3 * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
125 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 /* Configure default/group WEP keys for static WEP */
129 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
133 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
134 if (ssid
->wep_key_len
[i
] == 0)
138 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
139 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
140 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
147 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
)
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
159 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
160 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
165 if (!ssid
->psk_set
) {
166 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
171 switch (wpa_s
->group_cipher
) {
172 case WPA_CIPHER_CCMP
:
173 os_memcpy(key
, ssid
->psk
, 16);
177 case WPA_CIPHER_GCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_TKIP
:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key
, ssid
->psk
, 16 + 8);
185 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
190 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s
->group_cipher
);
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
198 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
199 os_memset(key
, 0, sizeof(key
));
204 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
206 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
207 const u8
*bssid
= wpa_s
->bssid
;
208 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
209 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
210 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
211 bssid
= wpa_s
->pending_bssid
;
212 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
214 wpa_blacklist_add(wpa_s
, bssid
);
215 wpa_sm_notify_disassoc(wpa_s
->wpa
);
216 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
217 wpa_s
->reassociate
= 1;
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
223 wpa_supplicant_req_scan(wpa_s
, 1, 0);
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
233 * This function is used to schedule a timeout for the current authentication
236 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
239 if (wpa_s
->conf
->ap_scan
== 0 &&
240 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
243 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
244 "%d usec", sec
, usec
);
245 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
246 wpa_s
->last_auth_timeout_sec
= sec
;
247 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
256 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
258 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
261 wpa_dbg(wpa_s
, MSG_DEBUG
,
262 "Authentication timeout restart: %d sec", new_sec
);
263 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
264 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
278 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
280 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
282 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
283 os_free(wpa_s
->last_con_fail_realm
);
284 wpa_s
->last_con_fail_realm
= NULL
;
285 wpa_s
->last_con_fail_realm_len
= 0;
290 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
291 * @wpa_s: Pointer to wpa_supplicant data
293 * This function is used to configure EAPOL state machine based on the selected
294 * authentication mode.
296 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
298 #ifdef IEEE8021X_EAPOL
299 struct eapol_config eapol_conf
;
300 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
302 #ifdef CONFIG_IBSS_RSN
303 if (ssid
->mode
== WPAS_MODE_IBSS
&&
304 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
305 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
307 * RSN IBSS authentication is per-STA and we can disable the
308 * per-BSSID EAPOL authentication.
310 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
311 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
312 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
315 #endif /* CONFIG_IBSS_RSN */
317 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
318 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
321 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
322 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
324 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
326 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
327 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
328 eapol_conf
.accept_802_1x_keys
= 1;
329 eapol_conf
.required_keys
= 0;
330 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
331 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
333 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
334 eapol_conf
.required_keys
|=
335 EAPOL_REQUIRE_KEY_BROADCAST
;
338 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
339 eapol_conf
.required_keys
= 0;
341 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
342 eapol_conf
.workaround
= ssid
->eap_workaround
;
343 eapol_conf
.eap_disabled
=
344 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
345 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
346 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
347 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
350 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
351 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
352 if (wpa_s
->current_bss
) {
354 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
359 EAPOL_PEER_IS_WPS20_AP
;
364 #endif /* CONFIG_WPS */
366 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
369 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
370 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
372 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
373 #endif /* CONFIG_MACSEC */
374 #endif /* IEEE8021X_EAPOL */
379 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
380 * @wpa_s: Pointer to wpa_supplicant data
381 * @ssid: Configuration data for the network
383 * This function is used to configure WPA state machine and related parameters
384 * to a mode where WPA is not enabled. This is called as part of the
385 * authentication configuration when the selected network does not use WPA.
387 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
388 struct wpa_ssid
*ssid
)
392 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
393 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
394 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
397 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
398 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
399 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
400 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
401 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
402 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
403 wpa_s
->mgmt_group_cipher
= 0;
405 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
406 if (ssid
->wep_key_len
[i
] > 5) {
407 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
408 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
410 } else if (ssid
->wep_key_len
[i
] > 0) {
411 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
412 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
417 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
418 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
419 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
420 wpa_s
->pairwise_cipher
);
421 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
422 #ifdef CONFIG_IEEE80211W
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
424 wpa_s
->mgmt_group_cipher
);
425 #endif /* CONFIG_IEEE80211W */
427 pmksa_cache_clear_current(wpa_s
->wpa
);
431 void free_hw_features(struct wpa_supplicant
*wpa_s
)
434 if (wpa_s
->hw
.modes
== NULL
)
437 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
438 os_free(wpa_s
->hw
.modes
[i
].channels
);
439 os_free(wpa_s
->hw
.modes
[i
].rates
);
442 os_free(wpa_s
->hw
.modes
);
443 wpa_s
->hw
.modes
= NULL
;
447 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
449 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
451 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
452 struct wpa_bss_tmp_disallowed
, list
) {
453 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
454 dl_list_del(&bss
->list
);
460 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
462 struct fils_hlp_req
*req
;
464 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
466 dl_list_del(&req
->list
);
467 wpabuf_free(req
->pkt
);
473 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
477 bgscan_deinit(wpa_s
);
478 autoscan_deinit(wpa_s
);
479 scard_deinit(wpa_s
->scard
);
481 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
482 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
483 l2_packet_deinit(wpa_s
->l2
);
486 l2_packet_deinit(wpa_s
->l2_br
);
489 #ifdef CONFIG_TESTING_OPTIONS
490 l2_packet_deinit(wpa_s
->l2_test
);
491 wpa_s
->l2_test
= NULL
;
492 os_free(wpa_s
->get_pref_freq_list_override
);
493 wpa_s
->get_pref_freq_list_override
= NULL
;
494 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
495 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
496 #endif /* CONFIG_TESTING_OPTIONS */
498 if (wpa_s
->conf
!= NULL
) {
499 struct wpa_ssid
*ssid
;
500 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
501 wpas_notify_network_removed(wpa_s
, ssid
);
504 os_free(wpa_s
->confname
);
505 wpa_s
->confname
= NULL
;
507 os_free(wpa_s
->confanother
);
508 wpa_s
->confanother
= NULL
;
510 os_free(wpa_s
->last_con_fail_realm
);
511 wpa_s
->last_con_fail_realm
= NULL
;
512 wpa_s
->last_con_fail_realm_len
= 0;
514 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
515 eapol_sm_deinit(wpa_s
->eapol
);
518 rsn_preauth_deinit(wpa_s
->wpa
);
521 wpa_tdls_deinit(wpa_s
->wpa
);
522 #endif /* CONFIG_TDLS */
524 wmm_ac_clear_saved_tspecs(wpa_s
);
525 pmksa_candidate_free(wpa_s
->wpa
);
526 wpa_sm_deinit(wpa_s
->wpa
);
528 wpa_blacklist_clear(wpa_s
);
530 wpa_bss_deinit(wpa_s
);
532 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
533 wpa_supplicant_cancel_scan(wpa_s
);
534 wpa_supplicant_cancel_auth_timeout(wpa_s
);
535 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
536 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
537 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
539 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
541 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
543 wpas_wps_deinit(wpa_s
);
545 wpabuf_free(wpa_s
->pending_eapol_rx
);
546 wpa_s
->pending_eapol_rx
= NULL
;
548 #ifdef CONFIG_IBSS_RSN
549 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
550 wpa_s
->ibss_rsn
= NULL
;
551 #endif /* CONFIG_IBSS_RSN */
556 wpa_supplicant_ap_deinit(wpa_s
);
557 #endif /* CONFIG_AP */
559 wpas_p2p_deinit(wpa_s
);
561 #ifdef CONFIG_OFFCHANNEL
562 offchannel_deinit(wpa_s
);
563 #endif /* CONFIG_OFFCHANNEL */
565 wpa_supplicant_cancel_sched_scan(wpa_s
);
567 os_free(wpa_s
->next_scan_freqs
);
568 wpa_s
->next_scan_freqs
= NULL
;
570 os_free(wpa_s
->manual_scan_freqs
);
571 wpa_s
->manual_scan_freqs
= NULL
;
572 os_free(wpa_s
->select_network_scan_freqs
);
573 wpa_s
->select_network_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_sched_scan_freqs
);
576 wpa_s
->manual_sched_scan_freqs
= NULL
;
578 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
581 * Need to remove any pending gas-query radio work before the
582 * gas_query_deinit() call because gas_query::work has not yet been set
583 * for works that have not been started. gas_query_free() will be unable
584 * to cancel such pending radio works and once the pending gas-query
585 * radio work eventually gets removed, the deinit notification call to
586 * gas_query_start_cb() would result in dereferencing freed memory.
589 radio_remove_works(wpa_s
, "gas-query", 0);
590 gas_query_deinit(wpa_s
->gas
);
592 gas_server_deinit(wpa_s
->gas_server
);
593 wpa_s
->gas_server
= NULL
;
595 free_hw_features(wpa_s
);
597 ieee802_1x_dealloc_kay_sm(wpa_s
);
599 os_free(wpa_s
->bssid_filter
);
600 wpa_s
->bssid_filter
= NULL
;
602 os_free(wpa_s
->disallow_aps_bssid
);
603 wpa_s
->disallow_aps_bssid
= NULL
;
604 os_free(wpa_s
->disallow_aps_ssid
);
605 wpa_s
->disallow_aps_ssid
= NULL
;
607 wnm_bss_keep_alive_deinit(wpa_s
);
609 wnm_deallocate_memory(wpa_s
);
610 #endif /* CONFIG_WNM */
612 ext_password_deinit(wpa_s
->ext_pw
);
613 wpa_s
->ext_pw
= NULL
;
615 wpabuf_free(wpa_s
->last_gas_resp
);
616 wpa_s
->last_gas_resp
= NULL
;
617 wpabuf_free(wpa_s
->prev_gas_resp
);
618 wpa_s
->prev_gas_resp
= NULL
;
620 os_free(wpa_s
->last_scan_res
);
621 wpa_s
->last_scan_res
= NULL
;
625 wpa_drv_configure_frame_filters(wpa_s
, 0);
627 #endif /* CONFIG_HS20 */
629 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
630 wpabuf_free(wpa_s
->vendor_elem
[i
]);
631 wpa_s
->vendor_elem
[i
] = NULL
;
634 wmm_ac_notify_disassoc(wpa_s
);
636 wpa_s
->sched_scan_plans_num
= 0;
637 os_free(wpa_s
->sched_scan_plans
);
638 wpa_s
->sched_scan_plans
= NULL
;
641 wpa_s
->non_pref_chan_num
= 0;
642 os_free(wpa_s
->non_pref_chan
);
643 wpa_s
->non_pref_chan
= NULL
;
644 #endif /* CONFIG_MBO */
646 free_bss_tmp_disallowed(wpa_s
);
648 wpabuf_free(wpa_s
->lci
);
650 wpas_clear_beacon_rep_data(wpa_s
);
652 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
655 struct external_pmksa_cache
*entry
;
657 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
658 struct external_pmksa_cache
,
660 dl_list_del(&entry
->list
);
661 os_free(entry
->pmksa_cache
);
665 #endif /* CONFIG_MESH */
666 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
668 wpas_flush_fils_hlp_req(wpa_s
);
670 wpabuf_free(wpa_s
->ric_ies
);
671 wpa_s
->ric_ies
= NULL
;
674 wpas_dpp_deinit(wpa_s
);
675 #endif /* CONFIG_DPP */
680 * wpa_clear_keys - Clear keys configured for the driver
681 * @wpa_s: Pointer to wpa_supplicant data
682 * @addr: Previously used BSSID or %NULL if not available
684 * This function clears the encryption keys that has been previously configured
687 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
691 #ifdef CONFIG_IEEE80211W
693 #else /* CONFIG_IEEE80211W */
695 #endif /* CONFIG_IEEE80211W */
697 /* MLME-DELETEKEYS.request */
698 for (i
= 0; i
< max
; i
++) {
699 if (wpa_s
->keys_cleared
& BIT(i
))
701 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
704 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
705 !is_zero_ether_addr(addr
)) {
706 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
708 /* MLME-SETPROTECTION.request(None) */
709 wpa_drv_mlme_setprotection(
711 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
712 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
714 wpa_s
->keys_cleared
= (u32
) -1;
719 * wpa_supplicant_state_txt - Get the connection state name as a text string
720 * @state: State (wpa_state; WPA_*)
721 * Returns: The state name as a printable text string
723 const char * wpa_supplicant_state_txt(enum wpa_states state
)
726 case WPA_DISCONNECTED
:
727 return "DISCONNECTED";
730 case WPA_INTERFACE_DISABLED
:
731 return "INTERFACE_DISABLED";
734 case WPA_AUTHENTICATING
:
735 return "AUTHENTICATING";
736 case WPA_ASSOCIATING
:
737 return "ASSOCIATING";
740 case WPA_4WAY_HANDSHAKE
:
741 return "4WAY_HANDSHAKE";
742 case WPA_GROUP_HANDSHAKE
:
743 return "GROUP_HANDSHAKE";
754 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
758 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
759 name
= wpa_s
->current_ssid
->bgscan
;
761 name
= wpa_s
->conf
->bgscan
;
762 if (name
== NULL
|| name
[0] == '\0')
764 if (wpas_driver_bss_selection(wpa_s
))
766 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
769 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
771 #endif /* CONFIG_P2P */
773 bgscan_deinit(wpa_s
);
774 if (wpa_s
->current_ssid
) {
775 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
776 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
779 * Live without bgscan; it is only used as a roaming
780 * optimization, so the initial connection is not
784 struct wpa_scan_results
*scan_res
;
785 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
786 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
789 bgscan_notify_scan(wpa_s
, scan_res
);
790 wpa_scan_results_free(scan_res
);
794 wpa_s
->bgscan_ssid
= NULL
;
798 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
800 if (wpa_s
->bgscan_ssid
!= NULL
) {
801 bgscan_deinit(wpa_s
);
802 wpa_s
->bgscan_ssid
= NULL
;
806 #endif /* CONFIG_BGSCAN */
809 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
811 if (autoscan_init(wpa_s
, 0))
812 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
816 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
818 autoscan_deinit(wpa_s
);
822 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
824 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
825 wpa_s
->wpa_state
== WPA_SCANNING
) {
826 autoscan_deinit(wpa_s
);
827 wpa_supplicant_start_autoscan(wpa_s
);
833 * wpa_supplicant_set_state - Set current connection state
834 * @wpa_s: Pointer to wpa_supplicant data
835 * @state: The new connection state
837 * This function is called whenever the connection state changes, e.g.,
838 * association is completed for WPA/WPA2 4-Way Handshake is started.
840 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
841 enum wpa_states state
)
843 enum wpa_states old_state
= wpa_s
->wpa_state
;
845 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
846 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
847 wpa_supplicant_state_txt(state
));
849 if (state
== WPA_INTERFACE_DISABLED
) {
850 /* Assure normal scan when interface is restored */
851 wpa_s
->normal_scans
= 0;
854 if (state
== WPA_COMPLETED
) {
855 wpas_connect_work_done(wpa_s
);
856 /* Reinitialize normal_scan counter */
857 wpa_s
->normal_scans
= 0;
862 * P2PS client has to reply to Probe Request frames received on the
863 * group operating channel. Enable Probe Request frame reporting for
864 * P2P connected client in case p2p_cli_probe configuration property is
867 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
868 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
869 wpa_s
->current_ssid
->p2p_group
) {
870 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
871 wpa_dbg(wpa_s
, MSG_DEBUG
,
872 "P2P: Enable CLI Probe Request RX reporting");
873 wpa_s
->p2p_cli_probe
=
874 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
875 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
876 wpa_dbg(wpa_s
, MSG_DEBUG
,
877 "P2P: Disable CLI Probe Request RX reporting");
878 wpa_s
->p2p_cli_probe
= 0;
879 wpa_drv_probe_req_report(wpa_s
, 0);
882 #endif /* CONFIG_P2P */
884 if (state
!= WPA_SCANNING
)
885 wpa_supplicant_notify_scanning(wpa_s
, 0);
887 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
888 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
889 int fils_hlp_sent
= 0;
892 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
893 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
895 #endif /* CONFIG_SME */
896 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
897 wpa_auth_alg_fils(wpa_s
->auth_alg
))
900 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
901 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
902 MACSTR
" completed [id=%d id_str=%s%s]",
903 MAC2STR(wpa_s
->bssid
),
904 ssid
? ssid
->id
: -1,
905 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
906 fils_hlp_sent
? " FILS_HLP_SENT" : "");
907 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
908 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
909 wpa_blacklist_clear(wpa_s
);
910 wpa_s
->extra_blacklist_count
= 0;
911 wpa_s
->new_connection
= 0;
912 wpa_drv_set_operstate(wpa_s
, 1);
913 #ifndef IEEE8021X_EAPOL
914 wpa_drv_set_supp_port(wpa_s
, 1);
915 #endif /* IEEE8021X_EAPOL */
916 wpa_s
->after_wps
= 0;
917 wpa_s
->known_wps_freq
= 0;
918 wpas_p2p_completed(wpa_s
);
920 sme_sched_obss_scan(wpa_s
, 1);
922 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
923 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
924 wpas_update_fils_connect_params(wpa_s
);
925 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
926 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
927 state
== WPA_ASSOCIATED
) {
928 wpa_s
->new_connection
= 1;
929 wpa_drv_set_operstate(wpa_s
, 0);
930 #ifndef IEEE8021X_EAPOL
931 wpa_drv_set_supp_port(wpa_s
, 0);
932 #endif /* IEEE8021X_EAPOL */
933 sme_sched_obss_scan(wpa_s
, 0);
935 wpa_s
->wpa_state
= state
;
938 if (state
== WPA_COMPLETED
)
939 wpa_supplicant_start_bgscan(wpa_s
);
940 else if (state
< WPA_ASSOCIATED
)
941 wpa_supplicant_stop_bgscan(wpa_s
);
942 #endif /* CONFIG_BGSCAN */
944 if (state
== WPA_AUTHENTICATING
)
945 wpa_supplicant_stop_autoscan(wpa_s
);
947 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
948 wpa_supplicant_start_autoscan(wpa_s
);
950 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
951 wmm_ac_notify_disassoc(wpa_s
);
953 if (wpa_s
->wpa_state
!= old_state
) {
954 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
957 * Notify the P2P Device interface about a state change in one
960 wpas_p2p_indicate_state_change(wpa_s
);
962 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
963 old_state
== WPA_COMPLETED
)
964 wpas_notify_auth_changed(wpa_s
);
969 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
973 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
975 struct wpa_supplicant
*next
= wpa_s
->next
;
976 if (wpas_wps_terminate_pending(wpa_s
) == 1)
979 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
980 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
981 wpas_p2p_disconnect(wpa_s
);
982 #endif /* CONFIG_P2P */
985 #endif /* CONFIG_WPS */
992 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
994 struct wpa_global
*global
= signal_ctx
;
995 wpa_supplicant_terminate_proc(global
);
999 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1001 enum wpa_states old_state
= wpa_s
->wpa_state
;
1003 wpa_s
->pairwise_cipher
= 0;
1004 wpa_s
->group_cipher
= 0;
1005 wpa_s
->mgmt_group_cipher
= 0;
1006 wpa_s
->key_mgmt
= 0;
1007 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1008 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1010 if (wpa_s
->wpa_state
!= old_state
)
1011 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1016 * wpa_supplicant_reload_configuration - Reload configuration data
1017 * @wpa_s: Pointer to wpa_supplicant data
1018 * Returns: 0 on success or -1 if configuration parsing failed
1020 * This function can be used to request that the configuration data is reloaded
1021 * (e.g., after configuration file change). This function is reloading
1022 * configuration only for one interface, so this may need to be called multiple
1023 * times if %wpa_supplicant is controlling multiple interfaces and all
1024 * interfaces need reconfiguration.
1026 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1028 struct wpa_config
*conf
;
1032 if (wpa_s
->confname
== NULL
)
1034 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1036 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1037 "file '%s' - exiting", wpa_s
->confname
);
1040 if (wpa_s
->confanother
&&
1041 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1042 wpa_msg(wpa_s
, MSG_ERROR
,
1043 "Failed to parse the configuration file '%s' - exiting",
1044 wpa_s
->confanother
);
1048 conf
->changed_parameters
= (unsigned int) -1;
1050 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1051 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1052 os_strcmp(conf
->ctrl_interface
,
1053 wpa_s
->conf
->ctrl_interface
) != 0);
1055 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1056 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1057 wpa_s
->ctrl_iface
= NULL
;
1060 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1061 if (wpa_s
->current_ssid
) {
1062 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1063 wpa_s
->own_disconnect_req
= 1;
1064 wpa_supplicant_deauthenticate(wpa_s
,
1065 WLAN_REASON_DEAUTH_LEAVING
);
1069 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1070 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1072 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1073 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1074 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1076 * Clear forced success to clear EAP state for next
1079 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1081 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1082 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1083 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1084 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1085 rsn_preauth_deinit(wpa_s
->wpa
);
1087 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1088 wpa_config_free(wpa_s
->conf
);
1090 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1091 wpas_notify_ap_scan_changed(wpa_s
);
1094 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1096 wpa_supplicant_update_config(wpa_s
);
1098 wpa_supplicant_clear_status(wpa_s
);
1099 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1100 wpa_s
->reassociate
= 1;
1101 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1103 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1108 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1110 struct wpa_global
*global
= signal_ctx
;
1111 struct wpa_supplicant
*wpa_s
;
1112 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1113 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1115 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1116 wpa_supplicant_terminate_proc(global
);
1120 if (wpa_debug_reopen_file() < 0) {
1121 /* Ignore errors since we cannot really do much to fix this */
1122 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1127 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1128 struct wpa_ssid
*ssid
,
1129 struct wpa_ie_data
*ie
)
1131 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1134 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1135 "from association info");
1140 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1142 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1143 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1144 "cipher 0x%x (mask 0x%x) - reject",
1145 ie
->group_cipher
, ssid
->group_cipher
);
1148 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1149 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1150 "cipher 0x%x (mask 0x%x) - reject",
1151 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1154 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1155 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1156 "management 0x%x (mask 0x%x) - reject",
1157 ie
->key_mgmt
, ssid
->key_mgmt
);
1161 #ifdef CONFIG_IEEE80211W
1162 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1163 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1164 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1165 "that does not support management frame protection - "
1169 #endif /* CONFIG_IEEE80211W */
1176 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1177 * @wpa_s: Pointer to wpa_supplicant data
1178 * @bss: Scan results for the selected BSS, or %NULL if not available
1179 * @ssid: Configuration data for the selected network
1180 * @wpa_ie: Buffer for the WPA/RSN IE
1181 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1182 * used buffer length in case the functions returns success.
1183 * Returns: 0 on success or -1 on failure
1185 * This function is used to configure authentication and encryption parameters
1186 * based on the network configuration and scan result for the selected BSS (if
1189 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1190 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1191 u8
*wpa_ie
, size_t *wpa_ie_len
)
1193 struct wpa_ie_data ie
;
1195 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1198 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1199 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1200 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1202 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1204 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1205 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1206 (ie
.group_cipher
& ssid
->group_cipher
) &&
1207 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1208 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1209 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1210 proto
= WPA_PROTO_RSN
;
1211 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1212 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1213 (ie
.group_cipher
& ssid
->group_cipher
) &&
1214 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1215 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1216 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1217 proto
= WPA_PROTO_WPA
;
1219 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1220 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1221 /* TODO: parse OSEN element */
1222 os_memset(&ie
, 0, sizeof(ie
));
1223 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1224 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1225 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1226 proto
= WPA_PROTO_OSEN
;
1227 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1228 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1229 (ie
.group_cipher
& ssid
->group_cipher
) &&
1230 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1231 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1232 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1233 proto
= WPA_PROTO_RSN
;
1234 #endif /* CONFIG_HS20 */
1236 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1237 wpa_dbg(wpa_s
, MSG_DEBUG
,
1238 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1239 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1241 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1242 MAC2STR(bss
->bssid
),
1243 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1244 bss_wpa
? " WPA" : "",
1245 bss_rsn
? " RSN" : "",
1246 bss_osen
? " OSEN" : "");
1248 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1249 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1250 wpa_dbg(wpa_s
, MSG_DEBUG
,
1251 "Could not parse RSN element");
1253 wpa_dbg(wpa_s
, MSG_DEBUG
,
1254 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1255 ie
.pairwise_cipher
, ie
.group_cipher
,
1260 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1261 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1262 wpa_dbg(wpa_s
, MSG_DEBUG
,
1263 "Could not parse WPA element");
1265 wpa_dbg(wpa_s
, MSG_DEBUG
,
1266 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1267 ie
.pairwise_cipher
, ie
.group_cipher
,
1273 if (ssid
->proto
& WPA_PROTO_OSEN
)
1274 proto
= WPA_PROTO_OSEN
;
1275 else if (ssid
->proto
& WPA_PROTO_RSN
)
1276 proto
= WPA_PROTO_RSN
;
1278 proto
= WPA_PROTO_WPA
;
1279 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1280 os_memset(&ie
, 0, sizeof(ie
));
1281 ie
.group_cipher
= ssid
->group_cipher
;
1282 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1283 ie
.key_mgmt
= ssid
->key_mgmt
;
1284 #ifdef CONFIG_IEEE80211W
1285 ie
.mgmt_group_cipher
= 0;
1286 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1287 if (ssid
->group_mgmt_cipher
&
1288 WPA_CIPHER_BIP_GMAC_256
)
1289 ie
.mgmt_group_cipher
=
1290 WPA_CIPHER_BIP_GMAC_256
;
1291 else if (ssid
->group_mgmt_cipher
&
1292 WPA_CIPHER_BIP_CMAC_256
)
1293 ie
.mgmt_group_cipher
=
1294 WPA_CIPHER_BIP_CMAC_256
;
1295 else if (ssid
->group_mgmt_cipher
&
1296 WPA_CIPHER_BIP_GMAC_128
)
1297 ie
.mgmt_group_cipher
=
1298 WPA_CIPHER_BIP_GMAC_128
;
1300 ie
.mgmt_group_cipher
=
1301 WPA_CIPHER_AES_128_CMAC
;
1303 #endif /* CONFIG_IEEE80211W */
1305 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1307 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1308 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1309 wpa_s
->wpa_proto
= 0;
1313 #endif /* CONFIG_OWE */
1314 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1315 "based on configuration");
1320 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1321 "pairwise %d key_mgmt %d proto %d",
1322 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1323 #ifdef CONFIG_IEEE80211W
1324 if (ssid
->ieee80211w
) {
1325 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1326 ie
.mgmt_group_cipher
);
1328 #endif /* CONFIG_IEEE80211W */
1330 wpa_s
->wpa_proto
= proto
;
1331 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1332 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1333 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1335 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1336 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1337 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1338 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1339 bss_rsn
? 2 + bss_rsn
[1] : 0))
1343 #ifdef CONFIG_NO_WPA
1344 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1345 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1346 #else /* CONFIG_NO_WPA */
1347 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1348 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1349 if (wpa_s
->group_cipher
< 0) {
1350 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1354 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1355 wpa_cipher_txt(wpa_s
->group_cipher
));
1357 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1358 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1359 if (wpa_s
->pairwise_cipher
< 0) {
1360 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1364 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1365 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1366 #endif /* CONFIG_NO_WPA */
1368 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1370 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1371 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1372 #endif /* CONFIG_SAE */
1374 #ifdef CONFIG_SUITEB192
1375 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1376 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1377 wpa_dbg(wpa_s
, MSG_DEBUG
,
1378 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1379 #endif /* CONFIG_SUITEB192 */
1380 #ifdef CONFIG_SUITEB
1381 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1382 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1383 wpa_dbg(wpa_s
, MSG_DEBUG
,
1384 "WPA: using KEY_MGMT 802.1X with Suite B");
1385 #endif /* CONFIG_SUITEB */
1387 #ifdef CONFIG_IEEE80211R
1388 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1389 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1390 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1391 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1392 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1393 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1394 #endif /* CONFIG_IEEE80211R */
1395 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1396 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1397 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1398 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1399 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1400 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1401 #endif /* CONFIG_FILS */
1402 #ifdef CONFIG_IEEE80211R
1403 #ifdef CONFIG_SHA384
1404 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) {
1405 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1406 wpa_dbg(wpa_s
, MSG_DEBUG
,
1407 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1408 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1409 /* PMKSA caching with FT is not fully functional, so
1410 * disable the case for now. */
1411 wpa_dbg(wpa_s
, MSG_DEBUG
,
1412 "WPA: Disable PMKSA caching for FT/802.1X connection");
1413 pmksa_cache_clear_current(wpa_s
->wpa
);
1415 #endif /* CONFIG_SHA384 */
1416 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1417 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1418 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1419 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1420 /* PMKSA caching with FT is not fully functional, so
1421 * disable the case for now. */
1422 wpa_dbg(wpa_s
, MSG_DEBUG
,
1423 "WPA: Disable PMKSA caching for FT/802.1X connection");
1424 pmksa_cache_clear_current(wpa_s
->wpa
);
1426 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1427 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1428 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1429 #endif /* CONFIG_IEEE80211R */
1431 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1432 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1433 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1434 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1435 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1436 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1437 #endif /* CONFIG_SAE */
1438 #ifdef CONFIG_IEEE80211W
1439 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1440 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1441 wpa_dbg(wpa_s
, MSG_DEBUG
,
1442 "WPA: using KEY_MGMT 802.1X with SHA256");
1443 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1444 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1445 wpa_dbg(wpa_s
, MSG_DEBUG
,
1446 "WPA: using KEY_MGMT PSK with SHA256");
1447 #endif /* CONFIG_IEEE80211W */
1448 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1449 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1450 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1451 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1452 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1453 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1454 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1455 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1456 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1458 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1459 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1460 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1461 #endif /* CONFIG_HS20 */
1463 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1464 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1465 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1466 #endif /* CONFIG_OWE */
1468 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1469 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1470 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1471 #endif /* CONFIG_DPP */
1473 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1474 "authenticated key management type");
1478 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1479 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1480 wpa_s
->pairwise_cipher
);
1481 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1483 #ifdef CONFIG_IEEE80211W
1484 sel
= ie
.mgmt_group_cipher
;
1485 if (ssid
->group_mgmt_cipher
)
1486 sel
&= ssid
->group_mgmt_cipher
;
1487 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1488 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1490 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1491 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1492 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1494 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1495 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1496 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1498 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1499 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1500 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1502 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1503 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1504 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1507 wpa_s
->mgmt_group_cipher
= 0;
1508 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1510 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1511 wpa_s
->mgmt_group_cipher
);
1512 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1513 wpas_get_ssid_pmf(wpa_s
, ssid
));
1514 #endif /* CONFIG_IEEE80211W */
1516 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1517 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1521 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1525 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1526 WPA_KEY_MGMT_FT_PSK
|
1527 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1529 if (ssid
->psk_set
&& !sae_only
) {
1530 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1531 ssid
->psk
, PMK_LEN
);
1532 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1537 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1538 (ssid
->sae_password
|| ssid
->passphrase
))
1541 #ifndef CONFIG_NO_PBKDF2
1542 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1543 ssid
->passphrase
&& !sae_only
) {
1545 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1546 4096, psk
, PMK_LEN
);
1547 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1549 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1551 os_memset(psk
, 0, sizeof(psk
));
1553 #endif /* CONFIG_NO_PBKDF2 */
1554 #ifdef CONFIG_EXT_PASSWORD
1555 if (ssid
->ext_psk
&& !sae_only
) {
1556 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1558 char pw_str
[64 + 1];
1562 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1563 "found from external storage");
1567 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1568 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1569 "PSK length %d in external storage",
1570 (int) wpabuf_len(pw
));
1571 ext_password_free(pw
);
1575 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1576 pw_str
[wpabuf_len(pw
)] = '\0';
1578 #ifndef CONFIG_NO_PBKDF2
1579 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1581 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1582 4096, psk
, PMK_LEN
);
1583 os_memset(pw_str
, 0, sizeof(pw_str
));
1584 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1585 "external passphrase)",
1587 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1590 os_memset(psk
, 0, sizeof(psk
));
1592 #endif /* CONFIG_NO_PBKDF2 */
1593 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1594 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1595 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1596 "Invalid PSK hex string");
1597 os_memset(pw_str
, 0, sizeof(pw_str
));
1598 ext_password_free(pw
);
1601 wpa_hexdump_key(MSG_MSGDUMP
,
1602 "PSK (from external PSK)",
1604 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1607 os_memset(psk
, 0, sizeof(psk
));
1609 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1611 os_memset(pw_str
, 0, sizeof(pw_str
));
1612 ext_password_free(pw
);
1616 os_memset(pw_str
, 0, sizeof(pw_str
));
1617 ext_password_free(pw
);
1619 #endif /* CONFIG_EXT_PASSWORD */
1622 wpa_msg(wpa_s
, MSG_INFO
,
1623 "No PSK available for association");
1624 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1628 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1629 /* OWE Diffie-Hellman exchange in (Re)Association
1630 * Request/Response frames set the PMK, so do not override it
1632 #endif /* CONFIG_OWE */
1634 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1640 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1645 case 0: /* Bits 0-7 */
1647 case 1: /* Bits 8-15 */
1649 case 2: /* Bits 16-23 */
1651 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1652 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1653 #endif /* CONFIG_WNM */
1655 case 3: /* Bits 24-31 */
1657 *pos
|= 0x02; /* Bit 25 - SSID List */
1658 #endif /* CONFIG_WNM */
1659 #ifdef CONFIG_INTERWORKING
1660 if (wpa_s
->conf
->interworking
)
1661 *pos
|= 0x80; /* Bit 31 - Interworking */
1662 #endif /* CONFIG_INTERWORKING */
1664 case 4: /* Bits 32-39 */
1665 #ifdef CONFIG_INTERWORKING
1666 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1667 *pos
|= 0x01; /* Bit 32 - QoS Map */
1668 #endif /* CONFIG_INTERWORKING */
1670 case 5: /* Bits 40-47 */
1672 if (wpa_s
->conf
->hs20
)
1673 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1674 #endif /* CONFIG_HS20 */
1676 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1677 #endif /* CONFIG_MBO */
1679 case 6: /* Bits 48-55 */
1681 case 7: /* Bits 56-63 */
1683 case 8: /* Bits 64-71 */
1684 if (wpa_s
->conf
->ftm_responder
)
1685 *pos
|= 0x40; /* Bit 70 - FTM responder */
1686 if (wpa_s
->conf
->ftm_initiator
)
1687 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1689 case 9: /* Bits 72-79 */
1691 if (!wpa_s
->disable_fils
)
1693 #endif /* CONFIG_FILS */
1699 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1704 if (len
< wpa_s
->extended_capa_len
)
1705 len
= wpa_s
->extended_capa_len
;
1706 if (buflen
< (size_t) len
+ 2) {
1707 wpa_printf(MSG_INFO
,
1708 "Not enough room for building extended capabilities element");
1712 *pos
++ = WLAN_EID_EXT_CAPAB
;
1714 for (i
= 0; i
< len
; i
++, pos
++) {
1715 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1717 if (i
< wpa_s
->extended_capa_len
) {
1718 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1719 *pos
|= wpa_s
->extended_capa
[i
];
1723 while (len
> 0 && buf
[1 + len
] == 0) {
1734 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1735 struct wpa_bss
*test_bss
)
1737 struct wpa_bss
*bss
;
1739 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1740 if (bss
== test_bss
)
1748 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1749 struct wpa_ssid
*test_ssid
)
1751 struct wpa_ssid
*ssid
;
1753 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1754 if (ssid
== test_ssid
)
1762 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1763 struct wpa_ssid
*test_ssid
)
1765 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1768 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1772 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1780 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1782 struct wpa_connect_work
*cwork
;
1783 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1788 wpa_s
->connect_work
= NULL
;
1791 wpas_connect_work_free(cwork
);
1792 radio_work_done(work
);
1796 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1798 struct os_reltime now
;
1801 os_get_reltime(&now
);
1802 if (wpa_s
->last_mac_addr_style
== style
&&
1803 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1804 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1805 wpa_s
->conf
->rand_addr_lifetime
)) {
1806 wpa_msg(wpa_s
, MSG_DEBUG
,
1807 "Previously selected random MAC address has not yet expired");
1813 if (random_mac_addr(addr
) < 0)
1817 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1818 if (random_mac_addr_keep_oui(addr
) < 0)
1825 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1826 wpa_msg(wpa_s
, MSG_INFO
,
1827 "Failed to set random MAC address");
1831 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1832 wpa_s
->mac_addr_changed
= 1;
1833 wpa_s
->last_mac_addr_style
= style
;
1835 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1836 wpa_msg(wpa_s
, MSG_INFO
,
1837 "Could not update MAC address information");
1841 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1848 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1850 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1851 !wpa_s
->conf
->preassoc_mac_addr
)
1854 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1858 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1861 * wpa_supplicant_associate - Request association
1862 * @wpa_s: Pointer to wpa_supplicant data
1863 * @bss: Scan results for the selected BSS, or %NULL if not available
1864 * @ssid: Configuration data for the selected network
1866 * This function is used to request %wpa_supplicant to associate with a BSS.
1868 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1869 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1871 struct wpa_connect_work
*cwork
;
1874 wpa_s
->own_disconnect_req
= 0;
1877 * If we are starting a new connection, any previously pending EAPOL
1878 * RX cannot be valid anymore.
1880 wpabuf_free(wpa_s
->pending_eapol_rx
);
1881 wpa_s
->pending_eapol_rx
= NULL
;
1883 if (ssid
->mac_addr
== -1)
1884 rand_style
= wpa_s
->conf
->mac_addr
;
1886 rand_style
= ssid
->mac_addr
;
1888 wmm_ac_clear_saved_tspecs(wpa_s
);
1889 wpa_s
->reassoc_same_bss
= 0;
1890 wpa_s
->reassoc_same_ess
= 0;
1891 #ifdef CONFIG_TESTING_OPTIONS
1892 wpa_s
->testing_resend_assoc
= 0;
1893 #endif /* CONFIG_TESTING_OPTIONS */
1895 if (wpa_s
->last_ssid
== ssid
) {
1896 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1897 wpa_s
->reassoc_same_ess
= 1;
1898 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1899 wmm_ac_save_tspecs(wpa_s
);
1900 wpa_s
->reassoc_same_bss
= 1;
1904 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1905 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1907 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1908 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1909 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1910 wpa_msg(wpa_s
, MSG_INFO
,
1911 "Could not restore permanent MAC address");
1914 wpa_s
->mac_addr_changed
= 0;
1915 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1916 wpa_msg(wpa_s
, MSG_INFO
,
1917 "Could not update MAC address information");
1920 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1922 wpa_s
->last_ssid
= ssid
;
1924 #ifdef CONFIG_IBSS_RSN
1925 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1926 wpa_s
->ibss_rsn
= NULL
;
1927 #else /* CONFIG_IBSS_RSN */
1928 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1929 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1930 wpa_msg(wpa_s
, MSG_INFO
,
1931 "IBSS RSN not supported in the build");
1934 #endif /* CONFIG_IBSS_RSN */
1936 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1937 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1939 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1940 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1944 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1945 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1946 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1947 wpas_p2p_ap_setup_failed(wpa_s
);
1950 wpa_s
->current_bss
= bss
;
1951 #else /* CONFIG_AP */
1952 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1954 #endif /* CONFIG_AP */
1958 if (ssid
->mode
== WPAS_MODE_MESH
) {
1960 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1961 wpa_msg(wpa_s
, MSG_INFO
,
1962 "Driver does not support mesh mode");
1966 ssid
->frequency
= bss
->freq
;
1967 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1968 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1971 wpa_s
->current_bss
= bss
;
1972 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1973 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1975 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1976 #else /* CONFIG_MESH */
1977 wpa_msg(wpa_s
, MSG_ERROR
,
1978 "mesh mode support not included in the build");
1979 #endif /* CONFIG_MESH */
1984 * Set WPA state machine configuration to match the selected network now
1985 * so that the information is available before wpas_start_assoc_cb()
1986 * gets called. This is needed at least for RSN pre-authentication where
1987 * candidate APs are added to a list based on scan result processing
1988 * before completion of the first association.
1990 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1993 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
1995 #endif /* CONFIG_DPP */
1999 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2001 #endif /* CONFIG_TDLS */
2003 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2004 ssid
->mode
== IEEE80211_MODE_INFRA
) {
2005 sme_authenticate(wpa_s
, bss
, ssid
);
2009 if (wpa_s
->connect_work
) {
2010 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2014 if (radio_work_pending(wpa_s
, "connect")) {
2015 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2020 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2021 /* Clear possibly set auth_alg, if any, from last attempt. */
2022 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2024 #endif /* CONFIG_SME */
2026 wpas_abort_ongoing_scan(wpa_s
);
2028 cwork
= os_zalloc(sizeof(*cwork
));
2035 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2036 wpas_start_assoc_cb
, cwork
) < 0) {
2042 static int bss_is_ibss(struct wpa_bss
*bss
)
2044 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2049 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2050 const struct wpa_ssid
*ssid
)
2052 enum hostapd_hw_mode hw_mode
;
2053 struct hostapd_hw_modes
*mode
= NULL
;
2057 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2058 if (hw_mode
== NUM_HOSTAPD_MODES
)
2060 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2061 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2062 mode
= &wpa_s
->hw
.modes
[i
];
2070 return mode
->vht_capab
!= 0;
2074 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2075 const struct wpa_ssid
*ssid
,
2076 struct hostapd_freq_params
*freq
)
2078 enum hostapd_hw_mode hw_mode
;
2079 struct hostapd_hw_modes
*mode
= NULL
;
2080 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2082 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2083 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2085 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2087 struct hostapd_freq_params vht_freq
;
2088 int chwidth
, seg0
, seg1
;
2091 freq
->freq
= ssid
->frequency
;
2093 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2094 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2096 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2099 /* Don't adjust control freq in case of fixed_freq */
2100 if (ssid
->fixed_freq
)
2103 if (!bss_is_ibss(bss
))
2106 if (ssid
->ssid_len
== bss
->ssid_len
&&
2107 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2108 wpa_printf(MSG_DEBUG
,
2109 "IBSS already found in scan results, adjust control freq: %d",
2111 freq
->freq
= bss
->freq
;
2117 /* For IBSS check HT_IBSS flag */
2118 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2119 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2122 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2123 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2124 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2125 wpa_printf(MSG_DEBUG
,
2126 "IBSS: WEP/TKIP detected, do not try to enable HT");
2130 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2131 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2132 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2133 mode
= &wpa_s
->hw
.modes
[i
];
2141 #ifdef CONFIG_HT_OVERRIDES
2142 if (ssid
->disable_ht
) {
2143 freq
->ht_enabled
= 0;
2146 #endif /* CONFIG_HT_OVERRIDES */
2148 freq
->ht_enabled
= ht_supported(mode
);
2149 if (!freq
->ht_enabled
)
2152 /* Setup higher BW only for 5 GHz */
2153 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2156 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2157 pri_chan
= &mode
->channels
[chan_idx
];
2158 if (pri_chan
->chan
== channel
)
2165 /* Check primary channel flags */
2166 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2169 #ifdef CONFIG_HT_OVERRIDES
2170 if (ssid
->disable_ht40
)
2172 #endif /* CONFIG_HT_OVERRIDES */
2174 /* Check/setup HT40+/HT40- */
2175 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2176 if (ht40plus
[j
] == channel
) {
2182 /* Find secondary channel */
2183 for (i
= 0; i
< mode
->num_channels
; i
++) {
2184 sec_chan
= &mode
->channels
[i
];
2185 if (sec_chan
->chan
== channel
+ ht40
* 4)
2192 /* Check secondary channel flags */
2193 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2196 freq
->channel
= pri_chan
->chan
;
2199 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2202 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2205 freq
->sec_channel_offset
= ht40
;
2208 struct wpa_scan_results
*scan_res
;
2210 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2211 if (scan_res
== NULL
) {
2213 freq
->sec_channel_offset
= 0;
2217 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2222 freq
->sec_channel_offset
= 0;
2225 /* Configuration allowed */
2228 /* Switch pri/sec channels */
2229 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2230 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2231 freq
->channel
= sec_chan
->chan
;
2234 freq
->sec_channel_offset
= 0;
2238 wpa_scan_results_free(scan_res
);
2241 wpa_printf(MSG_DEBUG
,
2242 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2243 freq
->channel
, freq
->sec_channel_offset
);
2245 if (!drv_supports_vht(wpa_s
, ssid
))
2248 /* For IBSS check VHT_IBSS flag */
2249 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2250 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2255 #ifdef CONFIG_VHT_OVERRIDES
2256 if (ssid
->disable_vht
) {
2257 freq
->vht_enabled
= 0;
2260 #endif /* CONFIG_VHT_OVERRIDES */
2262 vht_freq
.vht_enabled
= vht_supported(mode
);
2263 if (!vht_freq
.vht_enabled
)
2266 /* setup center_freq1, bandwidth */
2267 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2268 if (freq
->channel
>= vht80
[j
] &&
2269 freq
->channel
< vht80
[j
] + 16)
2273 if (j
== ARRAY_SIZE(vht80
))
2276 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2277 struct hostapd_channel_data
*chan
;
2279 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2283 /* Back to HT configuration if channel not usable */
2284 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2288 chwidth
= VHT_CHANWIDTH_80MHZ
;
2289 seg0
= vht80
[j
] + 6;
2292 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2293 /* setup center_freq2, bandwidth */
2294 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2295 /* Only accept 80 MHz segments separated by a gap */
2296 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2298 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2299 struct hostapd_channel_data
*chan
;
2301 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2305 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2306 HOSTAPD_CHAN_NO_IR
|
2307 HOSTAPD_CHAN_RADAR
))
2310 /* Found a suitable second segment for 80+80 */
2311 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2313 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2314 seg1
= vht80
[k
] + 6;
2317 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2320 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2321 if (freq
->freq
== 5180) {
2322 chwidth
= VHT_CHANWIDTH_160MHZ
;
2323 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2325 } else if (freq
->freq
== 5520) {
2326 chwidth
= VHT_CHANWIDTH_160MHZ
;
2327 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2332 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2333 freq
->channel
, freq
->ht_enabled
,
2334 vht_freq
.vht_enabled
,
2335 freq
->sec_channel_offset
,
2336 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2341 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2342 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2347 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2350 struct fils_hlp_req
*req
;
2351 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2355 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2357 rem_len
= ie_buf_len
- ie_len
;
2358 pos
= wpabuf_head(req
->pkt
);
2359 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2360 hlp_len
= wpabuf_len(req
->pkt
);
2362 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2363 wpa_printf(MSG_ERROR
,
2364 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2365 (unsigned long) rem_len
,
2366 (unsigned long) (2 + hdr_len
+ hlp_len
));
2370 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2372 *buf
++ = WLAN_EID_EXTENSION
;
2375 /* Element ID Extension */
2376 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2377 /* Destination MAC address */
2378 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2380 /* Source MAC address */
2381 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2383 /* LLC/SNAP Header */
2384 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2387 os_memcpy(buf
, pos
, len
- hdr_len
);
2388 buf
+= len
- hdr_len
;
2389 pos
+= len
- hdr_len
;
2391 hlp_len
-= len
- hdr_len
;
2396 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2397 if (rem_len
< 2 + len
)
2399 *buf
++ = WLAN_EID_FRAGMENT
;
2401 os_memcpy(buf
, pos
, len
);
2415 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2417 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2418 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2419 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2420 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2424 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2426 #ifdef CONFIG_FILS_SK_PFS
2427 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2428 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2429 #else /* CONFIG_FILS_SK_PFS */
2431 #endif /* CONFIG_FILS_SK_PFS */
2434 #endif /* CONFIG_FILS */
2437 static u8
* wpas_populate_assoc_ies(
2438 struct wpa_supplicant
*wpa_s
,
2439 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2440 struct wpa_driver_associate_params
*params
,
2441 enum wpa_drv_update_connect_params_mask
*mask
)
2444 size_t max_wpa_ie_len
= 500;
2446 int algs
= WPA_AUTH_ALG_OPEN
;
2451 const u8
*realm
, *username
, *rrk
;
2452 size_t realm_len
, username_len
, rrk_len
;
2454 struct fils_hlp_req
*req
;
2456 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2458 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2459 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2461 #endif /* CONFIG_FILS */
2463 wpa_ie
= os_malloc(max_wpa_ie_len
);
2465 wpa_printf(MSG_ERROR
,
2466 "Failed to allocate connect IE buffer for %lu bytes",
2467 (unsigned long) max_wpa_ie_len
);
2471 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2472 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2473 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2474 int try_opportunistic
;
2475 const u8
*cache_id
= NULL
;
2477 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2479 ssid
->proactive_key_caching
) &&
2480 (ssid
->proto
& WPA_PROTO_RSN
);
2482 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2483 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2484 #endif /* CONFIG_FILS */
2485 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2486 ssid
, try_opportunistic
,
2488 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2489 wpa_ie_len
= max_wpa_ie_len
;
2490 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2491 wpa_ie
, &wpa_ie_len
)) {
2492 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2493 "key management and encryption suites");
2497 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2498 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2500 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2501 * use non-WPA since the scan results did not indicate that the
2502 * AP is using WPA or WPA2.
2504 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2506 wpa_s
->wpa_proto
= 0;
2507 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2508 wpa_ie_len
= max_wpa_ie_len
;
2509 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2510 wpa_ie
, &wpa_ie_len
)) {
2511 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2512 "key management and encryption suites (no "
2518 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2519 struct wpabuf
*wps_ie
;
2520 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2521 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2522 wpa_ie_len
= wpabuf_len(wps_ie
);
2523 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2526 wpabuf_free(wps_ie
);
2527 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2528 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2529 params
->wps
= WPS_MODE_PRIVACY
;
2531 params
->wps
= WPS_MODE_OPEN
;
2532 wpa_s
->wpa_proto
= 0;
2533 #endif /* CONFIG_WPS */
2535 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2537 wpa_s
->wpa_proto
= 0;
2540 #ifdef IEEE8021X_EAPOL
2541 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2543 if (ssid
->non_leap
== 0)
2544 algs
= WPA_AUTH_ALG_LEAP
;
2546 algs
|= WPA_AUTH_ALG_LEAP
;
2551 /* Clear FILS association */
2552 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2554 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2555 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2556 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2557 &username_len
, &realm
, &realm_len
,
2558 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2559 (!wpa_s
->last_con_fail_realm
||
2560 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2561 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2562 algs
= WPA_AUTH_ALG_FILS
;
2563 params
->fils_erp_username
= username
;
2564 params
->fils_erp_username_len
= username_len
;
2565 params
->fils_erp_realm
= realm
;
2566 params
->fils_erp_realm_len
= realm_len
;
2567 params
->fils_erp_next_seq_num
= next_seq_num
;
2568 params
->fils_erp_rrk
= rrk
;
2569 params
->fils_erp_rrk_len
= rrk_len
;
2572 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2574 #endif /* CONFIG_FILS */
2575 #endif /* IEEE8021X_EAPOL */
2577 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2578 algs
= WPA_AUTH_ALG_SAE
;
2579 #endif /* CONFIG_SAE */
2581 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2582 if (ssid
->auth_alg
) {
2583 algs
= ssid
->auth_alg
;
2584 wpa_dbg(wpa_s
, MSG_DEBUG
,
2585 "Overriding auth_alg selection: 0x%x", algs
);
2589 if (wpa_s
->global
->p2p
) {
2593 pos
= wpa_ie
+ wpa_ie_len
;
2594 len
= max_wpa_ie_len
- wpa_ie_len
;
2595 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2601 wpa_s
->cross_connect_disallowed
= 0;
2604 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2606 wpa_s
->cross_connect_disallowed
=
2607 p2p_get_cross_connect_disallowed(p2p
);
2609 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2611 wpa_s
->cross_connect_disallowed
?
2612 "disallows" : "allows");
2616 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2617 #endif /* CONFIG_P2P */
2620 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2621 wpa_ie
+ wpa_ie_len
,
2627 * Workaround: Add Extended Capabilities element only if the AP
2628 * included this element in Beacon/Probe Response frames. Some older
2629 * APs seem to have interoperability issues if this element is
2630 * included, so while the standard may require us to include the
2631 * element in all cases, it is justifiable to skip it to avoid
2632 * interoperability issues.
2634 if (ssid
->p2p_group
)
2635 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2637 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2639 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2642 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2644 if (ext_capab_len
> 0 &&
2645 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2647 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2649 os_memmove(pos
+ ext_capab_len
, pos
,
2650 wpa_ie_len
- (pos
- wpa_ie
));
2651 wpa_ie_len
+= ext_capab_len
;
2652 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2657 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2658 struct wpabuf
*hs20
;
2660 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2662 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2665 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2666 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2667 len
= max_wpa_ie_len
- wpa_ie_len
;
2668 if (wpabuf_len(hs20
) <= len
) {
2669 os_memcpy(wpa_ie
+ wpa_ie_len
,
2670 wpabuf_head(hs20
), wpabuf_len(hs20
));
2671 wpa_ie_len
+= wpabuf_len(hs20
);
2675 hs20_configure_frame_filters(wpa_s
);
2678 #endif /* CONFIG_HS20 */
2680 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2681 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2684 len
= max_wpa_ie_len
- wpa_ie_len
;
2685 if (wpabuf_len(buf
) <= len
) {
2686 os_memcpy(wpa_ie
+ wpa_ie_len
,
2687 wpabuf_head(buf
), wpabuf_len(buf
));
2688 wpa_ie_len
+= wpabuf_len(buf
);
2693 if (wpa_s
->fst_ies
) {
2694 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2696 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2697 os_memcpy(wpa_ie
+ wpa_ie_len
,
2698 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2699 wpa_ie_len
+= fst_ies_len
;
2702 #endif /* CONFIG_FST */
2705 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2709 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2710 max_wpa_ie_len
- wpa_ie_len
,
2711 !!mbo_attr_from_mbo_ie(mbo_ie
,
2712 OCE_ATTR_ID_CAPA_IND
));
2716 #endif /* CONFIG_MBO */
2719 if (algs
== WPA_AUTH_ALG_FILS
) {
2722 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2723 max_wpa_ie_len
- wpa_ie_len
);
2726 #endif /* CONFIG_FILS */
2729 #ifdef CONFIG_TESTING_OPTIONS
2730 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2731 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2733 #endif /* CONFIG_TESTING_OPTIONS */
2734 if (algs
== WPA_AUTH_ALG_OPEN
&&
2735 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2736 struct wpabuf
*owe_ie
;
2739 if (ssid
->owe_group
) {
2740 group
= ssid
->owe_group
;
2742 if (wpa_s
->last_owe_group
== 19)
2744 else if (wpa_s
->last_owe_group
== 20)
2747 group
= OWE_DH_GROUP
;
2749 wpa_s
->last_owe_group
= group
;
2750 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2751 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2753 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2754 os_memcpy(wpa_ie
+ wpa_ie_len
,
2755 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2756 wpa_ie_len
+= wpabuf_len(owe_ie
);
2757 wpabuf_free(owe_ie
);
2760 #endif /* CONFIG_OWE */
2762 #ifdef CONFIG_IEEE80211R
2764 * Add MDIE under these conditions: the network profile allows FT,
2765 * the AP supports FT, and the mobility domain ID matches.
2767 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2768 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2770 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2772 const u8
*md
= mdie
+ 2;
2773 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2775 if (os_memcmp(md
, wpa_md
,
2776 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2777 /* Add mobility domain IE */
2778 len
= wpa_ft_add_mdie(
2779 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2780 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2784 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2785 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2786 wpa_dbg(wpa_s
, MSG_DEBUG
,
2787 "SME: Trying to use FT over-the-air");
2788 algs
|= WPA_AUTH_ALG_FT
;
2790 #endif /* CONFIG_SME */
2793 #endif /* CONFIG_IEEE80211R */
2795 params
->wpa_ie
= wpa_ie
;
2796 params
->wpa_ie_len
= wpa_ie_len
;
2797 params
->auth_alg
= algs
;
2799 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2805 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2806 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
2808 struct wpa_driver_associate_params params
;
2809 enum wpa_drv_update_connect_params_mask mask
= 0;
2812 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
2813 return; /* nothing to do */
2815 os_memset(¶ms
, 0, sizeof(params
));
2816 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2817 wpa_s
->current_ssid
, ¶ms
, &mask
);
2821 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
2826 wpa_s
->auth_alg
= params
.auth_alg
;
2827 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
2830 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2833 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2835 struct wpa_connect_work
*cwork
= work
->ctx
;
2836 struct wpa_bss
*bss
= cwork
->bss
;
2837 struct wpa_ssid
*ssid
= cwork
->ssid
;
2838 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2840 int use_crypt
, ret
, i
, bssid_changed
;
2841 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2842 struct wpa_driver_associate_params params
;
2843 int wep_keys_set
= 0;
2844 int assoc_failed
= 0;
2845 struct wpa_ssid
*old_ssid
;
2846 u8 prev_bssid
[ETH_ALEN
];
2847 #ifdef CONFIG_HT_OVERRIDES
2848 struct ieee80211_ht_capabilities htcaps
;
2849 struct ieee80211_ht_capabilities htcaps_mask
;
2850 #endif /* CONFIG_HT_OVERRIDES */
2851 #ifdef CONFIG_VHT_OVERRIDES
2852 struct ieee80211_vht_capabilities vhtcaps
;
2853 struct ieee80211_vht_capabilities vhtcaps_mask
;
2854 #endif /* CONFIG_VHT_OVERRIDES */
2857 if (work
->started
) {
2858 wpa_s
->connect_work
= NULL
;
2860 /* cancel possible auth. timeout */
2861 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2864 wpas_connect_work_free(cwork
);
2868 wpa_s
->connect_work
= work
;
2870 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2871 wpas_network_disabled(wpa_s
, ssid
)) {
2872 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2873 wpas_connect_work_done(wpa_s
);
2877 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2878 os_memset(¶ms
, 0, sizeof(params
));
2879 wpa_s
->reassociate
= 0;
2880 wpa_s
->eap_expected_failure
= 0;
2882 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2883 #ifdef CONFIG_IEEE80211R
2884 const u8
*ie
, *md
= NULL
;
2885 #endif /* CONFIG_IEEE80211R */
2886 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2887 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2888 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2889 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2890 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2891 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2893 wpas_notify_bssid_changed(wpa_s
);
2894 #ifdef CONFIG_IEEE80211R
2895 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2896 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2898 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2900 /* Prepare for the next transition */
2901 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2903 #endif /* CONFIG_IEEE80211R */
2905 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2906 wpa_s
->conf
->ap_scan
== 2 &&
2907 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2908 /* Use ap_scan==1 style network selection to find the network
2910 wpas_connect_work_done(wpa_s
);
2911 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2912 wpa_s
->reassociate
= 1;
2913 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2915 #endif /* CONFIG_WPS */
2917 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2918 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2920 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2922 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2925 wpa_supplicant_cancel_sched_scan(wpa_s
);
2927 wpa_supplicant_cancel_scan(wpa_s
);
2929 /* Starting new association, so clear the possibly used WPA IE from the
2930 * previous association. */
2931 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2933 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
2935 wpas_connect_work_done(wpa_s
);
2939 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2941 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2942 cipher_group
= wpa_s
->group_cipher
;
2943 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2944 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2945 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2946 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2948 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2953 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2956 #ifdef IEEE8021X_EAPOL
2957 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2958 if ((ssid
->eapol_flags
&
2959 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2960 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2964 /* Assume that dynamic WEP-104 keys will be used and
2965 * set cipher suites in order for drivers to expect
2967 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2970 #endif /* IEEE8021X_EAPOL */
2972 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2973 /* Set the key before (and later after) association */
2974 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2977 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2979 params
.ssid
= bss
->ssid
;
2980 params
.ssid_len
= bss
->ssid_len
;
2981 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2982 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2983 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2984 MACSTR
" freq=%u MHz based on scan results "
2985 "(bssid_set=%d wps=%d)",
2986 MAC2STR(bss
->bssid
), bss
->freq
,
2988 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2989 params
.bssid
= bss
->bssid
;
2990 params
.freq
.freq
= bss
->freq
;
2992 params
.bssid_hint
= bss
->bssid
;
2993 params
.freq_hint
= bss
->freq
;
2994 params
.pbss
= bss_is_pbss(bss
);
2996 if (ssid
->bssid_hint_set
)
2997 params
.bssid_hint
= ssid
->bssid_hint
;
2999 params
.ssid
= ssid
->ssid
;
3000 params
.ssid_len
= ssid
->ssid_len
;
3001 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3004 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3005 wpa_s
->conf
->ap_scan
== 2) {
3006 params
.bssid
= ssid
->bssid
;
3007 params
.fixed_bssid
= 1;
3010 /* Initial frequency for IBSS/mesh */
3011 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3012 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3013 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3015 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3016 params
.fixed_freq
= ssid
->fixed_freq
;
3017 if (ssid
->beacon_int
)
3018 params
.beacon_int
= ssid
->beacon_int
;
3020 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3023 params
.pairwise_suite
= cipher_pairwise
;
3024 params
.group_suite
= cipher_group
;
3025 params
.mgmt_group_suite
= cipher_group_mgmt
;
3026 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3027 params
.wpa_proto
= wpa_s
->wpa_proto
;
3028 wpa_s
->auth_alg
= params
.auth_alg
;
3029 params
.mode
= ssid
->mode
;
3030 params
.bg_scan_period
= ssid
->bg_scan_period
;
3031 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3032 if (ssid
->wep_key_len
[i
])
3033 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3034 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3036 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3038 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3039 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3040 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3041 params
.passphrase
= ssid
->passphrase
;
3043 params
.psk
= ssid
->psk
;
3046 if (wpa_s
->conf
->key_mgmt_offload
) {
3047 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3048 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3049 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3050 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3051 params
.req_key_mgmt_offload
=
3052 ssid
->proactive_key_caching
< 0 ?
3053 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3055 params
.req_key_mgmt_offload
= 1;
3057 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3058 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3059 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3061 params
.psk
= ssid
->psk
;
3064 params
.drop_unencrypted
= use_crypt
;
3066 #ifdef CONFIG_IEEE80211W
3067 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3068 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3069 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3070 struct wpa_ie_data ie
;
3071 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3073 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3074 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3075 "MFP: require MFP");
3076 params
.mgmt_frame_protection
=
3077 MGMT_FRAME_PROTECTION_REQUIRED
;
3080 #endif /* CONFIG_IEEE80211W */
3082 params
.p2p
= ssid
->p2p_group
;
3084 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3085 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3089 #ifdef CONFIG_HT_OVERRIDES
3090 os_memset(&htcaps
, 0, sizeof(htcaps
));
3091 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3092 params
.htcaps
= (u8
*) &htcaps
;
3093 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3094 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3095 #endif /* CONFIG_HT_OVERRIDES */
3096 #ifdef CONFIG_VHT_OVERRIDES
3097 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3098 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3099 params
.vhtcaps
= &vhtcaps
;
3100 params
.vhtcaps_mask
= &vhtcaps_mask
;
3101 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3102 #endif /* CONFIG_VHT_OVERRIDES */
3106 * If multi-channel concurrency is not supported, check for any
3107 * frequency conflict. In case of any frequency conflict, remove the
3108 * least prioritized connection.
3110 if (wpa_s
->num_multichan_concurrent
< 2) {
3112 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3113 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3114 wpa_printf(MSG_DEBUG
,
3115 "Assoc conflicting freq found (%d != %d)",
3116 freq
, params
.freq
.freq
);
3117 if (wpas_p2p_handle_frequency_conflicts(
3118 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3119 wpas_connect_work_done(wpa_s
);
3125 #endif /* CONFIG_P2P */
3127 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3128 wpa_s
->current_ssid
)
3129 params
.prev_bssid
= prev_bssid
;
3131 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3134 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3136 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3138 * The driver is known to mean what is saying, so we
3139 * can stop right here; the association will not
3142 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3143 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3144 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3147 /* try to continue anyway; new association will be tried again
3152 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3153 /* Set the key after the association just in case association
3154 * cleared the previously configured key. */
3155 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3156 /* No need to timeout authentication since there is no key
3158 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3159 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3160 #ifdef CONFIG_IBSS_RSN
3161 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3162 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3163 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3165 * RSN IBSS authentication is per-STA and we can disable the
3166 * per-BSSID authentication.
3168 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3169 #endif /* CONFIG_IBSS_RSN */
3171 /* Timeout for IEEE 802.11 authentication and association */
3175 /* give IBSS a bit more time */
3176 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3177 } else if (wpa_s
->conf
->ap_scan
== 1) {
3178 /* give IBSS a bit more time */
3179 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3181 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3185 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3186 /* Set static WEP keys again */
3187 wpa_set_wep_keys(wpa_s
, ssid
);
3190 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3192 * Do not allow EAP session resumption between different
3193 * network configurations.
3195 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3197 old_ssid
= wpa_s
->current_ssid
;
3198 wpa_s
->current_ssid
= ssid
;
3200 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3201 wpa_s
->current_bss
= bss
;
3203 hs20_configure_frame_filters(wpa_s
);
3204 #endif /* CONFIG_HS20 */
3207 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3208 wpa_supplicant_initiate_eapol(wpa_s
);
3209 if (old_ssid
!= wpa_s
->current_ssid
)
3210 wpas_notify_network_changed(wpa_s
);
3214 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3217 struct wpa_ssid
*old_ssid
;
3219 wpas_connect_work_done(wpa_s
);
3220 wpa_clear_keys(wpa_s
, addr
);
3221 old_ssid
= wpa_s
->current_ssid
;
3222 wpa_supplicant_mark_disassoc(wpa_s
);
3223 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3224 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3225 if (old_ssid
!= wpa_s
->current_ssid
)
3226 wpas_notify_network_changed(wpa_s
);
3227 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3232 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3233 * @wpa_s: Pointer to wpa_supplicant data
3234 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3236 * This function is used to request %wpa_supplicant to deauthenticate from the
3239 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3243 union wpa_event_data event
;
3246 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3247 " pending_bssid=" MACSTR
" reason=%d state=%s",
3248 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3249 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3251 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3252 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3253 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3254 addr
= wpa_s
->pending_bssid
;
3255 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3256 addr
= wpa_s
->bssid
;
3257 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3259 * When using driver-based BSS selection, we may not know the
3260 * BSSID with which we are currently trying to associate. We
3261 * need to notify the driver of this disconnection even in such
3262 * a case, so use the all zeros address here.
3264 addr
= wpa_s
->bssid
;
3269 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3270 #endif /* CONFIG_TDLS */
3274 struct mesh_conf
*mconf
;
3276 mconf
= wpa_s
->ifmsh
->mconf
;
3277 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3279 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3280 mconf
->meshid_len
, reason_code
);
3281 wpa_supplicant_leave_mesh(wpa_s
);
3283 #endif /* CONFIG_MESH */
3286 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3287 os_memset(&event
, 0, sizeof(event
));
3288 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3289 event
.deauth_info
.locally_generated
= 1;
3290 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3295 wpa_supplicant_clear_connection(wpa_s
, addr
);
3298 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3299 struct wpa_ssid
*ssid
)
3301 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3305 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3306 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3309 * Try to reassociate since there is no current configuration and a new
3310 * network was made available.
3312 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3313 wpa_s
->reassociate
= 1;
3318 * wpa_supplicant_add_network - Add a new network
3319 * @wpa_s: wpa_supplicant structure for a network interface
3320 * Returns: The new network configuration or %NULL if operation failed
3322 * This function performs the following operations:
3323 * 1. Adds a new network.
3324 * 2. Send network addition notification.
3325 * 3. Marks the network disabled.
3326 * 4. Set network default parameters.
3328 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3330 struct wpa_ssid
*ssid
;
3332 ssid
= wpa_config_add_network(wpa_s
->conf
);
3335 wpas_notify_network_added(wpa_s
, ssid
);
3337 wpa_config_set_network_defaults(ssid
);
3344 * wpa_supplicant_remove_network - Remove a configured network based on id
3345 * @wpa_s: wpa_supplicant structure for a network interface
3346 * @id: Unique network id to search for
3347 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3348 * could not be removed
3350 * This function performs the following operations:
3351 * 1. Removes the network.
3352 * 2. Send network removal notification.
3353 * 3. Update internal state machines.
3354 * 4. Stop any running sched scans.
3356 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3358 struct wpa_ssid
*ssid
;
3361 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3364 wpas_notify_network_removed(wpa_s
, ssid
);
3366 if (wpa_s
->last_ssid
== ssid
)
3367 wpa_s
->last_ssid
= NULL
;
3369 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3371 wpa_s
->sme
.prev_bssid_set
= 0;
3372 #endif /* CONFIG_SME */
3374 * Invalidate the EAP session cache if the current or
3375 * previously used network is removed.
3377 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3380 if (ssid
== wpa_s
->current_ssid
) {
3381 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3382 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3384 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3385 wpa_s
->own_disconnect_req
= 1;
3386 wpa_supplicant_deauthenticate(wpa_s
,
3387 WLAN_REASON_DEAUTH_LEAVING
);
3390 was_disabled
= ssid
->disabled
;
3392 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3395 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3396 wpa_printf(MSG_DEBUG
,
3397 "Stop ongoing sched_scan to remove network from filters");
3398 wpa_supplicant_cancel_sched_scan(wpa_s
);
3399 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3407 * wpa_supplicant_enable_network - Mark a configured network as enabled
3408 * @wpa_s: wpa_supplicant structure for a network interface
3409 * @ssid: wpa_ssid structure for a configured network or %NULL
3411 * Enables the specified network or all networks if no network specified.
3413 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3414 struct wpa_ssid
*ssid
)
3417 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3418 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3420 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3422 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3423 (!wpa_s
->current_ssid
||
3424 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3425 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3426 if (wpa_s
->sched_scanning
) {
3427 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3428 "new network to scan filters");
3429 wpa_supplicant_cancel_sched_scan(wpa_s
);
3432 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3433 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3434 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3441 * wpa_supplicant_disable_network - Mark a configured network as disabled
3442 * @wpa_s: wpa_supplicant structure for a network interface
3443 * @ssid: wpa_ssid structure for a configured network or %NULL
3445 * Disables the specified network or all networks if no network specified.
3447 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3448 struct wpa_ssid
*ssid
)
3450 struct wpa_ssid
*other_ssid
;
3454 if (wpa_s
->sched_scanning
)
3455 wpa_supplicant_cancel_sched_scan(wpa_s
);
3457 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3458 other_ssid
= other_ssid
->next
) {
3459 was_disabled
= other_ssid
->disabled
;
3460 if (was_disabled
== 2)
3461 continue; /* do not change persistent P2P group
3464 other_ssid
->disabled
= 1;
3466 if (was_disabled
!= other_ssid
->disabled
)
3467 wpas_notify_network_enabled_changed(
3470 if (wpa_s
->current_ssid
) {
3471 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3472 wpa_s
->own_disconnect_req
= 1;
3473 wpa_supplicant_deauthenticate(
3474 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3476 } else if (ssid
->disabled
!= 2) {
3477 if (ssid
== wpa_s
->current_ssid
) {
3478 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3479 wpa_s
->own_disconnect_req
= 1;
3480 wpa_supplicant_deauthenticate(
3481 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3484 was_disabled
= ssid
->disabled
;
3488 if (was_disabled
!= ssid
->disabled
) {
3489 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3490 if (wpa_s
->sched_scanning
) {
3491 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3492 "to remove network from filters");
3493 wpa_supplicant_cancel_sched_scan(wpa_s
);
3494 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3502 * wpa_supplicant_select_network - Attempt association with a network
3503 * @wpa_s: wpa_supplicant structure for a network interface
3504 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3506 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3507 struct wpa_ssid
*ssid
)
3510 struct wpa_ssid
*other_ssid
;
3511 int disconnected
= 0;
3513 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3514 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3515 wpa_s
->own_disconnect_req
= 1;
3516 wpa_supplicant_deauthenticate(
3517 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3522 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3525 * Mark all other networks disabled or mark all networks enabled if no
3526 * network specified.
3528 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3529 other_ssid
= other_ssid
->next
) {
3530 int was_disabled
= other_ssid
->disabled
;
3531 if (was_disabled
== 2)
3532 continue; /* do not change persistent P2P group data */
3534 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3535 if (was_disabled
&& !other_ssid
->disabled
)
3536 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3538 if (was_disabled
!= other_ssid
->disabled
)
3539 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3542 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3543 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3544 /* We are already associated with the selected network */
3545 wpa_printf(MSG_DEBUG
, "Already associated with the "
3546 "selected network - do nothing");
3551 wpa_s
->current_ssid
= ssid
;
3552 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3553 wpa_s
->connect_without_scan
=
3554 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3557 * Don't optimize next scan freqs since a new ESS has been
3560 os_free(wpa_s
->next_scan_freqs
);
3561 wpa_s
->next_scan_freqs
= NULL
;
3563 wpa_s
->connect_without_scan
= NULL
;
3566 wpa_s
->disconnected
= 0;
3567 wpa_s
->reassociate
= 1;
3568 wpa_s
->last_owe_group
= 0;
3570 if (wpa_s
->connect_without_scan
||
3571 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3572 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3573 wpas_scan_reset_sched_scan(wpa_s
);
3574 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3578 wpas_notify_network_selected(wpa_s
, ssid
);
3583 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3584 * @wpa_s: wpa_supplicant structure for a network interface
3585 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3586 * @pkcs11_module_path: PKCS #11 module path or NULL
3587 * Returns: 0 on success; -1 on failure
3589 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3590 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3591 * module path fails the paths will be reset to the default value (NULL).
3593 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3594 const char *pkcs11_engine_path
,
3595 const char *pkcs11_module_path
)
3597 char *pkcs11_engine_path_copy
= NULL
;
3598 char *pkcs11_module_path_copy
= NULL
;
3600 if (pkcs11_engine_path
!= NULL
) {
3601 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3602 if (pkcs11_engine_path_copy
== NULL
)
3605 if (pkcs11_module_path
!= NULL
) {
3606 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3607 if (pkcs11_module_path_copy
== NULL
) {
3608 os_free(pkcs11_engine_path_copy
);
3613 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3614 os_free(wpa_s
->conf
->pkcs11_module_path
);
3615 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3616 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3618 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3619 eapol_sm_deinit(wpa_s
->eapol
);
3620 wpa_s
->eapol
= NULL
;
3621 if (wpa_supplicant_init_eapol(wpa_s
)) {
3622 /* Error -> Reset paths to the default value (NULL) once. */
3623 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3624 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3629 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3636 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3637 * @wpa_s: wpa_supplicant structure for a network interface
3638 * @ap_scan: AP scan mode
3639 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3642 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3647 if (ap_scan
< 0 || ap_scan
> 2)
3650 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3651 wpa_printf(MSG_INFO
,
3652 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3656 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3657 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3658 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3659 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3660 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3663 #endif /* ANDROID */
3665 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3666 wpa_s
->conf
->ap_scan
= ap_scan
;
3668 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3669 wpas_notify_ap_scan_changed(wpa_s
);
3676 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3677 * @wpa_s: wpa_supplicant structure for a network interface
3678 * @expire_age: Expiration age in seconds
3679 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3682 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3683 unsigned int bss_expire_age
)
3685 if (bss_expire_age
< 10) {
3686 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3690 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3692 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3699 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3700 * @wpa_s: wpa_supplicant structure for a network interface
3701 * @expire_count: number of scans after which an unseen BSS is reclaimed
3702 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3705 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3706 unsigned int bss_expire_count
)
3708 if (bss_expire_count
< 1) {
3709 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3713 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3715 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3722 * wpa_supplicant_set_scan_interval - Set scan interval
3723 * @wpa_s: wpa_supplicant structure for a network interface
3724 * @scan_interval: scan interval in seconds
3725 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3728 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3731 if (scan_interval
< 0) {
3732 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3736 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3738 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3745 * wpa_supplicant_set_debug_params - Set global debug params
3746 * @global: wpa_global structure
3747 * @debug_level: debug level
3748 * @debug_timestamp: determines if show timestamp in debug data
3749 * @debug_show_keys: determines if show keys in debug data
3750 * Returns: 0 if succeed or -1 if debug_level has wrong value
3752 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3753 int debug_timestamp
, int debug_show_keys
)
3756 int old_level
, old_timestamp
, old_show_keys
;
3758 /* check for allowed debuglevels */
3759 if (debug_level
!= MSG_EXCESSIVE
&&
3760 debug_level
!= MSG_MSGDUMP
&&
3761 debug_level
!= MSG_DEBUG
&&
3762 debug_level
!= MSG_INFO
&&
3763 debug_level
!= MSG_WARNING
&&
3764 debug_level
!= MSG_ERROR
)
3767 old_level
= wpa_debug_level
;
3768 old_timestamp
= wpa_debug_timestamp
;
3769 old_show_keys
= wpa_debug_show_keys
;
3771 wpa_debug_level
= debug_level
;
3772 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3773 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3775 if (wpa_debug_level
!= old_level
)
3776 wpas_notify_debug_level_changed(global
);
3777 if (wpa_debug_timestamp
!= old_timestamp
)
3778 wpas_notify_debug_timestamp_changed(global
);
3779 if (wpa_debug_show_keys
!= old_show_keys
)
3780 wpas_notify_debug_show_keys_changed(global
);
3787 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
3788 const u8
*entry_ssid
, size_t entry_ssid_len
)
3790 const u8
*owe
, *pos
, *end
;
3792 struct wpa_bss
*bss
;
3794 /* Check network profile SSID aganst the SSID in the
3795 * OWE Transition Mode element. */
3797 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
3801 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
3806 end
= owe
+ 2 + owe
[1];
3808 if (end
- pos
< ETH_ALEN
+ 1)
3812 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
3815 return entry_ssid_len
== ssid_len
&&
3816 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
3818 #endif /* CONFIG_OWE */
3822 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3823 * @wpa_s: Pointer to wpa_supplicant data
3824 * Returns: A pointer to the current network structure or %NULL on failure
3826 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3828 struct wpa_ssid
*entry
;
3829 u8 ssid
[SSID_MAX_LEN
];
3835 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3837 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3843 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3844 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3849 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3850 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3852 entry
= wpa_s
->conf
->ssid
;
3854 if (!wpas_network_disabled(wpa_s
, entry
) &&
3855 ((ssid_len
== entry
->ssid_len
&&
3856 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3857 (!entry
->bssid_set
||
3858 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3861 if (!wpas_network_disabled(wpa_s
, entry
) &&
3862 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3863 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3864 (!entry
->bssid_set
||
3865 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3867 #endif /* CONFIG_WPS */
3870 if (!wpas_network_disabled(wpa_s
, entry
) &&
3871 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
3873 (!entry
->bssid_set
||
3874 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3876 #endif /* CONFIG_OWE */
3878 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3879 entry
->ssid_len
== 0 &&
3880 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3883 entry
= entry
->next
;
3890 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3892 struct wpa_global
*global
= wpa_s
->global
;
3894 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3895 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3896 if (global
->drv_priv
[i
] == NULL
) {
3897 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3898 "'%s'", wpa_drivers
[i
]->name
);
3903 wpa_s
->driver
= wpa_drivers
[i
];
3904 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3910 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3915 const char *pos
, *driver
= name
;
3920 if (wpa_drivers
[0] == NULL
) {
3921 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3927 /* default to first driver in the list */
3928 return select_driver(wpa_s
, 0);
3932 pos
= os_strchr(driver
, ',');
3936 len
= os_strlen(driver
);
3938 for (i
= 0; wpa_drivers
[i
]; i
++) {
3939 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3940 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3942 /* First driver that succeeds wins */
3943 if (select_driver(wpa_s
, i
) == 0)
3951 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3957 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3958 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3959 * with struct wpa_driver_ops::init()
3960 * @src_addr: Source address of the EAPOL frame
3961 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3962 * @len: Length of the EAPOL data
3964 * This function is called for each received EAPOL frame. Most driver
3965 * interfaces rely on more generic OS mechanism for receiving frames through
3966 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3967 * take care of received EAPOL frames and deliver them to the core supplicant
3968 * code by calling this function.
3970 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3971 const u8
*buf
, size_t len
)
3973 struct wpa_supplicant
*wpa_s
= ctx
;
3975 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3976 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3978 #ifdef CONFIG_TESTING_OPTIONS
3979 if (wpa_s
->ignore_auth_resp
) {
3980 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3983 #endif /* CONFIG_TESTING_OPTIONS */
3985 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3986 (wpa_s
->last_eapol_matches_bssid
&&
3989 #endif /* CONFIG_AP */
3990 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3992 * There is possible race condition between receiving the
3993 * association event and the EAPOL frame since they are coming
3994 * through different paths from the driver. In order to avoid
3995 * issues in trying to process the EAPOL frame before receiving
3996 * association information, lets queue it for processing until
3997 * the association event is received. This may also be needed in
3998 * driver-based roaming case, so also use src_addr != BSSID as a
3999 * trigger if we have previously confirmed that the
4000 * Authenticator uses BSSID as the src_addr (which is not the
4001 * case with wired IEEE 802.1X).
4003 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4004 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4005 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4006 MAC2STR(wpa_s
->bssid
));
4007 wpabuf_free(wpa_s
->pending_eapol_rx
);
4008 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4009 if (wpa_s
->pending_eapol_rx
) {
4010 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4011 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4017 wpa_s
->last_eapol_matches_bssid
=
4018 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4021 if (wpa_s
->ap_iface
) {
4022 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4025 #endif /* CONFIG_AP */
4027 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4028 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4029 "no key management is configured");
4033 if (wpa_s
->eapol_received
== 0 &&
4034 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
4035 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4036 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4037 (wpa_s
->current_ssid
== NULL
||
4038 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
4039 /* Timeout for completing IEEE 802.1X and WPA authentication */
4042 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4043 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4044 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4045 /* Use longer timeout for IEEE 802.1X/EAP */
4050 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4051 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4052 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4054 * Use shorter timeout if going through WPS AP iteration
4055 * for PIN config method with an AP that does not
4056 * advertise Selected Registrar.
4058 struct wpabuf
*wps_ie
;
4060 wps_ie
= wpa_bss_get_vendor_ie_multi(
4061 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4063 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4065 wpabuf_free(wps_ie
);
4067 #endif /* CONFIG_WPS */
4069 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4071 wpa_s
->eapol_received
++;
4073 if (wpa_s
->countermeasures
) {
4074 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4079 #ifdef CONFIG_IBSS_RSN
4080 if (wpa_s
->current_ssid
&&
4081 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4082 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4085 #endif /* CONFIG_IBSS_RSN */
4087 /* Source address of the incoming EAPOL frame could be compared to the
4088 * current BSSID. However, it is possible that a centralized
4089 * Authenticator could be using another MAC address than the BSSID of
4090 * an AP, so just allow any address to be used for now. The replies are
4091 * still sent to the current BSSID (if available), though. */
4093 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4094 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4095 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4096 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4097 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4099 wpa_drv_poll(wpa_s
);
4100 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
4101 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4102 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4104 * Set portValid = TRUE here since we are going to skip 4-way
4105 * handshake processing which would normally set portValid. We
4106 * need this to allow the EAPOL state machines to be completed
4107 * without going through EAPOL-Key handshake.
4109 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4114 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4116 if ((!wpa_s
->p2p_mgmt
||
4117 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4118 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4119 l2_packet_deinit(wpa_s
->l2
);
4120 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4121 wpa_drv_get_mac_addr(wpa_s
),
4123 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4124 if (wpa_s
->l2
== NULL
)
4127 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4128 L2_PACKET_FILTER_PKTTYPE
))
4129 wpa_dbg(wpa_s
, MSG_DEBUG
,
4130 "Failed to attach pkt_type filter");
4132 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4134 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4137 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4138 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4142 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4148 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4149 const u8
*buf
, size_t len
)
4151 struct wpa_supplicant
*wpa_s
= ctx
;
4152 const struct l2_ethhdr
*eth
;
4154 if (len
< sizeof(*eth
))
4156 eth
= (const struct l2_ethhdr
*) buf
;
4158 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4159 !(eth
->h_dest
[0] & 0x01)) {
4160 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4161 " (bridge - not for this interface - ignore)",
4162 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4166 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4167 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4168 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4169 len
- sizeof(*eth
));
4174 * wpa_supplicant_driver_init - Initialize driver interface parameters
4175 * @wpa_s: Pointer to wpa_supplicant data
4176 * Returns: 0 on success, -1 on failure
4178 * This function is called to initialize driver interface parameters.
4179 * wpa_drv_init() must have been called before this function to initialize the
4182 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4184 static int interface_count
= 0;
4186 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4189 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4190 MAC2STR(wpa_s
->own_addr
));
4191 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4192 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4194 if (wpa_s
->bridge_ifname
[0]) {
4195 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4196 "interface '%s'", wpa_s
->bridge_ifname
);
4197 wpa_s
->l2_br
= l2_packet_init_bridge(
4198 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4199 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4200 if (wpa_s
->l2_br
== NULL
) {
4201 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4202 "connection for the bridge interface '%s'",
4203 wpa_s
->bridge_ifname
);
4208 if (wpa_s
->conf
->ap_scan
== 2 &&
4209 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4210 wpa_printf(MSG_INFO
,
4211 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4214 wpa_clear_keys(wpa_s
, NULL
);
4216 /* Make sure that TKIP countermeasures are not left enabled (could
4217 * happen if wpa_supplicant is killed during countermeasures. */
4218 wpa_drv_set_countermeasures(wpa_s
, 0);
4220 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4221 wpa_drv_flush_pmkid(wpa_s
);
4223 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4224 wpa_s
->prev_scan_wildcard
= 0;
4226 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4227 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4228 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4229 interface_count
= 0;
4232 if (!wpa_s
->p2p_mgmt
&&
4233 wpa_supplicant_delayed_sched_scan(wpa_s
,
4234 interface_count
% 3,
4236 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4238 #endif /* ANDROID */
4241 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4247 static int wpa_supplicant_daemon(const char *pid_file
)
4249 wpa_printf(MSG_DEBUG
, "Daemonize..");
4250 return os_daemonize(pid_file
);
4254 static struct wpa_supplicant
*
4255 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4257 struct wpa_supplicant
*wpa_s
;
4259 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4262 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4263 wpa_s
->scan_interval
= 5;
4264 wpa_s
->new_connection
= 1;
4265 wpa_s
->parent
= parent
? parent
: wpa_s
;
4266 wpa_s
->p2pdev
= wpa_s
->parent
;
4267 wpa_s
->sched_scanning
= 0;
4269 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4270 dl_list_init(&wpa_s
->fils_hlp_req
);
4276 #ifdef CONFIG_HT_OVERRIDES
4278 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4279 struct ieee80211_ht_capabilities
*htcaps
,
4280 struct ieee80211_ht_capabilities
*htcaps_mask
,
4283 /* parse ht_mcs into hex array */
4285 const char *tmp
= ht_mcs
;
4288 /* If ht_mcs is null, do not set anything */
4292 /* This is what we are setting in the kernel */
4293 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4295 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4297 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4301 v
= strtol(tmp
, &end
, 16);
4304 wpa_msg(wpa_s
, MSG_DEBUG
,
4305 "htcap value[%i]: %ld end: %p tmp: %p",
4310 htcaps
->supported_mcs_set
[i
] = v
;
4313 wpa_msg(wpa_s
, MSG_ERROR
,
4314 "Failed to parse ht-mcs: %s, error: %s\n",
4315 ht_mcs
, strerror(errno
));
4321 * If we were able to parse any values, then set mask for the MCS set.
4324 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4325 IEEE80211_HT_MCS_MASK_LEN
- 1);
4326 /* skip the 3 reserved bits */
4327 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4335 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4336 struct ieee80211_ht_capabilities
*htcaps
,
4337 struct ieee80211_ht_capabilities
*htcaps_mask
,
4342 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4347 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4348 htcaps_mask
->ht_capabilities_info
|= msk
;
4350 htcaps
->ht_capabilities_info
&= msk
;
4352 htcaps
->ht_capabilities_info
|= msk
;
4358 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4359 struct ieee80211_ht_capabilities
*htcaps
,
4360 struct ieee80211_ht_capabilities
*htcaps_mask
,
4363 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4368 if (factor
< 0 || factor
> 3) {
4369 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4370 "Must be 0-3 or -1", factor
);
4374 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4375 htcaps
->a_mpdu_params
&= ~0x3;
4376 htcaps
->a_mpdu_params
|= factor
& 0x3;
4382 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4383 struct ieee80211_ht_capabilities
*htcaps
,
4384 struct ieee80211_ht_capabilities
*htcaps_mask
,
4387 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4392 if (density
< 0 || density
> 7) {
4393 wpa_msg(wpa_s
, MSG_ERROR
,
4394 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4399 htcaps_mask
->a_mpdu_params
|= 0x1C;
4400 htcaps
->a_mpdu_params
&= ~(0x1C);
4401 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4407 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4408 struct ieee80211_ht_capabilities
*htcaps
,
4409 struct ieee80211_ht_capabilities
*htcaps_mask
,
4412 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4414 set_disable_ht40(htcaps
, disabled
);
4415 set_disable_ht40(htcaps_mask
, 0);
4421 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4422 struct ieee80211_ht_capabilities
*htcaps
,
4423 struct ieee80211_ht_capabilities
*htcaps_mask
,
4426 /* Masking these out disables SGI */
4427 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4428 HT_CAP_INFO_SHORT_GI40MHZ
);
4430 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4433 htcaps
->ht_capabilities_info
&= ~msk
;
4435 htcaps
->ht_capabilities_info
|= msk
;
4437 htcaps_mask
->ht_capabilities_info
|= msk
;
4443 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4444 struct ieee80211_ht_capabilities
*htcaps
,
4445 struct ieee80211_ht_capabilities
*htcaps_mask
,
4448 /* Masking these out disables LDPC */
4449 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4451 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4454 htcaps
->ht_capabilities_info
&= ~msk
;
4456 htcaps
->ht_capabilities_info
|= msk
;
4458 htcaps_mask
->ht_capabilities_info
|= msk
;
4464 void wpa_supplicant_apply_ht_overrides(
4465 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4466 struct wpa_driver_associate_params
*params
)
4468 struct ieee80211_ht_capabilities
*htcaps
;
4469 struct ieee80211_ht_capabilities
*htcaps_mask
;
4474 params
->disable_ht
= ssid
->disable_ht
;
4475 if (!params
->htcaps
|| !params
->htcaps_mask
)
4478 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4479 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4480 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4481 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4482 ssid
->disable_max_amsdu
);
4483 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4484 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4485 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4486 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4487 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4489 if (ssid
->ht40_intolerant
) {
4490 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4491 htcaps
->ht_capabilities_info
|= bit
;
4492 htcaps_mask
->ht_capabilities_info
|= bit
;
4496 #endif /* CONFIG_HT_OVERRIDES */
4499 #ifdef CONFIG_VHT_OVERRIDES
4500 void wpa_supplicant_apply_vht_overrides(
4501 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4502 struct wpa_driver_associate_params
*params
)
4504 struct ieee80211_vht_capabilities
*vhtcaps
;
4505 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4510 params
->disable_vht
= ssid
->disable_vht
;
4512 vhtcaps
= (void *) params
->vhtcaps
;
4513 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4515 if (!vhtcaps
|| !vhtcaps_mask
)
4518 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4519 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4521 #ifdef CONFIG_HT_OVERRIDES
4522 /* if max ampdu is <= 3, we have to make the HT cap the same */
4523 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4526 max_ampdu
= (ssid
->vht_capa
&
4527 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4528 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4530 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4531 wpa_set_ampdu_factor(wpa_s
,
4532 (void *) params
->htcaps
,
4533 (void *) params
->htcaps_mask
,
4536 #endif /* CONFIG_HT_OVERRIDES */
4538 #define OVERRIDE_MCS(i) \
4539 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4540 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4541 host_to_le16(3 << 2 * (i - 1)); \
4542 vhtcaps->vht_supported_mcs_set.tx_map |= \
4543 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4546 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4547 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4548 host_to_le16(3 << 2 * (i - 1)); \
4549 vhtcaps->vht_supported_mcs_set.rx_map |= \
4550 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4563 #endif /* CONFIG_VHT_OVERRIDES */
4566 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4571 if (!wpa_s
->conf
->pcsc_reader
)
4574 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4578 if (wpa_s
->conf
->pcsc_pin
&&
4579 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4580 scard_deinit(wpa_s
->scard
);
4581 wpa_s
->scard
= NULL
;
4582 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4586 len
= sizeof(wpa_s
->imsi
) - 1;
4587 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4588 scard_deinit(wpa_s
->scard
);
4589 wpa_s
->scard
= NULL
;
4590 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4593 wpa_s
->imsi
[len
] = '\0';
4595 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4597 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4598 wpa_s
->imsi
, wpa_s
->mnc_len
);
4600 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4601 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4602 #endif /* PCSC_FUNCS */
4608 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4612 ext_password_deinit(wpa_s
->ext_pw
);
4613 wpa_s
->ext_pw
= NULL
;
4614 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4616 if (!wpa_s
->conf
->ext_password_backend
)
4619 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4622 pos
= os_strchr(val
, ':');
4626 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4628 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4630 if (wpa_s
->ext_pw
== NULL
) {
4631 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4634 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4642 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4644 struct wpa_supplicant
*wpa_s
= ctx
;
4646 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4647 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4651 static void wpas_fst_get_channel_info_cb(void *ctx
,
4652 enum hostapd_hw_mode
*hw_mode
,
4655 struct wpa_supplicant
*wpa_s
= ctx
;
4657 if (wpa_s
->current_bss
) {
4658 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4660 } else if (wpa_s
->hw
.num_modes
) {
4661 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4669 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4671 struct wpa_supplicant
*wpa_s
= ctx
;
4673 *modes
= wpa_s
->hw
.modes
;
4674 return wpa_s
->hw
.num_modes
;
4678 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4680 struct wpa_supplicant
*wpa_s
= ctx
;
4682 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4683 wpa_s
->fst_ies
= fst_ies
;
4687 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4689 struct wpa_supplicant
*wpa_s
= ctx
;
4691 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4692 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4693 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4696 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4697 wpa_s
->own_addr
, wpa_s
->bssid
,
4698 wpabuf_head(data
), wpabuf_len(data
),
4703 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4705 struct wpa_supplicant
*wpa_s
= ctx
;
4707 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4708 return wpa_s
->received_mb_ies
;
4712 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4713 const u8
*buf
, size_t size
)
4715 struct wpa_supplicant
*wpa_s
= ctx
;
4716 struct mb_ies_info info
;
4718 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4720 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4721 wpabuf_free(wpa_s
->received_mb_ies
);
4722 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4727 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4728 struct fst_get_peer_ctx
**get_ctx
,
4731 struct wpa_supplicant
*wpa_s
= ctx
;
4734 if (!is_zero_ether_addr(wpa_s
->bssid
))
4735 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4736 wpa_s
->bssid
: NULL
;
4741 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4742 struct fst_get_peer_ctx
**get_ctx
,
4748 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4749 struct fst_wpa_obj
*iface_obj
)
4751 iface_obj
->ctx
= wpa_s
;
4752 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4753 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4754 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4755 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4756 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4757 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4758 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4759 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4760 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4762 #endif /* CONFIG_FST */
4764 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4765 const struct wpa_driver_capa
*capa
)
4767 struct wowlan_triggers
*triggers
;
4770 if (!wpa_s
->conf
->wowlan_triggers
)
4773 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4775 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4782 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4785 return BAND_2_4_GHZ
;
4792 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4795 unsigned int band
= 0;
4798 /* freqs are specified for the radio work */
4799 for (i
= 0; freqs
[i
]; i
++)
4800 band
|= wpas_freq_to_band(freqs
[i
]);
4803 * freqs are not specified, implies all
4804 * the supported freqs by HW
4806 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4807 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4808 if (wpa_s
->hw
.modes
[i
].mode
==
4809 HOSTAPD_MODE_IEEE80211B
||
4810 wpa_s
->hw
.modes
[i
].mode
==
4811 HOSTAPD_MODE_IEEE80211G
)
4812 band
|= BAND_2_4_GHZ
;
4813 else if (wpa_s
->hw
.modes
[i
].mode
==
4814 HOSTAPD_MODE_IEEE80211A
)
4816 else if (wpa_s
->hw
.modes
[i
].mode
==
4817 HOSTAPD_MODE_IEEE80211AD
)
4818 band
|= BAND_60_GHZ
;
4819 else if (wpa_s
->hw
.modes
[i
].mode
==
4820 HOSTAPD_MODE_IEEE80211ANY
)
4821 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4831 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4834 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4835 struct wpa_radio
*radio
;
4837 while (rn
&& iface
) {
4838 radio
= iface
->radio
;
4839 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4840 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4842 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4846 iface
= iface
->next
;
4849 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4850 wpa_s
->ifname
, rn
? rn
: "N/A");
4851 radio
= os_zalloc(sizeof(*radio
));
4856 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4857 dl_list_init(&radio
->ifaces
);
4858 dl_list_init(&radio
->work
);
4859 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4865 static void radio_work_free(struct wpa_radio_work
*work
)
4867 if (work
->wpa_s
->scan_work
== work
) {
4868 /* This should not really happen. */
4869 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4870 work
->type
, work
, work
->started
);
4871 work
->wpa_s
->scan_work
= NULL
;
4875 if (work
->wpa_s
->p2p_scan_work
== work
) {
4876 /* This should not really happen. */
4877 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4878 work
->type
, work
, work
->started
);
4879 work
->wpa_s
->p2p_scan_work
= NULL
;
4881 #endif /* CONFIG_P2P */
4883 if (work
->started
) {
4884 work
->wpa_s
->radio
->num_active_works
--;
4885 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4886 "radio_work_free('%s'@%p): num_active_works --> %u",
4888 work
->wpa_s
->radio
->num_active_works
);
4891 dl_list_del(&work
->list
);
4896 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4898 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4899 os_strcmp(work
->type
, "connect") == 0;
4903 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4905 return os_strcmp(work
->type
, "scan") == 0 ||
4906 os_strcmp(work
->type
, "p2p-scan") == 0;
4910 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4912 struct wpa_radio_work
*active_work
= NULL
;
4913 struct wpa_radio_work
*tmp
;
4915 /* Get the active work to know the type and band. */
4916 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4924 /* No active work, start one */
4925 radio
->num_active_works
= 0;
4926 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4928 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4929 radio
->external_scan_running
&&
4930 (((struct wpa_driver_scan_params
*)
4931 tmp
->ctx
)->only_new_results
||
4932 tmp
->wpa_s
->clear_driver_scan_cache
))
4939 if (radio_work_is_connect(active_work
)) {
4941 * If the active work is either connect or sme-connect,
4942 * do not parallelize them with other radio works.
4944 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4945 "Do not parallelize radio work with %s",
4950 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4955 * If connect or sme-connect are enqueued, parallelize only
4956 * those operations ahead of them in the queue.
4958 if (radio_work_is_connect(tmp
))
4961 /* Serialize parallel scan and p2p_scan operations on the same
4962 * interface since the driver_nl80211 mechanism for tracking
4963 * scan cookies does not yet have support for this. */
4964 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4965 radio_work_is_scan(active_work
) &&
4966 radio_work_is_scan(tmp
)) {
4967 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4968 "Do not start work '%s' when another work '%s' is already scheduled",
4969 tmp
->type
, active_work
->type
);
4973 * Check that the radio works are distinct and
4974 * on different bands.
4976 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4977 (active_work
->bands
!= tmp
->bands
)) {
4979 * If a scan has to be scheduled through nl80211 scan
4980 * interface and if an external scan is already running,
4981 * do not schedule the scan since it is likely to get
4982 * rejected by kernel.
4984 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4985 radio
->external_scan_running
&&
4986 (((struct wpa_driver_scan_params
*)
4987 tmp
->ctx
)->only_new_results
||
4988 tmp
->wpa_s
->clear_driver_scan_cache
))
4991 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4992 "active_work:%s new_work:%s",
4993 active_work
->type
, tmp
->type
);
4998 /* Did not find a radio work to schedule in parallel. */
5003 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5005 struct wpa_radio
*radio
= eloop_ctx
;
5006 struct wpa_radio_work
*work
;
5007 struct os_reltime now
, diff
;
5008 struct wpa_supplicant
*wpa_s
;
5010 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5012 radio
->num_active_works
= 0;
5016 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5020 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5022 return; /* already started and still in progress */
5024 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5025 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5030 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5031 /* get the work to schedule next */
5032 work
= radio_work_get_next_work(radio
);
5038 wpa_s
= work
->wpa_s
;
5039 os_get_reltime(&now
);
5040 os_reltime_sub(&now
, &work
->time
, &diff
);
5041 wpa_dbg(wpa_s
, MSG_DEBUG
,
5042 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5043 work
->type
, work
, diff
.sec
, diff
.usec
);
5046 radio
->num_active_works
++;
5050 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5051 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5052 radio_work_check_next(wpa_s
);
5057 * This function removes both started and pending radio works running on
5058 * the provided interface's radio.
5059 * Prior to the removal of the radio work, its callback (cb) is called with
5060 * deinit set to be 1. Each work's callback is responsible for clearing its
5061 * internal data and restoring to a correct state.
5062 * @wpa_s: wpa_supplicant data
5063 * @type: type of works to be removed
5064 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5065 * this interface's works.
5067 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5068 const char *type
, int remove_all
)
5070 struct wpa_radio_work
*work
, *tmp
;
5071 struct wpa_radio
*radio
= wpa_s
->radio
;
5073 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5075 if (type
&& os_strcmp(type
, work
->type
) != 0)
5078 /* skip other ifaces' works */
5079 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5082 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5083 work
->type
, work
, work
->started
? " (started)" : "");
5085 radio_work_free(work
);
5088 /* in case we removed the started work */
5089 radio_work_check_next(wpa_s
);
5093 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5095 struct wpa_radio_work
*work
;
5096 struct wpa_radio
*radio
= wpa_s
->radio
;
5098 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5099 if (work
->ctx
!= ctx
)
5101 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5102 work
->type
, work
, work
->started
? " (started)" : "");
5103 radio_work_free(work
);
5109 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5111 struct wpa_radio
*radio
= wpa_s
->radio
;
5116 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5117 wpa_s
->ifname
, radio
->name
);
5118 dl_list_del(&wpa_s
->radio_list
);
5119 radio_remove_works(wpa_s
, NULL
, 0);
5120 wpa_s
->radio
= NULL
;
5121 if (!dl_list_empty(&radio
->ifaces
))
5122 return; /* Interfaces remain for this radio */
5124 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5125 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5130 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5132 struct wpa_radio
*radio
= wpa_s
->radio
;
5134 if (dl_list_empty(&radio
->work
))
5136 if (wpa_s
->ext_work_in_progress
) {
5137 wpa_printf(MSG_DEBUG
,
5138 "External radio work in progress - delay start of pending item");
5141 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5142 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5147 * radio_add_work - Add a radio work item
5148 * @wpa_s: Pointer to wpa_supplicant data
5149 * @freq: Frequency of the offchannel operation in MHz or 0
5150 * @type: Unique identifier for each type of work
5151 * @next: Force as the next work to be executed
5152 * @cb: Callback function for indicating when radio is available
5153 * @ctx: Context pointer for the work (work->ctx in cb())
5154 * Returns: 0 on success, -1 on failure
5156 * This function is used to request time for an operation that requires
5157 * exclusive radio control. Once the radio is available, the registered callback
5158 * function will be called. radio_work_done() must be called once the exclusive
5159 * radio operation has been completed, so that the radio is freed for other
5160 * operations. The special case of deinit=1 is used to free the context data
5161 * during interface removal. That does not allow the callback function to start
5162 * the radio operation, i.e., it must free any resources allocated for the radio
5165 * The @freq parameter can be used to indicate a single channel on which the
5166 * offchannel operation will occur. This may allow multiple radio work
5167 * operations to be performed in parallel if they apply for the same channel.
5168 * Setting this to 0 indicates that the work item may use multiple channels or
5169 * requires exclusive control of the radio.
5171 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5172 const char *type
, int next
,
5173 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5176 struct wpa_radio
*radio
= wpa_s
->radio
;
5177 struct wpa_radio_work
*work
;
5180 work
= os_zalloc(sizeof(*work
));
5183 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5184 os_get_reltime(&work
->time
);
5187 work
->wpa_s
= wpa_s
;
5192 work
->bands
= wpas_freq_to_band(freq
);
5193 else if (os_strcmp(type
, "scan") == 0 ||
5194 os_strcmp(type
, "p2p-scan") == 0)
5195 work
->bands
= wpas_get_bands(wpa_s
,
5196 ((struct wpa_driver_scan_params
*)
5199 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5201 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5203 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5205 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5207 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5208 radio_work_check_next(wpa_s
);
5209 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5210 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5211 wpa_dbg(wpa_s
, MSG_DEBUG
,
5212 "Try to schedule a radio work (num_active_works=%u)",
5213 radio
->num_active_works
);
5214 radio_work_check_next(wpa_s
);
5222 * radio_work_done - Indicate that a radio work item has been completed
5223 * @work: Completed work
5225 * This function is called once the callback function registered with
5226 * radio_add_work() has completed its work.
5228 void radio_work_done(struct wpa_radio_work
*work
)
5230 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5231 struct os_reltime now
, diff
;
5232 unsigned int started
= work
->started
;
5234 os_get_reltime(&now
);
5235 os_reltime_sub(&now
, &work
->time
, &diff
);
5236 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5237 work
->type
, work
, started
? "done" : "canceled",
5238 diff
.sec
, diff
.usec
);
5239 radio_work_free(work
);
5241 radio_work_check_next(wpa_s
);
5245 struct wpa_radio_work
*
5246 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5248 struct wpa_radio_work
*work
;
5249 struct wpa_radio
*radio
= wpa_s
->radio
;
5251 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5252 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5260 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5261 const struct wpa_interface
*iface
)
5263 const char *ifname
, *driver
, *rn
;
5265 driver
= iface
->driver
;
5267 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5270 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5271 if (wpa_s
->drv_priv
== NULL
) {
5273 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5275 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5276 "driver interface - try next driver wrapper");
5280 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5284 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5285 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5286 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5290 ifname
= wpa_drv_get_ifname(wpa_s
);
5291 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5292 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5293 "interface name with '%s'", ifname
);
5294 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5297 rn
= wpa_driver_get_radio_name(wpa_s
);
5298 if (rn
&& rn
[0] == '\0')
5301 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5302 if (wpa_s
->radio
== NULL
)
5309 #ifdef CONFIG_GAS_SERVER
5311 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5312 unsigned int freq
, const u8
*dst
,
5313 const u8
*src
, const u8
*bssid
,
5314 const u8
*data
, size_t data_len
,
5315 enum offchannel_send_action_result result
)
5317 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5320 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5321 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5323 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5324 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5328 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5329 struct wpabuf
*buf
, unsigned int wait_time
)
5331 struct wpa_supplicant
*wpa_s
= ctx
;
5332 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5334 if (wait_time
> wpa_s
->max_remain_on_chan
)
5335 wait_time
= wpa_s
->max_remain_on_chan
;
5337 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5338 wpabuf_head(buf
), wpabuf_len(buf
),
5339 wait_time
, wpas_gas_server_tx_status
, 0);
5342 #endif /* CONFIG_GAS_SERVER */
5344 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5345 const struct wpa_interface
*iface
)
5347 struct wpa_driver_capa capa
;
5351 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5352 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5353 iface
->confname
? iface
->confname
: "N/A",
5354 iface
->driver
? iface
->driver
: "default",
5355 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5356 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5358 if (iface
->confname
) {
5359 #ifdef CONFIG_BACKEND_FILE
5360 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5361 if (wpa_s
->confname
== NULL
) {
5362 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5363 "for configuration file '%s'.",
5367 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5368 iface
->confname
, wpa_s
->confname
);
5369 #else /* CONFIG_BACKEND_FILE */
5370 wpa_s
->confname
= os_strdup(iface
->confname
);
5371 #endif /* CONFIG_BACKEND_FILE */
5372 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5373 if (wpa_s
->conf
== NULL
) {
5374 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5375 "configuration '%s'.", wpa_s
->confname
);
5378 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5379 if (wpa_s
->confanother
&&
5380 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5381 wpa_printf(MSG_ERROR
,
5382 "Failed to read or parse configuration '%s'.",
5383 wpa_s
->confanother
);
5388 * Override ctrl_interface and driver_param if set on command
5391 if (iface
->ctrl_interface
) {
5392 os_free(wpa_s
->conf
->ctrl_interface
);
5393 wpa_s
->conf
->ctrl_interface
=
5394 os_strdup(iface
->ctrl_interface
);
5397 if (iface
->driver_param
) {
5398 os_free(wpa_s
->conf
->driver_param
);
5399 wpa_s
->conf
->driver_param
=
5400 os_strdup(iface
->driver_param
);
5403 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5404 os_free(wpa_s
->conf
->ctrl_interface
);
5405 wpa_s
->conf
->ctrl_interface
= NULL
;
5408 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5409 iface
->driver_param
);
5411 if (wpa_s
->conf
== NULL
) {
5412 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5416 if (iface
->ifname
== NULL
) {
5417 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5420 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5421 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5425 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5427 if (iface
->bridge_ifname
) {
5428 if (os_strlen(iface
->bridge_ifname
) >=
5429 sizeof(wpa_s
->bridge_ifname
)) {
5430 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5431 "name '%s'.", iface
->bridge_ifname
);
5434 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5435 sizeof(wpa_s
->bridge_ifname
));
5438 /* RSNA Supplicant Key Management - INITIALIZE */
5439 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5440 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5442 /* Initialize driver interface and register driver event handler before
5443 * L2 receive handler so that association events are processed before
5444 * EAPOL-Key packets if both become available for the same select()
5446 if (wpas_init_driver(wpa_s
, iface
) < 0)
5449 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5452 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5453 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5455 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5457 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5458 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5459 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5460 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5461 "dot11RSNAConfigPMKLifetime");
5465 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5466 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5467 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5468 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5469 "dot11RSNAConfigPMKReauthThreshold");
5473 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5474 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5475 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5476 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5477 "dot11RSNAConfigSATimeout");
5481 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5482 &wpa_s
->hw
.num_modes
,
5485 if (wpa_s
->hw
.modes
) {
5488 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5489 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5490 wpa_s
->hw_capab
= CAPAB_VHT
;
5494 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5495 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5496 wpa_s
->hw_capab
= CAPAB_HT40
;
5497 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5498 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5499 wpa_s
->hw_capab
= CAPAB_HT
;
5503 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5504 if (capa_res
== 0) {
5505 wpa_s
->drv_capa_known
= 1;
5506 wpa_s
->drv_flags
= capa
.flags
;
5507 wpa_s
->drv_enc
= capa
.enc
;
5508 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5509 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5510 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5511 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5512 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5513 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5514 wpa_s
->max_sched_scan_plan_interval
=
5515 capa
.max_sched_scan_plan_interval
;
5516 wpa_s
->max_sched_scan_plan_iterations
=
5517 capa
.max_sched_scan_plan_iterations
;
5518 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5519 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5520 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5521 wpa_s
->max_stations
= capa
.max_stations
;
5522 wpa_s
->extended_capa
= capa
.extended_capa
;
5523 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5524 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5525 wpa_s
->num_multichan_concurrent
=
5526 capa
.num_multichan_concurrent
;
5527 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5529 if (capa
.mac_addr_rand_scan_supported
)
5530 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5531 if (wpa_s
->sched_scan_supported
&&
5532 capa
.mac_addr_rand_sched_scan_supported
)
5533 wpa_s
->mac_addr_rand_supported
|=
5534 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5536 if (wpa_s
->max_remain_on_chan
== 0)
5537 wpa_s
->max_remain_on_chan
= 1000;
5540 * Only take p2p_mgmt parameters when P2P Device is supported.
5541 * Doing it here as it determines whether l2_packet_init() will be done
5542 * during wpa_supplicant_driver_init().
5544 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5545 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5547 if (wpa_s
->num_multichan_concurrent
== 0)
5548 wpa_s
->num_multichan_concurrent
= 1;
5550 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5554 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5556 #endif /* CONFIG_TDLS */
5558 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5559 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5560 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5565 if (wpa_s
->conf
->fst_group_id
) {
5566 struct fst_iface_cfg cfg
;
5567 struct fst_wpa_obj iface_obj
;
5569 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5570 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5571 sizeof(cfg
.group_id
));
5572 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5573 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5575 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5578 wpa_msg(wpa_s
, MSG_ERROR
,
5579 "FST: Cannot attach iface %s to group %s",
5580 wpa_s
->ifname
, cfg
.group_id
);
5584 #endif /* CONFIG_FST */
5586 if (wpas_wps_init(wpa_s
))
5589 #ifdef CONFIG_GAS_SERVER
5590 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5591 if (!wpa_s
->gas_server
) {
5592 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5595 #endif /* CONFIG_GAS_SERVER */
5598 if (wpas_dpp_init(wpa_s
) < 0)
5600 #endif /* CONFIG_DPP */
5602 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5604 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5606 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5607 if (wpa_s
->ctrl_iface
== NULL
) {
5608 wpa_printf(MSG_ERROR
,
5609 "Failed to initialize control interface '%s'.\n"
5610 "You may have another wpa_supplicant process "
5611 "already running or the file was\n"
5612 "left by an unclean termination of wpa_supplicant "
5613 "in which case you will need\n"
5614 "to manually remove this file before starting "
5615 "wpa_supplicant again.\n",
5616 wpa_s
->conf
->ctrl_interface
);
5620 wpa_s
->gas
= gas_query_init(wpa_s
);
5621 if (wpa_s
->gas
== NULL
) {
5622 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5626 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5628 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5629 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5633 if (wpa_bss_init(wpa_s
) < 0)
5636 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5638 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5639 #endif /* CONFIG_MESH */
5640 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5643 * Set Wake-on-WLAN triggers, if configured.
5644 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5645 * have effect anyway when the interface is down).
5647 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5650 #ifdef CONFIG_EAP_PROXY
5653 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5655 if (wpa_s
->mnc_len
> 0) {
5656 wpa_s
->imsi
[len
] = '\0';
5657 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5658 wpa_s
->imsi
, wpa_s
->mnc_len
);
5660 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5663 #endif /* CONFIG_EAP_PROXY */
5665 if (pcsc_reader_init(wpa_s
) < 0)
5668 if (wpas_init_ext_pw(wpa_s
) < 0)
5671 wpas_rrm_reset(wpa_s
);
5673 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5677 #endif /* CONFIG_HS20 */
5679 if (wpa_s
->conf
->oce
) {
5680 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5681 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5682 wpa_s
->enable_oce
= OCE_STA
;
5683 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5684 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5685 /* TODO: Need to add STA-CFON support */
5686 wpa_printf(MSG_ERROR
,
5687 "OCE STA-CFON feature is not yet supported");
5690 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5691 #endif /* CONFIG_MBO */
5693 wpa_supplicant_set_default_scan_ies(wpa_s
);
5699 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5700 int notify
, int terminate
)
5702 struct wpa_global
*global
= wpa_s
->global
;
5703 struct wpa_supplicant
*iface
, *prev
;
5705 if (wpa_s
== wpa_s
->parent
)
5706 wpas_p2p_group_remove(wpa_s
, "*");
5708 iface
= global
->ifaces
;
5710 if (iface
->p2pdev
== wpa_s
)
5711 iface
->p2pdev
= iface
->parent
;
5712 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5713 iface
= iface
->next
;
5716 wpa_printf(MSG_DEBUG
,
5717 "Remove remaining child interface %s from parent %s",
5718 iface
->ifname
, wpa_s
->ifname
);
5720 iface
= iface
->next
;
5721 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5724 wpa_s
->disconnected
= 1;
5725 if (wpa_s
->drv_priv
) {
5726 wpa_supplicant_deauthenticate(wpa_s
,
5727 WLAN_REASON_DEAUTH_LEAVING
);
5729 wpa_drv_set_countermeasures(wpa_s
, 0);
5730 wpa_clear_keys(wpa_s
, NULL
);
5733 wpa_supplicant_cleanup(wpa_s
);
5734 wpas_p2p_deinit_iface(wpa_s
);
5736 wpas_ctrl_radio_work_flush(wpa_s
);
5737 radio_remove_interface(wpa_s
);
5741 fst_detach(wpa_s
->fst
);
5744 if (wpa_s
->received_mb_ies
) {
5745 wpabuf_free(wpa_s
->received_mb_ies
);
5746 wpa_s
->received_mb_ies
= NULL
;
5748 #endif /* CONFIG_FST */
5750 if (wpa_s
->drv_priv
)
5751 wpa_drv_deinit(wpa_s
);
5754 wpas_notify_iface_removed(wpa_s
);
5757 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5759 if (wpa_s
->ctrl_iface
) {
5760 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5761 wpa_s
->ctrl_iface
= NULL
;
5766 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5767 wpa_s
->ifmsh
= NULL
;
5769 #endif /* CONFIG_MESH */
5771 if (wpa_s
->conf
!= NULL
) {
5772 wpa_config_free(wpa_s
->conf
);
5776 os_free(wpa_s
->ssids_from_scan_req
);
5782 #ifdef CONFIG_MATCH_IFACE
5785 * wpa_supplicant_match_iface - Match an interface description to a name
5786 * @global: Pointer to global data from wpa_supplicant_init()
5787 * @ifname: Name of the interface to match
5788 * Returns: Pointer to the created interface description or %NULL on failure
5790 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5794 struct wpa_interface
*iface
, *miface
;
5796 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5797 miface
= &global
->params
.match_ifaces
[i
];
5798 if (!miface
->ifname
||
5799 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5800 iface
= os_zalloc(sizeof(*iface
));
5804 iface
->ifname
= ifname
;
5814 * wpa_supplicant_match_existing - Match existing interfaces
5815 * @global: Pointer to global data from wpa_supplicant_init()
5816 * Returns: 0 on success, -1 on failure
5818 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5820 struct if_nameindex
*ifi
, *ifp
;
5821 struct wpa_supplicant
*wpa_s
;
5822 struct wpa_interface
*iface
;
5824 ifp
= if_nameindex();
5826 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5830 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5831 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5834 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5836 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5843 if_freenameindex(ifp
);
5847 #endif /* CONFIG_MATCH_IFACE */
5851 * wpa_supplicant_add_iface - Add a new network interface
5852 * @global: Pointer to global data from wpa_supplicant_init()
5853 * @iface: Interface configuration options
5854 * @parent: Parent interface or %NULL to assign new interface as parent
5855 * Returns: Pointer to the created interface or %NULL on failure
5857 * This function is used to add new network interfaces for %wpa_supplicant.
5858 * This can be called before wpa_supplicant_run() to add interfaces before the
5859 * main event loop has been started. In addition, new interfaces can be added
5860 * dynamically while %wpa_supplicant is already running. This could happen,
5861 * e.g., when a hotplug network adapter is inserted.
5863 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5864 struct wpa_interface
*iface
,
5865 struct wpa_supplicant
*parent
)
5867 struct wpa_supplicant
*wpa_s
;
5868 struct wpa_interface t_iface
;
5869 struct wpa_ssid
*ssid
;
5871 if (global
== NULL
|| iface
== NULL
)
5874 wpa_s
= wpa_supplicant_alloc(parent
);
5878 wpa_s
->global
= global
;
5881 if (global
->params
.override_driver
) {
5882 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5884 iface
->driver
, global
->params
.override_driver
);
5885 t_iface
.driver
= global
->params
.override_driver
;
5887 if (global
->params
.override_ctrl_interface
) {
5888 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5889 "ctrl_interface ('%s' -> '%s')",
5890 iface
->ctrl_interface
,
5891 global
->params
.override_ctrl_interface
);
5892 t_iface
.ctrl_interface
=
5893 global
->params
.override_ctrl_interface
;
5895 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5896 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5898 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5902 if (iface
->p2p_mgmt
== 0) {
5903 /* Notify the control interfaces about new iface */
5904 if (wpas_notify_iface_added(wpa_s
)) {
5905 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5909 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5910 wpas_notify_network_added(wpa_s
, ssid
);
5913 wpa_s
->next
= global
->ifaces
;
5914 global
->ifaces
= wpa_s
;
5916 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5917 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5920 if (wpa_s
->global
->p2p
== NULL
&&
5921 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5922 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5923 wpas_p2p_add_p2pdev_interface(
5924 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5925 wpa_printf(MSG_INFO
,
5926 "P2P: Failed to enable P2P Device interface");
5927 /* Try to continue without. P2P will be disabled. */
5929 #endif /* CONFIG_P2P */
5936 * wpa_supplicant_remove_iface - Remove a network interface
5937 * @global: Pointer to global data from wpa_supplicant_init()
5938 * @wpa_s: Pointer to the network interface to be removed
5939 * Returns: 0 if interface was removed, -1 if interface was not found
5941 * This function can be used to dynamically remove network interfaces from
5942 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5943 * addition, this function is used to remove all remaining interfaces when
5944 * %wpa_supplicant is terminated.
5946 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5947 struct wpa_supplicant
*wpa_s
,
5950 struct wpa_supplicant
*prev
;
5952 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5953 char *ifname
= NULL
;
5954 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5955 #endif /* CONFIG_MESH */
5957 /* Remove interface from the global list of interfaces */
5958 prev
= global
->ifaces
;
5959 if (prev
== wpa_s
) {
5960 global
->ifaces
= wpa_s
->next
;
5962 while (prev
&& prev
->next
!= wpa_s
)
5966 prev
->next
= wpa_s
->next
;
5969 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5972 if (mesh_if_created
) {
5973 ifname
= os_strdup(wpa_s
->ifname
);
5974 if (ifname
== NULL
) {
5975 wpa_dbg(wpa_s
, MSG_ERROR
,
5976 "mesh: Failed to malloc ifname");
5980 #endif /* CONFIG_MESH */
5982 if (global
->p2p_group_formation
== wpa_s
)
5983 global
->p2p_group_formation
= NULL
;
5984 if (global
->p2p_invite_group
== wpa_s
)
5985 global
->p2p_invite_group
= NULL
;
5986 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5989 if (mesh_if_created
) {
5990 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5993 #endif /* CONFIG_MESH */
6000 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6001 * @wpa_s: Pointer to the network interface
6002 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6004 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6006 const char *eapol_method
;
6008 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6009 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6013 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6014 if (eapol_method
== NULL
)
6015 return "UNKNOWN-EAP";
6017 return eapol_method
;
6022 * wpa_supplicant_get_iface - Get a new network interface
6023 * @global: Pointer to global data from wpa_supplicant_init()
6024 * @ifname: Interface name
6025 * Returns: Pointer to the interface or %NULL if not found
6027 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6030 struct wpa_supplicant
*wpa_s
;
6032 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6033 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6040 #ifndef CONFIG_NO_WPA_MSG
6041 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6043 struct wpa_supplicant
*wpa_s
= ctx
;
6046 return wpa_s
->ifname
;
6048 #endif /* CONFIG_NO_WPA_MSG */
6051 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6052 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6053 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6055 /* Periodic cleanup tasks */
6056 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6058 struct wpa_global
*global
= eloop_ctx
;
6059 struct wpa_supplicant
*wpa_s
;
6061 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6062 wpas_periodic
, global
, NULL
);
6066 p2p_expire_peers(global
->p2p
);
6067 #endif /* CONFIG_P2P */
6069 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6070 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6073 #endif /* CONFIG_AP */
6079 * wpa_supplicant_init - Initialize %wpa_supplicant
6080 * @params: Parameters for %wpa_supplicant
6081 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6083 * This function is used to initialize %wpa_supplicant. After successful
6084 * initialization, the returned data pointer can be used to add and remove
6085 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6087 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6089 struct wpa_global
*global
;
6095 #ifdef CONFIG_DRIVER_NDIS
6097 void driver_ndis_init_ops(void);
6098 driver_ndis_init_ops();
6100 #endif /* CONFIG_DRIVER_NDIS */
6102 #ifndef CONFIG_NO_WPA_MSG
6103 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6104 #endif /* CONFIG_NO_WPA_MSG */
6106 if (params
->wpa_debug_file_path
)
6107 wpa_debug_open_file(params
->wpa_debug_file_path
);
6109 wpa_debug_setup_stdout();
6110 if (params
->wpa_debug_syslog
)
6111 wpa_debug_open_syslog();
6112 if (params
->wpa_debug_tracing
) {
6113 ret
= wpa_debug_open_linux_tracing();
6115 wpa_printf(MSG_ERROR
,
6116 "Failed to enable trace logging");
6121 ret
= eap_register_methods();
6123 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6125 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6126 "the same EAP type.");
6130 global
= os_zalloc(sizeof(*global
));
6133 dl_list_init(&global
->p2p_srv_bonjour
);
6134 dl_list_init(&global
->p2p_srv_upnp
);
6135 global
->params
.daemonize
= params
->daemonize
;
6136 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6137 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6138 if (params
->pid_file
)
6139 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6140 if (params
->ctrl_interface
)
6141 global
->params
.ctrl_interface
=
6142 os_strdup(params
->ctrl_interface
);
6143 if (params
->ctrl_interface_group
)
6144 global
->params
.ctrl_interface_group
=
6145 os_strdup(params
->ctrl_interface_group
);
6146 if (params
->override_driver
)
6147 global
->params
.override_driver
=
6148 os_strdup(params
->override_driver
);
6149 if (params
->override_ctrl_interface
)
6150 global
->params
.override_ctrl_interface
=
6151 os_strdup(params
->override_ctrl_interface
);
6152 #ifdef CONFIG_MATCH_IFACE
6153 global
->params
.match_iface_count
= params
->match_iface_count
;
6154 if (params
->match_iface_count
) {
6155 global
->params
.match_ifaces
=
6156 os_calloc(params
->match_iface_count
,
6157 sizeof(struct wpa_interface
));
6158 os_memcpy(global
->params
.match_ifaces
,
6159 params
->match_ifaces
,
6160 params
->match_iface_count
*
6161 sizeof(struct wpa_interface
));
6163 #endif /* CONFIG_MATCH_IFACE */
6165 if (params
->conf_p2p_dev
)
6166 global
->params
.conf_p2p_dev
=
6167 os_strdup(params
->conf_p2p_dev
);
6168 #endif /* CONFIG_P2P */
6169 wpa_debug_level
= global
->params
.wpa_debug_level
=
6170 params
->wpa_debug_level
;
6171 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6172 params
->wpa_debug_show_keys
;
6173 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6174 params
->wpa_debug_timestamp
;
6176 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6179 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6180 wpa_supplicant_deinit(global
);
6184 random_init(params
->entropy_file
);
6186 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6187 if (global
->ctrl_iface
== NULL
) {
6188 wpa_supplicant_deinit(global
);
6192 if (wpas_notify_supplicant_initialized(global
)) {
6193 wpa_supplicant_deinit(global
);
6197 for (i
= 0; wpa_drivers
[i
]; i
++)
6198 global
->drv_count
++;
6199 if (global
->drv_count
== 0) {
6200 wpa_printf(MSG_ERROR
, "No drivers enabled");
6201 wpa_supplicant_deinit(global
);
6204 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6205 if (global
->drv_priv
== NULL
) {
6206 wpa_supplicant_deinit(global
);
6210 #ifdef CONFIG_WIFI_DISPLAY
6211 if (wifi_display_init(global
) < 0) {
6212 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6213 wpa_supplicant_deinit(global
);
6216 #endif /* CONFIG_WIFI_DISPLAY */
6218 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6219 wpas_periodic
, global
, NULL
);
6226 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6227 * @global: Pointer to global data from wpa_supplicant_init()
6228 * Returns: 0 after successful event loop run, -1 on failure
6230 * This function starts the main event loop and continues running as long as
6231 * there are any remaining events. In most cases, this function is running as
6232 * long as the %wpa_supplicant process in still in use.
6234 int wpa_supplicant_run(struct wpa_global
*global
)
6236 struct wpa_supplicant
*wpa_s
;
6238 if (global
->params
.daemonize
&&
6239 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6240 eloop_sock_requeue()))
6243 #ifdef CONFIG_MATCH_IFACE
6244 if (wpa_supplicant_match_existing(global
))
6248 if (global
->params
.wait_for_monitor
) {
6249 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6250 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6251 wpa_supplicant_ctrl_iface_wait(
6255 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6256 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6265 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6266 * @global: Pointer to global data from wpa_supplicant_init()
6268 * This function is called to deinitialize %wpa_supplicant and to free all
6269 * allocated resources. Remaining network interfaces will also be removed.
6271 void wpa_supplicant_deinit(struct wpa_global
*global
)
6278 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6280 #ifdef CONFIG_WIFI_DISPLAY
6281 wifi_display_deinit(global
);
6282 #endif /* CONFIG_WIFI_DISPLAY */
6284 while (global
->ifaces
)
6285 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6287 if (global
->ctrl_iface
)
6288 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6290 wpas_notify_supplicant_deinitialized(global
);
6292 eap_peer_unregister_methods();
6294 eap_server_unregister_methods();
6295 #endif /* CONFIG_AP */
6297 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6298 if (!global
->drv_priv
[i
])
6300 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6302 os_free(global
->drv_priv
);
6308 if (global
->params
.pid_file
) {
6309 os_daemonize_terminate(global
->params
.pid_file
);
6310 os_free(global
->params
.pid_file
);
6312 os_free(global
->params
.ctrl_interface
);
6313 os_free(global
->params
.ctrl_interface_group
);
6314 os_free(global
->params
.override_driver
);
6315 os_free(global
->params
.override_ctrl_interface
);
6316 #ifdef CONFIG_MATCH_IFACE
6317 os_free(global
->params
.match_ifaces
);
6318 #endif /* CONFIG_MATCH_IFACE */
6320 os_free(global
->params
.conf_p2p_dev
);
6321 #endif /* CONFIG_P2P */
6323 os_free(global
->p2p_disallow_freq
.range
);
6324 os_free(global
->p2p_go_avoid_freq
.range
);
6325 os_free(global
->add_psk
);
6328 wpa_debug_close_syslog();
6329 wpa_debug_close_file();
6330 wpa_debug_close_linux_tracing();
6334 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6336 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6337 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6339 country
[0] = wpa_s
->conf
->country
[0];
6340 country
[1] = wpa_s
->conf
->country
[1];
6342 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6343 wpa_printf(MSG_ERROR
, "Failed to set country code "
6348 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6349 wpas_init_ext_pw(wpa_s
);
6351 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6352 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6354 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6355 struct wpa_driver_capa capa
;
6356 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6358 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6359 wpa_printf(MSG_ERROR
,
6360 "Failed to update wowlan_triggers to '%s'",
6361 wpa_s
->conf
->wowlan_triggers
);
6365 wpas_wps_update_config(wpa_s
);
6366 #endif /* CONFIG_WPS */
6367 wpas_p2p_update_config(wpa_s
);
6368 wpa_s
->conf
->changed_parameters
= 0;
6372 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6376 for (i
= 0; i
< *num_freqs
; i
++) {
6377 if (freqs
[i
] == freq
)
6381 freqs
[*num_freqs
] = freq
;
6386 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6388 struct wpa_bss
*bss
, *cbss
;
6389 const int max_freqs
= 10;
6393 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6397 cbss
= wpa_s
->current_bss
;
6399 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6402 if (bss
->ssid_len
== cbss
->ssid_len
&&
6403 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6404 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6405 add_freq(freqs
, &num_freqs
, bss
->freq
);
6406 if (num_freqs
== max_freqs
)
6411 if (num_freqs
== 0) {
6420 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6426 wpas_connect_work_done(wpa_s
);
6429 * Remove possible authentication timeout since the connection failed.
6431 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6434 * There is no point in blacklisting the AP if this event is
6435 * generated based on local request to disconnect.
6437 if (wpa_s
->own_disconnect_req
) {
6438 wpa_s
->own_disconnect_req
= 0;
6439 wpa_dbg(wpa_s
, MSG_DEBUG
,
6440 "Ignore connection failure due to local request to disconnect");
6443 if (wpa_s
->disconnected
) {
6444 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6445 "indication since interface has been put into "
6446 "disconnected state");
6451 * Add the failed BSSID into the blacklist and speed up next scan
6452 * attempt if there could be other APs that could accept association.
6453 * The current blacklist count indicates how many times we have tried
6454 * connecting to this AP and multiple attempts mean that other APs are
6455 * either not available or has already been tried, so that we can start
6456 * increasing the delay here to avoid constant scanning.
6458 count
= wpa_blacklist_add(wpa_s
, bssid
);
6459 if (count
== 1 && wpa_s
->current_bss
) {
6461 * This BSS was not in the blacklist before. If there is
6462 * another BSS available for the same ESS, we should try that
6463 * next. Otherwise, we may as well try this one once more
6464 * before allowing other, likely worse, ESSes to be considered.
6466 freqs
= get_bss_freqs_in_ess(wpa_s
);
6468 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6469 "has been seen; try it next");
6470 wpa_blacklist_add(wpa_s
, bssid
);
6472 * On the next scan, go through only the known channels
6473 * used in this ESS based on previous scans to speed up
6474 * common load balancing use case.
6476 os_free(wpa_s
->next_scan_freqs
);
6477 wpa_s
->next_scan_freqs
= freqs
;
6482 * Add previous failure count in case the temporary blacklist was
6483 * cleared due to no other BSSes being available.
6485 count
+= wpa_s
->extra_blacklist_count
;
6487 if (count
> 3 && wpa_s
->current_ssid
) {
6488 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6489 "consider temporary network disabling");
6490 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6511 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6512 "ms", count
, timeout
);
6515 * TODO: if more than one possible AP is available in scan results,
6516 * could try the other ones before requesting a new scan.
6518 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6519 1000 * (timeout
% 1000));
6524 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6526 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6527 const u8
*realm
, *username
, *rrk
;
6528 size_t realm_len
, username_len
, rrk_len
;
6531 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6532 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6533 &username
, &username_len
,
6534 &realm
, &realm_len
, &next_seq_num
,
6535 &rrk
, &rrk_len
) != 0 ||
6539 wpa_hexdump_ascii(MSG_DEBUG
,
6540 "FILS: Store last connection failure realm",
6542 os_free(wpa_s
->last_con_fail_realm
);
6543 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6544 if (wpa_s
->last_con_fail_realm
) {
6545 wpa_s
->last_con_fail_realm_len
= realm_len
;
6546 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6549 #endif /* CONFIG_FILS */
6552 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6554 return wpa_s
->conf
->ap_scan
== 2 ||
6555 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6559 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6560 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6561 struct wpa_ssid
*ssid
,
6565 #ifdef IEEE8021X_EAPOL
6566 struct eap_peer_config
*eap
= &ssid
->eap
;
6568 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6569 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6570 (const u8
*) value
, os_strlen(value
));
6572 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6573 case WPA_CTRL_REQ_EAP_IDENTITY
:
6574 os_free(eap
->identity
);
6575 eap
->identity
= (u8
*) os_strdup(value
);
6576 eap
->identity_len
= os_strlen(value
);
6577 eap
->pending_req_identity
= 0;
6578 if (ssid
== wpa_s
->current_ssid
)
6579 wpa_s
->reassociate
= 1;
6581 case WPA_CTRL_REQ_EAP_PASSWORD
:
6582 bin_clear_free(eap
->password
, eap
->password_len
);
6583 eap
->password
= (u8
*) os_strdup(value
);
6584 eap
->password_len
= os_strlen(value
);
6585 eap
->pending_req_password
= 0;
6586 if (ssid
== wpa_s
->current_ssid
)
6587 wpa_s
->reassociate
= 1;
6589 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6590 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6591 eap
->new_password
= (u8
*) os_strdup(value
);
6592 eap
->new_password_len
= os_strlen(value
);
6593 eap
->pending_req_new_password
= 0;
6594 if (ssid
== wpa_s
->current_ssid
)
6595 wpa_s
->reassociate
= 1;
6597 case WPA_CTRL_REQ_EAP_PIN
:
6598 str_clear_free(eap
->pin
);
6599 eap
->pin
= os_strdup(value
);
6600 eap
->pending_req_pin
= 0;
6601 if (ssid
== wpa_s
->current_ssid
)
6602 wpa_s
->reassociate
= 1;
6604 case WPA_CTRL_REQ_EAP_OTP
:
6605 bin_clear_free(eap
->otp
, eap
->otp_len
);
6606 eap
->otp
= (u8
*) os_strdup(value
);
6607 eap
->otp_len
= os_strlen(value
);
6608 os_free(eap
->pending_req_otp
);
6609 eap
->pending_req_otp
= NULL
;
6610 eap
->pending_req_otp_len
= 0;
6612 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6613 str_clear_free(eap
->private_key_passwd
);
6614 eap
->private_key_passwd
= os_strdup(value
);
6615 eap
->pending_req_passphrase
= 0;
6616 if (ssid
== wpa_s
->current_ssid
)
6617 wpa_s
->reassociate
= 1;
6619 case WPA_CTRL_REQ_SIM
:
6620 str_clear_free(eap
->external_sim_resp
);
6621 eap
->external_sim_resp
= os_strdup(value
);
6622 eap
->pending_req_sim
= 0;
6624 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6625 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6627 ssid
->mem_only_psk
= 1;
6628 if (ssid
->passphrase
)
6629 wpa_config_update_psk(ssid
);
6630 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6631 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6633 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6634 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6636 if (os_strcmp(value
, "good") == 0)
6637 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6638 else if (os_strcmp(value
, "bad") == 0)
6639 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6644 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6649 #else /* IEEE8021X_EAPOL */
6650 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6652 #endif /* IEEE8021X_EAPOL */
6654 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6657 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6660 unsigned int drv_enc
;
6662 if (wpa_s
->p2p_mgmt
)
6663 return 1; /* no normal network profiles on p2p_mgmt interface */
6671 if (wpa_s
->drv_capa_known
)
6672 drv_enc
= wpa_s
->drv_enc
;
6674 drv_enc
= (unsigned int) -1;
6676 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6677 size_t len
= ssid
->wep_key_len
[i
];
6680 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6682 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6684 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6686 return 1; /* invalid WEP key */
6689 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6690 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6691 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
6692 !ssid
->mem_only_psk
)
6699 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6701 #ifdef CONFIG_IEEE80211W
6702 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6703 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6704 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6706 * Driver does not support BIP -- ignore pmf=1 default
6707 * since the connection with PMF would fail and the
6708 * configuration does not require PMF to be enabled.
6710 return NO_MGMT_FRAME_PROTECTION
;
6715 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6716 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6718 * Do not use the default PMF value for non-RSN networks
6719 * since PMF is available only with RSN and pmf=2
6720 * configuration would otherwise prevent connections to
6721 * all open networks.
6723 return NO_MGMT_FRAME_PROTECTION
;
6726 return wpa_s
->conf
->pmf
;
6729 return ssid
->ieee80211w
;
6730 #else /* CONFIG_IEEE80211W */
6731 return NO_MGMT_FRAME_PROTECTION
;
6732 #endif /* CONFIG_IEEE80211W */
6736 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6738 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6740 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6746 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6748 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6750 struct os_reltime now
;
6753 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6758 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6761 ssid
->auth_failures
++;
6764 if (ssid
->p2p_group
&&
6765 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6767 * Skip the wait time since there is a short timeout on the
6768 * connection to a P2P group.
6772 #endif /* CONFIG_P2P */
6774 if (ssid
->auth_failures
> 50)
6776 else if (ssid
->auth_failures
> 10)
6778 else if (ssid
->auth_failures
> 5)
6780 else if (ssid
->auth_failures
> 3)
6782 else if (ssid
->auth_failures
> 2)
6784 else if (ssid
->auth_failures
> 1)
6789 if (ssid
->auth_failures
> 1 &&
6790 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6791 dur
+= os_random() % (ssid
->auth_failures
* 10);
6793 os_get_reltime(&now
);
6794 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6797 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6799 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6800 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6801 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6802 ssid
->auth_failures
, dur
, reason
);
6806 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6807 struct wpa_ssid
*ssid
, int clear_failures
)
6812 if (ssid
->disabled_until
.sec
) {
6813 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6814 "id=%d ssid=\"%s\"",
6815 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6817 ssid
->disabled_until
.sec
= 0;
6818 ssid
->disabled_until
.usec
= 0;
6820 ssid
->auth_failures
= 0;
6824 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6828 if (wpa_s
->disallow_aps_bssid
== NULL
)
6831 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6832 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6833 bssid
, ETH_ALEN
) == 0)
6841 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6846 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6849 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6850 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6851 if (ssid_len
== s
->ssid_len
&&
6852 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6861 * wpas_request_connection - Request a new connection
6862 * @wpa_s: Pointer to the network interface
6864 * This function is used to request a new connection to be found. It will mark
6865 * the interface to allow reassociation and request a new scan to find a
6866 * suitable network to connect to.
6868 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6870 wpa_s
->normal_scans
= 0;
6871 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6872 wpa_supplicant_reinit_autoscan(wpa_s
);
6873 wpa_s
->extra_blacklist_count
= 0;
6874 wpa_s
->disconnected
= 0;
6875 wpa_s
->reassociate
= 1;
6876 wpa_s
->last_owe_group
= 0;
6878 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6879 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6881 wpa_s
->reattach
= 0;
6886 * wpas_request_disconnection - Request disconnection
6887 * @wpa_s: Pointer to the network interface
6889 * This function is used to request disconnection from the currently connected
6890 * network. This will stop any ongoing scans and initiate deauthentication.
6892 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6895 wpa_s
->sme
.prev_bssid_set
= 0;
6896 #endif /* CONFIG_SME */
6897 wpa_s
->reassociate
= 0;
6898 wpa_s
->disconnected
= 1;
6899 wpa_supplicant_cancel_sched_scan(wpa_s
);
6900 wpa_supplicant_cancel_scan(wpa_s
);
6901 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6902 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6906 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6907 struct wpa_used_freq_data
*freqs_data
,
6912 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6914 for (i
= 0; i
< len
; i
++) {
6915 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6916 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6917 i
, cur
->freq
, cur
->flags
);
6923 * Find the operating frequencies of any of the virtual interfaces that
6924 * are using the same radio as the current interface, and in addition, get
6925 * information about the interface types that are using the frequency.
6927 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6928 struct wpa_used_freq_data
*freqs_data
,
6931 struct wpa_supplicant
*ifs
;
6934 unsigned int idx
= 0, i
;
6936 wpa_dbg(wpa_s
, MSG_DEBUG
,
6937 "Determining shared radio frequencies (max len %u)", len
);
6938 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6940 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6945 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6948 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6949 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6950 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6951 freq
= ifs
->current_ssid
->frequency
;
6952 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6953 freq
= ifs
->assoc_freq
;
6957 /* Hold only distinct freqs */
6958 for (i
= 0; i
< idx
; i
++)
6959 if (freqs_data
[i
].freq
== freq
)
6963 freqs_data
[idx
++].freq
= freq
;
6965 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6966 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6967 WPA_FREQ_USED_BY_P2P_CLIENT
:
6968 WPA_FREQ_USED_BY_INFRA_STATION
;
6972 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6978 * Find the operating frequencies of any of the virtual interfaces that
6979 * are using the same radio as the current interface.
6981 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6982 int *freq_array
, unsigned int len
)
6984 struct wpa_used_freq_data
*freqs_data
;
6987 os_memset(freq_array
, 0, sizeof(int) * len
);
6989 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6993 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6994 for (i
= 0; i
< num
; i
++)
6995 freq_array
[i
] = freqs_data
[i
].freq
;
6997 os_free(freqs_data
);
7003 struct wpa_supplicant
*
7004 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7008 case VENDOR_ELEM_PROBE_REQ_P2P
:
7009 case VENDOR_ELEM_PROBE_RESP_P2P
:
7010 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7011 case VENDOR_ELEM_BEACON_P2P_GO
:
7012 case VENDOR_ELEM_P2P_PD_REQ
:
7013 case VENDOR_ELEM_P2P_PD_RESP
:
7014 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7015 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7016 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7017 case VENDOR_ELEM_P2P_INV_REQ
:
7018 case VENDOR_ELEM_P2P_INV_RESP
:
7019 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7020 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7021 return wpa_s
->p2pdev
;
7022 #endif /* CONFIG_P2P */
7029 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7034 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7036 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7037 if (wpa_s
->vendor_elem
[i
]) {
7040 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7041 if (!os_snprintf_error(sizeof(buf
), res
)) {
7042 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7043 wpa_s
->vendor_elem
[i
]);
7049 if (wpa_s
->parent
== wpa_s
&&
7050 wpa_s
->global
->p2p
&&
7051 !wpa_s
->global
->p2p_disabled
)
7052 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7053 #endif /* CONFIG_P2P */
7057 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7058 const u8
*elem
, size_t len
)
7062 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7063 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7065 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7068 if (os_memcmp(ie
, elem
, len
) != 0)
7071 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7072 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7073 wpa_s
->vendor_elem
[frame
] = NULL
;
7075 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7076 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7078 wpas_vendor_elem_update(wpa_s
);
7086 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7087 u16 num_modes
, enum hostapd_hw_mode mode
)
7091 for (i
= 0; i
< num_modes
; i
++) {
7092 if (modes
[i
].mode
== mode
)
7101 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7104 struct wpa_bss_tmp_disallowed
*bss
;
7106 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7107 struct wpa_bss_tmp_disallowed
, list
) {
7108 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7116 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7118 struct wpa_bss_tmp_disallowed
*tmp
;
7119 unsigned int num_bssid
= 0;
7123 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7126 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7127 struct wpa_bss_tmp_disallowed
, list
) {
7128 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7132 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7138 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7140 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7141 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7143 /* Make sure the bss is not already freed */
7144 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7145 struct wpa_bss_tmp_disallowed
, list
) {
7147 dl_list_del(&tmp
->list
);
7149 wpa_set_driver_tmp_disallow_list(wpa_s
);
7156 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7159 struct wpa_bss_tmp_disallowed
*bss
;
7161 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7163 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7164 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7169 bss
= os_malloc(sizeof(*bss
));
7171 wpa_printf(MSG_DEBUG
,
7172 "Failed to allocate memory for temp disallow BSS");
7176 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7177 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7178 wpa_set_driver_tmp_disallow_list(wpa_s
);
7179 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7184 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7186 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
7188 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7189 struct wpa_bss_tmp_disallowed
, list
) {
7190 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {