]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
EAP peer: Cache decrypted requests for EAP-SIM/AKA/AKA'
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "p2p/p2p.h"
42 #include "fst/fst.h"
43 #include "blacklist.h"
44 #include "wpas_glue.h"
45 #include "wps_supplicant.h"
46 #include "ibss_rsn.h"
47 #include "sme.h"
48 #include "gas_query.h"
49 #include "ap.h"
50 #include "p2p_supplicant.h"
51 #include "wifi_display.h"
52 #include "notify.h"
53 #include "bgscan.h"
54 #include "autoscan.h"
55 #include "bss.h"
56 #include "scan.h"
57 #include "offchannel.h"
58 #include "hs20_supplicant.h"
59 #include "wnm_sta.h"
60 #include "wpas_kay.h"
61 #include "mesh.h"
62
63 const char *const wpa_supplicant_version =
64 "wpa_supplicant v" VERSION_STR "\n"
65 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
66
67 const char *const wpa_supplicant_license =
68 "This software may be distributed under the terms of the BSD license.\n"
69 "See README for more details.\n"
70 #ifdef EAP_TLS_OPENSSL
71 "\nThis product includes software developed by the OpenSSL Project\n"
72 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
73 #endif /* EAP_TLS_OPENSSL */
74 ;
75
76 #ifndef CONFIG_NO_STDOUT_DEBUG
77 /* Long text divided into parts in order to fit in C89 strings size limits. */
78 const char *const wpa_supplicant_full_license1 =
79 "";
80 const char *const wpa_supplicant_full_license2 =
81 "This software may be distributed under the terms of the BSD license.\n"
82 "\n"
83 "Redistribution and use in source and binary forms, with or without\n"
84 "modification, are permitted provided that the following conditions are\n"
85 "met:\n"
86 "\n";
87 const char *const wpa_supplicant_full_license3 =
88 "1. Redistributions of source code must retain the above copyright\n"
89 " notice, this list of conditions and the following disclaimer.\n"
90 "\n"
91 "2. Redistributions in binary form must reproduce the above copyright\n"
92 " notice, this list of conditions and the following disclaimer in the\n"
93 " documentation and/or other materials provided with the distribution.\n"
94 "\n";
95 const char *const wpa_supplicant_full_license4 =
96 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
97 " names of its contributors may be used to endorse or promote products\n"
98 " derived from this software without specific prior written permission.\n"
99 "\n"
100 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
101 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
102 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
103 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
104 const char *const wpa_supplicant_full_license5 =
105 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
106 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
107 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
108 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
109 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
110 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
111 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
112 "\n";
113 #endif /* CONFIG_NO_STDOUT_DEBUG */
114
115 /* Configure default/group WEP keys for static WEP */
116 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
117 {
118 int i, set = 0;
119
120 for (i = 0; i < NUM_WEP_KEYS; i++) {
121 if (ssid->wep_key_len[i] == 0)
122 continue;
123
124 set = 1;
125 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
126 i, i == ssid->wep_tx_keyidx, NULL, 0,
127 ssid->wep_key[i], ssid->wep_key_len[i]);
128 }
129
130 return set;
131 }
132
133
134 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
135 struct wpa_ssid *ssid)
136 {
137 u8 key[32];
138 size_t keylen;
139 enum wpa_alg alg;
140 u8 seq[6] = { 0 };
141 int ret;
142
143 /* IBSS/WPA-None uses only one key (Group) for both receiving and
144 * sending unicast and multicast packets. */
145
146 if (ssid->mode != WPAS_MODE_IBSS) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
148 "IBSS/ad-hoc) for WPA-None", ssid->mode);
149 return -1;
150 }
151
152 if (!ssid->psk_set) {
153 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 "WPA-None");
155 return -1;
156 }
157
158 switch (wpa_s->group_cipher) {
159 case WPA_CIPHER_CCMP:
160 os_memcpy(key, ssid->psk, 16);
161 keylen = 16;
162 alg = WPA_ALG_CCMP;
163 break;
164 case WPA_CIPHER_GCMP:
165 os_memcpy(key, ssid->psk, 16);
166 keylen = 16;
167 alg = WPA_ALG_GCMP;
168 break;
169 case WPA_CIPHER_TKIP:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key, ssid->psk, 16 + 8);
172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 keylen = 32;
174 alg = WPA_ALG_TKIP;
175 break;
176 default:
177 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s->group_cipher);
179 return -1;
180 }
181
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
184
185 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
186 os_memset(key, 0, sizeof(key));
187 return ret;
188 }
189
190
191 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
192 {
193 struct wpa_supplicant *wpa_s = eloop_ctx;
194 const u8 *bssid = wpa_s->bssid;
195 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
196 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
197 wpa_s->wpa_state == WPA_ASSOCIATING))
198 bssid = wpa_s->pending_bssid;
199 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
200 MAC2STR(bssid));
201 wpa_blacklist_add(wpa_s, bssid);
202 wpa_sm_notify_disassoc(wpa_s->wpa);
203 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
204 wpa_s->reassociate = 1;
205
206 /*
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
209 */
210 wpa_supplicant_req_scan(wpa_s, 1, 0);
211 }
212
213
214 /**
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
219 *
220 * This function is used to schedule a timeout for the current authentication
221 * attempt.
222 */
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 int sec, int usec)
225 {
226 if (wpa_s->conf->ap_scan == 0 &&
227 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 return;
229
230 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
231 "%d usec", sec, usec);
232 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
233 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
234 }
235
236
237 /**
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
240 *
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 * been completed.
244 */
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
246 {
247 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
249 wpa_blacklist_del(wpa_s, wpa_s->bssid);
250 }
251
252
253 /**
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
256 *
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
259 */
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
261 {
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf;
264 struct wpa_ssid *ssid = wpa_s->current_ssid;
265
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid->mode == WPAS_MODE_IBSS &&
268 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
270 /*
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
273 */
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 return;
278 }
279 #endif /* CONFIG_IBSS_RSN */
280
281 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
282 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
283
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
285 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
286 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
287 else
288 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
289
290 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
291 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
292 eapol_conf.accept_802_1x_keys = 1;
293 eapol_conf.required_keys = 0;
294 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
295 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
296 }
297 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
298 eapol_conf.required_keys |=
299 EAPOL_REQUIRE_KEY_BROADCAST;
300 }
301
302 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
303 eapol_conf.required_keys = 0;
304 }
305 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
306 eapol_conf.workaround = ssid->eap_workaround;
307 eapol_conf.eap_disabled =
308 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
309 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
311 eapol_conf.external_sim = wpa_s->conf->external_sim;
312
313 #ifdef CONFIG_WPS
314 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
315 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
316 if (wpa_s->current_bss) {
317 struct wpabuf *ie;
318 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
319 WPS_IE_VENDOR_TYPE);
320 if (ie) {
321 if (wps_is_20(ie))
322 eapol_conf.wps |=
323 EAPOL_PEER_IS_WPS20_AP;
324 wpabuf_free(ie);
325 }
326 }
327 }
328 #endif /* CONFIG_WPS */
329
330 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
331
332 #ifdef CONFIG_MACSEC
333 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
334 ieee802_1x_create_preshared_mka(wpa_s, ssid);
335 else
336 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
337 #endif /* CONFIG_MACSEC */
338 #endif /* IEEE8021X_EAPOL */
339 }
340
341
342 /**
343 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
344 * @wpa_s: Pointer to wpa_supplicant data
345 * @ssid: Configuration data for the network
346 *
347 * This function is used to configure WPA state machine and related parameters
348 * to a mode where WPA is not enabled. This is called as part of the
349 * authentication configuration when the selected network does not use WPA.
350 */
351 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
352 struct wpa_ssid *ssid)
353 {
354 int i;
355
356 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
357 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
358 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
359 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
360 else
361 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
362 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
363 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
364 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
365 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
366 wpa_s->group_cipher = WPA_CIPHER_NONE;
367 wpa_s->mgmt_group_cipher = 0;
368
369 for (i = 0; i < NUM_WEP_KEYS; i++) {
370 if (ssid->wep_key_len[i] > 5) {
371 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
372 wpa_s->group_cipher = WPA_CIPHER_WEP104;
373 break;
374 } else if (ssid->wep_key_len[i] > 0) {
375 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
376 wpa_s->group_cipher = WPA_CIPHER_WEP40;
377 break;
378 }
379 }
380
381 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
382 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
383 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
384 wpa_s->pairwise_cipher);
385 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
386 #ifdef CONFIG_IEEE80211W
387 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
388 wpa_s->mgmt_group_cipher);
389 #endif /* CONFIG_IEEE80211W */
390
391 pmksa_cache_clear_current(wpa_s->wpa);
392 }
393
394
395 void free_hw_features(struct wpa_supplicant *wpa_s)
396 {
397 int i;
398 if (wpa_s->hw.modes == NULL)
399 return;
400
401 for (i = 0; i < wpa_s->hw.num_modes; i++) {
402 os_free(wpa_s->hw.modes[i].channels);
403 os_free(wpa_s->hw.modes[i].rates);
404 }
405
406 os_free(wpa_s->hw.modes);
407 wpa_s->hw.modes = NULL;
408 }
409
410
411 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
412 {
413 struct wpa_bss_tmp_disallowed *bss, *prev;
414
415 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
416 struct wpa_bss_tmp_disallowed, list) {
417 dl_list_del(&bss->list);
418 os_free(bss);
419 }
420 }
421
422
423 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
424 {
425 struct fils_hlp_req *req;
426
427 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
428 list)) != NULL) {
429 dl_list_del(&req->list);
430 wpabuf_free(req->pkt);
431 os_free(req);
432 }
433 }
434
435
436 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
437 {
438 int i;
439
440 bgscan_deinit(wpa_s);
441 autoscan_deinit(wpa_s);
442 scard_deinit(wpa_s->scard);
443 wpa_s->scard = NULL;
444 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
445 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
446 l2_packet_deinit(wpa_s->l2);
447 wpa_s->l2 = NULL;
448 if (wpa_s->l2_br) {
449 l2_packet_deinit(wpa_s->l2_br);
450 wpa_s->l2_br = NULL;
451 }
452 #ifdef CONFIG_TESTING_OPTIONS
453 l2_packet_deinit(wpa_s->l2_test);
454 wpa_s->l2_test = NULL;
455 #endif /* CONFIG_TESTING_OPTIONS */
456
457 if (wpa_s->conf != NULL) {
458 struct wpa_ssid *ssid;
459 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
460 wpas_notify_network_removed(wpa_s, ssid);
461 }
462
463 os_free(wpa_s->confname);
464 wpa_s->confname = NULL;
465
466 os_free(wpa_s->confanother);
467 wpa_s->confanother = NULL;
468
469 wpa_sm_set_eapol(wpa_s->wpa, NULL);
470 eapol_sm_deinit(wpa_s->eapol);
471 wpa_s->eapol = NULL;
472
473 rsn_preauth_deinit(wpa_s->wpa);
474
475 #ifdef CONFIG_TDLS
476 wpa_tdls_deinit(wpa_s->wpa);
477 #endif /* CONFIG_TDLS */
478
479 wmm_ac_clear_saved_tspecs(wpa_s);
480 pmksa_candidate_free(wpa_s->wpa);
481 wpa_sm_deinit(wpa_s->wpa);
482 wpa_s->wpa = NULL;
483 wpa_blacklist_clear(wpa_s);
484
485 wpa_bss_deinit(wpa_s);
486
487 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
488 wpa_supplicant_cancel_scan(wpa_s);
489 wpa_supplicant_cancel_auth_timeout(wpa_s);
490 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
491 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
492 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
493 wpa_s, NULL);
494 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
495
496 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
497
498 wpas_wps_deinit(wpa_s);
499
500 wpabuf_free(wpa_s->pending_eapol_rx);
501 wpa_s->pending_eapol_rx = NULL;
502
503 #ifdef CONFIG_IBSS_RSN
504 ibss_rsn_deinit(wpa_s->ibss_rsn);
505 wpa_s->ibss_rsn = NULL;
506 #endif /* CONFIG_IBSS_RSN */
507
508 sme_deinit(wpa_s);
509
510 #ifdef CONFIG_AP
511 wpa_supplicant_ap_deinit(wpa_s);
512 #endif /* CONFIG_AP */
513
514 wpas_p2p_deinit(wpa_s);
515
516 #ifdef CONFIG_OFFCHANNEL
517 offchannel_deinit(wpa_s);
518 #endif /* CONFIG_OFFCHANNEL */
519
520 wpa_supplicant_cancel_sched_scan(wpa_s);
521
522 os_free(wpa_s->next_scan_freqs);
523 wpa_s->next_scan_freqs = NULL;
524
525 os_free(wpa_s->manual_scan_freqs);
526 wpa_s->manual_scan_freqs = NULL;
527
528 os_free(wpa_s->manual_sched_scan_freqs);
529 wpa_s->manual_sched_scan_freqs = NULL;
530
531 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
532
533 /*
534 * Need to remove any pending gas-query radio work before the
535 * gas_query_deinit() call because gas_query::work has not yet been set
536 * for works that have not been started. gas_query_free() will be unable
537 * to cancel such pending radio works and once the pending gas-query
538 * radio work eventually gets removed, the deinit notification call to
539 * gas_query_start_cb() would result in dereferencing freed memory.
540 */
541 if (wpa_s->radio)
542 radio_remove_works(wpa_s, "gas-query", 0);
543 gas_query_deinit(wpa_s->gas);
544 wpa_s->gas = NULL;
545
546 free_hw_features(wpa_s);
547
548 ieee802_1x_dealloc_kay_sm(wpa_s);
549
550 os_free(wpa_s->bssid_filter);
551 wpa_s->bssid_filter = NULL;
552
553 os_free(wpa_s->disallow_aps_bssid);
554 wpa_s->disallow_aps_bssid = NULL;
555 os_free(wpa_s->disallow_aps_ssid);
556 wpa_s->disallow_aps_ssid = NULL;
557
558 wnm_bss_keep_alive_deinit(wpa_s);
559 #ifdef CONFIG_WNM
560 wnm_deallocate_memory(wpa_s);
561 #endif /* CONFIG_WNM */
562
563 ext_password_deinit(wpa_s->ext_pw);
564 wpa_s->ext_pw = NULL;
565
566 wpabuf_free(wpa_s->last_gas_resp);
567 wpa_s->last_gas_resp = NULL;
568 wpabuf_free(wpa_s->prev_gas_resp);
569 wpa_s->prev_gas_resp = NULL;
570
571 os_free(wpa_s->last_scan_res);
572 wpa_s->last_scan_res = NULL;
573
574 #ifdef CONFIG_HS20
575 if (wpa_s->drv_priv)
576 wpa_drv_configure_frame_filters(wpa_s, 0);
577 hs20_deinit(wpa_s);
578 #endif /* CONFIG_HS20 */
579
580 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
581 wpabuf_free(wpa_s->vendor_elem[i]);
582 wpa_s->vendor_elem[i] = NULL;
583 }
584
585 wmm_ac_notify_disassoc(wpa_s);
586
587 wpa_s->sched_scan_plans_num = 0;
588 os_free(wpa_s->sched_scan_plans);
589 wpa_s->sched_scan_plans = NULL;
590
591 #ifdef CONFIG_MBO
592 wpa_s->non_pref_chan_num = 0;
593 os_free(wpa_s->non_pref_chan);
594 wpa_s->non_pref_chan = NULL;
595 #endif /* CONFIG_MBO */
596
597 free_bss_tmp_disallowed(wpa_s);
598
599 wpabuf_free(wpa_s->lci);
600 wpa_s->lci = NULL;
601 wpas_clear_beacon_rep_data(wpa_s);
602
603 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
604 #ifdef CONFIG_MESH
605 {
606 struct external_pmksa_cache *entry;
607
608 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
609 struct external_pmksa_cache,
610 list)) != NULL) {
611 dl_list_del(&entry->list);
612 os_free(entry->pmksa_cache);
613 os_free(entry);
614 }
615 }
616 #endif /* CONFIG_MESH */
617 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
618
619 wpas_flush_fils_hlp_req(wpa_s);
620 }
621
622
623 /**
624 * wpa_clear_keys - Clear keys configured for the driver
625 * @wpa_s: Pointer to wpa_supplicant data
626 * @addr: Previously used BSSID or %NULL if not available
627 *
628 * This function clears the encryption keys that has been previously configured
629 * for the driver.
630 */
631 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
632 {
633 int i, max;
634
635 #ifdef CONFIG_IEEE80211W
636 max = 6;
637 #else /* CONFIG_IEEE80211W */
638 max = 4;
639 #endif /* CONFIG_IEEE80211W */
640
641 /* MLME-DELETEKEYS.request */
642 for (i = 0; i < max; i++) {
643 if (wpa_s->keys_cleared & BIT(i))
644 continue;
645 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
646 NULL, 0);
647 }
648 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
649 !is_zero_ether_addr(addr)) {
650 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
651 0);
652 /* MLME-SETPROTECTION.request(None) */
653 wpa_drv_mlme_setprotection(
654 wpa_s, addr,
655 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
656 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
657 }
658 wpa_s->keys_cleared = (u32) -1;
659 }
660
661
662 /**
663 * wpa_supplicant_state_txt - Get the connection state name as a text string
664 * @state: State (wpa_state; WPA_*)
665 * Returns: The state name as a printable text string
666 */
667 const char * wpa_supplicant_state_txt(enum wpa_states state)
668 {
669 switch (state) {
670 case WPA_DISCONNECTED:
671 return "DISCONNECTED";
672 case WPA_INACTIVE:
673 return "INACTIVE";
674 case WPA_INTERFACE_DISABLED:
675 return "INTERFACE_DISABLED";
676 case WPA_SCANNING:
677 return "SCANNING";
678 case WPA_AUTHENTICATING:
679 return "AUTHENTICATING";
680 case WPA_ASSOCIATING:
681 return "ASSOCIATING";
682 case WPA_ASSOCIATED:
683 return "ASSOCIATED";
684 case WPA_4WAY_HANDSHAKE:
685 return "4WAY_HANDSHAKE";
686 case WPA_GROUP_HANDSHAKE:
687 return "GROUP_HANDSHAKE";
688 case WPA_COMPLETED:
689 return "COMPLETED";
690 default:
691 return "UNKNOWN";
692 }
693 }
694
695
696 #ifdef CONFIG_BGSCAN
697
698 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
699 {
700 const char *name;
701
702 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
703 name = wpa_s->current_ssid->bgscan;
704 else
705 name = wpa_s->conf->bgscan;
706 if (name == NULL || name[0] == '\0')
707 return;
708 if (wpas_driver_bss_selection(wpa_s))
709 return;
710 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
711 return;
712 #ifdef CONFIG_P2P
713 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
714 return;
715 #endif /* CONFIG_P2P */
716
717 bgscan_deinit(wpa_s);
718 if (wpa_s->current_ssid) {
719 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
720 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
721 "bgscan");
722 /*
723 * Live without bgscan; it is only used as a roaming
724 * optimization, so the initial connection is not
725 * affected.
726 */
727 } else {
728 struct wpa_scan_results *scan_res;
729 wpa_s->bgscan_ssid = wpa_s->current_ssid;
730 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
731 0);
732 if (scan_res) {
733 bgscan_notify_scan(wpa_s, scan_res);
734 wpa_scan_results_free(scan_res);
735 }
736 }
737 } else
738 wpa_s->bgscan_ssid = NULL;
739 }
740
741
742 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
743 {
744 if (wpa_s->bgscan_ssid != NULL) {
745 bgscan_deinit(wpa_s);
746 wpa_s->bgscan_ssid = NULL;
747 }
748 }
749
750 #endif /* CONFIG_BGSCAN */
751
752
753 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
754 {
755 if (autoscan_init(wpa_s, 0))
756 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
757 }
758
759
760 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
761 {
762 autoscan_deinit(wpa_s);
763 }
764
765
766 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
767 {
768 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
769 wpa_s->wpa_state == WPA_SCANNING) {
770 autoscan_deinit(wpa_s);
771 wpa_supplicant_start_autoscan(wpa_s);
772 }
773 }
774
775
776 /**
777 * wpa_supplicant_set_state - Set current connection state
778 * @wpa_s: Pointer to wpa_supplicant data
779 * @state: The new connection state
780 *
781 * This function is called whenever the connection state changes, e.g.,
782 * association is completed for WPA/WPA2 4-Way Handshake is started.
783 */
784 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
785 enum wpa_states state)
786 {
787 enum wpa_states old_state = wpa_s->wpa_state;
788
789 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
790 wpa_supplicant_state_txt(wpa_s->wpa_state),
791 wpa_supplicant_state_txt(state));
792
793 if (state == WPA_INTERFACE_DISABLED) {
794 /* Assure normal scan when interface is restored */
795 wpa_s->normal_scans = 0;
796 }
797
798 if (state == WPA_COMPLETED) {
799 wpas_connect_work_done(wpa_s);
800 /* Reinitialize normal_scan counter */
801 wpa_s->normal_scans = 0;
802 }
803
804 #ifdef CONFIG_P2P
805 /*
806 * P2PS client has to reply to Probe Request frames received on the
807 * group operating channel. Enable Probe Request frame reporting for
808 * P2P connected client in case p2p_cli_probe configuration property is
809 * set to 1.
810 */
811 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
812 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
813 wpa_s->current_ssid->p2p_group) {
814 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
815 wpa_dbg(wpa_s, MSG_DEBUG,
816 "P2P: Enable CLI Probe Request RX reporting");
817 wpa_s->p2p_cli_probe =
818 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
819 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
820 wpa_dbg(wpa_s, MSG_DEBUG,
821 "P2P: Disable CLI Probe Request RX reporting");
822 wpa_s->p2p_cli_probe = 0;
823 wpa_drv_probe_req_report(wpa_s, 0);
824 }
825 }
826 #endif /* CONFIG_P2P */
827
828 if (state != WPA_SCANNING)
829 wpa_supplicant_notify_scanning(wpa_s, 0);
830
831 if (state == WPA_COMPLETED && wpa_s->new_connection) {
832 struct wpa_ssid *ssid = wpa_s->current_ssid;
833 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
834 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
835 MACSTR " completed [id=%d id_str=%s]",
836 MAC2STR(wpa_s->bssid),
837 ssid ? ssid->id : -1,
838 ssid && ssid->id_str ? ssid->id_str : "");
839 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
840 wpas_clear_temp_disabled(wpa_s, ssid, 1);
841 wpa_blacklist_clear(wpa_s);
842 wpa_s->extra_blacklist_count = 0;
843 wpa_s->new_connection = 0;
844 wpa_drv_set_operstate(wpa_s, 1);
845 #ifndef IEEE8021X_EAPOL
846 wpa_drv_set_supp_port(wpa_s, 1);
847 #endif /* IEEE8021X_EAPOL */
848 wpa_s->after_wps = 0;
849 wpa_s->known_wps_freq = 0;
850 wpas_p2p_completed(wpa_s);
851
852 sme_sched_obss_scan(wpa_s, 1);
853 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
854 state == WPA_ASSOCIATED) {
855 wpa_s->new_connection = 1;
856 wpa_drv_set_operstate(wpa_s, 0);
857 #ifndef IEEE8021X_EAPOL
858 wpa_drv_set_supp_port(wpa_s, 0);
859 #endif /* IEEE8021X_EAPOL */
860 sme_sched_obss_scan(wpa_s, 0);
861 }
862 wpa_s->wpa_state = state;
863
864 #ifdef CONFIG_BGSCAN
865 if (state == WPA_COMPLETED)
866 wpa_supplicant_start_bgscan(wpa_s);
867 else if (state < WPA_ASSOCIATED)
868 wpa_supplicant_stop_bgscan(wpa_s);
869 #endif /* CONFIG_BGSCAN */
870
871 if (state == WPA_AUTHENTICATING)
872 wpa_supplicant_stop_autoscan(wpa_s);
873
874 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
875 wpa_supplicant_start_autoscan(wpa_s);
876
877 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
878 wmm_ac_notify_disassoc(wpa_s);
879
880 if (wpa_s->wpa_state != old_state) {
881 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
882
883 /*
884 * Notify the P2P Device interface about a state change in one
885 * of the interfaces.
886 */
887 wpas_p2p_indicate_state_change(wpa_s);
888
889 if (wpa_s->wpa_state == WPA_COMPLETED ||
890 old_state == WPA_COMPLETED)
891 wpas_notify_auth_changed(wpa_s);
892 }
893 }
894
895
896 void wpa_supplicant_terminate_proc(struct wpa_global *global)
897 {
898 int pending = 0;
899 #ifdef CONFIG_WPS
900 struct wpa_supplicant *wpa_s = global->ifaces;
901 while (wpa_s) {
902 struct wpa_supplicant *next = wpa_s->next;
903 if (wpas_wps_terminate_pending(wpa_s) == 1)
904 pending = 1;
905 #ifdef CONFIG_P2P
906 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
907 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
908 wpas_p2p_disconnect(wpa_s);
909 #endif /* CONFIG_P2P */
910 wpa_s = next;
911 }
912 #endif /* CONFIG_WPS */
913 if (pending)
914 return;
915 eloop_terminate();
916 }
917
918
919 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
920 {
921 struct wpa_global *global = signal_ctx;
922 wpa_supplicant_terminate_proc(global);
923 }
924
925
926 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
927 {
928 enum wpa_states old_state = wpa_s->wpa_state;
929
930 wpa_s->pairwise_cipher = 0;
931 wpa_s->group_cipher = 0;
932 wpa_s->mgmt_group_cipher = 0;
933 wpa_s->key_mgmt = 0;
934 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
935 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
936
937 if (wpa_s->wpa_state != old_state)
938 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
939 }
940
941
942 /**
943 * wpa_supplicant_reload_configuration - Reload configuration data
944 * @wpa_s: Pointer to wpa_supplicant data
945 * Returns: 0 on success or -1 if configuration parsing failed
946 *
947 * This function can be used to request that the configuration data is reloaded
948 * (e.g., after configuration file change). This function is reloading
949 * configuration only for one interface, so this may need to be called multiple
950 * times if %wpa_supplicant is controlling multiple interfaces and all
951 * interfaces need reconfiguration.
952 */
953 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
954 {
955 struct wpa_config *conf;
956 int reconf_ctrl;
957 int old_ap_scan;
958
959 if (wpa_s->confname == NULL)
960 return -1;
961 conf = wpa_config_read(wpa_s->confname, NULL);
962 if (conf == NULL) {
963 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
964 "file '%s' - exiting", wpa_s->confname);
965 return -1;
966 }
967 wpa_config_read(wpa_s->confanother, conf);
968
969 conf->changed_parameters = (unsigned int) -1;
970
971 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
972 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
973 os_strcmp(conf->ctrl_interface,
974 wpa_s->conf->ctrl_interface) != 0);
975
976 if (reconf_ctrl && wpa_s->ctrl_iface) {
977 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
978 wpa_s->ctrl_iface = NULL;
979 }
980
981 eapol_sm_invalidate_cached_session(wpa_s->eapol);
982 if (wpa_s->current_ssid) {
983 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
984 wpa_s->own_disconnect_req = 1;
985 wpa_supplicant_deauthenticate(wpa_s,
986 WLAN_REASON_DEAUTH_LEAVING);
987 }
988
989 /*
990 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
991 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
992 */
993 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
994 /*
995 * Clear forced success to clear EAP state for next
996 * authentication.
997 */
998 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
999 }
1000 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1001 wpa_sm_set_config(wpa_s->wpa, NULL);
1002 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1003 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1004 rsn_preauth_deinit(wpa_s->wpa);
1005
1006 old_ap_scan = wpa_s->conf->ap_scan;
1007 wpa_config_free(wpa_s->conf);
1008 wpa_s->conf = conf;
1009 if (old_ap_scan != wpa_s->conf->ap_scan)
1010 wpas_notify_ap_scan_changed(wpa_s);
1011
1012 if (reconf_ctrl)
1013 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1014
1015 wpa_supplicant_update_config(wpa_s);
1016
1017 wpa_supplicant_clear_status(wpa_s);
1018 if (wpa_supplicant_enabled_networks(wpa_s)) {
1019 wpa_s->reassociate = 1;
1020 wpa_supplicant_req_scan(wpa_s, 0, 0);
1021 }
1022 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1023 return 0;
1024 }
1025
1026
1027 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1028 {
1029 struct wpa_global *global = signal_ctx;
1030 struct wpa_supplicant *wpa_s;
1031 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1032 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1033 sig);
1034 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1035 wpa_supplicant_terminate_proc(global);
1036 }
1037 }
1038
1039 if (wpa_debug_reopen_file() < 0) {
1040 /* Ignore errors since we cannot really do much to fix this */
1041 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1042 }
1043 }
1044
1045
1046 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1047 struct wpa_ssid *ssid,
1048 struct wpa_ie_data *ie)
1049 {
1050 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1051 if (ret) {
1052 if (ret == -2) {
1053 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1054 "from association info");
1055 }
1056 return -1;
1057 }
1058
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1060 "cipher suites");
1061 if (!(ie->group_cipher & ssid->group_cipher)) {
1062 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1063 "cipher 0x%x (mask 0x%x) - reject",
1064 ie->group_cipher, ssid->group_cipher);
1065 return -1;
1066 }
1067 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1068 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1069 "cipher 0x%x (mask 0x%x) - reject",
1070 ie->pairwise_cipher, ssid->pairwise_cipher);
1071 return -1;
1072 }
1073 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1074 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1075 "management 0x%x (mask 0x%x) - reject",
1076 ie->key_mgmt, ssid->key_mgmt);
1077 return -1;
1078 }
1079
1080 #ifdef CONFIG_IEEE80211W
1081 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1082 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1083 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1084 "that does not support management frame protection - "
1085 "reject");
1086 return -1;
1087 }
1088 #endif /* CONFIG_IEEE80211W */
1089
1090 return 0;
1091 }
1092
1093
1094 /**
1095 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1096 * @wpa_s: Pointer to wpa_supplicant data
1097 * @bss: Scan results for the selected BSS, or %NULL if not available
1098 * @ssid: Configuration data for the selected network
1099 * @wpa_ie: Buffer for the WPA/RSN IE
1100 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1101 * used buffer length in case the functions returns success.
1102 * Returns: 0 on success or -1 on failure
1103 *
1104 * This function is used to configure authentication and encryption parameters
1105 * based on the network configuration and scan result for the selected BSS (if
1106 * available).
1107 */
1108 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1109 struct wpa_bss *bss, struct wpa_ssid *ssid,
1110 u8 *wpa_ie, size_t *wpa_ie_len)
1111 {
1112 struct wpa_ie_data ie;
1113 int sel, proto;
1114 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1115
1116 if (bss) {
1117 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1118 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1119 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1120 } else
1121 bss_wpa = bss_rsn = bss_osen = NULL;
1122
1123 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1124 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1125 (ie.group_cipher & ssid->group_cipher) &&
1126 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1127 (ie.key_mgmt & ssid->key_mgmt)) {
1128 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1129 proto = WPA_PROTO_RSN;
1130 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1131 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1132 (ie.group_cipher & ssid->group_cipher) &&
1133 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1134 (ie.key_mgmt & ssid->key_mgmt)) {
1135 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1136 proto = WPA_PROTO_WPA;
1137 #ifdef CONFIG_HS20
1138 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1139 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1140 /* TODO: parse OSEN element */
1141 os_memset(&ie, 0, sizeof(ie));
1142 ie.group_cipher = WPA_CIPHER_CCMP;
1143 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1144 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1145 proto = WPA_PROTO_OSEN;
1146 #endif /* CONFIG_HS20 */
1147 } else if (bss) {
1148 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1149 wpa_dbg(wpa_s, MSG_DEBUG,
1150 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1151 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1152 ssid->key_mgmt);
1153 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1154 MAC2STR(bss->bssid),
1155 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1156 bss_wpa ? " WPA" : "",
1157 bss_rsn ? " RSN" : "",
1158 bss_osen ? " OSEN" : "");
1159 if (bss_rsn) {
1160 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1161 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1162 wpa_dbg(wpa_s, MSG_DEBUG,
1163 "Could not parse RSN element");
1164 } else {
1165 wpa_dbg(wpa_s, MSG_DEBUG,
1166 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1167 ie.pairwise_cipher, ie.group_cipher,
1168 ie.key_mgmt);
1169 }
1170 }
1171 if (bss_wpa) {
1172 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1173 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1174 wpa_dbg(wpa_s, MSG_DEBUG,
1175 "Could not parse WPA element");
1176 } else {
1177 wpa_dbg(wpa_s, MSG_DEBUG,
1178 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1179 ie.pairwise_cipher, ie.group_cipher,
1180 ie.key_mgmt);
1181 }
1182 }
1183 return -1;
1184 } else {
1185 if (ssid->proto & WPA_PROTO_OSEN)
1186 proto = WPA_PROTO_OSEN;
1187 else if (ssid->proto & WPA_PROTO_RSN)
1188 proto = WPA_PROTO_RSN;
1189 else
1190 proto = WPA_PROTO_WPA;
1191 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1192 os_memset(&ie, 0, sizeof(ie));
1193 ie.group_cipher = ssid->group_cipher;
1194 ie.pairwise_cipher = ssid->pairwise_cipher;
1195 ie.key_mgmt = ssid->key_mgmt;
1196 #ifdef CONFIG_IEEE80211W
1197 ie.mgmt_group_cipher =
1198 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1199 WPA_CIPHER_AES_128_CMAC : 0;
1200 #endif /* CONFIG_IEEE80211W */
1201 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1202 "based on configuration");
1203 } else
1204 proto = ie.proto;
1205 }
1206
1207 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1208 "pairwise %d key_mgmt %d proto %d",
1209 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1210 #ifdef CONFIG_IEEE80211W
1211 if (ssid->ieee80211w) {
1212 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1213 ie.mgmt_group_cipher);
1214 }
1215 #endif /* CONFIG_IEEE80211W */
1216
1217 wpa_s->wpa_proto = proto;
1218 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1219 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1220 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1221
1222 if (bss || !wpa_s->ap_ies_from_associnfo) {
1223 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1224 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1225 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1226 bss_rsn ? 2 + bss_rsn[1] : 0))
1227 return -1;
1228 }
1229
1230 #ifdef CONFIG_NO_WPA
1231 wpa_s->group_cipher = WPA_CIPHER_NONE;
1232 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1233 #else /* CONFIG_NO_WPA */
1234 sel = ie.group_cipher & ssid->group_cipher;
1235 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1236 if (wpa_s->group_cipher < 0) {
1237 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1238 "cipher");
1239 return -1;
1240 }
1241 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1242 wpa_cipher_txt(wpa_s->group_cipher));
1243
1244 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1245 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1246 if (wpa_s->pairwise_cipher < 0) {
1247 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1248 "cipher");
1249 return -1;
1250 }
1251 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1252 wpa_cipher_txt(wpa_s->pairwise_cipher));
1253 #endif /* CONFIG_NO_WPA */
1254
1255 sel = ie.key_mgmt & ssid->key_mgmt;
1256 #ifdef CONFIG_SAE
1257 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1258 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1259 #endif /* CONFIG_SAE */
1260 if (0) {
1261 #ifdef CONFIG_SUITEB192
1262 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1263 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1264 wpa_dbg(wpa_s, MSG_DEBUG,
1265 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1266 #endif /* CONFIG_SUITEB192 */
1267 #ifdef CONFIG_SUITEB
1268 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1269 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1270 wpa_dbg(wpa_s, MSG_DEBUG,
1271 "WPA: using KEY_MGMT 802.1X with Suite B");
1272 #endif /* CONFIG_SUITEB */
1273 #ifdef CONFIG_FILS
1274 #ifdef CONFIG_IEEE80211R
1275 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1276 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1277 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1278 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1279 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1280 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1281 #endif /* CONFIG_IEEE80211R */
1282 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1283 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1284 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1285 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1286 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1287 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1288 #endif /* CONFIG_FILS */
1289 #ifdef CONFIG_IEEE80211R
1290 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1291 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1292 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1293 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1294 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1295 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1296 #endif /* CONFIG_IEEE80211R */
1297 #ifdef CONFIG_SAE
1298 } else if (sel & WPA_KEY_MGMT_SAE) {
1299 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1300 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1301 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1302 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1303 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1304 #endif /* CONFIG_SAE */
1305 #ifdef CONFIG_IEEE80211W
1306 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1307 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1308 wpa_dbg(wpa_s, MSG_DEBUG,
1309 "WPA: using KEY_MGMT 802.1X with SHA256");
1310 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1311 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1312 wpa_dbg(wpa_s, MSG_DEBUG,
1313 "WPA: using KEY_MGMT PSK with SHA256");
1314 #endif /* CONFIG_IEEE80211W */
1315 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1316 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1317 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1318 } else if (sel & WPA_KEY_MGMT_PSK) {
1319 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1320 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1321 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1322 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1323 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1324 #ifdef CONFIG_HS20
1325 } else if (sel & WPA_KEY_MGMT_OSEN) {
1326 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1327 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1328 #endif /* CONFIG_HS20 */
1329 } else {
1330 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1331 "authenticated key management type");
1332 return -1;
1333 }
1334
1335 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1336 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1337 wpa_s->pairwise_cipher);
1338 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1339
1340 #ifdef CONFIG_IEEE80211W
1341 sel = ie.mgmt_group_cipher;
1342 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1343 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1344 sel = 0;
1345 if (sel & WPA_CIPHER_AES_128_CMAC) {
1346 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1347 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1348 "AES-128-CMAC");
1349 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1350 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1351 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1352 "BIP-GMAC-128");
1353 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1354 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1355 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1356 "BIP-GMAC-256");
1357 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1358 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1359 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1360 "BIP-CMAC-256");
1361 } else {
1362 wpa_s->mgmt_group_cipher = 0;
1363 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1364 }
1365 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1366 wpa_s->mgmt_group_cipher);
1367 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1368 wpas_get_ssid_pmf(wpa_s, ssid));
1369 #endif /* CONFIG_IEEE80211W */
1370
1371 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1372 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1373 return -1;
1374 }
1375
1376 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1377 int psk_set = 0;
1378
1379 if (ssid->psk_set) {
1380 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1381 NULL);
1382 psk_set = 1;
1383 }
1384 #ifndef CONFIG_NO_PBKDF2
1385 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1386 ssid->passphrase) {
1387 u8 psk[PMK_LEN];
1388 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1389 4096, psk, PMK_LEN);
1390 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1391 psk, PMK_LEN);
1392 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1393 psk_set = 1;
1394 os_memset(psk, 0, sizeof(psk));
1395 }
1396 #endif /* CONFIG_NO_PBKDF2 */
1397 #ifdef CONFIG_EXT_PASSWORD
1398 if (ssid->ext_psk) {
1399 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1400 ssid->ext_psk);
1401 char pw_str[64 + 1];
1402 u8 psk[PMK_LEN];
1403
1404 if (pw == NULL) {
1405 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1406 "found from external storage");
1407 return -1;
1408 }
1409
1410 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1411 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1412 "PSK length %d in external storage",
1413 (int) wpabuf_len(pw));
1414 ext_password_free(pw);
1415 return -1;
1416 }
1417
1418 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1419 pw_str[wpabuf_len(pw)] = '\0';
1420
1421 #ifndef CONFIG_NO_PBKDF2
1422 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1423 {
1424 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1425 4096, psk, PMK_LEN);
1426 os_memset(pw_str, 0, sizeof(pw_str));
1427 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1428 "external passphrase)",
1429 psk, PMK_LEN);
1430 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1431 NULL);
1432 psk_set = 1;
1433 os_memset(psk, 0, sizeof(psk));
1434 } else
1435 #endif /* CONFIG_NO_PBKDF2 */
1436 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1437 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1438 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1439 "Invalid PSK hex string");
1440 os_memset(pw_str, 0, sizeof(pw_str));
1441 ext_password_free(pw);
1442 return -1;
1443 }
1444 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1445 NULL);
1446 psk_set = 1;
1447 os_memset(psk, 0, sizeof(psk));
1448 } else {
1449 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1450 "PSK available");
1451 os_memset(pw_str, 0, sizeof(pw_str));
1452 ext_password_free(pw);
1453 return -1;
1454 }
1455
1456 os_memset(pw_str, 0, sizeof(pw_str));
1457 ext_password_free(pw);
1458 }
1459 #endif /* CONFIG_EXT_PASSWORD */
1460
1461 if (!psk_set) {
1462 wpa_msg(wpa_s, MSG_INFO,
1463 "No PSK available for association");
1464 return -1;
1465 }
1466 } else
1467 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1468
1469 return 0;
1470 }
1471
1472
1473 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1474 {
1475 *pos = 0x00;
1476
1477 switch (idx) {
1478 case 0: /* Bits 0-7 */
1479 break;
1480 case 1: /* Bits 8-15 */
1481 break;
1482 case 2: /* Bits 16-23 */
1483 #ifdef CONFIG_WNM
1484 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1485 *pos |= 0x08; /* Bit 19 - BSS Transition */
1486 #endif /* CONFIG_WNM */
1487 break;
1488 case 3: /* Bits 24-31 */
1489 #ifdef CONFIG_WNM
1490 *pos |= 0x02; /* Bit 25 - SSID List */
1491 #endif /* CONFIG_WNM */
1492 #ifdef CONFIG_INTERWORKING
1493 if (wpa_s->conf->interworking)
1494 *pos |= 0x80; /* Bit 31 - Interworking */
1495 #endif /* CONFIG_INTERWORKING */
1496 break;
1497 case 4: /* Bits 32-39 */
1498 #ifdef CONFIG_INTERWORKING
1499 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1500 *pos |= 0x01; /* Bit 32 - QoS Map */
1501 #endif /* CONFIG_INTERWORKING */
1502 break;
1503 case 5: /* Bits 40-47 */
1504 #ifdef CONFIG_HS20
1505 if (wpa_s->conf->hs20)
1506 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1507 #endif /* CONFIG_HS20 */
1508 #ifdef CONFIG_MBO
1509 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1510 #endif /* CONFIG_MBO */
1511 break;
1512 case 6: /* Bits 48-55 */
1513 break;
1514 case 7: /* Bits 56-63 */
1515 break;
1516 case 8: /* Bits 64-71 */
1517 if (wpa_s->conf->ftm_responder)
1518 *pos |= 0x40; /* Bit 70 - FTM responder */
1519 if (wpa_s->conf->ftm_initiator)
1520 *pos |= 0x80; /* Bit 71 - FTM initiator */
1521 break;
1522 case 9: /* Bits 72-79 */
1523 #ifdef CONFIG_FILS
1524 *pos |= 0x01;
1525 #endif /* CONFIG_FILS */
1526 break;
1527 }
1528 }
1529
1530
1531 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1532 {
1533 u8 *pos = buf;
1534 u8 len = 10, i;
1535
1536 if (len < wpa_s->extended_capa_len)
1537 len = wpa_s->extended_capa_len;
1538 if (buflen < (size_t) len + 2) {
1539 wpa_printf(MSG_INFO,
1540 "Not enough room for building extended capabilities element");
1541 return -1;
1542 }
1543
1544 *pos++ = WLAN_EID_EXT_CAPAB;
1545 *pos++ = len;
1546 for (i = 0; i < len; i++, pos++) {
1547 wpas_ext_capab_byte(wpa_s, pos, i);
1548
1549 if (i < wpa_s->extended_capa_len) {
1550 *pos &= ~wpa_s->extended_capa_mask[i];
1551 *pos |= wpa_s->extended_capa[i];
1552 }
1553 }
1554
1555 while (len > 0 && buf[1 + len] == 0) {
1556 len--;
1557 buf[1] = len;
1558 }
1559 if (len == 0)
1560 return 0;
1561
1562 return 2 + len;
1563 }
1564
1565
1566 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1567 struct wpa_bss *test_bss)
1568 {
1569 struct wpa_bss *bss;
1570
1571 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1572 if (bss == test_bss)
1573 return 1;
1574 }
1575
1576 return 0;
1577 }
1578
1579
1580 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1581 struct wpa_ssid *test_ssid)
1582 {
1583 struct wpa_ssid *ssid;
1584
1585 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1586 if (ssid == test_ssid)
1587 return 1;
1588 }
1589
1590 return 0;
1591 }
1592
1593
1594 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1595 struct wpa_ssid *test_ssid)
1596 {
1597 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1598 return 0;
1599
1600 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1601 }
1602
1603
1604 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1605 {
1606 if (cwork == NULL)
1607 return;
1608 os_free(cwork);
1609 }
1610
1611
1612 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1613 {
1614 struct wpa_connect_work *cwork;
1615 struct wpa_radio_work *work = wpa_s->connect_work;
1616
1617 if (!work)
1618 return;
1619
1620 wpa_s->connect_work = NULL;
1621 cwork = work->ctx;
1622 work->ctx = NULL;
1623 wpas_connect_work_free(cwork);
1624 radio_work_done(work);
1625 }
1626
1627
1628 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1629 {
1630 struct os_reltime now;
1631 u8 addr[ETH_ALEN];
1632
1633 os_get_reltime(&now);
1634 if (wpa_s->last_mac_addr_style == style &&
1635 wpa_s->last_mac_addr_change.sec != 0 &&
1636 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1637 wpa_s->conf->rand_addr_lifetime)) {
1638 wpa_msg(wpa_s, MSG_DEBUG,
1639 "Previously selected random MAC address has not yet expired");
1640 return 0;
1641 }
1642
1643 switch (style) {
1644 case 1:
1645 if (random_mac_addr(addr) < 0)
1646 return -1;
1647 break;
1648 case 2:
1649 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1650 if (random_mac_addr_keep_oui(addr) < 0)
1651 return -1;
1652 break;
1653 default:
1654 return -1;
1655 }
1656
1657 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1658 wpa_msg(wpa_s, MSG_INFO,
1659 "Failed to set random MAC address");
1660 return -1;
1661 }
1662
1663 os_get_reltime(&wpa_s->last_mac_addr_change);
1664 wpa_s->mac_addr_changed = 1;
1665 wpa_s->last_mac_addr_style = style;
1666
1667 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1668 wpa_msg(wpa_s, MSG_INFO,
1669 "Could not update MAC address information");
1670 return -1;
1671 }
1672
1673 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1674 MAC2STR(addr));
1675
1676 return 0;
1677 }
1678
1679
1680 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1681 {
1682 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1683 !wpa_s->conf->preassoc_mac_addr)
1684 return 0;
1685
1686 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1687 }
1688
1689
1690 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1691
1692 /**
1693 * wpa_supplicant_associate - Request association
1694 * @wpa_s: Pointer to wpa_supplicant data
1695 * @bss: Scan results for the selected BSS, or %NULL if not available
1696 * @ssid: Configuration data for the selected network
1697 *
1698 * This function is used to request %wpa_supplicant to associate with a BSS.
1699 */
1700 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1701 struct wpa_bss *bss, struct wpa_ssid *ssid)
1702 {
1703 struct wpa_connect_work *cwork;
1704 int rand_style;
1705
1706 wpa_s->own_disconnect_req = 0;
1707
1708 /*
1709 * If we are starting a new connection, any previously pending EAPOL
1710 * RX cannot be valid anymore.
1711 */
1712 wpabuf_free(wpa_s->pending_eapol_rx);
1713 wpa_s->pending_eapol_rx = NULL;
1714
1715 if (ssid->mac_addr == -1)
1716 rand_style = wpa_s->conf->mac_addr;
1717 else
1718 rand_style = ssid->mac_addr;
1719
1720 wmm_ac_clear_saved_tspecs(wpa_s);
1721 wpa_s->reassoc_same_bss = 0;
1722 wpa_s->reassoc_same_ess = 0;
1723
1724 if (wpa_s->last_ssid == ssid) {
1725 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1726 wpa_s->reassoc_same_ess = 1;
1727 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1728 wmm_ac_save_tspecs(wpa_s);
1729 wpa_s->reassoc_same_bss = 1;
1730 }
1731 }
1732
1733 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
1734 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1735 return;
1736 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1737 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
1738 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1739 wpa_msg(wpa_s, MSG_INFO,
1740 "Could not restore permanent MAC address");
1741 return;
1742 }
1743 wpa_s->mac_addr_changed = 0;
1744 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1745 wpa_msg(wpa_s, MSG_INFO,
1746 "Could not update MAC address information");
1747 return;
1748 }
1749 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1750 }
1751 wpa_s->last_ssid = ssid;
1752
1753 #ifdef CONFIG_IBSS_RSN
1754 ibss_rsn_deinit(wpa_s->ibss_rsn);
1755 wpa_s->ibss_rsn = NULL;
1756 #else /* CONFIG_IBSS_RSN */
1757 if (ssid->mode == WPAS_MODE_IBSS &&
1758 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1759 wpa_msg(wpa_s, MSG_INFO,
1760 "IBSS RSN not supported in the build");
1761 return;
1762 }
1763 #endif /* CONFIG_IBSS_RSN */
1764
1765 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1766 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1767 #ifdef CONFIG_AP
1768 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1769 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1770 "mode");
1771 return;
1772 }
1773 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1774 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1775 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1776 wpas_p2p_ap_setup_failed(wpa_s);
1777 return;
1778 }
1779 wpa_s->current_bss = bss;
1780 #else /* CONFIG_AP */
1781 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1782 "the build");
1783 #endif /* CONFIG_AP */
1784 return;
1785 }
1786
1787 if (ssid->mode == WPAS_MODE_MESH) {
1788 #ifdef CONFIG_MESH
1789 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1790 wpa_msg(wpa_s, MSG_INFO,
1791 "Driver does not support mesh mode");
1792 return;
1793 }
1794 if (bss)
1795 ssid->frequency = bss->freq;
1796 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1797 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1798 return;
1799 }
1800 wpa_s->current_bss = bss;
1801 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1802 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1803 ssid->id);
1804 #else /* CONFIG_MESH */
1805 wpa_msg(wpa_s, MSG_ERROR,
1806 "mesh mode support not included in the build");
1807 #endif /* CONFIG_MESH */
1808 return;
1809 }
1810
1811 #ifdef CONFIG_TDLS
1812 if (bss)
1813 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1814 bss->ie_len);
1815 #endif /* CONFIG_TDLS */
1816
1817 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1818 ssid->mode == IEEE80211_MODE_INFRA) {
1819 sme_authenticate(wpa_s, bss, ssid);
1820 return;
1821 }
1822
1823 if (wpa_s->connect_work) {
1824 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1825 return;
1826 }
1827
1828 if (radio_work_pending(wpa_s, "connect")) {
1829 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1830 return;
1831 }
1832
1833 #ifdef CONFIG_SME
1834 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
1835 /* Clear possibly set auth_alg, if any, from last attempt. */
1836 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
1837 }
1838 #endif /* CONFIG_SME */
1839
1840 wpas_abort_ongoing_scan(wpa_s);
1841
1842 cwork = os_zalloc(sizeof(*cwork));
1843 if (cwork == NULL)
1844 return;
1845
1846 cwork->bss = bss;
1847 cwork->ssid = ssid;
1848
1849 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1850 wpas_start_assoc_cb, cwork) < 0) {
1851 os_free(cwork);
1852 }
1853 }
1854
1855
1856 static int bss_is_ibss(struct wpa_bss *bss)
1857 {
1858 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1859 IEEE80211_CAP_IBSS;
1860 }
1861
1862
1863 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1864 const struct wpa_ssid *ssid)
1865 {
1866 enum hostapd_hw_mode hw_mode;
1867 struct hostapd_hw_modes *mode = NULL;
1868 u8 channel;
1869 int i;
1870
1871 #ifdef CONFIG_HT_OVERRIDES
1872 if (ssid->disable_ht)
1873 return 0;
1874 #endif /* CONFIG_HT_OVERRIDES */
1875
1876 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1877 if (hw_mode == NUM_HOSTAPD_MODES)
1878 return 0;
1879 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1880 if (wpa_s->hw.modes[i].mode == hw_mode) {
1881 mode = &wpa_s->hw.modes[i];
1882 break;
1883 }
1884 }
1885
1886 if (!mode)
1887 return 0;
1888
1889 return mode->vht_capab != 0;
1890 }
1891
1892
1893 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1894 const struct wpa_ssid *ssid,
1895 struct hostapd_freq_params *freq)
1896 {
1897 enum hostapd_hw_mode hw_mode;
1898 struct hostapd_hw_modes *mode = NULL;
1899 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1900 184, 192 };
1901 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1902 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1903 u8 channel;
1904 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1905 unsigned int j, k;
1906 struct hostapd_freq_params vht_freq;
1907 int chwidth, seg0, seg1;
1908 u32 vht_caps = 0;
1909
1910 freq->freq = ssid->frequency;
1911
1912 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1913 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1914
1915 if (ssid->mode != WPAS_MODE_IBSS)
1916 break;
1917
1918 /* Don't adjust control freq in case of fixed_freq */
1919 if (ssid->fixed_freq)
1920 break;
1921
1922 if (!bss_is_ibss(bss))
1923 continue;
1924
1925 if (ssid->ssid_len == bss->ssid_len &&
1926 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1927 wpa_printf(MSG_DEBUG,
1928 "IBSS already found in scan results, adjust control freq: %d",
1929 bss->freq);
1930 freq->freq = bss->freq;
1931 obss_scan = 0;
1932 break;
1933 }
1934 }
1935
1936 /* For IBSS check HT_IBSS flag */
1937 if (ssid->mode == WPAS_MODE_IBSS &&
1938 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1939 return;
1940
1941 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1942 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1943 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1944 wpa_printf(MSG_DEBUG,
1945 "IBSS: WEP/TKIP detected, do not try to enable HT");
1946 return;
1947 }
1948
1949 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1950 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1951 if (wpa_s->hw.modes[i].mode == hw_mode) {
1952 mode = &wpa_s->hw.modes[i];
1953 break;
1954 }
1955 }
1956
1957 if (!mode)
1958 return;
1959
1960 #ifdef CONFIG_HT_OVERRIDES
1961 if (ssid->disable_ht) {
1962 freq->ht_enabled = 0;
1963 return;
1964 }
1965 #endif /* CONFIG_HT_OVERRIDES */
1966
1967 freq->ht_enabled = ht_supported(mode);
1968 if (!freq->ht_enabled)
1969 return;
1970
1971 /* Setup higher BW only for 5 GHz */
1972 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1973 return;
1974
1975 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1976 pri_chan = &mode->channels[chan_idx];
1977 if (pri_chan->chan == channel)
1978 break;
1979 pri_chan = NULL;
1980 }
1981 if (!pri_chan)
1982 return;
1983
1984 /* Check primary channel flags */
1985 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1986 return;
1987
1988 #ifdef CONFIG_HT_OVERRIDES
1989 if (ssid->disable_ht40)
1990 return;
1991 #endif /* CONFIG_HT_OVERRIDES */
1992
1993 /* Check/setup HT40+/HT40- */
1994 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1995 if (ht40plus[j] == channel) {
1996 ht40 = 1;
1997 break;
1998 }
1999 }
2000
2001 /* Find secondary channel */
2002 for (i = 0; i < mode->num_channels; i++) {
2003 sec_chan = &mode->channels[i];
2004 if (sec_chan->chan == channel + ht40 * 4)
2005 break;
2006 sec_chan = NULL;
2007 }
2008 if (!sec_chan)
2009 return;
2010
2011 /* Check secondary channel flags */
2012 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2013 return;
2014
2015 freq->channel = pri_chan->chan;
2016
2017 if (ht40 == -1) {
2018 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2019 return;
2020 } else {
2021 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2022 return;
2023 }
2024 freq->sec_channel_offset = ht40;
2025
2026 if (obss_scan) {
2027 struct wpa_scan_results *scan_res;
2028
2029 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2030 if (scan_res == NULL) {
2031 /* Back to HT20 */
2032 freq->sec_channel_offset = 0;
2033 return;
2034 }
2035
2036 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2037 sec_chan->chan);
2038 switch (res) {
2039 case 0:
2040 /* Back to HT20 */
2041 freq->sec_channel_offset = 0;
2042 break;
2043 case 1:
2044 /* Configuration allowed */
2045 break;
2046 case 2:
2047 /* Switch pri/sec channels */
2048 freq->freq = hw_get_freq(mode, sec_chan->chan);
2049 freq->sec_channel_offset = -freq->sec_channel_offset;
2050 freq->channel = sec_chan->chan;
2051 break;
2052 default:
2053 freq->sec_channel_offset = 0;
2054 break;
2055 }
2056
2057 wpa_scan_results_free(scan_res);
2058 }
2059
2060 wpa_printf(MSG_DEBUG,
2061 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2062 freq->channel, freq->sec_channel_offset);
2063
2064 if (!drv_supports_vht(wpa_s, ssid))
2065 return;
2066
2067 /* For IBSS check VHT_IBSS flag */
2068 if (ssid->mode == WPAS_MODE_IBSS &&
2069 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2070 return;
2071
2072 vht_freq = *freq;
2073
2074 #ifdef CONFIG_VHT_OVERRIDES
2075 if (ssid->disable_vht) {
2076 freq->vht_enabled = 0;
2077 return;
2078 }
2079 #endif /* CONFIG_VHT_OVERRIDES */
2080
2081 vht_freq.vht_enabled = vht_supported(mode);
2082 if (!vht_freq.vht_enabled)
2083 return;
2084
2085 /* setup center_freq1, bandwidth */
2086 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2087 if (freq->channel >= vht80[j] &&
2088 freq->channel < vht80[j] + 16)
2089 break;
2090 }
2091
2092 if (j == ARRAY_SIZE(vht80))
2093 return;
2094
2095 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2096 struct hostapd_channel_data *chan;
2097
2098 chan = hw_get_channel_chan(mode, i, NULL);
2099 if (!chan)
2100 return;
2101
2102 /* Back to HT configuration if channel not usable */
2103 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2104 return;
2105 }
2106
2107 chwidth = VHT_CHANWIDTH_80MHZ;
2108 seg0 = vht80[j] + 6;
2109 seg1 = 0;
2110
2111 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2112 /* setup center_freq2, bandwidth */
2113 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2114 /* Only accept 80 MHz segments separated by a gap */
2115 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2116 continue;
2117 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2118 struct hostapd_channel_data *chan;
2119
2120 chan = hw_get_channel_chan(mode, i, NULL);
2121 if (!chan)
2122 continue;
2123
2124 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2125 HOSTAPD_CHAN_NO_IR |
2126 HOSTAPD_CHAN_RADAR))
2127 continue;
2128
2129 /* Found a suitable second segment for 80+80 */
2130 chwidth = VHT_CHANWIDTH_80P80MHZ;
2131 vht_caps |=
2132 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2133 seg1 = vht80[k] + 6;
2134 }
2135
2136 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2137 break;
2138 }
2139 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2140 if (freq->freq == 5180) {
2141 chwidth = VHT_CHANWIDTH_160MHZ;
2142 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2143 seg0 = 50;
2144 } else if (freq->freq == 5520) {
2145 chwidth = VHT_CHANWIDTH_160MHZ;
2146 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2147 seg0 = 114;
2148 }
2149 }
2150
2151 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2152 freq->channel, freq->ht_enabled,
2153 vht_freq.vht_enabled,
2154 freq->sec_channel_offset,
2155 chwidth, seg0, seg1, vht_caps) != 0)
2156 return;
2157
2158 *freq = vht_freq;
2159
2160 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2161 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2162 }
2163
2164
2165 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2166 {
2167 struct wpa_connect_work *cwork = work->ctx;
2168 struct wpa_bss *bss = cwork->bss;
2169 struct wpa_ssid *ssid = cwork->ssid;
2170 struct wpa_supplicant *wpa_s = work->wpa_s;
2171 u8 wpa_ie[200];
2172 size_t wpa_ie_len;
2173 int use_crypt, ret, i, bssid_changed;
2174 int algs = WPA_AUTH_ALG_OPEN;
2175 unsigned int cipher_pairwise, cipher_group;
2176 struct wpa_driver_associate_params params;
2177 int wep_keys_set = 0;
2178 int assoc_failed = 0;
2179 struct wpa_ssid *old_ssid;
2180 u8 prev_bssid[ETH_ALEN];
2181 #ifdef CONFIG_HT_OVERRIDES
2182 struct ieee80211_ht_capabilities htcaps;
2183 struct ieee80211_ht_capabilities htcaps_mask;
2184 #endif /* CONFIG_HT_OVERRIDES */
2185 #ifdef CONFIG_VHT_OVERRIDES
2186 struct ieee80211_vht_capabilities vhtcaps;
2187 struct ieee80211_vht_capabilities vhtcaps_mask;
2188 #endif /* CONFIG_VHT_OVERRIDES */
2189
2190 if (deinit) {
2191 if (work->started) {
2192 wpa_s->connect_work = NULL;
2193
2194 /* cancel possible auth. timeout */
2195 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2196 NULL);
2197 }
2198 wpas_connect_work_free(cwork);
2199 return;
2200 }
2201
2202 wpa_s->connect_work = work;
2203
2204 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2205 wpas_network_disabled(wpa_s, ssid)) {
2206 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2207 wpas_connect_work_done(wpa_s);
2208 return;
2209 }
2210
2211 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2212 os_memset(&params, 0, sizeof(params));
2213 wpa_s->reassociate = 0;
2214 wpa_s->eap_expected_failure = 0;
2215 if (bss &&
2216 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2217 #ifdef CONFIG_IEEE80211R
2218 const u8 *ie, *md = NULL;
2219 #endif /* CONFIG_IEEE80211R */
2220 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2221 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2222 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2223 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2224 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2225 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2226 if (bssid_changed)
2227 wpas_notify_bssid_changed(wpa_s);
2228 #ifdef CONFIG_IEEE80211R
2229 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2230 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2231 md = ie + 2;
2232 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2233 if (md) {
2234 /* Prepare for the next transition */
2235 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2236 }
2237 #endif /* CONFIG_IEEE80211R */
2238 #ifdef CONFIG_WPS
2239 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2240 wpa_s->conf->ap_scan == 2 &&
2241 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2242 /* Use ap_scan==1 style network selection to find the network
2243 */
2244 wpas_connect_work_done(wpa_s);
2245 wpa_s->scan_req = MANUAL_SCAN_REQ;
2246 wpa_s->reassociate = 1;
2247 wpa_supplicant_req_scan(wpa_s, 0, 0);
2248 return;
2249 #endif /* CONFIG_WPS */
2250 } else {
2251 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2252 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2253 if (bss)
2254 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2255 else
2256 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2257 }
2258 if (!wpa_s->pno)
2259 wpa_supplicant_cancel_sched_scan(wpa_s);
2260
2261 wpa_supplicant_cancel_scan(wpa_s);
2262
2263 /* Starting new association, so clear the possibly used WPA IE from the
2264 * previous association. */
2265 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2266
2267 #ifdef IEEE8021X_EAPOL
2268 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2269 if (ssid->leap) {
2270 if (ssid->non_leap == 0)
2271 algs = WPA_AUTH_ALG_LEAP;
2272 else
2273 algs |= WPA_AUTH_ALG_LEAP;
2274 }
2275 }
2276 #endif /* IEEE8021X_EAPOL */
2277 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2278 if (ssid->auth_alg) {
2279 algs = ssid->auth_alg;
2280 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2281 "0x%x", algs);
2282 }
2283
2284 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2285 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2286 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2287 int try_opportunistic;
2288 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2289 wpa_s->conf->okc :
2290 ssid->proactive_key_caching) &&
2291 (ssid->proto & WPA_PROTO_RSN);
2292 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2293 ssid, try_opportunistic) == 0)
2294 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2295 wpa_ie_len = sizeof(wpa_ie);
2296 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2297 wpa_ie, &wpa_ie_len)) {
2298 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2299 "key management and encryption suites");
2300 wpas_connect_work_done(wpa_s);
2301 return;
2302 }
2303 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2304 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2305 /*
2306 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2307 * use non-WPA since the scan results did not indicate that the
2308 * AP is using WPA or WPA2.
2309 */
2310 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2311 wpa_ie_len = 0;
2312 wpa_s->wpa_proto = 0;
2313 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2314 wpa_ie_len = sizeof(wpa_ie);
2315 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2316 wpa_ie, &wpa_ie_len)) {
2317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2318 "key management and encryption suites (no "
2319 "scan results)");
2320 wpas_connect_work_done(wpa_s);
2321 return;
2322 }
2323 #ifdef CONFIG_WPS
2324 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2325 struct wpabuf *wps_ie;
2326 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2327 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2328 wpa_ie_len = wpabuf_len(wps_ie);
2329 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2330 } else
2331 wpa_ie_len = 0;
2332 wpabuf_free(wps_ie);
2333 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2334 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2335 params.wps = WPS_MODE_PRIVACY;
2336 else
2337 params.wps = WPS_MODE_OPEN;
2338 wpa_s->wpa_proto = 0;
2339 #endif /* CONFIG_WPS */
2340 } else {
2341 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2342 wpa_ie_len = 0;
2343 wpa_s->wpa_proto = 0;
2344 }
2345
2346 #ifdef CONFIG_P2P
2347 if (wpa_s->global->p2p) {
2348 u8 *pos;
2349 size_t len;
2350 int res;
2351 pos = wpa_ie + wpa_ie_len;
2352 len = sizeof(wpa_ie) - wpa_ie_len;
2353 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2354 ssid->p2p_group);
2355 if (res >= 0)
2356 wpa_ie_len += res;
2357 }
2358
2359 wpa_s->cross_connect_disallowed = 0;
2360 if (bss) {
2361 struct wpabuf *p2p;
2362 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2363 if (p2p) {
2364 wpa_s->cross_connect_disallowed =
2365 p2p_get_cross_connect_disallowed(p2p);
2366 wpabuf_free(p2p);
2367 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2368 "connection",
2369 wpa_s->cross_connect_disallowed ?
2370 "disallows" : "allows");
2371 }
2372 }
2373
2374 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2375 #endif /* CONFIG_P2P */
2376
2377 if (bss) {
2378 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2379 wpa_ie + wpa_ie_len,
2380 sizeof(wpa_ie) -
2381 wpa_ie_len);
2382 }
2383
2384 /*
2385 * Workaround: Add Extended Capabilities element only if the AP
2386 * included this element in Beacon/Probe Response frames. Some older
2387 * APs seem to have interoperability issues if this element is
2388 * included, so while the standard may require us to include the
2389 * element in all cases, it is justifiable to skip it to avoid
2390 * interoperability issues.
2391 */
2392 if (ssid->p2p_group)
2393 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2394 else
2395 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2396
2397 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2398 u8 ext_capab[18];
2399 int ext_capab_len;
2400 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2401 sizeof(ext_capab));
2402 if (ext_capab_len > 0) {
2403 u8 *pos = wpa_ie;
2404 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2405 pos += 2 + pos[1];
2406 os_memmove(pos + ext_capab_len, pos,
2407 wpa_ie_len - (pos - wpa_ie));
2408 wpa_ie_len += ext_capab_len;
2409 os_memcpy(pos, ext_capab, ext_capab_len);
2410 }
2411 }
2412
2413 #ifdef CONFIG_HS20
2414 if (is_hs20_network(wpa_s, ssid, bss)) {
2415 struct wpabuf *hs20;
2416
2417 hs20 = wpabuf_alloc(20);
2418 if (hs20) {
2419 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2420 size_t len;
2421
2422 wpas_hs20_add_indication(hs20, pps_mo_id);
2423 len = sizeof(wpa_ie) - wpa_ie_len;
2424 if (wpabuf_len(hs20) <= len) {
2425 os_memcpy(wpa_ie + wpa_ie_len,
2426 wpabuf_head(hs20), wpabuf_len(hs20));
2427 wpa_ie_len += wpabuf_len(hs20);
2428 }
2429 wpabuf_free(hs20);
2430
2431 hs20_configure_frame_filters(wpa_s);
2432 }
2433 }
2434 #endif /* CONFIG_HS20 */
2435
2436 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2437 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2438 size_t len;
2439
2440 len = sizeof(wpa_ie) - wpa_ie_len;
2441 if (wpabuf_len(buf) <= len) {
2442 os_memcpy(wpa_ie + wpa_ie_len,
2443 wpabuf_head(buf), wpabuf_len(buf));
2444 wpa_ie_len += wpabuf_len(buf);
2445 }
2446 }
2447
2448 #ifdef CONFIG_FST
2449 if (wpa_s->fst_ies) {
2450 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2451
2452 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2453 os_memcpy(wpa_ie + wpa_ie_len,
2454 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2455 wpa_ie_len += fst_ies_len;
2456 }
2457 }
2458 #endif /* CONFIG_FST */
2459
2460 #ifdef CONFIG_MBO
2461 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
2462 int len;
2463
2464 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2465 sizeof(wpa_ie) - wpa_ie_len);
2466 if (len >= 0)
2467 wpa_ie_len += len;
2468 }
2469 #endif /* CONFIG_MBO */
2470
2471 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2472 use_crypt = 1;
2473 cipher_pairwise = wpa_s->pairwise_cipher;
2474 cipher_group = wpa_s->group_cipher;
2475 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2476 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2477 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2478 use_crypt = 0;
2479 if (wpa_set_wep_keys(wpa_s, ssid)) {
2480 use_crypt = 1;
2481 wep_keys_set = 1;
2482 }
2483 }
2484 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2485 use_crypt = 0;
2486
2487 #ifdef IEEE8021X_EAPOL
2488 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2489 if ((ssid->eapol_flags &
2490 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2491 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2492 !wep_keys_set) {
2493 use_crypt = 0;
2494 } else {
2495 /* Assume that dynamic WEP-104 keys will be used and
2496 * set cipher suites in order for drivers to expect
2497 * encryption. */
2498 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2499 }
2500 }
2501 #endif /* IEEE8021X_EAPOL */
2502
2503 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2504 /* Set the key before (and later after) association */
2505 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2506 }
2507
2508 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2509 if (bss) {
2510 params.ssid = bss->ssid;
2511 params.ssid_len = bss->ssid_len;
2512 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2513 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
2514 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2515 MACSTR " freq=%u MHz based on scan results "
2516 "(bssid_set=%d wps=%d)",
2517 MAC2STR(bss->bssid), bss->freq,
2518 ssid->bssid_set,
2519 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
2520 params.bssid = bss->bssid;
2521 params.freq.freq = bss->freq;
2522 }
2523 params.bssid_hint = bss->bssid;
2524 params.freq_hint = bss->freq;
2525 params.pbss = bss_is_pbss(bss);
2526 } else {
2527 params.ssid = ssid->ssid;
2528 params.ssid_len = ssid->ssid_len;
2529 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2530 }
2531
2532 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2533 wpa_s->conf->ap_scan == 2) {
2534 params.bssid = ssid->bssid;
2535 params.fixed_bssid = 1;
2536 }
2537
2538 /* Initial frequency for IBSS/mesh */
2539 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2540 ssid->frequency > 0 && params.freq.freq == 0)
2541 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2542
2543 if (ssid->mode == WPAS_MODE_IBSS) {
2544 params.fixed_freq = ssid->fixed_freq;
2545 if (ssid->beacon_int)
2546 params.beacon_int = ssid->beacon_int;
2547 else
2548 params.beacon_int = wpa_s->conf->beacon_int;
2549 }
2550
2551 params.wpa_ie = wpa_ie;
2552 params.wpa_ie_len = wpa_ie_len;
2553 params.pairwise_suite = cipher_pairwise;
2554 params.group_suite = cipher_group;
2555 params.key_mgmt_suite = wpa_s->key_mgmt;
2556 params.wpa_proto = wpa_s->wpa_proto;
2557 params.auth_alg = algs;
2558 params.mode = ssid->mode;
2559 params.bg_scan_period = ssid->bg_scan_period;
2560 for (i = 0; i < NUM_WEP_KEYS; i++) {
2561 if (ssid->wep_key_len[i])
2562 params.wep_key[i] = ssid->wep_key[i];
2563 params.wep_key_len[i] = ssid->wep_key_len[i];
2564 }
2565 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2566
2567 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2568 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2569 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2570 params.passphrase = ssid->passphrase;
2571 if (ssid->psk_set)
2572 params.psk = ssid->psk;
2573 }
2574
2575 if (wpa_s->conf->key_mgmt_offload) {
2576 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2577 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2578 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2579 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2580 params.req_key_mgmt_offload =
2581 ssid->proactive_key_caching < 0 ?
2582 wpa_s->conf->okc : ssid->proactive_key_caching;
2583 else
2584 params.req_key_mgmt_offload = 1;
2585
2586 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2587 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2588 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2589 ssid->psk_set)
2590 params.psk = ssid->psk;
2591 }
2592
2593 params.drop_unencrypted = use_crypt;
2594
2595 #ifdef CONFIG_IEEE80211W
2596 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2597 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2598 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2599 struct wpa_ie_data ie;
2600 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2601 ie.capabilities &
2602 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2603 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2604 "MFP: require MFP");
2605 params.mgmt_frame_protection =
2606 MGMT_FRAME_PROTECTION_REQUIRED;
2607 }
2608 }
2609 #endif /* CONFIG_IEEE80211W */
2610
2611 params.p2p = ssid->p2p_group;
2612
2613 if (wpa_s->p2pdev->set_sta_uapsd)
2614 params.uapsd = wpa_s->p2pdev->sta_uapsd;
2615 else
2616 params.uapsd = -1;
2617
2618 #ifdef CONFIG_HT_OVERRIDES
2619 os_memset(&htcaps, 0, sizeof(htcaps));
2620 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2621 params.htcaps = (u8 *) &htcaps;
2622 params.htcaps_mask = (u8 *) &htcaps_mask;
2623 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
2624 #endif /* CONFIG_HT_OVERRIDES */
2625 #ifdef CONFIG_VHT_OVERRIDES
2626 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2627 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2628 params.vhtcaps = &vhtcaps;
2629 params.vhtcaps_mask = &vhtcaps_mask;
2630 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
2631 #endif /* CONFIG_VHT_OVERRIDES */
2632
2633 #ifdef CONFIG_P2P
2634 /*
2635 * If multi-channel concurrency is not supported, check for any
2636 * frequency conflict. In case of any frequency conflict, remove the
2637 * least prioritized connection.
2638 */
2639 if (wpa_s->num_multichan_concurrent < 2) {
2640 int freq, num;
2641 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2642 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2643 wpa_printf(MSG_DEBUG,
2644 "Assoc conflicting freq found (%d != %d)",
2645 freq, params.freq.freq);
2646 if (wpas_p2p_handle_frequency_conflicts(
2647 wpa_s, params.freq.freq, ssid) < 0) {
2648 wpas_connect_work_done(wpa_s);
2649 return;
2650 }
2651 }
2652 }
2653 #endif /* CONFIG_P2P */
2654
2655 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
2656 wpa_s->current_ssid)
2657 params.prev_bssid = prev_bssid;
2658
2659 ret = wpa_drv_associate(wpa_s, &params);
2660 if (ret < 0) {
2661 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2662 "failed");
2663 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2664 /*
2665 * The driver is known to mean what is saying, so we
2666 * can stop right here; the association will not
2667 * succeed.
2668 */
2669 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2670 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2671 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2672 return;
2673 }
2674 /* try to continue anyway; new association will be tried again
2675 * after timeout */
2676 assoc_failed = 1;
2677 }
2678
2679 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2680 /* Set the key after the association just in case association
2681 * cleared the previously configured key. */
2682 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2683 /* No need to timeout authentication since there is no key
2684 * management. */
2685 wpa_supplicant_cancel_auth_timeout(wpa_s);
2686 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2687 #ifdef CONFIG_IBSS_RSN
2688 } else if (ssid->mode == WPAS_MODE_IBSS &&
2689 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2690 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2691 /*
2692 * RSN IBSS authentication is per-STA and we can disable the
2693 * per-BSSID authentication.
2694 */
2695 wpa_supplicant_cancel_auth_timeout(wpa_s);
2696 #endif /* CONFIG_IBSS_RSN */
2697 } else {
2698 /* Timeout for IEEE 802.11 authentication and association */
2699 int timeout = 60;
2700
2701 if (assoc_failed) {
2702 /* give IBSS a bit more time */
2703 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2704 } else if (wpa_s->conf->ap_scan == 1) {
2705 /* give IBSS a bit more time */
2706 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2707 }
2708 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2709 }
2710
2711 if (wep_keys_set &&
2712 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2713 /* Set static WEP keys again */
2714 wpa_set_wep_keys(wpa_s, ssid);
2715 }
2716
2717 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2718 /*
2719 * Do not allow EAP session resumption between different
2720 * network configurations.
2721 */
2722 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2723 }
2724 old_ssid = wpa_s->current_ssid;
2725 wpa_s->current_ssid = ssid;
2726
2727 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2728 wpa_s->current_bss = bss;
2729 #ifdef CONFIG_HS20
2730 hs20_configure_frame_filters(wpa_s);
2731 #endif /* CONFIG_HS20 */
2732 }
2733
2734 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2735 wpa_supplicant_initiate_eapol(wpa_s);
2736 if (old_ssid != wpa_s->current_ssid)
2737 wpas_notify_network_changed(wpa_s);
2738 }
2739
2740
2741 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2742 const u8 *addr)
2743 {
2744 struct wpa_ssid *old_ssid;
2745
2746 wpas_connect_work_done(wpa_s);
2747 wpa_clear_keys(wpa_s, addr);
2748 old_ssid = wpa_s->current_ssid;
2749 wpa_supplicant_mark_disassoc(wpa_s);
2750 wpa_sm_set_config(wpa_s->wpa, NULL);
2751 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2752 if (old_ssid != wpa_s->current_ssid)
2753 wpas_notify_network_changed(wpa_s);
2754 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2755 }
2756
2757
2758 /**
2759 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2760 * @wpa_s: Pointer to wpa_supplicant data
2761 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2762 *
2763 * This function is used to request %wpa_supplicant to deauthenticate from the
2764 * current AP.
2765 */
2766 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2767 int reason_code)
2768 {
2769 u8 *addr = NULL;
2770 union wpa_event_data event;
2771 int zero_addr = 0;
2772
2773 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2774 " pending_bssid=" MACSTR " reason=%d state=%s",
2775 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2776 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2777
2778 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2779 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2780 wpa_s->wpa_state == WPA_ASSOCIATING))
2781 addr = wpa_s->pending_bssid;
2782 else if (!is_zero_ether_addr(wpa_s->bssid))
2783 addr = wpa_s->bssid;
2784 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2785 /*
2786 * When using driver-based BSS selection, we may not know the
2787 * BSSID with which we are currently trying to associate. We
2788 * need to notify the driver of this disconnection even in such
2789 * a case, so use the all zeros address here.
2790 */
2791 addr = wpa_s->bssid;
2792 zero_addr = 1;
2793 }
2794
2795 #ifdef CONFIG_TDLS
2796 wpa_tdls_teardown_peers(wpa_s->wpa);
2797 #endif /* CONFIG_TDLS */
2798
2799 #ifdef CONFIG_MESH
2800 if (wpa_s->ifmsh) {
2801 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2802 wpa_s->ifname);
2803 wpa_supplicant_leave_mesh(wpa_s);
2804 }
2805 #endif /* CONFIG_MESH */
2806
2807 if (addr) {
2808 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2809 os_memset(&event, 0, sizeof(event));
2810 event.deauth_info.reason_code = (u16) reason_code;
2811 event.deauth_info.locally_generated = 1;
2812 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2813 if (zero_addr)
2814 addr = NULL;
2815 }
2816
2817 wpa_supplicant_clear_connection(wpa_s, addr);
2818 }
2819
2820 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2821 struct wpa_ssid *ssid)
2822 {
2823 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2824 return;
2825
2826 ssid->disabled = 0;
2827 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2828 wpas_notify_network_enabled_changed(wpa_s, ssid);
2829
2830 /*
2831 * Try to reassociate since there is no current configuration and a new
2832 * network was made available.
2833 */
2834 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2835 wpa_s->reassociate = 1;
2836 }
2837
2838
2839 /**
2840 * wpa_supplicant_add_network - Add a new network
2841 * @wpa_s: wpa_supplicant structure for a network interface
2842 * Returns: The new network configuration or %NULL if operation failed
2843 *
2844 * This function performs the following operations:
2845 * 1. Adds a new network.
2846 * 2. Send network addition notification.
2847 * 3. Marks the network disabled.
2848 * 4. Set network default parameters.
2849 */
2850 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
2851 {
2852 struct wpa_ssid *ssid;
2853
2854 ssid = wpa_config_add_network(wpa_s->conf);
2855 if (!ssid)
2856 return NULL;
2857 wpas_notify_network_added(wpa_s, ssid);
2858 ssid->disabled = 1;
2859 wpa_config_set_network_defaults(ssid);
2860
2861 return ssid;
2862 }
2863
2864
2865 /**
2866 * wpa_supplicant_remove_network - Remove a configured network based on id
2867 * @wpa_s: wpa_supplicant structure for a network interface
2868 * @id: Unique network id to search for
2869 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
2870 * could not be removed
2871 *
2872 * This function performs the following operations:
2873 * 1. Removes the network.
2874 * 2. Send network removal notification.
2875 * 3. Update internal state machines.
2876 * 4. Stop any running sched scans.
2877 */
2878 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
2879 {
2880 struct wpa_ssid *ssid;
2881 int was_disabled;
2882
2883 ssid = wpa_config_get_network(wpa_s->conf, id);
2884 if (!ssid)
2885 return -1;
2886 wpas_notify_network_removed(wpa_s, ssid);
2887
2888 if (wpa_s->last_ssid == ssid)
2889 wpa_s->last_ssid = NULL;
2890
2891 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
2892 #ifdef CONFIG_SME
2893 wpa_s->sme.prev_bssid_set = 0;
2894 #endif /* CONFIG_SME */
2895 /*
2896 * Invalidate the EAP session cache if the current or
2897 * previously used network is removed.
2898 */
2899 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2900 }
2901
2902 if (ssid == wpa_s->current_ssid) {
2903 wpa_sm_set_config(wpa_s->wpa, NULL);
2904 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2905
2906 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2907 wpa_s->own_disconnect_req = 1;
2908 wpa_supplicant_deauthenticate(wpa_s,
2909 WLAN_REASON_DEAUTH_LEAVING);
2910 }
2911
2912 was_disabled = ssid->disabled;
2913
2914 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
2915 return -2;
2916
2917 if (!was_disabled && wpa_s->sched_scanning) {
2918 wpa_printf(MSG_DEBUG,
2919 "Stop ongoing sched_scan to remove network from filters");
2920 wpa_supplicant_cancel_sched_scan(wpa_s);
2921 wpa_supplicant_req_scan(wpa_s, 0, 0);
2922 }
2923
2924 return 0;
2925 }
2926
2927
2928 /**
2929 * wpa_supplicant_enable_network - Mark a configured network as enabled
2930 * @wpa_s: wpa_supplicant structure for a network interface
2931 * @ssid: wpa_ssid structure for a configured network or %NULL
2932 *
2933 * Enables the specified network or all networks if no network specified.
2934 */
2935 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2936 struct wpa_ssid *ssid)
2937 {
2938 if (ssid == NULL) {
2939 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2940 wpa_supplicant_enable_one_network(wpa_s, ssid);
2941 } else
2942 wpa_supplicant_enable_one_network(wpa_s, ssid);
2943
2944 if (wpa_s->reassociate && !wpa_s->disconnected &&
2945 (!wpa_s->current_ssid ||
2946 wpa_s->wpa_state == WPA_DISCONNECTED ||
2947 wpa_s->wpa_state == WPA_SCANNING)) {
2948 if (wpa_s->sched_scanning) {
2949 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2950 "new network to scan filters");
2951 wpa_supplicant_cancel_sched_scan(wpa_s);
2952 }
2953
2954 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2955 wpa_s->scan_req = NORMAL_SCAN_REQ;
2956 wpa_supplicant_req_scan(wpa_s, 0, 0);
2957 }
2958 }
2959 }
2960
2961
2962 /**
2963 * wpa_supplicant_disable_network - Mark a configured network as disabled
2964 * @wpa_s: wpa_supplicant structure for a network interface
2965 * @ssid: wpa_ssid structure for a configured network or %NULL
2966 *
2967 * Disables the specified network or all networks if no network specified.
2968 */
2969 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2970 struct wpa_ssid *ssid)
2971 {
2972 struct wpa_ssid *other_ssid;
2973 int was_disabled;
2974
2975 if (ssid == NULL) {
2976 if (wpa_s->sched_scanning)
2977 wpa_supplicant_cancel_sched_scan(wpa_s);
2978
2979 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2980 other_ssid = other_ssid->next) {
2981 was_disabled = other_ssid->disabled;
2982 if (was_disabled == 2)
2983 continue; /* do not change persistent P2P group
2984 * data */
2985
2986 other_ssid->disabled = 1;
2987
2988 if (was_disabled != other_ssid->disabled)
2989 wpas_notify_network_enabled_changed(
2990 wpa_s, other_ssid);
2991 }
2992 if (wpa_s->current_ssid)
2993 wpa_supplicant_deauthenticate(
2994 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2995 } else if (ssid->disabled != 2) {
2996 if (ssid == wpa_s->current_ssid)
2997 wpa_supplicant_deauthenticate(
2998 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2999
3000 was_disabled = ssid->disabled;
3001
3002 ssid->disabled = 1;
3003
3004 if (was_disabled != ssid->disabled) {
3005 wpas_notify_network_enabled_changed(wpa_s, ssid);
3006 if (wpa_s->sched_scanning) {
3007 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3008 "to remove network from filters");
3009 wpa_supplicant_cancel_sched_scan(wpa_s);
3010 wpa_supplicant_req_scan(wpa_s, 0, 0);
3011 }
3012 }
3013 }
3014 }
3015
3016
3017 /**
3018 * wpa_supplicant_select_network - Attempt association with a network
3019 * @wpa_s: wpa_supplicant structure for a network interface
3020 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3021 */
3022 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3023 struct wpa_ssid *ssid)
3024 {
3025
3026 struct wpa_ssid *other_ssid;
3027 int disconnected = 0;
3028
3029 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
3030 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3031 wpa_s->own_disconnect_req = 1;
3032 wpa_supplicant_deauthenticate(
3033 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3034 disconnected = 1;
3035 }
3036
3037 if (ssid)
3038 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3039
3040 /*
3041 * Mark all other networks disabled or mark all networks enabled if no
3042 * network specified.
3043 */
3044 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3045 other_ssid = other_ssid->next) {
3046 int was_disabled = other_ssid->disabled;
3047 if (was_disabled == 2)
3048 continue; /* do not change persistent P2P group data */
3049
3050 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
3051 if (was_disabled && !other_ssid->disabled)
3052 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
3053
3054 if (was_disabled != other_ssid->disabled)
3055 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
3056 }
3057
3058 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3059 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
3060 /* We are already associated with the selected network */
3061 wpa_printf(MSG_DEBUG, "Already associated with the "
3062 "selected network - do nothing");
3063 return;
3064 }
3065
3066 if (ssid) {
3067 wpa_s->current_ssid = ssid;
3068 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3069 wpa_s->connect_without_scan =
3070 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
3071
3072 /*
3073 * Don't optimize next scan freqs since a new ESS has been
3074 * selected.
3075 */
3076 os_free(wpa_s->next_scan_freqs);
3077 wpa_s->next_scan_freqs = NULL;
3078 } else {
3079 wpa_s->connect_without_scan = NULL;
3080 }
3081
3082 wpa_s->disconnected = 0;
3083 wpa_s->reassociate = 1;
3084
3085 if (wpa_s->connect_without_scan ||
3086 wpa_supplicant_fast_associate(wpa_s) != 1) {
3087 wpa_s->scan_req = NORMAL_SCAN_REQ;
3088 wpas_scan_reset_sched_scan(wpa_s);
3089 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
3090 }
3091
3092 if (ssid)
3093 wpas_notify_network_selected(wpa_s, ssid);
3094 }
3095
3096
3097 /**
3098 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3099 * @wpa_s: wpa_supplicant structure for a network interface
3100 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3101 * @pkcs11_module_path: PKCS #11 module path or NULL
3102 * Returns: 0 on success; -1 on failure
3103 *
3104 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3105 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3106 * module path fails the paths will be reset to the default value (NULL).
3107 */
3108 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3109 const char *pkcs11_engine_path,
3110 const char *pkcs11_module_path)
3111 {
3112 char *pkcs11_engine_path_copy = NULL;
3113 char *pkcs11_module_path_copy = NULL;
3114
3115 if (pkcs11_engine_path != NULL) {
3116 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3117 if (pkcs11_engine_path_copy == NULL)
3118 return -1;
3119 }
3120 if (pkcs11_module_path != NULL) {
3121 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
3122 if (pkcs11_module_path_copy == NULL) {
3123 os_free(pkcs11_engine_path_copy);
3124 return -1;
3125 }
3126 }
3127
3128 os_free(wpa_s->conf->pkcs11_engine_path);
3129 os_free(wpa_s->conf->pkcs11_module_path);
3130 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3131 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3132
3133 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3134 eapol_sm_deinit(wpa_s->eapol);
3135 wpa_s->eapol = NULL;
3136 if (wpa_supplicant_init_eapol(wpa_s)) {
3137 /* Error -> Reset paths to the default value (NULL) once. */
3138 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3139 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3140 NULL);
3141
3142 return -1;
3143 }
3144 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3145
3146 return 0;
3147 }
3148
3149
3150 /**
3151 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3152 * @wpa_s: wpa_supplicant structure for a network interface
3153 * @ap_scan: AP scan mode
3154 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3155 *
3156 */
3157 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3158 {
3159
3160 int old_ap_scan;
3161
3162 if (ap_scan < 0 || ap_scan > 2)
3163 return -1;
3164
3165 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3166 wpa_printf(MSG_INFO,
3167 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3168 }
3169
3170 #ifdef ANDROID
3171 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3172 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3173 wpa_s->wpa_state < WPA_COMPLETED) {
3174 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3175 "associating", wpa_s->conf->ap_scan, ap_scan);
3176 return 0;
3177 }
3178 #endif /* ANDROID */
3179
3180 old_ap_scan = wpa_s->conf->ap_scan;
3181 wpa_s->conf->ap_scan = ap_scan;
3182
3183 if (old_ap_scan != wpa_s->conf->ap_scan)
3184 wpas_notify_ap_scan_changed(wpa_s);
3185
3186 return 0;
3187 }
3188
3189
3190 /**
3191 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3192 * @wpa_s: wpa_supplicant structure for a network interface
3193 * @expire_age: Expiration age in seconds
3194 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3195 *
3196 */
3197 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3198 unsigned int bss_expire_age)
3199 {
3200 if (bss_expire_age < 10) {
3201 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3202 bss_expire_age);
3203 return -1;
3204 }
3205 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3206 bss_expire_age);
3207 wpa_s->conf->bss_expiration_age = bss_expire_age;
3208
3209 return 0;
3210 }
3211
3212
3213 /**
3214 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3215 * @wpa_s: wpa_supplicant structure for a network interface
3216 * @expire_count: number of scans after which an unseen BSS is reclaimed
3217 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3218 *
3219 */
3220 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3221 unsigned int bss_expire_count)
3222 {
3223 if (bss_expire_count < 1) {
3224 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3225 bss_expire_count);
3226 return -1;
3227 }
3228 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3229 bss_expire_count);
3230 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3231
3232 return 0;
3233 }
3234
3235
3236 /**
3237 * wpa_supplicant_set_scan_interval - Set scan interval
3238 * @wpa_s: wpa_supplicant structure for a network interface
3239 * @scan_interval: scan interval in seconds
3240 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3241 *
3242 */
3243 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3244 int scan_interval)
3245 {
3246 if (scan_interval < 0) {
3247 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3248 scan_interval);
3249 return -1;
3250 }
3251 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3252 scan_interval);
3253 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3254
3255 return 0;
3256 }
3257
3258
3259 /**
3260 * wpa_supplicant_set_debug_params - Set global debug params
3261 * @global: wpa_global structure
3262 * @debug_level: debug level
3263 * @debug_timestamp: determines if show timestamp in debug data
3264 * @debug_show_keys: determines if show keys in debug data
3265 * Returns: 0 if succeed or -1 if debug_level has wrong value
3266 */
3267 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3268 int debug_timestamp, int debug_show_keys)
3269 {
3270
3271 int old_level, old_timestamp, old_show_keys;
3272
3273 /* check for allowed debuglevels */
3274 if (debug_level != MSG_EXCESSIVE &&
3275 debug_level != MSG_MSGDUMP &&
3276 debug_level != MSG_DEBUG &&
3277 debug_level != MSG_INFO &&
3278 debug_level != MSG_WARNING &&
3279 debug_level != MSG_ERROR)
3280 return -1;
3281
3282 old_level = wpa_debug_level;
3283 old_timestamp = wpa_debug_timestamp;
3284 old_show_keys = wpa_debug_show_keys;
3285
3286 wpa_debug_level = debug_level;
3287 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3288 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3289
3290 if (wpa_debug_level != old_level)
3291 wpas_notify_debug_level_changed(global);
3292 if (wpa_debug_timestamp != old_timestamp)
3293 wpas_notify_debug_timestamp_changed(global);
3294 if (wpa_debug_show_keys != old_show_keys)
3295 wpas_notify_debug_show_keys_changed(global);
3296
3297 return 0;
3298 }
3299
3300
3301 /**
3302 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3303 * @wpa_s: Pointer to wpa_supplicant data
3304 * Returns: A pointer to the current network structure or %NULL on failure
3305 */
3306 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3307 {
3308 struct wpa_ssid *entry;
3309 u8 ssid[SSID_MAX_LEN];
3310 int res;
3311 size_t ssid_len;
3312 u8 bssid[ETH_ALEN];
3313 int wired;
3314
3315 res = wpa_drv_get_ssid(wpa_s, ssid);
3316 if (res < 0) {
3317 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3318 "driver");
3319 return NULL;
3320 }
3321 ssid_len = res;
3322
3323 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3324 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3325 "driver");
3326 return NULL;
3327 }
3328
3329 wired = wpa_s->conf->ap_scan == 0 &&
3330 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3331
3332 entry = wpa_s->conf->ssid;
3333 while (entry) {
3334 if (!wpas_network_disabled(wpa_s, entry) &&
3335 ((ssid_len == entry->ssid_len &&
3336 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3337 (!entry->bssid_set ||
3338 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3339 return entry;
3340 #ifdef CONFIG_WPS
3341 if (!wpas_network_disabled(wpa_s, entry) &&
3342 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3343 (entry->ssid == NULL || entry->ssid_len == 0) &&
3344 (!entry->bssid_set ||
3345 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3346 return entry;
3347 #endif /* CONFIG_WPS */
3348
3349 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3350 entry->ssid_len == 0 &&
3351 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3352 return entry;
3353
3354 entry = entry->next;
3355 }
3356
3357 return NULL;
3358 }
3359
3360
3361 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3362 {
3363 struct wpa_global *global = wpa_s->global;
3364
3365 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3366 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3367 if (global->drv_priv[i] == NULL) {
3368 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3369 "'%s'", wpa_drivers[i]->name);
3370 return -1;
3371 }
3372 }
3373
3374 wpa_s->driver = wpa_drivers[i];
3375 wpa_s->global_drv_priv = global->drv_priv[i];
3376
3377 return 0;
3378 }
3379
3380
3381 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3382 const char *name)
3383 {
3384 int i;
3385 size_t len;
3386 const char *pos, *driver = name;
3387
3388 if (wpa_s == NULL)
3389 return -1;
3390
3391 if (wpa_drivers[0] == NULL) {
3392 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3393 "wpa_supplicant");
3394 return -1;
3395 }
3396
3397 if (name == NULL) {
3398 /* default to first driver in the list */
3399 return select_driver(wpa_s, 0);
3400 }
3401
3402 do {
3403 pos = os_strchr(driver, ',');
3404 if (pos)
3405 len = pos - driver;
3406 else
3407 len = os_strlen(driver);
3408
3409 for (i = 0; wpa_drivers[i]; i++) {
3410 if (os_strlen(wpa_drivers[i]->name) == len &&
3411 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3412 0) {
3413 /* First driver that succeeds wins */
3414 if (select_driver(wpa_s, i) == 0)
3415 return 0;
3416 }
3417 }
3418
3419 driver = pos + 1;
3420 } while (pos);
3421
3422 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3423 return -1;
3424 }
3425
3426
3427 /**
3428 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3429 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3430 * with struct wpa_driver_ops::init()
3431 * @src_addr: Source address of the EAPOL frame
3432 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3433 * @len: Length of the EAPOL data
3434 *
3435 * This function is called for each received EAPOL frame. Most driver
3436 * interfaces rely on more generic OS mechanism for receiving frames through
3437 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3438 * take care of received EAPOL frames and deliver them to the core supplicant
3439 * code by calling this function.
3440 */
3441 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3442 const u8 *buf, size_t len)
3443 {
3444 struct wpa_supplicant *wpa_s = ctx;
3445
3446 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3447 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3448
3449 #ifdef CONFIG_TESTING_OPTIONS
3450 if (wpa_s->ignore_auth_resp) {
3451 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3452 return;
3453 }
3454 #endif /* CONFIG_TESTING_OPTIONS */
3455
3456 #ifdef CONFIG_PEERKEY
3457 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3458 wpa_s->current_ssid->peerkey &&
3459 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3460 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3461 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3462 return;
3463 }
3464 #endif /* CONFIG_PEERKEY */
3465
3466 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3467 (wpa_s->last_eapol_matches_bssid &&
3468 #ifdef CONFIG_AP
3469 !wpa_s->ap_iface &&
3470 #endif /* CONFIG_AP */
3471 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3472 /*
3473 * There is possible race condition between receiving the
3474 * association event and the EAPOL frame since they are coming
3475 * through different paths from the driver. In order to avoid
3476 * issues in trying to process the EAPOL frame before receiving
3477 * association information, lets queue it for processing until
3478 * the association event is received. This may also be needed in
3479 * driver-based roaming case, so also use src_addr != BSSID as a
3480 * trigger if we have previously confirmed that the
3481 * Authenticator uses BSSID as the src_addr (which is not the
3482 * case with wired IEEE 802.1X).
3483 */
3484 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3485 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3486 wpa_supplicant_state_txt(wpa_s->wpa_state),
3487 MAC2STR(wpa_s->bssid));
3488 wpabuf_free(wpa_s->pending_eapol_rx);
3489 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3490 if (wpa_s->pending_eapol_rx) {
3491 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3492 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3493 ETH_ALEN);
3494 }
3495 return;
3496 }
3497
3498 wpa_s->last_eapol_matches_bssid =
3499 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3500
3501 #ifdef CONFIG_AP
3502 if (wpa_s->ap_iface) {
3503 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3504 return;
3505 }
3506 #endif /* CONFIG_AP */
3507
3508 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3509 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3510 "no key management is configured");
3511 return;
3512 }
3513
3514 if (wpa_s->eapol_received == 0 &&
3515 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3516 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3517 wpa_s->wpa_state != WPA_COMPLETED) &&
3518 (wpa_s->current_ssid == NULL ||
3519 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3520 /* Timeout for completing IEEE 802.1X and WPA authentication */
3521 int timeout = 10;
3522
3523 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3524 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3525 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3526 /* Use longer timeout for IEEE 802.1X/EAP */
3527 timeout = 70;
3528 }
3529
3530 #ifdef CONFIG_WPS
3531 if (wpa_s->current_ssid && wpa_s->current_bss &&
3532 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3533 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3534 /*
3535 * Use shorter timeout if going through WPS AP iteration
3536 * for PIN config method with an AP that does not
3537 * advertise Selected Registrar.
3538 */
3539 struct wpabuf *wps_ie;
3540
3541 wps_ie = wpa_bss_get_vendor_ie_multi(
3542 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3543 if (wps_ie &&
3544 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3545 timeout = 10;
3546 wpabuf_free(wps_ie);
3547 }
3548 #endif /* CONFIG_WPS */
3549
3550 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3551 }
3552 wpa_s->eapol_received++;
3553
3554 if (wpa_s->countermeasures) {
3555 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3556 "EAPOL packet");
3557 return;
3558 }
3559
3560 #ifdef CONFIG_IBSS_RSN
3561 if (wpa_s->current_ssid &&
3562 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3563 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3564 return;
3565 }
3566 #endif /* CONFIG_IBSS_RSN */
3567
3568 /* Source address of the incoming EAPOL frame could be compared to the
3569 * current BSSID. However, it is possible that a centralized
3570 * Authenticator could be using another MAC address than the BSSID of
3571 * an AP, so just allow any address to be used for now. The replies are
3572 * still sent to the current BSSID (if available), though. */
3573
3574 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3575 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3576 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3577 return;
3578 wpa_drv_poll(wpa_s);
3579 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3580 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3581 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3582 /*
3583 * Set portValid = TRUE here since we are going to skip 4-way
3584 * handshake processing which would normally set portValid. We
3585 * need this to allow the EAPOL state machines to be completed
3586 * without going through EAPOL-Key handshake.
3587 */
3588 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3589 }
3590 }
3591
3592
3593 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3594 {
3595 if ((!wpa_s->p2p_mgmt ||
3596 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3597 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3598 l2_packet_deinit(wpa_s->l2);
3599 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3600 wpa_drv_get_mac_addr(wpa_s),
3601 ETH_P_EAPOL,
3602 wpa_supplicant_rx_eapol, wpa_s, 0);
3603 if (wpa_s->l2 == NULL)
3604 return -1;
3605 } else {
3606 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3607 if (addr)
3608 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3609 }
3610
3611 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3612 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3613 return -1;
3614 }
3615
3616 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3617
3618 return 0;
3619 }
3620
3621
3622 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3623 const u8 *buf, size_t len)
3624 {
3625 struct wpa_supplicant *wpa_s = ctx;
3626 const struct l2_ethhdr *eth;
3627
3628 if (len < sizeof(*eth))
3629 return;
3630 eth = (const struct l2_ethhdr *) buf;
3631
3632 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3633 !(eth->h_dest[0] & 0x01)) {
3634 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3635 " (bridge - not for this interface - ignore)",
3636 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3637 return;
3638 }
3639
3640 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3641 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3642 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3643 len - sizeof(*eth));
3644 }
3645
3646
3647 /**
3648 * wpa_supplicant_driver_init - Initialize driver interface parameters
3649 * @wpa_s: Pointer to wpa_supplicant data
3650 * Returns: 0 on success, -1 on failure
3651 *
3652 * This function is called to initialize driver interface parameters.
3653 * wpa_drv_init() must have been called before this function to initialize the
3654 * driver interface.
3655 */
3656 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3657 {
3658 static int interface_count = 0;
3659
3660 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3661 return -1;
3662
3663 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3664 MAC2STR(wpa_s->own_addr));
3665 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3666 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3667
3668 if (wpa_s->bridge_ifname[0]) {
3669 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3670 "interface '%s'", wpa_s->bridge_ifname);
3671 wpa_s->l2_br = l2_packet_init_bridge(
3672 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3673 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3674 if (wpa_s->l2_br == NULL) {
3675 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3676 "connection for the bridge interface '%s'",
3677 wpa_s->bridge_ifname);
3678 return -1;
3679 }
3680 }
3681
3682 if (wpa_s->conf->ap_scan == 2 &&
3683 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3684 wpa_printf(MSG_INFO,
3685 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3686 }
3687
3688 wpa_clear_keys(wpa_s, NULL);
3689
3690 /* Make sure that TKIP countermeasures are not left enabled (could
3691 * happen if wpa_supplicant is killed during countermeasures. */
3692 wpa_drv_set_countermeasures(wpa_s, 0);
3693
3694 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3695 wpa_drv_flush_pmkid(wpa_s);
3696
3697 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3698 wpa_s->prev_scan_wildcard = 0;
3699
3700 if (wpa_supplicant_enabled_networks(wpa_s)) {
3701 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3702 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3703 interface_count = 0;
3704 }
3705 #ifndef ANDROID
3706 if (!wpa_s->p2p_mgmt &&
3707 wpa_supplicant_delayed_sched_scan(wpa_s,
3708 interface_count % 3,
3709 100000))
3710 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3711 100000);
3712 #endif /* ANDROID */
3713 interface_count++;
3714 } else
3715 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3716
3717 return 0;
3718 }
3719
3720
3721 static int wpa_supplicant_daemon(const char *pid_file)
3722 {
3723 wpa_printf(MSG_DEBUG, "Daemonize..");
3724 return os_daemonize(pid_file);
3725 }
3726
3727
3728 static struct wpa_supplicant *
3729 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3730 {
3731 struct wpa_supplicant *wpa_s;
3732
3733 wpa_s = os_zalloc(sizeof(*wpa_s));
3734 if (wpa_s == NULL)
3735 return NULL;
3736 wpa_s->scan_req = INITIAL_SCAN_REQ;
3737 wpa_s->scan_interval = 5;
3738 wpa_s->new_connection = 1;
3739 wpa_s->parent = parent ? parent : wpa_s;
3740 wpa_s->p2pdev = wpa_s->parent;
3741 wpa_s->sched_scanning = 0;
3742
3743 dl_list_init(&wpa_s->bss_tmp_disallowed);
3744 dl_list_init(&wpa_s->fils_hlp_req);
3745
3746 return wpa_s;
3747 }
3748
3749
3750 #ifdef CONFIG_HT_OVERRIDES
3751
3752 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3753 struct ieee80211_ht_capabilities *htcaps,
3754 struct ieee80211_ht_capabilities *htcaps_mask,
3755 const char *ht_mcs)
3756 {
3757 /* parse ht_mcs into hex array */
3758 int i;
3759 const char *tmp = ht_mcs;
3760 char *end = NULL;
3761
3762 /* If ht_mcs is null, do not set anything */
3763 if (!ht_mcs)
3764 return 0;
3765
3766 /* This is what we are setting in the kernel */
3767 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3768
3769 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3770
3771 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3772 long v;
3773
3774 errno = 0;
3775 v = strtol(tmp, &end, 16);
3776
3777 if (errno == 0) {
3778 wpa_msg(wpa_s, MSG_DEBUG,
3779 "htcap value[%i]: %ld end: %p tmp: %p",
3780 i, v, end, tmp);
3781 if (end == tmp)
3782 break;
3783
3784 htcaps->supported_mcs_set[i] = v;
3785 tmp = end;
3786 } else {
3787 wpa_msg(wpa_s, MSG_ERROR,
3788 "Failed to parse ht-mcs: %s, error: %s\n",
3789 ht_mcs, strerror(errno));
3790 return -1;
3791 }
3792 }
3793
3794 /*
3795 * If we were able to parse any values, then set mask for the MCS set.
3796 */
3797 if (i) {
3798 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3799 IEEE80211_HT_MCS_MASK_LEN - 1);
3800 /* skip the 3 reserved bits */
3801 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3802 0x1f;
3803 }
3804
3805 return 0;
3806 }
3807
3808
3809 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3810 struct ieee80211_ht_capabilities *htcaps,
3811 struct ieee80211_ht_capabilities *htcaps_mask,
3812 int disabled)
3813 {
3814 le16 msk;
3815
3816 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3817
3818 if (disabled == -1)
3819 return 0;
3820
3821 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3822 htcaps_mask->ht_capabilities_info |= msk;
3823 if (disabled)
3824 htcaps->ht_capabilities_info &= msk;
3825 else
3826 htcaps->ht_capabilities_info |= msk;
3827
3828 return 0;
3829 }
3830
3831
3832 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3833 struct ieee80211_ht_capabilities *htcaps,
3834 struct ieee80211_ht_capabilities *htcaps_mask,
3835 int factor)
3836 {
3837 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3838
3839 if (factor == -1)
3840 return 0;
3841
3842 if (factor < 0 || factor > 3) {
3843 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3844 "Must be 0-3 or -1", factor);
3845 return -EINVAL;
3846 }
3847
3848 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3849 htcaps->a_mpdu_params &= ~0x3;
3850 htcaps->a_mpdu_params |= factor & 0x3;
3851
3852 return 0;
3853 }
3854
3855
3856 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3857 struct ieee80211_ht_capabilities *htcaps,
3858 struct ieee80211_ht_capabilities *htcaps_mask,
3859 int density)
3860 {
3861 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3862
3863 if (density == -1)
3864 return 0;
3865
3866 if (density < 0 || density > 7) {
3867 wpa_msg(wpa_s, MSG_ERROR,
3868 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3869 density);
3870 return -EINVAL;
3871 }
3872
3873 htcaps_mask->a_mpdu_params |= 0x1C;
3874 htcaps->a_mpdu_params &= ~(0x1C);
3875 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3876
3877 return 0;
3878 }
3879
3880
3881 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3882 struct ieee80211_ht_capabilities *htcaps,
3883 struct ieee80211_ht_capabilities *htcaps_mask,
3884 int disabled)
3885 {
3886 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3887
3888 set_disable_ht40(htcaps, disabled);
3889 set_disable_ht40(htcaps_mask, 0);
3890
3891 return 0;
3892 }
3893
3894
3895 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3896 struct ieee80211_ht_capabilities *htcaps,
3897 struct ieee80211_ht_capabilities *htcaps_mask,
3898 int disabled)
3899 {
3900 /* Masking these out disables SGI */
3901 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3902 HT_CAP_INFO_SHORT_GI40MHZ);
3903
3904 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3905
3906 if (disabled)
3907 htcaps->ht_capabilities_info &= ~msk;
3908 else
3909 htcaps->ht_capabilities_info |= msk;
3910
3911 htcaps_mask->ht_capabilities_info |= msk;
3912
3913 return 0;
3914 }
3915
3916
3917 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3918 struct ieee80211_ht_capabilities *htcaps,
3919 struct ieee80211_ht_capabilities *htcaps_mask,
3920 int disabled)
3921 {
3922 /* Masking these out disables LDPC */
3923 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3924
3925 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3926
3927 if (disabled)
3928 htcaps->ht_capabilities_info &= ~msk;
3929 else
3930 htcaps->ht_capabilities_info |= msk;
3931
3932 htcaps_mask->ht_capabilities_info |= msk;
3933
3934 return 0;
3935 }
3936
3937
3938 void wpa_supplicant_apply_ht_overrides(
3939 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3940 struct wpa_driver_associate_params *params)
3941 {
3942 struct ieee80211_ht_capabilities *htcaps;
3943 struct ieee80211_ht_capabilities *htcaps_mask;
3944
3945 if (!ssid)
3946 return;
3947
3948 params->disable_ht = ssid->disable_ht;
3949 if (!params->htcaps || !params->htcaps_mask)
3950 return;
3951
3952 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3953 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3954 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3955 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3956 ssid->disable_max_amsdu);
3957 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3958 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3959 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3960 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3961 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3962
3963 if (ssid->ht40_intolerant) {
3964 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3965 htcaps->ht_capabilities_info |= bit;
3966 htcaps_mask->ht_capabilities_info |= bit;
3967 }
3968 }
3969
3970 #endif /* CONFIG_HT_OVERRIDES */
3971
3972
3973 #ifdef CONFIG_VHT_OVERRIDES
3974 void wpa_supplicant_apply_vht_overrides(
3975 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3976 struct wpa_driver_associate_params *params)
3977 {
3978 struct ieee80211_vht_capabilities *vhtcaps;
3979 struct ieee80211_vht_capabilities *vhtcaps_mask;
3980
3981 if (!ssid)
3982 return;
3983
3984 params->disable_vht = ssid->disable_vht;
3985
3986 vhtcaps = (void *) params->vhtcaps;
3987 vhtcaps_mask = (void *) params->vhtcaps_mask;
3988
3989 if (!vhtcaps || !vhtcaps_mask)
3990 return;
3991
3992 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
3993 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
3994
3995 #ifdef CONFIG_HT_OVERRIDES
3996 /* if max ampdu is <= 3, we have to make the HT cap the same */
3997 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3998 int max_ampdu;
3999
4000 max_ampdu = (ssid->vht_capa &
4001 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4002 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4003
4004 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4005 wpa_set_ampdu_factor(wpa_s,
4006 (void *) params->htcaps,
4007 (void *) params->htcaps_mask,
4008 max_ampdu);
4009 }
4010 #endif /* CONFIG_HT_OVERRIDES */
4011
4012 #define OVERRIDE_MCS(i) \
4013 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4014 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4015 host_to_le16(3 << 2 * (i - 1)); \
4016 vhtcaps->vht_supported_mcs_set.tx_map |= \
4017 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4018 2 * (i - 1)); \
4019 } \
4020 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4021 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4022 host_to_le16(3 << 2 * (i - 1)); \
4023 vhtcaps->vht_supported_mcs_set.rx_map |= \
4024 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4025 2 * (i - 1)); \
4026 }
4027
4028 OVERRIDE_MCS(1);
4029 OVERRIDE_MCS(2);
4030 OVERRIDE_MCS(3);
4031 OVERRIDE_MCS(4);
4032 OVERRIDE_MCS(5);
4033 OVERRIDE_MCS(6);
4034 OVERRIDE_MCS(7);
4035 OVERRIDE_MCS(8);
4036 }
4037 #endif /* CONFIG_VHT_OVERRIDES */
4038
4039
4040 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4041 {
4042 #ifdef PCSC_FUNCS
4043 size_t len;
4044
4045 if (!wpa_s->conf->pcsc_reader)
4046 return 0;
4047
4048 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
4049 if (!wpa_s->scard)
4050 return 1;
4051
4052 if (wpa_s->conf->pcsc_pin &&
4053 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4054 scard_deinit(wpa_s->scard);
4055 wpa_s->scard = NULL;
4056 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4057 return -1;
4058 }
4059
4060 len = sizeof(wpa_s->imsi) - 1;
4061 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4062 scard_deinit(wpa_s->scard);
4063 wpa_s->scard = NULL;
4064 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4065 return -1;
4066 }
4067 wpa_s->imsi[len] = '\0';
4068
4069 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4070
4071 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4072 wpa_s->imsi, wpa_s->mnc_len);
4073
4074 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4075 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4076 #endif /* PCSC_FUNCS */
4077
4078 return 0;
4079 }
4080
4081
4082 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4083 {
4084 char *val, *pos;
4085
4086 ext_password_deinit(wpa_s->ext_pw);
4087 wpa_s->ext_pw = NULL;
4088 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4089
4090 if (!wpa_s->conf->ext_password_backend)
4091 return 0;
4092
4093 val = os_strdup(wpa_s->conf->ext_password_backend);
4094 if (val == NULL)
4095 return -1;
4096 pos = os_strchr(val, ':');
4097 if (pos)
4098 *pos++ = '\0';
4099
4100 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4101
4102 wpa_s->ext_pw = ext_password_init(val, pos);
4103 os_free(val);
4104 if (wpa_s->ext_pw == NULL) {
4105 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4106 return -1;
4107 }
4108 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4109
4110 return 0;
4111 }
4112
4113
4114 #ifdef CONFIG_FST
4115
4116 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4117 {
4118 struct wpa_supplicant *wpa_s = ctx;
4119
4120 return (is_zero_ether_addr(wpa_s->bssid) ||
4121 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4122 }
4123
4124
4125 static void wpas_fst_get_channel_info_cb(void *ctx,
4126 enum hostapd_hw_mode *hw_mode,
4127 u8 *channel)
4128 {
4129 struct wpa_supplicant *wpa_s = ctx;
4130
4131 if (wpa_s->current_bss) {
4132 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4133 channel);
4134 } else if (wpa_s->hw.num_modes) {
4135 *hw_mode = wpa_s->hw.modes[0].mode;
4136 } else {
4137 WPA_ASSERT(0);
4138 *hw_mode = 0;
4139 }
4140 }
4141
4142
4143 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4144 {
4145 struct wpa_supplicant *wpa_s = ctx;
4146
4147 *modes = wpa_s->hw.modes;
4148 return wpa_s->hw.num_modes;
4149 }
4150
4151
4152 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
4153 {
4154 struct wpa_supplicant *wpa_s = ctx;
4155
4156 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
4157 wpa_s->fst_ies = fst_ies;
4158 }
4159
4160
4161 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4162 {
4163 struct wpa_supplicant *wpa_s = ctx;
4164
4165 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4166 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4167 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4168 return -1;
4169 }
4170 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
4171 wpa_s->own_addr, wpa_s->bssid,
4172 wpabuf_head(data), wpabuf_len(data),
4173 0);
4174 }
4175
4176
4177 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4178 {
4179 struct wpa_supplicant *wpa_s = ctx;
4180
4181 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4182 return wpa_s->received_mb_ies;
4183 }
4184
4185
4186 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4187 const u8 *buf, size_t size)
4188 {
4189 struct wpa_supplicant *wpa_s = ctx;
4190 struct mb_ies_info info;
4191
4192 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4193
4194 if (!mb_ies_info_by_ies(&info, buf, size)) {
4195 wpabuf_free(wpa_s->received_mb_ies);
4196 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4197 }
4198 }
4199
4200
4201 static const u8 * wpas_fst_get_peer_first(void *ctx,
4202 struct fst_get_peer_ctx **get_ctx,
4203 Boolean mb_only)
4204 {
4205 struct wpa_supplicant *wpa_s = ctx;
4206
4207 *get_ctx = NULL;
4208 if (!is_zero_ether_addr(wpa_s->bssid))
4209 return (wpa_s->received_mb_ies || !mb_only) ?
4210 wpa_s->bssid : NULL;
4211 return NULL;
4212 }
4213
4214
4215 static const u8 * wpas_fst_get_peer_next(void *ctx,
4216 struct fst_get_peer_ctx **get_ctx,
4217 Boolean mb_only)
4218 {
4219 return NULL;
4220 }
4221
4222 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4223 struct fst_wpa_obj *iface_obj)
4224 {
4225 iface_obj->ctx = wpa_s;
4226 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4227 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4228 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4229 iface_obj->set_ies = wpas_fst_set_ies_cb;
4230 iface_obj->send_action = wpas_fst_send_action_cb;
4231 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4232 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4233 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4234 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4235 }
4236 #endif /* CONFIG_FST */
4237
4238 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4239 const struct wpa_driver_capa *capa)
4240 {
4241 struct wowlan_triggers *triggers;
4242 int ret = 0;
4243
4244 if (!wpa_s->conf->wowlan_triggers)
4245 return 0;
4246
4247 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4248 if (triggers) {
4249 ret = wpa_drv_wowlan(wpa_s, triggers);
4250 os_free(triggers);
4251 }
4252 return ret;
4253 }
4254
4255
4256 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4257 {
4258 if (freq < 3000)
4259 return BAND_2_4_GHZ;
4260 if (freq > 50000)
4261 return BAND_60_GHZ;
4262 return BAND_5_GHZ;
4263 }
4264
4265
4266 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4267 {
4268 int i;
4269 unsigned int band = 0;
4270
4271 if (freqs) {
4272 /* freqs are specified for the radio work */
4273 for (i = 0; freqs[i]; i++)
4274 band |= wpas_freq_to_band(freqs[i]);
4275 } else {
4276 /*
4277 * freqs are not specified, implies all
4278 * the supported freqs by HW
4279 */
4280 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4281 if (wpa_s->hw.modes[i].num_channels != 0) {
4282 if (wpa_s->hw.modes[i].mode ==
4283 HOSTAPD_MODE_IEEE80211B ||
4284 wpa_s->hw.modes[i].mode ==
4285 HOSTAPD_MODE_IEEE80211G)
4286 band |= BAND_2_4_GHZ;
4287 else if (wpa_s->hw.modes[i].mode ==
4288 HOSTAPD_MODE_IEEE80211A)
4289 band |= BAND_5_GHZ;
4290 else if (wpa_s->hw.modes[i].mode ==
4291 HOSTAPD_MODE_IEEE80211AD)
4292 band |= BAND_60_GHZ;
4293 else if (wpa_s->hw.modes[i].mode ==
4294 HOSTAPD_MODE_IEEE80211ANY)
4295 band = BAND_2_4_GHZ | BAND_5_GHZ |
4296 BAND_60_GHZ;
4297 }
4298 }
4299 }
4300
4301 return band;
4302 }
4303
4304
4305 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4306 const char *rn)
4307 {
4308 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4309 struct wpa_radio *radio;
4310
4311 while (rn && iface) {
4312 radio = iface->radio;
4313 if (radio && os_strcmp(rn, radio->name) == 0) {
4314 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4315 wpa_s->ifname, rn);
4316 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4317 return radio;
4318 }
4319
4320 iface = iface->next;
4321 }
4322
4323 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4324 wpa_s->ifname, rn ? rn : "N/A");
4325 radio = os_zalloc(sizeof(*radio));
4326 if (radio == NULL)
4327 return NULL;
4328
4329 if (rn)
4330 os_strlcpy(radio->name, rn, sizeof(radio->name));
4331 dl_list_init(&radio->ifaces);
4332 dl_list_init(&radio->work);
4333 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4334
4335 return radio;
4336 }
4337
4338
4339 static void radio_work_free(struct wpa_radio_work *work)
4340 {
4341 if (work->wpa_s->scan_work == work) {
4342 /* This should not really happen. */
4343 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4344 work->type, work, work->started);
4345 work->wpa_s->scan_work = NULL;
4346 }
4347
4348 #ifdef CONFIG_P2P
4349 if (work->wpa_s->p2p_scan_work == work) {
4350 /* This should not really happen. */
4351 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4352 work->type, work, work->started);
4353 work->wpa_s->p2p_scan_work = NULL;
4354 }
4355 #endif /* CONFIG_P2P */
4356
4357 if (work->started) {
4358 work->wpa_s->radio->num_active_works--;
4359 wpa_dbg(work->wpa_s, MSG_DEBUG,
4360 "radio_work_free('%s'@%p: num_active_works --> %u",
4361 work->type, work,
4362 work->wpa_s->radio->num_active_works);
4363 }
4364
4365 dl_list_del(&work->list);
4366 os_free(work);
4367 }
4368
4369
4370 static int radio_work_is_connect(struct wpa_radio_work *work)
4371 {
4372 return os_strcmp(work->type, "sme-connect") == 0 ||
4373 os_strcmp(work->type, "connect") == 0;
4374 }
4375
4376
4377 static int radio_work_is_scan(struct wpa_radio_work *work)
4378 {
4379 return os_strcmp(work->type, "scan") == 0 ||
4380 os_strcmp(work->type, "p2p-scan") == 0;
4381 }
4382
4383
4384 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4385 {
4386 struct wpa_radio_work *active_work = NULL;
4387 struct wpa_radio_work *tmp;
4388
4389 /* Get the active work to know the type and band. */
4390 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4391 if (tmp->started) {
4392 active_work = tmp;
4393 break;
4394 }
4395 }
4396
4397 if (!active_work) {
4398 /* No active work, start one */
4399 radio->num_active_works = 0;
4400 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4401 list) {
4402 if (os_strcmp(tmp->type, "scan") == 0 &&
4403 radio->external_scan_running &&
4404 (((struct wpa_driver_scan_params *)
4405 tmp->ctx)->only_new_results ||
4406 tmp->wpa_s->clear_driver_scan_cache))
4407 continue;
4408 return tmp;
4409 }
4410 return NULL;
4411 }
4412
4413 if (radio_work_is_connect(active_work)) {
4414 /*
4415 * If the active work is either connect or sme-connect,
4416 * do not parallelize them with other radio works.
4417 */
4418 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4419 "Do not parallelize radio work with %s",
4420 active_work->type);
4421 return NULL;
4422 }
4423
4424 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4425 if (tmp->started)
4426 continue;
4427
4428 /*
4429 * If connect or sme-connect are enqueued, parallelize only
4430 * those operations ahead of them in the queue.
4431 */
4432 if (radio_work_is_connect(tmp))
4433 break;
4434
4435 /* Serialize parallel scan and p2p_scan operations on the same
4436 * interface since the driver_nl80211 mechanism for tracking
4437 * scan cookies does not yet have support for this. */
4438 if (active_work->wpa_s == tmp->wpa_s &&
4439 radio_work_is_scan(active_work) &&
4440 radio_work_is_scan(tmp)) {
4441 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4442 "Do not start work '%s' when another work '%s' is already scheduled",
4443 tmp->type, active_work->type);
4444 continue;
4445 }
4446 /*
4447 * Check that the radio works are distinct and
4448 * on different bands.
4449 */
4450 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4451 (active_work->bands != tmp->bands)) {
4452 /*
4453 * If a scan has to be scheduled through nl80211 scan
4454 * interface and if an external scan is already running,
4455 * do not schedule the scan since it is likely to get
4456 * rejected by kernel.
4457 */
4458 if (os_strcmp(tmp->type, "scan") == 0 &&
4459 radio->external_scan_running &&
4460 (((struct wpa_driver_scan_params *)
4461 tmp->ctx)->only_new_results ||
4462 tmp->wpa_s->clear_driver_scan_cache))
4463 continue;
4464
4465 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4466 "active_work:%s new_work:%s",
4467 active_work->type, tmp->type);
4468 return tmp;
4469 }
4470 }
4471
4472 /* Did not find a radio work to schedule in parallel. */
4473 return NULL;
4474 }
4475
4476
4477 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4478 {
4479 struct wpa_radio *radio = eloop_ctx;
4480 struct wpa_radio_work *work;
4481 struct os_reltime now, diff;
4482 struct wpa_supplicant *wpa_s;
4483
4484 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4485 if (work == NULL) {
4486 radio->num_active_works = 0;
4487 return;
4488 }
4489
4490 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4491 radio_list);
4492
4493 if (!(wpa_s &&
4494 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4495 if (work->started)
4496 return; /* already started and still in progress */
4497
4498 if (wpa_s && wpa_s->radio->external_scan_running) {
4499 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4500 return;
4501 }
4502 } else {
4503 work = NULL;
4504 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4505 /* get the work to schedule next */
4506 work = radio_work_get_next_work(radio);
4507 }
4508 if (!work)
4509 return;
4510 }
4511
4512 wpa_s = work->wpa_s;
4513 os_get_reltime(&now);
4514 os_reltime_sub(&now, &work->time, &diff);
4515 wpa_dbg(wpa_s, MSG_DEBUG,
4516 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4517 work->type, work, diff.sec, diff.usec);
4518 work->started = 1;
4519 work->time = now;
4520 radio->num_active_works++;
4521
4522 work->cb(work, 0);
4523
4524 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4525 radio->num_active_works < MAX_ACTIVE_WORKS)
4526 radio_work_check_next(wpa_s);
4527 }
4528
4529
4530 /*
4531 * This function removes both started and pending radio works running on
4532 * the provided interface's radio.
4533 * Prior to the removal of the radio work, its callback (cb) is called with
4534 * deinit set to be 1. Each work's callback is responsible for clearing its
4535 * internal data and restoring to a correct state.
4536 * @wpa_s: wpa_supplicant data
4537 * @type: type of works to be removed
4538 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4539 * this interface's works.
4540 */
4541 void radio_remove_works(struct wpa_supplicant *wpa_s,
4542 const char *type, int remove_all)
4543 {
4544 struct wpa_radio_work *work, *tmp;
4545 struct wpa_radio *radio = wpa_s->radio;
4546
4547 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4548 list) {
4549 if (type && os_strcmp(type, work->type) != 0)
4550 continue;
4551
4552 /* skip other ifaces' works */
4553 if (!remove_all && work->wpa_s != wpa_s)
4554 continue;
4555
4556 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4557 work->type, work, work->started ? " (started)" : "");
4558 work->cb(work, 1);
4559 radio_work_free(work);
4560 }
4561
4562 /* in case we removed the started work */
4563 radio_work_check_next(wpa_s);
4564 }
4565
4566
4567 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4568 {
4569 struct wpa_radio *radio = wpa_s->radio;
4570
4571 if (!radio)
4572 return;
4573
4574 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4575 wpa_s->ifname, radio->name);
4576 dl_list_del(&wpa_s->radio_list);
4577 radio_remove_works(wpa_s, NULL, 0);
4578 wpa_s->radio = NULL;
4579 if (!dl_list_empty(&radio->ifaces))
4580 return; /* Interfaces remain for this radio */
4581
4582 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4583 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4584 os_free(radio);
4585 }
4586
4587
4588 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4589 {
4590 struct wpa_radio *radio = wpa_s->radio;
4591
4592 if (dl_list_empty(&radio->work))
4593 return;
4594 if (wpa_s->ext_work_in_progress) {
4595 wpa_printf(MSG_DEBUG,
4596 "External radio work in progress - delay start of pending item");
4597 return;
4598 }
4599 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4600 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4601 }
4602
4603
4604 /**
4605 * radio_add_work - Add a radio work item
4606 * @wpa_s: Pointer to wpa_supplicant data
4607 * @freq: Frequency of the offchannel operation in MHz or 0
4608 * @type: Unique identifier for each type of work
4609 * @next: Force as the next work to be executed
4610 * @cb: Callback function for indicating when radio is available
4611 * @ctx: Context pointer for the work (work->ctx in cb())
4612 * Returns: 0 on success, -1 on failure
4613 *
4614 * This function is used to request time for an operation that requires
4615 * exclusive radio control. Once the radio is available, the registered callback
4616 * function will be called. radio_work_done() must be called once the exclusive
4617 * radio operation has been completed, so that the radio is freed for other
4618 * operations. The special case of deinit=1 is used to free the context data
4619 * during interface removal. That does not allow the callback function to start
4620 * the radio operation, i.e., it must free any resources allocated for the radio
4621 * work and return.
4622 *
4623 * The @freq parameter can be used to indicate a single channel on which the
4624 * offchannel operation will occur. This may allow multiple radio work
4625 * operations to be performed in parallel if they apply for the same channel.
4626 * Setting this to 0 indicates that the work item may use multiple channels or
4627 * requires exclusive control of the radio.
4628 */
4629 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4630 const char *type, int next,
4631 void (*cb)(struct wpa_radio_work *work, int deinit),
4632 void *ctx)
4633 {
4634 struct wpa_radio *radio = wpa_s->radio;
4635 struct wpa_radio_work *work;
4636 int was_empty;
4637
4638 work = os_zalloc(sizeof(*work));
4639 if (work == NULL)
4640 return -1;
4641 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4642 os_get_reltime(&work->time);
4643 work->freq = freq;
4644 work->type = type;
4645 work->wpa_s = wpa_s;
4646 work->cb = cb;
4647 work->ctx = ctx;
4648
4649 if (freq)
4650 work->bands = wpas_freq_to_band(freq);
4651 else if (os_strcmp(type, "scan") == 0 ||
4652 os_strcmp(type, "p2p-scan") == 0)
4653 work->bands = wpas_get_bands(wpa_s,
4654 ((struct wpa_driver_scan_params *)
4655 ctx)->freqs);
4656 else
4657 work->bands = wpas_get_bands(wpa_s, NULL);
4658
4659 was_empty = dl_list_empty(&wpa_s->radio->work);
4660 if (next)
4661 dl_list_add(&wpa_s->radio->work, &work->list);
4662 else
4663 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4664 if (was_empty) {
4665 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4666 radio_work_check_next(wpa_s);
4667 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4668 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4669 wpa_dbg(wpa_s, MSG_DEBUG,
4670 "Try to schedule a radio work (num_active_works=%u)",
4671 radio->num_active_works);
4672 radio_work_check_next(wpa_s);
4673 }
4674
4675 return 0;
4676 }
4677
4678
4679 /**
4680 * radio_work_done - Indicate that a radio work item has been completed
4681 * @work: Completed work
4682 *
4683 * This function is called once the callback function registered with
4684 * radio_add_work() has completed its work.
4685 */
4686 void radio_work_done(struct wpa_radio_work *work)
4687 {
4688 struct wpa_supplicant *wpa_s = work->wpa_s;
4689 struct os_reltime now, diff;
4690 unsigned int started = work->started;
4691
4692 os_get_reltime(&now);
4693 os_reltime_sub(&now, &work->time, &diff);
4694 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4695 work->type, work, started ? "done" : "canceled",
4696 diff.sec, diff.usec);
4697 radio_work_free(work);
4698 if (started)
4699 radio_work_check_next(wpa_s);
4700 }
4701
4702
4703 struct wpa_radio_work *
4704 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4705 {
4706 struct wpa_radio_work *work;
4707 struct wpa_radio *radio = wpa_s->radio;
4708
4709 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4710 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4711 return work;
4712 }
4713
4714 return NULL;
4715 }
4716
4717
4718 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4719 struct wpa_interface *iface)
4720 {
4721 const char *ifname, *driver, *rn;
4722
4723 driver = iface->driver;
4724 next_driver:
4725 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4726 return -1;
4727
4728 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4729 if (wpa_s->drv_priv == NULL) {
4730 const char *pos;
4731 pos = driver ? os_strchr(driver, ',') : NULL;
4732 if (pos) {
4733 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4734 "driver interface - try next driver wrapper");
4735 driver = pos + 1;
4736 goto next_driver;
4737 }
4738 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4739 "interface");
4740 return -1;
4741 }
4742 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4743 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4744 "driver_param '%s'", wpa_s->conf->driver_param);
4745 return -1;
4746 }
4747
4748 ifname = wpa_drv_get_ifname(wpa_s);
4749 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4750 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4751 "interface name with '%s'", ifname);
4752 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4753 }
4754
4755 rn = wpa_driver_get_radio_name(wpa_s);
4756 if (rn && rn[0] == '\0')
4757 rn = NULL;
4758
4759 wpa_s->radio = radio_add_interface(wpa_s, rn);
4760 if (wpa_s->radio == NULL)
4761 return -1;
4762
4763 return 0;
4764 }
4765
4766
4767 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4768 struct wpa_interface *iface)
4769 {
4770 struct wpa_driver_capa capa;
4771 int capa_res;
4772
4773 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4774 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4775 iface->confname ? iface->confname : "N/A",
4776 iface->driver ? iface->driver : "default",
4777 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4778 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4779
4780 if (iface->confname) {
4781 #ifdef CONFIG_BACKEND_FILE
4782 wpa_s->confname = os_rel2abs_path(iface->confname);
4783 if (wpa_s->confname == NULL) {
4784 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4785 "for configuration file '%s'.",
4786 iface->confname);
4787 return -1;
4788 }
4789 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4790 iface->confname, wpa_s->confname);
4791 #else /* CONFIG_BACKEND_FILE */
4792 wpa_s->confname = os_strdup(iface->confname);
4793 #endif /* CONFIG_BACKEND_FILE */
4794 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4795 if (wpa_s->conf == NULL) {
4796 wpa_printf(MSG_ERROR, "Failed to read or parse "
4797 "configuration '%s'.", wpa_s->confname);
4798 return -1;
4799 }
4800 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4801 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4802
4803 /*
4804 * Override ctrl_interface and driver_param if set on command
4805 * line.
4806 */
4807 if (iface->ctrl_interface) {
4808 os_free(wpa_s->conf->ctrl_interface);
4809 wpa_s->conf->ctrl_interface =
4810 os_strdup(iface->ctrl_interface);
4811 }
4812
4813 if (iface->driver_param) {
4814 os_free(wpa_s->conf->driver_param);
4815 wpa_s->conf->driver_param =
4816 os_strdup(iface->driver_param);
4817 }
4818
4819 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4820 os_free(wpa_s->conf->ctrl_interface);
4821 wpa_s->conf->ctrl_interface = NULL;
4822 }
4823 } else
4824 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4825 iface->driver_param);
4826
4827 if (wpa_s->conf == NULL) {
4828 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4829 return -1;
4830 }
4831
4832 if (iface->ifname == NULL) {
4833 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4834 return -1;
4835 }
4836 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4837 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4838 iface->ifname);
4839 return -1;
4840 }
4841 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4842
4843 if (iface->bridge_ifname) {
4844 if (os_strlen(iface->bridge_ifname) >=
4845 sizeof(wpa_s->bridge_ifname)) {
4846 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4847 "name '%s'.", iface->bridge_ifname);
4848 return -1;
4849 }
4850 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4851 sizeof(wpa_s->bridge_ifname));
4852 }
4853
4854 /* RSNA Supplicant Key Management - INITIALIZE */
4855 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4856 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4857
4858 /* Initialize driver interface and register driver event handler before
4859 * L2 receive handler so that association events are processed before
4860 * EAPOL-Key packets if both become available for the same select()
4861 * call. */
4862 if (wpas_init_driver(wpa_s, iface) < 0)
4863 return -1;
4864
4865 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4866 return -1;
4867
4868 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4869 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4870 NULL);
4871 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4872
4873 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4874 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4875 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4876 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4877 "dot11RSNAConfigPMKLifetime");
4878 return -1;
4879 }
4880
4881 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4882 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4883 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4884 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4885 "dot11RSNAConfigPMKReauthThreshold");
4886 return -1;
4887 }
4888
4889 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4890 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4891 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4892 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4893 "dot11RSNAConfigSATimeout");
4894 return -1;
4895 }
4896
4897 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4898 &wpa_s->hw.num_modes,
4899 &wpa_s->hw.flags);
4900 if (wpa_s->hw.modes) {
4901 u16 i;
4902
4903 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4904 if (wpa_s->hw.modes[i].vht_capab) {
4905 wpa_s->hw_capab = CAPAB_VHT;
4906 break;
4907 }
4908
4909 if (wpa_s->hw.modes[i].ht_capab &
4910 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4911 wpa_s->hw_capab = CAPAB_HT40;
4912 else if (wpa_s->hw.modes[i].ht_capab &&
4913 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4914 wpa_s->hw_capab = CAPAB_HT;
4915 }
4916 }
4917
4918 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4919 if (capa_res == 0) {
4920 wpa_s->drv_capa_known = 1;
4921 wpa_s->drv_flags = capa.flags;
4922 wpa_s->drv_enc = capa.enc;
4923 wpa_s->drv_smps_modes = capa.smps_modes;
4924 wpa_s->drv_rrm_flags = capa.rrm_flags;
4925 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4926 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4927 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4928 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
4929 wpa_s->max_sched_scan_plan_interval =
4930 capa.max_sched_scan_plan_interval;
4931 wpa_s->max_sched_scan_plan_iterations =
4932 capa.max_sched_scan_plan_iterations;
4933 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4934 wpa_s->max_match_sets = capa.max_match_sets;
4935 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4936 wpa_s->max_stations = capa.max_stations;
4937 wpa_s->extended_capa = capa.extended_capa;
4938 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4939 wpa_s->extended_capa_len = capa.extended_capa_len;
4940 wpa_s->num_multichan_concurrent =
4941 capa.num_multichan_concurrent;
4942 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4943
4944 if (capa.mac_addr_rand_scan_supported)
4945 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4946 if (wpa_s->sched_scan_supported &&
4947 capa.mac_addr_rand_sched_scan_supported)
4948 wpa_s->mac_addr_rand_supported |=
4949 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4950 }
4951 if (wpa_s->max_remain_on_chan == 0)
4952 wpa_s->max_remain_on_chan = 1000;
4953
4954 /*
4955 * Only take p2p_mgmt parameters when P2P Device is supported.
4956 * Doing it here as it determines whether l2_packet_init() will be done
4957 * during wpa_supplicant_driver_init().
4958 */
4959 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4960 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4961 else
4962 iface->p2p_mgmt = 1;
4963
4964 if (wpa_s->num_multichan_concurrent == 0)
4965 wpa_s->num_multichan_concurrent = 1;
4966
4967 if (wpa_supplicant_driver_init(wpa_s) < 0)
4968 return -1;
4969
4970 #ifdef CONFIG_TDLS
4971 if ((!iface->p2p_mgmt ||
4972 !(wpa_s->drv_flags &
4973 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4974 wpa_tdls_init(wpa_s->wpa))
4975 return -1;
4976 #endif /* CONFIG_TDLS */
4977
4978 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4979 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4980 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4981 return -1;
4982 }
4983
4984 #ifdef CONFIG_FST
4985 if (wpa_s->conf->fst_group_id) {
4986 struct fst_iface_cfg cfg;
4987 struct fst_wpa_obj iface_obj;
4988
4989 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4990 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4991 sizeof(cfg.group_id));
4992 cfg.priority = wpa_s->conf->fst_priority;
4993 cfg.llt = wpa_s->conf->fst_llt;
4994
4995 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4996 &iface_obj, &cfg);
4997 if (!wpa_s->fst) {
4998 wpa_msg(wpa_s, MSG_ERROR,
4999 "FST: Cannot attach iface %s to group %s",
5000 wpa_s->ifname, cfg.group_id);
5001 return -1;
5002 }
5003 }
5004 #endif /* CONFIG_FST */
5005
5006 if (wpas_wps_init(wpa_s))
5007 return -1;
5008
5009 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5010 return -1;
5011 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5012
5013 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5014 if (wpa_s->ctrl_iface == NULL) {
5015 wpa_printf(MSG_ERROR,
5016 "Failed to initialize control interface '%s'.\n"
5017 "You may have another wpa_supplicant process "
5018 "already running or the file was\n"
5019 "left by an unclean termination of wpa_supplicant "
5020 "in which case you will need\n"
5021 "to manually remove this file before starting "
5022 "wpa_supplicant again.\n",
5023 wpa_s->conf->ctrl_interface);
5024 return -1;
5025 }
5026
5027 wpa_s->gas = gas_query_init(wpa_s);
5028 if (wpa_s->gas == NULL) {
5029 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5030 return -1;
5031 }
5032
5033 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
5034 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
5035 return -1;
5036 }
5037
5038 if (wpa_bss_init(wpa_s) < 0)
5039 return -1;
5040
5041 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5042 #ifdef CONFIG_MESH
5043 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5044 #endif /* CONFIG_MESH */
5045 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5046
5047 /*
5048 * Set Wake-on-WLAN triggers, if configured.
5049 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5050 * have effect anyway when the interface is down).
5051 */
5052 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
5053 return -1;
5054
5055 #ifdef CONFIG_EAP_PROXY
5056 {
5057 size_t len;
5058 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
5059 &len);
5060 if (wpa_s->mnc_len > 0) {
5061 wpa_s->imsi[len] = '\0';
5062 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5063 wpa_s->imsi, wpa_s->mnc_len);
5064 } else {
5065 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5066 }
5067 }
5068 #endif /* CONFIG_EAP_PROXY */
5069
5070 if (pcsc_reader_init(wpa_s) < 0)
5071 return -1;
5072
5073 if (wpas_init_ext_pw(wpa_s) < 0)
5074 return -1;
5075
5076 wpas_rrm_reset(wpa_s);
5077
5078 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5079
5080 #ifdef CONFIG_HS20
5081 hs20_init(wpa_s);
5082 #endif /* CONFIG_HS20 */
5083 #ifdef CONFIG_MBO
5084 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5085 #endif /* CONFIG_MBO */
5086
5087 wpa_supplicant_set_default_scan_ies(wpa_s);
5088
5089 return 0;
5090 }
5091
5092
5093 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
5094 int notify, int terminate)
5095 {
5096 struct wpa_global *global = wpa_s->global;
5097 struct wpa_supplicant *iface, *prev;
5098
5099 if (wpa_s == wpa_s->parent)
5100 wpas_p2p_group_remove(wpa_s, "*");
5101
5102 iface = global->ifaces;
5103 while (iface) {
5104 if (iface->p2pdev == wpa_s)
5105 iface->p2pdev = iface->parent;
5106 if (iface == wpa_s || iface->parent != wpa_s) {
5107 iface = iface->next;
5108 continue;
5109 }
5110 wpa_printf(MSG_DEBUG,
5111 "Remove remaining child interface %s from parent %s",
5112 iface->ifname, wpa_s->ifname);
5113 prev = iface;
5114 iface = iface->next;
5115 wpa_supplicant_remove_iface(global, prev, terminate);
5116 }
5117
5118 wpa_s->disconnected = 1;
5119 if (wpa_s->drv_priv) {
5120 wpa_supplicant_deauthenticate(wpa_s,
5121 WLAN_REASON_DEAUTH_LEAVING);
5122
5123 wpa_drv_set_countermeasures(wpa_s, 0);
5124 wpa_clear_keys(wpa_s, NULL);
5125 }
5126
5127 wpa_supplicant_cleanup(wpa_s);
5128 wpas_p2p_deinit_iface(wpa_s);
5129
5130 wpas_ctrl_radio_work_flush(wpa_s);
5131 radio_remove_interface(wpa_s);
5132
5133 #ifdef CONFIG_FST
5134 if (wpa_s->fst) {
5135 fst_detach(wpa_s->fst);
5136 wpa_s->fst = NULL;
5137 }
5138 if (wpa_s->received_mb_ies) {
5139 wpabuf_free(wpa_s->received_mb_ies);
5140 wpa_s->received_mb_ies = NULL;
5141 }
5142 #endif /* CONFIG_FST */
5143
5144 if (wpa_s->drv_priv)
5145 wpa_drv_deinit(wpa_s);
5146
5147 if (notify)
5148 wpas_notify_iface_removed(wpa_s);
5149
5150 if (terminate)
5151 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5152
5153 if (wpa_s->ctrl_iface) {
5154 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5155 wpa_s->ctrl_iface = NULL;
5156 }
5157
5158 #ifdef CONFIG_MESH
5159 if (wpa_s->ifmsh) {
5160 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5161 wpa_s->ifmsh = NULL;
5162 }
5163 #endif /* CONFIG_MESH */
5164
5165 if (wpa_s->conf != NULL) {
5166 wpa_config_free(wpa_s->conf);
5167 wpa_s->conf = NULL;
5168 }
5169
5170 os_free(wpa_s->ssids_from_scan_req);
5171
5172 os_free(wpa_s);
5173 }
5174
5175
5176 #ifdef CONFIG_MATCH_IFACE
5177
5178 /**
5179 * wpa_supplicant_match_iface - Match an interface description to a name
5180 * @global: Pointer to global data from wpa_supplicant_init()
5181 * @ifname: Name of the interface to match
5182 * Returns: Pointer to the created interface description or %NULL on failure
5183 */
5184 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5185 const char *ifname)
5186 {
5187 int i;
5188 struct wpa_interface *iface, *miface;
5189
5190 for (i = 0; i < global->params.match_iface_count; i++) {
5191 miface = &global->params.match_ifaces[i];
5192 if (!miface->ifname ||
5193 fnmatch(miface->ifname, ifname, 0) == 0) {
5194 iface = os_zalloc(sizeof(*iface));
5195 if (!iface)
5196 return NULL;
5197 *iface = *miface;
5198 iface->ifname = ifname;
5199 return iface;
5200 }
5201 }
5202
5203 return NULL;
5204 }
5205
5206
5207 /**
5208 * wpa_supplicant_match_existing - Match existing interfaces
5209 * @global: Pointer to global data from wpa_supplicant_init()
5210 * Returns: 0 on success, -1 on failure
5211 */
5212 static int wpa_supplicant_match_existing(struct wpa_global *global)
5213 {
5214 struct if_nameindex *ifi, *ifp;
5215 struct wpa_supplicant *wpa_s;
5216 struct wpa_interface *iface;
5217
5218 ifp = if_nameindex();
5219 if (!ifp) {
5220 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5221 return -1;
5222 }
5223
5224 for (ifi = ifp; ifi->if_name; ifi++) {
5225 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5226 if (wpa_s)
5227 continue;
5228 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5229 if (iface) {
5230 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5231 os_free(iface);
5232 if (wpa_s)
5233 wpa_s->matched = 1;
5234 }
5235 }
5236
5237 if_freenameindex(ifp);
5238 return 0;
5239 }
5240
5241 #endif /* CONFIG_MATCH_IFACE */
5242
5243
5244 /**
5245 * wpa_supplicant_add_iface - Add a new network interface
5246 * @global: Pointer to global data from wpa_supplicant_init()
5247 * @iface: Interface configuration options
5248 * @parent: Parent interface or %NULL to assign new interface as parent
5249 * Returns: Pointer to the created interface or %NULL on failure
5250 *
5251 * This function is used to add new network interfaces for %wpa_supplicant.
5252 * This can be called before wpa_supplicant_run() to add interfaces before the
5253 * main event loop has been started. In addition, new interfaces can be added
5254 * dynamically while %wpa_supplicant is already running. This could happen,
5255 * e.g., when a hotplug network adapter is inserted.
5256 */
5257 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5258 struct wpa_interface *iface,
5259 struct wpa_supplicant *parent)
5260 {
5261 struct wpa_supplicant *wpa_s;
5262 struct wpa_interface t_iface;
5263 struct wpa_ssid *ssid;
5264
5265 if (global == NULL || iface == NULL)
5266 return NULL;
5267
5268 wpa_s = wpa_supplicant_alloc(parent);
5269 if (wpa_s == NULL)
5270 return NULL;
5271
5272 wpa_s->global = global;
5273
5274 t_iface = *iface;
5275 if (global->params.override_driver) {
5276 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5277 "('%s' -> '%s')",
5278 iface->driver, global->params.override_driver);
5279 t_iface.driver = global->params.override_driver;
5280 }
5281 if (global->params.override_ctrl_interface) {
5282 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5283 "ctrl_interface ('%s' -> '%s')",
5284 iface->ctrl_interface,
5285 global->params.override_ctrl_interface);
5286 t_iface.ctrl_interface =
5287 global->params.override_ctrl_interface;
5288 }
5289 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5290 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5291 iface->ifname);
5292 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5293 return NULL;
5294 }
5295
5296 if (iface->p2p_mgmt == 0) {
5297 /* Notify the control interfaces about new iface */
5298 if (wpas_notify_iface_added(wpa_s)) {
5299 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5300 return NULL;
5301 }
5302
5303 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5304 wpas_notify_network_added(wpa_s, ssid);
5305 }
5306
5307 wpa_s->next = global->ifaces;
5308 global->ifaces = wpa_s;
5309
5310 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5311 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5312
5313 #ifdef CONFIG_P2P
5314 if (wpa_s->global->p2p == NULL &&
5315 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5316 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5317 wpas_p2p_add_p2pdev_interface(
5318 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5319 wpa_printf(MSG_INFO,
5320 "P2P: Failed to enable P2P Device interface");
5321 /* Try to continue without. P2P will be disabled. */
5322 }
5323 #endif /* CONFIG_P2P */
5324
5325 return wpa_s;
5326 }
5327
5328
5329 /**
5330 * wpa_supplicant_remove_iface - Remove a network interface
5331 * @global: Pointer to global data from wpa_supplicant_init()
5332 * @wpa_s: Pointer to the network interface to be removed
5333 * Returns: 0 if interface was removed, -1 if interface was not found
5334 *
5335 * This function can be used to dynamically remove network interfaces from
5336 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5337 * addition, this function is used to remove all remaining interfaces when
5338 * %wpa_supplicant is terminated.
5339 */
5340 int wpa_supplicant_remove_iface(struct wpa_global *global,
5341 struct wpa_supplicant *wpa_s,
5342 int terminate)
5343 {
5344 struct wpa_supplicant *prev;
5345 #ifdef CONFIG_MESH
5346 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5347 char *ifname = NULL;
5348 struct wpa_supplicant *parent = wpa_s->parent;
5349 #endif /* CONFIG_MESH */
5350
5351 /* Remove interface from the global list of interfaces */
5352 prev = global->ifaces;
5353 if (prev == wpa_s) {
5354 global->ifaces = wpa_s->next;
5355 } else {
5356 while (prev && prev->next != wpa_s)
5357 prev = prev->next;
5358 if (prev == NULL)
5359 return -1;
5360 prev->next = wpa_s->next;
5361 }
5362
5363 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5364
5365 #ifdef CONFIG_MESH
5366 if (mesh_if_created) {
5367 ifname = os_strdup(wpa_s->ifname);
5368 if (ifname == NULL) {
5369 wpa_dbg(wpa_s, MSG_ERROR,
5370 "mesh: Failed to malloc ifname");
5371 return -1;
5372 }
5373 }
5374 #endif /* CONFIG_MESH */
5375
5376 if (global->p2p_group_formation == wpa_s)
5377 global->p2p_group_formation = NULL;
5378 if (global->p2p_invite_group == wpa_s)
5379 global->p2p_invite_group = NULL;
5380 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5381
5382 #ifdef CONFIG_MESH
5383 if (mesh_if_created) {
5384 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5385 os_free(ifname);
5386 }
5387 #endif /* CONFIG_MESH */
5388
5389 return 0;
5390 }
5391
5392
5393 /**
5394 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5395 * @wpa_s: Pointer to the network interface
5396 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5397 */
5398 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5399 {
5400 const char *eapol_method;
5401
5402 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5403 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5404 return "NO-EAP";
5405 }
5406
5407 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5408 if (eapol_method == NULL)
5409 return "UNKNOWN-EAP";
5410
5411 return eapol_method;
5412 }
5413
5414
5415 /**
5416 * wpa_supplicant_get_iface - Get a new network interface
5417 * @global: Pointer to global data from wpa_supplicant_init()
5418 * @ifname: Interface name
5419 * Returns: Pointer to the interface or %NULL if not found
5420 */
5421 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5422 const char *ifname)
5423 {
5424 struct wpa_supplicant *wpa_s;
5425
5426 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5427 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5428 return wpa_s;
5429 }
5430 return NULL;
5431 }
5432
5433
5434 #ifndef CONFIG_NO_WPA_MSG
5435 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5436 {
5437 struct wpa_supplicant *wpa_s = ctx;
5438 if (wpa_s == NULL)
5439 return NULL;
5440 return wpa_s->ifname;
5441 }
5442 #endif /* CONFIG_NO_WPA_MSG */
5443
5444
5445 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5446 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5447 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5448
5449 /* Periodic cleanup tasks */
5450 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5451 {
5452 struct wpa_global *global = eloop_ctx;
5453 struct wpa_supplicant *wpa_s;
5454
5455 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5456 wpas_periodic, global, NULL);
5457
5458 #ifdef CONFIG_P2P
5459 if (global->p2p)
5460 p2p_expire_peers(global->p2p);
5461 #endif /* CONFIG_P2P */
5462
5463 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5464 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5465 #ifdef CONFIG_AP
5466 ap_periodic(wpa_s);
5467 #endif /* CONFIG_AP */
5468 }
5469 }
5470
5471
5472 /**
5473 * wpa_supplicant_init - Initialize %wpa_supplicant
5474 * @params: Parameters for %wpa_supplicant
5475 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5476 *
5477 * This function is used to initialize %wpa_supplicant. After successful
5478 * initialization, the returned data pointer can be used to add and remove
5479 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5480 */
5481 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5482 {
5483 struct wpa_global *global;
5484 int ret, i;
5485
5486 if (params == NULL)
5487 return NULL;
5488
5489 #ifdef CONFIG_DRIVER_NDIS
5490 {
5491 void driver_ndis_init_ops(void);
5492 driver_ndis_init_ops();
5493 }
5494 #endif /* CONFIG_DRIVER_NDIS */
5495
5496 #ifndef CONFIG_NO_WPA_MSG
5497 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5498 #endif /* CONFIG_NO_WPA_MSG */
5499
5500 if (params->wpa_debug_file_path)
5501 wpa_debug_open_file(params->wpa_debug_file_path);
5502 else
5503 wpa_debug_setup_stdout();
5504 if (params->wpa_debug_syslog)
5505 wpa_debug_open_syslog();
5506 if (params->wpa_debug_tracing) {
5507 ret = wpa_debug_open_linux_tracing();
5508 if (ret) {
5509 wpa_printf(MSG_ERROR,
5510 "Failed to enable trace logging");
5511 return NULL;
5512 }
5513 }
5514
5515 ret = eap_register_methods();
5516 if (ret) {
5517 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5518 if (ret == -2)
5519 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5520 "the same EAP type.");
5521 return NULL;
5522 }
5523
5524 global = os_zalloc(sizeof(*global));
5525 if (global == NULL)
5526 return NULL;
5527 dl_list_init(&global->p2p_srv_bonjour);
5528 dl_list_init(&global->p2p_srv_upnp);
5529 global->params.daemonize = params->daemonize;
5530 global->params.wait_for_monitor = params->wait_for_monitor;
5531 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5532 if (params->pid_file)
5533 global->params.pid_file = os_strdup(params->pid_file);
5534 if (params->ctrl_interface)
5535 global->params.ctrl_interface =
5536 os_strdup(params->ctrl_interface);
5537 if (params->ctrl_interface_group)
5538 global->params.ctrl_interface_group =
5539 os_strdup(params->ctrl_interface_group);
5540 if (params->override_driver)
5541 global->params.override_driver =
5542 os_strdup(params->override_driver);
5543 if (params->override_ctrl_interface)
5544 global->params.override_ctrl_interface =
5545 os_strdup(params->override_ctrl_interface);
5546 #ifdef CONFIG_MATCH_IFACE
5547 global->params.match_iface_count = params->match_iface_count;
5548 if (params->match_iface_count) {
5549 global->params.match_ifaces =
5550 os_calloc(params->match_iface_count,
5551 sizeof(struct wpa_interface));
5552 os_memcpy(global->params.match_ifaces,
5553 params->match_ifaces,
5554 params->match_iface_count *
5555 sizeof(struct wpa_interface));
5556 }
5557 #endif /* CONFIG_MATCH_IFACE */
5558 #ifdef CONFIG_P2P
5559 if (params->conf_p2p_dev)
5560 global->params.conf_p2p_dev =
5561 os_strdup(params->conf_p2p_dev);
5562 #endif /* CONFIG_P2P */
5563 wpa_debug_level = global->params.wpa_debug_level =
5564 params->wpa_debug_level;
5565 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5566 params->wpa_debug_show_keys;
5567 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5568 params->wpa_debug_timestamp;
5569
5570 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5571
5572 if (eloop_init()) {
5573 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5574 wpa_supplicant_deinit(global);
5575 return NULL;
5576 }
5577
5578 random_init(params->entropy_file);
5579
5580 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5581 if (global->ctrl_iface == NULL) {
5582 wpa_supplicant_deinit(global);
5583 return NULL;
5584 }
5585
5586 if (wpas_notify_supplicant_initialized(global)) {
5587 wpa_supplicant_deinit(global);
5588 return NULL;
5589 }
5590
5591 for (i = 0; wpa_drivers[i]; i++)
5592 global->drv_count++;
5593 if (global->drv_count == 0) {
5594 wpa_printf(MSG_ERROR, "No drivers enabled");
5595 wpa_supplicant_deinit(global);
5596 return NULL;
5597 }
5598 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5599 if (global->drv_priv == NULL) {
5600 wpa_supplicant_deinit(global);
5601 return NULL;
5602 }
5603
5604 #ifdef CONFIG_WIFI_DISPLAY
5605 if (wifi_display_init(global) < 0) {
5606 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5607 wpa_supplicant_deinit(global);
5608 return NULL;
5609 }
5610 #endif /* CONFIG_WIFI_DISPLAY */
5611
5612 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5613 wpas_periodic, global, NULL);
5614
5615 return global;
5616 }
5617
5618
5619 /**
5620 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5621 * @global: Pointer to global data from wpa_supplicant_init()
5622 * Returns: 0 after successful event loop run, -1 on failure
5623 *
5624 * This function starts the main event loop and continues running as long as
5625 * there are any remaining events. In most cases, this function is running as
5626 * long as the %wpa_supplicant process in still in use.
5627 */
5628 int wpa_supplicant_run(struct wpa_global *global)
5629 {
5630 struct wpa_supplicant *wpa_s;
5631
5632 if (global->params.daemonize &&
5633 (wpa_supplicant_daemon(global->params.pid_file) ||
5634 eloop_sock_requeue()))
5635 return -1;
5636
5637 #ifdef CONFIG_MATCH_IFACE
5638 if (wpa_supplicant_match_existing(global))
5639 return -1;
5640 #endif
5641
5642 if (global->params.wait_for_monitor) {
5643 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5644 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
5645 wpa_supplicant_ctrl_iface_wait(
5646 wpa_s->ctrl_iface);
5647 }
5648
5649 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5650 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5651
5652 eloop_run();
5653
5654 return 0;
5655 }
5656
5657
5658 /**
5659 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5660 * @global: Pointer to global data from wpa_supplicant_init()
5661 *
5662 * This function is called to deinitialize %wpa_supplicant and to free all
5663 * allocated resources. Remaining network interfaces will also be removed.
5664 */
5665 void wpa_supplicant_deinit(struct wpa_global *global)
5666 {
5667 int i;
5668
5669 if (global == NULL)
5670 return;
5671
5672 eloop_cancel_timeout(wpas_periodic, global, NULL);
5673
5674 #ifdef CONFIG_WIFI_DISPLAY
5675 wifi_display_deinit(global);
5676 #endif /* CONFIG_WIFI_DISPLAY */
5677
5678 while (global->ifaces)
5679 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5680
5681 if (global->ctrl_iface)
5682 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5683
5684 wpas_notify_supplicant_deinitialized(global);
5685
5686 eap_peer_unregister_methods();
5687 #ifdef CONFIG_AP
5688 eap_server_unregister_methods();
5689 #endif /* CONFIG_AP */
5690
5691 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5692 if (!global->drv_priv[i])
5693 continue;
5694 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5695 }
5696 os_free(global->drv_priv);
5697
5698 random_deinit();
5699
5700 eloop_destroy();
5701
5702 if (global->params.pid_file) {
5703 os_daemonize_terminate(global->params.pid_file);
5704 os_free(global->params.pid_file);
5705 }
5706 os_free(global->params.ctrl_interface);
5707 os_free(global->params.ctrl_interface_group);
5708 os_free(global->params.override_driver);
5709 os_free(global->params.override_ctrl_interface);
5710 #ifdef CONFIG_MATCH_IFACE
5711 os_free(global->params.match_ifaces);
5712 #endif /* CONFIG_MATCH_IFACE */
5713 #ifdef CONFIG_P2P
5714 os_free(global->params.conf_p2p_dev);
5715 #endif /* CONFIG_P2P */
5716
5717 os_free(global->p2p_disallow_freq.range);
5718 os_free(global->p2p_go_avoid_freq.range);
5719 os_free(global->add_psk);
5720
5721 os_free(global);
5722 wpa_debug_close_syslog();
5723 wpa_debug_close_file();
5724 wpa_debug_close_linux_tracing();
5725 }
5726
5727
5728 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5729 {
5730 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5731 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5732 char country[3];
5733 country[0] = wpa_s->conf->country[0];
5734 country[1] = wpa_s->conf->country[1];
5735 country[2] = '\0';
5736 if (wpa_drv_set_country(wpa_s, country) < 0) {
5737 wpa_printf(MSG_ERROR, "Failed to set country code "
5738 "'%s'", country);
5739 }
5740 }
5741
5742 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5743 wpas_init_ext_pw(wpa_s);
5744
5745 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
5746 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5747
5748 #ifdef CONFIG_WPS
5749 wpas_wps_update_config(wpa_s);
5750 #endif /* CONFIG_WPS */
5751 wpas_p2p_update_config(wpa_s);
5752 wpa_s->conf->changed_parameters = 0;
5753 }
5754
5755
5756 void add_freq(int *freqs, int *num_freqs, int freq)
5757 {
5758 int i;
5759
5760 for (i = 0; i < *num_freqs; i++) {
5761 if (freqs[i] == freq)
5762 return;
5763 }
5764
5765 freqs[*num_freqs] = freq;
5766 (*num_freqs)++;
5767 }
5768
5769
5770 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5771 {
5772 struct wpa_bss *bss, *cbss;
5773 const int max_freqs = 10;
5774 int *freqs;
5775 int num_freqs = 0;
5776
5777 freqs = os_calloc(max_freqs + 1, sizeof(int));
5778 if (freqs == NULL)
5779 return NULL;
5780
5781 cbss = wpa_s->current_bss;
5782
5783 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5784 if (bss == cbss)
5785 continue;
5786 if (bss->ssid_len == cbss->ssid_len &&
5787 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5788 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5789 add_freq(freqs, &num_freqs, bss->freq);
5790 if (num_freqs == max_freqs)
5791 break;
5792 }
5793 }
5794
5795 if (num_freqs == 0) {
5796 os_free(freqs);
5797 freqs = NULL;
5798 }
5799
5800 return freqs;
5801 }
5802
5803
5804 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5805 {
5806 int timeout;
5807 int count;
5808 int *freqs = NULL;
5809
5810 wpas_connect_work_done(wpa_s);
5811
5812 /*
5813 * Remove possible authentication timeout since the connection failed.
5814 */
5815 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5816
5817 /*
5818 * There is no point in blacklisting the AP if this event is
5819 * generated based on local request to disconnect.
5820 */
5821 if (wpa_s->own_disconnect_req) {
5822 wpa_s->own_disconnect_req = 0;
5823 wpa_dbg(wpa_s, MSG_DEBUG,
5824 "Ignore connection failure due to local request to disconnect");
5825 return;
5826 }
5827 if (wpa_s->disconnected) {
5828 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5829 "indication since interface has been put into "
5830 "disconnected state");
5831 return;
5832 }
5833
5834 /*
5835 * Add the failed BSSID into the blacklist and speed up next scan
5836 * attempt if there could be other APs that could accept association.
5837 * The current blacklist count indicates how many times we have tried
5838 * connecting to this AP and multiple attempts mean that other APs are
5839 * either not available or has already been tried, so that we can start
5840 * increasing the delay here to avoid constant scanning.
5841 */
5842 count = wpa_blacklist_add(wpa_s, bssid);
5843 if (count == 1 && wpa_s->current_bss) {
5844 /*
5845 * This BSS was not in the blacklist before. If there is
5846 * another BSS available for the same ESS, we should try that
5847 * next. Otherwise, we may as well try this one once more
5848 * before allowing other, likely worse, ESSes to be considered.
5849 */
5850 freqs = get_bss_freqs_in_ess(wpa_s);
5851 if (freqs) {
5852 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5853 "has been seen; try it next");
5854 wpa_blacklist_add(wpa_s, bssid);
5855 /*
5856 * On the next scan, go through only the known channels
5857 * used in this ESS based on previous scans to speed up
5858 * common load balancing use case.
5859 */
5860 os_free(wpa_s->next_scan_freqs);
5861 wpa_s->next_scan_freqs = freqs;
5862 }
5863 }
5864
5865 /*
5866 * Add previous failure count in case the temporary blacklist was
5867 * cleared due to no other BSSes being available.
5868 */
5869 count += wpa_s->extra_blacklist_count;
5870
5871 if (count > 3 && wpa_s->current_ssid) {
5872 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5873 "consider temporary network disabling");
5874 wpas_auth_failed(wpa_s, "CONN_FAILED");
5875 }
5876
5877 switch (count) {
5878 case 1:
5879 timeout = 100;
5880 break;
5881 case 2:
5882 timeout = 500;
5883 break;
5884 case 3:
5885 timeout = 1000;
5886 break;
5887 case 4:
5888 timeout = 5000;
5889 break;
5890 default:
5891 timeout = 10000;
5892 break;
5893 }
5894
5895 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5896 "ms", count, timeout);
5897
5898 /*
5899 * TODO: if more than one possible AP is available in scan results,
5900 * could try the other ones before requesting a new scan.
5901 */
5902 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5903 1000 * (timeout % 1000));
5904 }
5905
5906
5907 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5908 {
5909 return wpa_s->conf->ap_scan == 2 ||
5910 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5911 }
5912
5913
5914 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5915 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5916 struct wpa_ssid *ssid,
5917 const char *field,
5918 const char *value)
5919 {
5920 #ifdef IEEE8021X_EAPOL
5921 struct eap_peer_config *eap = &ssid->eap;
5922
5923 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5924 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5925 (const u8 *) value, os_strlen(value));
5926
5927 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5928 case WPA_CTRL_REQ_EAP_IDENTITY:
5929 os_free(eap->identity);
5930 eap->identity = (u8 *) os_strdup(value);
5931 eap->identity_len = os_strlen(value);
5932 eap->pending_req_identity = 0;
5933 if (ssid == wpa_s->current_ssid)
5934 wpa_s->reassociate = 1;
5935 break;
5936 case WPA_CTRL_REQ_EAP_PASSWORD:
5937 bin_clear_free(eap->password, eap->password_len);
5938 eap->password = (u8 *) os_strdup(value);
5939 eap->password_len = os_strlen(value);
5940 eap->pending_req_password = 0;
5941 if (ssid == wpa_s->current_ssid)
5942 wpa_s->reassociate = 1;
5943 break;
5944 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5945 bin_clear_free(eap->new_password, eap->new_password_len);
5946 eap->new_password = (u8 *) os_strdup(value);
5947 eap->new_password_len = os_strlen(value);
5948 eap->pending_req_new_password = 0;
5949 if (ssid == wpa_s->current_ssid)
5950 wpa_s->reassociate = 1;
5951 break;
5952 case WPA_CTRL_REQ_EAP_PIN:
5953 str_clear_free(eap->pin);
5954 eap->pin = os_strdup(value);
5955 eap->pending_req_pin = 0;
5956 if (ssid == wpa_s->current_ssid)
5957 wpa_s->reassociate = 1;
5958 break;
5959 case WPA_CTRL_REQ_EAP_OTP:
5960 bin_clear_free(eap->otp, eap->otp_len);
5961 eap->otp = (u8 *) os_strdup(value);
5962 eap->otp_len = os_strlen(value);
5963 os_free(eap->pending_req_otp);
5964 eap->pending_req_otp = NULL;
5965 eap->pending_req_otp_len = 0;
5966 break;
5967 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5968 str_clear_free(eap->private_key_passwd);
5969 eap->private_key_passwd = os_strdup(value);
5970 eap->pending_req_passphrase = 0;
5971 if (ssid == wpa_s->current_ssid)
5972 wpa_s->reassociate = 1;
5973 break;
5974 case WPA_CTRL_REQ_SIM:
5975 str_clear_free(eap->external_sim_resp);
5976 eap->external_sim_resp = os_strdup(value);
5977 eap->pending_req_sim = 0;
5978 break;
5979 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5980 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5981 return -1;
5982 ssid->mem_only_psk = 1;
5983 if (ssid->passphrase)
5984 wpa_config_update_psk(ssid);
5985 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5986 wpa_supplicant_req_scan(wpa_s, 0, 0);
5987 break;
5988 case WPA_CTRL_REQ_EXT_CERT_CHECK:
5989 if (eap->pending_ext_cert_check != PENDING_CHECK)
5990 return -1;
5991 if (os_strcmp(value, "good") == 0)
5992 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
5993 else if (os_strcmp(value, "bad") == 0)
5994 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
5995 else
5996 return -1;
5997 break;
5998 default:
5999 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6000 return -1;
6001 }
6002
6003 return 0;
6004 #else /* IEEE8021X_EAPOL */
6005 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6006 return -1;
6007 #endif /* IEEE8021X_EAPOL */
6008 }
6009 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6010
6011
6012 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6013 {
6014 int i;
6015 unsigned int drv_enc;
6016
6017 if (wpa_s->p2p_mgmt)
6018 return 1; /* no normal network profiles on p2p_mgmt interface */
6019
6020 if (ssid == NULL)
6021 return 1;
6022
6023 if (ssid->disabled)
6024 return 1;
6025
6026 if (wpa_s->drv_capa_known)
6027 drv_enc = wpa_s->drv_enc;
6028 else
6029 drv_enc = (unsigned int) -1;
6030
6031 for (i = 0; i < NUM_WEP_KEYS; i++) {
6032 size_t len = ssid->wep_key_len[i];
6033 if (len == 0)
6034 continue;
6035 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6036 continue;
6037 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6038 continue;
6039 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6040 continue;
6041 return 1; /* invalid WEP key */
6042 }
6043
6044 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
6045 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
6046 !ssid->mem_only_psk)
6047 return 1;
6048
6049 return 0;
6050 }
6051
6052
6053 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6054 {
6055 #ifdef CONFIG_IEEE80211W
6056 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6057 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6058 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6059 /*
6060 * Driver does not support BIP -- ignore pmf=1 default
6061 * since the connection with PMF would fail and the
6062 * configuration does not require PMF to be enabled.
6063 */
6064 return NO_MGMT_FRAME_PROTECTION;
6065 }
6066
6067 if (ssid &&
6068 (ssid->key_mgmt &
6069 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6070 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6071 /*
6072 * Do not use the default PMF value for non-RSN networks
6073 * since PMF is available only with RSN and pmf=2
6074 * configuration would otherwise prevent connections to
6075 * all open networks.
6076 */
6077 return NO_MGMT_FRAME_PROTECTION;
6078 }
6079
6080 return wpa_s->conf->pmf;
6081 }
6082
6083 return ssid->ieee80211w;
6084 #else /* CONFIG_IEEE80211W */
6085 return NO_MGMT_FRAME_PROTECTION;
6086 #endif /* CONFIG_IEEE80211W */
6087 }
6088
6089
6090 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6091 {
6092 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6093 return 1;
6094 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6095 return 0;
6096 return -1;
6097 }
6098
6099
6100 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
6101 {
6102 struct wpa_ssid *ssid = wpa_s->current_ssid;
6103 int dur;
6104 struct os_reltime now;
6105
6106 if (ssid == NULL) {
6107 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6108 "SSID block");
6109 return;
6110 }
6111
6112 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6113 return;
6114
6115 ssid->auth_failures++;
6116
6117 #ifdef CONFIG_P2P
6118 if (ssid->p2p_group &&
6119 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6120 /*
6121 * Skip the wait time since there is a short timeout on the
6122 * connection to a P2P group.
6123 */
6124 return;
6125 }
6126 #endif /* CONFIG_P2P */
6127
6128 if (ssid->auth_failures > 50)
6129 dur = 300;
6130 else if (ssid->auth_failures > 10)
6131 dur = 120;
6132 else if (ssid->auth_failures > 5)
6133 dur = 90;
6134 else if (ssid->auth_failures > 3)
6135 dur = 60;
6136 else if (ssid->auth_failures > 2)
6137 dur = 30;
6138 else if (ssid->auth_failures > 1)
6139 dur = 20;
6140 else
6141 dur = 10;
6142
6143 if (ssid->auth_failures > 1 &&
6144 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6145 dur += os_random() % (ssid->auth_failures * 10);
6146
6147 os_get_reltime(&now);
6148 if (now.sec + dur <= ssid->disabled_until.sec)
6149 return;
6150
6151 ssid->disabled_until.sec = now.sec + dur;
6152
6153 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
6154 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6155 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
6156 ssid->auth_failures, dur, reason);
6157 }
6158
6159
6160 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6161 struct wpa_ssid *ssid, int clear_failures)
6162 {
6163 if (ssid == NULL)
6164 return;
6165
6166 if (ssid->disabled_until.sec) {
6167 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6168 "id=%d ssid=\"%s\"",
6169 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6170 }
6171 ssid->disabled_until.sec = 0;
6172 ssid->disabled_until.usec = 0;
6173 if (clear_failures)
6174 ssid->auth_failures = 0;
6175 }
6176
6177
6178 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6179 {
6180 size_t i;
6181
6182 if (wpa_s->disallow_aps_bssid == NULL)
6183 return 0;
6184
6185 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6186 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6187 bssid, ETH_ALEN) == 0)
6188 return 1;
6189 }
6190
6191 return 0;
6192 }
6193
6194
6195 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6196 size_t ssid_len)
6197 {
6198 size_t i;
6199
6200 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6201 return 0;
6202
6203 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6204 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6205 if (ssid_len == s->ssid_len &&
6206 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6207 return 1;
6208 }
6209
6210 return 0;
6211 }
6212
6213
6214 /**
6215 * wpas_request_connection - Request a new connection
6216 * @wpa_s: Pointer to the network interface
6217 *
6218 * This function is used to request a new connection to be found. It will mark
6219 * the interface to allow reassociation and request a new scan to find a
6220 * suitable network to connect to.
6221 */
6222 void wpas_request_connection(struct wpa_supplicant *wpa_s)
6223 {
6224 wpa_s->normal_scans = 0;
6225 wpa_s->scan_req = NORMAL_SCAN_REQ;
6226 wpa_supplicant_reinit_autoscan(wpa_s);
6227 wpa_s->extra_blacklist_count = 0;
6228 wpa_s->disconnected = 0;
6229 wpa_s->reassociate = 1;
6230
6231 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6232 wpa_supplicant_req_scan(wpa_s, 0, 0);
6233 else
6234 wpa_s->reattach = 0;
6235 }
6236
6237
6238 /**
6239 * wpas_request_disconnection - Request disconnection
6240 * @wpa_s: Pointer to the network interface
6241 *
6242 * This function is used to request disconnection from the currently connected
6243 * network. This will stop any ongoing scans and initiate deauthentication.
6244 */
6245 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6246 {
6247 #ifdef CONFIG_SME
6248 wpa_s->sme.prev_bssid_set = 0;
6249 #endif /* CONFIG_SME */
6250 wpa_s->reassociate = 0;
6251 wpa_s->disconnected = 1;
6252 wpa_supplicant_cancel_sched_scan(wpa_s);
6253 wpa_supplicant_cancel_scan(wpa_s);
6254 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6255 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6256 }
6257
6258
6259 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6260 struct wpa_used_freq_data *freqs_data,
6261 unsigned int len)
6262 {
6263 unsigned int i;
6264
6265 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6266 len, title);
6267 for (i = 0; i < len; i++) {
6268 struct wpa_used_freq_data *cur = &freqs_data[i];
6269 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6270 i, cur->freq, cur->flags);
6271 }
6272 }
6273
6274
6275 /*
6276 * Find the operating frequencies of any of the virtual interfaces that
6277 * are using the same radio as the current interface, and in addition, get
6278 * information about the interface types that are using the frequency.
6279 */
6280 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6281 struct wpa_used_freq_data *freqs_data,
6282 unsigned int len)
6283 {
6284 struct wpa_supplicant *ifs;
6285 u8 bssid[ETH_ALEN];
6286 int freq;
6287 unsigned int idx = 0, i;
6288
6289 wpa_dbg(wpa_s, MSG_DEBUG,
6290 "Determining shared radio frequencies (max len %u)", len);
6291 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6292
6293 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6294 radio_list) {
6295 if (idx == len)
6296 break;
6297
6298 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6299 continue;
6300
6301 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6302 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6303 ifs->current_ssid->mode == WPAS_MODE_MESH)
6304 freq = ifs->current_ssid->frequency;
6305 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6306 freq = ifs->assoc_freq;
6307 else
6308 continue;
6309
6310 /* Hold only distinct freqs */
6311 for (i = 0; i < idx; i++)
6312 if (freqs_data[i].freq == freq)
6313 break;
6314
6315 if (i == idx)
6316 freqs_data[idx++].freq = freq;
6317
6318 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6319 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6320 WPA_FREQ_USED_BY_P2P_CLIENT :
6321 WPA_FREQ_USED_BY_INFRA_STATION;
6322 }
6323 }
6324
6325 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6326 return idx;
6327 }
6328
6329
6330 /*
6331 * Find the operating frequencies of any of the virtual interfaces that
6332 * are using the same radio as the current interface.
6333 */
6334 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6335 int *freq_array, unsigned int len)
6336 {
6337 struct wpa_used_freq_data *freqs_data;
6338 int num, i;
6339
6340 os_memset(freq_array, 0, sizeof(int) * len);
6341
6342 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6343 if (!freqs_data)
6344 return -1;
6345
6346 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6347 for (i = 0; i < num; i++)
6348 freq_array[i] = freqs_data[i].freq;
6349
6350 os_free(freqs_data);
6351
6352 return num;
6353 }
6354
6355
6356 struct wpa_supplicant *
6357 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6358 {
6359 switch (frame) {
6360 #ifdef CONFIG_P2P
6361 case VENDOR_ELEM_PROBE_REQ_P2P:
6362 case VENDOR_ELEM_PROBE_RESP_P2P:
6363 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6364 case VENDOR_ELEM_BEACON_P2P_GO:
6365 case VENDOR_ELEM_P2P_PD_REQ:
6366 case VENDOR_ELEM_P2P_PD_RESP:
6367 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6368 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6369 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6370 case VENDOR_ELEM_P2P_INV_REQ:
6371 case VENDOR_ELEM_P2P_INV_RESP:
6372 case VENDOR_ELEM_P2P_ASSOC_REQ:
6373 case VENDOR_ELEM_P2P_ASSOC_RESP:
6374 return wpa_s->p2pdev;
6375 #endif /* CONFIG_P2P */
6376 default:
6377 return wpa_s;
6378 }
6379 }
6380
6381
6382 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6383 {
6384 unsigned int i;
6385 char buf[30];
6386
6387 wpa_printf(MSG_DEBUG, "Update vendor elements");
6388
6389 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6390 if (wpa_s->vendor_elem[i]) {
6391 int res;
6392
6393 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6394 if (!os_snprintf_error(sizeof(buf), res)) {
6395 wpa_hexdump_buf(MSG_DEBUG, buf,
6396 wpa_s->vendor_elem[i]);
6397 }
6398 }
6399 }
6400
6401 #ifdef CONFIG_P2P
6402 if (wpa_s->parent == wpa_s &&
6403 wpa_s->global->p2p &&
6404 !wpa_s->global->p2p_disabled)
6405 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6406 #endif /* CONFIG_P2P */
6407 }
6408
6409
6410 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6411 const u8 *elem, size_t len)
6412 {
6413 u8 *ie, *end;
6414
6415 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6416 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6417
6418 for (; ie + 1 < end; ie += 2 + ie[1]) {
6419 if (ie + len > end)
6420 break;
6421 if (os_memcmp(ie, elem, len) != 0)
6422 continue;
6423
6424 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6425 wpabuf_free(wpa_s->vendor_elem[frame]);
6426 wpa_s->vendor_elem[frame] = NULL;
6427 } else {
6428 os_memmove(ie, ie + len, end - (ie + len));
6429 wpa_s->vendor_elem[frame]->used -= len;
6430 }
6431 wpas_vendor_elem_update(wpa_s);
6432 return 0;
6433 }
6434
6435 return -1;
6436 }
6437
6438
6439 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6440 u16 num_modes, enum hostapd_hw_mode mode)
6441 {
6442 u16 i;
6443
6444 for (i = 0; i < num_modes; i++) {
6445 if (modes[i].mode == mode)
6446 return &modes[i];
6447 }
6448
6449 return NULL;
6450 }
6451
6452
6453 static struct
6454 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6455 const u8 *bssid)
6456 {
6457 struct wpa_bss_tmp_disallowed *bss;
6458
6459 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6460 struct wpa_bss_tmp_disallowed, list) {
6461 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6462 return bss;
6463 }
6464
6465 return NULL;
6466 }
6467
6468
6469 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6470 unsigned int sec)
6471 {
6472 struct wpa_bss_tmp_disallowed *bss;
6473 struct os_reltime until;
6474
6475 os_get_reltime(&until);
6476 until.sec += sec;
6477
6478 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6479 if (bss) {
6480 bss->disallowed_until = until;
6481 return;
6482 }
6483
6484 bss = os_malloc(sizeof(*bss));
6485 if (!bss) {
6486 wpa_printf(MSG_DEBUG,
6487 "Failed to allocate memory for temp disallow BSS");
6488 return;
6489 }
6490
6491 bss->disallowed_until = until;
6492 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6493 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6494 }
6495
6496
6497 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6498 {
6499 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
6500 struct os_reltime now, age;
6501
6502 os_get_reltime(&now);
6503
6504 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
6505 struct wpa_bss_tmp_disallowed, list) {
6506 if (!os_reltime_before(&now, &tmp->disallowed_until)) {
6507 /* This BSS is not disallowed anymore */
6508 dl_list_del(&tmp->list);
6509 os_free(tmp);
6510 continue;
6511 }
6512 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
6513 bss = tmp;
6514 break;
6515 }
6516 }
6517 if (!bss)
6518 return 0;
6519
6520 os_reltime_sub(&bss->disallowed_until, &now, &age);
6521 wpa_printf(MSG_DEBUG,
6522 "BSS " MACSTR " disabled for %ld.%0ld seconds",
6523 MAC2STR(bss->bssid), age.sec, age.usec);
6524 return 1;
6525 }
Unnamed repository; edit this file 'description' to name the repository.