]>
Commit | Line | Data |
---|---|---|
6fc6879b JM |
1 | /* |
2 | * WPA Supplicant - Driver event processing | |
3 | * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2 as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * Alternatively, this software may be distributed under the terms of BSD | |
10 | * license. | |
11 | * | |
12 | * See README and COPYING for more details. | |
13 | */ | |
14 | ||
15 | #include "includes.h" | |
16 | ||
17 | #include "common.h" | |
18 | #include "eapol_supp/eapol_supp_sm.h" | |
19 | #include "wpa.h" | |
20 | #include "eloop.h" | |
21 | #include "drivers/driver.h" | |
22 | #include "config.h" | |
23 | #include "l2_packet/l2_packet.h" | |
24 | #include "wpa_supplicant_i.h" | |
25 | #include "pcsc_funcs.h" | |
26 | #include "preauth.h" | |
27 | #include "pmksa_cache.h" | |
28 | #include "wpa_ctrl.h" | |
29 | #include "eap_peer/eap.h" | |
30 | #include "ctrl_iface_dbus.h" | |
31 | #include "ieee802_11_defs.h" | |
32 | #include "blacklist.h" | |
33 | #include "wpas_glue.h" | |
34 | ||
35 | ||
36 | static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) | |
37 | { | |
38 | struct wpa_ssid *ssid; | |
39 | ||
40 | if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) | |
41 | return 0; | |
42 | ||
43 | wpa_printf(MSG_DEBUG, "Select network based on association " | |
44 | "information"); | |
45 | ssid = wpa_supplicant_get_ssid(wpa_s); | |
46 | if (ssid == NULL) { | |
47 | wpa_printf(MSG_INFO, "No network configuration found for the " | |
48 | "current AP"); | |
49 | return -1; | |
50 | } | |
51 | ||
52 | if (ssid->disabled) { | |
53 | wpa_printf(MSG_DEBUG, "Selected network is disabled"); | |
54 | return -1; | |
55 | } | |
56 | ||
57 | wpa_printf(MSG_DEBUG, "Network configuration found for the current " | |
58 | "AP"); | |
59 | if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X | | |
60 | WPA_KEY_MGMT_WPA_NONE | | |
56586197 JM |
61 | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X | |
62 | WPA_KEY_MGMT_PSK_SHA256 | | |
63 | WPA_KEY_MGMT_IEEE8021X_SHA256)) { | |
6fc6879b JM |
64 | u8 wpa_ie[80]; |
65 | size_t wpa_ie_len = sizeof(wpa_ie); | |
66 | wpa_supplicant_set_suites(wpa_s, NULL, ssid, | |
67 | wpa_ie, &wpa_ie_len); | |
68 | } else { | |
69 | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); | |
70 | } | |
71 | ||
72 | if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) | |
73 | eapol_sm_invalidate_cached_session(wpa_s->eapol); | |
74 | wpa_s->current_ssid = ssid; | |
75 | wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); | |
76 | wpa_supplicant_initiate_eapol(wpa_s); | |
77 | ||
78 | return 0; | |
79 | } | |
80 | ||
81 | ||
82 | static void wpa_supplicant_stop_countermeasures(void *eloop_ctx, | |
83 | void *sock_ctx) | |
84 | { | |
85 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
86 | ||
87 | if (wpa_s->countermeasures) { | |
88 | wpa_s->countermeasures = 0; | |
89 | wpa_drv_set_countermeasures(wpa_s, 0); | |
90 | wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped"); | |
91 | wpa_supplicant_req_scan(wpa_s, 0, 0); | |
92 | } | |
93 | } | |
94 | ||
95 | ||
96 | void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) | |
97 | { | |
98 | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); | |
99 | os_memset(wpa_s->bssid, 0, ETH_ALEN); | |
100 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); | |
101 | eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); | |
102 | eapol_sm_notify_portValid(wpa_s->eapol, FALSE); | |
56586197 | 103 | if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) |
6fc6879b JM |
104 | eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); |
105 | wpa_s->ap_ies_from_associnfo = 0; | |
106 | } | |
107 | ||
108 | ||
109 | static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) | |
110 | { | |
111 | struct wpa_ie_data ie; | |
112 | int pmksa_set = -1; | |
113 | size_t i; | |
114 | ||
115 | if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || | |
116 | ie.pmkid == NULL) | |
117 | return; | |
118 | ||
119 | for (i = 0; i < ie.num_pmkid; i++) { | |
120 | pmksa_set = pmksa_cache_set_current(wpa_s->wpa, | |
121 | ie.pmkid + i * PMKID_LEN, | |
122 | NULL, NULL, 0); | |
123 | if (pmksa_set == 0) { | |
124 | eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); | |
125 | break; | |
126 | } | |
127 | } | |
128 | ||
129 | wpa_printf(MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from PMKSA " | |
130 | "cache", pmksa_set == 0 ? "" : "not "); | |
131 | } | |
132 | ||
133 | ||
134 | static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s, | |
135 | union wpa_event_data *data) | |
136 | { | |
137 | if (data == NULL) { | |
138 | wpa_printf(MSG_DEBUG, "RSN: No data in PMKID candidate event"); | |
139 | return; | |
140 | } | |
141 | wpa_printf(MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR | |
142 | " index=%d preauth=%d", | |
143 | MAC2STR(data->pmkid_candidate.bssid), | |
144 | data->pmkid_candidate.index, | |
145 | data->pmkid_candidate.preauth); | |
146 | ||
147 | pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid, | |
148 | data->pmkid_candidate.index, | |
149 | data->pmkid_candidate.preauth); | |
150 | } | |
151 | ||
152 | ||
153 | static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s) | |
154 | { | |
155 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || | |
156 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) | |
157 | return 0; | |
158 | ||
159 | #ifdef IEEE8021X_EAPOL | |
160 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA && | |
161 | wpa_s->current_ssid && | |
162 | !(wpa_s->current_ssid->eapol_flags & | |
163 | (EAPOL_FLAG_REQUIRE_KEY_UNICAST | | |
164 | EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) { | |
165 | /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either | |
166 | * plaintext or static WEP keys). */ | |
167 | return 0; | |
168 | } | |
169 | #endif /* IEEE8021X_EAPOL */ | |
170 | ||
171 | return 1; | |
172 | } | |
173 | ||
174 | ||
175 | /** | |
176 | * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC | |
177 | * @wpa_s: pointer to wpa_supplicant data | |
178 | * @ssid: Configuration data for the network | |
179 | * Returns: 0 on success, -1 on failure | |
180 | * | |
181 | * This function is called when starting authentication with a network that is | |
182 | * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA). | |
183 | */ | |
184 | int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s, | |
185 | struct wpa_ssid *ssid) | |
186 | { | |
187 | #ifdef IEEE8021X_EAPOL | |
188 | int aka = 0, sim = 0, type; | |
189 | ||
190 | if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL) | |
191 | return 0; | |
192 | ||
193 | if (ssid->eap.eap_methods == NULL) { | |
194 | sim = 1; | |
195 | aka = 1; | |
196 | } else { | |
197 | struct eap_method_type *eap = ssid->eap.eap_methods; | |
198 | while (eap->vendor != EAP_VENDOR_IETF || | |
199 | eap->method != EAP_TYPE_NONE) { | |
200 | if (eap->vendor == EAP_VENDOR_IETF) { | |
201 | if (eap->method == EAP_TYPE_SIM) | |
202 | sim = 1; | |
203 | else if (eap->method == EAP_TYPE_AKA) | |
204 | aka = 1; | |
205 | } | |
206 | eap++; | |
207 | } | |
208 | } | |
209 | ||
210 | if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL) | |
211 | sim = 0; | |
212 | if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL) | |
213 | aka = 0; | |
214 | ||
215 | if (!sim && !aka) { | |
216 | wpa_printf(MSG_DEBUG, "Selected network is configured to use " | |
217 | "SIM, but neither EAP-SIM nor EAP-AKA are enabled"); | |
218 | return 0; | |
219 | } | |
220 | ||
221 | wpa_printf(MSG_DEBUG, "Selected network is configured to use SIM " | |
222 | "(sim=%d aka=%d) - initialize PCSC", sim, aka); | |
223 | if (sim && aka) | |
224 | type = SCARD_TRY_BOTH; | |
225 | else if (aka) | |
226 | type = SCARD_USIM_ONLY; | |
227 | else | |
228 | type = SCARD_GSM_SIM_ONLY; | |
229 | ||
230 | wpa_s->scard = scard_init(type); | |
231 | if (wpa_s->scard == NULL) { | |
232 | wpa_printf(MSG_WARNING, "Failed to initialize SIM " | |
233 | "(pcsc-lite)"); | |
234 | return -1; | |
235 | } | |
236 | wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); | |
237 | eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); | |
238 | #endif /* IEEE8021X_EAPOL */ | |
239 | ||
240 | return 0; | |
241 | } | |
242 | ||
243 | ||
244 | #ifndef CONFIG_NO_SCAN_PROCESSING | |
245 | static int wpa_supplicant_match_privacy(struct wpa_scan_res *bss, | |
246 | struct wpa_ssid *ssid) | |
247 | { | |
248 | int i, privacy = 0; | |
249 | ||
250 | if (ssid->mixed_cell) | |
251 | return 1; | |
252 | ||
253 | for (i = 0; i < NUM_WEP_KEYS; i++) { | |
254 | if (ssid->wep_key_len[i]) { | |
255 | privacy = 1; | |
256 | break; | |
257 | } | |
258 | } | |
259 | #ifdef IEEE8021X_EAPOL | |
260 | if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && | |
261 | ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | | |
262 | EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) | |
263 | privacy = 1; | |
264 | #endif /* IEEE8021X_EAPOL */ | |
265 | ||
266 | if (bss->caps & IEEE80211_CAP_PRIVACY) | |
267 | return privacy; | |
268 | return !privacy; | |
269 | } | |
270 | ||
271 | ||
272 | static int wpa_supplicant_ssid_bss_match(struct wpa_ssid *ssid, | |
273 | struct wpa_scan_res *bss) | |
274 | { | |
275 | struct wpa_ie_data ie; | |
276 | int proto_match = 0; | |
277 | const u8 *rsn_ie, *wpa_ie; | |
278 | ||
279 | rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
280 | while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { | |
281 | proto_match++; | |
282 | ||
283 | if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { | |
284 | wpa_printf(MSG_DEBUG, " skip RSN IE - parse failed"); | |
285 | break; | |
286 | } | |
287 | if (!(ie.proto & ssid->proto)) { | |
288 | wpa_printf(MSG_DEBUG, " skip RSN IE - proto " | |
289 | "mismatch"); | |
290 | break; | |
291 | } | |
292 | ||
293 | if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { | |
294 | wpa_printf(MSG_DEBUG, " skip RSN IE - PTK cipher " | |
295 | "mismatch"); | |
296 | break; | |
297 | } | |
298 | ||
299 | if (!(ie.group_cipher & ssid->group_cipher)) { | |
300 | wpa_printf(MSG_DEBUG, " skip RSN IE - GTK cipher " | |
301 | "mismatch"); | |
302 | break; | |
303 | } | |
304 | ||
305 | if (!(ie.key_mgmt & ssid->key_mgmt)) { | |
306 | wpa_printf(MSG_DEBUG, " skip RSN IE - key mgmt " | |
307 | "mismatch"); | |
308 | break; | |
309 | } | |
310 | ||
311 | #ifdef CONFIG_IEEE80211W | |
0b60b0aa JM |
312 | if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && |
313 | ssid->ieee80211w == IEEE80211W_REQUIRED) { | |
6fc6879b JM |
314 | wpa_printf(MSG_DEBUG, " skip RSN IE - no mgmt frame " |
315 | "protection"); | |
316 | break; | |
317 | } | |
318 | #endif /* CONFIG_IEEE80211W */ | |
319 | ||
320 | wpa_printf(MSG_DEBUG, " selected based on RSN IE"); | |
321 | return 1; | |
322 | } | |
323 | ||
324 | wpa_ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
325 | while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { | |
326 | proto_match++; | |
327 | ||
328 | if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { | |
329 | wpa_printf(MSG_DEBUG, " skip WPA IE - parse failed"); | |
330 | break; | |
331 | } | |
332 | if (!(ie.proto & ssid->proto)) { | |
333 | wpa_printf(MSG_DEBUG, " skip WPA IE - proto " | |
334 | "mismatch"); | |
335 | break; | |
336 | } | |
337 | ||
338 | if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { | |
339 | wpa_printf(MSG_DEBUG, " skip WPA IE - PTK cipher " | |
340 | "mismatch"); | |
341 | break; | |
342 | } | |
343 | ||
344 | if (!(ie.group_cipher & ssid->group_cipher)) { | |
345 | wpa_printf(MSG_DEBUG, " skip WPA IE - GTK cipher " | |
346 | "mismatch"); | |
347 | break; | |
348 | } | |
349 | ||
350 | if (!(ie.key_mgmt & ssid->key_mgmt)) { | |
351 | wpa_printf(MSG_DEBUG, " skip WPA IE - key mgmt " | |
352 | "mismatch"); | |
353 | break; | |
354 | } | |
355 | ||
356 | wpa_printf(MSG_DEBUG, " selected based on WPA IE"); | |
357 | return 1; | |
358 | } | |
359 | ||
360 | if (proto_match == 0) | |
361 | wpa_printf(MSG_DEBUG, " skip - no WPA/RSN proto match"); | |
362 | ||
363 | return 0; | |
364 | } | |
365 | ||
366 | ||
367 | static struct wpa_scan_res * | |
368 | wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, struct wpa_ssid *group, | |
369 | struct wpa_ssid **selected_ssid) | |
370 | { | |
371 | struct wpa_ssid *ssid; | |
372 | struct wpa_scan_res *bss, *selected = NULL; | |
373 | size_t i; | |
374 | struct wpa_blacklist *e; | |
375 | const u8 *ie; | |
376 | ||
377 | wpa_printf(MSG_DEBUG, "Selecting BSS from priority group %d", | |
378 | group->priority); | |
379 | ||
380 | bss = NULL; | |
381 | ssid = NULL; | |
382 | /* First, try to find WPA-enabled AP */ | |
383 | wpa_printf(MSG_DEBUG, "Try to find WPA-enabled AP"); | |
384 | for (i = 0; i < wpa_s->scan_res->num && !selected; i++) { | |
385 | const u8 *ssid_; | |
386 | u8 wpa_ie_len, rsn_ie_len, ssid_len; | |
387 | bss = wpa_s->scan_res->res[i]; | |
388 | ||
389 | ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); | |
390 | ssid_ = ie ? ie + 2 : (u8 *) ""; | |
391 | ssid_len = ie ? ie[1] : 0; | |
392 | ||
393 | ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
394 | wpa_ie_len = ie ? ie[1] : 0; | |
395 | ||
396 | ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
397 | rsn_ie_len = ie ? ie[1] : 0; | |
398 | ||
399 | wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' " | |
400 | "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x", | |
401 | (int) i, MAC2STR(bss->bssid), | |
402 | wpa_ssid_txt(ssid_, ssid_len), | |
403 | wpa_ie_len, rsn_ie_len, bss->caps); | |
404 | e = wpa_blacklist_get(wpa_s, bss->bssid); | |
405 | if (e && e->count > 1) { | |
406 | wpa_printf(MSG_DEBUG, " skip - blacklisted"); | |
407 | continue; | |
408 | } | |
409 | ||
410 | if (wpa_ie_len == 0 && rsn_ie_len == 0) { | |
411 | wpa_printf(MSG_DEBUG, " skip - no WPA/RSN IE"); | |
412 | continue; | |
413 | } | |
414 | ||
415 | for (ssid = group; ssid; ssid = ssid->pnext) { | |
416 | if (ssid->disabled) { | |
417 | wpa_printf(MSG_DEBUG, " skip - disabled"); | |
418 | continue; | |
419 | } | |
420 | if (ssid_len != ssid->ssid_len || | |
421 | os_memcmp(ssid_, ssid->ssid, ssid_len) != 0) { | |
422 | wpa_printf(MSG_DEBUG, " skip - " | |
423 | "SSID mismatch"); | |
424 | continue; | |
425 | } | |
426 | if (ssid->bssid_set && | |
427 | os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) | |
428 | { | |
429 | wpa_printf(MSG_DEBUG, " skip - " | |
430 | "BSSID mismatch"); | |
431 | continue; | |
432 | } | |
433 | if (wpa_supplicant_ssid_bss_match(ssid, bss)) { | |
434 | selected = bss; | |
435 | *selected_ssid = ssid; | |
436 | wpa_printf(MSG_DEBUG, " selected WPA AP " | |
437 | MACSTR " ssid='%s'", | |
438 | MAC2STR(bss->bssid), | |
439 | wpa_ssid_txt(ssid_, ssid_len)); | |
440 | break; | |
441 | } | |
442 | } | |
443 | } | |
444 | ||
445 | /* If no WPA-enabled AP found, try to find non-WPA AP, if configuration | |
446 | * allows this. */ | |
447 | wpa_printf(MSG_DEBUG, "Try to find non-WPA AP"); | |
448 | for (i = 0; i < wpa_s->scan_res->num && !selected; i++) { | |
449 | const u8 *ssid_; | |
450 | u8 wpa_ie_len, rsn_ie_len, ssid_len; | |
451 | bss = wpa_s->scan_res->res[i]; | |
452 | ||
453 | ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); | |
454 | ssid_ = ie ? ie + 2 : (u8 *) ""; | |
455 | ssid_len = ie ? ie[1] : 0; | |
456 | ||
457 | ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); | |
458 | wpa_ie_len = ie ? ie[1] : 0; | |
459 | ||
460 | ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); | |
461 | rsn_ie_len = ie ? ie[1] : 0; | |
462 | ||
463 | wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' " | |
464 | "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x", | |
465 | (int) i, MAC2STR(bss->bssid), | |
466 | wpa_ssid_txt(ssid_, ssid_len), | |
467 | wpa_ie_len, rsn_ie_len, bss->caps); | |
468 | e = wpa_blacklist_get(wpa_s, bss->bssid); | |
469 | if (e && e->count > 1) { | |
470 | wpa_printf(MSG_DEBUG, " skip - blacklisted"); | |
471 | continue; | |
472 | } | |
473 | for (ssid = group; ssid; ssid = ssid->pnext) { | |
474 | if (ssid->disabled) { | |
475 | wpa_printf(MSG_DEBUG, " skip - disabled"); | |
476 | continue; | |
477 | } | |
478 | if (ssid->ssid_len != 0 && | |
479 | (ssid_len != ssid->ssid_len || | |
480 | os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) { | |
481 | wpa_printf(MSG_DEBUG, " skip - " | |
482 | "SSID mismatch"); | |
483 | continue; | |
484 | } | |
485 | ||
486 | if (ssid->bssid_set && | |
487 | os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) | |
488 | { | |
489 | wpa_printf(MSG_DEBUG, " skip - " | |
490 | "BSSID mismatch"); | |
491 | continue; | |
492 | } | |
493 | ||
494 | if (!(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && | |
495 | !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) | |
496 | { | |
497 | wpa_printf(MSG_DEBUG, " skip - " | |
498 | "non-WPA network not allowed"); | |
499 | continue; | |
500 | } | |
501 | ||
502 | if ((ssid->key_mgmt & | |
56586197 JM |
503 | (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK | |
504 | WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK | | |
505 | WPA_KEY_MGMT_IEEE8021X_SHA256 | | |
506 | WPA_KEY_MGMT_PSK_SHA256)) && | |
6fc6879b JM |
507 | (wpa_ie_len != 0 || rsn_ie_len != 0)) { |
508 | wpa_printf(MSG_DEBUG, " skip - " | |
509 | "WPA network"); | |
510 | continue; | |
511 | } | |
512 | ||
513 | if (!wpa_supplicant_match_privacy(bss, ssid)) { | |
514 | wpa_printf(MSG_DEBUG, " skip - " | |
515 | "privacy mismatch"); | |
516 | continue; | |
517 | } | |
518 | ||
519 | if (bss->caps & IEEE80211_CAP_IBSS) { | |
520 | wpa_printf(MSG_DEBUG, " skip - " | |
521 | "IBSS (adhoc) network"); | |
522 | continue; | |
523 | } | |
524 | ||
525 | selected = bss; | |
526 | *selected_ssid = ssid; | |
527 | wpa_printf(MSG_DEBUG, " selected non-WPA AP " | |
528 | MACSTR " ssid='%s'", | |
529 | MAC2STR(bss->bssid), | |
530 | wpa_ssid_txt(ssid_, ssid_len)); | |
531 | break; | |
532 | } | |
533 | } | |
534 | ||
535 | return selected; | |
536 | } | |
537 | ||
538 | ||
539 | static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s) | |
540 | { | |
541 | int prio, timeout; | |
542 | struct wpa_scan_res *selected = NULL; | |
543 | struct wpa_ssid *ssid = NULL; | |
544 | ||
545 | if (wpa_supplicant_get_scan_results(wpa_s) < 0) { | |
546 | if (wpa_s->conf->ap_scan == 2) | |
547 | return; | |
548 | wpa_printf(MSG_DEBUG, "Failed to get scan results - try " | |
549 | "scanning again"); | |
550 | timeout = 1; | |
551 | goto req_scan; | |
552 | } | |
553 | ||
554 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); | |
555 | ||
556 | wpa_supplicant_dbus_notify_scan_results(wpa_s); | |
557 | ||
558 | if (wpa_s->conf->ap_scan == 2 || wpa_s->disconnected) | |
559 | return; | |
560 | ||
561 | while (selected == NULL) { | |
562 | for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { | |
563 | selected = wpa_supplicant_select_bss( | |
564 | wpa_s, wpa_s->conf->pssid[prio], &ssid); | |
565 | if (selected) | |
566 | break; | |
567 | } | |
568 | ||
569 | if (selected == NULL && wpa_s->blacklist) { | |
570 | wpa_printf(MSG_DEBUG, "No APs found - clear blacklist " | |
571 | "and try again"); | |
572 | wpa_blacklist_clear(wpa_s); | |
573 | } else if (selected == NULL) { | |
574 | break; | |
575 | } | |
576 | } | |
577 | ||
578 | if (selected) { | |
579 | /* Do not trigger new association unless the BSSID has changed | |
580 | * or if reassociation is requested. If we are in process of | |
581 | * associating with the selected BSSID, do not trigger new | |
582 | * attempt. */ | |
583 | if (wpa_s->reassociate || | |
584 | (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 && | |
585 | (wpa_s->wpa_state != WPA_ASSOCIATING || | |
586 | os_memcmp(selected->bssid, wpa_s->pending_bssid, | |
587 | ETH_ALEN) != 0))) { | |
588 | if (wpa_supplicant_scard_init(wpa_s, ssid)) { | |
589 | wpa_supplicant_req_scan(wpa_s, 10, 0); | |
590 | return; | |
591 | } | |
592 | wpa_supplicant_associate(wpa_s, selected, ssid); | |
593 | } else { | |
594 | wpa_printf(MSG_DEBUG, "Already associated with the " | |
595 | "selected AP."); | |
596 | } | |
597 | rsn_preauth_scan_results(wpa_s->wpa, wpa_s->scan_res); | |
598 | } else { | |
599 | wpa_printf(MSG_DEBUG, "No suitable AP found."); | |
600 | timeout = 5; | |
601 | goto req_scan; | |
602 | } | |
603 | ||
604 | return; | |
605 | ||
606 | req_scan: | |
607 | if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1) { | |
608 | /* | |
609 | * Quick recovery if the initial scan results were not | |
610 | * complete when fetched before the first scan request. | |
611 | */ | |
612 | wpa_s->scan_res_tried++; | |
613 | timeout = 0; | |
614 | } | |
615 | wpa_supplicant_req_scan(wpa_s, timeout, 0); | |
616 | } | |
617 | #endif /* CONFIG_NO_SCAN_PROCESSING */ | |
618 | ||
619 | ||
620 | static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, | |
621 | union wpa_event_data *data) | |
622 | { | |
623 | int l, len, found = 0, wpa_found, rsn_found; | |
624 | u8 *p; | |
625 | ||
626 | wpa_printf(MSG_DEBUG, "Association info event"); | |
627 | if (data->assoc_info.req_ies) | |
628 | wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies, | |
629 | data->assoc_info.req_ies_len); | |
630 | if (data->assoc_info.resp_ies) | |
631 | wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies, | |
632 | data->assoc_info.resp_ies_len); | |
633 | if (data->assoc_info.beacon_ies) | |
634 | wpa_hexdump(MSG_DEBUG, "beacon_ies", | |
635 | data->assoc_info.beacon_ies, | |
636 | data->assoc_info.beacon_ies_len); | |
637 | ||
638 | p = data->assoc_info.req_ies; | |
639 | l = data->assoc_info.req_ies_len; | |
640 | ||
641 | /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */ | |
642 | while (p && l >= 2) { | |
643 | len = p[1] + 2; | |
644 | if (len > l) { | |
645 | wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", | |
646 | p, l); | |
647 | break; | |
648 | } | |
649 | if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && | |
650 | (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) || | |
651 | (p[0] == WLAN_EID_RSN && p[1] >= 2)) { | |
652 | if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len)) | |
653 | break; | |
654 | found = 1; | |
655 | wpa_find_assoc_pmkid(wpa_s); | |
656 | break; | |
657 | } | |
658 | l -= len; | |
659 | p += len; | |
660 | } | |
661 | if (!found && data->assoc_info.req_ies) | |
662 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); | |
663 | ||
664 | /* WPA/RSN IE from Beacon/ProbeResp */ | |
665 | p = data->assoc_info.beacon_ies; | |
666 | l = data->assoc_info.beacon_ies_len; | |
667 | ||
668 | /* Go through the IEs and make a copy of the WPA/RSN IEs, if present. | |
669 | */ | |
670 | wpa_found = rsn_found = 0; | |
671 | while (p && l >= 2) { | |
672 | len = p[1] + 2; | |
673 | if (len > l) { | |
674 | wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies", | |
675 | p, l); | |
676 | break; | |
677 | } | |
678 | if (!wpa_found && | |
679 | p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && | |
680 | os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) { | |
681 | wpa_found = 1; | |
682 | wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len); | |
683 | } | |
684 | ||
685 | if (!rsn_found && | |
686 | p[0] == WLAN_EID_RSN && p[1] >= 2) { | |
687 | rsn_found = 1; | |
688 | wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len); | |
689 | } | |
690 | ||
691 | l -= len; | |
692 | p += len; | |
693 | } | |
694 | ||
695 | if (!wpa_found && data->assoc_info.beacon_ies) | |
696 | wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); | |
697 | if (!rsn_found && data->assoc_info.beacon_ies) | |
698 | wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); | |
699 | if (wpa_found || rsn_found) | |
700 | wpa_s->ap_ies_from_associnfo = 1; | |
701 | } | |
702 | ||
703 | ||
704 | static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, | |
705 | union wpa_event_data *data) | |
706 | { | |
707 | u8 bssid[ETH_ALEN]; | |
708 | int ft_completed = wpa_ft_is_completed(wpa_s->wpa); | |
709 | ||
710 | if (data) | |
711 | wpa_supplicant_event_associnfo(wpa_s, data); | |
712 | ||
713 | wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED); | |
714 | if (wpa_s->use_client_mlme) | |
715 | os_memcpy(bssid, wpa_s->bssid, ETH_ALEN); | |
716 | if (wpa_s->use_client_mlme || | |
717 | (wpa_drv_get_bssid(wpa_s, bssid) >= 0 && | |
718 | os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0)) { | |
719 | wpa_msg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID=" | |
720 | MACSTR, MAC2STR(bssid)); | |
721 | os_memcpy(wpa_s->bssid, bssid, ETH_ALEN); | |
722 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); | |
723 | if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { | |
724 | wpa_clear_keys(wpa_s, bssid); | |
725 | } | |
726 | if (wpa_supplicant_select_config(wpa_s) < 0) { | |
727 | wpa_supplicant_disassociate( | |
728 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); | |
729 | return; | |
730 | } | |
731 | } | |
732 | ||
733 | wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid)); | |
734 | if (wpa_s->current_ssid) { | |
735 | /* When using scanning (ap_scan=1), SIM PC/SC interface can be | |
736 | * initialized before association, but for other modes, | |
737 | * initialize PC/SC here, if the current configuration needs | |
738 | * smartcard or SIM/USIM. */ | |
739 | wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); | |
740 | } | |
741 | wpa_sm_notify_assoc(wpa_s->wpa, bssid); | |
742 | l2_packet_notify_auth_start(wpa_s->l2); | |
743 | ||
744 | /* | |
745 | * Set portEnabled first to FALSE in order to get EAP state machine out | |
746 | * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE | |
747 | * state machine may transit to AUTHENTICATING state based on obsolete | |
748 | * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to | |
749 | * AUTHENTICATED without ever giving chance to EAP state machine to | |
750 | * reset the state. | |
751 | */ | |
752 | if (!ft_completed) { | |
753 | eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); | |
754 | eapol_sm_notify_portValid(wpa_s->eapol, FALSE); | |
755 | } | |
56586197 | 756 | if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed) |
6fc6879b JM |
757 | eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); |
758 | /* 802.1X::portControl = Auto */ | |
759 | eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); | |
760 | wpa_s->eapol_received = 0; | |
761 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || | |
762 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { | |
763 | wpa_supplicant_cancel_auth_timeout(wpa_s); | |
764 | wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); | |
765 | } else if (!ft_completed) { | |
766 | /* Timeout for receiving the first EAPOL packet */ | |
767 | wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); | |
768 | } | |
769 | wpa_supplicant_cancel_scan(wpa_s); | |
770 | ||
771 | if (wpa_s->driver_4way_handshake && | |
56586197 | 772 | wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { |
6fc6879b JM |
773 | /* |
774 | * We are done; the driver will take care of RSN 4-way | |
775 | * handshake. | |
776 | */ | |
777 | wpa_supplicant_cancel_auth_timeout(wpa_s); | |
778 | wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); | |
779 | eapol_sm_notify_portValid(wpa_s->eapol, TRUE); | |
780 | eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); | |
781 | } | |
782 | } | |
783 | ||
784 | ||
785 | static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s) | |
786 | { | |
787 | const u8 *bssid; | |
788 | ||
789 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { | |
790 | /* | |
791 | * At least Host AP driver and a Prism3 card seemed to be | |
792 | * generating streams of disconnected events when configuring | |
793 | * IBSS for WPA-None. Ignore them for now. | |
794 | */ | |
795 | wpa_printf(MSG_DEBUG, "Disconnect event - ignore in " | |
796 | "IBSS/WPA-None mode"); | |
797 | return; | |
798 | } | |
799 | ||
800 | if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE && | |
56586197 | 801 | wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { |
6fc6879b JM |
802 | wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " |
803 | "pre-shared key may be incorrect"); | |
804 | } | |
805 | if (wpa_s->wpa_state >= WPA_ASSOCIATED) | |
806 | wpa_supplicant_req_scan(wpa_s, 0, 100000); | |
807 | bssid = wpa_s->bssid; | |
a8e16edc | 808 | if (is_zero_ether_addr(bssid)) |
6fc6879b JM |
809 | bssid = wpa_s->pending_bssid; |
810 | wpa_blacklist_add(wpa_s, bssid); | |
811 | wpa_sm_notify_disassoc(wpa_s->wpa); | |
812 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "- Disconnect event - " | |
813 | "remove keys"); | |
814 | if (wpa_supplicant_dynamic_keys(wpa_s)) { | |
815 | wpa_s->keys_cleared = 0; | |
816 | wpa_clear_keys(wpa_s, wpa_s->bssid); | |
817 | } | |
818 | wpa_supplicant_mark_disassoc(wpa_s); | |
819 | } | |
820 | ||
821 | ||
822 | static void | |
823 | wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s, | |
824 | union wpa_event_data *data) | |
825 | { | |
826 | int pairwise; | |
827 | struct os_time t; | |
828 | ||
829 | wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected"); | |
830 | pairwise = (data && data->michael_mic_failure.unicast); | |
831 | wpa_sm_key_request(wpa_s->wpa, 1, pairwise); | |
832 | os_get_time(&t); | |
833 | if (wpa_s->last_michael_mic_error && | |
834 | t.sec - wpa_s->last_michael_mic_error <= 60) { | |
835 | /* initialize countermeasures */ | |
836 | wpa_s->countermeasures = 1; | |
837 | wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started"); | |
838 | ||
839 | /* | |
840 | * Need to wait for completion of request frame. We do not get | |
841 | * any callback for the message completion, so just wait a | |
842 | * short while and hope for the best. */ | |
843 | os_sleep(0, 10000); | |
844 | ||
845 | wpa_drv_set_countermeasures(wpa_s, 1); | |
846 | wpa_supplicant_deauthenticate(wpa_s, | |
847 | WLAN_REASON_MICHAEL_MIC_FAILURE); | |
848 | eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, | |
849 | wpa_s, NULL); | |
850 | eloop_register_timeout(60, 0, | |
851 | wpa_supplicant_stop_countermeasures, | |
852 | wpa_s, NULL); | |
853 | /* TODO: mark the AP rejected for 60 second. STA is | |
854 | * allowed to associate with another AP.. */ | |
855 | } | |
856 | wpa_s->last_michael_mic_error = t.sec; | |
857 | } | |
858 | ||
859 | ||
860 | static void | |
861 | wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, | |
862 | union wpa_event_data *data) | |
863 | { | |
864 | if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0) | |
865 | return; | |
866 | ||
867 | switch (data->interface_status.ievent) { | |
868 | case EVENT_INTERFACE_ADDED: | |
869 | if (!wpa_s->interface_removed) | |
870 | break; | |
871 | wpa_s->interface_removed = 0; | |
872 | wpa_printf(MSG_DEBUG, "Configured interface was added."); | |
873 | if (wpa_supplicant_driver_init(wpa_s) < 0) { | |
874 | wpa_printf(MSG_INFO, "Failed to initialize the driver " | |
875 | "after interface was added."); | |
876 | } | |
877 | break; | |
878 | case EVENT_INTERFACE_REMOVED: | |
879 | wpa_printf(MSG_DEBUG, "Configured interface was removed."); | |
880 | wpa_s->interface_removed = 1; | |
881 | wpa_supplicant_mark_disassoc(wpa_s); | |
882 | l2_packet_deinit(wpa_s->l2); | |
883 | wpa_s->l2 = NULL; | |
884 | break; | |
885 | } | |
886 | } | |
887 | ||
888 | ||
889 | #ifdef CONFIG_PEERKEY | |
890 | static void | |
891 | wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, | |
892 | union wpa_event_data *data) | |
893 | { | |
894 | if (data == NULL) | |
895 | return; | |
896 | wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); | |
897 | } | |
898 | #endif /* CONFIG_PEERKEY */ | |
899 | ||
900 | ||
901 | #ifdef CONFIG_IEEE80211R | |
902 | static void | |
903 | wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s, | |
904 | union wpa_event_data *data) | |
905 | { | |
906 | if (data == NULL) | |
907 | return; | |
908 | ||
909 | if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies, | |
910 | data->ft_ies.ies_len, | |
911 | data->ft_ies.ft_action, | |
912 | data->ft_ies.target_ap) < 0) { | |
913 | /* TODO: prevent MLME/driver from trying to associate? */ | |
914 | } | |
915 | } | |
916 | #endif /* CONFIG_IEEE80211R */ | |
917 | ||
918 | ||
919 | void wpa_supplicant_event(void *ctx, wpa_event_type event, | |
920 | union wpa_event_data *data) | |
921 | { | |
922 | struct wpa_supplicant *wpa_s = ctx; | |
923 | ||
924 | switch (event) { | |
925 | case EVENT_ASSOC: | |
926 | wpa_supplicant_event_assoc(wpa_s, data); | |
927 | break; | |
928 | case EVENT_DISASSOC: | |
929 | wpa_supplicant_event_disassoc(wpa_s); | |
930 | break; | |
931 | case EVENT_MICHAEL_MIC_FAILURE: | |
932 | wpa_supplicant_event_michael_mic_failure(wpa_s, data); | |
933 | break; | |
934 | #ifndef CONFIG_NO_SCAN_PROCESSING | |
935 | case EVENT_SCAN_RESULTS: | |
936 | wpa_supplicant_event_scan_results(wpa_s); | |
937 | break; | |
938 | #endif /* CONFIG_NO_SCAN_PROCESSING */ | |
939 | case EVENT_ASSOCINFO: | |
940 | wpa_supplicant_event_associnfo(wpa_s, data); | |
941 | break; | |
942 | case EVENT_INTERFACE_STATUS: | |
943 | wpa_supplicant_event_interface_status(wpa_s, data); | |
944 | break; | |
945 | case EVENT_PMKID_CANDIDATE: | |
946 | wpa_supplicant_event_pmkid_candidate(wpa_s, data); | |
947 | break; | |
948 | #ifdef CONFIG_PEERKEY | |
949 | case EVENT_STKSTART: | |
950 | wpa_supplicant_event_stkstart(wpa_s, data); | |
951 | break; | |
952 | #endif /* CONFIG_PEERKEY */ | |
953 | #ifdef CONFIG_IEEE80211R | |
954 | case EVENT_FT_RESPONSE: | |
955 | wpa_supplicant_event_ft_response(wpa_s, data); | |
956 | break; | |
957 | #endif /* CONFIG_IEEE80211R */ | |
958 | default: | |
959 | wpa_printf(MSG_INFO, "Unknown event %d", event); | |
960 | break; | |
961 | } | |
962 | } |