]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
mesh: Add MESH_PMKSA_GET/ADD commands
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "p2p/p2p.h"
42 #include "fst/fst.h"
43 #include "blacklist.h"
44 #include "wpas_glue.h"
45 #include "wps_supplicant.h"
46 #include "ibss_rsn.h"
47 #include "sme.h"
48 #include "gas_query.h"
49 #include "ap.h"
50 #include "p2p_supplicant.h"
51 #include "wifi_display.h"
52 #include "notify.h"
53 #include "bgscan.h"
54 #include "autoscan.h"
55 #include "bss.h"
56 #include "scan.h"
57 #include "offchannel.h"
58 #include "hs20_supplicant.h"
59 #include "wnm_sta.h"
60 #include "wpas_kay.h"
61 #include "mesh.h"
62
63 const char *const wpa_supplicant_version =
64 "wpa_supplicant v" VERSION_STR "\n"
65 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
66
67 const char *const wpa_supplicant_license =
68 "This software may be distributed under the terms of the BSD license.\n"
69 "See README for more details.\n"
70 #ifdef EAP_TLS_OPENSSL
71 "\nThis product includes software developed by the OpenSSL Project\n"
72 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
73 #endif /* EAP_TLS_OPENSSL */
74 ;
75
76 #ifndef CONFIG_NO_STDOUT_DEBUG
77 /* Long text divided into parts in order to fit in C89 strings size limits. */
78 const char *const wpa_supplicant_full_license1 =
79 "";
80 const char *const wpa_supplicant_full_license2 =
81 "This software may be distributed under the terms of the BSD license.\n"
82 "\n"
83 "Redistribution and use in source and binary forms, with or without\n"
84 "modification, are permitted provided that the following conditions are\n"
85 "met:\n"
86 "\n";
87 const char *const wpa_supplicant_full_license3 =
88 "1. Redistributions of source code must retain the above copyright\n"
89 " notice, this list of conditions and the following disclaimer.\n"
90 "\n"
91 "2. Redistributions in binary form must reproduce the above copyright\n"
92 " notice, this list of conditions and the following disclaimer in the\n"
93 " documentation and/or other materials provided with the distribution.\n"
94 "\n";
95 const char *const wpa_supplicant_full_license4 =
96 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
97 " names of its contributors may be used to endorse or promote products\n"
98 " derived from this software without specific prior written permission.\n"
99 "\n"
100 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
101 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
102 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
103 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
104 const char *const wpa_supplicant_full_license5 =
105 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
106 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
107 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
108 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
109 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
110 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
111 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
112 "\n";
113 #endif /* CONFIG_NO_STDOUT_DEBUG */
114
115 /* Configure default/group WEP keys for static WEP */
116 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
117 {
118 int i, set = 0;
119
120 for (i = 0; i < NUM_WEP_KEYS; i++) {
121 if (ssid->wep_key_len[i] == 0)
122 continue;
123
124 set = 1;
125 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
126 i, i == ssid->wep_tx_keyidx, NULL, 0,
127 ssid->wep_key[i], ssid->wep_key_len[i]);
128 }
129
130 return set;
131 }
132
133
134 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
135 struct wpa_ssid *ssid)
136 {
137 u8 key[32];
138 size_t keylen;
139 enum wpa_alg alg;
140 u8 seq[6] = { 0 };
141 int ret;
142
143 /* IBSS/WPA-None uses only one key (Group) for both receiving and
144 * sending unicast and multicast packets. */
145
146 if (ssid->mode != WPAS_MODE_IBSS) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
148 "IBSS/ad-hoc) for WPA-None", ssid->mode);
149 return -1;
150 }
151
152 if (!ssid->psk_set) {
153 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 "WPA-None");
155 return -1;
156 }
157
158 switch (wpa_s->group_cipher) {
159 case WPA_CIPHER_CCMP:
160 os_memcpy(key, ssid->psk, 16);
161 keylen = 16;
162 alg = WPA_ALG_CCMP;
163 break;
164 case WPA_CIPHER_GCMP:
165 os_memcpy(key, ssid->psk, 16);
166 keylen = 16;
167 alg = WPA_ALG_GCMP;
168 break;
169 case WPA_CIPHER_TKIP:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key, ssid->psk, 16 + 8);
172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 keylen = 32;
174 alg = WPA_ALG_TKIP;
175 break;
176 default:
177 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s->group_cipher);
179 return -1;
180 }
181
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
184
185 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
186 os_memset(key, 0, sizeof(key));
187 return ret;
188 }
189
190
191 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
192 {
193 struct wpa_supplicant *wpa_s = eloop_ctx;
194 const u8 *bssid = wpa_s->bssid;
195 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
196 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
197 wpa_s->wpa_state == WPA_ASSOCIATING))
198 bssid = wpa_s->pending_bssid;
199 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
200 MAC2STR(bssid));
201 wpa_blacklist_add(wpa_s, bssid);
202 wpa_sm_notify_disassoc(wpa_s->wpa);
203 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
204 wpa_s->reassociate = 1;
205
206 /*
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
209 */
210 wpa_supplicant_req_scan(wpa_s, 1, 0);
211 }
212
213
214 /**
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
219 *
220 * This function is used to schedule a timeout for the current authentication
221 * attempt.
222 */
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 int sec, int usec)
225 {
226 if (wpa_s->conf->ap_scan == 0 &&
227 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 return;
229
230 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
231 "%d usec", sec, usec);
232 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
233 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
234 }
235
236
237 /**
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
240 *
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 * been completed.
244 */
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
246 {
247 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
249 wpa_blacklist_del(wpa_s, wpa_s->bssid);
250 }
251
252
253 /**
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
256 *
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
259 */
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
261 {
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf;
264 struct wpa_ssid *ssid = wpa_s->current_ssid;
265
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid->mode == WPAS_MODE_IBSS &&
268 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
270 /*
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
273 */
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 return;
278 }
279 #endif /* CONFIG_IBSS_RSN */
280
281 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
282 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
283
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
285 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
286 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
287 else
288 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
289
290 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
291 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
292 eapol_conf.accept_802_1x_keys = 1;
293 eapol_conf.required_keys = 0;
294 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
295 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
296 }
297 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
298 eapol_conf.required_keys |=
299 EAPOL_REQUIRE_KEY_BROADCAST;
300 }
301
302 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
303 eapol_conf.required_keys = 0;
304 }
305 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
306 eapol_conf.workaround = ssid->eap_workaround;
307 eapol_conf.eap_disabled =
308 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
309 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
311 eapol_conf.external_sim = wpa_s->conf->external_sim;
312
313 #ifdef CONFIG_WPS
314 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
315 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
316 if (wpa_s->current_bss) {
317 struct wpabuf *ie;
318 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
319 WPS_IE_VENDOR_TYPE);
320 if (ie) {
321 if (wps_is_20(ie))
322 eapol_conf.wps |=
323 EAPOL_PEER_IS_WPS20_AP;
324 wpabuf_free(ie);
325 }
326 }
327 }
328 #endif /* CONFIG_WPS */
329
330 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
331
332 #ifdef CONFIG_MACSEC
333 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
334 ieee802_1x_create_preshared_mka(wpa_s, ssid);
335 else
336 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
337 #endif /* CONFIG_MACSEC */
338 #endif /* IEEE8021X_EAPOL */
339 }
340
341
342 /**
343 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
344 * @wpa_s: Pointer to wpa_supplicant data
345 * @ssid: Configuration data for the network
346 *
347 * This function is used to configure WPA state machine and related parameters
348 * to a mode where WPA is not enabled. This is called as part of the
349 * authentication configuration when the selected network does not use WPA.
350 */
351 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
352 struct wpa_ssid *ssid)
353 {
354 int i;
355
356 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
357 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
358 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
359 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
360 else
361 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
362 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
363 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
364 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
365 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
366 wpa_s->group_cipher = WPA_CIPHER_NONE;
367 wpa_s->mgmt_group_cipher = 0;
368
369 for (i = 0; i < NUM_WEP_KEYS; i++) {
370 if (ssid->wep_key_len[i] > 5) {
371 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
372 wpa_s->group_cipher = WPA_CIPHER_WEP104;
373 break;
374 } else if (ssid->wep_key_len[i] > 0) {
375 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
376 wpa_s->group_cipher = WPA_CIPHER_WEP40;
377 break;
378 }
379 }
380
381 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
382 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
383 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
384 wpa_s->pairwise_cipher);
385 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
386 #ifdef CONFIG_IEEE80211W
387 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
388 wpa_s->mgmt_group_cipher);
389 #endif /* CONFIG_IEEE80211W */
390
391 pmksa_cache_clear_current(wpa_s->wpa);
392 }
393
394
395 void free_hw_features(struct wpa_supplicant *wpa_s)
396 {
397 int i;
398 if (wpa_s->hw.modes == NULL)
399 return;
400
401 for (i = 0; i < wpa_s->hw.num_modes; i++) {
402 os_free(wpa_s->hw.modes[i].channels);
403 os_free(wpa_s->hw.modes[i].rates);
404 }
405
406 os_free(wpa_s->hw.modes);
407 wpa_s->hw.modes = NULL;
408 }
409
410
411 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
412 {
413 struct wpa_bss_tmp_disallowed *bss, *prev;
414
415 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
416 struct wpa_bss_tmp_disallowed, list) {
417 dl_list_del(&bss->list);
418 os_free(bss);
419 }
420 }
421
422
423 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
424 {
425 int i;
426
427 bgscan_deinit(wpa_s);
428 autoscan_deinit(wpa_s);
429 scard_deinit(wpa_s->scard);
430 wpa_s->scard = NULL;
431 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
432 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
433 l2_packet_deinit(wpa_s->l2);
434 wpa_s->l2 = NULL;
435 if (wpa_s->l2_br) {
436 l2_packet_deinit(wpa_s->l2_br);
437 wpa_s->l2_br = NULL;
438 }
439 #ifdef CONFIG_TESTING_OPTIONS
440 l2_packet_deinit(wpa_s->l2_test);
441 wpa_s->l2_test = NULL;
442 #endif /* CONFIG_TESTING_OPTIONS */
443
444 if (wpa_s->conf != NULL) {
445 struct wpa_ssid *ssid;
446 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
447 wpas_notify_network_removed(wpa_s, ssid);
448 }
449
450 os_free(wpa_s->confname);
451 wpa_s->confname = NULL;
452
453 os_free(wpa_s->confanother);
454 wpa_s->confanother = NULL;
455
456 wpa_sm_set_eapol(wpa_s->wpa, NULL);
457 eapol_sm_deinit(wpa_s->eapol);
458 wpa_s->eapol = NULL;
459
460 rsn_preauth_deinit(wpa_s->wpa);
461
462 #ifdef CONFIG_TDLS
463 wpa_tdls_deinit(wpa_s->wpa);
464 #endif /* CONFIG_TDLS */
465
466 wmm_ac_clear_saved_tspecs(wpa_s);
467 pmksa_candidate_free(wpa_s->wpa);
468 wpa_sm_deinit(wpa_s->wpa);
469 wpa_s->wpa = NULL;
470 wpa_blacklist_clear(wpa_s);
471
472 wpa_bss_deinit(wpa_s);
473
474 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
475 wpa_supplicant_cancel_scan(wpa_s);
476 wpa_supplicant_cancel_auth_timeout(wpa_s);
477 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
478 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
479 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
480 wpa_s, NULL);
481 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
482
483 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
484
485 wpas_wps_deinit(wpa_s);
486
487 wpabuf_free(wpa_s->pending_eapol_rx);
488 wpa_s->pending_eapol_rx = NULL;
489
490 #ifdef CONFIG_IBSS_RSN
491 ibss_rsn_deinit(wpa_s->ibss_rsn);
492 wpa_s->ibss_rsn = NULL;
493 #endif /* CONFIG_IBSS_RSN */
494
495 sme_deinit(wpa_s);
496
497 #ifdef CONFIG_AP
498 wpa_supplicant_ap_deinit(wpa_s);
499 #endif /* CONFIG_AP */
500
501 wpas_p2p_deinit(wpa_s);
502
503 #ifdef CONFIG_OFFCHANNEL
504 offchannel_deinit(wpa_s);
505 #endif /* CONFIG_OFFCHANNEL */
506
507 wpa_supplicant_cancel_sched_scan(wpa_s);
508
509 os_free(wpa_s->next_scan_freqs);
510 wpa_s->next_scan_freqs = NULL;
511
512 os_free(wpa_s->manual_scan_freqs);
513 wpa_s->manual_scan_freqs = NULL;
514
515 os_free(wpa_s->manual_sched_scan_freqs);
516 wpa_s->manual_sched_scan_freqs = NULL;
517
518 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
519
520 /*
521 * Need to remove any pending gas-query radio work before the
522 * gas_query_deinit() call because gas_query::work has not yet been set
523 * for works that have not been started. gas_query_free() will be unable
524 * to cancel such pending radio works and once the pending gas-query
525 * radio work eventually gets removed, the deinit notification call to
526 * gas_query_start_cb() would result in dereferencing freed memory.
527 */
528 if (wpa_s->radio)
529 radio_remove_works(wpa_s, "gas-query", 0);
530 gas_query_deinit(wpa_s->gas);
531 wpa_s->gas = NULL;
532
533 free_hw_features(wpa_s);
534
535 ieee802_1x_dealloc_kay_sm(wpa_s);
536
537 os_free(wpa_s->bssid_filter);
538 wpa_s->bssid_filter = NULL;
539
540 os_free(wpa_s->disallow_aps_bssid);
541 wpa_s->disallow_aps_bssid = NULL;
542 os_free(wpa_s->disallow_aps_ssid);
543 wpa_s->disallow_aps_ssid = NULL;
544
545 wnm_bss_keep_alive_deinit(wpa_s);
546 #ifdef CONFIG_WNM
547 wnm_deallocate_memory(wpa_s);
548 #endif /* CONFIG_WNM */
549
550 ext_password_deinit(wpa_s->ext_pw);
551 wpa_s->ext_pw = NULL;
552
553 wpabuf_free(wpa_s->last_gas_resp);
554 wpa_s->last_gas_resp = NULL;
555 wpabuf_free(wpa_s->prev_gas_resp);
556 wpa_s->prev_gas_resp = NULL;
557
558 os_free(wpa_s->last_scan_res);
559 wpa_s->last_scan_res = NULL;
560
561 #ifdef CONFIG_HS20
562 if (wpa_s->drv_priv)
563 wpa_drv_configure_frame_filters(wpa_s, 0);
564 hs20_deinit(wpa_s);
565 #endif /* CONFIG_HS20 */
566
567 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
568 wpabuf_free(wpa_s->vendor_elem[i]);
569 wpa_s->vendor_elem[i] = NULL;
570 }
571
572 wmm_ac_notify_disassoc(wpa_s);
573
574 wpa_s->sched_scan_plans_num = 0;
575 os_free(wpa_s->sched_scan_plans);
576 wpa_s->sched_scan_plans = NULL;
577
578 #ifdef CONFIG_MBO
579 wpa_s->non_pref_chan_num = 0;
580 os_free(wpa_s->non_pref_chan);
581 wpa_s->non_pref_chan = NULL;
582 #endif /* CONFIG_MBO */
583
584 free_bss_tmp_disallowed(wpa_s);
585
586 wpabuf_free(wpa_s->lci);
587 wpa_s->lci = NULL;
588 wpas_clear_beacon_rep_data(wpa_s);
589
590 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
591 #ifdef CONFIG_MESH
592 {
593 struct external_pmksa_cache *entry;
594
595 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
596 struct external_pmksa_cache,
597 list)) != NULL) {
598 dl_list_del(&entry->list);
599 os_free(entry->pmksa_cache);
600 os_free(entry);
601 }
602 }
603 #endif /* CONFIG_MESH */
604 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
605 }
606
607
608 /**
609 * wpa_clear_keys - Clear keys configured for the driver
610 * @wpa_s: Pointer to wpa_supplicant data
611 * @addr: Previously used BSSID or %NULL if not available
612 *
613 * This function clears the encryption keys that has been previously configured
614 * for the driver.
615 */
616 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
617 {
618 int i, max;
619
620 #ifdef CONFIG_IEEE80211W
621 max = 6;
622 #else /* CONFIG_IEEE80211W */
623 max = 4;
624 #endif /* CONFIG_IEEE80211W */
625
626 /* MLME-DELETEKEYS.request */
627 for (i = 0; i < max; i++) {
628 if (wpa_s->keys_cleared & BIT(i))
629 continue;
630 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
631 NULL, 0);
632 }
633 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
634 !is_zero_ether_addr(addr)) {
635 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
636 0);
637 /* MLME-SETPROTECTION.request(None) */
638 wpa_drv_mlme_setprotection(
639 wpa_s, addr,
640 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
641 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
642 }
643 wpa_s->keys_cleared = (u32) -1;
644 }
645
646
647 /**
648 * wpa_supplicant_state_txt - Get the connection state name as a text string
649 * @state: State (wpa_state; WPA_*)
650 * Returns: The state name as a printable text string
651 */
652 const char * wpa_supplicant_state_txt(enum wpa_states state)
653 {
654 switch (state) {
655 case WPA_DISCONNECTED:
656 return "DISCONNECTED";
657 case WPA_INACTIVE:
658 return "INACTIVE";
659 case WPA_INTERFACE_DISABLED:
660 return "INTERFACE_DISABLED";
661 case WPA_SCANNING:
662 return "SCANNING";
663 case WPA_AUTHENTICATING:
664 return "AUTHENTICATING";
665 case WPA_ASSOCIATING:
666 return "ASSOCIATING";
667 case WPA_ASSOCIATED:
668 return "ASSOCIATED";
669 case WPA_4WAY_HANDSHAKE:
670 return "4WAY_HANDSHAKE";
671 case WPA_GROUP_HANDSHAKE:
672 return "GROUP_HANDSHAKE";
673 case WPA_COMPLETED:
674 return "COMPLETED";
675 default:
676 return "UNKNOWN";
677 }
678 }
679
680
681 #ifdef CONFIG_BGSCAN
682
683 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
684 {
685 const char *name;
686
687 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
688 name = wpa_s->current_ssid->bgscan;
689 else
690 name = wpa_s->conf->bgscan;
691 if (name == NULL || name[0] == '\0')
692 return;
693 if (wpas_driver_bss_selection(wpa_s))
694 return;
695 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
696 return;
697 #ifdef CONFIG_P2P
698 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
699 return;
700 #endif /* CONFIG_P2P */
701
702 bgscan_deinit(wpa_s);
703 if (wpa_s->current_ssid) {
704 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
705 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
706 "bgscan");
707 /*
708 * Live without bgscan; it is only used as a roaming
709 * optimization, so the initial connection is not
710 * affected.
711 */
712 } else {
713 struct wpa_scan_results *scan_res;
714 wpa_s->bgscan_ssid = wpa_s->current_ssid;
715 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
716 0);
717 if (scan_res) {
718 bgscan_notify_scan(wpa_s, scan_res);
719 wpa_scan_results_free(scan_res);
720 }
721 }
722 } else
723 wpa_s->bgscan_ssid = NULL;
724 }
725
726
727 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
728 {
729 if (wpa_s->bgscan_ssid != NULL) {
730 bgscan_deinit(wpa_s);
731 wpa_s->bgscan_ssid = NULL;
732 }
733 }
734
735 #endif /* CONFIG_BGSCAN */
736
737
738 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
739 {
740 if (autoscan_init(wpa_s, 0))
741 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
742 }
743
744
745 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
746 {
747 autoscan_deinit(wpa_s);
748 }
749
750
751 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
752 {
753 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
754 wpa_s->wpa_state == WPA_SCANNING) {
755 autoscan_deinit(wpa_s);
756 wpa_supplicant_start_autoscan(wpa_s);
757 }
758 }
759
760
761 /**
762 * wpa_supplicant_set_state - Set current connection state
763 * @wpa_s: Pointer to wpa_supplicant data
764 * @state: The new connection state
765 *
766 * This function is called whenever the connection state changes, e.g.,
767 * association is completed for WPA/WPA2 4-Way Handshake is started.
768 */
769 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
770 enum wpa_states state)
771 {
772 enum wpa_states old_state = wpa_s->wpa_state;
773
774 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
775 wpa_supplicant_state_txt(wpa_s->wpa_state),
776 wpa_supplicant_state_txt(state));
777
778 if (state == WPA_INTERFACE_DISABLED) {
779 /* Assure normal scan when interface is restored */
780 wpa_s->normal_scans = 0;
781 }
782
783 if (state == WPA_COMPLETED) {
784 wpas_connect_work_done(wpa_s);
785 /* Reinitialize normal_scan counter */
786 wpa_s->normal_scans = 0;
787 }
788
789 #ifdef CONFIG_P2P
790 /*
791 * P2PS client has to reply to Probe Request frames received on the
792 * group operating channel. Enable Probe Request frame reporting for
793 * P2P connected client in case p2p_cli_probe configuration property is
794 * set to 1.
795 */
796 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
797 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
798 wpa_s->current_ssid->p2p_group) {
799 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
800 wpa_dbg(wpa_s, MSG_DEBUG,
801 "P2P: Enable CLI Probe Request RX reporting");
802 wpa_s->p2p_cli_probe =
803 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
804 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
805 wpa_dbg(wpa_s, MSG_DEBUG,
806 "P2P: Disable CLI Probe Request RX reporting");
807 wpa_s->p2p_cli_probe = 0;
808 wpa_drv_probe_req_report(wpa_s, 0);
809 }
810 }
811 #endif /* CONFIG_P2P */
812
813 if (state != WPA_SCANNING)
814 wpa_supplicant_notify_scanning(wpa_s, 0);
815
816 if (state == WPA_COMPLETED && wpa_s->new_connection) {
817 struct wpa_ssid *ssid = wpa_s->current_ssid;
818 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
819 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
820 MACSTR " completed [id=%d id_str=%s]",
821 MAC2STR(wpa_s->bssid),
822 ssid ? ssid->id : -1,
823 ssid && ssid->id_str ? ssid->id_str : "");
824 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
825 wpas_clear_temp_disabled(wpa_s, ssid, 1);
826 wpa_blacklist_clear(wpa_s);
827 wpa_s->extra_blacklist_count = 0;
828 wpa_s->new_connection = 0;
829 wpa_drv_set_operstate(wpa_s, 1);
830 #ifndef IEEE8021X_EAPOL
831 wpa_drv_set_supp_port(wpa_s, 1);
832 #endif /* IEEE8021X_EAPOL */
833 wpa_s->after_wps = 0;
834 wpa_s->known_wps_freq = 0;
835 wpas_p2p_completed(wpa_s);
836
837 sme_sched_obss_scan(wpa_s, 1);
838 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
839 state == WPA_ASSOCIATED) {
840 wpa_s->new_connection = 1;
841 wpa_drv_set_operstate(wpa_s, 0);
842 #ifndef IEEE8021X_EAPOL
843 wpa_drv_set_supp_port(wpa_s, 0);
844 #endif /* IEEE8021X_EAPOL */
845 sme_sched_obss_scan(wpa_s, 0);
846 }
847 wpa_s->wpa_state = state;
848
849 #ifdef CONFIG_BGSCAN
850 if (state == WPA_COMPLETED)
851 wpa_supplicant_start_bgscan(wpa_s);
852 else if (state < WPA_ASSOCIATED)
853 wpa_supplicant_stop_bgscan(wpa_s);
854 #endif /* CONFIG_BGSCAN */
855
856 if (state == WPA_AUTHENTICATING)
857 wpa_supplicant_stop_autoscan(wpa_s);
858
859 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
860 wpa_supplicant_start_autoscan(wpa_s);
861
862 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
863 wmm_ac_notify_disassoc(wpa_s);
864
865 if (wpa_s->wpa_state != old_state) {
866 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
867
868 /*
869 * Notify the P2P Device interface about a state change in one
870 * of the interfaces.
871 */
872 wpas_p2p_indicate_state_change(wpa_s);
873
874 if (wpa_s->wpa_state == WPA_COMPLETED ||
875 old_state == WPA_COMPLETED)
876 wpas_notify_auth_changed(wpa_s);
877 }
878 }
879
880
881 void wpa_supplicant_terminate_proc(struct wpa_global *global)
882 {
883 int pending = 0;
884 #ifdef CONFIG_WPS
885 struct wpa_supplicant *wpa_s = global->ifaces;
886 while (wpa_s) {
887 struct wpa_supplicant *next = wpa_s->next;
888 if (wpas_wps_terminate_pending(wpa_s) == 1)
889 pending = 1;
890 #ifdef CONFIG_P2P
891 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
892 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
893 wpas_p2p_disconnect(wpa_s);
894 #endif /* CONFIG_P2P */
895 wpa_s = next;
896 }
897 #endif /* CONFIG_WPS */
898 if (pending)
899 return;
900 eloop_terminate();
901 }
902
903
904 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
905 {
906 struct wpa_global *global = signal_ctx;
907 wpa_supplicant_terminate_proc(global);
908 }
909
910
911 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
912 {
913 enum wpa_states old_state = wpa_s->wpa_state;
914
915 wpa_s->pairwise_cipher = 0;
916 wpa_s->group_cipher = 0;
917 wpa_s->mgmt_group_cipher = 0;
918 wpa_s->key_mgmt = 0;
919 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
920 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
921
922 if (wpa_s->wpa_state != old_state)
923 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
924 }
925
926
927 /**
928 * wpa_supplicant_reload_configuration - Reload configuration data
929 * @wpa_s: Pointer to wpa_supplicant data
930 * Returns: 0 on success or -1 if configuration parsing failed
931 *
932 * This function can be used to request that the configuration data is reloaded
933 * (e.g., after configuration file change). This function is reloading
934 * configuration only for one interface, so this may need to be called multiple
935 * times if %wpa_supplicant is controlling multiple interfaces and all
936 * interfaces need reconfiguration.
937 */
938 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
939 {
940 struct wpa_config *conf;
941 int reconf_ctrl;
942 int old_ap_scan;
943
944 if (wpa_s->confname == NULL)
945 return -1;
946 conf = wpa_config_read(wpa_s->confname, NULL);
947 if (conf == NULL) {
948 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
949 "file '%s' - exiting", wpa_s->confname);
950 return -1;
951 }
952 wpa_config_read(wpa_s->confanother, conf);
953
954 conf->changed_parameters = (unsigned int) -1;
955
956 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
957 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
958 os_strcmp(conf->ctrl_interface,
959 wpa_s->conf->ctrl_interface) != 0);
960
961 if (reconf_ctrl && wpa_s->ctrl_iface) {
962 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
963 wpa_s->ctrl_iface = NULL;
964 }
965
966 eapol_sm_invalidate_cached_session(wpa_s->eapol);
967 if (wpa_s->current_ssid) {
968 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
969 wpa_s->own_disconnect_req = 1;
970 wpa_supplicant_deauthenticate(wpa_s,
971 WLAN_REASON_DEAUTH_LEAVING);
972 }
973
974 /*
975 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
976 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
977 */
978 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
979 /*
980 * Clear forced success to clear EAP state for next
981 * authentication.
982 */
983 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
984 }
985 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
986 wpa_sm_set_config(wpa_s->wpa, NULL);
987 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
988 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
989 rsn_preauth_deinit(wpa_s->wpa);
990
991 old_ap_scan = wpa_s->conf->ap_scan;
992 wpa_config_free(wpa_s->conf);
993 wpa_s->conf = conf;
994 if (old_ap_scan != wpa_s->conf->ap_scan)
995 wpas_notify_ap_scan_changed(wpa_s);
996
997 if (reconf_ctrl)
998 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
999
1000 wpa_supplicant_update_config(wpa_s);
1001
1002 wpa_supplicant_clear_status(wpa_s);
1003 if (wpa_supplicant_enabled_networks(wpa_s)) {
1004 wpa_s->reassociate = 1;
1005 wpa_supplicant_req_scan(wpa_s, 0, 0);
1006 }
1007 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1008 return 0;
1009 }
1010
1011
1012 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1013 {
1014 struct wpa_global *global = signal_ctx;
1015 struct wpa_supplicant *wpa_s;
1016 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1017 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1018 sig);
1019 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1020 wpa_supplicant_terminate_proc(global);
1021 }
1022 }
1023
1024 if (wpa_debug_reopen_file() < 0) {
1025 /* Ignore errors since we cannot really do much to fix this */
1026 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1027 }
1028 }
1029
1030
1031 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1032 struct wpa_ssid *ssid,
1033 struct wpa_ie_data *ie)
1034 {
1035 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1036 if (ret) {
1037 if (ret == -2) {
1038 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1039 "from association info");
1040 }
1041 return -1;
1042 }
1043
1044 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1045 "cipher suites");
1046 if (!(ie->group_cipher & ssid->group_cipher)) {
1047 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1048 "cipher 0x%x (mask 0x%x) - reject",
1049 ie->group_cipher, ssid->group_cipher);
1050 return -1;
1051 }
1052 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1053 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1054 "cipher 0x%x (mask 0x%x) - reject",
1055 ie->pairwise_cipher, ssid->pairwise_cipher);
1056 return -1;
1057 }
1058 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1059 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1060 "management 0x%x (mask 0x%x) - reject",
1061 ie->key_mgmt, ssid->key_mgmt);
1062 return -1;
1063 }
1064
1065 #ifdef CONFIG_IEEE80211W
1066 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1067 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1068 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1069 "that does not support management frame protection - "
1070 "reject");
1071 return -1;
1072 }
1073 #endif /* CONFIG_IEEE80211W */
1074
1075 return 0;
1076 }
1077
1078
1079 /**
1080 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1081 * @wpa_s: Pointer to wpa_supplicant data
1082 * @bss: Scan results for the selected BSS, or %NULL if not available
1083 * @ssid: Configuration data for the selected network
1084 * @wpa_ie: Buffer for the WPA/RSN IE
1085 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1086 * used buffer length in case the functions returns success.
1087 * Returns: 0 on success or -1 on failure
1088 *
1089 * This function is used to configure authentication and encryption parameters
1090 * based on the network configuration and scan result for the selected BSS (if
1091 * available).
1092 */
1093 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1094 struct wpa_bss *bss, struct wpa_ssid *ssid,
1095 u8 *wpa_ie, size_t *wpa_ie_len)
1096 {
1097 struct wpa_ie_data ie;
1098 int sel, proto;
1099 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1100
1101 if (bss) {
1102 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1103 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1104 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1105 } else
1106 bss_wpa = bss_rsn = bss_osen = NULL;
1107
1108 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1109 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1110 (ie.group_cipher & ssid->group_cipher) &&
1111 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1112 (ie.key_mgmt & ssid->key_mgmt)) {
1113 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1114 proto = WPA_PROTO_RSN;
1115 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1116 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1117 (ie.group_cipher & ssid->group_cipher) &&
1118 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1119 (ie.key_mgmt & ssid->key_mgmt)) {
1120 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1121 proto = WPA_PROTO_WPA;
1122 #ifdef CONFIG_HS20
1123 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1124 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1125 /* TODO: parse OSEN element */
1126 os_memset(&ie, 0, sizeof(ie));
1127 ie.group_cipher = WPA_CIPHER_CCMP;
1128 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1129 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1130 proto = WPA_PROTO_OSEN;
1131 #endif /* CONFIG_HS20 */
1132 } else if (bss) {
1133 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1134 wpa_dbg(wpa_s, MSG_DEBUG,
1135 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1136 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1137 ssid->key_mgmt);
1138 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1139 MAC2STR(bss->bssid),
1140 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1141 bss_wpa ? " WPA" : "",
1142 bss_rsn ? " RSN" : "",
1143 bss_osen ? " OSEN" : "");
1144 if (bss_rsn) {
1145 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1146 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1147 wpa_dbg(wpa_s, MSG_DEBUG,
1148 "Could not parse RSN element");
1149 } else {
1150 wpa_dbg(wpa_s, MSG_DEBUG,
1151 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1152 ie.pairwise_cipher, ie.group_cipher,
1153 ie.key_mgmt);
1154 }
1155 }
1156 if (bss_wpa) {
1157 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1158 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1159 wpa_dbg(wpa_s, MSG_DEBUG,
1160 "Could not parse WPA element");
1161 } else {
1162 wpa_dbg(wpa_s, MSG_DEBUG,
1163 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1164 ie.pairwise_cipher, ie.group_cipher,
1165 ie.key_mgmt);
1166 }
1167 }
1168 return -1;
1169 } else {
1170 if (ssid->proto & WPA_PROTO_OSEN)
1171 proto = WPA_PROTO_OSEN;
1172 else if (ssid->proto & WPA_PROTO_RSN)
1173 proto = WPA_PROTO_RSN;
1174 else
1175 proto = WPA_PROTO_WPA;
1176 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1177 os_memset(&ie, 0, sizeof(ie));
1178 ie.group_cipher = ssid->group_cipher;
1179 ie.pairwise_cipher = ssid->pairwise_cipher;
1180 ie.key_mgmt = ssid->key_mgmt;
1181 #ifdef CONFIG_IEEE80211W
1182 ie.mgmt_group_cipher =
1183 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1184 WPA_CIPHER_AES_128_CMAC : 0;
1185 #endif /* CONFIG_IEEE80211W */
1186 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1187 "based on configuration");
1188 } else
1189 proto = ie.proto;
1190 }
1191
1192 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1193 "pairwise %d key_mgmt %d proto %d",
1194 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1195 #ifdef CONFIG_IEEE80211W
1196 if (ssid->ieee80211w) {
1197 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1198 ie.mgmt_group_cipher);
1199 }
1200 #endif /* CONFIG_IEEE80211W */
1201
1202 wpa_s->wpa_proto = proto;
1203 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1204 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1205 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1206
1207 if (bss || !wpa_s->ap_ies_from_associnfo) {
1208 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1209 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1210 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1211 bss_rsn ? 2 + bss_rsn[1] : 0))
1212 return -1;
1213 }
1214
1215 #ifdef CONFIG_NO_WPA
1216 wpa_s->group_cipher = WPA_CIPHER_NONE;
1217 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1218 #else /* CONFIG_NO_WPA */
1219 sel = ie.group_cipher & ssid->group_cipher;
1220 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1221 if (wpa_s->group_cipher < 0) {
1222 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1223 "cipher");
1224 return -1;
1225 }
1226 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1227 wpa_cipher_txt(wpa_s->group_cipher));
1228
1229 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1230 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1231 if (wpa_s->pairwise_cipher < 0) {
1232 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1233 "cipher");
1234 return -1;
1235 }
1236 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1237 wpa_cipher_txt(wpa_s->pairwise_cipher));
1238 #endif /* CONFIG_NO_WPA */
1239
1240 sel = ie.key_mgmt & ssid->key_mgmt;
1241 #ifdef CONFIG_SAE
1242 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1243 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1244 #endif /* CONFIG_SAE */
1245 if (0) {
1246 #ifdef CONFIG_SUITEB192
1247 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1248 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1249 wpa_dbg(wpa_s, MSG_DEBUG,
1250 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1251 #endif /* CONFIG_SUITEB192 */
1252 #ifdef CONFIG_SUITEB
1253 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1254 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1255 wpa_dbg(wpa_s, MSG_DEBUG,
1256 "WPA: using KEY_MGMT 802.1X with Suite B");
1257 #endif /* CONFIG_SUITEB */
1258 #ifdef CONFIG_FILS
1259 #ifdef CONFIG_IEEE80211R
1260 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1261 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1262 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1263 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1264 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1265 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1266 #endif /* CONFIG_IEEE80211R */
1267 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1268 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1269 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1270 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1271 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1272 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1273 #endif /* CONFIG_FILS */
1274 #ifdef CONFIG_IEEE80211R
1275 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1276 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1277 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1278 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1279 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1280 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1281 #endif /* CONFIG_IEEE80211R */
1282 #ifdef CONFIG_SAE
1283 } else if (sel & WPA_KEY_MGMT_SAE) {
1284 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1285 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1286 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1287 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1288 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1289 #endif /* CONFIG_SAE */
1290 #ifdef CONFIG_IEEE80211W
1291 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1292 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1293 wpa_dbg(wpa_s, MSG_DEBUG,
1294 "WPA: using KEY_MGMT 802.1X with SHA256");
1295 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1296 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1297 wpa_dbg(wpa_s, MSG_DEBUG,
1298 "WPA: using KEY_MGMT PSK with SHA256");
1299 #endif /* CONFIG_IEEE80211W */
1300 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1301 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1302 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1303 } else if (sel & WPA_KEY_MGMT_PSK) {
1304 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1305 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1306 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1307 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1308 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1309 #ifdef CONFIG_HS20
1310 } else if (sel & WPA_KEY_MGMT_OSEN) {
1311 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1312 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1313 #endif /* CONFIG_HS20 */
1314 } else {
1315 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1316 "authenticated key management type");
1317 return -1;
1318 }
1319
1320 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1321 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1322 wpa_s->pairwise_cipher);
1323 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1324
1325 #ifdef CONFIG_IEEE80211W
1326 sel = ie.mgmt_group_cipher;
1327 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1328 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1329 sel = 0;
1330 if (sel & WPA_CIPHER_AES_128_CMAC) {
1331 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1332 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1333 "AES-128-CMAC");
1334 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1335 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1336 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1337 "BIP-GMAC-128");
1338 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1339 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1340 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1341 "BIP-GMAC-256");
1342 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1343 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1344 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1345 "BIP-CMAC-256");
1346 } else {
1347 wpa_s->mgmt_group_cipher = 0;
1348 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1349 }
1350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1351 wpa_s->mgmt_group_cipher);
1352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1353 wpas_get_ssid_pmf(wpa_s, ssid));
1354 #endif /* CONFIG_IEEE80211W */
1355
1356 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1357 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1358 return -1;
1359 }
1360
1361 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1362 int psk_set = 0;
1363
1364 if (ssid->psk_set) {
1365 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1366 NULL);
1367 psk_set = 1;
1368 }
1369 #ifndef CONFIG_NO_PBKDF2
1370 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1371 ssid->passphrase) {
1372 u8 psk[PMK_LEN];
1373 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1374 4096, psk, PMK_LEN);
1375 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1376 psk, PMK_LEN);
1377 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1378 psk_set = 1;
1379 os_memset(psk, 0, sizeof(psk));
1380 }
1381 #endif /* CONFIG_NO_PBKDF2 */
1382 #ifdef CONFIG_EXT_PASSWORD
1383 if (ssid->ext_psk) {
1384 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1385 ssid->ext_psk);
1386 char pw_str[64 + 1];
1387 u8 psk[PMK_LEN];
1388
1389 if (pw == NULL) {
1390 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1391 "found from external storage");
1392 return -1;
1393 }
1394
1395 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1396 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1397 "PSK length %d in external storage",
1398 (int) wpabuf_len(pw));
1399 ext_password_free(pw);
1400 return -1;
1401 }
1402
1403 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1404 pw_str[wpabuf_len(pw)] = '\0';
1405
1406 #ifndef CONFIG_NO_PBKDF2
1407 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1408 {
1409 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1410 4096, psk, PMK_LEN);
1411 os_memset(pw_str, 0, sizeof(pw_str));
1412 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1413 "external passphrase)",
1414 psk, PMK_LEN);
1415 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1416 NULL);
1417 psk_set = 1;
1418 os_memset(psk, 0, sizeof(psk));
1419 } else
1420 #endif /* CONFIG_NO_PBKDF2 */
1421 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1422 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1423 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1424 "Invalid PSK hex string");
1425 os_memset(pw_str, 0, sizeof(pw_str));
1426 ext_password_free(pw);
1427 return -1;
1428 }
1429 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1430 NULL);
1431 psk_set = 1;
1432 os_memset(psk, 0, sizeof(psk));
1433 } else {
1434 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1435 "PSK available");
1436 os_memset(pw_str, 0, sizeof(pw_str));
1437 ext_password_free(pw);
1438 return -1;
1439 }
1440
1441 os_memset(pw_str, 0, sizeof(pw_str));
1442 ext_password_free(pw);
1443 }
1444 #endif /* CONFIG_EXT_PASSWORD */
1445
1446 if (!psk_set) {
1447 wpa_msg(wpa_s, MSG_INFO,
1448 "No PSK available for association");
1449 return -1;
1450 }
1451 } else
1452 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1453
1454 return 0;
1455 }
1456
1457
1458 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1459 {
1460 *pos = 0x00;
1461
1462 switch (idx) {
1463 case 0: /* Bits 0-7 */
1464 break;
1465 case 1: /* Bits 8-15 */
1466 break;
1467 case 2: /* Bits 16-23 */
1468 #ifdef CONFIG_WNM
1469 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1470 *pos |= 0x08; /* Bit 19 - BSS Transition */
1471 #endif /* CONFIG_WNM */
1472 break;
1473 case 3: /* Bits 24-31 */
1474 #ifdef CONFIG_WNM
1475 *pos |= 0x02; /* Bit 25 - SSID List */
1476 #endif /* CONFIG_WNM */
1477 #ifdef CONFIG_INTERWORKING
1478 if (wpa_s->conf->interworking)
1479 *pos |= 0x80; /* Bit 31 - Interworking */
1480 #endif /* CONFIG_INTERWORKING */
1481 break;
1482 case 4: /* Bits 32-39 */
1483 #ifdef CONFIG_INTERWORKING
1484 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1485 *pos |= 0x01; /* Bit 32 - QoS Map */
1486 #endif /* CONFIG_INTERWORKING */
1487 break;
1488 case 5: /* Bits 40-47 */
1489 #ifdef CONFIG_HS20
1490 if (wpa_s->conf->hs20)
1491 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1492 #endif /* CONFIG_HS20 */
1493 #ifdef CONFIG_MBO
1494 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1495 #endif /* CONFIG_MBO */
1496 break;
1497 case 6: /* Bits 48-55 */
1498 break;
1499 case 7: /* Bits 56-63 */
1500 break;
1501 case 8: /* Bits 64-71 */
1502 if (wpa_s->conf->ftm_responder)
1503 *pos |= 0x40; /* Bit 70 - FTM responder */
1504 if (wpa_s->conf->ftm_initiator)
1505 *pos |= 0x80; /* Bit 71 - FTM initiator */
1506 break;
1507 case 9: /* Bits 72-79 */
1508 #ifdef CONFIG_FILS
1509 *pos |= 0x01;
1510 #endif /* CONFIG_FILS */
1511 break;
1512 }
1513 }
1514
1515
1516 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1517 {
1518 u8 *pos = buf;
1519 u8 len = 10, i;
1520
1521 if (len < wpa_s->extended_capa_len)
1522 len = wpa_s->extended_capa_len;
1523 if (buflen < (size_t) len + 2) {
1524 wpa_printf(MSG_INFO,
1525 "Not enough room for building extended capabilities element");
1526 return -1;
1527 }
1528
1529 *pos++ = WLAN_EID_EXT_CAPAB;
1530 *pos++ = len;
1531 for (i = 0; i < len; i++, pos++) {
1532 wpas_ext_capab_byte(wpa_s, pos, i);
1533
1534 if (i < wpa_s->extended_capa_len) {
1535 *pos &= ~wpa_s->extended_capa_mask[i];
1536 *pos |= wpa_s->extended_capa[i];
1537 }
1538 }
1539
1540 while (len > 0 && buf[1 + len] == 0) {
1541 len--;
1542 buf[1] = len;
1543 }
1544 if (len == 0)
1545 return 0;
1546
1547 return 2 + len;
1548 }
1549
1550
1551 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1552 struct wpa_bss *test_bss)
1553 {
1554 struct wpa_bss *bss;
1555
1556 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1557 if (bss == test_bss)
1558 return 1;
1559 }
1560
1561 return 0;
1562 }
1563
1564
1565 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1566 struct wpa_ssid *test_ssid)
1567 {
1568 struct wpa_ssid *ssid;
1569
1570 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1571 if (ssid == test_ssid)
1572 return 1;
1573 }
1574
1575 return 0;
1576 }
1577
1578
1579 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1580 struct wpa_ssid *test_ssid)
1581 {
1582 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1583 return 0;
1584
1585 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1586 }
1587
1588
1589 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1590 {
1591 if (cwork == NULL)
1592 return;
1593 os_free(cwork);
1594 }
1595
1596
1597 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1598 {
1599 struct wpa_connect_work *cwork;
1600 struct wpa_radio_work *work = wpa_s->connect_work;
1601
1602 if (!work)
1603 return;
1604
1605 wpa_s->connect_work = NULL;
1606 cwork = work->ctx;
1607 work->ctx = NULL;
1608 wpas_connect_work_free(cwork);
1609 radio_work_done(work);
1610 }
1611
1612
1613 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1614 {
1615 struct os_reltime now;
1616 u8 addr[ETH_ALEN];
1617
1618 os_get_reltime(&now);
1619 if (wpa_s->last_mac_addr_style == style &&
1620 wpa_s->last_mac_addr_change.sec != 0 &&
1621 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1622 wpa_s->conf->rand_addr_lifetime)) {
1623 wpa_msg(wpa_s, MSG_DEBUG,
1624 "Previously selected random MAC address has not yet expired");
1625 return 0;
1626 }
1627
1628 switch (style) {
1629 case 1:
1630 if (random_mac_addr(addr) < 0)
1631 return -1;
1632 break;
1633 case 2:
1634 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1635 if (random_mac_addr_keep_oui(addr) < 0)
1636 return -1;
1637 break;
1638 default:
1639 return -1;
1640 }
1641
1642 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1643 wpa_msg(wpa_s, MSG_INFO,
1644 "Failed to set random MAC address");
1645 return -1;
1646 }
1647
1648 os_get_reltime(&wpa_s->last_mac_addr_change);
1649 wpa_s->mac_addr_changed = 1;
1650 wpa_s->last_mac_addr_style = style;
1651
1652 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1653 wpa_msg(wpa_s, MSG_INFO,
1654 "Could not update MAC address information");
1655 return -1;
1656 }
1657
1658 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1659 MAC2STR(addr));
1660
1661 return 0;
1662 }
1663
1664
1665 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1666 {
1667 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1668 !wpa_s->conf->preassoc_mac_addr)
1669 return 0;
1670
1671 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1672 }
1673
1674
1675 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1676
1677 /**
1678 * wpa_supplicant_associate - Request association
1679 * @wpa_s: Pointer to wpa_supplicant data
1680 * @bss: Scan results for the selected BSS, or %NULL if not available
1681 * @ssid: Configuration data for the selected network
1682 *
1683 * This function is used to request %wpa_supplicant to associate with a BSS.
1684 */
1685 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1686 struct wpa_bss *bss, struct wpa_ssid *ssid)
1687 {
1688 struct wpa_connect_work *cwork;
1689 int rand_style;
1690
1691 wpa_s->own_disconnect_req = 0;
1692
1693 /*
1694 * If we are starting a new connection, any previously pending EAPOL
1695 * RX cannot be valid anymore.
1696 */
1697 wpabuf_free(wpa_s->pending_eapol_rx);
1698 wpa_s->pending_eapol_rx = NULL;
1699
1700 if (ssid->mac_addr == -1)
1701 rand_style = wpa_s->conf->mac_addr;
1702 else
1703 rand_style = ssid->mac_addr;
1704
1705 wmm_ac_clear_saved_tspecs(wpa_s);
1706 wpa_s->reassoc_same_bss = 0;
1707 wpa_s->reassoc_same_ess = 0;
1708
1709 if (wpa_s->last_ssid == ssid) {
1710 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1711 wpa_s->reassoc_same_ess = 1;
1712 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1713 wmm_ac_save_tspecs(wpa_s);
1714 wpa_s->reassoc_same_bss = 1;
1715 }
1716 }
1717
1718 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
1719 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1720 return;
1721 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1722 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
1723 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1724 wpa_msg(wpa_s, MSG_INFO,
1725 "Could not restore permanent MAC address");
1726 return;
1727 }
1728 wpa_s->mac_addr_changed = 0;
1729 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1730 wpa_msg(wpa_s, MSG_INFO,
1731 "Could not update MAC address information");
1732 return;
1733 }
1734 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1735 }
1736 wpa_s->last_ssid = ssid;
1737
1738 #ifdef CONFIG_IBSS_RSN
1739 ibss_rsn_deinit(wpa_s->ibss_rsn);
1740 wpa_s->ibss_rsn = NULL;
1741 #else /* CONFIG_IBSS_RSN */
1742 if (ssid->mode == WPAS_MODE_IBSS &&
1743 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1744 wpa_msg(wpa_s, MSG_INFO,
1745 "IBSS RSN not supported in the build");
1746 return;
1747 }
1748 #endif /* CONFIG_IBSS_RSN */
1749
1750 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1751 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1752 #ifdef CONFIG_AP
1753 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1754 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1755 "mode");
1756 return;
1757 }
1758 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1759 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1760 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1761 wpas_p2p_ap_setup_failed(wpa_s);
1762 return;
1763 }
1764 wpa_s->current_bss = bss;
1765 #else /* CONFIG_AP */
1766 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1767 "the build");
1768 #endif /* CONFIG_AP */
1769 return;
1770 }
1771
1772 if (ssid->mode == WPAS_MODE_MESH) {
1773 #ifdef CONFIG_MESH
1774 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1775 wpa_msg(wpa_s, MSG_INFO,
1776 "Driver does not support mesh mode");
1777 return;
1778 }
1779 if (bss)
1780 ssid->frequency = bss->freq;
1781 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1782 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1783 return;
1784 }
1785 wpa_s->current_bss = bss;
1786 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1787 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1788 ssid->id);
1789 #else /* CONFIG_MESH */
1790 wpa_msg(wpa_s, MSG_ERROR,
1791 "mesh mode support not included in the build");
1792 #endif /* CONFIG_MESH */
1793 return;
1794 }
1795
1796 #ifdef CONFIG_TDLS
1797 if (bss)
1798 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1799 bss->ie_len);
1800 #endif /* CONFIG_TDLS */
1801
1802 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1803 ssid->mode == IEEE80211_MODE_INFRA) {
1804 sme_authenticate(wpa_s, bss, ssid);
1805 return;
1806 }
1807
1808 if (wpa_s->connect_work) {
1809 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1810 return;
1811 }
1812
1813 if (radio_work_pending(wpa_s, "connect")) {
1814 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1815 return;
1816 }
1817
1818 #ifdef CONFIG_SME
1819 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
1820 /* Clear possibly set auth_alg, if any, from last attempt. */
1821 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
1822 }
1823 #endif /* CONFIG_SME */
1824
1825 wpas_abort_ongoing_scan(wpa_s);
1826
1827 cwork = os_zalloc(sizeof(*cwork));
1828 if (cwork == NULL)
1829 return;
1830
1831 cwork->bss = bss;
1832 cwork->ssid = ssid;
1833
1834 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1835 wpas_start_assoc_cb, cwork) < 0) {
1836 os_free(cwork);
1837 }
1838 }
1839
1840
1841 static int bss_is_ibss(struct wpa_bss *bss)
1842 {
1843 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1844 IEEE80211_CAP_IBSS;
1845 }
1846
1847
1848 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1849 const struct wpa_ssid *ssid)
1850 {
1851 enum hostapd_hw_mode hw_mode;
1852 struct hostapd_hw_modes *mode = NULL;
1853 u8 channel;
1854 int i;
1855
1856 #ifdef CONFIG_HT_OVERRIDES
1857 if (ssid->disable_ht)
1858 return 0;
1859 #endif /* CONFIG_HT_OVERRIDES */
1860
1861 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1862 if (hw_mode == NUM_HOSTAPD_MODES)
1863 return 0;
1864 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1865 if (wpa_s->hw.modes[i].mode == hw_mode) {
1866 mode = &wpa_s->hw.modes[i];
1867 break;
1868 }
1869 }
1870
1871 if (!mode)
1872 return 0;
1873
1874 return mode->vht_capab != 0;
1875 }
1876
1877
1878 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1879 const struct wpa_ssid *ssid,
1880 struct hostapd_freq_params *freq)
1881 {
1882 enum hostapd_hw_mode hw_mode;
1883 struct hostapd_hw_modes *mode = NULL;
1884 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1885 184, 192 };
1886 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1887 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1888 u8 channel;
1889 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1890 unsigned int j, k;
1891 struct hostapd_freq_params vht_freq;
1892 int chwidth, seg0, seg1;
1893 u32 vht_caps = 0;
1894
1895 freq->freq = ssid->frequency;
1896
1897 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1898 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1899
1900 if (ssid->mode != WPAS_MODE_IBSS)
1901 break;
1902
1903 /* Don't adjust control freq in case of fixed_freq */
1904 if (ssid->fixed_freq)
1905 break;
1906
1907 if (!bss_is_ibss(bss))
1908 continue;
1909
1910 if (ssid->ssid_len == bss->ssid_len &&
1911 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1912 wpa_printf(MSG_DEBUG,
1913 "IBSS already found in scan results, adjust control freq: %d",
1914 bss->freq);
1915 freq->freq = bss->freq;
1916 obss_scan = 0;
1917 break;
1918 }
1919 }
1920
1921 /* For IBSS check HT_IBSS flag */
1922 if (ssid->mode == WPAS_MODE_IBSS &&
1923 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1924 return;
1925
1926 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1927 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1928 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1929 wpa_printf(MSG_DEBUG,
1930 "IBSS: WEP/TKIP detected, do not try to enable HT");
1931 return;
1932 }
1933
1934 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1935 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1936 if (wpa_s->hw.modes[i].mode == hw_mode) {
1937 mode = &wpa_s->hw.modes[i];
1938 break;
1939 }
1940 }
1941
1942 if (!mode)
1943 return;
1944
1945 #ifdef CONFIG_HT_OVERRIDES
1946 if (ssid->disable_ht) {
1947 freq->ht_enabled = 0;
1948 return;
1949 }
1950 #endif /* CONFIG_HT_OVERRIDES */
1951
1952 freq->ht_enabled = ht_supported(mode);
1953 if (!freq->ht_enabled)
1954 return;
1955
1956 /* Setup higher BW only for 5 GHz */
1957 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1958 return;
1959
1960 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1961 pri_chan = &mode->channels[chan_idx];
1962 if (pri_chan->chan == channel)
1963 break;
1964 pri_chan = NULL;
1965 }
1966 if (!pri_chan)
1967 return;
1968
1969 /* Check primary channel flags */
1970 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1971 return;
1972
1973 #ifdef CONFIG_HT_OVERRIDES
1974 if (ssid->disable_ht40)
1975 return;
1976 #endif /* CONFIG_HT_OVERRIDES */
1977
1978 /* Check/setup HT40+/HT40- */
1979 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1980 if (ht40plus[j] == channel) {
1981 ht40 = 1;
1982 break;
1983 }
1984 }
1985
1986 /* Find secondary channel */
1987 for (i = 0; i < mode->num_channels; i++) {
1988 sec_chan = &mode->channels[i];
1989 if (sec_chan->chan == channel + ht40 * 4)
1990 break;
1991 sec_chan = NULL;
1992 }
1993 if (!sec_chan)
1994 return;
1995
1996 /* Check secondary channel flags */
1997 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1998 return;
1999
2000 freq->channel = pri_chan->chan;
2001
2002 if (ht40 == -1) {
2003 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2004 return;
2005 } else {
2006 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2007 return;
2008 }
2009 freq->sec_channel_offset = ht40;
2010
2011 if (obss_scan) {
2012 struct wpa_scan_results *scan_res;
2013
2014 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2015 if (scan_res == NULL) {
2016 /* Back to HT20 */
2017 freq->sec_channel_offset = 0;
2018 return;
2019 }
2020
2021 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2022 sec_chan->chan);
2023 switch (res) {
2024 case 0:
2025 /* Back to HT20 */
2026 freq->sec_channel_offset = 0;
2027 break;
2028 case 1:
2029 /* Configuration allowed */
2030 break;
2031 case 2:
2032 /* Switch pri/sec channels */
2033 freq->freq = hw_get_freq(mode, sec_chan->chan);
2034 freq->sec_channel_offset = -freq->sec_channel_offset;
2035 freq->channel = sec_chan->chan;
2036 break;
2037 default:
2038 freq->sec_channel_offset = 0;
2039 break;
2040 }
2041
2042 wpa_scan_results_free(scan_res);
2043 }
2044
2045 wpa_printf(MSG_DEBUG,
2046 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2047 freq->channel, freq->sec_channel_offset);
2048
2049 if (!drv_supports_vht(wpa_s, ssid))
2050 return;
2051
2052 /* For IBSS check VHT_IBSS flag */
2053 if (ssid->mode == WPAS_MODE_IBSS &&
2054 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2055 return;
2056
2057 vht_freq = *freq;
2058
2059 vht_freq.vht_enabled = vht_supported(mode);
2060 if (!vht_freq.vht_enabled)
2061 return;
2062
2063 /* setup center_freq1, bandwidth */
2064 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2065 if (freq->channel >= vht80[j] &&
2066 freq->channel < vht80[j] + 16)
2067 break;
2068 }
2069
2070 if (j == ARRAY_SIZE(vht80))
2071 return;
2072
2073 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2074 struct hostapd_channel_data *chan;
2075
2076 chan = hw_get_channel_chan(mode, i, NULL);
2077 if (!chan)
2078 return;
2079
2080 /* Back to HT configuration if channel not usable */
2081 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2082 return;
2083 }
2084
2085 chwidth = VHT_CHANWIDTH_80MHZ;
2086 seg0 = vht80[j] + 6;
2087 seg1 = 0;
2088
2089 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2090 /* setup center_freq2, bandwidth */
2091 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2092 /* Only accept 80 MHz segments separated by a gap */
2093 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2094 continue;
2095 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2096 struct hostapd_channel_data *chan;
2097
2098 chan = hw_get_channel_chan(mode, i, NULL);
2099 if (!chan)
2100 continue;
2101
2102 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2103 HOSTAPD_CHAN_NO_IR |
2104 HOSTAPD_CHAN_RADAR))
2105 continue;
2106
2107 /* Found a suitable second segment for 80+80 */
2108 chwidth = VHT_CHANWIDTH_80P80MHZ;
2109 vht_caps |=
2110 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2111 seg1 = vht80[k] + 6;
2112 }
2113
2114 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2115 break;
2116 }
2117 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2118 if (freq->freq == 5180) {
2119 chwidth = VHT_CHANWIDTH_160MHZ;
2120 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2121 seg0 = 50;
2122 } else if (freq->freq == 5520) {
2123 chwidth = VHT_CHANWIDTH_160MHZ;
2124 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2125 seg0 = 114;
2126 }
2127 }
2128
2129 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2130 freq->channel, freq->ht_enabled,
2131 vht_freq.vht_enabled,
2132 freq->sec_channel_offset,
2133 chwidth, seg0, seg1, vht_caps) != 0)
2134 return;
2135
2136 *freq = vht_freq;
2137
2138 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2139 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2140 }
2141
2142
2143 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2144 {
2145 struct wpa_connect_work *cwork = work->ctx;
2146 struct wpa_bss *bss = cwork->bss;
2147 struct wpa_ssid *ssid = cwork->ssid;
2148 struct wpa_supplicant *wpa_s = work->wpa_s;
2149 u8 wpa_ie[200];
2150 size_t wpa_ie_len;
2151 int use_crypt, ret, i, bssid_changed;
2152 int algs = WPA_AUTH_ALG_OPEN;
2153 unsigned int cipher_pairwise, cipher_group;
2154 struct wpa_driver_associate_params params;
2155 int wep_keys_set = 0;
2156 int assoc_failed = 0;
2157 struct wpa_ssid *old_ssid;
2158 u8 prev_bssid[ETH_ALEN];
2159 #ifdef CONFIG_HT_OVERRIDES
2160 struct ieee80211_ht_capabilities htcaps;
2161 struct ieee80211_ht_capabilities htcaps_mask;
2162 #endif /* CONFIG_HT_OVERRIDES */
2163 #ifdef CONFIG_VHT_OVERRIDES
2164 struct ieee80211_vht_capabilities vhtcaps;
2165 struct ieee80211_vht_capabilities vhtcaps_mask;
2166 #endif /* CONFIG_VHT_OVERRIDES */
2167
2168 if (deinit) {
2169 if (work->started) {
2170 wpa_s->connect_work = NULL;
2171
2172 /* cancel possible auth. timeout */
2173 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2174 NULL);
2175 }
2176 wpas_connect_work_free(cwork);
2177 return;
2178 }
2179
2180 wpa_s->connect_work = work;
2181
2182 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2183 wpas_network_disabled(wpa_s, ssid)) {
2184 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2185 wpas_connect_work_done(wpa_s);
2186 return;
2187 }
2188
2189 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2190 os_memset(&params, 0, sizeof(params));
2191 wpa_s->reassociate = 0;
2192 wpa_s->eap_expected_failure = 0;
2193 if (bss &&
2194 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2195 #ifdef CONFIG_IEEE80211R
2196 const u8 *ie, *md = NULL;
2197 #endif /* CONFIG_IEEE80211R */
2198 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2199 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2200 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2201 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2202 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2203 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2204 if (bssid_changed)
2205 wpas_notify_bssid_changed(wpa_s);
2206 #ifdef CONFIG_IEEE80211R
2207 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2208 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2209 md = ie + 2;
2210 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2211 if (md) {
2212 /* Prepare for the next transition */
2213 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2214 }
2215 #endif /* CONFIG_IEEE80211R */
2216 #ifdef CONFIG_WPS
2217 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2218 wpa_s->conf->ap_scan == 2 &&
2219 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2220 /* Use ap_scan==1 style network selection to find the network
2221 */
2222 wpas_connect_work_done(wpa_s);
2223 wpa_s->scan_req = MANUAL_SCAN_REQ;
2224 wpa_s->reassociate = 1;
2225 wpa_supplicant_req_scan(wpa_s, 0, 0);
2226 return;
2227 #endif /* CONFIG_WPS */
2228 } else {
2229 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2230 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2231 if (bss)
2232 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2233 else
2234 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2235 }
2236 if (!wpa_s->pno)
2237 wpa_supplicant_cancel_sched_scan(wpa_s);
2238
2239 wpa_supplicant_cancel_scan(wpa_s);
2240
2241 /* Starting new association, so clear the possibly used WPA IE from the
2242 * previous association. */
2243 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2244
2245 #ifdef IEEE8021X_EAPOL
2246 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2247 if (ssid->leap) {
2248 if (ssid->non_leap == 0)
2249 algs = WPA_AUTH_ALG_LEAP;
2250 else
2251 algs |= WPA_AUTH_ALG_LEAP;
2252 }
2253 }
2254 #endif /* IEEE8021X_EAPOL */
2255 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2256 if (ssid->auth_alg) {
2257 algs = ssid->auth_alg;
2258 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2259 "0x%x", algs);
2260 }
2261
2262 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2263 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2264 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2265 int try_opportunistic;
2266 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2267 wpa_s->conf->okc :
2268 ssid->proactive_key_caching) &&
2269 (ssid->proto & WPA_PROTO_RSN);
2270 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2271 ssid, try_opportunistic) == 0)
2272 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2273 wpa_ie_len = sizeof(wpa_ie);
2274 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2275 wpa_ie, &wpa_ie_len)) {
2276 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2277 "key management and encryption suites");
2278 wpas_connect_work_done(wpa_s);
2279 return;
2280 }
2281 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2282 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2283 /*
2284 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2285 * use non-WPA since the scan results did not indicate that the
2286 * AP is using WPA or WPA2.
2287 */
2288 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2289 wpa_ie_len = 0;
2290 wpa_s->wpa_proto = 0;
2291 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2292 wpa_ie_len = sizeof(wpa_ie);
2293 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2294 wpa_ie, &wpa_ie_len)) {
2295 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2296 "key management and encryption suites (no "
2297 "scan results)");
2298 wpas_connect_work_done(wpa_s);
2299 return;
2300 }
2301 #ifdef CONFIG_WPS
2302 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2303 struct wpabuf *wps_ie;
2304 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2305 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2306 wpa_ie_len = wpabuf_len(wps_ie);
2307 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2308 } else
2309 wpa_ie_len = 0;
2310 wpabuf_free(wps_ie);
2311 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2312 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2313 params.wps = WPS_MODE_PRIVACY;
2314 else
2315 params.wps = WPS_MODE_OPEN;
2316 wpa_s->wpa_proto = 0;
2317 #endif /* CONFIG_WPS */
2318 } else {
2319 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2320 wpa_ie_len = 0;
2321 wpa_s->wpa_proto = 0;
2322 }
2323
2324 #ifdef CONFIG_P2P
2325 if (wpa_s->global->p2p) {
2326 u8 *pos;
2327 size_t len;
2328 int res;
2329 pos = wpa_ie + wpa_ie_len;
2330 len = sizeof(wpa_ie) - wpa_ie_len;
2331 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2332 ssid->p2p_group);
2333 if (res >= 0)
2334 wpa_ie_len += res;
2335 }
2336
2337 wpa_s->cross_connect_disallowed = 0;
2338 if (bss) {
2339 struct wpabuf *p2p;
2340 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2341 if (p2p) {
2342 wpa_s->cross_connect_disallowed =
2343 p2p_get_cross_connect_disallowed(p2p);
2344 wpabuf_free(p2p);
2345 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2346 "connection",
2347 wpa_s->cross_connect_disallowed ?
2348 "disallows" : "allows");
2349 }
2350 }
2351
2352 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2353 #endif /* CONFIG_P2P */
2354
2355 if (bss) {
2356 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2357 wpa_ie + wpa_ie_len,
2358 sizeof(wpa_ie) -
2359 wpa_ie_len);
2360 }
2361
2362 /*
2363 * Workaround: Add Extended Capabilities element only if the AP
2364 * included this element in Beacon/Probe Response frames. Some older
2365 * APs seem to have interoperability issues if this element is
2366 * included, so while the standard may require us to include the
2367 * element in all cases, it is justifiable to skip it to avoid
2368 * interoperability issues.
2369 */
2370 if (ssid->p2p_group)
2371 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2372 else
2373 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2374
2375 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2376 u8 ext_capab[18];
2377 int ext_capab_len;
2378 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2379 sizeof(ext_capab));
2380 if (ext_capab_len > 0) {
2381 u8 *pos = wpa_ie;
2382 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2383 pos += 2 + pos[1];
2384 os_memmove(pos + ext_capab_len, pos,
2385 wpa_ie_len - (pos - wpa_ie));
2386 wpa_ie_len += ext_capab_len;
2387 os_memcpy(pos, ext_capab, ext_capab_len);
2388 }
2389 }
2390
2391 #ifdef CONFIG_HS20
2392 if (is_hs20_network(wpa_s, ssid, bss)) {
2393 struct wpabuf *hs20;
2394
2395 hs20 = wpabuf_alloc(20);
2396 if (hs20) {
2397 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2398 size_t len;
2399
2400 wpas_hs20_add_indication(hs20, pps_mo_id);
2401 len = sizeof(wpa_ie) - wpa_ie_len;
2402 if (wpabuf_len(hs20) <= len) {
2403 os_memcpy(wpa_ie + wpa_ie_len,
2404 wpabuf_head(hs20), wpabuf_len(hs20));
2405 wpa_ie_len += wpabuf_len(hs20);
2406 }
2407 wpabuf_free(hs20);
2408
2409 hs20_configure_frame_filters(wpa_s);
2410 }
2411 }
2412 #endif /* CONFIG_HS20 */
2413
2414 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2415 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2416 size_t len;
2417
2418 len = sizeof(wpa_ie) - wpa_ie_len;
2419 if (wpabuf_len(buf) <= len) {
2420 os_memcpy(wpa_ie + wpa_ie_len,
2421 wpabuf_head(buf), wpabuf_len(buf));
2422 wpa_ie_len += wpabuf_len(buf);
2423 }
2424 }
2425
2426 #ifdef CONFIG_FST
2427 if (wpa_s->fst_ies) {
2428 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2429
2430 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2431 os_memcpy(wpa_ie + wpa_ie_len,
2432 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2433 wpa_ie_len += fst_ies_len;
2434 }
2435 }
2436 #endif /* CONFIG_FST */
2437
2438 #ifdef CONFIG_MBO
2439 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
2440 int len;
2441
2442 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2443 sizeof(wpa_ie) - wpa_ie_len);
2444 if (len >= 0)
2445 wpa_ie_len += len;
2446 }
2447 #endif /* CONFIG_MBO */
2448
2449 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2450 use_crypt = 1;
2451 cipher_pairwise = wpa_s->pairwise_cipher;
2452 cipher_group = wpa_s->group_cipher;
2453 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2454 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2455 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2456 use_crypt = 0;
2457 if (wpa_set_wep_keys(wpa_s, ssid)) {
2458 use_crypt = 1;
2459 wep_keys_set = 1;
2460 }
2461 }
2462 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2463 use_crypt = 0;
2464
2465 #ifdef IEEE8021X_EAPOL
2466 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2467 if ((ssid->eapol_flags &
2468 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2469 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2470 !wep_keys_set) {
2471 use_crypt = 0;
2472 } else {
2473 /* Assume that dynamic WEP-104 keys will be used and
2474 * set cipher suites in order for drivers to expect
2475 * encryption. */
2476 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2477 }
2478 }
2479 #endif /* IEEE8021X_EAPOL */
2480
2481 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2482 /* Set the key before (and later after) association */
2483 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2484 }
2485
2486 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2487 if (bss) {
2488 params.ssid = bss->ssid;
2489 params.ssid_len = bss->ssid_len;
2490 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2491 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
2492 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2493 MACSTR " freq=%u MHz based on scan results "
2494 "(bssid_set=%d wps=%d)",
2495 MAC2STR(bss->bssid), bss->freq,
2496 ssid->bssid_set,
2497 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
2498 params.bssid = bss->bssid;
2499 params.freq.freq = bss->freq;
2500 }
2501 params.bssid_hint = bss->bssid;
2502 params.freq_hint = bss->freq;
2503 params.pbss = bss_is_pbss(bss);
2504 } else {
2505 params.ssid = ssid->ssid;
2506 params.ssid_len = ssid->ssid_len;
2507 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2508 }
2509
2510 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2511 wpa_s->conf->ap_scan == 2) {
2512 params.bssid = ssid->bssid;
2513 params.fixed_bssid = 1;
2514 }
2515
2516 /* Initial frequency for IBSS/mesh */
2517 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2518 ssid->frequency > 0 && params.freq.freq == 0)
2519 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2520
2521 if (ssid->mode == WPAS_MODE_IBSS) {
2522 params.fixed_freq = ssid->fixed_freq;
2523 if (ssid->beacon_int)
2524 params.beacon_int = ssid->beacon_int;
2525 else
2526 params.beacon_int = wpa_s->conf->beacon_int;
2527 }
2528
2529 params.wpa_ie = wpa_ie;
2530 params.wpa_ie_len = wpa_ie_len;
2531 params.pairwise_suite = cipher_pairwise;
2532 params.group_suite = cipher_group;
2533 params.key_mgmt_suite = wpa_s->key_mgmt;
2534 params.wpa_proto = wpa_s->wpa_proto;
2535 params.auth_alg = algs;
2536 params.mode = ssid->mode;
2537 params.bg_scan_period = ssid->bg_scan_period;
2538 for (i = 0; i < NUM_WEP_KEYS; i++) {
2539 if (ssid->wep_key_len[i])
2540 params.wep_key[i] = ssid->wep_key[i];
2541 params.wep_key_len[i] = ssid->wep_key_len[i];
2542 }
2543 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2544
2545 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2546 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2547 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2548 params.passphrase = ssid->passphrase;
2549 if (ssid->psk_set)
2550 params.psk = ssid->psk;
2551 }
2552
2553 if (wpa_s->conf->key_mgmt_offload) {
2554 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2555 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2556 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2557 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2558 params.req_key_mgmt_offload =
2559 ssid->proactive_key_caching < 0 ?
2560 wpa_s->conf->okc : ssid->proactive_key_caching;
2561 else
2562 params.req_key_mgmt_offload = 1;
2563
2564 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2565 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2566 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2567 ssid->psk_set)
2568 params.psk = ssid->psk;
2569 }
2570
2571 params.drop_unencrypted = use_crypt;
2572
2573 #ifdef CONFIG_IEEE80211W
2574 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2575 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2576 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2577 struct wpa_ie_data ie;
2578 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2579 ie.capabilities &
2580 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2581 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2582 "MFP: require MFP");
2583 params.mgmt_frame_protection =
2584 MGMT_FRAME_PROTECTION_REQUIRED;
2585 }
2586 }
2587 #endif /* CONFIG_IEEE80211W */
2588
2589 params.p2p = ssid->p2p_group;
2590
2591 if (wpa_s->p2pdev->set_sta_uapsd)
2592 params.uapsd = wpa_s->p2pdev->sta_uapsd;
2593 else
2594 params.uapsd = -1;
2595
2596 #ifdef CONFIG_HT_OVERRIDES
2597 os_memset(&htcaps, 0, sizeof(htcaps));
2598 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2599 params.htcaps = (u8 *) &htcaps;
2600 params.htcaps_mask = (u8 *) &htcaps_mask;
2601 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
2602 #endif /* CONFIG_HT_OVERRIDES */
2603 #ifdef CONFIG_VHT_OVERRIDES
2604 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2605 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2606 params.vhtcaps = &vhtcaps;
2607 params.vhtcaps_mask = &vhtcaps_mask;
2608 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
2609 #endif /* CONFIG_VHT_OVERRIDES */
2610
2611 #ifdef CONFIG_P2P
2612 /*
2613 * If multi-channel concurrency is not supported, check for any
2614 * frequency conflict. In case of any frequency conflict, remove the
2615 * least prioritized connection.
2616 */
2617 if (wpa_s->num_multichan_concurrent < 2) {
2618 int freq, num;
2619 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2620 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2621 wpa_printf(MSG_DEBUG,
2622 "Assoc conflicting freq found (%d != %d)",
2623 freq, params.freq.freq);
2624 if (wpas_p2p_handle_frequency_conflicts(
2625 wpa_s, params.freq.freq, ssid) < 0) {
2626 wpas_connect_work_done(wpa_s);
2627 return;
2628 }
2629 }
2630 }
2631 #endif /* CONFIG_P2P */
2632
2633 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
2634 wpa_s->current_ssid)
2635 params.prev_bssid = prev_bssid;
2636
2637 ret = wpa_drv_associate(wpa_s, &params);
2638 if (ret < 0) {
2639 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2640 "failed");
2641 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2642 /*
2643 * The driver is known to mean what is saying, so we
2644 * can stop right here; the association will not
2645 * succeed.
2646 */
2647 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2648 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2649 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2650 return;
2651 }
2652 /* try to continue anyway; new association will be tried again
2653 * after timeout */
2654 assoc_failed = 1;
2655 }
2656
2657 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2658 /* Set the key after the association just in case association
2659 * cleared the previously configured key. */
2660 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2661 /* No need to timeout authentication since there is no key
2662 * management. */
2663 wpa_supplicant_cancel_auth_timeout(wpa_s);
2664 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2665 #ifdef CONFIG_IBSS_RSN
2666 } else if (ssid->mode == WPAS_MODE_IBSS &&
2667 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2668 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2669 /*
2670 * RSN IBSS authentication is per-STA and we can disable the
2671 * per-BSSID authentication.
2672 */
2673 wpa_supplicant_cancel_auth_timeout(wpa_s);
2674 #endif /* CONFIG_IBSS_RSN */
2675 } else {
2676 /* Timeout for IEEE 802.11 authentication and association */
2677 int timeout = 60;
2678
2679 if (assoc_failed) {
2680 /* give IBSS a bit more time */
2681 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2682 } else if (wpa_s->conf->ap_scan == 1) {
2683 /* give IBSS a bit more time */
2684 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2685 }
2686 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2687 }
2688
2689 if (wep_keys_set &&
2690 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2691 /* Set static WEP keys again */
2692 wpa_set_wep_keys(wpa_s, ssid);
2693 }
2694
2695 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2696 /*
2697 * Do not allow EAP session resumption between different
2698 * network configurations.
2699 */
2700 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2701 }
2702 old_ssid = wpa_s->current_ssid;
2703 wpa_s->current_ssid = ssid;
2704
2705 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2706 wpa_s->current_bss = bss;
2707 #ifdef CONFIG_HS20
2708 hs20_configure_frame_filters(wpa_s);
2709 #endif /* CONFIG_HS20 */
2710 }
2711
2712 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2713 wpa_supplicant_initiate_eapol(wpa_s);
2714 if (old_ssid != wpa_s->current_ssid)
2715 wpas_notify_network_changed(wpa_s);
2716 }
2717
2718
2719 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2720 const u8 *addr)
2721 {
2722 struct wpa_ssid *old_ssid;
2723
2724 wpas_connect_work_done(wpa_s);
2725 wpa_clear_keys(wpa_s, addr);
2726 old_ssid = wpa_s->current_ssid;
2727 wpa_supplicant_mark_disassoc(wpa_s);
2728 wpa_sm_set_config(wpa_s->wpa, NULL);
2729 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2730 if (old_ssid != wpa_s->current_ssid)
2731 wpas_notify_network_changed(wpa_s);
2732 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2733 }
2734
2735
2736 /**
2737 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2738 * @wpa_s: Pointer to wpa_supplicant data
2739 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2740 *
2741 * This function is used to request %wpa_supplicant to deauthenticate from the
2742 * current AP.
2743 */
2744 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2745 int reason_code)
2746 {
2747 u8 *addr = NULL;
2748 union wpa_event_data event;
2749 int zero_addr = 0;
2750
2751 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2752 " pending_bssid=" MACSTR " reason=%d state=%s",
2753 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2754 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2755
2756 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2757 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2758 wpa_s->wpa_state == WPA_ASSOCIATING))
2759 addr = wpa_s->pending_bssid;
2760 else if (!is_zero_ether_addr(wpa_s->bssid))
2761 addr = wpa_s->bssid;
2762 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2763 /*
2764 * When using driver-based BSS selection, we may not know the
2765 * BSSID with which we are currently trying to associate. We
2766 * need to notify the driver of this disconnection even in such
2767 * a case, so use the all zeros address here.
2768 */
2769 addr = wpa_s->bssid;
2770 zero_addr = 1;
2771 }
2772
2773 #ifdef CONFIG_TDLS
2774 wpa_tdls_teardown_peers(wpa_s->wpa);
2775 #endif /* CONFIG_TDLS */
2776
2777 #ifdef CONFIG_MESH
2778 if (wpa_s->ifmsh) {
2779 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2780 wpa_s->ifname);
2781 wpa_supplicant_leave_mesh(wpa_s);
2782 }
2783 #endif /* CONFIG_MESH */
2784
2785 if (addr) {
2786 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2787 os_memset(&event, 0, sizeof(event));
2788 event.deauth_info.reason_code = (u16) reason_code;
2789 event.deauth_info.locally_generated = 1;
2790 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2791 if (zero_addr)
2792 addr = NULL;
2793 }
2794
2795 wpa_supplicant_clear_connection(wpa_s, addr);
2796 }
2797
2798 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2799 struct wpa_ssid *ssid)
2800 {
2801 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2802 return;
2803
2804 ssid->disabled = 0;
2805 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2806 wpas_notify_network_enabled_changed(wpa_s, ssid);
2807
2808 /*
2809 * Try to reassociate since there is no current configuration and a new
2810 * network was made available.
2811 */
2812 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2813 wpa_s->reassociate = 1;
2814 }
2815
2816
2817 /**
2818 * wpa_supplicant_add_network - Add a new network
2819 * @wpa_s: wpa_supplicant structure for a network interface
2820 * Returns: The new network configuration or %NULL if operation failed
2821 *
2822 * This function performs the following operations:
2823 * 1. Adds a new network.
2824 * 2. Send network addition notification.
2825 * 3. Marks the network disabled.
2826 * 4. Set network default parameters.
2827 */
2828 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
2829 {
2830 struct wpa_ssid *ssid;
2831
2832 ssid = wpa_config_add_network(wpa_s->conf);
2833 if (!ssid)
2834 return NULL;
2835 wpas_notify_network_added(wpa_s, ssid);
2836 ssid->disabled = 1;
2837 wpa_config_set_network_defaults(ssid);
2838
2839 return ssid;
2840 }
2841
2842
2843 /**
2844 * wpa_supplicant_remove_network - Remove a configured network based on id
2845 * @wpa_s: wpa_supplicant structure for a network interface
2846 * @id: Unique network id to search for
2847 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
2848 * could not be removed
2849 *
2850 * This function performs the following operations:
2851 * 1. Removes the network.
2852 * 2. Send network removal notification.
2853 * 3. Update internal state machines.
2854 * 4. Stop any running sched scans.
2855 */
2856 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
2857 {
2858 struct wpa_ssid *ssid;
2859 int was_disabled;
2860
2861 ssid = wpa_config_get_network(wpa_s->conf, id);
2862 if (!ssid)
2863 return -1;
2864 wpas_notify_network_removed(wpa_s, ssid);
2865
2866 if (wpa_s->last_ssid == ssid)
2867 wpa_s->last_ssid = NULL;
2868
2869 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
2870 #ifdef CONFIG_SME
2871 wpa_s->sme.prev_bssid_set = 0;
2872 #endif /* CONFIG_SME */
2873 /*
2874 * Invalidate the EAP session cache if the current or
2875 * previously used network is removed.
2876 */
2877 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2878 }
2879
2880 if (ssid == wpa_s->current_ssid) {
2881 wpa_sm_set_config(wpa_s->wpa, NULL);
2882 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2883
2884 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2885 wpa_s->own_disconnect_req = 1;
2886 wpa_supplicant_deauthenticate(wpa_s,
2887 WLAN_REASON_DEAUTH_LEAVING);
2888 }
2889
2890 was_disabled = ssid->disabled;
2891
2892 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
2893 return -2;
2894
2895 if (!was_disabled && wpa_s->sched_scanning) {
2896 wpa_printf(MSG_DEBUG,
2897 "Stop ongoing sched_scan to remove network from filters");
2898 wpa_supplicant_cancel_sched_scan(wpa_s);
2899 wpa_supplicant_req_scan(wpa_s, 0, 0);
2900 }
2901
2902 return 0;
2903 }
2904
2905
2906 /**
2907 * wpa_supplicant_enable_network - Mark a configured network as enabled
2908 * @wpa_s: wpa_supplicant structure for a network interface
2909 * @ssid: wpa_ssid structure for a configured network or %NULL
2910 *
2911 * Enables the specified network or all networks if no network specified.
2912 */
2913 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2914 struct wpa_ssid *ssid)
2915 {
2916 if (ssid == NULL) {
2917 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2918 wpa_supplicant_enable_one_network(wpa_s, ssid);
2919 } else
2920 wpa_supplicant_enable_one_network(wpa_s, ssid);
2921
2922 if (wpa_s->reassociate && !wpa_s->disconnected &&
2923 (!wpa_s->current_ssid ||
2924 wpa_s->wpa_state == WPA_DISCONNECTED ||
2925 wpa_s->wpa_state == WPA_SCANNING)) {
2926 if (wpa_s->sched_scanning) {
2927 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2928 "new network to scan filters");
2929 wpa_supplicant_cancel_sched_scan(wpa_s);
2930 }
2931
2932 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2933 wpa_s->scan_req = NORMAL_SCAN_REQ;
2934 wpa_supplicant_req_scan(wpa_s, 0, 0);
2935 }
2936 }
2937 }
2938
2939
2940 /**
2941 * wpa_supplicant_disable_network - Mark a configured network as disabled
2942 * @wpa_s: wpa_supplicant structure for a network interface
2943 * @ssid: wpa_ssid structure for a configured network or %NULL
2944 *
2945 * Disables the specified network or all networks if no network specified.
2946 */
2947 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2948 struct wpa_ssid *ssid)
2949 {
2950 struct wpa_ssid *other_ssid;
2951 int was_disabled;
2952
2953 if (ssid == NULL) {
2954 if (wpa_s->sched_scanning)
2955 wpa_supplicant_cancel_sched_scan(wpa_s);
2956
2957 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2958 other_ssid = other_ssid->next) {
2959 was_disabled = other_ssid->disabled;
2960 if (was_disabled == 2)
2961 continue; /* do not change persistent P2P group
2962 * data */
2963
2964 other_ssid->disabled = 1;
2965
2966 if (was_disabled != other_ssid->disabled)
2967 wpas_notify_network_enabled_changed(
2968 wpa_s, other_ssid);
2969 }
2970 if (wpa_s->current_ssid)
2971 wpa_supplicant_deauthenticate(
2972 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2973 } else if (ssid->disabled != 2) {
2974 if (ssid == wpa_s->current_ssid)
2975 wpa_supplicant_deauthenticate(
2976 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2977
2978 was_disabled = ssid->disabled;
2979
2980 ssid->disabled = 1;
2981
2982 if (was_disabled != ssid->disabled) {
2983 wpas_notify_network_enabled_changed(wpa_s, ssid);
2984 if (wpa_s->sched_scanning) {
2985 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2986 "to remove network from filters");
2987 wpa_supplicant_cancel_sched_scan(wpa_s);
2988 wpa_supplicant_req_scan(wpa_s, 0, 0);
2989 }
2990 }
2991 }
2992 }
2993
2994
2995 /**
2996 * wpa_supplicant_select_network - Attempt association with a network
2997 * @wpa_s: wpa_supplicant structure for a network interface
2998 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2999 */
3000 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3001 struct wpa_ssid *ssid)
3002 {
3003
3004 struct wpa_ssid *other_ssid;
3005 int disconnected = 0;
3006
3007 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
3008 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3009 wpa_s->own_disconnect_req = 1;
3010 wpa_supplicant_deauthenticate(
3011 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3012 disconnected = 1;
3013 }
3014
3015 if (ssid)
3016 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3017
3018 /*
3019 * Mark all other networks disabled or mark all networks enabled if no
3020 * network specified.
3021 */
3022 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3023 other_ssid = other_ssid->next) {
3024 int was_disabled = other_ssid->disabled;
3025 if (was_disabled == 2)
3026 continue; /* do not change persistent P2P group data */
3027
3028 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
3029 if (was_disabled && !other_ssid->disabled)
3030 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
3031
3032 if (was_disabled != other_ssid->disabled)
3033 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
3034 }
3035
3036 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3037 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
3038 /* We are already associated with the selected network */
3039 wpa_printf(MSG_DEBUG, "Already associated with the "
3040 "selected network - do nothing");
3041 return;
3042 }
3043
3044 if (ssid) {
3045 wpa_s->current_ssid = ssid;
3046 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3047 wpa_s->connect_without_scan =
3048 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
3049
3050 /*
3051 * Don't optimize next scan freqs since a new ESS has been
3052 * selected.
3053 */
3054 os_free(wpa_s->next_scan_freqs);
3055 wpa_s->next_scan_freqs = NULL;
3056 } else {
3057 wpa_s->connect_without_scan = NULL;
3058 }
3059
3060 wpa_s->disconnected = 0;
3061 wpa_s->reassociate = 1;
3062
3063 if (wpa_s->connect_without_scan ||
3064 wpa_supplicant_fast_associate(wpa_s) != 1) {
3065 wpa_s->scan_req = NORMAL_SCAN_REQ;
3066 wpas_scan_reset_sched_scan(wpa_s);
3067 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
3068 }
3069
3070 if (ssid)
3071 wpas_notify_network_selected(wpa_s, ssid);
3072 }
3073
3074
3075 /**
3076 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3077 * @wpa_s: wpa_supplicant structure for a network interface
3078 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3079 * @pkcs11_module_path: PKCS #11 module path or NULL
3080 * Returns: 0 on success; -1 on failure
3081 *
3082 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3083 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3084 * module path fails the paths will be reset to the default value (NULL).
3085 */
3086 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3087 const char *pkcs11_engine_path,
3088 const char *pkcs11_module_path)
3089 {
3090 char *pkcs11_engine_path_copy = NULL;
3091 char *pkcs11_module_path_copy = NULL;
3092
3093 if (pkcs11_engine_path != NULL) {
3094 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3095 if (pkcs11_engine_path_copy == NULL)
3096 return -1;
3097 }
3098 if (pkcs11_module_path != NULL) {
3099 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
3100 if (pkcs11_module_path_copy == NULL) {
3101 os_free(pkcs11_engine_path_copy);
3102 return -1;
3103 }
3104 }
3105
3106 os_free(wpa_s->conf->pkcs11_engine_path);
3107 os_free(wpa_s->conf->pkcs11_module_path);
3108 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3109 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3110
3111 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3112 eapol_sm_deinit(wpa_s->eapol);
3113 wpa_s->eapol = NULL;
3114 if (wpa_supplicant_init_eapol(wpa_s)) {
3115 /* Error -> Reset paths to the default value (NULL) once. */
3116 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3117 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3118 NULL);
3119
3120 return -1;
3121 }
3122 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3123
3124 return 0;
3125 }
3126
3127
3128 /**
3129 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3130 * @wpa_s: wpa_supplicant structure for a network interface
3131 * @ap_scan: AP scan mode
3132 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3133 *
3134 */
3135 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3136 {
3137
3138 int old_ap_scan;
3139
3140 if (ap_scan < 0 || ap_scan > 2)
3141 return -1;
3142
3143 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3144 wpa_printf(MSG_INFO,
3145 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3146 }
3147
3148 #ifdef ANDROID
3149 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3150 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3151 wpa_s->wpa_state < WPA_COMPLETED) {
3152 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3153 "associating", wpa_s->conf->ap_scan, ap_scan);
3154 return 0;
3155 }
3156 #endif /* ANDROID */
3157
3158 old_ap_scan = wpa_s->conf->ap_scan;
3159 wpa_s->conf->ap_scan = ap_scan;
3160
3161 if (old_ap_scan != wpa_s->conf->ap_scan)
3162 wpas_notify_ap_scan_changed(wpa_s);
3163
3164 return 0;
3165 }
3166
3167
3168 /**
3169 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3170 * @wpa_s: wpa_supplicant structure for a network interface
3171 * @expire_age: Expiration age in seconds
3172 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3173 *
3174 */
3175 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3176 unsigned int bss_expire_age)
3177 {
3178 if (bss_expire_age < 10) {
3179 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3180 bss_expire_age);
3181 return -1;
3182 }
3183 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3184 bss_expire_age);
3185 wpa_s->conf->bss_expiration_age = bss_expire_age;
3186
3187 return 0;
3188 }
3189
3190
3191 /**
3192 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3193 * @wpa_s: wpa_supplicant structure for a network interface
3194 * @expire_count: number of scans after which an unseen BSS is reclaimed
3195 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3196 *
3197 */
3198 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3199 unsigned int bss_expire_count)
3200 {
3201 if (bss_expire_count < 1) {
3202 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3203 bss_expire_count);
3204 return -1;
3205 }
3206 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3207 bss_expire_count);
3208 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3209
3210 return 0;
3211 }
3212
3213
3214 /**
3215 * wpa_supplicant_set_scan_interval - Set scan interval
3216 * @wpa_s: wpa_supplicant structure for a network interface
3217 * @scan_interval: scan interval in seconds
3218 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3219 *
3220 */
3221 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3222 int scan_interval)
3223 {
3224 if (scan_interval < 0) {
3225 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3226 scan_interval);
3227 return -1;
3228 }
3229 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3230 scan_interval);
3231 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3232
3233 return 0;
3234 }
3235
3236
3237 /**
3238 * wpa_supplicant_set_debug_params - Set global debug params
3239 * @global: wpa_global structure
3240 * @debug_level: debug level
3241 * @debug_timestamp: determines if show timestamp in debug data
3242 * @debug_show_keys: determines if show keys in debug data
3243 * Returns: 0 if succeed or -1 if debug_level has wrong value
3244 */
3245 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3246 int debug_timestamp, int debug_show_keys)
3247 {
3248
3249 int old_level, old_timestamp, old_show_keys;
3250
3251 /* check for allowed debuglevels */
3252 if (debug_level != MSG_EXCESSIVE &&
3253 debug_level != MSG_MSGDUMP &&
3254 debug_level != MSG_DEBUG &&
3255 debug_level != MSG_INFO &&
3256 debug_level != MSG_WARNING &&
3257 debug_level != MSG_ERROR)
3258 return -1;
3259
3260 old_level = wpa_debug_level;
3261 old_timestamp = wpa_debug_timestamp;
3262 old_show_keys = wpa_debug_show_keys;
3263
3264 wpa_debug_level = debug_level;
3265 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3266 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3267
3268 if (wpa_debug_level != old_level)
3269 wpas_notify_debug_level_changed(global);
3270 if (wpa_debug_timestamp != old_timestamp)
3271 wpas_notify_debug_timestamp_changed(global);
3272 if (wpa_debug_show_keys != old_show_keys)
3273 wpas_notify_debug_show_keys_changed(global);
3274
3275 return 0;
3276 }
3277
3278
3279 /**
3280 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3281 * @wpa_s: Pointer to wpa_supplicant data
3282 * Returns: A pointer to the current network structure or %NULL on failure
3283 */
3284 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3285 {
3286 struct wpa_ssid *entry;
3287 u8 ssid[SSID_MAX_LEN];
3288 int res;
3289 size_t ssid_len;
3290 u8 bssid[ETH_ALEN];
3291 int wired;
3292
3293 res = wpa_drv_get_ssid(wpa_s, ssid);
3294 if (res < 0) {
3295 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3296 "driver");
3297 return NULL;
3298 }
3299 ssid_len = res;
3300
3301 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3302 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3303 "driver");
3304 return NULL;
3305 }
3306
3307 wired = wpa_s->conf->ap_scan == 0 &&
3308 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3309
3310 entry = wpa_s->conf->ssid;
3311 while (entry) {
3312 if (!wpas_network_disabled(wpa_s, entry) &&
3313 ((ssid_len == entry->ssid_len &&
3314 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3315 (!entry->bssid_set ||
3316 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3317 return entry;
3318 #ifdef CONFIG_WPS
3319 if (!wpas_network_disabled(wpa_s, entry) &&
3320 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3321 (entry->ssid == NULL || entry->ssid_len == 0) &&
3322 (!entry->bssid_set ||
3323 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3324 return entry;
3325 #endif /* CONFIG_WPS */
3326
3327 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3328 entry->ssid_len == 0 &&
3329 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3330 return entry;
3331
3332 entry = entry->next;
3333 }
3334
3335 return NULL;
3336 }
3337
3338
3339 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3340 {
3341 struct wpa_global *global = wpa_s->global;
3342
3343 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3344 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3345 if (global->drv_priv[i] == NULL) {
3346 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3347 "'%s'", wpa_drivers[i]->name);
3348 return -1;
3349 }
3350 }
3351
3352 wpa_s->driver = wpa_drivers[i];
3353 wpa_s->global_drv_priv = global->drv_priv[i];
3354
3355 return 0;
3356 }
3357
3358
3359 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3360 const char *name)
3361 {
3362 int i;
3363 size_t len;
3364 const char *pos, *driver = name;
3365
3366 if (wpa_s == NULL)
3367 return -1;
3368
3369 if (wpa_drivers[0] == NULL) {
3370 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3371 "wpa_supplicant");
3372 return -1;
3373 }
3374
3375 if (name == NULL) {
3376 /* default to first driver in the list */
3377 return select_driver(wpa_s, 0);
3378 }
3379
3380 do {
3381 pos = os_strchr(driver, ',');
3382 if (pos)
3383 len = pos - driver;
3384 else
3385 len = os_strlen(driver);
3386
3387 for (i = 0; wpa_drivers[i]; i++) {
3388 if (os_strlen(wpa_drivers[i]->name) == len &&
3389 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3390 0) {
3391 /* First driver that succeeds wins */
3392 if (select_driver(wpa_s, i) == 0)
3393 return 0;
3394 }
3395 }
3396
3397 driver = pos + 1;
3398 } while (pos);
3399
3400 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3401 return -1;
3402 }
3403
3404
3405 /**
3406 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3407 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3408 * with struct wpa_driver_ops::init()
3409 * @src_addr: Source address of the EAPOL frame
3410 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3411 * @len: Length of the EAPOL data
3412 *
3413 * This function is called for each received EAPOL frame. Most driver
3414 * interfaces rely on more generic OS mechanism for receiving frames through
3415 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3416 * take care of received EAPOL frames and deliver them to the core supplicant
3417 * code by calling this function.
3418 */
3419 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3420 const u8 *buf, size_t len)
3421 {
3422 struct wpa_supplicant *wpa_s = ctx;
3423
3424 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3425 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3426
3427 #ifdef CONFIG_TESTING_OPTIONS
3428 if (wpa_s->ignore_auth_resp) {
3429 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3430 return;
3431 }
3432 #endif /* CONFIG_TESTING_OPTIONS */
3433
3434 #ifdef CONFIG_PEERKEY
3435 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3436 wpa_s->current_ssid->peerkey &&
3437 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3438 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3439 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3440 return;
3441 }
3442 #endif /* CONFIG_PEERKEY */
3443
3444 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3445 (wpa_s->last_eapol_matches_bssid &&
3446 #ifdef CONFIG_AP
3447 !wpa_s->ap_iface &&
3448 #endif /* CONFIG_AP */
3449 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3450 /*
3451 * There is possible race condition between receiving the
3452 * association event and the EAPOL frame since they are coming
3453 * through different paths from the driver. In order to avoid
3454 * issues in trying to process the EAPOL frame before receiving
3455 * association information, lets queue it for processing until
3456 * the association event is received. This may also be needed in
3457 * driver-based roaming case, so also use src_addr != BSSID as a
3458 * trigger if we have previously confirmed that the
3459 * Authenticator uses BSSID as the src_addr (which is not the
3460 * case with wired IEEE 802.1X).
3461 */
3462 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3463 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3464 wpa_supplicant_state_txt(wpa_s->wpa_state),
3465 MAC2STR(wpa_s->bssid));
3466 wpabuf_free(wpa_s->pending_eapol_rx);
3467 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3468 if (wpa_s->pending_eapol_rx) {
3469 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3470 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3471 ETH_ALEN);
3472 }
3473 return;
3474 }
3475
3476 wpa_s->last_eapol_matches_bssid =
3477 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3478
3479 #ifdef CONFIG_AP
3480 if (wpa_s->ap_iface) {
3481 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3482 return;
3483 }
3484 #endif /* CONFIG_AP */
3485
3486 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3487 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3488 "no key management is configured");
3489 return;
3490 }
3491
3492 if (wpa_s->eapol_received == 0 &&
3493 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3494 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3495 wpa_s->wpa_state != WPA_COMPLETED) &&
3496 (wpa_s->current_ssid == NULL ||
3497 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3498 /* Timeout for completing IEEE 802.1X and WPA authentication */
3499 int timeout = 10;
3500
3501 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3502 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3503 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3504 /* Use longer timeout for IEEE 802.1X/EAP */
3505 timeout = 70;
3506 }
3507
3508 #ifdef CONFIG_WPS
3509 if (wpa_s->current_ssid && wpa_s->current_bss &&
3510 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3511 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3512 /*
3513 * Use shorter timeout if going through WPS AP iteration
3514 * for PIN config method with an AP that does not
3515 * advertise Selected Registrar.
3516 */
3517 struct wpabuf *wps_ie;
3518
3519 wps_ie = wpa_bss_get_vendor_ie_multi(
3520 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3521 if (wps_ie &&
3522 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3523 timeout = 10;
3524 wpabuf_free(wps_ie);
3525 }
3526 #endif /* CONFIG_WPS */
3527
3528 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3529 }
3530 wpa_s->eapol_received++;
3531
3532 if (wpa_s->countermeasures) {
3533 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3534 "EAPOL packet");
3535 return;
3536 }
3537
3538 #ifdef CONFIG_IBSS_RSN
3539 if (wpa_s->current_ssid &&
3540 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3541 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3542 return;
3543 }
3544 #endif /* CONFIG_IBSS_RSN */
3545
3546 /* Source address of the incoming EAPOL frame could be compared to the
3547 * current BSSID. However, it is possible that a centralized
3548 * Authenticator could be using another MAC address than the BSSID of
3549 * an AP, so just allow any address to be used for now. The replies are
3550 * still sent to the current BSSID (if available), though. */
3551
3552 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3553 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3554 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3555 return;
3556 wpa_drv_poll(wpa_s);
3557 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3558 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3559 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3560 /*
3561 * Set portValid = TRUE here since we are going to skip 4-way
3562 * handshake processing which would normally set portValid. We
3563 * need this to allow the EAPOL state machines to be completed
3564 * without going through EAPOL-Key handshake.
3565 */
3566 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3567 }
3568 }
3569
3570
3571 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3572 {
3573 if ((!wpa_s->p2p_mgmt ||
3574 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3575 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3576 l2_packet_deinit(wpa_s->l2);
3577 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3578 wpa_drv_get_mac_addr(wpa_s),
3579 ETH_P_EAPOL,
3580 wpa_supplicant_rx_eapol, wpa_s, 0);
3581 if (wpa_s->l2 == NULL)
3582 return -1;
3583 } else {
3584 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3585 if (addr)
3586 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3587 }
3588
3589 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3590 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3591 return -1;
3592 }
3593
3594 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3595
3596 return 0;
3597 }
3598
3599
3600 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3601 const u8 *buf, size_t len)
3602 {
3603 struct wpa_supplicant *wpa_s = ctx;
3604 const struct l2_ethhdr *eth;
3605
3606 if (len < sizeof(*eth))
3607 return;
3608 eth = (const struct l2_ethhdr *) buf;
3609
3610 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3611 !(eth->h_dest[0] & 0x01)) {
3612 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3613 " (bridge - not for this interface - ignore)",
3614 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3615 return;
3616 }
3617
3618 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3619 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3620 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3621 len - sizeof(*eth));
3622 }
3623
3624
3625 /**
3626 * wpa_supplicant_driver_init - Initialize driver interface parameters
3627 * @wpa_s: Pointer to wpa_supplicant data
3628 * Returns: 0 on success, -1 on failure
3629 *
3630 * This function is called to initialize driver interface parameters.
3631 * wpa_drv_init() must have been called before this function to initialize the
3632 * driver interface.
3633 */
3634 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3635 {
3636 static int interface_count = 0;
3637
3638 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3639 return -1;
3640
3641 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3642 MAC2STR(wpa_s->own_addr));
3643 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3644 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3645
3646 if (wpa_s->bridge_ifname[0]) {
3647 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3648 "interface '%s'", wpa_s->bridge_ifname);
3649 wpa_s->l2_br = l2_packet_init_bridge(
3650 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3651 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3652 if (wpa_s->l2_br == NULL) {
3653 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3654 "connection for the bridge interface '%s'",
3655 wpa_s->bridge_ifname);
3656 return -1;
3657 }
3658 }
3659
3660 if (wpa_s->conf->ap_scan == 2 &&
3661 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3662 wpa_printf(MSG_INFO,
3663 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3664 }
3665
3666 wpa_clear_keys(wpa_s, NULL);
3667
3668 /* Make sure that TKIP countermeasures are not left enabled (could
3669 * happen if wpa_supplicant is killed during countermeasures. */
3670 wpa_drv_set_countermeasures(wpa_s, 0);
3671
3672 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3673 wpa_drv_flush_pmkid(wpa_s);
3674
3675 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3676 wpa_s->prev_scan_wildcard = 0;
3677
3678 if (wpa_supplicant_enabled_networks(wpa_s)) {
3679 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3680 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3681 interface_count = 0;
3682 }
3683 #ifndef ANDROID
3684 if (!wpa_s->p2p_mgmt &&
3685 wpa_supplicant_delayed_sched_scan(wpa_s,
3686 interface_count % 3,
3687 100000))
3688 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3689 100000);
3690 #endif /* ANDROID */
3691 interface_count++;
3692 } else
3693 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3694
3695 return 0;
3696 }
3697
3698
3699 static int wpa_supplicant_daemon(const char *pid_file)
3700 {
3701 wpa_printf(MSG_DEBUG, "Daemonize..");
3702 return os_daemonize(pid_file);
3703 }
3704
3705
3706 static struct wpa_supplicant *
3707 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3708 {
3709 struct wpa_supplicant *wpa_s;
3710
3711 wpa_s = os_zalloc(sizeof(*wpa_s));
3712 if (wpa_s == NULL)
3713 return NULL;
3714 wpa_s->scan_req = INITIAL_SCAN_REQ;
3715 wpa_s->scan_interval = 5;
3716 wpa_s->new_connection = 1;
3717 wpa_s->parent = parent ? parent : wpa_s;
3718 wpa_s->p2pdev = wpa_s->parent;
3719 wpa_s->sched_scanning = 0;
3720
3721 dl_list_init(&wpa_s->bss_tmp_disallowed);
3722
3723 return wpa_s;
3724 }
3725
3726
3727 #ifdef CONFIG_HT_OVERRIDES
3728
3729 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3730 struct ieee80211_ht_capabilities *htcaps,
3731 struct ieee80211_ht_capabilities *htcaps_mask,
3732 const char *ht_mcs)
3733 {
3734 /* parse ht_mcs into hex array */
3735 int i;
3736 const char *tmp = ht_mcs;
3737 char *end = NULL;
3738
3739 /* If ht_mcs is null, do not set anything */
3740 if (!ht_mcs)
3741 return 0;
3742
3743 /* This is what we are setting in the kernel */
3744 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3745
3746 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3747
3748 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3749 errno = 0;
3750 long v = strtol(tmp, &end, 16);
3751 if (errno == 0) {
3752 wpa_msg(wpa_s, MSG_DEBUG,
3753 "htcap value[%i]: %ld end: %p tmp: %p",
3754 i, v, end, tmp);
3755 if (end == tmp)
3756 break;
3757
3758 htcaps->supported_mcs_set[i] = v;
3759 tmp = end;
3760 } else {
3761 wpa_msg(wpa_s, MSG_ERROR,
3762 "Failed to parse ht-mcs: %s, error: %s\n",
3763 ht_mcs, strerror(errno));
3764 return -1;
3765 }
3766 }
3767
3768 /*
3769 * If we were able to parse any values, then set mask for the MCS set.
3770 */
3771 if (i) {
3772 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3773 IEEE80211_HT_MCS_MASK_LEN - 1);
3774 /* skip the 3 reserved bits */
3775 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3776 0x1f;
3777 }
3778
3779 return 0;
3780 }
3781
3782
3783 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3784 struct ieee80211_ht_capabilities *htcaps,
3785 struct ieee80211_ht_capabilities *htcaps_mask,
3786 int disabled)
3787 {
3788 le16 msk;
3789
3790 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3791
3792 if (disabled == -1)
3793 return 0;
3794
3795 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3796 htcaps_mask->ht_capabilities_info |= msk;
3797 if (disabled)
3798 htcaps->ht_capabilities_info &= msk;
3799 else
3800 htcaps->ht_capabilities_info |= msk;
3801
3802 return 0;
3803 }
3804
3805
3806 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3807 struct ieee80211_ht_capabilities *htcaps,
3808 struct ieee80211_ht_capabilities *htcaps_mask,
3809 int factor)
3810 {
3811 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3812
3813 if (factor == -1)
3814 return 0;
3815
3816 if (factor < 0 || factor > 3) {
3817 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3818 "Must be 0-3 or -1", factor);
3819 return -EINVAL;
3820 }
3821
3822 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3823 htcaps->a_mpdu_params &= ~0x3;
3824 htcaps->a_mpdu_params |= factor & 0x3;
3825
3826 return 0;
3827 }
3828
3829
3830 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3831 struct ieee80211_ht_capabilities *htcaps,
3832 struct ieee80211_ht_capabilities *htcaps_mask,
3833 int density)
3834 {
3835 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3836
3837 if (density == -1)
3838 return 0;
3839
3840 if (density < 0 || density > 7) {
3841 wpa_msg(wpa_s, MSG_ERROR,
3842 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3843 density);
3844 return -EINVAL;
3845 }
3846
3847 htcaps_mask->a_mpdu_params |= 0x1C;
3848 htcaps->a_mpdu_params &= ~(0x1C);
3849 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3850
3851 return 0;
3852 }
3853
3854
3855 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3856 struct ieee80211_ht_capabilities *htcaps,
3857 struct ieee80211_ht_capabilities *htcaps_mask,
3858 int disabled)
3859 {
3860 /* Masking these out disables HT40 */
3861 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3862 HT_CAP_INFO_SHORT_GI40MHZ);
3863
3864 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3865
3866 if (disabled)
3867 htcaps->ht_capabilities_info &= ~msk;
3868 else
3869 htcaps->ht_capabilities_info |= msk;
3870
3871 htcaps_mask->ht_capabilities_info |= msk;
3872
3873 return 0;
3874 }
3875
3876
3877 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3878 struct ieee80211_ht_capabilities *htcaps,
3879 struct ieee80211_ht_capabilities *htcaps_mask,
3880 int disabled)
3881 {
3882 /* Masking these out disables SGI */
3883 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3884 HT_CAP_INFO_SHORT_GI40MHZ);
3885
3886 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3887
3888 if (disabled)
3889 htcaps->ht_capabilities_info &= ~msk;
3890 else
3891 htcaps->ht_capabilities_info |= msk;
3892
3893 htcaps_mask->ht_capabilities_info |= msk;
3894
3895 return 0;
3896 }
3897
3898
3899 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3900 struct ieee80211_ht_capabilities *htcaps,
3901 struct ieee80211_ht_capabilities *htcaps_mask,
3902 int disabled)
3903 {
3904 /* Masking these out disables LDPC */
3905 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3906
3907 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3908
3909 if (disabled)
3910 htcaps->ht_capabilities_info &= ~msk;
3911 else
3912 htcaps->ht_capabilities_info |= msk;
3913
3914 htcaps_mask->ht_capabilities_info |= msk;
3915
3916 return 0;
3917 }
3918
3919
3920 void wpa_supplicant_apply_ht_overrides(
3921 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3922 struct wpa_driver_associate_params *params)
3923 {
3924 struct ieee80211_ht_capabilities *htcaps;
3925 struct ieee80211_ht_capabilities *htcaps_mask;
3926
3927 if (!ssid)
3928 return;
3929
3930 params->disable_ht = ssid->disable_ht;
3931 if (!params->htcaps || !params->htcaps_mask)
3932 return;
3933
3934 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3935 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3936 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3937 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3938 ssid->disable_max_amsdu);
3939 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3940 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3941 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3942 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3943 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3944
3945 if (ssid->ht40_intolerant) {
3946 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3947 htcaps->ht_capabilities_info |= bit;
3948 htcaps_mask->ht_capabilities_info |= bit;
3949 }
3950 }
3951
3952 #endif /* CONFIG_HT_OVERRIDES */
3953
3954
3955 #ifdef CONFIG_VHT_OVERRIDES
3956 void wpa_supplicant_apply_vht_overrides(
3957 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3958 struct wpa_driver_associate_params *params)
3959 {
3960 struct ieee80211_vht_capabilities *vhtcaps;
3961 struct ieee80211_vht_capabilities *vhtcaps_mask;
3962
3963 if (!ssid)
3964 return;
3965
3966 params->disable_vht = ssid->disable_vht;
3967
3968 vhtcaps = (void *) params->vhtcaps;
3969 vhtcaps_mask = (void *) params->vhtcaps_mask;
3970
3971 if (!vhtcaps || !vhtcaps_mask)
3972 return;
3973
3974 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
3975 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
3976
3977 #ifdef CONFIG_HT_OVERRIDES
3978 /* if max ampdu is <= 3, we have to make the HT cap the same */
3979 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3980 int max_ampdu;
3981
3982 max_ampdu = (ssid->vht_capa &
3983 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3984 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3985
3986 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3987 wpa_set_ampdu_factor(wpa_s,
3988 (void *) params->htcaps,
3989 (void *) params->htcaps_mask,
3990 max_ampdu);
3991 }
3992 #endif /* CONFIG_HT_OVERRIDES */
3993
3994 #define OVERRIDE_MCS(i) \
3995 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3996 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3997 host_to_le16(3 << 2 * (i - 1)); \
3998 vhtcaps->vht_supported_mcs_set.tx_map |= \
3999 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4000 2 * (i - 1)); \
4001 } \
4002 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4003 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4004 host_to_le16(3 << 2 * (i - 1)); \
4005 vhtcaps->vht_supported_mcs_set.rx_map |= \
4006 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4007 2 * (i - 1)); \
4008 }
4009
4010 OVERRIDE_MCS(1);
4011 OVERRIDE_MCS(2);
4012 OVERRIDE_MCS(3);
4013 OVERRIDE_MCS(4);
4014 OVERRIDE_MCS(5);
4015 OVERRIDE_MCS(6);
4016 OVERRIDE_MCS(7);
4017 OVERRIDE_MCS(8);
4018 }
4019 #endif /* CONFIG_VHT_OVERRIDES */
4020
4021
4022 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4023 {
4024 #ifdef PCSC_FUNCS
4025 size_t len;
4026
4027 if (!wpa_s->conf->pcsc_reader)
4028 return 0;
4029
4030 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
4031 if (!wpa_s->scard)
4032 return 1;
4033
4034 if (wpa_s->conf->pcsc_pin &&
4035 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4036 scard_deinit(wpa_s->scard);
4037 wpa_s->scard = NULL;
4038 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4039 return -1;
4040 }
4041
4042 len = sizeof(wpa_s->imsi) - 1;
4043 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4044 scard_deinit(wpa_s->scard);
4045 wpa_s->scard = NULL;
4046 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4047 return -1;
4048 }
4049 wpa_s->imsi[len] = '\0';
4050
4051 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4052
4053 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4054 wpa_s->imsi, wpa_s->mnc_len);
4055
4056 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4057 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4058 #endif /* PCSC_FUNCS */
4059
4060 return 0;
4061 }
4062
4063
4064 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4065 {
4066 char *val, *pos;
4067
4068 ext_password_deinit(wpa_s->ext_pw);
4069 wpa_s->ext_pw = NULL;
4070 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4071
4072 if (!wpa_s->conf->ext_password_backend)
4073 return 0;
4074
4075 val = os_strdup(wpa_s->conf->ext_password_backend);
4076 if (val == NULL)
4077 return -1;
4078 pos = os_strchr(val, ':');
4079 if (pos)
4080 *pos++ = '\0';
4081
4082 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4083
4084 wpa_s->ext_pw = ext_password_init(val, pos);
4085 os_free(val);
4086 if (wpa_s->ext_pw == NULL) {
4087 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4088 return -1;
4089 }
4090 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4091
4092 return 0;
4093 }
4094
4095
4096 #ifdef CONFIG_FST
4097
4098 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4099 {
4100 struct wpa_supplicant *wpa_s = ctx;
4101
4102 return (is_zero_ether_addr(wpa_s->bssid) ||
4103 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4104 }
4105
4106
4107 static void wpas_fst_get_channel_info_cb(void *ctx,
4108 enum hostapd_hw_mode *hw_mode,
4109 u8 *channel)
4110 {
4111 struct wpa_supplicant *wpa_s = ctx;
4112
4113 if (wpa_s->current_bss) {
4114 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4115 channel);
4116 } else if (wpa_s->hw.num_modes) {
4117 *hw_mode = wpa_s->hw.modes[0].mode;
4118 } else {
4119 WPA_ASSERT(0);
4120 *hw_mode = 0;
4121 }
4122 }
4123
4124
4125 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4126 {
4127 struct wpa_supplicant *wpa_s = ctx;
4128
4129 *modes = wpa_s->hw.modes;
4130 return wpa_s->hw.num_modes;
4131 }
4132
4133
4134 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
4135 {
4136 struct wpa_supplicant *wpa_s = ctx;
4137
4138 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
4139 wpa_s->fst_ies = fst_ies;
4140 }
4141
4142
4143 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4144 {
4145 struct wpa_supplicant *wpa_s = ctx;
4146
4147 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
4148 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
4149 wpa_s->own_addr, wpa_s->bssid,
4150 wpabuf_head(data), wpabuf_len(data),
4151 0);
4152 }
4153
4154
4155 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4156 {
4157 struct wpa_supplicant *wpa_s = ctx;
4158
4159 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4160 return wpa_s->received_mb_ies;
4161 }
4162
4163
4164 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4165 const u8 *buf, size_t size)
4166 {
4167 struct wpa_supplicant *wpa_s = ctx;
4168 struct mb_ies_info info;
4169
4170 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4171
4172 if (!mb_ies_info_by_ies(&info, buf, size)) {
4173 wpabuf_free(wpa_s->received_mb_ies);
4174 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4175 }
4176 }
4177
4178
4179 static const u8 * wpas_fst_get_peer_first(void *ctx,
4180 struct fst_get_peer_ctx **get_ctx,
4181 Boolean mb_only)
4182 {
4183 struct wpa_supplicant *wpa_s = ctx;
4184
4185 *get_ctx = NULL;
4186 if (!is_zero_ether_addr(wpa_s->bssid))
4187 return (wpa_s->received_mb_ies || !mb_only) ?
4188 wpa_s->bssid : NULL;
4189 return NULL;
4190 }
4191
4192
4193 static const u8 * wpas_fst_get_peer_next(void *ctx,
4194 struct fst_get_peer_ctx **get_ctx,
4195 Boolean mb_only)
4196 {
4197 return NULL;
4198 }
4199
4200 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4201 struct fst_wpa_obj *iface_obj)
4202 {
4203 iface_obj->ctx = wpa_s;
4204 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4205 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4206 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4207 iface_obj->set_ies = wpas_fst_set_ies_cb;
4208 iface_obj->send_action = wpas_fst_send_action_cb;
4209 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4210 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4211 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4212 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4213 }
4214 #endif /* CONFIG_FST */
4215
4216 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4217 const struct wpa_driver_capa *capa)
4218 {
4219 struct wowlan_triggers *triggers;
4220 int ret = 0;
4221
4222 if (!wpa_s->conf->wowlan_triggers)
4223 return 0;
4224
4225 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4226 if (triggers) {
4227 ret = wpa_drv_wowlan(wpa_s, triggers);
4228 os_free(triggers);
4229 }
4230 return ret;
4231 }
4232
4233
4234 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4235 {
4236 if (freq < 3000)
4237 return BAND_2_4_GHZ;
4238 if (freq > 50000)
4239 return BAND_60_GHZ;
4240 return BAND_5_GHZ;
4241 }
4242
4243
4244 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4245 {
4246 int i;
4247 unsigned int band = 0;
4248
4249 if (freqs) {
4250 /* freqs are specified for the radio work */
4251 for (i = 0; freqs[i]; i++)
4252 band |= wpas_freq_to_band(freqs[i]);
4253 } else {
4254 /*
4255 * freqs are not specified, implies all
4256 * the supported freqs by HW
4257 */
4258 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4259 if (wpa_s->hw.modes[i].num_channels != 0) {
4260 if (wpa_s->hw.modes[i].mode ==
4261 HOSTAPD_MODE_IEEE80211B ||
4262 wpa_s->hw.modes[i].mode ==
4263 HOSTAPD_MODE_IEEE80211G)
4264 band |= BAND_2_4_GHZ;
4265 else if (wpa_s->hw.modes[i].mode ==
4266 HOSTAPD_MODE_IEEE80211A)
4267 band |= BAND_5_GHZ;
4268 else if (wpa_s->hw.modes[i].mode ==
4269 HOSTAPD_MODE_IEEE80211AD)
4270 band |= BAND_60_GHZ;
4271 else if (wpa_s->hw.modes[i].mode ==
4272 HOSTAPD_MODE_IEEE80211ANY)
4273 band = BAND_2_4_GHZ | BAND_5_GHZ |
4274 BAND_60_GHZ;
4275 }
4276 }
4277 }
4278
4279 return band;
4280 }
4281
4282
4283 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4284 const char *rn)
4285 {
4286 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4287 struct wpa_radio *radio;
4288
4289 while (rn && iface) {
4290 radio = iface->radio;
4291 if (radio && os_strcmp(rn, radio->name) == 0) {
4292 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4293 wpa_s->ifname, rn);
4294 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4295 return radio;
4296 }
4297
4298 iface = iface->next;
4299 }
4300
4301 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4302 wpa_s->ifname, rn ? rn : "N/A");
4303 radio = os_zalloc(sizeof(*radio));
4304 if (radio == NULL)
4305 return NULL;
4306
4307 if (rn)
4308 os_strlcpy(radio->name, rn, sizeof(radio->name));
4309 dl_list_init(&radio->ifaces);
4310 dl_list_init(&radio->work);
4311 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4312
4313 return radio;
4314 }
4315
4316
4317 static void radio_work_free(struct wpa_radio_work *work)
4318 {
4319 if (work->wpa_s->scan_work == work) {
4320 /* This should not really happen. */
4321 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4322 work->type, work, work->started);
4323 work->wpa_s->scan_work = NULL;
4324 }
4325
4326 #ifdef CONFIG_P2P
4327 if (work->wpa_s->p2p_scan_work == work) {
4328 /* This should not really happen. */
4329 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4330 work->type, work, work->started);
4331 work->wpa_s->p2p_scan_work = NULL;
4332 }
4333 #endif /* CONFIG_P2P */
4334
4335 if (work->started) {
4336 work->wpa_s->radio->num_active_works--;
4337 wpa_dbg(work->wpa_s, MSG_DEBUG,
4338 "radio_work_free('%s'@%p: num_active_works --> %u",
4339 work->type, work,
4340 work->wpa_s->radio->num_active_works);
4341 }
4342
4343 dl_list_del(&work->list);
4344 os_free(work);
4345 }
4346
4347
4348 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4349 {
4350 struct wpa_radio_work *active_work = NULL;
4351 struct wpa_radio_work *tmp;
4352
4353 /* Get the active work to know the type and band. */
4354 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4355 if (tmp->started) {
4356 active_work = tmp;
4357 break;
4358 }
4359 }
4360
4361 if (!active_work) {
4362 /* No active work, start one */
4363 radio->num_active_works = 0;
4364 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4365 list) {
4366 if (os_strcmp(tmp->type, "scan") == 0 &&
4367 radio->external_scan_running &&
4368 (((struct wpa_driver_scan_params *)
4369 tmp->ctx)->only_new_results ||
4370 tmp->wpa_s->clear_driver_scan_cache))
4371 continue;
4372 return tmp;
4373 }
4374 return NULL;
4375 }
4376
4377 if (os_strcmp(active_work->type, "sme-connect") == 0 ||
4378 os_strcmp(active_work->type, "connect") == 0) {
4379 /*
4380 * If the active work is either connect or sme-connect,
4381 * do not parallelize them with other radio works.
4382 */
4383 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4384 "Do not parallelize radio work with %s",
4385 active_work->type);
4386 return NULL;
4387 }
4388
4389 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4390 if (tmp->started)
4391 continue;
4392
4393 /*
4394 * If connect or sme-connect are enqueued, parallelize only
4395 * those operations ahead of them in the queue.
4396 */
4397 if (os_strcmp(tmp->type, "connect") == 0 ||
4398 os_strcmp(tmp->type, "sme-connect") == 0)
4399 break;
4400
4401 /*
4402 * Check that the radio works are distinct and
4403 * on different bands.
4404 */
4405 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4406 (active_work->bands != tmp->bands)) {
4407 /*
4408 * If a scan has to be scheduled through nl80211 scan
4409 * interface and if an external scan is already running,
4410 * do not schedule the scan since it is likely to get
4411 * rejected by kernel.
4412 */
4413 if (os_strcmp(tmp->type, "scan") == 0 &&
4414 radio->external_scan_running &&
4415 (((struct wpa_driver_scan_params *)
4416 tmp->ctx)->only_new_results ||
4417 tmp->wpa_s->clear_driver_scan_cache))
4418 continue;
4419
4420 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4421 "active_work:%s new_work:%s",
4422 active_work->type, tmp->type);
4423 return tmp;
4424 }
4425 }
4426
4427 /* Did not find a radio work to schedule in parallel. */
4428 return NULL;
4429 }
4430
4431
4432 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4433 {
4434 struct wpa_radio *radio = eloop_ctx;
4435 struct wpa_radio_work *work;
4436 struct os_reltime now, diff;
4437 struct wpa_supplicant *wpa_s;
4438
4439 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4440 if (work == NULL) {
4441 radio->num_active_works = 0;
4442 return;
4443 }
4444
4445 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4446 radio_list);
4447
4448 if (!(wpa_s &&
4449 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4450 if (work->started)
4451 return; /* already started and still in progress */
4452
4453 if (wpa_s && wpa_s->radio->external_scan_running) {
4454 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4455 return;
4456 }
4457 } else {
4458 work = NULL;
4459 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4460 /* get the work to schedule next */
4461 work = radio_work_get_next_work(radio);
4462 }
4463 if (!work)
4464 return;
4465 }
4466
4467 wpa_s = work->wpa_s;
4468 os_get_reltime(&now);
4469 os_reltime_sub(&now, &work->time, &diff);
4470 wpa_dbg(wpa_s, MSG_DEBUG,
4471 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4472 work->type, work, diff.sec, diff.usec);
4473 work->started = 1;
4474 work->time = now;
4475 radio->num_active_works++;
4476
4477 work->cb(work, 0);
4478
4479 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4480 radio->num_active_works < MAX_ACTIVE_WORKS)
4481 radio_work_check_next(wpa_s);
4482 }
4483
4484
4485 /*
4486 * This function removes both started and pending radio works running on
4487 * the provided interface's radio.
4488 * Prior to the removal of the radio work, its callback (cb) is called with
4489 * deinit set to be 1. Each work's callback is responsible for clearing its
4490 * internal data and restoring to a correct state.
4491 * @wpa_s: wpa_supplicant data
4492 * @type: type of works to be removed
4493 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4494 * this interface's works.
4495 */
4496 void radio_remove_works(struct wpa_supplicant *wpa_s,
4497 const char *type, int remove_all)
4498 {
4499 struct wpa_radio_work *work, *tmp;
4500 struct wpa_radio *radio = wpa_s->radio;
4501
4502 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4503 list) {
4504 if (type && os_strcmp(type, work->type) != 0)
4505 continue;
4506
4507 /* skip other ifaces' works */
4508 if (!remove_all && work->wpa_s != wpa_s)
4509 continue;
4510
4511 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4512 work->type, work, work->started ? " (started)" : "");
4513 work->cb(work, 1);
4514 radio_work_free(work);
4515 }
4516
4517 /* in case we removed the started work */
4518 radio_work_check_next(wpa_s);
4519 }
4520
4521
4522 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4523 {
4524 struct wpa_radio *radio = wpa_s->radio;
4525
4526 if (!radio)
4527 return;
4528
4529 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4530 wpa_s->ifname, radio->name);
4531 dl_list_del(&wpa_s->radio_list);
4532 radio_remove_works(wpa_s, NULL, 0);
4533 wpa_s->radio = NULL;
4534 if (!dl_list_empty(&radio->ifaces))
4535 return; /* Interfaces remain for this radio */
4536
4537 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4538 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4539 os_free(radio);
4540 }
4541
4542
4543 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4544 {
4545 struct wpa_radio *radio = wpa_s->radio;
4546
4547 if (dl_list_empty(&radio->work))
4548 return;
4549 if (wpa_s->ext_work_in_progress) {
4550 wpa_printf(MSG_DEBUG,
4551 "External radio work in progress - delay start of pending item");
4552 return;
4553 }
4554 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4555 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4556 }
4557
4558
4559 /**
4560 * radio_add_work - Add a radio work item
4561 * @wpa_s: Pointer to wpa_supplicant data
4562 * @freq: Frequency of the offchannel operation in MHz or 0
4563 * @type: Unique identifier for each type of work
4564 * @next: Force as the next work to be executed
4565 * @cb: Callback function for indicating when radio is available
4566 * @ctx: Context pointer for the work (work->ctx in cb())
4567 * Returns: 0 on success, -1 on failure
4568 *
4569 * This function is used to request time for an operation that requires
4570 * exclusive radio control. Once the radio is available, the registered callback
4571 * function will be called. radio_work_done() must be called once the exclusive
4572 * radio operation has been completed, so that the radio is freed for other
4573 * operations. The special case of deinit=1 is used to free the context data
4574 * during interface removal. That does not allow the callback function to start
4575 * the radio operation, i.e., it must free any resources allocated for the radio
4576 * work and return.
4577 *
4578 * The @freq parameter can be used to indicate a single channel on which the
4579 * offchannel operation will occur. This may allow multiple radio work
4580 * operations to be performed in parallel if they apply for the same channel.
4581 * Setting this to 0 indicates that the work item may use multiple channels or
4582 * requires exclusive control of the radio.
4583 */
4584 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4585 const char *type, int next,
4586 void (*cb)(struct wpa_radio_work *work, int deinit),
4587 void *ctx)
4588 {
4589 struct wpa_radio *radio = wpa_s->radio;
4590 struct wpa_radio_work *work;
4591 int was_empty;
4592
4593 work = os_zalloc(sizeof(*work));
4594 if (work == NULL)
4595 return -1;
4596 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4597 os_get_reltime(&work->time);
4598 work->freq = freq;
4599 work->type = type;
4600 work->wpa_s = wpa_s;
4601 work->cb = cb;
4602 work->ctx = ctx;
4603
4604 if (freq)
4605 work->bands = wpas_freq_to_band(freq);
4606 else if (os_strcmp(type, "scan") == 0 ||
4607 os_strcmp(type, "p2p-scan") == 0)
4608 work->bands = wpas_get_bands(wpa_s,
4609 ((struct wpa_driver_scan_params *)
4610 ctx)->freqs);
4611 else
4612 work->bands = wpas_get_bands(wpa_s, NULL);
4613
4614 was_empty = dl_list_empty(&wpa_s->radio->work);
4615 if (next)
4616 dl_list_add(&wpa_s->radio->work, &work->list);
4617 else
4618 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4619 if (was_empty) {
4620 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4621 radio_work_check_next(wpa_s);
4622 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4623 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4624 wpa_dbg(wpa_s, MSG_DEBUG,
4625 "Try to schedule a radio work (num_active_works=%u)",
4626 radio->num_active_works);
4627 radio_work_check_next(wpa_s);
4628 }
4629
4630 return 0;
4631 }
4632
4633
4634 /**
4635 * radio_work_done - Indicate that a radio work item has been completed
4636 * @work: Completed work
4637 *
4638 * This function is called once the callback function registered with
4639 * radio_add_work() has completed its work.
4640 */
4641 void radio_work_done(struct wpa_radio_work *work)
4642 {
4643 struct wpa_supplicant *wpa_s = work->wpa_s;
4644 struct os_reltime now, diff;
4645 unsigned int started = work->started;
4646
4647 os_get_reltime(&now);
4648 os_reltime_sub(&now, &work->time, &diff);
4649 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4650 work->type, work, started ? "done" : "canceled",
4651 diff.sec, diff.usec);
4652 radio_work_free(work);
4653 if (started)
4654 radio_work_check_next(wpa_s);
4655 }
4656
4657
4658 struct wpa_radio_work *
4659 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4660 {
4661 struct wpa_radio_work *work;
4662 struct wpa_radio *radio = wpa_s->radio;
4663
4664 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4665 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4666 return work;
4667 }
4668
4669 return NULL;
4670 }
4671
4672
4673 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4674 struct wpa_interface *iface)
4675 {
4676 const char *ifname, *driver, *rn;
4677
4678 driver = iface->driver;
4679 next_driver:
4680 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4681 return -1;
4682
4683 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4684 if (wpa_s->drv_priv == NULL) {
4685 const char *pos;
4686 pos = driver ? os_strchr(driver, ',') : NULL;
4687 if (pos) {
4688 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4689 "driver interface - try next driver wrapper");
4690 driver = pos + 1;
4691 goto next_driver;
4692 }
4693 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4694 "interface");
4695 return -1;
4696 }
4697 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4698 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4699 "driver_param '%s'", wpa_s->conf->driver_param);
4700 return -1;
4701 }
4702
4703 ifname = wpa_drv_get_ifname(wpa_s);
4704 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4705 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4706 "interface name with '%s'", ifname);
4707 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4708 }
4709
4710 rn = wpa_driver_get_radio_name(wpa_s);
4711 if (rn && rn[0] == '\0')
4712 rn = NULL;
4713
4714 wpa_s->radio = radio_add_interface(wpa_s, rn);
4715 if (wpa_s->radio == NULL)
4716 return -1;
4717
4718 return 0;
4719 }
4720
4721
4722 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4723 struct wpa_interface *iface)
4724 {
4725 struct wpa_driver_capa capa;
4726 int capa_res;
4727
4728 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4729 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4730 iface->confname ? iface->confname : "N/A",
4731 iface->driver ? iface->driver : "default",
4732 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4733 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4734
4735 if (iface->confname) {
4736 #ifdef CONFIG_BACKEND_FILE
4737 wpa_s->confname = os_rel2abs_path(iface->confname);
4738 if (wpa_s->confname == NULL) {
4739 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4740 "for configuration file '%s'.",
4741 iface->confname);
4742 return -1;
4743 }
4744 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4745 iface->confname, wpa_s->confname);
4746 #else /* CONFIG_BACKEND_FILE */
4747 wpa_s->confname = os_strdup(iface->confname);
4748 #endif /* CONFIG_BACKEND_FILE */
4749 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4750 if (wpa_s->conf == NULL) {
4751 wpa_printf(MSG_ERROR, "Failed to read or parse "
4752 "configuration '%s'.", wpa_s->confname);
4753 return -1;
4754 }
4755 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4756 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4757
4758 /*
4759 * Override ctrl_interface and driver_param if set on command
4760 * line.
4761 */
4762 if (iface->ctrl_interface) {
4763 os_free(wpa_s->conf->ctrl_interface);
4764 wpa_s->conf->ctrl_interface =
4765 os_strdup(iface->ctrl_interface);
4766 }
4767
4768 if (iface->driver_param) {
4769 os_free(wpa_s->conf->driver_param);
4770 wpa_s->conf->driver_param =
4771 os_strdup(iface->driver_param);
4772 }
4773
4774 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4775 os_free(wpa_s->conf->ctrl_interface);
4776 wpa_s->conf->ctrl_interface = NULL;
4777 }
4778 } else
4779 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4780 iface->driver_param);
4781
4782 if (wpa_s->conf == NULL) {
4783 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4784 return -1;
4785 }
4786
4787 if (iface->ifname == NULL) {
4788 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4789 return -1;
4790 }
4791 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4792 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4793 iface->ifname);
4794 return -1;
4795 }
4796 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4797
4798 if (iface->bridge_ifname) {
4799 if (os_strlen(iface->bridge_ifname) >=
4800 sizeof(wpa_s->bridge_ifname)) {
4801 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4802 "name '%s'.", iface->bridge_ifname);
4803 return -1;
4804 }
4805 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4806 sizeof(wpa_s->bridge_ifname));
4807 }
4808
4809 /* RSNA Supplicant Key Management - INITIALIZE */
4810 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4811 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4812
4813 /* Initialize driver interface and register driver event handler before
4814 * L2 receive handler so that association events are processed before
4815 * EAPOL-Key packets if both become available for the same select()
4816 * call. */
4817 if (wpas_init_driver(wpa_s, iface) < 0)
4818 return -1;
4819
4820 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4821 return -1;
4822
4823 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4824 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4825 NULL);
4826 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4827
4828 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4829 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4830 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4831 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4832 "dot11RSNAConfigPMKLifetime");
4833 return -1;
4834 }
4835
4836 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4837 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4838 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4839 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4840 "dot11RSNAConfigPMKReauthThreshold");
4841 return -1;
4842 }
4843
4844 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4845 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4846 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4847 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4848 "dot11RSNAConfigSATimeout");
4849 return -1;
4850 }
4851
4852 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4853 &wpa_s->hw.num_modes,
4854 &wpa_s->hw.flags);
4855 if (wpa_s->hw.modes) {
4856 u16 i;
4857
4858 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4859 if (wpa_s->hw.modes[i].vht_capab) {
4860 wpa_s->hw_capab = CAPAB_VHT;
4861 break;
4862 }
4863
4864 if (wpa_s->hw.modes[i].ht_capab &
4865 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4866 wpa_s->hw_capab = CAPAB_HT40;
4867 else if (wpa_s->hw.modes[i].ht_capab &&
4868 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4869 wpa_s->hw_capab = CAPAB_HT;
4870 }
4871 }
4872
4873 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4874 if (capa_res == 0) {
4875 wpa_s->drv_capa_known = 1;
4876 wpa_s->drv_flags = capa.flags;
4877 wpa_s->drv_enc = capa.enc;
4878 wpa_s->drv_smps_modes = capa.smps_modes;
4879 wpa_s->drv_rrm_flags = capa.rrm_flags;
4880 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4881 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4882 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4883 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
4884 wpa_s->max_sched_scan_plan_interval =
4885 capa.max_sched_scan_plan_interval;
4886 wpa_s->max_sched_scan_plan_iterations =
4887 capa.max_sched_scan_plan_iterations;
4888 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4889 wpa_s->max_match_sets = capa.max_match_sets;
4890 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4891 wpa_s->max_stations = capa.max_stations;
4892 wpa_s->extended_capa = capa.extended_capa;
4893 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4894 wpa_s->extended_capa_len = capa.extended_capa_len;
4895 wpa_s->num_multichan_concurrent =
4896 capa.num_multichan_concurrent;
4897 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4898
4899 if (capa.mac_addr_rand_scan_supported)
4900 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4901 if (wpa_s->sched_scan_supported &&
4902 capa.mac_addr_rand_sched_scan_supported)
4903 wpa_s->mac_addr_rand_supported |=
4904 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4905 }
4906 if (wpa_s->max_remain_on_chan == 0)
4907 wpa_s->max_remain_on_chan = 1000;
4908
4909 /*
4910 * Only take p2p_mgmt parameters when P2P Device is supported.
4911 * Doing it here as it determines whether l2_packet_init() will be done
4912 * during wpa_supplicant_driver_init().
4913 */
4914 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4915 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4916 else
4917 iface->p2p_mgmt = 1;
4918
4919 if (wpa_s->num_multichan_concurrent == 0)
4920 wpa_s->num_multichan_concurrent = 1;
4921
4922 if (wpa_supplicant_driver_init(wpa_s) < 0)
4923 return -1;
4924
4925 #ifdef CONFIG_TDLS
4926 if ((!iface->p2p_mgmt ||
4927 !(wpa_s->drv_flags &
4928 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4929 wpa_tdls_init(wpa_s->wpa))
4930 return -1;
4931 #endif /* CONFIG_TDLS */
4932
4933 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4934 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4935 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4936 return -1;
4937 }
4938
4939 #ifdef CONFIG_FST
4940 if (wpa_s->conf->fst_group_id) {
4941 struct fst_iface_cfg cfg;
4942 struct fst_wpa_obj iface_obj;
4943
4944 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4945 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4946 sizeof(cfg.group_id));
4947 cfg.priority = wpa_s->conf->fst_priority;
4948 cfg.llt = wpa_s->conf->fst_llt;
4949
4950 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4951 &iface_obj, &cfg);
4952 if (!wpa_s->fst) {
4953 wpa_msg(wpa_s, MSG_ERROR,
4954 "FST: Cannot attach iface %s to group %s",
4955 wpa_s->ifname, cfg.group_id);
4956 return -1;
4957 }
4958 }
4959 #endif /* CONFIG_FST */
4960
4961 if (wpas_wps_init(wpa_s))
4962 return -1;
4963
4964 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4965 return -1;
4966 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4967
4968 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4969 if (wpa_s->ctrl_iface == NULL) {
4970 wpa_printf(MSG_ERROR,
4971 "Failed to initialize control interface '%s'.\n"
4972 "You may have another wpa_supplicant process "
4973 "already running or the file was\n"
4974 "left by an unclean termination of wpa_supplicant "
4975 "in which case you will need\n"
4976 "to manually remove this file before starting "
4977 "wpa_supplicant again.\n",
4978 wpa_s->conf->ctrl_interface);
4979 return -1;
4980 }
4981
4982 wpa_s->gas = gas_query_init(wpa_s);
4983 if (wpa_s->gas == NULL) {
4984 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4985 return -1;
4986 }
4987
4988 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4989 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4990 return -1;
4991 }
4992
4993 if (wpa_bss_init(wpa_s) < 0)
4994 return -1;
4995
4996 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
4997 #ifdef CONFIG_MESH
4998 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
4999 #endif /* CONFIG_MESH */
5000 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5001
5002 /*
5003 * Set Wake-on-WLAN triggers, if configured.
5004 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5005 * have effect anyway when the interface is down).
5006 */
5007 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
5008 return -1;
5009
5010 #ifdef CONFIG_EAP_PROXY
5011 {
5012 size_t len;
5013 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
5014 &len);
5015 if (wpa_s->mnc_len > 0) {
5016 wpa_s->imsi[len] = '\0';
5017 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5018 wpa_s->imsi, wpa_s->mnc_len);
5019 } else {
5020 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5021 }
5022 }
5023 #endif /* CONFIG_EAP_PROXY */
5024
5025 if (pcsc_reader_init(wpa_s) < 0)
5026 return -1;
5027
5028 if (wpas_init_ext_pw(wpa_s) < 0)
5029 return -1;
5030
5031 wpas_rrm_reset(wpa_s);
5032
5033 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5034
5035 #ifdef CONFIG_HS20
5036 hs20_init(wpa_s);
5037 #endif /* CONFIG_HS20 */
5038 #ifdef CONFIG_MBO
5039 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5040 #endif /* CONFIG_MBO */
5041
5042 wpa_supplicant_set_default_scan_ies(wpa_s);
5043
5044 return 0;
5045 }
5046
5047
5048 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
5049 int notify, int terminate)
5050 {
5051 struct wpa_global *global = wpa_s->global;
5052 struct wpa_supplicant *iface, *prev;
5053
5054 if (wpa_s == wpa_s->parent)
5055 wpas_p2p_group_remove(wpa_s, "*");
5056
5057 iface = global->ifaces;
5058 while (iface) {
5059 if (iface->p2pdev == wpa_s)
5060 iface->p2pdev = iface->parent;
5061 if (iface == wpa_s || iface->parent != wpa_s) {
5062 iface = iface->next;
5063 continue;
5064 }
5065 wpa_printf(MSG_DEBUG,
5066 "Remove remaining child interface %s from parent %s",
5067 iface->ifname, wpa_s->ifname);
5068 prev = iface;
5069 iface = iface->next;
5070 wpa_supplicant_remove_iface(global, prev, terminate);
5071 }
5072
5073 wpa_s->disconnected = 1;
5074 if (wpa_s->drv_priv) {
5075 wpa_supplicant_deauthenticate(wpa_s,
5076 WLAN_REASON_DEAUTH_LEAVING);
5077
5078 wpa_drv_set_countermeasures(wpa_s, 0);
5079 wpa_clear_keys(wpa_s, NULL);
5080 }
5081
5082 wpa_supplicant_cleanup(wpa_s);
5083 wpas_p2p_deinit_iface(wpa_s);
5084
5085 wpas_ctrl_radio_work_flush(wpa_s);
5086 radio_remove_interface(wpa_s);
5087
5088 #ifdef CONFIG_FST
5089 if (wpa_s->fst) {
5090 fst_detach(wpa_s->fst);
5091 wpa_s->fst = NULL;
5092 }
5093 if (wpa_s->received_mb_ies) {
5094 wpabuf_free(wpa_s->received_mb_ies);
5095 wpa_s->received_mb_ies = NULL;
5096 }
5097 #endif /* CONFIG_FST */
5098
5099 if (wpa_s->drv_priv)
5100 wpa_drv_deinit(wpa_s);
5101
5102 if (notify)
5103 wpas_notify_iface_removed(wpa_s);
5104
5105 if (terminate)
5106 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5107
5108 if (wpa_s->ctrl_iface) {
5109 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5110 wpa_s->ctrl_iface = NULL;
5111 }
5112
5113 #ifdef CONFIG_MESH
5114 if (wpa_s->ifmsh) {
5115 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5116 wpa_s->ifmsh = NULL;
5117 }
5118 #endif /* CONFIG_MESH */
5119
5120 if (wpa_s->conf != NULL) {
5121 wpa_config_free(wpa_s->conf);
5122 wpa_s->conf = NULL;
5123 }
5124
5125 os_free(wpa_s->ssids_from_scan_req);
5126
5127 os_free(wpa_s);
5128 }
5129
5130
5131 #ifdef CONFIG_MATCH_IFACE
5132
5133 /**
5134 * wpa_supplicant_match_iface - Match an interface description to a name
5135 * @global: Pointer to global data from wpa_supplicant_init()
5136 * @ifname: Name of the interface to match
5137 * Returns: Pointer to the created interface description or %NULL on failure
5138 */
5139 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5140 const char *ifname)
5141 {
5142 int i;
5143 struct wpa_interface *iface, *miface;
5144
5145 for (i = 0; i < global->params.match_iface_count; i++) {
5146 miface = &global->params.match_ifaces[i];
5147 if (!miface->ifname ||
5148 fnmatch(miface->ifname, ifname, 0) == 0) {
5149 iface = os_zalloc(sizeof(*iface));
5150 if (!iface)
5151 return NULL;
5152 *iface = *miface;
5153 iface->ifname = ifname;
5154 return iface;
5155 }
5156 }
5157
5158 return NULL;
5159 }
5160
5161
5162 /**
5163 * wpa_supplicant_match_existing - Match existing interfaces
5164 * @global: Pointer to global data from wpa_supplicant_init()
5165 * Returns: 0 on success, -1 on failure
5166 */
5167 static int wpa_supplicant_match_existing(struct wpa_global *global)
5168 {
5169 struct if_nameindex *ifi, *ifp;
5170 struct wpa_supplicant *wpa_s;
5171 struct wpa_interface *iface;
5172
5173 ifp = if_nameindex();
5174 if (!ifp) {
5175 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5176 return -1;
5177 }
5178
5179 for (ifi = ifp; ifi->if_name; ifi++) {
5180 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5181 if (wpa_s)
5182 continue;
5183 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5184 if (iface) {
5185 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5186 os_free(iface);
5187 if (wpa_s)
5188 wpa_s->matched = 1;
5189 }
5190 }
5191
5192 if_freenameindex(ifp);
5193 return 0;
5194 }
5195
5196 #endif /* CONFIG_MATCH_IFACE */
5197
5198
5199 /**
5200 * wpa_supplicant_add_iface - Add a new network interface
5201 * @global: Pointer to global data from wpa_supplicant_init()
5202 * @iface: Interface configuration options
5203 * @parent: Parent interface or %NULL to assign new interface as parent
5204 * Returns: Pointer to the created interface or %NULL on failure
5205 *
5206 * This function is used to add new network interfaces for %wpa_supplicant.
5207 * This can be called before wpa_supplicant_run() to add interfaces before the
5208 * main event loop has been started. In addition, new interfaces can be added
5209 * dynamically while %wpa_supplicant is already running. This could happen,
5210 * e.g., when a hotplug network adapter is inserted.
5211 */
5212 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5213 struct wpa_interface *iface,
5214 struct wpa_supplicant *parent)
5215 {
5216 struct wpa_supplicant *wpa_s;
5217 struct wpa_interface t_iface;
5218 struct wpa_ssid *ssid;
5219
5220 if (global == NULL || iface == NULL)
5221 return NULL;
5222
5223 wpa_s = wpa_supplicant_alloc(parent);
5224 if (wpa_s == NULL)
5225 return NULL;
5226
5227 wpa_s->global = global;
5228
5229 t_iface = *iface;
5230 if (global->params.override_driver) {
5231 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5232 "('%s' -> '%s')",
5233 iface->driver, global->params.override_driver);
5234 t_iface.driver = global->params.override_driver;
5235 }
5236 if (global->params.override_ctrl_interface) {
5237 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5238 "ctrl_interface ('%s' -> '%s')",
5239 iface->ctrl_interface,
5240 global->params.override_ctrl_interface);
5241 t_iface.ctrl_interface =
5242 global->params.override_ctrl_interface;
5243 }
5244 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5245 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5246 iface->ifname);
5247 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5248 return NULL;
5249 }
5250
5251 if (iface->p2p_mgmt == 0) {
5252 /* Notify the control interfaces about new iface */
5253 if (wpas_notify_iface_added(wpa_s)) {
5254 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5255 return NULL;
5256 }
5257
5258 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5259 wpas_notify_network_added(wpa_s, ssid);
5260 }
5261
5262 wpa_s->next = global->ifaces;
5263 global->ifaces = wpa_s;
5264
5265 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5266 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5267
5268 #ifdef CONFIG_P2P
5269 if (wpa_s->global->p2p == NULL &&
5270 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5271 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5272 wpas_p2p_add_p2pdev_interface(
5273 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5274 wpa_printf(MSG_INFO,
5275 "P2P: Failed to enable P2P Device interface");
5276 /* Try to continue without. P2P will be disabled. */
5277 }
5278 #endif /* CONFIG_P2P */
5279
5280 return wpa_s;
5281 }
5282
5283
5284 /**
5285 * wpa_supplicant_remove_iface - Remove a network interface
5286 * @global: Pointer to global data from wpa_supplicant_init()
5287 * @wpa_s: Pointer to the network interface to be removed
5288 * Returns: 0 if interface was removed, -1 if interface was not found
5289 *
5290 * This function can be used to dynamically remove network interfaces from
5291 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5292 * addition, this function is used to remove all remaining interfaces when
5293 * %wpa_supplicant is terminated.
5294 */
5295 int wpa_supplicant_remove_iface(struct wpa_global *global,
5296 struct wpa_supplicant *wpa_s,
5297 int terminate)
5298 {
5299 struct wpa_supplicant *prev;
5300 #ifdef CONFIG_MESH
5301 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5302 char *ifname = NULL;
5303 #endif /* CONFIG_MESH */
5304
5305 /* Remove interface from the global list of interfaces */
5306 prev = global->ifaces;
5307 if (prev == wpa_s) {
5308 global->ifaces = wpa_s->next;
5309 } else {
5310 while (prev && prev->next != wpa_s)
5311 prev = prev->next;
5312 if (prev == NULL)
5313 return -1;
5314 prev->next = wpa_s->next;
5315 }
5316
5317 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5318
5319 #ifdef CONFIG_MESH
5320 if (mesh_if_created) {
5321 ifname = os_strdup(wpa_s->ifname);
5322 if (ifname == NULL) {
5323 wpa_dbg(wpa_s, MSG_ERROR,
5324 "mesh: Failed to malloc ifname");
5325 return -1;
5326 }
5327 }
5328 #endif /* CONFIG_MESH */
5329
5330 if (global->p2p_group_formation == wpa_s)
5331 global->p2p_group_formation = NULL;
5332 if (global->p2p_invite_group == wpa_s)
5333 global->p2p_invite_group = NULL;
5334 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5335
5336 #ifdef CONFIG_MESH
5337 if (mesh_if_created) {
5338 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
5339 os_free(ifname);
5340 }
5341 #endif /* CONFIG_MESH */
5342
5343 return 0;
5344 }
5345
5346
5347 /**
5348 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5349 * @wpa_s: Pointer to the network interface
5350 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5351 */
5352 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5353 {
5354 const char *eapol_method;
5355
5356 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5357 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5358 return "NO-EAP";
5359 }
5360
5361 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5362 if (eapol_method == NULL)
5363 return "UNKNOWN-EAP";
5364
5365 return eapol_method;
5366 }
5367
5368
5369 /**
5370 * wpa_supplicant_get_iface - Get a new network interface
5371 * @global: Pointer to global data from wpa_supplicant_init()
5372 * @ifname: Interface name
5373 * Returns: Pointer to the interface or %NULL if not found
5374 */
5375 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5376 const char *ifname)
5377 {
5378 struct wpa_supplicant *wpa_s;
5379
5380 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5381 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5382 return wpa_s;
5383 }
5384 return NULL;
5385 }
5386
5387
5388 #ifndef CONFIG_NO_WPA_MSG
5389 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5390 {
5391 struct wpa_supplicant *wpa_s = ctx;
5392 if (wpa_s == NULL)
5393 return NULL;
5394 return wpa_s->ifname;
5395 }
5396 #endif /* CONFIG_NO_WPA_MSG */
5397
5398
5399 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5400 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5401 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5402
5403 /* Periodic cleanup tasks */
5404 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5405 {
5406 struct wpa_global *global = eloop_ctx;
5407 struct wpa_supplicant *wpa_s;
5408
5409 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5410 wpas_periodic, global, NULL);
5411
5412 #ifdef CONFIG_P2P
5413 if (global->p2p)
5414 p2p_expire_peers(global->p2p);
5415 #endif /* CONFIG_P2P */
5416
5417 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5418 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5419 #ifdef CONFIG_AP
5420 ap_periodic(wpa_s);
5421 #endif /* CONFIG_AP */
5422 }
5423 }
5424
5425
5426 /**
5427 * wpa_supplicant_init - Initialize %wpa_supplicant
5428 * @params: Parameters for %wpa_supplicant
5429 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5430 *
5431 * This function is used to initialize %wpa_supplicant. After successful
5432 * initialization, the returned data pointer can be used to add and remove
5433 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5434 */
5435 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5436 {
5437 struct wpa_global *global;
5438 int ret, i;
5439
5440 if (params == NULL)
5441 return NULL;
5442
5443 #ifdef CONFIG_DRIVER_NDIS
5444 {
5445 void driver_ndis_init_ops(void);
5446 driver_ndis_init_ops();
5447 }
5448 #endif /* CONFIG_DRIVER_NDIS */
5449
5450 #ifndef CONFIG_NO_WPA_MSG
5451 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5452 #endif /* CONFIG_NO_WPA_MSG */
5453
5454 if (params->wpa_debug_file_path)
5455 wpa_debug_open_file(params->wpa_debug_file_path);
5456 else
5457 wpa_debug_setup_stdout();
5458 if (params->wpa_debug_syslog)
5459 wpa_debug_open_syslog();
5460 if (params->wpa_debug_tracing) {
5461 ret = wpa_debug_open_linux_tracing();
5462 if (ret) {
5463 wpa_printf(MSG_ERROR,
5464 "Failed to enable trace logging");
5465 return NULL;
5466 }
5467 }
5468
5469 ret = eap_register_methods();
5470 if (ret) {
5471 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5472 if (ret == -2)
5473 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5474 "the same EAP type.");
5475 return NULL;
5476 }
5477
5478 global = os_zalloc(sizeof(*global));
5479 if (global == NULL)
5480 return NULL;
5481 dl_list_init(&global->p2p_srv_bonjour);
5482 dl_list_init(&global->p2p_srv_upnp);
5483 global->params.daemonize = params->daemonize;
5484 global->params.wait_for_monitor = params->wait_for_monitor;
5485 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5486 if (params->pid_file)
5487 global->params.pid_file = os_strdup(params->pid_file);
5488 if (params->ctrl_interface)
5489 global->params.ctrl_interface =
5490 os_strdup(params->ctrl_interface);
5491 if (params->ctrl_interface_group)
5492 global->params.ctrl_interface_group =
5493 os_strdup(params->ctrl_interface_group);
5494 if (params->override_driver)
5495 global->params.override_driver =
5496 os_strdup(params->override_driver);
5497 if (params->override_ctrl_interface)
5498 global->params.override_ctrl_interface =
5499 os_strdup(params->override_ctrl_interface);
5500 #ifdef CONFIG_MATCH_IFACE
5501 global->params.match_iface_count = params->match_iface_count;
5502 if (params->match_iface_count) {
5503 global->params.match_ifaces =
5504 os_calloc(params->match_iface_count,
5505 sizeof(struct wpa_interface));
5506 os_memcpy(global->params.match_ifaces,
5507 params->match_ifaces,
5508 params->match_iface_count *
5509 sizeof(struct wpa_interface));
5510 }
5511 #endif /* CONFIG_MATCH_IFACE */
5512 #ifdef CONFIG_P2P
5513 if (params->conf_p2p_dev)
5514 global->params.conf_p2p_dev =
5515 os_strdup(params->conf_p2p_dev);
5516 #endif /* CONFIG_P2P */
5517 wpa_debug_level = global->params.wpa_debug_level =
5518 params->wpa_debug_level;
5519 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5520 params->wpa_debug_show_keys;
5521 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5522 params->wpa_debug_timestamp;
5523
5524 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5525
5526 if (eloop_init()) {
5527 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5528 wpa_supplicant_deinit(global);
5529 return NULL;
5530 }
5531
5532 random_init(params->entropy_file);
5533
5534 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5535 if (global->ctrl_iface == NULL) {
5536 wpa_supplicant_deinit(global);
5537 return NULL;
5538 }
5539
5540 if (wpas_notify_supplicant_initialized(global)) {
5541 wpa_supplicant_deinit(global);
5542 return NULL;
5543 }
5544
5545 for (i = 0; wpa_drivers[i]; i++)
5546 global->drv_count++;
5547 if (global->drv_count == 0) {
5548 wpa_printf(MSG_ERROR, "No drivers enabled");
5549 wpa_supplicant_deinit(global);
5550 return NULL;
5551 }
5552 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5553 if (global->drv_priv == NULL) {
5554 wpa_supplicant_deinit(global);
5555 return NULL;
5556 }
5557
5558 #ifdef CONFIG_WIFI_DISPLAY
5559 if (wifi_display_init(global) < 0) {
5560 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5561 wpa_supplicant_deinit(global);
5562 return NULL;
5563 }
5564 #endif /* CONFIG_WIFI_DISPLAY */
5565
5566 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5567 wpas_periodic, global, NULL);
5568
5569 return global;
5570 }
5571
5572
5573 /**
5574 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5575 * @global: Pointer to global data from wpa_supplicant_init()
5576 * Returns: 0 after successful event loop run, -1 on failure
5577 *
5578 * This function starts the main event loop and continues running as long as
5579 * there are any remaining events. In most cases, this function is running as
5580 * long as the %wpa_supplicant process in still in use.
5581 */
5582 int wpa_supplicant_run(struct wpa_global *global)
5583 {
5584 struct wpa_supplicant *wpa_s;
5585
5586 if (global->params.daemonize &&
5587 (wpa_supplicant_daemon(global->params.pid_file) ||
5588 eloop_sock_requeue()))
5589 return -1;
5590
5591 #ifdef CONFIG_MATCH_IFACE
5592 if (wpa_supplicant_match_existing(global))
5593 return -1;
5594 #endif
5595
5596 if (global->params.wait_for_monitor) {
5597 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5598 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
5599 wpa_supplicant_ctrl_iface_wait(
5600 wpa_s->ctrl_iface);
5601 }
5602
5603 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5604 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5605
5606 eloop_run();
5607
5608 return 0;
5609 }
5610
5611
5612 /**
5613 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5614 * @global: Pointer to global data from wpa_supplicant_init()
5615 *
5616 * This function is called to deinitialize %wpa_supplicant and to free all
5617 * allocated resources. Remaining network interfaces will also be removed.
5618 */
5619 void wpa_supplicant_deinit(struct wpa_global *global)
5620 {
5621 int i;
5622
5623 if (global == NULL)
5624 return;
5625
5626 eloop_cancel_timeout(wpas_periodic, global, NULL);
5627
5628 #ifdef CONFIG_WIFI_DISPLAY
5629 wifi_display_deinit(global);
5630 #endif /* CONFIG_WIFI_DISPLAY */
5631
5632 while (global->ifaces)
5633 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5634
5635 if (global->ctrl_iface)
5636 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5637
5638 wpas_notify_supplicant_deinitialized(global);
5639
5640 eap_peer_unregister_methods();
5641 #ifdef CONFIG_AP
5642 eap_server_unregister_methods();
5643 #endif /* CONFIG_AP */
5644
5645 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5646 if (!global->drv_priv[i])
5647 continue;
5648 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5649 }
5650 os_free(global->drv_priv);
5651
5652 random_deinit();
5653
5654 eloop_destroy();
5655
5656 if (global->params.pid_file) {
5657 os_daemonize_terminate(global->params.pid_file);
5658 os_free(global->params.pid_file);
5659 }
5660 os_free(global->params.ctrl_interface);
5661 os_free(global->params.ctrl_interface_group);
5662 os_free(global->params.override_driver);
5663 os_free(global->params.override_ctrl_interface);
5664 #ifdef CONFIG_MATCH_IFACE
5665 os_free(global->params.match_ifaces);
5666 #endif /* CONFIG_MATCH_IFACE */
5667 #ifdef CONFIG_P2P
5668 os_free(global->params.conf_p2p_dev);
5669 #endif /* CONFIG_P2P */
5670
5671 os_free(global->p2p_disallow_freq.range);
5672 os_free(global->p2p_go_avoid_freq.range);
5673 os_free(global->add_psk);
5674
5675 os_free(global);
5676 wpa_debug_close_syslog();
5677 wpa_debug_close_file();
5678 wpa_debug_close_linux_tracing();
5679 }
5680
5681
5682 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5683 {
5684 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5685 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5686 char country[3];
5687 country[0] = wpa_s->conf->country[0];
5688 country[1] = wpa_s->conf->country[1];
5689 country[2] = '\0';
5690 if (wpa_drv_set_country(wpa_s, country) < 0) {
5691 wpa_printf(MSG_ERROR, "Failed to set country code "
5692 "'%s'", country);
5693 }
5694 }
5695
5696 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5697 wpas_init_ext_pw(wpa_s);
5698
5699 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
5700 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5701
5702 #ifdef CONFIG_WPS
5703 wpas_wps_update_config(wpa_s);
5704 #endif /* CONFIG_WPS */
5705 wpas_p2p_update_config(wpa_s);
5706 wpa_s->conf->changed_parameters = 0;
5707 }
5708
5709
5710 void add_freq(int *freqs, int *num_freqs, int freq)
5711 {
5712 int i;
5713
5714 for (i = 0; i < *num_freqs; i++) {
5715 if (freqs[i] == freq)
5716 return;
5717 }
5718
5719 freqs[*num_freqs] = freq;
5720 (*num_freqs)++;
5721 }
5722
5723
5724 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5725 {
5726 struct wpa_bss *bss, *cbss;
5727 const int max_freqs = 10;
5728 int *freqs;
5729 int num_freqs = 0;
5730
5731 freqs = os_calloc(max_freqs + 1, sizeof(int));
5732 if (freqs == NULL)
5733 return NULL;
5734
5735 cbss = wpa_s->current_bss;
5736
5737 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5738 if (bss == cbss)
5739 continue;
5740 if (bss->ssid_len == cbss->ssid_len &&
5741 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5742 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5743 add_freq(freqs, &num_freqs, bss->freq);
5744 if (num_freqs == max_freqs)
5745 break;
5746 }
5747 }
5748
5749 if (num_freqs == 0) {
5750 os_free(freqs);
5751 freqs = NULL;
5752 }
5753
5754 return freqs;
5755 }
5756
5757
5758 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5759 {
5760 int timeout;
5761 int count;
5762 int *freqs = NULL;
5763
5764 wpas_connect_work_done(wpa_s);
5765
5766 /*
5767 * Remove possible authentication timeout since the connection failed.
5768 */
5769 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5770
5771 /*
5772 * There is no point in blacklisting the AP if this event is
5773 * generated based on local request to disconnect.
5774 */
5775 if (wpa_s->own_disconnect_req) {
5776 wpa_s->own_disconnect_req = 0;
5777 wpa_dbg(wpa_s, MSG_DEBUG,
5778 "Ignore connection failure due to local request to disconnect");
5779 return;
5780 }
5781 if (wpa_s->disconnected) {
5782 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5783 "indication since interface has been put into "
5784 "disconnected state");
5785 return;
5786 }
5787
5788 /*
5789 * Add the failed BSSID into the blacklist and speed up next scan
5790 * attempt if there could be other APs that could accept association.
5791 * The current blacklist count indicates how many times we have tried
5792 * connecting to this AP and multiple attempts mean that other APs are
5793 * either not available or has already been tried, so that we can start
5794 * increasing the delay here to avoid constant scanning.
5795 */
5796 count = wpa_blacklist_add(wpa_s, bssid);
5797 if (count == 1 && wpa_s->current_bss) {
5798 /*
5799 * This BSS was not in the blacklist before. If there is
5800 * another BSS available for the same ESS, we should try that
5801 * next. Otherwise, we may as well try this one once more
5802 * before allowing other, likely worse, ESSes to be considered.
5803 */
5804 freqs = get_bss_freqs_in_ess(wpa_s);
5805 if (freqs) {
5806 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5807 "has been seen; try it next");
5808 wpa_blacklist_add(wpa_s, bssid);
5809 /*
5810 * On the next scan, go through only the known channels
5811 * used in this ESS based on previous scans to speed up
5812 * common load balancing use case.
5813 */
5814 os_free(wpa_s->next_scan_freqs);
5815 wpa_s->next_scan_freqs = freqs;
5816 }
5817 }
5818
5819 /*
5820 * Add previous failure count in case the temporary blacklist was
5821 * cleared due to no other BSSes being available.
5822 */
5823 count += wpa_s->extra_blacklist_count;
5824
5825 if (count > 3 && wpa_s->current_ssid) {
5826 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5827 "consider temporary network disabling");
5828 wpas_auth_failed(wpa_s, "CONN_FAILED");
5829 }
5830
5831 switch (count) {
5832 case 1:
5833 timeout = 100;
5834 break;
5835 case 2:
5836 timeout = 500;
5837 break;
5838 case 3:
5839 timeout = 1000;
5840 break;
5841 case 4:
5842 timeout = 5000;
5843 break;
5844 default:
5845 timeout = 10000;
5846 break;
5847 }
5848
5849 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5850 "ms", count, timeout);
5851
5852 /*
5853 * TODO: if more than one possible AP is available in scan results,
5854 * could try the other ones before requesting a new scan.
5855 */
5856 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5857 1000 * (timeout % 1000));
5858 }
5859
5860
5861 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5862 {
5863 return wpa_s->conf->ap_scan == 2 ||
5864 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5865 }
5866
5867
5868 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5869 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5870 struct wpa_ssid *ssid,
5871 const char *field,
5872 const char *value)
5873 {
5874 #ifdef IEEE8021X_EAPOL
5875 struct eap_peer_config *eap = &ssid->eap;
5876
5877 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5878 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5879 (const u8 *) value, os_strlen(value));
5880
5881 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5882 case WPA_CTRL_REQ_EAP_IDENTITY:
5883 os_free(eap->identity);
5884 eap->identity = (u8 *) os_strdup(value);
5885 eap->identity_len = os_strlen(value);
5886 eap->pending_req_identity = 0;
5887 if (ssid == wpa_s->current_ssid)
5888 wpa_s->reassociate = 1;
5889 break;
5890 case WPA_CTRL_REQ_EAP_PASSWORD:
5891 bin_clear_free(eap->password, eap->password_len);
5892 eap->password = (u8 *) os_strdup(value);
5893 eap->password_len = os_strlen(value);
5894 eap->pending_req_password = 0;
5895 if (ssid == wpa_s->current_ssid)
5896 wpa_s->reassociate = 1;
5897 break;
5898 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5899 bin_clear_free(eap->new_password, eap->new_password_len);
5900 eap->new_password = (u8 *) os_strdup(value);
5901 eap->new_password_len = os_strlen(value);
5902 eap->pending_req_new_password = 0;
5903 if (ssid == wpa_s->current_ssid)
5904 wpa_s->reassociate = 1;
5905 break;
5906 case WPA_CTRL_REQ_EAP_PIN:
5907 str_clear_free(eap->pin);
5908 eap->pin = os_strdup(value);
5909 eap->pending_req_pin = 0;
5910 if (ssid == wpa_s->current_ssid)
5911 wpa_s->reassociate = 1;
5912 break;
5913 case WPA_CTRL_REQ_EAP_OTP:
5914 bin_clear_free(eap->otp, eap->otp_len);
5915 eap->otp = (u8 *) os_strdup(value);
5916 eap->otp_len = os_strlen(value);
5917 os_free(eap->pending_req_otp);
5918 eap->pending_req_otp = NULL;
5919 eap->pending_req_otp_len = 0;
5920 break;
5921 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5922 str_clear_free(eap->private_key_passwd);
5923 eap->private_key_passwd = os_strdup(value);
5924 eap->pending_req_passphrase = 0;
5925 if (ssid == wpa_s->current_ssid)
5926 wpa_s->reassociate = 1;
5927 break;
5928 case WPA_CTRL_REQ_SIM:
5929 str_clear_free(eap->external_sim_resp);
5930 eap->external_sim_resp = os_strdup(value);
5931 break;
5932 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5933 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5934 return -1;
5935 ssid->mem_only_psk = 1;
5936 if (ssid->passphrase)
5937 wpa_config_update_psk(ssid);
5938 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5939 wpa_supplicant_req_scan(wpa_s, 0, 0);
5940 break;
5941 case WPA_CTRL_REQ_EXT_CERT_CHECK:
5942 if (eap->pending_ext_cert_check != PENDING_CHECK)
5943 return -1;
5944 if (os_strcmp(value, "good") == 0)
5945 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
5946 else if (os_strcmp(value, "bad") == 0)
5947 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
5948 else
5949 return -1;
5950 break;
5951 default:
5952 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5953 return -1;
5954 }
5955
5956 return 0;
5957 #else /* IEEE8021X_EAPOL */
5958 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5959 return -1;
5960 #endif /* IEEE8021X_EAPOL */
5961 }
5962 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5963
5964
5965 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5966 {
5967 int i;
5968 unsigned int drv_enc;
5969
5970 if (wpa_s->p2p_mgmt)
5971 return 1; /* no normal network profiles on p2p_mgmt interface */
5972
5973 if (ssid == NULL)
5974 return 1;
5975
5976 if (ssid->disabled)
5977 return 1;
5978
5979 if (wpa_s->drv_capa_known)
5980 drv_enc = wpa_s->drv_enc;
5981 else
5982 drv_enc = (unsigned int) -1;
5983
5984 for (i = 0; i < NUM_WEP_KEYS; i++) {
5985 size_t len = ssid->wep_key_len[i];
5986 if (len == 0)
5987 continue;
5988 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5989 continue;
5990 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5991 continue;
5992 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5993 continue;
5994 return 1; /* invalid WEP key */
5995 }
5996
5997 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5998 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5999 !ssid->mem_only_psk)
6000 return 1;
6001
6002 return 0;
6003 }
6004
6005
6006 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6007 {
6008 #ifdef CONFIG_IEEE80211W
6009 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6010 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6011 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6012 /*
6013 * Driver does not support BIP -- ignore pmf=1 default
6014 * since the connection with PMF would fail and the
6015 * configuration does not require PMF to be enabled.
6016 */
6017 return NO_MGMT_FRAME_PROTECTION;
6018 }
6019
6020 if (ssid &&
6021 (ssid->key_mgmt &
6022 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6023 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6024 /*
6025 * Do not use the default PMF value for non-RSN networks
6026 * since PMF is available only with RSN and pmf=2
6027 * configuration would otherwise prevent connections to
6028 * all open networks.
6029 */
6030 return NO_MGMT_FRAME_PROTECTION;
6031 }
6032
6033 return wpa_s->conf->pmf;
6034 }
6035
6036 return ssid->ieee80211w;
6037 #else /* CONFIG_IEEE80211W */
6038 return NO_MGMT_FRAME_PROTECTION;
6039 #endif /* CONFIG_IEEE80211W */
6040 }
6041
6042
6043 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6044 {
6045 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6046 return 1;
6047 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6048 return 0;
6049 return -1;
6050 }
6051
6052
6053 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
6054 {
6055 struct wpa_ssid *ssid = wpa_s->current_ssid;
6056 int dur;
6057 struct os_reltime now;
6058
6059 if (ssid == NULL) {
6060 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6061 "SSID block");
6062 return;
6063 }
6064
6065 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6066 return;
6067
6068 ssid->auth_failures++;
6069
6070 #ifdef CONFIG_P2P
6071 if (ssid->p2p_group &&
6072 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6073 /*
6074 * Skip the wait time since there is a short timeout on the
6075 * connection to a P2P group.
6076 */
6077 return;
6078 }
6079 #endif /* CONFIG_P2P */
6080
6081 if (ssid->auth_failures > 50)
6082 dur = 300;
6083 else if (ssid->auth_failures > 10)
6084 dur = 120;
6085 else if (ssid->auth_failures > 5)
6086 dur = 90;
6087 else if (ssid->auth_failures > 3)
6088 dur = 60;
6089 else if (ssid->auth_failures > 2)
6090 dur = 30;
6091 else if (ssid->auth_failures > 1)
6092 dur = 20;
6093 else
6094 dur = 10;
6095
6096 if (ssid->auth_failures > 1 &&
6097 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6098 dur += os_random() % (ssid->auth_failures * 10);
6099
6100 os_get_reltime(&now);
6101 if (now.sec + dur <= ssid->disabled_until.sec)
6102 return;
6103
6104 ssid->disabled_until.sec = now.sec + dur;
6105
6106 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
6107 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6108 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
6109 ssid->auth_failures, dur, reason);
6110 }
6111
6112
6113 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6114 struct wpa_ssid *ssid, int clear_failures)
6115 {
6116 if (ssid == NULL)
6117 return;
6118
6119 if (ssid->disabled_until.sec) {
6120 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6121 "id=%d ssid=\"%s\"",
6122 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6123 }
6124 ssid->disabled_until.sec = 0;
6125 ssid->disabled_until.usec = 0;
6126 if (clear_failures)
6127 ssid->auth_failures = 0;
6128 }
6129
6130
6131 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6132 {
6133 size_t i;
6134
6135 if (wpa_s->disallow_aps_bssid == NULL)
6136 return 0;
6137
6138 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6139 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6140 bssid, ETH_ALEN) == 0)
6141 return 1;
6142 }
6143
6144 return 0;
6145 }
6146
6147
6148 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6149 size_t ssid_len)
6150 {
6151 size_t i;
6152
6153 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6154 return 0;
6155
6156 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6157 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6158 if (ssid_len == s->ssid_len &&
6159 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6160 return 1;
6161 }
6162
6163 return 0;
6164 }
6165
6166
6167 /**
6168 * wpas_request_connection - Request a new connection
6169 * @wpa_s: Pointer to the network interface
6170 *
6171 * This function is used to request a new connection to be found. It will mark
6172 * the interface to allow reassociation and request a new scan to find a
6173 * suitable network to connect to.
6174 */
6175 void wpas_request_connection(struct wpa_supplicant *wpa_s)
6176 {
6177 wpa_s->normal_scans = 0;
6178 wpa_s->scan_req = NORMAL_SCAN_REQ;
6179 wpa_supplicant_reinit_autoscan(wpa_s);
6180 wpa_s->extra_blacklist_count = 0;
6181 wpa_s->disconnected = 0;
6182 wpa_s->reassociate = 1;
6183
6184 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6185 wpa_supplicant_req_scan(wpa_s, 0, 0);
6186 else
6187 wpa_s->reattach = 0;
6188 }
6189
6190
6191 /**
6192 * wpas_request_disconnection - Request disconnection
6193 * @wpa_s: Pointer to the network interface
6194 *
6195 * This function is used to request disconnection from the currently connected
6196 * network. This will stop any ongoing scans and initiate deauthentication.
6197 */
6198 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6199 {
6200 #ifdef CONFIG_SME
6201 wpa_s->sme.prev_bssid_set = 0;
6202 #endif /* CONFIG_SME */
6203 wpa_s->reassociate = 0;
6204 wpa_s->disconnected = 1;
6205 wpa_supplicant_cancel_sched_scan(wpa_s);
6206 wpa_supplicant_cancel_scan(wpa_s);
6207 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6208 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6209 }
6210
6211
6212 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6213 struct wpa_used_freq_data *freqs_data,
6214 unsigned int len)
6215 {
6216 unsigned int i;
6217
6218 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6219 len, title);
6220 for (i = 0; i < len; i++) {
6221 struct wpa_used_freq_data *cur = &freqs_data[i];
6222 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6223 i, cur->freq, cur->flags);
6224 }
6225 }
6226
6227
6228 /*
6229 * Find the operating frequencies of any of the virtual interfaces that
6230 * are using the same radio as the current interface, and in addition, get
6231 * information about the interface types that are using the frequency.
6232 */
6233 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6234 struct wpa_used_freq_data *freqs_data,
6235 unsigned int len)
6236 {
6237 struct wpa_supplicant *ifs;
6238 u8 bssid[ETH_ALEN];
6239 int freq;
6240 unsigned int idx = 0, i;
6241
6242 wpa_dbg(wpa_s, MSG_DEBUG,
6243 "Determining shared radio frequencies (max len %u)", len);
6244 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6245
6246 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6247 radio_list) {
6248 if (idx == len)
6249 break;
6250
6251 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6252 continue;
6253
6254 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6255 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6256 ifs->current_ssid->mode == WPAS_MODE_MESH)
6257 freq = ifs->current_ssid->frequency;
6258 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6259 freq = ifs->assoc_freq;
6260 else
6261 continue;
6262
6263 /* Hold only distinct freqs */
6264 for (i = 0; i < idx; i++)
6265 if (freqs_data[i].freq == freq)
6266 break;
6267
6268 if (i == idx)
6269 freqs_data[idx++].freq = freq;
6270
6271 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6272 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6273 WPA_FREQ_USED_BY_P2P_CLIENT :
6274 WPA_FREQ_USED_BY_INFRA_STATION;
6275 }
6276 }
6277
6278 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6279 return idx;
6280 }
6281
6282
6283 /*
6284 * Find the operating frequencies of any of the virtual interfaces that
6285 * are using the same radio as the current interface.
6286 */
6287 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6288 int *freq_array, unsigned int len)
6289 {
6290 struct wpa_used_freq_data *freqs_data;
6291 int num, i;
6292
6293 os_memset(freq_array, 0, sizeof(int) * len);
6294
6295 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6296 if (!freqs_data)
6297 return -1;
6298
6299 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6300 for (i = 0; i < num; i++)
6301 freq_array[i] = freqs_data[i].freq;
6302
6303 os_free(freqs_data);
6304
6305 return num;
6306 }
6307
6308
6309 struct wpa_supplicant *
6310 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6311 {
6312 switch (frame) {
6313 #ifdef CONFIG_P2P
6314 case VENDOR_ELEM_PROBE_REQ_P2P:
6315 case VENDOR_ELEM_PROBE_RESP_P2P:
6316 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6317 case VENDOR_ELEM_BEACON_P2P_GO:
6318 case VENDOR_ELEM_P2P_PD_REQ:
6319 case VENDOR_ELEM_P2P_PD_RESP:
6320 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6321 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6322 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6323 case VENDOR_ELEM_P2P_INV_REQ:
6324 case VENDOR_ELEM_P2P_INV_RESP:
6325 case VENDOR_ELEM_P2P_ASSOC_REQ:
6326 case VENDOR_ELEM_P2P_ASSOC_RESP:
6327 return wpa_s->p2pdev;
6328 #endif /* CONFIG_P2P */
6329 default:
6330 return wpa_s;
6331 }
6332 }
6333
6334
6335 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6336 {
6337 unsigned int i;
6338 char buf[30];
6339
6340 wpa_printf(MSG_DEBUG, "Update vendor elements");
6341
6342 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6343 if (wpa_s->vendor_elem[i]) {
6344 int res;
6345
6346 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6347 if (!os_snprintf_error(sizeof(buf), res)) {
6348 wpa_hexdump_buf(MSG_DEBUG, buf,
6349 wpa_s->vendor_elem[i]);
6350 }
6351 }
6352 }
6353
6354 #ifdef CONFIG_P2P
6355 if (wpa_s->parent == wpa_s &&
6356 wpa_s->global->p2p &&
6357 !wpa_s->global->p2p_disabled)
6358 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6359 #endif /* CONFIG_P2P */
6360 }
6361
6362
6363 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6364 const u8 *elem, size_t len)
6365 {
6366 u8 *ie, *end;
6367
6368 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6369 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6370
6371 for (; ie + 1 < end; ie += 2 + ie[1]) {
6372 if (ie + len > end)
6373 break;
6374 if (os_memcmp(ie, elem, len) != 0)
6375 continue;
6376
6377 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6378 wpabuf_free(wpa_s->vendor_elem[frame]);
6379 wpa_s->vendor_elem[frame] = NULL;
6380 } else {
6381 os_memmove(ie, ie + len, end - (ie + len));
6382 wpa_s->vendor_elem[frame]->used -= len;
6383 }
6384 wpas_vendor_elem_update(wpa_s);
6385 return 0;
6386 }
6387
6388 return -1;
6389 }
6390
6391
6392 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6393 u16 num_modes, enum hostapd_hw_mode mode)
6394 {
6395 u16 i;
6396
6397 for (i = 0; i < num_modes; i++) {
6398 if (modes[i].mode == mode)
6399 return &modes[i];
6400 }
6401
6402 return NULL;
6403 }
6404
6405
6406 static struct
6407 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6408 const u8 *bssid)
6409 {
6410 struct wpa_bss_tmp_disallowed *bss;
6411
6412 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6413 struct wpa_bss_tmp_disallowed, list) {
6414 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6415 return bss;
6416 }
6417
6418 return NULL;
6419 }
6420
6421
6422 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6423 unsigned int sec)
6424 {
6425 struct wpa_bss_tmp_disallowed *bss;
6426 struct os_reltime until;
6427
6428 os_get_reltime(&until);
6429 until.sec += sec;
6430
6431 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6432 if (bss) {
6433 bss->disallowed_until = until;
6434 return;
6435 }
6436
6437 bss = os_malloc(sizeof(*bss));
6438 if (!bss) {
6439 wpa_printf(MSG_DEBUG,
6440 "Failed to allocate memory for temp disallow BSS");
6441 return;
6442 }
6443
6444 bss->disallowed_until = until;
6445 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6446 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6447 }
6448
6449
6450 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6451 {
6452 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
6453 struct os_reltime now, age;
6454
6455 os_get_reltime(&now);
6456
6457 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
6458 struct wpa_bss_tmp_disallowed, list) {
6459 if (!os_reltime_before(&now, &tmp->disallowed_until)) {
6460 /* This BSS is not disallowed anymore */
6461 dl_list_del(&tmp->list);
6462 os_free(tmp);
6463 continue;
6464 }
6465 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
6466 bss = tmp;
6467 break;
6468 }
6469 }
6470 if (!bss)
6471 return 0;
6472
6473 os_reltime_sub(&bss->disallowed_until, &now, &age);
6474 wpa_printf(MSG_DEBUG,
6475 "BSS " MACSTR " disabled for %ld.%0ld seconds",
6476 MAC2STR(bss->bssid), age.sec, age.usec);
6477 return 1;
6478 }
Unnamed repository; edit this file 'description' to name the repository.