s->max_sched_scan_plan_iterations =
4843 capa.max_sched_scan_plan_iterations;
4844 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4845 wpa_s->max_match_sets = capa.max_match_sets;
4846 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4847 wpa_s->max_stations = capa.max_stations;
4848 wpa_s->extended_capa = capa.extended_capa;
4849 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4850 wpa_s->extended_capa_len = capa.extended_capa_len;
4851 wpa_s->num_multichan_concurrent =
4852 capa.num_multichan_concurrent;
4853 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4854
4855 if (capa.mac_addr_rand_scan_supported)
4856 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4857 if (wpa_s->sched_scan_supported &&
4858 capa.mac_addr_rand_sched_scan_supported)
4859 wpa_s->mac_addr_rand_supported |=
4860 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4861 }
4862 if (wpa_s->max_remain_on_chan == 0)
4863 wpa_s->max_remain_on_chan = 1000;
4864
4865 /*
4866 * Only take p2p_mgmt parameters when P2P Device is supported.
4867 * Doing it here as it determines whether l2_packet_init() will be done
4868 * during wpa_supplicant_driver_init().
4869 */
4870 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4871 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4872 else
4873 iface->p2p_mgmt = 1;
4874
4875 if (wpa_s->num_multichan_concurrent == 0)
4876 wpa_s->num_multichan_concurrent = 1;
4877
4878 if (wpa_supplicant_driver_init(wpa_s) < 0)
4879 return -1;
4880
4881 #ifdef CONFIG_TDLS
4882 if ((!iface->p2p_mgmt ||
4883 !(wpa_s->drv_flags &
4884 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4885 wpa_tdls_init(wpa_s->wpa))
4886 return -1;
4887 #endif /* CONFIG_TDLS */
4888
4889 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4890 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4891 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4892 return -1;
4893 }
4894
4895 #ifdef CONFIG_FST
4896 if (wpa_s->conf->fst_group_id) {
4897 struct fst_iface_cfg cfg;
4898 struct fst_wpa_obj iface_obj;
4899
4900 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4901 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4902 sizeof(cfg.group_id));
4903 cfg.priority = wpa_s->conf->fst_priority;
4904 cfg.llt = wpa_s->conf->fst_llt;
4905
4906 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4907 &iface_obj, &cfg);
4908 if (!wpa_s->fst) {
4909 wpa_msg(wpa_s, MSG_ERROR,
4910 "FST: Cannot attach iface %s to group %s",
4911 wpa_s->ifname, cfg.group_id);
4912 return -1;
4913 }
4914 }
4915 #endif /* CONFIG_FST */
4916
4917 if (wpas_wps_init(wpa_s))
4918 return -1;
4919
4920 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4921 return -1;
4922 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4923
4924 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4925 if (wpa_s->ctrl_iface == NULL) {
4926 wpa_printf(MSG_ERROR,
4927 "Failed to initialize control interface '%s'.\n"
4928 "You may have another wpa_supplicant process "
4929 "already running or the file was\n"
4930 "left by an unclean termination of wpa_supplicant "
4931 "in which case you will need\n"
4932 "to manually remove this file before starting "
4933 "wpa_supplicant again.\n",
4934 wpa_s->conf->ctrl_interface);
4935 return -1;
4936 }
4937
4938 wpa_s->gas = gas_query_init(wpa_s);
4939 if (wpa_s->gas == NULL) {
4940 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4941 return -1;
4942 }
4943
4944 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4945 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4946 return -1;
4947 }
4948
4949 if (wpa_bss_init(wpa_s) < 0)
4950 return -1;
4951
4952 /*
4953 * Set Wake-on-WLAN triggers, if configured.
4954 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4955 * have effect anyway when the interface is down).
4956 */
4957 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4958 return -1;
4959
4960 #ifdef CONFIG_EAP_PROXY
4961 {
4962 size_t len;
4963 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4964 &len);
4965 if (wpa_s->mnc_len > 0) {
4966 wpa_s->imsi[len] = '\0';
4967 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4968 wpa_s->imsi, wpa_s->mnc_len);
4969 } else {
4970 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4971 }
4972 }
4973 #endif /* CONFIG_EAP_PROXY */
4974
4975 if (pcsc_reader_init(wpa_s) < 0)
4976 return -1;
4977
4978 if (wpas_init_ext_pw(wpa_s) < 0)
4979 return -1;
4980
4981 wpas_rrm_reset(wpa_s);
4982
4983 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
4984
4985 #ifdef CONFIG_HS20
4986 hs20_init(wpa_s);
4987 #endif /* CONFIG_HS20 */
4988 #ifdef CONFIG_MBO
4989 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
4990 #endif /* CONFIG_MBO */
4991
4992 wpa_supplicant_set_default_scan_ies(wpa_s);
4993
4994 return 0;
4995 }
4996
4997
4998 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4999 int notify, int terminate)
5000 {
5001 struct wpa_global *global = wpa_s->global;
5002 struct wpa_supplicant *iface, *prev;
5003
5004 if (wpa_s == wpa_s->parent)
5005 wpas_p2p_group_remove(wpa_s, "*");
5006
5007 iface = global->ifaces;
5008 while (iface) {
5009 if (iface->p2pdev == wpa_s)
5010 iface->p2pdev = iface->parent;
5011 if (iface == wpa_s || iface->parent != wpa_s) {
5012 iface = iface->next;
5013 continue;
5014 }
5015 wpa_printf(MSG_DEBUG,
5016 "Remove remaining child interface %s from parent %s",
5017 iface->ifname, wpa_s->ifname);
5018 prev = iface;
5019 iface = iface->next;
5020 wpa_supplicant_remove_iface(global, prev, terminate);
5021 }
5022
5023 wpa_s->disconnected = 1;
5024 if (wpa_s->drv_priv) {
5025 wpa_supplicant_deauthenticate(wpa_s,
5026 WLAN_REASON_DEAUTH_LEAVING);
5027
5028 wpa_drv_set_countermeasures(wpa_s, 0);
5029 wpa_clear_keys(wpa_s, NULL);
5030 }
5031
5032 wpa_supplicant_cleanup(wpa_s);
5033 wpas_p2p_deinit_iface(wpa_s);
5034
5035 wpas_ctrl_radio_work_flush(wpa_s);
5036 radio_remove_interface(wpa_s);
5037
5038 #ifdef CONFIG_FST
5039 if (wpa_s->fst) {
5040 fst_detach(wpa_s->fst);
5041 wpa_s->fst = NULL;
5042 }
5043 if (wpa_s->received_mb_ies) {
5044 wpabuf_free(wpa_s->received_mb_ies);
5045 wpa_s->received_mb_ies = NULL;
5046 }
5047 #endif /* CONFIG_FST */
5048
5049 if (wpa_s->drv_priv)
5050 wpa_drv_deinit(wpa_s);
5051
5052 if (notify)
5053 wpas_notify_iface_removed(wpa_s);
5054
5055 if (terminate)
5056 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5057
5058 if (wpa_s->ctrl_iface) {
5059 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5060 wpa_s->ctrl_iface = NULL;
5061 }
5062
5063 #ifdef CONFIG_MESH
5064 if (wpa_s->ifmsh) {
5065 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5066 wpa_s->ifmsh = NULL;
5067 }
5068 #endif /* CONFIG_MESH */
5069
5070 if (wpa_s->conf != NULL) {
5071 wpa_config_free(wpa_s->conf);
5072 wpa_s->conf = NULL;
5073 }
5074
5075 os_free(wpa_s->ssids_from_scan_req);
5076
5077 os_free(wpa_s);
5078 }
5079
5080
5081 #ifdef CONFIG_MATCH_IFACE
5082
5083 /**
5084 * wpa_supplicant_match_iface - Match an interface description to a name
5085 * @global: Pointer to global data from wpa_supplicant_init()
5086 * @ifname: Name of the interface to match
5087 * Returns: Pointer to the created interface description or %NULL on failure
5088 */
5089 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5090 const char *ifname)
5091 {
5092 int i;
5093 struct wpa_interface *iface, *miface;
5094
5095 for (i = 0; i < global->params.match_iface_count; i++) {
5096 miface = &global->params.match_ifaces[i];
5097 if (!miface->ifname ||
5098 fnmatch(miface->ifname, ifname, 0) == 0) {
5099 iface = os_zalloc(sizeof(*iface));
5100 if (!iface)
5101 return NULL;
5102 *iface = *miface;
5103 iface->ifname = ifname;
5104 return iface;
5105 }
5106 }
5107
5108 return NULL;
5109 }
5110
5111
5112 /**
5113 * wpa_supplicant_match_existing - Match existing interfaces
5114 * @global: Pointer to global data from wpa_supplicant_init()
5115 * Returns: 0 on success, -1 on failure
5116 */
5117 static int wpa_supplicant_match_existing(struct wpa_global *global)
5118 {
5119 struct if_nameindex *ifi, *ifp;
5120 struct wpa_supplicant *wpa_s;
5121 struct wpa_interface *iface;
5122
5123 ifp = if_nameindex();
5124 if (!ifp) {
5125 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5126 return -1;
5127 }
5128
5129 for (ifi = ifp; ifi->if_name; ifi++) {
5130 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5131 if (wpa_s)
5132 continue;
5133 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5134 if (iface) {
5135 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5136 os_free(iface);
5137 if (wpa_s)
5138 wpa_s->matched = 1;
5139 }
5140 }
5141
5142 if_freenameindex(ifp);
5143 return 0;
5144 }
5145
5146 #endif /* CONFIG_MATCH_IFACE */
5147
5148
5149 /**
5150 * wpa_supplicant_add_iface - Add a new network interface
5151 * @global: Pointer to global data from wpa_supplicant_init()
5152 * @iface: Interface configuration options
5153 * @parent: Parent interface or %NULL to assign new interface as parent
5154 * Returns: Pointer to the created interface or %NULL on failure
5155 *
5156 * This function is used to add new network interfaces for %wpa_supplicant.
5157 * This can be called before wpa_supplicant_run() to add interfaces before the
5158 * main event loop has been started. In addition, new interfaces can be added
5159 * dynamically while %wpa_supplicant is already running. This could happen,
5160 * e.g., when a hotplug network adapter is inserted.
5161 */
5162 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5163 struct wpa_interface *iface,
5164 struct wpa_supplicant *parent)
5165 {
5166 struct wpa_supplicant *wpa_s;
5167 struct wpa_interface t_iface;
5168 struct wpa_ssid *ssid;
5169
5170 if (global == NULL || iface == NULL)
5171 return NULL;
5172
5173 wpa_s = wpa_supplicant_alloc(parent);
5174 if (wpa_s == NULL)
5175 return NULL;
5176
5177 wpa_s->global = global;
5178
5179 t_iface = *iface;
5180 if (global->params.override_driver) {
5181 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5182 "('%s' -> '%s')",
5183 iface->driver, global->params.override_driver);
5184 t_iface.driver = global->params.override_driver;
5185 }
5186 if (global->params.override_ctrl_interface) {
5187 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5188 "ctrl_interface ('%s' -> '%s')",
5189 iface->ctrl_interface,
5190 global->params.override_ctrl_interface);
5191 t_iface.ctrl_interface =
5192 global->params.override_ctrl_interface;
5193 }
5194 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5195 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5196 iface->ifname);
5197 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5198 return NULL;
5199 }
5200
5201 if (iface->p2p_mgmt == 0) {
5202 /* Notify the control interfaces about new iface */
5203 if (wpas_notify_iface_added(wpa_s)) {
5204 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5205 return NULL;
5206 }
5207
5208 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5209 wpas_notify_network_added(wpa_s, ssid);
5210 }
5211
5212 wpa_s->next = global->ifaces;
5213 global->ifaces = wpa_s;
5214
5215 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5216 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5217
5218 #ifdef CONFIG_P2P
5219 if (wpa_s->global->p2p == NULL &&
5220 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5222 wpas_p2p_add_p2pdev_interface(
5223 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5224 wpa_printf(MSG_INFO,
5225 "P2P: Failed to enable P2P Device interface");
5226 /* Try to continue without. P2P will be disabled. */
5227 }
5228 #endif /* CONFIG_P2P */
5229
5230 return wpa_s;
5231 }
5232
5233
5234 /**
5235 * wpa_supplicant_remove_iface - Remove a network interface
5236 * @global: Pointer to global data from wpa_supplicant_init()
5237 * @wpa_s: Pointer to the network interface to be removed
5238 * Returns: 0 if interface was removed, -1 if interface was not found
5239 *
5240 * This function can be used to dynamically remove network interfaces from
5241 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5242 * addition, this function is used to remove all remaining interfaces when
5243 * %wpa_supplicant is terminated.
5244 */
5245 int wpa_supplicant_remove_iface(struct wpa_global *global,
5246 struct wpa_supplicant *wpa_s,
5247 int terminate)
5248 {
5249 struct wpa_supplicant *prev;
5250 #ifdef CONFIG_MESH
5251 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5252 char *ifname = NULL;
5253 #endif /* CONFIG_MESH */
5254
5255 /* Remove interface from the global list of interfaces */
5256 prev = global->ifaces;
5257 if (prev == wpa_s) {
5258 global->ifaces = wpa_s->next;
5259 } else {
5260 while (prev && prev->next != wpa_s)
5261 prev = prev->next;
5262 if (prev == NULL)
5263 return -1;
5264 prev->next = wpa_s->next;
5265 }
5266
5267 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5268
5269 #ifdef CONFIG_MESH
5270 if (mesh_if_created) {
5271 ifname = os_strdup(wpa_s->ifname);
5272 if (ifname == NULL) {
5273 wpa_dbg(wpa_s, MSG_ERROR,
5274 "mesh: Failed to malloc ifname");
5275 return -1;
5276 }
5277 }
5278 #endif /* CONFIG_MESH */
5279
5280 if (global->p2p_group_formation == wpa_s)
5281 global->p2p_group_formation = NULL;
5282 if (global->p2p_invite_group == wpa_s)
5283 global->p2p_invite_group = NULL;
5284 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5285
5286 #ifdef CONFIG_MESH
5287 if (mesh_if_created) {
5288 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
5289 os_free(ifname);
5290 }
5291 #endif /* CONFIG_MESH */
5292
5293 return 0;
5294 }
5295
5296
5297 /**
5298 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5299 * @wpa_s: Pointer to the network interface
5300 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5301 */
5302 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5303 {
5304 const char *eapol_method;
5305
5306 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5307 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5308 return "NO-EAP";
5309 }
5310
5311 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5312 if (eapol_method == NULL)
5313 return "UNKNOWN-EAP";
5314
5315 return eapol_method;
5316 }
5317
5318
5319 /**
5320 * wpa_supplicant_get_iface - Get a new network interface
5321 * @global: Pointer to global data from wpa_supplicant_init()
5322 * @ifname: Interface name
5323 * Returns: Pointer to the interface or %NULL if not found
5324 */
5325 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5326 const char *ifname)
5327 {
5328 struct wpa_supplicant *wpa_s;
5329
5330 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5331 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5332 return wpa_s;
5333 }
5334 return NULL;
5335 }
5336
5337
5338 #ifndef CONFIG_NO_WPA_MSG
5339 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5340 {
5341 struct wpa_supplicant *wpa_s = ctx;
5342 if (wpa_s == NULL)
5343 return NULL;
5344 return wpa_s->ifname;
5345 }
5346 #endif /* CONFIG_NO_WPA_MSG */
5347
5348
5349 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5350 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5351 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5352
5353 /* Periodic cleanup tasks */
5354 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5355 {
5356 struct wpa_global *global = eloop_ctx;
5357 struct wpa_supplicant *wpa_s;
5358
5359 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5360 wpas_periodic, global, NULL);
5361
5362 #ifdef CONFIG_P2P
5363 if (global->p2p)
5364 p2p_expire_peers(global->p2p);
5365 #endif /* CONFIG_P2P */
5366
5367 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5368 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5369 #ifdef CONFIG_AP
5370 ap_periodic(wpa_s);
5371 #endif /* CONFIG_AP */
5372 }
5373 }
5374
5375
5376 /**
5377 * wpa_supplicant_init - Initialize %wpa_supplicant
5378 * @params: Parameters for %wpa_supplicant
5379 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5380 *
5381 * This function is used to initialize %wpa_supplicant. After successful
5382 * initialization, the returned data pointer can be used to add and remove
5383 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5384 */
5385 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5386 {
5387 struct wpa_global *global;
5388 int ret, i;
5389
5390 if (params == NULL)
5391 return NULL;
5392
5393 #ifdef CONFIG_DRIVER_NDIS
5394 {
5395 void driver_ndis_init_ops(void);
5396 driver_ndis_init_ops();
5397 }
5398 #endif /* CONFIG_DRIVER_NDIS */
5399
5400 #ifndef CONFIG_NO_WPA_MSG
5401 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5402 #endif /* CONFIG_NO_WPA_MSG */
5403
5404 if (params->wpa_debug_file_path)
5405 wpa_debug_open_file(params->wpa_debug_file_path);
5406 else
5407 wpa_debug_setup_stdout();
5408 if (params->wpa_debug_syslog)
5409 wpa_debug_open_syslog();
5410 if (params->wpa_debug_tracing) {
5411 ret = wpa_debug_open_linux_tracing();
5412 if (ret) {
5413 wpa_printf(MSG_ERROR,
5414 "Failed to enable trace logging");
5415 return NULL;
5416 }
5417 }
5418
5419 ret = eap_register_methods();
5420 if (ret) {
5421 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5422 if (ret == -2)
5423 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5424 "the same EAP type.");
5425 return NULL;
5426 }
5427
5428 global = os_zalloc(sizeof(*global));
5429 if (global == NULL)
5430 return NULL;
5431 dl_list_init(&global->p2p_srv_bonjour);
5432 dl_list_init(&global->p2p_srv_upnp);
5433 global->params.daemonize = params->daemonize;
5434 global->params.wait_for_monitor = params->wait_for_monitor;
5435 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5436 if (params->pid_file)
5437 global->params.pid_file = os_strdup(params->pid_file);
5438 if (params->ctrl_interface)
5439 global->params.ctrl_interface =
5440 os_strdup(params->ctrl_interface);
5441 if (params->ctrl_interface_group)
5442 global->params.ctrl_interface_group =
5443 os_strdup(params->ctrl_interface_group);
5444 if (params->override_driver)
5445 global->params.override_driver =
5446 os_strdup(params->override_driver);
5447 if (params->override_ctrl_interface)
5448 global->params.override_ctrl_interface =
5449 os_strdup(params->override_ctrl_interface);
5450 #ifdef CONFIG_MATCH_IFACE
5451 global->params.match_iface_count = params->match_iface_count;
5452 if (params->match_iface_count) {
5453 global->params.match_ifaces =
5454 os_calloc(params->match_iface_count,
5455 sizeof(struct wpa_interface));
5456 os_memcpy(global->params.match_ifaces,
5457 params->match_ifaces,
5458 params->match_iface_count *
5459 sizeof(struct wpa_interface));
5460 }
5461 #endif /* CONFIG_MATCH_IFACE */
5462 #ifdef CONFIG_P2P
5463 if (params->conf_p2p_dev)
5464 global->params.conf_p2p_dev =
5465 os_strdup(params->conf_p2p_dev);
5466 #endif /* CONFIG_P2P */
5467 wpa_debug_level = global->params.wpa_debug_level =
5468 params->wpa_debug_level;
5469 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5470 params->wpa_debug_show_keys;
5471 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5472 params->wpa_debug_timestamp;
5473
5474 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5475
5476 if (eloop_init()) {
5477 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5478 wpa_supplicant_deinit(global);
5479 return NULL;
5480 }
5481
5482 random_init(params->entropy_file);
5483
5484 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5485 if (global->ctrl_iface == NULL) {
5486 wpa_supplicant_deinit(global);
5487 return NULL;
5488 }
5489
5490 if (wpas_notify_supplicant_initialized(global)) {
5491 wpa_supplicant_deinit(global);
5492 return NULL;
5493 }
5494
5495 for (i = 0; wpa_drivers[i]; i++)
5496 global->drv_count++;
5497 if (global->drv_count == 0) {
5498 wpa_printf(MSG_ERROR, "No drivers enabled");
5499 wpa_supplicant_deinit(global);
5500 return NULL;
5501 }
5502 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5503 if (global->drv_priv == NULL) {
5504 wpa_supplicant_deinit(global);
5505 return NULL;
5506 }
5507
5508 #ifdef CONFIG_WIFI_DISPLAY
5509 if (wifi_display_init(global) < 0) {
5510 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5511 wpa_supplicant_deinit(global);
5512 return NULL;
5513 }
5514 #endif /* CONFIG_WIFI_DISPLAY */
5515
5516 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5517 wpas_periodic, global, NULL);
5518
5519 return global;
5520 }
5521
5522
5523 /**
5524 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5525 * @global: Pointer to global data from wpa_supplicant_init()
5526 * Returns: 0 after successful event loop run, -1 on failure
5527 *
5528 * This function starts the main event loop and continues running as long as
5529 * there are any remaining events. In most cases, this function is running as
5530 * long as the %wpa_supplicant process in still in use.
5531 */
5532 int wpa_supplicant_run(struct wpa_global *global)
5533 {
5534 struct wpa_supplicant *wpa_s;
5535
5536 if (global->params.daemonize &&
5537 (wpa_supplicant_daemon(global->params.pid_file) ||
5538 eloop_sock_requeue()))
5539 return -1;
5540
5541 #ifdef CONFIG_MATCH_IFACE
5542 if (wpa_supplicant_match_existing(global))
5543 return -1;
5544 #endif
5545
5546 if (global->params.wait_for_monitor) {
5547 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5548 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
5549 wpa_supplicant_ctrl_iface_wait(
5550 wpa_s->ctrl_iface);
5551 }
5552
5553 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5554 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5555
5556 eloop_run();
5557
5558 return 0;
5559 }
5560
5561
5562 /**
5563 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5564 * @global: Pointer to global data from wpa_supplicant_init()
5565 *
5566 * This function is called to deinitialize %wpa_supplicant and to free all
5567 * allocated resources. Remaining network interfaces will also be removed.
5568 */
5569 void wpa_supplicant_deinit(struct wpa_global *global)
5570 {
5571 int i;
5572
5573 if (global == NULL)
5574 return;
5575
5576 eloop_cancel_timeout(wpas_periodic, global, NULL);
5577
5578 #ifdef CONFIG_WIFI_DISPLAY
5579 wifi_display_deinit(global);
5580 #endif /* CONFIG_WIFI_DISPLAY */
5581
5582 while (global->ifaces)
5583 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5584
5585 if (global->ctrl_iface)
5586 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5587
5588 wpas_notify_supplicant_deinitialized(global);
5589
5590 eap_peer_unregister_methods();
5591 #ifdef CONFIG_AP
5592 eap_server_unregister_methods();
5593 #endif /* CONFIG_AP */
5594
5595 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5596 if (!global->drv_priv[i])
5597 continue;
5598 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5599 }
5600 os_free(global->drv_priv);
5601
5602 random_deinit();
5603
5604 eloop_destroy();
5605
5606 if (global->params.pid_file) {
5607 os_daemonize_terminate(global->params.pid_file);
5608 os_free(global->params.pid_file);
5609 }
5610 os_free(global->params.ctrl_interface);
5611 os_free(global->params.ctrl_interface_group);
5612 os_free(global->params.override_driver);
5613 os_free(global->params.override_ctrl_interface);
5614 #ifdef CONFIG_MATCH_IFACE
5615 os_free(global->params.match_ifaces);
5616 #endif /* CONFIG_MATCH_IFACE */
5617 #ifdef CONFIG_P2P
5618 os_free(global->params.conf_p2p_dev);
5619 #endif /* CONFIG_P2P */
5620
5621 os_free(global->p2p_disallow_freq.range);
5622 os_free(global->p2p_go_avoid_freq.range);
5623 os_free(global->add_psk);
5624
5625 os_free(global);
5626 wpa_debug_close_syslog();
5627 wpa_debug_close_file();
5628 wpa_debug_close_linux_tracing();
5629 }
5630
5631
5632 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5633 {
5634 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5635 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5636 char country[3];
5637 country[0] = wpa_s->conf->country[0];
5638 country[1] = wpa_s->conf->country[1];
5639 country[2] = '\0';
5640 if (wpa_drv_set_country(wpa_s, country) < 0) {
5641 wpa_printf(MSG_ERROR, "Failed to set country code "
5642 "'%s'", country);
5643 }
5644 }
5645
5646 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5647 wpas_init_ext_pw(wpa_s);
5648
5649 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
5650 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5651
5652 #ifdef CONFIG_WPS
5653 wpas_wps_update_config(wpa_s);
5654 #endif /* CONFIG_WPS */
5655 wpas_p2p_update_config(wpa_s);
5656 wpa_s->conf->changed_parameters = 0;
5657 }
5658
5659
5660 void add_freq(int *freqs, int *num_freqs, int freq)
5661 {
5662 int i;
5663
5664 for (i = 0; i < *num_freqs; i++) {
5665 if (freqs[i] == freq)
5666 return;
5667 }
5668
5669 freqs[*num_freqs] = freq;
5670 (*num_freqs)++;
5671 }
5672
5673
5674 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5675 {
5676 struct wpa_bss *bss, *cbss;
5677 const int max_freqs = 10;
5678 int *freqs;
5679 int num_freqs = 0;
5680
5681 freqs = os_calloc(max_freqs + 1, sizeof(int));
5682 if (freqs == NULL)
5683 return NULL;
5684
5685 cbss = wpa_s->current_bss;
5686
5687 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5688 if (bss == cbss)
5689 continue;
5690 if (bss->ssid_len == cbss->ssid_len &&
5691 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5692 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5693 add_freq(freqs, &num_freqs, bss->freq);
5694 if (num_freqs == max_freqs)
5695 break;
5696 }
5697 }
5698
5699 if (num_freqs == 0) {
5700 os_free(freqs);
5701 freqs = NULL;
5702 }
5703
5704 return freqs;
5705 }
5706
5707
5708 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5709 {
5710 int timeout;
5711 int count;
5712 int *freqs = NULL;
5713
5714 wpas_connect_work_done(wpa_s);
5715
5716 /*
5717 * Remove possible authentication timeout since the connection failed.
5718 */
5719 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5720
5721 /*
5722 * There is no point in blacklisting the AP if this event is
5723 * generated based on local request to disconnect.
5724 */
5725 if (wpa_s->own_disconnect_req) {
5726 wpa_s->own_disconnect_req = 0;
5727 wpa_dbg(wpa_s, MSG_DEBUG,
5728 "Ignore connection failure due to local request to disconnect");
5729 return;
5730 }
5731 if (wpa_s->disconnected) {
5732 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5733 "indication since interface has been put into "
5734 "disconnected state");
5735 return;
5736 }
5737
5738 /*
5739 * Add the failed BSSID into the blacklist and speed up next scan
5740 * attempt if there could be other APs that could accept association.
5741 * The current blacklist count indicates how many times we have tried
5742 * connecting to this AP and multiple attempts mean that other APs are
5743 * either not available or has already been tried, so that we can start
5744 * increasing the delay here to avoid constant scanning.
5745 */
5746 count = wpa_blacklist_add(wpa_s, bssid);
5747 if (count == 1 && wpa_s->current_bss) {
5748 /*
5749 * This BSS was not in the blacklist before. If there is
5750 * another BSS available for the same ESS, we should try that
5751 * next. Otherwise, we may as well try this one once more
5752 * before allowing other, likely worse, ESSes to be considered.
5753 */
5754 freqs = get_bss_freqs_in_ess(wpa_s);
5755 if (freqs) {
5756 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5757 "has been seen; try it next");
5758 wpa_blacklist_add(wpa_s, bssid);
5759 /*
5760 * On the next scan, go through only the known channels
5761 * used in this ESS based on previous scans to speed up
5762 * common load balancing use case.
5763 */
5764 os_free(wpa_s->next_scan_freqs);
5765 wpa_s->next_scan_freqs = freqs;
5766 }
5767 }
5768
5769 /*
5770 * Add previous failure count in case the temporary blacklist was
5771 * cleared due to no other BSSes being available.
5772 */
5773 count += wpa_s->extra_blacklist_count;
5774
5775 if (count > 3 && wpa_s->current_ssid) {
5776 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5777 "consider temporary network disabling");
5778 wpas_auth_failed(wpa_s, "CONN_FAILED");
5779 }
5780
5781 switch (count) {
5782 case 1:
5783 timeout = 100;
5784 break;
5785 case 2:
5786 timeout = 500;
5787 break;
5788 case 3:
5789 timeout = 1000;
5790 break;
5791 case 4:
5792 timeout = 5000;
5793 break;
5794 default:
5795 timeout = 10000;
5796 break;
5797 }
5798
5799 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5800 "ms", count, timeout);
5801
5802 /*
5803 * TODO: if more than one possible AP is available in scan results,
5804 * could try the other ones before requesting a new scan.
5805 */
5806 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5807 1000 * (timeout % 1000));
5808 }
5809
5810
5811 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5812 {
5813 return wpa_s->conf->ap_scan == 2 ||
5814 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5815 }
5816
5817
5818 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5819 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5820 struct wpa_ssid *ssid,
5821 const char *field,
5822 const char *value)
5823 {
5824 #ifdef IEEE8021X_EAPOL
5825 struct eap_peer_config *eap = &ssid->eap;
5826
5827 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5828 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5829 (const u8 *) value, os_strlen(value));
5830
5831 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5832 case WPA_CTRL_REQ_EAP_IDENTITY:
5833 os_free(eap->identity);
5834 eap->identity = (u8 *) os_strdup(value);
5835 eap->identity_len = os_strlen(value);
5836 eap->pending_req_identity = 0;
5837 if (ssid == wpa_s->current_ssid)
5838 wpa_s->reassociate = 1;
5839 break;
5840 case WPA_CTRL_REQ_EAP_PASSWORD:
5841 bin_clear_free(eap->password, eap->password_len);
5842 eap->password = (u8 *) os_strdup(value);
5843 eap->password_len = os_strlen(value);
5844 eap->pending_req_password = 0;
5845 if (ssid == wpa_s->current_ssid)
5846 wpa_s->reassociate = 1;
5847 break;
5848 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5849 bin_clear_free(eap->new_password, eap->new_password_len);
5850 eap->new_password = (u8 *) os_strdup(value);
5851 eap->new_password_len = os_strlen(value);
5852 eap->pending_req_new_password = 0;
5853 if (ssid == wpa_s->current_ssid)
5854 wpa_s->reassociate = 1;
5855 break;
5856 case WPA_CTRL_REQ_EAP_PIN:
5857 str_clear_free(eap->pin);
5858 eap->pin = os_strdup(value);
5859 eap->pending_req_pin = 0;
5860 if (ssid == wpa_s->current_ssid)
5861 wpa_s->reassociate = 1;
5862 break;
5863 case WPA_CTRL_REQ_EAP_OTP:
5864 bin_clear_free(eap->otp, eap->otp_len);
5865 eap->otp = (u8 *) os_strdup(value);
5866 eap->otp_len = os_strlen(value);
5867 os_free(eap->pending_req_otp);
5868 eap->pending_req_otp = NULL;
5869 eap->pending_req_otp_len = 0;
5870 break;
5871 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5872 str_clear_free(eap->private_key_passwd);
5873 eap->private_key_passwd = os_strdup(value);
5874 eap->pending_req_passphrase = 0;
5875 if (ssid == wpa_s->current_ssid)
5876 wpa_s->reassociate = 1;
5877 break;
5878 case WPA_CTRL_REQ_SIM:
5879 str_clear_free(eap->external_sim_resp);
5880 eap->external_sim_resp = os_strdup(value);
5881 break;
5882 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5883 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5884 return -1;
5885 ssid->mem_only_psk = 1;
5886 if (ssid->passphrase)
5887 wpa_config_update_psk(ssid);
5888 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5889 wpa_supplicant_req_scan(wpa_s, 0, 0);
5890 break;
5891 case WPA_CTRL_REQ_EXT_CERT_CHECK:
5892 if (eap->pending_ext_cert_check != PENDING_CHECK)
5893 return -1;
5894 if (os_strcmp(value, "good") == 0)
5895 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
5896 else if (os_strcmp(value, "bad") == 0)
5897 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
5898 else
5899 return -1;
5900 break;
5901 default:
5902 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5903 return -1;
5904 }
5905
5906 return 0;
5907 #else /* IEEE8021X_EAPOL */
5908 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5909 return -1;
5910 #endif /* IEEE8021X_EAPOL */
5911 }
5912 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5913
5914
5915 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5916 {
5917 int i;
5918 unsigned int drv_enc;
5919
5920 if (wpa_s->p2p_mgmt)
5921 return 1; /* no normal network profiles on p2p_mgmt interface */
5922
5923 if (ssid == NULL)
5924 return 1;
5925
5926 if (ssid->disabled)
5927 return 1;
5928
5929 if (wpa_s->drv_capa_known)
5930 drv_enc = wpa_s->drv_enc;
5931 else
5932 drv_enc = (unsigned int) -1;
5933
5934 for (i = 0; i < NUM_WEP_KEYS; i++) {
5935 size_t len = ssid->wep_key_len[i];
5936 if (len == 0)
5937 continue;
5938 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5939 continue;
5940 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5941 continue;
5942 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5943 continue;
5944 return 1; /* invalid WEP key */
5945 }
5946
5947 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5948 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5949 !ssid->mem_only_psk)
5950 return 1;
5951
5952 return 0;
5953 }
5954
5955
5956 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5957 {
5958 #ifdef CONFIG_IEEE80211W
5959 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5960 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5961 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5962 /*
5963 * Driver does not support BIP -- ignore pmf=1 default
5964 * since the connection with PMF would fail and the
5965 * configuration does not require PMF to be enabled.
5966 */
5967 return NO_MGMT_FRAME_PROTECTION;
5968 }
5969
5970 if (ssid &&
5971 (ssid->key_mgmt &
5972 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
5973 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
5974 /*
5975 * Do not use the default PMF value for non-RSN networks
5976 * since PMF is available only with RSN and pmf=2
5977 * configuration would otherwise prevent connections to
5978 * all open networks.
5979 */
5980 return NO_MGMT_FRAME_PROTECTION;
5981 }
5982
5983 return wpa_s->conf->pmf;
5984 }
5985
5986 return ssid->ieee80211w;
5987 #else /* CONFIG_IEEE80211W */
5988 return NO_MGMT_FRAME_PROTECTION;
5989 #endif /* CONFIG_IEEE80211W */
5990 }
5991
5992
5993 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5994 {
5995 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5996 return 1;
5997 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5998 return 0;
5999 return -1;
6000 }
6001
6002
6003 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
6004 {
6005 struct wpa_ssid *ssid = wpa_s->current_ssid;
6006 int dur;
6007 struct os_reltime now;
6008
6009 if (ssid == NULL) {
6010 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6011 "SSID block");
6012 return;
6013 }
6014
6015 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6016 return;
6017
6018 ssid->auth_failures++;
6019
6020 #ifdef CONFIG_P2P
6021 if (ssid->p2p_group &&
6022 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6023 /*
6024 * Skip the wait time since there is a short timeout on the
6025 * connection to a P2P group.
6026 */
6027 return;
6028 }
6029 #endif /* CONFIG_P2P */
6030
6031 if (ssid->auth_failures > 50)
6032 dur = 300;
6033 else if (ssid->auth_failures > 10)
6034 dur = 120;
6035 else if (ssid->auth_failures > 5)
6036 dur = 90;
6037 else if (ssid->auth_failures > 3)
6038 dur = 60;
6039 else if (ssid->auth_failures > 2)
6040 dur = 30;
6041 else if (ssid->auth_failures > 1)
6042 dur = 20;
6043 else
6044 dur = 10;
6045
6046 if (ssid->auth_failures > 1 &&
6047 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6048 dur += os_random() % (ssid->auth_failures * 10);
6049
6050 os_get_reltime(&now);
6051 if (now.sec + dur <= ssid->disabled_until.sec)
6052 return;
6053
6054 ssid->disabled_until.sec = now.sec + dur;
6055
6056 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
6057 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6058 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
6059 ssid->auth_failures, dur, reason);
6060 }
6061
6062
6063 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6064 struct wpa_ssid *ssid, int clear_failures)
6065 {
6066 if (ssid == NULL)
6067 return;
6068
6069 if (ssid->disabled_until.sec) {
6070 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6071 "id=%d ssid=\"%s\"",
6072 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6073 }
6074 ssid->disabled_until.sec = 0;
6075 ssid->disabled_until.usec = 0;
6076 if (clear_failures)
6077 ssid->auth_failures = 0;
6078 }
6079
6080
6081 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6082 {
6083 size_t i;
6084
6085 if (wpa_s->disallow_aps_bssid == NULL)
6086 return 0;
6087
6088 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6089 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6090 bssid, ETH_ALEN) == 0)
6091 return 1;
6092 }
6093
6094 return 0;
6095 }
6096
6097
6098 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6099 size_t ssid_len)
6100 {
6101 size_t i;
6102
6103 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6104 return 0;
6105
6106 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6107 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6108 if (ssid_len == s->ssid_len &&
6109 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6110 return 1;
6111 }
6112
6113 return 0;
6114 }
6115
6116
6117 /**
6118 * wpas_request_connection - Request a new connection
6119 * @wpa_s: Pointer to the network interface
6120 *
6121 * This function is used to request a new connection to be found. It will mark
6122 * the interface to allow reassociation and request a new scan to find a
6123 * suitable network to connect to.
6124 */
6125 void wpas_request_connection(struct wpa_supplicant *wpa_s)
6126 {
6127 wpa_s->normal_scans = 0;
6128 wpa_s->scan_req = NORMAL_SCAN_REQ;
6129 wpa_supplicant_reinit_autoscan(wpa_s);
6130 wpa_s->extra_blacklist_count = 0;
6131 wpa_s->disconnected = 0;
6132 wpa_s->reassociate = 1;
6133
6134 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6135 wpa_supplicant_req_scan(wpa_s, 0, 0);
6136 else
6137 wpa_s->reattach = 0;
6138 }
6139
6140
6141 /**
6142 * wpas_request_disconnection - Request disconnection
6143 * @wpa_s: Pointer to the network interface
6144 *
6145 * This function is used to request disconnection from the currently connected
6146 * network. This will stop any ongoing scans and initiate deauthentication.
6147 */
6148 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6149 {
6150 #ifdef CONFIG_SME
6151 wpa_s->sme.prev_bssid_set = 0;
6152 #endif /* CONFIG_SME */
6153 wpa_s->reassociate = 0;
6154 wpa_s->disconnected = 1;
6155 wpa_supplicant_cancel_sched_scan(wpa_s);
6156 wpa_supplicant_cancel_scan(wpa_s);
6157 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6158 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6159 }
6160
6161
6162 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6163 struct wpa_used_freq_data *freqs_data,
6164 unsigned int len)
6165 {
6166 unsigned int i;
6167
6168 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6169 len, title);
6170 for (i = 0; i < len; i++) {
6171 struct wpa_used_freq_data *cur = &freqs_data[i];
6172 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6173 i, cur->freq, cur->flags);
6174 }
6175 }
6176
6177
6178 /*
6179 * Find the operating frequencies of any of the virtual interfaces that
6180 * are using the same radio as the current interface, and in addition, get
6181 * information about the interface types that are using the frequency.
6182 */
6183 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6184 struct wpa_used_freq_data *freqs_data,
6185 unsigned int len)
6186 {
6187 struct wpa_supplicant *ifs;
6188 u8 bssid[ETH_ALEN];
6189 int freq;
6190 unsigned int idx = 0, i;
6191
6192 wpa_dbg(wpa_s, MSG_DEBUG,
6193 "Determining shared radio frequencies (max len %u)", len);
6194 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6195
6196 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6197 radio_list) {
6198 if (idx == len)
6199 break;
6200
6201 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6202 continue;
6203
6204 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6205 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6206 ifs->current_ssid->mode == WPAS_MODE_MESH)
6207 freq = ifs->current_ssid->frequency;
6208 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6209 freq = ifs->assoc_freq;
6210 else
6211 continue;
6212
6213 /* Hold only distinct freqs */
6214 for (i = 0; i < idx; i++)
6215 if (freqs_data[i].freq == freq)
6216 break;
6217
6218 if (i == idx)
6219 freqs_data[idx++].freq = freq;
6220
6221 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6222 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6223 WPA_FREQ_USED_BY_P2P_CLIENT :
6224 WPA_FREQ_USED_BY_INFRA_STATION;
6225 }
6226 }
6227
6228 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6229 return idx;
6230 }
6231
6232
6233 /*
6234 * Find the operating frequencies of any of the virtual interfaces that
6235 * are using the same radio as the current interface.
6236 */
6237 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6238 int *freq_array, unsigned int len)
6239 {
6240 struct wpa_used_freq_data *freqs_data;
6241 int num, i;
6242
6243 os_memset(freq_array, 0, sizeof(int) * len);
6244
6245 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6246 if (!freqs_data)
6247 return -1;
6248
6249 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6250 for (i = 0; i < num; i++)
6251 freq_array[i] = freqs_data[i].freq;
6252
6253 os_free(freqs_data);
6254
6255 return num;
6256 }
6257
6258
6259 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
6260 {
6261 struct rrm_data *rrm = data;
6262
6263 if (!rrm->notify_neighbor_rep) {
6264 wpa_printf(MSG_ERROR,
6265 "RRM: Unexpected neighbor report timeout");
6266 return;
6267 }
6268
6269 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
6270 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
6271
6272 rrm->notify_neighbor_rep = NULL;
6273 rrm->neighbor_rep_cb_ctx = NULL;
6274 }
6275
6276
6277 /*
6278 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
6279 * @wpa_s: Pointer to wpa_supplicant
6280 */
6281 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
6282 {
6283 wpa_s->rrm.rrm_used = 0;
6284
6285 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6286 NULL);
6287 if (wpa_s->rrm.notify_neighbor_rep)
6288 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
6289 wpa_s->rrm.next_neighbor_rep_token = 1;
6290 }
6291
6292
6293 /*
6294 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
6295 * @wpa_s: Pointer to wpa_supplicant
6296 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
6297 * @report_len: Length of neighbor report buffer
6298 */
6299 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
6300 const u8 *report, size_t report_len)
6301 {
6302 struct wpabuf *neighbor_rep;
6303
6304 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
6305 if (report_len < 1)
6306 return;
6307
6308 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
6309 wpa_printf(MSG_DEBUG,
6310 "RRM: Discarding neighbor report with token %d (expected %d)",
6311 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
6312 return;
6313 }
6314
6315 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6316 NULL);
6317
6318 if (!wpa_s->rrm.notify_neighbor_rep) {
6319 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
6320 return;
6321 }
6322
6323 /* skipping the first byte, which is only an id (dialog token) */
6324 neighbor_rep = wpabuf_alloc(report_len - 1);
6325 if (neighbor_rep == NULL)
6326 return;
6327 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
6328 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
6329 report[0]);
6330 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
6331 neighbor_rep);
6332 wpa_s->rrm.notify_neighbor_rep = NULL;
6333 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
6334 }
6335
6336
6337 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
6338 /* Workaround different, undefined for Windows, error codes used here */
6339 #define ENOTCONN -1
6340 #define EOPNOTSUPP -1
6341 #define ECANCELED -1
6342 #endif
6343
6344 /* Measurement Request element + Location Subject + Maximum Age subelement */
6345 #define MEASURE_REQUEST_LCI_LEN (3 + 1 + 4)
6346 /* Measurement Request element + Location Civic Request */
6347 #define MEASURE_REQUEST_CIVIC_LEN (3 + 5)
6348
6349
6350 /**
6351 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
6352 * @wpa_s: Pointer to wpa_supplicant
6353 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
6354 * is sent in the request.
6355 * @lci: if set, neighbor request will include LCI request
6356 * @civic: if set, neighbor request will include civic location request
6357 * @cb: Callback function to be called once the requested report arrives, or
6358 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
6359 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
6360 * the requester's responsibility to free it.
6361 * In the latter case NULL will be sent in 'neighbor_rep'.
6362 * @cb_ctx: Context value to send the callback function
6363 * Returns: 0 in case of success, negative error code otherwise
6364 *
6365 * In case there is a previous request which has not been answered yet, the
6366 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
6367 * Request must contain a callback function.
6368 */
6369 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
6370 const struct wpa_ssid_value *ssid,
6371 int lci, int civic,
6372 void (*cb)(void *ctx,
6373 struct wpabuf *neighbor_rep),
6374 void *cb_ctx)
6375 {
6376 struct wpabuf *buf;
6377 const u8 *rrm_ie;
6378
6379 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
6380 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
6381 return -ENOTCONN;
6382 }
6383
6384 if (!wpa_s->rrm.rrm_used) {
6385 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
6386 return -EOPNOTSUPP;
6387 }
6388
6389 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
6390 WLAN_EID_RRM_ENABLED_CAPABILITIES);
6391 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
6392 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
6393 wpa_printf(MSG_DEBUG,
6394 "RRM: No network support for Neighbor Report.");
6395 return -EOPNOTSUPP;
6396 }
6397
6398 if (!cb) {
6399 wpa_printf(MSG_DEBUG,
6400 "RRM: Neighbor Report request must provide a callback.");
6401 return -EINVAL;
6402 }
6403
6404 /* Refuse if there's a live request */
6405 if (wpa_s->rrm.notify_neighbor_rep) {
6406 wpa_printf(MSG_DEBUG,
6407 "RRM: Currently handling previous Neighbor Report.");
6408 return -EBUSY;
6409 }
6410
6411 /* 3 = action category + action code + dialog token */
6412 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0) +
6413 (lci ? 2 + MEASURE_REQUEST_LCI_LEN : 0) +
6414 (civic ? 2 + MEASURE_REQUEST_CIVIC_LEN : 0));
6415 if (buf == NULL) {
6416 wpa_printf(MSG_DEBUG,
6417 "RRM: Failed to allocate Neighbor Report Request");
6418 return -ENOMEM;
6419 }
6420
6421 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
6422 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
6423 wpa_s->rrm.next_neighbor_rep_token);
6424
6425 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6426 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
6427 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
6428 if (ssid) {
6429 wpabuf_put_u8(buf, WLAN_EID_SSID);
6430 wpabuf_put_u8(buf, ssid->ssid_len);
6431 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
6432 }
6433
6434 if (lci) {
6435 /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */
6436 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
6437 wpabuf_put_u8(buf, MEASURE_REQUEST_LCI_LEN);
6438
6439 /*
6440 * Measurement token; nonzero number that is unique among the
6441 * Measurement Request elements in a particular frame.
6442 */
6443 wpabuf_put_u8(buf, 1); /* Measurement Token */
6444
6445 /*
6446 * Parallel, Enable, Request, and Report bits are 0, Duration is
6447 * reserved.
6448 */
6449 wpabuf_put_u8(buf, 0); /* Measurement Request Mode */
6450 wpabuf_put_u8(buf, MEASURE_TYPE_LCI); /* Measurement Type */
6451
6452 /* IEEE P802.11-REVmc/D5.0 9.4.2.21.10 - LCI request */
6453 /* Location Subject */
6454 wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE);
6455
6456 /* Optional Subelements */
6457 /*
6458 * IEEE P802.11-REVmc/D5.0 Figure 9-170
6459 * The Maximum Age subelement is required, otherwise the AP can
6460 * send only data that was determined after receiving the
6461 * request. Setting it here to unlimited age.
6462 */
6463 wpabuf_put_u8(buf, LCI_REQ_SUBELEM_MAX_AGE);
6464 wpabuf_put_u8(buf, 2);
6465 wpabuf_put_le16(buf, 0xffff);
6466 }
6467
6468 if (civic) {
6469 /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */
6470 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
6471 wpabuf_put_u8(buf, MEASURE_REQUEST_CIVIC_LEN);
6472
6473 /*
6474 * Measurement token; nonzero number that is unique among the
6475 * Measurement Request elements in a particular frame.
6476 */
6477 wpabuf_put_u8(buf, 2); /* Measurement Token */
6478
6479 /*
6480 * Parallel, Enable, Request, and Report bits are 0, Duration is
6481 * reserved.
6482 */
6483 wpabuf_put_u8(buf, 0); /* Measurement Request Mode */
6484 /* Measurement Type */
6485 wpabuf_put_u8(buf, MEASURE_TYPE_LOCATION_CIVIC);
6486
6487 /* IEEE P802.11-REVmc/D5.0 9.4.2.21.14:
6488 * Location Civic request */
6489 /* Location Subject */
6490 wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE);
6491 wpabuf_put_u8(buf, 0); /* Civic Location Type: IETF RFC 4776 */
6492 /* Location Service Interval Units: Seconds */
6493 wpabuf_put_u8(buf, 0);
6494 /* Location Service Interval: 0 - Only one report is requested
6495 */
6496 wpabuf_put_le16(buf, 0);
6497 /* No optional subelements */
6498 }
6499
6500 wpa_s->rrm.next_neighbor_rep_token++;
6501
6502 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6503 wpa_s->own_addr, wpa_s->bssid,
6504 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
6505 wpa_printf(MSG_DEBUG,
6506 "RRM: Failed to send Neighbor Report Request");
6507 wpabuf_free(buf);
6508 return -ECANCELED;
6509 }
6510
6511 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
6512 wpa_s->rrm.notify_neighbor_rep = cb;
6513 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
6514 wpas_rrm_neighbor_rep_timeout_handler,
6515 &wpa_s->rrm, NULL);
6516
6517 wpabuf_free(buf);
6518 return 0;
6519 }
6520
6521
6522 static struct wpabuf * wpas_rrm_build_lci_report(struct wpa_supplicant *wpa_s,
6523 const u8 *request, size_t len,
6524 struct wpabuf *report)
6525 {
6526 u8 token, type, subject;
6527 u16 max_age = 0;
6528 struct os_reltime t, diff;
6529 unsigned long diff_l;
6530 u8 *ptoken;
6531 const u8 *subelem;
6532
6533 if (!wpa_s->lci || len < 3 + 4)
6534 return report;
6535
6536 token = *request++;
6537 /* Measurement request mode isn't used */
6538 request++;
6539 type = *request++;
6540 subject = *request++;
6541
6542 wpa_printf(MSG_DEBUG,
6543 "Measurement request token %u type %u location subject %u",
6544 token, type, subject);
6545
6546 if (type != MEASURE_TYPE_LCI || subject != LOCATION_SUBJECT_REMOTE) {
6547 wpa_printf(MSG_INFO,
6548 "Not building LCI report - bad type or location subject");
6549 return report;
6550 }
6551
6552 /* Subelements are formatted exactly like elements */
6553 subelem = get_ie(request, len, LCI_REQ_SUBELEM_MAX_AGE);
6554 if (subelem && subelem[1] == 2)
6555 max_age = WPA_GET_LE16(subelem + 2);
6556
6557 if (os_get_reltime(&t))
6558 return report;
6559
6560 os_reltime_sub(&t, &wpa_s->lci_time, &diff);
6561 /* LCI age is calculated in 10th of a second units. */
6562 diff_l = diff.sec * 10 + diff.usec / 100000;
6563
6564 if (max_age != 0xffff && max_age < diff_l)
6565 return report;
6566
6567 if (wpabuf_resize(&report, 2 + wpabuf_len(wpa_s->lci)))
6568 return report;
6569
6570 wpabuf_put_u8(report, WLAN_EID_MEASURE_REPORT);
6571 wpabuf_put_u8(report, wpabuf_len(wpa_s->lci));
6572 /* We'll override user's measurement token */
6573 ptoken = wpabuf_put(report, 0);
6574 wpabuf_put_buf(report, wpa_s->lci);
6575 *ptoken = token;
6576
6577 return report;
6578 }
6579
6580
6581 void wpas_rrm_handle_radio_measurement_request(struct wpa_supplicant *wpa_s,
6582 const u8 *src,
6583 const u8 *frame, size_t len)
6584 {
6585 struct wpabuf *buf, *report;
6586 u8 token;
6587 const u8 *ie, *end;
6588
6589 if (wpa_s->wpa_state != WPA_COMPLETED) {
6590 wpa_printf(MSG_INFO,
6591 "RRM: Ignoring radio measurement request: Not associated");
6592 return;
6593 }
6594
6595 if (!wpa_s->rrm.rrm_used) {
6596 wpa_printf(MSG_INFO,
6597 "RRM: Ignoring radio measurement request: Not RRM network");
6598 return;
6599 }
6600
6601 if (len < 3) {
6602 wpa_printf(MSG_INFO,
6603 "RRM: Ignoring too short radio measurement request");
6604 return;
6605 }
6606
6607 end = frame + len;
6608
6609 token = *frame++;
6610
6611 /* Ignore number of repetitions because it's not used in LCI request */
6612 frame += 2;
6613
6614 report = NULL;
6615 while ((ie = get_ie(frame, end - frame, WLAN_EID_MEASURE_REQUEST)) &&
6616 ie[1] >= 3) {
6617 u8 msmt_type;
6618
6619 msmt_type = ie[4];
6620 wpa_printf(MSG_DEBUG, "RRM request %d", msmt_type);
6621
6622 switch (msmt_type) {
6623 case MEASURE_TYPE_LCI:
6624 report = wpas_rrm_build_lci_report(wpa_s, ie + 2, ie[1],
6625 report);
6626 break;
6627 default:
6628 wpa_printf(MSG_INFO,
6629 "RRM: Unsupported radio measurement request %d",
6630 msmt_type);
6631 break;
6632 }
6633
6634 frame = ie + ie[1] + 2;
6635 }
6636
6637 if (!report)
6638 return;
6639
6640 buf = wpabuf_alloc(3 + wpabuf_len(report));
6641 if (!buf) {
6642 wpabuf_free(report);
6643 return;
6644 }
6645
6646 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6647 wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REPORT);
6648 wpabuf_put_u8(buf, token);
6649
6650 wpabuf_put_buf(buf, report);
6651 wpabuf_free(report);
6652
6653 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6654 wpa_s->own_addr, wpa_s->bssid,
6655 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6656 wpa_printf(MSG_ERROR,
6657 "RRM: Radio measurement report failed: Sending Action frame failed");
6658 }
6659 wpabuf_free(buf);
6660 }
6661
6662
6663 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
6664 const u8 *src,
6665 const u8 *frame, size_t len,
6666 int rssi)
6667 {
6668 struct wpabuf *buf;
6669 const struct rrm_link_measurement_request *req;
6670 struct rrm_link_measurement_report report;
6671
6672 if (wpa_s->wpa_state != WPA_COMPLETED) {
6673 wpa_printf(MSG_INFO,
6674 "RRM: Ignoring link measurement request. Not associated");
6675 return;
6676 }
6677
6678 if (!wpa_s->rrm.rrm_used) {
6679 wpa_printf(MSG_INFO,
6680 "RRM: Ignoring link measurement request. Not RRM network");
6681 return;
6682 }
6683
6684 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
6685 wpa_printf(MSG_INFO,
6686 "RRM: Measurement report failed. TX power insertion not supported");
6687 return;
6688 }
6689
6690 req = (const struct rrm_link_measurement_request *) frame;
6691 if (len < sizeof(*req)) {
6692 wpa_printf(MSG_INFO,
6693 "RRM: Link measurement report failed. Request too short");
6694 return;
6695 }
6696
6697 os_memset(&report, 0, sizeof(report));
6698 report.tpc.eid = WLAN_EID_TPC_REPORT;
6699 report.tpc.len = 2;
6700 report.rsni = 255; /* 255 indicates that RSNI is not available */
6701 report.dialog_token = req->dialog_token;
6702
6703 /*
6704 * It's possible to estimate RCPI based on RSSI in dBm. This
6705 * calculation will not reflect the correct value for high rates,
6706 * but it's good enough for Action frames which are transmitted
6707 * with up to 24 Mbps rates.
6708 */
6709 if (!rssi)
6710 report.rcpi = 255; /* not available */
6711 else if (rssi < -110)
6712 report.rcpi = 0;
6713 else if (rssi > 0)
6714 report.rcpi = 220;
6715 else
6716 report.rcpi = (rssi + 110) * 2;
6717
6718 /* action_category + action_code */
6719 buf = wpabuf_alloc(2 + sizeof(report));
6720 if (buf == NULL) {
6721 wpa_printf(MSG_ERROR,
6722 "RRM: Link measurement report failed. Buffer allocation failed");
6723 return;
6724 }
6725
6726 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6727 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
6728 wpabuf_put_data(buf, &report, sizeof(report));
6729 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
6730 wpabuf_head(buf), wpabuf_len(buf));
6731
6732 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6733 wpa_s->own_addr, wpa_s->bssid,
6734 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6735 wpa_printf(MSG_ERROR,
6736 "RRM: Link measurement report failed. Send action failed");
6737 }
6738 wpabuf_free(buf);
6739 }
6740
6741
6742 struct wpa_supplicant *
6743 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6744 {
6745 switch (frame) {
6746 #ifdef CONFIG_P2P
6747 case VENDOR_ELEM_PROBE_REQ_P2P:
6748 case VENDOR_ELEM_PROBE_RESP_P2P:
6749 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6750 case VENDOR_ELEM_BEACON_P2P_GO:
6751 case VENDOR_ELEM_P2P_PD_REQ:
6752 case VENDOR_ELEM_P2P_PD_RESP:
6753 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6754 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6755 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6756 case VENDOR_ELEM_P2P_INV_REQ:
6757 case VENDOR_ELEM_P2P_INV_RESP:
6758 case VENDOR_ELEM_P2P_ASSOC_REQ:
6759 case VENDOR_ELEM_P2P_ASSOC_RESP:
6760 return wpa_s->p2pdev;
6761 #endif /* CONFIG_P2P */
6762 default:
6763 return wpa_s;
6764 }
6765 }
6766
6767
6768 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6769 {
6770 unsigned int i;
6771 char buf[30];
6772
6773 wpa_printf(MSG_DEBUG, "Update vendor elements");
6774
6775 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6776 if (wpa_s->vendor_elem[i]) {
6777 int res;
6778
6779 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6780 if (!os_snprintf_error(sizeof(buf), res)) {
6781 wpa_hexdump_buf(MSG_DEBUG, buf,
6782 wpa_s->vendor_elem[i]);
6783 }
6784 }
6785 }
6786
6787 #ifdef CONFIG_P2P
6788 if (wpa_s->parent == wpa_s &&
6789 wpa_s->global->p2p &&
6790 !wpa_s->global->p2p_disabled)
6791 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6792 #endif /* CONFIG_P2P */
6793 }
6794
6795
6796 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6797 const u8 *elem, size_t len)
6798 {
6799 u8 *ie, *end;
6800
6801 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6802 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6803
6804 for (; ie + 1 < end; ie += 2 + ie[1]) {
6805 if (ie + len > end)
6806 break;
6807 if (os_memcmp(ie, elem, len) != 0)
6808 continue;
6809
6810 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6811 wpabuf_free(wpa_s->vendor_elem[frame]);
6812 wpa_s->vendor_elem[frame] = NULL;
6813 } else {
6814 os_memmove(ie, ie + len, end - (ie + len));
6815 wpa_s->vendor_elem[frame]->used -= len;
6816 }
6817 wpas_vendor_elem_update(wpa_s);
6818 return 0;
6819 }
6820
6821 return -1;
6822 }
6823
6824
6825 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6826 u16 num_modes, enum hostapd_hw_mode mode)
6827 {
6828 u16 i;
6829
6830 for (i = 0; i < num_modes; i++) {
6831 if (modes[i].mode == mode)
6832 return &modes[i];
6833 }
6834
6835 return NULL;
6836 }
6837
6838
6839 static struct
6840 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6841 const u8 *bssid)
6842 {
6843 struct wpa_bss_tmp_disallowed *bss;
6844
6845 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6846 struct wpa_bss_tmp_disallowed, list) {
6847 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6848 return bss;
6849 }
6850
6851 return NULL;
6852 }
6853
6854
6855 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6856 unsigned int sec)
6857 {
6858 struct wpa_bss_tmp_disallowed *bss;
6859 struct os_reltime until;
6860
6861 os_get_reltime(&until);
6862 until.sec += sec;
6863
6864 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6865 if (bss) {
6866 bss->disallowed_until = until;
6867 return;
6868 }
6869
6870 bss = os_malloc(sizeof(*bss));
6871 if (!bss) {
6872 wpa_printf(MSG_DEBUG,
6873 "Failed to allocate memory for temp disallow BSS");
6874 return;
6875 }
6876
6877 bss->disallowed_until = until;
6878 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6879 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6880 }
6881
6882
6883 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6884 {
6885 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
6886 struct os_reltime now, age;
6887
6888 os_get_reltime(&now);
6889
6890 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
6891 struct wpa_bss_tmp_disallowed, list) {
6892 if (!os_reltime_before(&now, &tmp->disallowed_until)) {
6893 /* This BSS is not disallowed anymore */
6894 dl_list_del(&tmp->list);
6895 os_free(tmp);
6896 continue;
6897 }
6898 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
6899 bss = tmp;
6900 break;
6901 }
6902 }
6903 if (!bss)
6904 return 0;
6905
6906 os_reltime_sub(&bss->disallowed_until, &now, &age);
6907 wpa_printf(MSG_DEBUG,
6908 "BSS " MACSTR " disabled for %ld.%0ld seconds",
6909 MAC2STR(bss->bssid), age.sec, age.usec);
6910 return 1;
6911 }
Unnamed repository; edit this file 'description' to name the repository.