]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/events.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
WPS NFC: Fix build without CONFIG_WPS_ER
[thirdparty/hostap.git] / wpa_supplicant / events.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant - Driver event processing
3d9975d5 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 */
8
9#include "includes.h"
10
11#include "common.h"
12#include "eapol_supp/eapol_supp_sm.h"
3acb5005 13#include "rsn_supp/wpa.h"
6fc6879b 14#include "eloop.h"
6fc6879b
JM		 15#include "config.h"
16#include "l2_packet/l2_packet.h"
17#include "wpa_supplicant_i.h"
2d5b792d 18#include "driver_i.h"
6fc6879b 19#include "pcsc_funcs.h"
3acb5005
JM		 20#include "rsn_supp/preauth.h"
21#include "rsn_supp/pmksa_cache.h"
90973fb2 22#include "common/wpa_ctrl.h"
6fc6879b 23#include "eap_peer/eap.h"
1d041bec 24#include "ap/hostapd.h"
93b7ddd0 25#include "p2p/p2p.h"
75cad1a0 26#include "wnm_sta.h"
8bac466b 27#include "notify.h"
90973fb2 28#include "common/ieee802_11_defs.h"
54f489be 29#include "common/ieee802_11_common.h"
bbb921da 30#include "crypto/random.h"
6fc6879b
JM		 31#include "blacklist.h"
32#include "wpas_glue.h"
351f09a2 33#include "wps_supplicant.h"
11ef8d35 34#include "ibss_rsn.h"
c2a04078 35#include "sme.h"
04ea7b79 36#include "gas_query.h"
9bae1be0 37#include "p2p_supplicant.h"
60b94c98 38#include "bgscan.h"
7c865c68 39#include "autoscan.h"
f8b1f695 40#include "ap.h"
6fa81a3b 41#include "bss.h"
9ba9fa07 42#include "scan.h"
24f6497c 43#include "offchannel.h"
4d5bda5f 44#include "interworking.h"
6fc6879b
JM		 45
46
d6bbcce4
JM		 47static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s);
48
49
00e5e3d5
JM		 50static int wpas_temp_disabled(struct wpa_supplicant *wpa_s,
51 struct wpa_ssid *ssid)
52{
53 struct os_time now;
54
55 if (ssid == NULL || ssid->disabled_until.sec == 0)
56 return 0;
57
58 os_get_time(&now);
59 if (ssid->disabled_until.sec > now.sec)
60 return ssid->disabled_until.sec - now.sec;
61
62 wpas_clear_temp_disabled(wpa_s, ssid, 0);
63
64 return 0;
65}
66
67
6fc6879b
JM		 68static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
69{
8bac466b 70 struct wpa_ssid *ssid, *old_ssid;
00e5e3d5 71 int res;
6fc6879b
JM		 72
73 if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid)
74 return 0;
75
f049052b
BG		 76 wpa_dbg(wpa_s, MSG_DEBUG, "Select network based on association "
77 "information");
6fc6879b
JM		 78 ssid = wpa_supplicant_get_ssid(wpa_s);
79 if (ssid == NULL) {
f049052b
BG		 80 wpa_msg(wpa_s, MSG_INFO,
81 "No network configuration found for the current AP");
6fc6879b
JM		 82 return -1;
83 }
84
349493bd 85 if (wpas_network_disabled(wpa_s, ssid)) {
f049052b 86 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is disabled");
6fc6879b
JM		 87 return -1;
88 }
89
6407f413
JM		 90 if (disallowed_bssid(wpa_s, wpa_s->bssid) ||
91 disallowed_ssid(wpa_s, ssid->ssid, ssid->ssid_len)) {
92 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS is disallowed");
93 return -1;
94 }
95
00e5e3d5
JM		 96 res = wpas_temp_disabled(wpa_s, ssid);
97 if (res > 0) {
98 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is temporarily "
99 "disabled for %d second(s)", res);
100 return -1;
101 }
102
f049052b
BG		 103 wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the "
104 "current AP");
0bf927a0 105 if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
6fc6879b
JM		 106 u8 wpa_ie[80];
107 size_t wpa_ie_len = sizeof(wpa_ie);
cbf61176
JM		 108 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
109 wpa_ie, &wpa_ie_len) < 0)
110 wpa_dbg(wpa_s, MSG_DEBUG, "Could not set WPA suites");
6fc6879b
JM		 111 } else {
112 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
113 }
114
115 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid)
116 eapol_sm_invalidate_cached_session(wpa_s->eapol);
8bac466b 117 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 118 wpa_s->current_ssid = ssid;
119 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
120 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 121 if (old_ssid != wpa_s->current_ssid)
122 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 123
124 return 0;
125}
126
127
01a17491 128void wpa_supplicant_stop_countermeasures(void *eloop_ctx, void *sock_ctx)
6fc6879b
JM		 129{
130 struct wpa_supplicant *wpa_s = eloop_ctx;
131
132 if (wpa_s->countermeasures) {
133 wpa_s->countermeasures = 0;
134 wpa_drv_set_countermeasures(wpa_s, 0);
135 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped");
136 wpa_supplicant_req_scan(wpa_s, 0, 0);
137 }
138}
139
140
141void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s)
142{
8bac466b
JM		 143 int bssid_changed;
144
b6668734
JM		 145 wnm_bss_keep_alive_deinit(wpa_s);
146
78177a00
JM		 147#ifdef CONFIG_IBSS_RSN
148 ibss_rsn_deinit(wpa_s->ibss_rsn);
149 wpa_s->ibss_rsn = NULL;
150#endif /* CONFIG_IBSS_RSN */
151
ca62e114
JM		 152#ifdef CONFIG_AP
153 wpa_supplicant_ap_deinit(wpa_s);
154#endif /* CONFIG_AP */
155
8401a6b0
JM		 156 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
157 return;
158
6fc6879b 159 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
8bac466b 160 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 161 os_memset(wpa_s->bssid, 0, ETH_ALEN);
162 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
a0227929
JM		 163#ifdef CONFIG_SME
164 wpa_s->sme.prev_bssid_set = 0;
165#endif /* CONFIG_SME */
b1aebbc4
JM		 166#ifdef CONFIG_P2P
167 os_memset(wpa_s->go_dev_addr, 0, ETH_ALEN);
168#endif /* CONFIG_P2P */
be8be671 169 wpa_s->current_bss = NULL;
3c85f144 170 wpa_s->assoc_freq = 0;
8fd0f0f3
HW		 171#ifdef CONFIG_IEEE80211R
172#ifdef CONFIG_SME
173 if (wpa_s->sme.ft_ies)
174 sme_update_ft_ies(wpa_s, NULL, NULL, 0);
175#endif /* CONFIG_SME */
176#endif /* CONFIG_IEEE80211R */
177
8bac466b
JM		 178 if (bssid_changed)
179 wpas_notify_bssid_changed(wpa_s);
180
6fc6879b
JM		 181 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
182 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
56586197 183 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt))
6fc6879b
JM		 184 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
185 wpa_s->ap_ies_from_associnfo = 0;
0d30cc24
JM		 186 wpa_s->current_ssid = NULL;
187 wpa_s->key_mgmt = 0;
6fc6879b
JM		 188}
189
190
191static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s)
192{
193 struct wpa_ie_data ie;
194 int pmksa_set = -1;
195 size_t i;
196
197 if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 ||
198 ie.pmkid == NULL)
199 return;
200
201 for (i = 0; i < ie.num_pmkid; i++) {
202 pmksa_set = pmksa_cache_set_current(wpa_s->wpa,
203 ie.pmkid + i * PMKID_LEN,
204 NULL, NULL, 0);
205 if (pmksa_set == 0) {
206 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
207 break;
208 }
209 }
210
f049052b
BG		 211 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from "
212 "PMKSA cache", pmksa_set == 0 ? "" : "not ");
6fc6879b
JM		 213}
214
215
216static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s,
217 union wpa_event_data *data)
218{
219 if (data == NULL) {
f049052b
BG		 220 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: No data in PMKID candidate "
221 "event");
6fc6879b
JM		 222 return;
223 }
f049052b
BG		 224 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR
225 " index=%d preauth=%d",
226 MAC2STR(data->pmkid_candidate.bssid),
227 data->pmkid_candidate.index,
228 data->pmkid_candidate.preauth);
6fc6879b
JM		 229
230 pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid,
231 data->pmkid_candidate.index,
232 data->pmkid_candidate.preauth);
233}
234
235
236static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s)
237{
238 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
239 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
240 return 0;
241
242#ifdef IEEE8021X_EAPOL
243 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
244 wpa_s->current_ssid &&
245 !(wpa_s->current_ssid->eapol_flags &
246 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
247 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) {
248 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either
249 * plaintext or static WEP keys). */
250 return 0;
251 }
252#endif /* IEEE8021X_EAPOL */
253
254 return 1;
255}
256
257
258/**
259 * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC
260 * @wpa_s: pointer to wpa_supplicant data
261 * @ssid: Configuration data for the network
262 * Returns: 0 on success, -1 on failure
263 *
264 * This function is called when starting authentication with a network that is
265 * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA).
266 */
267int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s,
268 struct wpa_ssid *ssid)
269{
270#ifdef IEEE8021X_EAPOL
b832d34c 271#ifdef PCSC_FUNCS
6fc6879b
JM		 272 int aka = 0, sim = 0, type;
273
274 if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL)
275 return 0;
276
277 if (ssid->eap.eap_methods == NULL) {
278 sim = 1;
279 aka = 1;
280 } else {
281 struct eap_method_type *eap = ssid->eap.eap_methods;
282 while (eap->vendor != EAP_VENDOR_IETF ||
283 eap->method != EAP_TYPE_NONE) {
284 if (eap->vendor == EAP_VENDOR_IETF) {
285 if (eap->method == EAP_TYPE_SIM)
286 sim = 1;
3d332fe7
JM		 287 else if (eap->method == EAP_TYPE_AKA ||
288 eap->method == EAP_TYPE_AKA_PRIME)
6fc6879b
JM		 289 aka = 1;
290 }
291 eap++;
292 }
293 }
294
295 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL)
296 sim = 0;
3d332fe7
JM		 297 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL &&
298 eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA_PRIME) ==
299 NULL)
6fc6879b
JM		 300 aka = 0;
301
302 if (!sim && !aka) {
f049052b
BG		 303 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to "
304 "use SIM, but neither EAP-SIM nor EAP-AKA are "
305 "enabled");
6fc6879b
JM		 306 return 0;
307 }
308
f049052b
BG		 309 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to use SIM "
310 "(sim=%d aka=%d) - initialize PCSC", sim, aka);
6fc6879b
JM		 311 if (sim && aka)
312 type = SCARD_TRY_BOTH;
313 else if (aka)
314 type = SCARD_USIM_ONLY;
315 else
316 type = SCARD_GSM_SIM_ONLY;
317
f64adcd7 318 wpa_s->scard = scard_init(type, NULL);
6fc6879b 319 if (wpa_s->scard == NULL) {
f049052b
BG		 320 wpa_msg(wpa_s, MSG_WARNING, "Failed to initialize SIM "
321 "(pcsc-lite)");
6fc6879b
JM		 322 return -1;
323 }
324 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
325 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
b832d34c 326#endif /* PCSC_FUNCS */
6fc6879b
JM		 327#endif /* IEEE8021X_EAPOL */
328
329 return 0;
330}
331
332
333#ifndef CONFIG_NO_SCAN_PROCESSING
620c7837 334static int wpa_supplicant_match_privacy(struct wpa_bss *bss,
6fc6879b
JM		 335 struct wpa_ssid *ssid)
336{
337 int i, privacy = 0;
338
339 if (ssid->mixed_cell)
340 return 1;
341
0632542b
AT		 342#ifdef CONFIG_WPS
343 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
344 return 1;
345#endif /* CONFIG_WPS */
346
6fc6879b
JM		 347 for (i = 0; i < NUM_WEP_KEYS; i++) {
348 if (ssid->wep_key_len[i]) {
349 privacy = 1;
350 break;
351 }
352 }
353#ifdef IEEE8021X_EAPOL
354 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
355 ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
356 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))
357 privacy = 1;
358#endif /* IEEE8021X_EAPOL */
359
29fbc522
JM		 360 if (wpa_key_mgmt_wpa(ssid->key_mgmt))
361 privacy = 1;
362
6fc6879b
JM		 363 if (bss->caps & IEEE80211_CAP_PRIVACY)
364 return privacy;
365 return !privacy;
366}
367
368
a6099152
JM		 369static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
370 struct wpa_ssid *ssid,
620c7837 371 struct wpa_bss *bss)
6fc6879b
JM		 372{
373 struct wpa_ie_data ie;
374 int proto_match = 0;
375 const u8 *rsn_ie, *wpa_ie;
351f09a2 376 int ret;
43882f1e 377 int wep_ok;
6fc6879b 378
a6099152 379 ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss);
351f09a2
JM		 380 if (ret >= 0)
381 return ret;
ad08c363 382
43882f1e
JM		 383 /* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */
384 wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) &&
385 (((ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
386 ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) ||
387 (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA));
388
620c7837 389 rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 390 while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) {
391 proto_match++;
392
393 if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) {
f049052b
BG		 394 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - parse "
395 "failed");
6fc6879b
JM		 396 break;
397 }
43882f1e
JM		 398
399 if (wep_ok &&
400 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
401 {
f049052b
BG		 402 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN "
403 "in RSN IE");
43882f1e
JM		 404 return 1;
405 }
406
6fc6879b 407 if (!(ie.proto & ssid->proto)) {
f049052b
BG		 408 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - proto "
409 "mismatch");
6fc6879b
JM		 410 break;
411 }
412
413 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) {
f049052b
BG		 414 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - PTK "
415 "cipher mismatch");
6fc6879b
JM		 416 break;
417 }
418
419 if (!(ie.group_cipher & ssid->group_cipher)) {
f049052b
BG		 420 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - GTK "
421 "cipher mismatch");
6fc6879b
JM		 422 break;
423 }
424
425 if (!(ie.key_mgmt & ssid->key_mgmt)) {
f049052b
BG		 426 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - key mgmt "
427 "mismatch");
6fc6879b
JM		 428 break;
429 }
430
431#ifdef CONFIG_IEEE80211W
0b60b0aa 432 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
62d49803
JM		 433 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
434 wpa_s->conf->pmf : ssid->ieee80211w) ==
435 MGMT_FRAME_PROTECTION_REQUIRED) {
f049052b
BG		 436 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - no mgmt "
437 "frame protection");
6fc6879b
JM		 438 break;
439 }
440#endif /* CONFIG_IEEE80211W */
441
f049052b 442 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE");
6fc6879b
JM		 443 return 1;
444 }
445
620c7837 446 wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
6fc6879b
JM		 447 while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) {
448 proto_match++;
449
450 if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) {
f049052b
BG		 451 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - parse "
452 "failed");
6fc6879b
JM		 453 break;
454 }
43882f1e
JM		 455
456 if (wep_ok &&
457 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104)))
458 {
f049052b
BG		 459 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN "
460 "in WPA IE");
43882f1e
JM		 461 return 1;
462 }
463
6fc6879b 464 if (!(ie.proto & ssid->proto)) {
f049052b
BG		 465 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - proto "
466 "mismatch");
6fc6879b
JM		 467 break;
468 }
469
470 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) {
f049052b
BG		 471 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - PTK "
472 "cipher mismatch");
6fc6879b
JM		 473 break;
474 }
475
476 if (!(ie.group_cipher & ssid->group_cipher)) {
f049052b
BG		 477 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - GTK "
478 "cipher mismatch");
6fc6879b
JM		 479 break;
480 }
481
482 if (!(ie.key_mgmt & ssid->key_mgmt)) {
f049052b
BG		 483 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - key mgmt "
484 "mismatch");
6fc6879b
JM		 485 break;
486 }
487
f049052b 488 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on WPA IE");
6fc6879b
JM		 489 return 1;
490 }
491
a3f7e518
JM		 492 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && !wpa_ie &&
493 !rsn_ie) {
494 wpa_dbg(wpa_s, MSG_DEBUG, " allow for non-WPA IEEE 802.1X");
495 return 1;
496 }
497
cc5e390d 498 if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) &&
df83fb7d 499 wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) {
f049052b 500 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match");
cc5e390d
JM		 501 return 0;
502 }
6fc6879b 503
c2f1fe41
JM		 504 if (!wpa_key_mgmt_wpa(ssid->key_mgmt)) {
505 wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2");
506 return 1;
507 }
508
509 wpa_dbg(wpa_s, MSG_DEBUG, " reject due to mismatch with "
510 "WPA/WPA2");
511
512 return 0;
6fc6879b
JM		 513}
514
515
b766a9a2
JM		 516static int freq_allowed(int *freqs, int freq)
517{
518 int i;
519
520 if (freqs == NULL)
521 return 1;
522
523 for (i = 0; freqs[i]; i++)
524 if (freqs[i] == freq)
525 return 1;
526 return 0;
527}
528
529
e1e8cae3
CL		 530static int ht_supported(const struct hostapd_hw_modes *mode)
531{
532 if (!(mode->flags & HOSTAPD_MODE_FLAG_HT_INFO_KNOWN)) {
533 /*
534 * The driver did not indicate whether it supports HT. Assume
535 * it does to avoid connection issues.
536 */
537 return 1;
538 }
539
540 /*
541 * IEEE Std 802.11n-2009 20.1.1:
542 * An HT non-AP STA shall support all EQM rates for one spatial stream.
543 */
544 return mode->mcs_set[0] == 0xff;
545}
546
547
620c7837 548static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss)
e1e8cae3
CL		 549{
550 const struct hostapd_hw_modes *mode = NULL, *modes;
551 const u8 scan_ie[2] = { WLAN_EID_SUPP_RATES, WLAN_EID_EXT_SUPP_RATES };
552 const u8 *rate_ie;
553 int i, j, k;
554
a6d94e1b
JM		 555 if (bss->freq == 0)
556 return 1; /* Cannot do matching without knowing band */
557
e1e8cae3
CL		 558 modes = wpa_s->hw.modes;
559 if (modes == NULL) {
560 /*
561 * The driver does not provide any additional information
562 * about the utilized hardware, so allow the connection attempt
563 * to continue.
564 */
565 return 1;
566 }
567
568 for (i = 0; i < wpa_s->hw.num_modes; i++) {
569 for (j = 0; j < modes[i].num_channels; j++) {
570 int freq = modes[i].channels[j].freq;
571 if (freq == bss->freq) {
572 if (mode &&
573 mode->mode == HOSTAPD_MODE_IEEE80211G)
574 break; /* do not allow 802.11b replace
575 * 802.11g */
576 mode = &modes[i];
577 break;
578 }
579 }
580 }
581
582 if (mode == NULL)
583 return 0;
584
585 for (i = 0; i < (int) sizeof(scan_ie); i++) {
620c7837 586 rate_ie = wpa_bss_get_ie(bss, scan_ie[i]);
e1e8cae3
CL		 587 if (rate_ie == NULL)
588 continue;
589
590 for (j = 2; j < rate_ie[1] + 2; j++) {
591 int flagged = !!(rate_ie[j] & 0x80);
592 int r = (rate_ie[j] & 0x7f) * 5;
593
594 /*
595 * IEEE Std 802.11n-2009 7.3.2.2:
596 * The new BSS Membership selector value is encoded
597 * like a legacy basic rate, but it is not a rate and
598 * only indicates if the BSS members are required to
599 * support the mandatory features of Clause 20 [HT PHY]
600 * in order to join the BSS.
601 */
602 if (flagged && ((rate_ie[j] & 0x7f) ==
603 BSS_MEMBERSHIP_SELECTOR_HT_PHY)) {
604 if (!ht_supported(mode)) {
605 wpa_dbg(wpa_s, MSG_DEBUG,
606 " hardware does not support "
607 "HT PHY");
608 return 0;
609 }
610 continue;
611 }
612
613 if (!flagged)
614 continue;
615
616 /* check for legacy basic rates */
617 for (k = 0; k < mode->num_rates; k++) {
618 if (mode->rates[k] == r)
619 break;
620 }
621 if (k == mode->num_rates) {
622 /*
623 * IEEE Std 802.11-2007 7.3.2.2 demands that in
624 * order to join a BSS all required rates
625 * have to be supported by the hardware.
626 */
627 wpa_dbg(wpa_s, MSG_DEBUG, " hardware does "
628 "not support required rate %d.%d Mbps",
629 r / 10, r % 10);
630 return 0;
631 }
632 }
633 }
634
635 return 1;
636}
637
638
ff3ad3c5
VK		 639static int bss_is_dmg(struct wpa_bss *bss)
640{
641 return bss->freq > 45000;
642}
643
644
645/*
646 * Test whether BSS is in an ESS.
647 * This is done differently in DMG (60 GHz) and non-DMG bands
648 */
649static int bss_is_ess(struct wpa_bss *bss)
650{
651 if (bss_is_dmg(bss)) {
652 return (bss->caps & IEEE80211_CAP_DMG_MASK) ==
653 IEEE80211_CAP_DMG_AP;
654 }
655
656 return ((bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
657 IEEE80211_CAP_ESS);
658}
659
660
d8d940b7 661static struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s,
620c7837 662 int i, struct wpa_bss *bss,
d8d940b7 663 struct wpa_ssid *group)
6fc6879b 664{
620c7837 665 u8 wpa_ie_len, rsn_ie_len;
d8d940b7 666 int wpa;
6fc6879b
JM		 667 struct wpa_blacklist *e;
668 const u8 *ie;
d8d940b7 669 struct wpa_ssid *ssid;
6fc6879b 670
620c7837 671 ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
d8d940b7 672 wpa_ie_len = ie ? ie[1] : 0;
6fc6879b 673
620c7837 674 ie = wpa_bss_get_ie(bss, WLAN_EID_RSN);
d8d940b7 675 rsn_ie_len = ie ? ie[1] : 0;
6fc6879b 676
f049052b
BG		 677 wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
678 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d%s",
620c7837 679 i, MAC2STR(bss->bssid), wpa_ssid_txt(bss->ssid, bss->ssid_len),
f049052b 680 wpa_ie_len, rsn_ie_len, bss->caps, bss->level,
620c7837 681 wpa_bss_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? " wps" : "");
9cf32261 682
d8d940b7 683 e = wpa_blacklist_get(wpa_s, bss->bssid);
5471c343
JM		 684 if (e) {
685 int limit = 1;
349493bd 686 if (wpa_supplicant_enabled_networks(wpa_s) == 1) {
5471c343
JM		 687 /*
688 * When only a single network is enabled, we can
689 * trigger blacklisting on the first failure. This
690 * should not be done with multiple enabled networks to
691 * avoid getting forced to move into a worse ESS on
692 * single error if there are no other BSSes of the
693 * current ESS.
694 */
695 limit = 0;
696 }
697 if (e->count > limit) {
f049052b
BG		 698 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted "
699 "(count=%d limit=%d)", e->count, limit);
c2197bc9 700 return NULL;
5471c343 701 }
d8d940b7 702 }
6fc6879b 703
620c7837 704 if (bss->ssid_len == 0) {
f049052b 705 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known");
c2197bc9 706 return NULL;
d8d940b7 707 }
e81634cd 708
6407f413
JM		 709 if (disallowed_bssid(wpa_s, bss->bssid)) {
710 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID disallowed");
711 return NULL;
712 }
713
714 if (disallowed_ssid(wpa_s, bss->ssid, bss->ssid_len)) {
715 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID disallowed");
716 return NULL;
717 }
718
d8d940b7 719 wpa = wpa_ie_len > 0 || rsn_ie_len > 0;
6fc6879b 720
d8d940b7
JM		 721 for (ssid = group; ssid; ssid = ssid->pnext) {
722 int check_ssid = wpa ? 1 : (ssid->ssid_len != 0);
00e5e3d5 723 int res;
ad08c363 724
349493bd 725 if (wpas_network_disabled(wpa_s, ssid)) {
f049052b 726 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled");
0c703df3 727 continue;
d8d940b7 728 }
9cf32261 729
00e5e3d5
JM		 730 res = wpas_temp_disabled(wpa_s, ssid);
731 if (res > 0) {
732 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled "
733 "temporarily for %d second(s)", res);
734 continue;
735 }
736
ad08c363 737#ifdef CONFIG_WPS
f648bc7d 738 if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && e && e->count > 0) {
f049052b
BG		 739 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted "
740 "(WPS)");
f648bc7d
JM		 741 continue;
742 }
743
d8d940b7
JM		 744 if (wpa && ssid->ssid_len == 0 &&
745 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss))
746 check_ssid = 0;
747
748 if (!wpa && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
749 /* Only allow wildcard SSID match if an AP
750 * advertises active WPS operation that matches
751 * with our mode. */
752 check_ssid = 1;
ad08c363 753 if (ssid->ssid_len == 0 &&
a6099152 754 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss))
ad08c363 755 check_ssid = 0;
d8d940b7 756 }
ad08c363
JM		 757#endif /* CONFIG_WPS */
758
7d232e23
ZC		 759 if (ssid->bssid_set && ssid->ssid_len == 0 &&
760 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) == 0)
761 check_ssid = 0;
762
d8d940b7 763 if (check_ssid &&
620c7837
JM		 764 (bss->ssid_len != ssid->ssid_len ||
765 os_memcmp(bss->ssid, ssid->ssid, bss->ssid_len) != 0)) {
f049052b 766 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID mismatch");
0c703df3 767 continue;
6fc6879b 768 }
6fc6879b 769
d8d940b7
JM		 770 if (ssid->bssid_set &&
771 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) {
f049052b 772 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID mismatch");
0c703df3 773 continue;
d8d940b7 774 }
6fc6879b 775
cc5e390d 776 if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss))
0c703df3 777 continue;
9cf32261 778
d8d940b7
JM		 779 if (!wpa &&
780 !(ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
781 !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
782 !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) {
f049052b
BG		 783 wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-WPA network "
784 "not allowed");
0c703df3 785 continue;
6fc6879b 786 }
9cf32261 787
29fbc522 788 if (!wpa_supplicant_match_privacy(bss, ssid)) {
f049052b
BG		 789 wpa_dbg(wpa_s, MSG_DEBUG, " skip - privacy "
790 "mismatch");
0c703df3 791 continue;
e81634cd
JM		 792 }
793
ff3ad3c5
VK		 794 if (!bss_is_ess(bss)) {
795 wpa_dbg(wpa_s, MSG_DEBUG, " skip - not ESS network");
0c703df3 796 continue;
d8d940b7 797 }
b766a9a2 798
d8d940b7 799 if (!freq_allowed(ssid->freq_list, bss->freq)) {
f049052b
BG		 800 wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not "
801 "allowed");
0c703df3 802 continue;
6fc6879b 803 }
d8d940b7 804
e1e8cae3
CL		 805 if (!rate_match(wpa_s, bss)) {
806 wpa_dbg(wpa_s, MSG_DEBUG, " skip - rate sets do "
807 "not match");
808 continue;
809 }
810
73e49269
JM		 811#ifdef CONFIG_P2P
812 /*
813 * TODO: skip the AP if its P2P IE has Group Formation
814 * bit set in the P2P Group Capability Bitmap and we
815 * are not in Group Formation with that device.
816 */
817#endif /* CONFIG_P2P */
818
d8d940b7
JM		 819 /* Matching configuration found */
820 return ssid;
6fc6879b
JM		 821 }
822
d8d940b7 823 /* No matching configuration found */
c2197bc9 824 return NULL;
9cf32261
JM		 825}
826
827
6fa81a3b 828static struct wpa_bss *
a1fd2ce5 829wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s,
a1fd2ce5 830 struct wpa_ssid *group,
9cf32261
JM		 831 struct wpa_ssid **selected_ssid)
832{
620c7837 833 unsigned int i;
9cf32261 834
f049052b
BG		 835 wpa_dbg(wpa_s, MSG_DEBUG, "Selecting BSS from priority group %d",
836 group->priority);
9cf32261 837
620c7837
JM		 838 for (i = 0; i < wpa_s->last_scan_res_used; i++) {
839 struct wpa_bss *bss = wpa_s->last_scan_res[i];
d8d940b7
JM		 840 *selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group);
841 if (!*selected_ssid)
842 continue;
f049052b
BG		 843 wpa_dbg(wpa_s, MSG_DEBUG, " selected BSS " MACSTR
844 " ssid='%s'",
620c7837
JM		 845 MAC2STR(bss->bssid),
846 wpa_ssid_txt(bss->ssid, bss->ssid_len));
847 return bss;
d8d940b7
JM		 848 }
849
850 return NULL;
6fc6879b
JM		 851}
852
853
6fa81a3b 854static struct wpa_bss *
09b9df4e
JM		 855wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s,
856 struct wpa_ssid **selected_ssid)
6fc6879b 857{
6fa81a3b 858 struct wpa_bss *selected = NULL;
09b9df4e
JM		 859 int prio;
860
620c7837
JM		 861 if (wpa_s->last_scan_res == NULL ||
862 wpa_s->last_scan_res_used == 0)
863 return NULL; /* no scan results from last update */
864
09b9df4e
JM		 865 while (selected == NULL) {
866 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) {
867 selected = wpa_supplicant_select_bss(
620c7837 868 wpa_s, wpa_s->conf->pssid[prio],
09b9df4e
JM		 869 selected_ssid);
870 if (selected)
871 break;
872 }
873
8945cc45
BM		 874 if (selected == NULL && wpa_s->blacklist &&
875 !wpa_s->countermeasures) {
f049052b
BG		 876 wpa_dbg(wpa_s, MSG_DEBUG, "No APs found - clear "
877 "blacklist and try again");
09b9df4e
JM		 878 wpa_blacklist_clear(wpa_s);
879 wpa_s->blacklist_cleared++;
880 } else if (selected == NULL)
881 break;
882 }
883
884 return selected;
885}
886
887
888static void wpa_supplicant_req_new_scan(struct wpa_supplicant *wpa_s,
977b1174 889 int timeout_sec, int timeout_usec)
09b9df4e 890{
349493bd 891 if (!wpa_supplicant_enabled_networks(wpa_s)) {
4f34d51a
SL		 892 /*
893 * No networks are enabled; short-circuit request so
894 * we don't wait timeout seconds before transitioning
895 * to INACTIVE state.
896 */
ac06fb12
JM		 897 wpa_dbg(wpa_s, MSG_DEBUG, "Short-circuit new scan request "
898 "since there are no enabled networks");
4f34d51a 899 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
4c490780
JM		 900#ifdef CONFIG_P2P
901 wpa_s->sta_scan_pending = 0;
902#endif /* CONFIG_P2P */
4f34d51a 903 return;
09b9df4e 904 }
5cc70322
JM		 905
906 wpa_s->scan_for_connection = 1;
977b1174 907 wpa_supplicant_req_scan(wpa_s, timeout_sec, timeout_usec);
09b9df4e
JM		 908}
909
910
5cbd88d9
JJ		 911int wpa_supplicant_connect(struct wpa_supplicant *wpa_s,
912 struct wpa_bss *selected,
913 struct wpa_ssid *ssid)
09b9df4e
JM		 914{
915 if (wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) {
916 wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OVERLAP
917 "PBC session overlap");
b73bf0a7
JM		 918#ifdef CONFIG_P2P
919 if (wpas_p2p_notif_pbc_overlap(wpa_s) == 1)
5cbd88d9 920 return -1;
b73bf0a7 921#endif /* CONFIG_P2P */
199716ad
BG		 922
923#ifdef CONFIG_WPS
7736f18b 924 wpas_wps_cancel(wpa_s);
199716ad 925#endif /* CONFIG_WPS */
5cbd88d9 926 return -1;
09b9df4e
JM		 927 }
928
929 /*
930 * Do not trigger new association unless the BSSID has changed or if
931 * reassociation is requested. If we are in process of associating with
932 * the selected BSSID, do not trigger new attempt.
933 */
934 if (wpa_s->reassociate ||
935 (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 &&
e29853bb
BG		 936 ((wpa_s->wpa_state != WPA_ASSOCIATING &&
937 wpa_s->wpa_state != WPA_AUTHENTICATING) ||
09b9df4e
JM		 938 os_memcmp(selected->bssid, wpa_s->pending_bssid, ETH_ALEN) !=
939 0))) {
940 if (wpa_supplicant_scard_init(wpa_s, ssid)) {
977b1174 941 wpa_supplicant_req_new_scan(wpa_s, 10, 0);
5cbd88d9 942 return 0;
09b9df4e 943 }
e29853bb
BG		 944 wpa_msg(wpa_s, MSG_DEBUG, "Request association: "
945 "reassociate: %d selected: "MACSTR " bssid: " MACSTR
946 " pending: " MACSTR " wpa_state: %s",
947 wpa_s->reassociate, MAC2STR(selected->bssid),
948 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
949 wpa_supplicant_state_txt(wpa_s->wpa_state));
09b9df4e
JM		 950 wpa_supplicant_associate(wpa_s, selected, ssid);
951 } else {
f049052b
BG		 952 wpa_dbg(wpa_s, MSG_DEBUG, "Already associated with the "
953 "selected AP");
09b9df4e 954 }
5cbd88d9
JJ		 955
956 return 0;
09b9df4e
JM		 957}
958
959
b55aaa5f
JM		 960static struct wpa_ssid *
961wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s)
962{
963 int prio;
964 struct wpa_ssid *ssid;
965
966 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) {
967 for (ssid = wpa_s->conf->pssid[prio]; ssid; ssid = ssid->pnext)
968 {
349493bd 969 if (wpas_network_disabled(wpa_s, ssid))
b55aaa5f
JM		 970 continue;
971 if (ssid->mode == IEEE80211_MODE_IBSS ||
972 ssid->mode == IEEE80211_MODE_AP)
973 return ssid;
974 }
975 }
976 return NULL;
977}
978
979
a1fd2ce5
JM		 980/* TODO: move the rsn_preauth_scan_result*() to be called from notify.c based
981 * on BSS added and BSS changed events */
6ae93185 982static void wpa_supplicant_rsn_preauth_scan_results(
6d28fb96 983 struct wpa_supplicant *wpa_s)
6ae93185 984{
6d28fb96 985 struct wpa_bss *bss;
6ae93185
JM		 986
987 if (rsn_preauth_scan_results(wpa_s->wpa) < 0)
988 return;
989
6d28fb96 990 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6ae93185 991 const u8 *ssid, *rsn;
6ae93185 992
6d28fb96 993 ssid = wpa_bss_get_ie(bss, WLAN_EID_SSID);
6ae93185
JM		 994 if (ssid == NULL)
995 continue;
996
6d28fb96 997 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6ae93185
JM		 998 if (rsn == NULL)
999 continue;
1000
6d28fb96 1001 rsn_preauth_scan_result(wpa_s->wpa, bss->bssid, ssid, rsn);
6ae93185
JM		 1002 }
1003
1004}
1005
1006
48563d86
JM		 1007static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s,
1008 struct wpa_bss *selected,
20ed5e40 1009 struct wpa_ssid *ssid)
48563d86 1010{
20ed5e40 1011 struct wpa_bss *current_bss = NULL;
48563d86
JM		 1012 int min_diff;
1013
1014 if (wpa_s->reassociate)
1015 return 1; /* explicit request to reassociate */
1016 if (wpa_s->wpa_state < WPA_ASSOCIATED)
1017 return 1; /* we are not associated; continue */
1018 if (wpa_s->current_ssid == NULL)
1019 return 1; /* unknown current SSID */
1020 if (wpa_s->current_ssid != ssid)
1021 return 1; /* different network block */
1022
22628eca
JM		 1023 if (wpas_driver_bss_selection(wpa_s))
1024 return 0; /* Driver-based roaming */
1025
20ed5e40
JM		 1026 if (wpa_s->current_ssid->ssid)
1027 current_bss = wpa_bss_get(wpa_s, wpa_s->bssid,
1028 wpa_s->current_ssid->ssid,
1029 wpa_s->current_ssid->ssid_len);
1030 if (!current_bss)
1031 current_bss = wpa_bss_get_bssid(wpa_s, wpa_s->bssid);
48563d86
JM		 1032
1033 if (!current_bss)
1034 return 1; /* current BSS not seen in scan results */
1035
20ed5e40
JM		 1036 if (current_bss == selected)
1037 return 0;
1038
1039 if (selected->last_update_idx > current_bss->last_update_idx)
1040 return 1; /* current BSS not seen in the last scan */
1041
e9af53ad 1042#ifndef CONFIG_NO_ROAMING
f049052b
BG		 1043 wpa_dbg(wpa_s, MSG_DEBUG, "Considering within-ESS reassociation");
1044 wpa_dbg(wpa_s, MSG_DEBUG, "Current BSS: " MACSTR " level=%d",
1045 MAC2STR(current_bss->bssid), current_bss->level);
1046 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS: " MACSTR " level=%d",
1047 MAC2STR(selected->bssid), selected->level);
48563d86 1048
ac26ebd8
JM		 1049 if (wpa_s->current_ssid->bssid_set &&
1050 os_memcmp(selected->bssid, wpa_s->current_ssid->bssid, ETH_ALEN) ==
1051 0) {
f049052b
BG		 1052 wpa_dbg(wpa_s, MSG_DEBUG, "Allow reassociation - selected BSS "
1053 "has preferred BSSID");
ac26ebd8
JM		 1054 return 1;
1055 }
1056
bff954e9
RS		 1057 if (current_bss->level < 0 && current_bss->level > selected->level) {
1058 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - Current BSS has better "
1059 "signal level");
1060 return 0;
1061 }
1062
48563d86
JM		 1063 min_diff = 2;
1064 if (current_bss->level < 0) {
1065 if (current_bss->level < -85)
1066 min_diff = 1;
1067 else if (current_bss->level < -80)
1068 min_diff = 2;
1069 else if (current_bss->level < -75)
1070 min_diff = 3;
1071 else if (current_bss->level < -70)
1072 min_diff = 4;
1073 else
1074 min_diff = 5;
1075 }
1076 if (abs(current_bss->level - selected->level) < min_diff) {
f049052b
BG		 1077 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - too small difference "
1078 "in signal level");
48563d86
JM		 1079 return 0;
1080 }
1081
1082 return 1;
e9af53ad
DS		 1083#else /* CONFIG_NO_ROAMING */
1084 return 0;
1085#endif /* CONFIG_NO_ROAMING */
48563d86
JM		 1086}
1087
cd2f4ddf 1088
0dd54313 1089/* Return != 0 if no scan results could be fetched or if scan results should not
10ac7ddf 1090 * be shared with other virtual interfaces. */
e1504976
BG		 1091static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
1092 union wpa_event_data *data)
09b9df4e 1093{
a1fd2ce5 1094 struct wpa_scan_results *scan_res;
5bc0cdb7 1095 int ap = 0;
7b1aa4fe
JM		 1096#ifndef CONFIG_NO_RANDOM_POOL
1097 size_t i, num;
1098#endif /* CONFIG_NO_RANDOM_POOL */
5bc0cdb7
JM		 1099
1100#ifdef CONFIG_AP
1101 if (wpa_s->ap_iface)
1102 ap = 1;
1103#endif /* CONFIG_AP */
6fc6879b 1104
cb8564b1
DW		 1105 wpa_supplicant_notify_scanning(wpa_s, 0);
1106
39185dfa 1107#ifdef CONFIG_P2P
e665ca9a
JM		 1108 if (wpa_s->global->p2p_cb_on_scan_complete &&
1109 !wpa_s->global->p2p_disabled &&
4c490780
JM		 1110 wpa_s->global->p2p != NULL && !wpa_s->sta_scan_pending &&
1111 !wpa_s->scan_res_handler) {
e665ca9a 1112 wpa_s->global->p2p_cb_on_scan_complete = 0;
39185dfa
JM		 1113 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
1114 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
1115 "stopped scan processing");
ab03f6da
JM		 1116 wpa_s->sta_scan_pending = 1;
1117 wpa_supplicant_req_scan(wpa_s, 5, 0);
39185dfa
JM		 1118 return -1;
1119 }
1120 }
99fcd404 1121 wpa_s->sta_scan_pending = 0;
39185dfa
JM		 1122#endif /* CONFIG_P2P */
1123
a1fd2ce5
JM		 1124 scan_res = wpa_supplicant_get_scan_results(wpa_s,
1125 data ? &data->scan_info :
1126 NULL, 1);
1127 if (scan_res == NULL) {
66fe0f70
DS		 1128 if (wpa_s->conf->ap_scan == 2 || ap ||
1129 wpa_s->scan_res_handler == scan_only_handler)
e1504976 1130 return -1;
f049052b
BG		 1131 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to get scan results - try "
1132 "scanning again");
977b1174 1133 wpa_supplicant_req_new_scan(wpa_s, 1, 0);
e1504976 1134 return -1;
6fc6879b
JM		 1135 }
1136
bbb921da 1137#ifndef CONFIG_NO_RANDOM_POOL
bbb921da
JM		 1138 num = scan_res->num;
1139 if (num > 10)
1140 num = 10;
1141 for (i = 0; i < num; i++) {
1142 u8 buf[5];
1143 struct wpa_scan_res *res = scan_res->res[i];
1144 buf[0] = res->bssid[5];
1145 buf[1] = res->qual & 0xff;
1146 buf[2] = res->noise & 0xff;
1147 buf[3] = res->level & 0xff;
1148 buf[4] = res->tsf & 0xff;
1149 random_add_randomness(buf, sizeof(buf));
1150 }
1151#endif /* CONFIG_NO_RANDOM_POOL */
1152
64e58f51 1153 if (wpa_s->scan_res_handler) {
860fddbb
JB		 1154 void (*scan_res_handler)(struct wpa_supplicant *wpa_s,
1155 struct wpa_scan_results *scan_res);
1156
1157 scan_res_handler = wpa_s->scan_res_handler;
64e58f51 1158 wpa_s->scan_res_handler = NULL;
860fddbb
JB		 1159 scan_res_handler(wpa_s, scan_res);
1160
64e58f51 1161 wpa_scan_results_free(scan_res);
10ac7ddf 1162 return -2;
64e58f51
JM		 1163 }
1164
5bc0cdb7 1165 if (ap) {
f049052b 1166 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore scan results in AP mode");
c202f19c
JB		 1167#ifdef CONFIG_AP
1168 if (wpa_s->ap_iface->scan_cb)
1169 wpa_s->ap_iface->scan_cb(wpa_s->ap_iface);
1170#endif /* CONFIG_AP */
5bc0cdb7 1171 wpa_scan_results_free(scan_res);
e1504976 1172 return 0;
5bc0cdb7
JM		 1173 }
1174
f049052b 1175 wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available");
24f76940
JM		 1176 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
1177 wpas_notify_scan_results(wpa_s);
6fc6879b 1178
8bac466b
JM		 1179 wpas_notify_scan_done(wpa_s, 1);
1180
c3701c66
RM		 1181 if (sme_proc_obss_scan(wpa_s) > 0) {
1182 wpa_scan_results_free(scan_res);
1183 return 0;
1184 }
1185
a1fd2ce5
JM		 1186 if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) {
1187 wpa_scan_results_free(scan_res);
e1504976 1188 return 0;
a1fd2ce5 1189 }
6fc6879b 1190
7c865c68
TB		 1191 if (autoscan_notify_scan(wpa_s, scan_res)) {
1192 wpa_scan_results_free(scan_res);
1193 return 0;
1194 }
1195
3180d7a2
SO		 1196 if (wpa_s->disconnected) {
1197 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
a1fd2ce5 1198 wpa_scan_results_free(scan_res);
e1504976 1199 return 0;
3180d7a2
SO		 1200 }
1201
22628eca
JM		 1202 if (!wpas_driver_bss_selection(wpa_s) &&
1203 bgscan_notify_scan(wpa_s, scan_res) == 1) {
a1fd2ce5 1204 wpa_scan_results_free(scan_res);
e1504976 1205 return 0;
a1fd2ce5
JM		 1206 }
1207
f9f0526b
JM		 1208 wpas_wps_update_ap_info(wpa_s, scan_res);
1209
20ed5e40
JM		 1210 wpa_scan_results_free(scan_res);
1211
a594e2a9
JM		 1212 return wpas_select_network_from_last_scan(wpa_s);
1213}
1214
1215
d6bbcce4 1216static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s)
a594e2a9
JM		 1217{
1218 struct wpa_bss *selected;
1219 struct wpa_ssid *ssid = NULL;
1220
620c7837
JM		 1221 selected = wpa_supplicant_pick_network(wpa_s, &ssid);
1222
6fc6879b 1223 if (selected) {
48563d86 1224 int skip;
20ed5e40 1225 skip = !wpa_supplicant_need_to_roam(wpa_s, selected, ssid);
1bbff09e
JM		 1226 if (skip) {
1227 wpa_supplicant_rsn_preauth_scan_results(wpa_s);
e1504976 1228 return 0;
1bbff09e 1229 }
5cbd88d9
JJ		 1230
1231 if (wpa_supplicant_connect(wpa_s, selected, ssid) < 0) {
1232 wpa_dbg(wpa_s, MSG_DEBUG, "Connect failed");
1233 return -1;
1234 }
6d28fb96 1235 wpa_supplicant_rsn_preauth_scan_results(wpa_s);
0dd54313
JM		 1236 /*
1237 * Do not notify other virtual radios of scan results since we do not
1238 * want them to start other associations at the same time.
1239 */
1240 return 1;
6fc6879b 1241 } else {
f049052b 1242 wpa_dbg(wpa_s, MSG_DEBUG, "No suitable network found");
b55aaa5f
JM		 1243 ssid = wpa_supplicant_pick_new_network(wpa_s);
1244 if (ssid) {
f049052b 1245 wpa_dbg(wpa_s, MSG_DEBUG, "Setup a new network");
b55aaa5f 1246 wpa_supplicant_associate(wpa_s, NULL, ssid);
6d28fb96 1247 wpa_supplicant_rsn_preauth_scan_results(wpa_s);
977b1174 1248 } else {
67b9bd08 1249 int timeout_sec = wpa_s->scan_interval;
977b1174 1250 int timeout_usec = 0;
0817de90 1251#ifdef CONFIG_P2P
aa9bb764
JM		 1252 if (wpas_p2p_scan_no_go_seen(wpa_s) == 1)
1253 return 0;
1254
0817de90
JM		 1255 if (wpa_s->p2p_in_provisioning) {
1256 /*
1257 * Use shorter wait during P2P Provisioning
1258 * state to speed up group formation.
1259 */
1260 timeout_sec = 0;
1261 timeout_usec = 250000;
a4cba8f1
LC		 1262 wpa_supplicant_req_new_scan(wpa_s, timeout_sec,
1263 timeout_usec);
1264 return 0;
0817de90
JM		 1265 }
1266#endif /* CONFIG_P2P */
4d5bda5f
JM		 1267#ifdef CONFIG_INTERWORKING
1268 if (wpa_s->conf->auto_interworking &&
1269 wpa_s->conf->interworking &&
1270 wpa_s->conf->cred) {
1271 wpa_dbg(wpa_s, MSG_DEBUG, "Interworking: "
1272 "start ANQP fetch since no matching "
1273 "networks found");
1274 wpa_s->network_select = 1;
1275 wpa_s->auto_network_select = 1;
1276 interworking_start_fetch_anqp(wpa_s);
0dd54313 1277 return 1;
4d5bda5f
JM		 1278 }
1279#endif /* CONFIG_INTERWORKING */
a4cba8f1
LC		 1280 if (wpa_supplicant_req_sched_scan(wpa_s))
1281 wpa_supplicant_req_new_scan(wpa_s, timeout_sec,
1282 timeout_usec);
977b1174 1283 }
6fc6879b 1284 }
e1504976 1285 return 0;
6fc6879b 1286}
6859f1cb
BG		 1287
1288
1289static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
1290 union wpa_event_data *data)
1291{
1292 const char *rn, *rn2;
1293 struct wpa_supplicant *ifs;
1294
0dd54313 1295 if (_wpa_supplicant_event_scan_results(wpa_s, data) != 0) {
e1504976
BG		 1296 /*
1297 * If no scan results could be fetched, then no need to
1298 * notify those interfaces that did not actually request
0dd54313
JM		 1299 * this scan. Similarly, if scan results started a new operation on this
1300 * interface, do not notify other interfaces to avoid concurrent
1301 * operations during a connection attempt.
e1504976
BG		 1302 */
1303 return;
1304 }
6859f1cb
BG		 1305
1306 /*
1307 * Check other interfaces to see if they have the same radio-name. If
1308 * so, they get updated with this same scan info.
1309 */
1310 if (!wpa_s->driver->get_radio_name)
1311 return;
1312
1313 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
1314 if (rn == NULL || rn[0] == '\0')
1315 return;
1316
f049052b
BG		 1317 wpa_dbg(wpa_s, MSG_DEBUG, "Checking for other virtual interfaces "
1318 "sharing same radio (%s) in event_scan_results", rn);
6859f1cb
BG		 1319
1320 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) {
1321 if (ifs == wpa_s || !ifs->driver->get_radio_name)
1322 continue;
1323
1324 rn2 = ifs->driver->get_radio_name(ifs->drv_priv);
1325 if (rn2 && os_strcmp(rn, rn2) == 0) {
1326 wpa_printf(MSG_DEBUG, "%s: Updating scan results from "
1327 "sibling", ifs->ifname);
1328 _wpa_supplicant_event_scan_results(ifs, data);
1329 }
1330 }
1331}
1332
6fc6879b
JM		 1333#endif /* CONFIG_NO_SCAN_PROCESSING */
1334
1335
cecdddc1
PS		 1336int wpa_supplicant_fast_associate(struct wpa_supplicant *wpa_s)
1337{
1338#ifdef CONFIG_NO_SCAN_PROCESSING
1339 return -1;
1340#else /* CONFIG_NO_SCAN_PROCESSING */
1341 struct os_time now;
1342
1343 if (wpa_s->last_scan_res_used <= 0)
1344 return -1;
1345
1346 os_get_time(&now);
1347 if (now.sec - wpa_s->last_scan.sec > 5) {
1348 wpa_printf(MSG_DEBUG, "Fast associate: Old scan results");
1349 return -1;
1350 }
1351
1352 return wpas_select_network_from_last_scan(wpa_s);
1353#endif /* CONFIG_NO_SCAN_PROCESSING */
1354}
1355
b6668734
JM		 1356#ifdef CONFIG_WNM
1357
1358static void wnm_bss_keep_alive(void *eloop_ctx, void *sock_ctx)
1359{
1360 struct wpa_supplicant *wpa_s = eloop_ctx;
1361
1362 if (wpa_s->wpa_state < WPA_ASSOCIATED)
1363 return;
1364
2ec535fd
JM		 1365 if (!wpa_s->no_keep_alive) {
1366 wpa_printf(MSG_DEBUG, "WNM: Send keep-alive to AP " MACSTR,
1367 MAC2STR(wpa_s->bssid));
1368 /* TODO: could skip this if normal data traffic has been sent */
1369 /* TODO: Consider using some more appropriate data frame for
1370 * this */
1371 if (wpa_s->l2)
1372 l2_packet_send(wpa_s->l2, wpa_s->bssid, 0x0800,
1373 (u8 *) "", 0);
1374 }
b6668734 1375
597c7a8d 1376#ifdef CONFIG_SME
b6668734
JM		 1377 if (wpa_s->sme.bss_max_idle_period) {
1378 unsigned int msec;
1379 msec = wpa_s->sme.bss_max_idle_period * 1024; /* times 1000 */
1380 if (msec > 100)
1381 msec -= 100;
1382 eloop_register_timeout(msec / 1000, msec % 1000 * 1000,
1383 wnm_bss_keep_alive, wpa_s, NULL);
1384 }
597c7a8d 1385#endif /* CONFIG_SME */
b6668734
JM		 1386}
1387
1388
1389static void wnm_process_assoc_resp(struct wpa_supplicant *wpa_s,
1390 const u8 *ies, size_t ies_len)
1391{
1392 struct ieee802_11_elems elems;
1393
1394 if (ies == NULL)
1395 return;
1396
1397 if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed)
1398 return;
1399
1400#ifdef CONFIG_SME
1401 if (elems.bss_max_idle_period) {
1402 unsigned int msec;
1403 wpa_s->sme.bss_max_idle_period =
1404 WPA_GET_LE16(elems.bss_max_idle_period);
1405 wpa_printf(MSG_DEBUG, "WNM: BSS Max Idle Period: %u (* 1000 "
1406 "TU)%s", wpa_s->sme.bss_max_idle_period,
1407 (elems.bss_max_idle_period[2] & 0x01) ?
1408 " (protected keep-live required)" : "");
1409 if (wpa_s->sme.bss_max_idle_period == 0)
1410 wpa_s->sme.bss_max_idle_period = 1;
1411 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) {
1412 eloop_cancel_timeout(wnm_bss_keep_alive, wpa_s, NULL);
1413 /* msec times 1000 */
1414 msec = wpa_s->sme.bss_max_idle_period * 1024;
1415 if (msec > 100)
1416 msec -= 100;
1417 eloop_register_timeout(msec / 1000, msec % 1000 * 1000,
1418 wnm_bss_keep_alive, wpa_s,
1419 NULL);
1420 }
1421 }
1422#endif /* CONFIG_SME */
1423}
1424
1425#endif /* CONFIG_WNM */
1426
1427
1428void wnm_bss_keep_alive_deinit(struct wpa_supplicant *wpa_s)
1429{
1430#ifdef CONFIG_WNM
1431 eloop_cancel_timeout(wnm_bss_keep_alive, wpa_s, NULL);
1432#endif /* CONFIG_WNM */
1433}
1434
1435
579ce771
JM		 1436static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
1437 union wpa_event_data *data)
6fc6879b
JM		 1438{
1439 int l, len, found = 0, wpa_found, rsn_found;
c2a04078 1440 const u8 *p;
6a1ce395 1441 u8 bssid[ETH_ALEN];
6fc6879b 1442
f049052b 1443 wpa_dbg(wpa_s, MSG_DEBUG, "Association info event");
6fc6879b
JM		 1444 if (data->assoc_info.req_ies)
1445 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies,
1446 data->assoc_info.req_ies_len);
52c9e6f3 1447 if (data->assoc_info.resp_ies) {
6fc6879b
JM		 1448 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies,
1449 data->assoc_info.resp_ies_len);
52c9e6f3
JM		 1450#ifdef CONFIG_TDLS
1451 wpa_tdls_assoc_resp_ies(wpa_s->wpa, data->assoc_info.resp_ies,
1452 data->assoc_info.resp_ies_len);
1453#endif /* CONFIG_TDLS */
b6668734
JM		 1454#ifdef CONFIG_WNM
1455 wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies,
1456 data->assoc_info.resp_ies_len);
1457#endif /* CONFIG_WNM */
52c9e6f3 1458 }
6fc6879b
JM		 1459 if (data->assoc_info.beacon_ies)
1460 wpa_hexdump(MSG_DEBUG, "beacon_ies",
1461 data->assoc_info.beacon_ies,
1462 data->assoc_info.beacon_ies_len);
4832ecd7 1463 if (data->assoc_info.freq)
f049052b
BG		 1464 wpa_dbg(wpa_s, MSG_DEBUG, "freq=%u MHz",
1465 data->assoc_info.freq);
6fc6879b
JM		 1466
1467 p = data->assoc_info.req_ies;
1468 l = data->assoc_info.req_ies_len;
1469
1470 /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */
1471 while (p && l >= 2) {
1472 len = p[1] + 2;
1473 if (len > l) {
1474 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info",
1475 p, l);
1476 break;
1477 }
1478 if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 &&
1479 (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) ||
1480 (p[0] == WLAN_EID_RSN && p[1] >= 2)) {
1481 if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len))
1482 break;
1483 found = 1;
1484 wpa_find_assoc_pmkid(wpa_s);
1485 break;
1486 }
1487 l -= len;
1488 p += len;
1489 }
1490 if (!found && data->assoc_info.req_ies)
1491 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1492
c2a04078 1493#ifdef CONFIG_IEEE80211R
62c72d72
JM		 1494#ifdef CONFIG_SME
1495 if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FT) {
62c72d72
JM		 1496 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 ||
1497 wpa_ft_validate_reassoc_resp(wpa_s->wpa,
1498 data->assoc_info.resp_ies,
1499 data->assoc_info.resp_ies_len,
1500 bssid) < 0) {
f049052b
BG		 1501 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of "
1502 "Reassociation Response failed");
579ce771
JM		 1503 wpa_supplicant_deauthenticate(
1504 wpa_s, WLAN_REASON_INVALID_IE);
1505 return -1;
62c72d72
JM		 1506 }
1507 }
62c72d72 1508
c2a04078
JM		 1509 p = data->assoc_info.resp_ies;
1510 l = data->assoc_info.resp_ies_len;
1511
54f489be 1512#ifdef CONFIG_WPS_STRICT
5dac11e0 1513 if (p && wpa_s->current_ssid &&
54f489be
JM		 1514 wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_WPS) {
1515 struct wpabuf *wps;
1516 wps = ieee802_11_vendor_ie_concat(p, l, WPS_IE_VENDOR_TYPE);
1517 if (wps == NULL) {
f049052b
BG		 1518 wpa_msg(wpa_s, MSG_INFO, "WPS-STRICT: AP did not "
1519 "include WPS IE in (Re)Association Response");
54f489be
JM		 1520 return -1;
1521 }
1522
1523 if (wps_validate_assoc_resp(wps) < 0) {
1524 wpabuf_free(wps);
1525 wpa_supplicant_deauthenticate(
1526 wpa_s, WLAN_REASON_INVALID_IE);
1527 return -1;
1528 }
1529 wpabuf_free(wps);
1530 }
1531#endif /* CONFIG_WPS_STRICT */
1532
e7846b68 1533 /* Go through the IEs and make a copy of the MDIE, if present. */
c2a04078
JM		 1534 while (p && l >= 2) {
1535 len = p[1] + 2;
1536 if (len > l) {
1537 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info",
1538 p, l);
1539 break;
1540 }
e7846b68
JM		 1541 if (p[0] == WLAN_EID_MOBILITY_DOMAIN &&
1542 p[1] >= MOBILITY_DOMAIN_ID_LEN) {
1543 wpa_s->sme.ft_used = 1;
1544 os_memcpy(wpa_s->sme.mobility_domain, p + 2,
1545 MOBILITY_DOMAIN_ID_LEN);
1546 break;
1547 }
c2a04078
JM		 1548 l -= len;
1549 p += len;
1550 }
e7846b68 1551#endif /* CONFIG_SME */
c2a04078 1552
6a1ce395
DG		 1553 /* Process FT when SME is in the driver */
1554 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1555 wpa_ft_is_completed(wpa_s->wpa)) {
1556 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 ||
1557 wpa_ft_validate_reassoc_resp(wpa_s->wpa,
1558 data->assoc_info.resp_ies,
1559 data->assoc_info.resp_ies_len,
1560 bssid) < 0) {
1561 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of "
1562 "Reassociation Response failed");
1563 wpa_supplicant_deauthenticate(
1564 wpa_s, WLAN_REASON_INVALID_IE);
1565 return -1;
1566 }
1567 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Reassociation Response done");
1568 }
1569
e7846b68
JM		 1570 wpa_sm_set_ft_params(wpa_s->wpa, data->assoc_info.resp_ies,
1571 data->assoc_info.resp_ies_len);
c2a04078
JM		 1572#endif /* CONFIG_IEEE80211R */
1573
6fc6879b
JM		 1574 /* WPA/RSN IE from Beacon/ProbeResp */
1575 p = data->assoc_info.beacon_ies;
1576 l = data->assoc_info.beacon_ies_len;
1577
1578 /* Go through the IEs and make a copy of the WPA/RSN IEs, if present.
1579 */
1580 wpa_found = rsn_found = 0;
1581 while (p && l >= 2) {
1582 len = p[1] + 2;
1583 if (len > l) {
1584 wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies",
1585 p, l);
1586 break;
1587 }
1588 if (!wpa_found &&
1589 p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 &&
1590 os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) {
1591 wpa_found = 1;
1592 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len);
1593 }
1594
1595 if (!rsn_found &&
1596 p[0] == WLAN_EID_RSN && p[1] >= 2) {
1597 rsn_found = 1;
1598 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len);
1599 }
1600
1601 l -= len;
1602 p += len;
1603 }
1604
1605 if (!wpa_found && data->assoc_info.beacon_ies)
1606 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
1607 if (!rsn_found && data->assoc_info.beacon_ies)
1608 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
1609 if (wpa_found || rsn_found)
1610 wpa_s->ap_ies_from_associnfo = 1;
4832ecd7 1611
117e812d
JM		 1612 if (wpa_s->assoc_freq && data->assoc_info.freq &&
1613 wpa_s->assoc_freq != data->assoc_info.freq) {
1614 wpa_printf(MSG_DEBUG, "Operating frequency changed from "
1615 "%u to %u MHz",
1616 wpa_s->assoc_freq, data->assoc_info.freq);
1617 wpa_supplicant_update_scan_results(wpa_s);
1618 }
1619
4832ecd7 1620 wpa_s->assoc_freq = data->assoc_info.freq;
579ce771
JM		 1621
1622 return 0;
6fc6879b
JM		 1623}
1624
1625
cd2f4ddf
SM		 1626static struct wpa_bss * wpa_supplicant_get_new_bss(
1627 struct wpa_supplicant *wpa_s, const u8 *bssid)
1628{
1629 struct wpa_bss *bss = NULL;
1630 struct wpa_ssid *ssid = wpa_s->current_ssid;
1631
1632 if (ssid->ssid_len > 0)
1633 bss = wpa_bss_get(wpa_s, bssid, ssid->ssid, ssid->ssid_len);
1634 if (!bss)
1635 bss = wpa_bss_get_bssid(wpa_s, bssid);
1636
1637 return bss;
1638}
1639
1640
ad9ee4d4
JM		 1641static int wpa_supplicant_assoc_update_ie(struct wpa_supplicant *wpa_s)
1642{
1643 const u8 *bss_wpa = NULL, *bss_rsn = NULL;
1644
1645 if (!wpa_s->current_bss || !wpa_s->current_ssid)
1646 return -1;
1647
1648 if (!wpa_key_mgmt_wpa_any(wpa_s->current_ssid->key_mgmt))
1649 return 0;
1650
1651 bss_wpa = wpa_bss_get_vendor_ie(wpa_s->current_bss,
1652 WPA_IE_VENDOR_TYPE);
1653 bss_rsn = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_RSN);
1654
1655 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1656 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1657 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1658 bss_rsn ? 2 + bss_rsn[1] : 0))
1659 return -1;
1660
1661 return 0;
1662}
1663
1664
6fc6879b
JM		 1665static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
1666 union wpa_event_data *data)
1667{
1668 u8 bssid[ETH_ALEN];
1d041bec 1669 int ft_completed;
0194fedb 1670 struct wpa_driver_capa capa;
6fc6879b 1671
1d041bec
JM		 1672#ifdef CONFIG_AP
1673 if (wpa_s->ap_iface) {
1674 hostapd_notif_assoc(wpa_s->ap_iface->bss[0],
1675 data->assoc_info.addr,
1676 data->assoc_info.req_ies,
39b08b5f
SP		 1677 data->assoc_info.req_ies_len,
1678 data->assoc_info.reassoc);
1d041bec
JM		 1679 return;
1680 }
1681#endif /* CONFIG_AP */
1682
1683 ft_completed = wpa_ft_is_completed(wpa_s->wpa);
579ce771
JM		 1684 if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0)
1685 return;
6fc6879b 1686
0a0c38f6
MH		 1687 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1688 wpa_dbg(wpa_s, MSG_ERROR, "Failed to get BSSID");
07783eaa 1689 wpa_supplicant_deauthenticate(
0a0c38f6
MH		 1690 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1691 return;
1692 }
1693
6fc6879b 1694 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED);
0a0c38f6 1695 if (os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) {
f049052b 1696 wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID="
6fc6879b 1697 MACSTR, MAC2STR(bssid));
bbb921da 1698 random_add_randomness(bssid, ETH_ALEN);
6fc6879b
JM		 1699 os_memcpy(wpa_s->bssid, bssid, ETH_ALEN);
1700 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
e485286c 1701 wpas_notify_bssid_changed(wpa_s);
8bac466b 1702
6fc6879b
JM		 1703 if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) {
1704 wpa_clear_keys(wpa_s, bssid);
1705 }
1706 if (wpa_supplicant_select_config(wpa_s) < 0) {
07783eaa 1707 wpa_supplicant_deauthenticate(
6fc6879b
JM		 1708 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1709 return;
1710 }
8f770587
JM		 1711 if (wpa_s->current_ssid) {
1712 struct wpa_bss *bss = NULL;
cd2f4ddf
SM		 1713
1714 bss = wpa_supplicant_get_new_bss(wpa_s, bssid);
1715 if (!bss) {
1716 wpa_supplicant_update_scan_results(wpa_s);
1717
1718 /* Get the BSS from the new scan results */
1719 bss = wpa_supplicant_get_new_bss(wpa_s, bssid);
1720 }
1721
8f770587
JM		 1722 if (bss)
1723 wpa_s->current_bss = bss;
1724 }
cd2f4ddf
SM		 1725
1726 if (wpa_s->conf->ap_scan == 1 &&
1727 wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) {
1728 if (wpa_supplicant_assoc_update_ie(wpa_s) < 0)
1729 wpa_msg(wpa_s, MSG_WARNING,
1730 "WPA/RSN IEs not updated");
1731 }
6fc6879b
JM		 1732 }
1733
62fa124c
JM		 1734#ifdef CONFIG_SME
1735 os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN);
1736 wpa_s->sme.prev_bssid_set = 1;
1737#endif /* CONFIG_SME */
1738
6fc6879b
JM		 1739 wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid));
1740 if (wpa_s->current_ssid) {
1741 /* When using scanning (ap_scan=1), SIM PC/SC interface can be
1742 * initialized before association, but for other modes,
1743 * initialize PC/SC here, if the current configuration needs
1744 * smartcard or SIM/USIM. */
1745 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid);
1746 }
1747 wpa_sm_notify_assoc(wpa_s->wpa, bssid);
3f967fe0
JM		 1748 if (wpa_s->l2)
1749 l2_packet_notify_auth_start(wpa_s->l2);
6fc6879b
JM		 1750
1751 /*
1752 * Set portEnabled first to FALSE in order to get EAP state machine out
1753 * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE
1754 * state machine may transit to AUTHENTICATING state based on obsolete
1755 * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to
1756 * AUTHENTICATED without ever giving chance to EAP state machine to
1757 * reset the state.
1758 */
1759 if (!ft_completed) {
1760 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1761 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1762 }
56586197 1763 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed)
6fc6879b
JM		 1764 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1765 /* 802.1X::portControl = Auto */
1766 eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE);
1767 wpa_s->eapol_received = 0;
1768 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
9c972abb
JM		 1769 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE ||
1770 (wpa_s->current_ssid &&
1771 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 1772 wpa_supplicant_cancel_auth_timeout(wpa_s);
1773 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1774 } else if (!ft_completed) {
1775 /* Timeout for receiving the first EAPOL packet */
1776 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0);
1777 }
1778 wpa_supplicant_cancel_scan(wpa_s);
1779
c2a04078 1780 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
56586197 1781 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 1782 /*
1783 * We are done; the driver will take care of RSN 4-way
1784 * handshake.
1785 */
1786 wpa_supplicant_cancel_auth_timeout(wpa_s);
1787 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1788 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1789 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
98ea9431
JM		 1790 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1791 wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1792 /*
1793 * The driver will take care of RSN 4-way handshake, so we need
1794 * to allow EAPOL supplicant to complete its work without
1795 * waiting for WPA supplicant.
1796 */
1797 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
16a83d29
JM		 1798 } else if (ft_completed) {
1799 /*
1800 * FT protocol completed - make sure EAPOL state machine ends
1801 * up in authenticated.
1802 */
1803 wpa_supplicant_cancel_auth_timeout(wpa_s);
1804 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1805 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1806 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
6fc6879b 1807 }
1ff73338 1808
3ab35a66
JM		 1809 wpa_s->last_eapol_matches_bssid = 0;
1810
1ff73338
JM		 1811 if (wpa_s->pending_eapol_rx) {
1812 struct os_time now, age;
1813 os_get_time(&now);
1814 os_time_sub(&now, &wpa_s->pending_eapol_rx_time, &age);
1815 if (age.sec == 0 && age.usec < 100000 &&
1816 os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) ==
1817 0) {
f049052b
BG		 1818 wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL "
1819 "frame that was received just before "
1820 "association notification");
1ff73338
JM		 1821 wpa_supplicant_rx_eapol(
1822 wpa_s, wpa_s->pending_eapol_rx_src,
1823 wpabuf_head(wpa_s->pending_eapol_rx),
1824 wpabuf_len(wpa_s->pending_eapol_rx));
1825 }
1826 wpabuf_free(wpa_s->pending_eapol_rx);
1827 wpa_s->pending_eapol_rx = NULL;
1828 }
60b94c98 1829
0194fedb
JB		 1830 if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1831 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
1832 wpa_s->current_ssid && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1833 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE) {
1834 /* Set static WEP keys again */
1835 wpa_set_wep_keys(wpa_s, wpa_s->current_ssid);
1836 }
50b05780
JM		 1837
1838#ifdef CONFIG_IBSS_RSN
1839 if (wpa_s->current_ssid &&
1840 wpa_s->current_ssid->mode == WPAS_MODE_IBSS &&
1841 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
78177a00
JM		 1842 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE &&
1843 wpa_s->ibss_rsn == NULL) {
1844 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
1845 if (!wpa_s->ibss_rsn) {
1846 wpa_msg(wpa_s, MSG_INFO, "Failed to init IBSS RSN");
1847 wpa_supplicant_deauthenticate(
1848 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1849 return;
1850 }
1851
1852 ibss_rsn_set_psk(wpa_s->ibss_rsn, wpa_s->current_ssid->psk);
1853 }
50b05780 1854#endif /* CONFIG_IBSS_RSN */
f9f0526b
JM		 1855
1856 wpas_wps_notify_assoc(wpa_s, bssid);
6fc6879b
JM		 1857}
1858
1859
d00821e9
JM		 1860static int disconnect_reason_recoverable(u16 reason_code)
1861{
1862 return reason_code == WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY ||
1863 reason_code == WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA ||
1864 reason_code == WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA;
1865}
1866
1867
0544b242 1868static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s,
3d9975d5
JM		 1869 u16 reason_code,
1870 int locally_generated)
6fc6879b
JM		 1871{
1872 const u8 *bssid;
0aadd568
JM		 1873
1874 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1875 /*
1876 * At least Host AP driver and a Prism3 card seemed to be
1877 * generating streams of disconnected events when configuring
1878 * IBSS for WPA-None. Ignore them for now.
1879 */
1880 return;
1881 }
1882
1883 bssid = wpa_s->bssid;
1884 if (is_zero_ether_addr(bssid))
1885 bssid = wpa_s->pending_bssid;
1886
1887 if (!is_zero_ether_addr(bssid) ||
1888 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
1889 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR
1890 " reason=%d%s",
1891 MAC2STR(bssid), reason_code,
1892 locally_generated ? " locally_generated=1" : "");
1893 }
1894}
1895
1896
c9a82218
JM		 1897static int could_be_psk_mismatch(struct wpa_supplicant *wpa_s, u16 reason_code,
1898 int locally_generated)
1899{
1900 if (wpa_s->wpa_state != WPA_4WAY_HANDSHAKE ||
1901 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt))
1902 return 0; /* Not in 4-way handshake with PSK */
1903
1904 /*
1905 * It looks like connection was lost while trying to go through PSK
1906 * 4-way handshake. Filter out known disconnection cases that are caused
1907 * by something else than PSK mismatch to avoid confusing reports.
1908 */
1909
1910 if (locally_generated) {
1911 if (reason_code == WLAN_REASON_IE_IN_4WAY_DIFFERS)
1912 return 0;
1913 }
1914
1915 return 1;
1916}
1917
1918
0aadd568
JM		 1919static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s,
1920 u16 reason_code,
1921 int locally_generated)
1922{
1923 const u8 *bssid;
6d6f4bb8
JM		 1924 int authenticating;
1925 u8 prev_pending_bssid[ETH_ALEN];
d00821e9
JM		 1926 struct wpa_bss *fast_reconnect = NULL;
1927 struct wpa_ssid *fast_reconnect_ssid = NULL;
bcdf2096 1928 struct wpa_ssid *last_ssid;
6d6f4bb8
JM		 1929
1930 authenticating = wpa_s->wpa_state == WPA_AUTHENTICATING;
1931 os_memcpy(prev_pending_bssid, wpa_s->pending_bssid, ETH_ALEN);
6fc6879b
JM		 1932
1933 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1934 /*
1935 * At least Host AP driver and a Prism3 card seemed to be
1936 * generating streams of disconnected events when configuring
1937 * IBSS for WPA-None. Ignore them for now.
1938 */
f049052b
BG		 1939 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - ignore in "
1940 "IBSS/WPA-None mode");
6fc6879b
JM		 1941 return;
1942 }
1943
c9a82218 1944 if (could_be_psk_mismatch(wpa_s, reason_code, locally_generated)) {
6fc6879b
JM		 1945 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - "
1946 "pre-shared key may be incorrect");
00e5e3d5 1947 wpas_auth_failed(wpa_s);
6fc6879b 1948 }
0d0a8ca1
AC		 1949 if (!wpa_s->auto_reconnect_disabled ||
1950 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
d00821e9 1951 wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect enabled: try to "
f7da5a9e
JM		 1952 "reconnect (wps=%d wpa_state=%d)",
1953 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS,
1954 wpa_s->wpa_state);
d00821e9
JM		 1955 if (wpa_s->wpa_state == WPA_COMPLETED &&
1956 wpa_s->current_ssid &&
1957 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
3d9975d5 1958 !locally_generated &&
d00821e9
JM		 1959 disconnect_reason_recoverable(reason_code)) {
1960 /*
1961 * It looks like the AP has dropped association with
1962 * us, but could allow us to get back in. Try to
1963 * reconnect to the same BSS without full scan to save
1964 * time for some common cases.
1965 */
1966 fast_reconnect = wpa_s->current_bss;
1967 fast_reconnect_ssid = wpa_s->current_ssid;
1968 } else if (wpa_s->wpa_state >= WPA_ASSOCIATING)
0d0a8ca1 1969 wpa_supplicant_req_scan(wpa_s, 0, 100000);
f7da5a9e
JM		 1970 else
1971 wpa_dbg(wpa_s, MSG_DEBUG, "Do not request new "
1972 "immediate scan");
0d0a8ca1 1973 } else {
d00821e9 1974 wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect disabled: do not "
f049052b 1975 "try to re-connect");
0d0a8ca1
AC		 1976 wpa_s->reassociate = 0;
1977 wpa_s->disconnected = 1;
433cd2ce 1978 wpa_supplicant_cancel_sched_scan(wpa_s);
0d0a8ca1 1979 }
6fc6879b 1980 bssid = wpa_s->bssid;
a8e16edc 1981 if (is_zero_ether_addr(bssid))
6fc6879b 1982 bssid = wpa_s->pending_bssid;
56d24b4e
JM		 1983 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1984 wpas_connection_failed(wpa_s, bssid);
6fc6879b 1985 wpa_sm_notify_disassoc(wpa_s->wpa);
0bb1e425
GM		 1986 if (locally_generated)
1987 wpa_s->disconnect_reason = -reason_code;
1988 else
1989 wpa_s->disconnect_reason = reason_code;
1990 wpas_notify_disconnect_reason(wpa_s);
6fc6879b 1991 if (wpa_supplicant_dynamic_keys(wpa_s)) {
f049052b 1992 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - remove keys");
6fc6879b
JM		 1993 wpa_s->keys_cleared = 0;
1994 wpa_clear_keys(wpa_s, wpa_s->bssid);
1995 }
bcdf2096 1996 last_ssid = wpa_s->current_ssid;
6fc6879b 1997 wpa_supplicant_mark_disassoc(wpa_s);
e29853bb 1998
bcdf2096 1999 if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) {
e29853bb 2000 sme_disassoc_while_authenticating(wpa_s, prev_pending_bssid);
bcdf2096
JM		 2001 wpa_s->current_ssid = last_ssid;
2002 }
d00821e9
JM		 2003
2004 if (fast_reconnect) {
5928411e 2005#ifndef CONFIG_NO_SCAN_PROCESSING
d00821e9
JM		 2006 wpa_dbg(wpa_s, MSG_DEBUG, "Try to reconnect to the same BSS");
2007 if (wpa_supplicant_connect(wpa_s, fast_reconnect,
2008 fast_reconnect_ssid) < 0) {
2009 /* Recover through full scan */
2010 wpa_supplicant_req_scan(wpa_s, 0, 100000);
2011 }
5928411e 2012#endif /* CONFIG_NO_SCAN_PROCESSING */
d00821e9 2013 }
6fc6879b
JM		 2014}
2015
2016
46690a3b 2017#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
01a17491 2018void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx, void *sock_ctx)
46690a3b
JM		 2019{
2020 struct wpa_supplicant *wpa_s = eloop_ctx;
2021
2022 if (!wpa_s->pending_mic_error_report)
2023 return;
2024
f049052b 2025 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Sending pending MIC error report");
46690a3b
JM		 2026 wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise);
2027 wpa_s->pending_mic_error_report = 0;
2028}
2029#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
2030
2031
6fc6879b
JM		 2032static void
2033wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s,
2034 union wpa_event_data *data)
2035{
2036 int pairwise;
2037 struct os_time t;
2038
2039 wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected");
2040 pairwise = (data && data->michael_mic_failure.unicast);
6fc6879b 2041 os_get_time(&t);
46690a3b
JM		 2042 if ((wpa_s->last_michael_mic_error &&
2043 t.sec - wpa_s->last_michael_mic_error <= 60) ||
2044 wpa_s->pending_mic_error_report) {
2045 if (wpa_s->pending_mic_error_report) {
2046 /*
2047 * Send the pending MIC error report immediately since
2048 * we are going to start countermeasures and AP better
2049 * do the same.
2050 */
2051 wpa_sm_key_request(wpa_s->wpa, 1,
2052 wpa_s->pending_mic_error_pairwise);
2053 }
2054
2055 /* Send the new MIC error report immediately since we are going
2056 * to start countermeasures and AP better do the same.
2057 */
2058 wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
2059
6fc6879b
JM		 2060 /* initialize countermeasures */
2061 wpa_s->countermeasures = 1;
8945cc45
BM		 2062
2063 wpa_blacklist_add(wpa_s, wpa_s->bssid);
2064
6fc6879b
JM		 2065 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started");
2066
2067 /*
2068 * Need to wait for completion of request frame. We do not get
2069 * any callback for the message completion, so just wait a
2070 * short while and hope for the best. */
2071 os_sleep(0, 10000);
2072
2073 wpa_drv_set_countermeasures(wpa_s, 1);
2074 wpa_supplicant_deauthenticate(wpa_s,
2075 WLAN_REASON_MICHAEL_MIC_FAILURE);
2076 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures,
2077 wpa_s, NULL);
2078 eloop_register_timeout(60, 0,
2079 wpa_supplicant_stop_countermeasures,
2080 wpa_s, NULL);
2081 /* TODO: mark the AP rejected for 60 second. STA is
2082 * allowed to associate with another AP.. */
46690a3b
JM		 2083 } else {
2084#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
2085 if (wpa_s->mic_errors_seen) {
2086 /*
2087 * Reduce the effectiveness of Michael MIC error
2088 * reports as a means for attacking against TKIP if
2089 * more than one MIC failure is noticed with the same
2090 * PTK. We delay the transmission of the reports by a
2091 * random time between 0 and 60 seconds in order to
2092 * force the attacker wait 60 seconds before getting
2093 * the information on whether a frame resulted in a MIC
2094 * failure.
2095 */
2096 u8 rval[4];
2097 int sec;
2098
2099 if (os_get_random(rval, sizeof(rval)) < 0)
2100 sec = os_random() % 60;
2101 else
2102 sec = WPA_GET_BE32(rval) % 60;
f049052b
BG		 2103 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Delay MIC error "
2104 "report %d seconds", sec);
46690a3b
JM		 2105 wpa_s->pending_mic_error_report = 1;
2106 wpa_s->pending_mic_error_pairwise = pairwise;
2107 eloop_cancel_timeout(
2108 wpa_supplicant_delayed_mic_error_report,
2109 wpa_s, NULL);
2110 eloop_register_timeout(
2111 sec, os_random() % 1000000,
2112 wpa_supplicant_delayed_mic_error_report,
2113 wpa_s, NULL);
2114 } else {
2115 wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
2116 }
2117#else /* CONFIG_DELAYED_MIC_ERROR_REPORT */
2118 wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
2119#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b
JM		 2120 }
2121 wpa_s->last_michael_mic_error = t.sec;
46690a3b 2122 wpa_s->mic_errors_seen++;
6fc6879b
JM		 2123}
2124
2125
a83d9c96
SL		 2126#ifdef CONFIG_TERMINATE_ONLASTIF
2127static int any_interfaces(struct wpa_supplicant *head)
2128{
2129 struct wpa_supplicant *wpa_s;
2130
2131 for (wpa_s = head; wpa_s != NULL; wpa_s = wpa_s->next)
2132 if (!wpa_s->interface_removed)
2133 return 1;
2134 return 0;
2135}
2136#endif /* CONFIG_TERMINATE_ONLASTIF */
2137
2138
6fc6879b
JM		 2139static void
2140wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s,
2141 union wpa_event_data *data)
2142{
2143 if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0)
2144 return;
2145
2146 switch (data->interface_status.ievent) {
2147 case EVENT_INTERFACE_ADDED:
2148 if (!wpa_s->interface_removed)
2149 break;
2150 wpa_s->interface_removed = 0;
f049052b 2151 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was added");
6fc6879b 2152 if (wpa_supplicant_driver_init(wpa_s) < 0) {
f049052b
BG		 2153 wpa_msg(wpa_s, MSG_INFO, "Failed to initialize the "
2154 "driver after interface was added");
6fc6879b 2155 }
cb6710a4 2156 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b
JM		 2157 break;
2158 case EVENT_INTERFACE_REMOVED:
f049052b 2159 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was removed");
6fc6879b
JM		 2160 wpa_s->interface_removed = 1;
2161 wpa_supplicant_mark_disassoc(wpa_s);
cb6710a4 2162 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED);
6fc6879b
JM		 2163 l2_packet_deinit(wpa_s->l2);
2164 wpa_s->l2 = NULL;
ea244d21 2165#ifdef CONFIG_IBSS_RSN
78177a00
JM		 2166 ibss_rsn_deinit(wpa_s->ibss_rsn);
2167 wpa_s->ibss_rsn = NULL;
ea244d21 2168#endif /* CONFIG_IBSS_RSN */
a83d9c96
SL		 2169#ifdef CONFIG_TERMINATE_ONLASTIF
2170 /* check if last interface */
2171 if (!any_interfaces(wpa_s->global->ifaces))
2172 eloop_terminate();
2173#endif /* CONFIG_TERMINATE_ONLASTIF */
6fc6879b
JM		 2174 break;
2175 }
2176}
2177
2178
2179#ifdef CONFIG_PEERKEY
2180static void
2181wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s,
2182 union wpa_event_data *data)
2183{
2184 if (data == NULL)
2185 return;
2186 wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer);
2187}
2188#endif /* CONFIG_PEERKEY */
2189
2190
281ff0aa
GP		 2191#ifdef CONFIG_TDLS
2192static void wpa_supplicant_event_tdls(struct wpa_supplicant *wpa_s,
2193 union wpa_event_data *data)
2194{
2195 if (data == NULL)
2196 return;
2197 switch (data->tdls.oper) {
2198 case TDLS_REQUEST_SETUP:
3887878e
SD		 2199 wpa_tdls_remove(wpa_s->wpa, data->tdls.peer);
2200 if (wpa_tdls_is_external_setup(wpa_s->wpa))
2201 wpa_tdls_start(wpa_s->wpa, data->tdls.peer);
2202 else
2203 wpa_drv_tdls_oper(wpa_s, TDLS_SETUP, data->tdls.peer);
281ff0aa
GP		 2204 break;
2205 case TDLS_REQUEST_TEARDOWN:
f2e698de 2206 wpa_tdls_teardown_link(wpa_s->wpa, data->tdls.peer,
7de27409 2207 data->tdls.reason_code);
281ff0aa
GP		 2208 break;
2209 }
2210}
2211#endif /* CONFIG_TDLS */
2212
2213
ad3872a3 2214#ifdef CONFIG_WNM
75cad1a0
XC		 2215static void wpa_supplicant_event_wnm(struct wpa_supplicant *wpa_s,
2216 union wpa_event_data *data)
2217{
2218 if (data == NULL)
2219 return;
2220 switch (data->wnm.oper) {
2221 case WNM_OPER_SLEEP:
2222 wpa_printf(MSG_DEBUG, "Start sending WNM-Sleep Request "
2223 "(action=%d, intval=%d)",
2224 data->wnm.sleep_action, data->wnm.sleep_intval);
2225 ieee802_11_send_wnmsleep_req(wpa_s, data->wnm.sleep_action,
cd0ef657 2226 data->wnm.sleep_intval, NULL);
75cad1a0
XC		 2227 break;
2228 }
2229}
ad3872a3 2230#endif /* CONFIG_WNM */
75cad1a0
XC		 2231
2232
6fc6879b
JM		 2233#ifdef CONFIG_IEEE80211R
2234static void
2235wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s,
2236 union wpa_event_data *data)
2237{
2238 if (data == NULL)
2239 return;
2240
2241 if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies,
2242 data->ft_ies.ies_len,
2243 data->ft_ies.ft_action,
babfbf15
JM		 2244 data->ft_ies.target_ap,
2245 data->ft_ies.ric_ies,
2246 data->ft_ies.ric_ies_len) < 0) {
6fc6879b
JM		 2247 /* TODO: prevent MLME/driver from trying to associate? */
2248 }
2249}
2250#endif /* CONFIG_IEEE80211R */
2251
2252
11ef8d35
JM		 2253#ifdef CONFIG_IBSS_RSN
2254static void wpa_supplicant_event_ibss_rsn_start(struct wpa_supplicant *wpa_s,
2255 union wpa_event_data *data)
2256{
df4bc509 2257 struct wpa_ssid *ssid;
df418245
XC		 2258 if (wpa_s->wpa_state < WPA_ASSOCIATED)
2259 return;
11ef8d35
JM		 2260 if (data == NULL)
2261 return;
df4bc509
JM		 2262 ssid = wpa_s->current_ssid;
2263 if (ssid == NULL)
2264 return;
2265 if (ssid->mode != WPAS_MODE_IBSS || !wpa_key_mgmt_wpa(ssid->key_mgmt))
2266 return;
2267
11ef8d35
JM		 2268 ibss_rsn_start(wpa_s->ibss_rsn, data->ibss_rsn_start.peer);
2269}
2270#endif /* CONFIG_IBSS_RSN */
2271
2272
036f7c4a
JM		 2273#ifdef CONFIG_IEEE80211R
2274static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data,
2275 size_t len)
2276{
2277 const u8 *sta_addr, *target_ap_addr;
2278 u16 status;
2279
2280 wpa_hexdump(MSG_MSGDUMP, "FT: RX Action", data, len);
2281 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
2282 return; /* only SME case supported for now */
2283 if (len < 1 + 2 * ETH_ALEN + 2)
2284 return;
2285 if (data[0] != 2)
2286 return; /* Only FT Action Response is supported for now */
2287 sta_addr = data + 1;
2288 target_ap_addr = data + 1 + ETH_ALEN;
2289 status = WPA_GET_LE16(data + 1 + 2 * ETH_ALEN);
f049052b
BG		 2290 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Received FT Action Response: STA "
2291 MACSTR " TargetAP " MACSTR " status %u",
2292 MAC2STR(sta_addr), MAC2STR(target_ap_addr), status);
036f7c4a
JM		 2293
2294 if (os_memcmp(sta_addr, wpa_s->own_addr, ETH_ALEN) != 0) {
f049052b
BG		 2295 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Foreign STA Address " MACSTR
2296 " in FT Action Response", MAC2STR(sta_addr));
036f7c4a
JM		 2297 return;
2298 }
2299
2300 if (status) {
f049052b
BG		 2301 wpa_dbg(wpa_s, MSG_DEBUG, "FT: FT Action Response indicates "
2302 "failure (status code %d)", status);
036f7c4a
JM		 2303 /* TODO: report error to FT code(?) */
2304 return;
2305 }
2306
2307 if (wpa_ft_process_response(wpa_s->wpa, data + 1 + 2 * ETH_ALEN + 2,
2308 len - (1 + 2 * ETH_ALEN + 2), 1,
2309 target_ap_addr, NULL, 0) < 0)
2310 return;
2311
fe191985
JM		 2312#ifdef CONFIG_SME
2313 {
2314 struct wpa_bss *bss;
2315 bss = wpa_bss_get_bssid(wpa_s, target_ap_addr);
2316 if (bss)
2317 wpa_s->sme.freq = bss->freq;
62c72d72 2318 wpa_s->sme.auth_alg = WPA_AUTH_ALG_FT;
fe191985
JM		 2319 sme_associate(wpa_s, WPAS_MODE_INFRA, target_ap_addr,
2320 WLAN_AUTH_FT);
2321 }
2322#endif /* CONFIG_SME */
036f7c4a
JM		 2323}
2324#endif /* CONFIG_IEEE80211R */
2325
2326
7d878ca7
JM		 2327static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s,
2328 struct unprot_deauth *e)
2329{
2330#ifdef CONFIG_IEEE80211W
2331 wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame "
2332 "dropped: " MACSTR " -> " MACSTR
2333 " (reason code %u)",
2334 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code);
2335 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code);
2336#endif /* CONFIG_IEEE80211W */
2337}
2338
2339
2340static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s,
2341 struct unprot_disassoc *e)
2342{
2343#ifdef CONFIG_IEEE80211W
2344 wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame "
2345 "dropped: " MACSTR " -> " MACSTR
2346 " (reason code %u)",
2347 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code);
2348 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code);
2349#endif /* CONFIG_IEEE80211W */
2350}
2351
2352
9646a8ab 2353void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
6fc6879b
JM		 2354 union wpa_event_data *data)
2355{
2356 struct wpa_supplicant *wpa_s = ctx;
0544b242 2357 u16 reason_code = 0;
3d9975d5 2358 int locally_generated = 0;
6fc6879b 2359
8401a6b0
JM		 2360 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED &&
2361 event != EVENT_INTERFACE_ENABLED &&
9b6f44cb
JM		 2362 event != EVENT_INTERFACE_STATUS &&
2363 event != EVENT_SCHED_SCAN_STOPPED) {
6c3771d7
BG		 2364 wpa_dbg(wpa_s, MSG_DEBUG,
2365 "Ignore event %s (%d) while interface is disabled",
2366 event_to_string(event), event);
8401a6b0
JM		 2367 return;
2368 }
2369
74781dfc
JM		 2370#ifndef CONFIG_NO_STDOUT_DEBUG
2371{
2372 int level = MSG_DEBUG;
2373
eab6f5e0 2374 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame_len >= 24) {
74781dfc
JM		 2375 const struct ieee80211_hdr *hdr;
2376 u16 fc;
2377 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame;
2378 fc = le_to_host16(hdr->frame_control);
2379 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT &&
2380 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON)
2381 level = MSG_EXCESSIVE;
2382 }
2383
2384 wpa_dbg(wpa_s, level, "Event %s (%d) received",
6c3771d7 2385 event_to_string(event), event);
74781dfc
JM		 2386}
2387#endif /* CONFIG_NO_STDOUT_DEBUG */
9b7124b2 2388
6fc6879b 2389 switch (event) {
c2a04078
JM		 2390 case EVENT_AUTH:
2391 sme_event_auth(wpa_s, data);
2392 break;
6fc6879b
JM		 2393 case EVENT_ASSOC:
2394 wpa_supplicant_event_assoc(wpa_s, data);
2395 break;
2396 case EVENT_DISASSOC:
f049052b 2397 wpa_dbg(wpa_s, MSG_DEBUG, "Disassociation notification");
2e75a2b3 2398 if (data) {
3d9975d5
JM		 2399 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u%s",
2400 data->disassoc_info.reason_code,
2401 data->disassoc_info.locally_generated ?
2402 " (locally generated)" : "");
2e75a2b3 2403 if (data->disassoc_info.addr)
f049052b
BG		 2404 wpa_dbg(wpa_s, MSG_DEBUG, " * address " MACSTR,
2405 MAC2STR(data->disassoc_info.addr));
2e75a2b3 2406 }
1d041bec 2407#ifdef CONFIG_AP
7f542069 2408 if (wpa_s->ap_iface && data && data->disassoc_info.addr) {
1d041bec
JM		 2409 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0],
2410 data->disassoc_info.addr);
2411 break;
2412 }
4551dd90
JM		 2413 if (wpa_s->ap_iface) {
2414 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore disassoc event in "
2415 "AP mode");
2416 break;
2417 }
1d041bec 2418#endif /* CONFIG_AP */
9fdd0fad
JM		 2419 if (data) {
2420 reason_code = data->disassoc_info.reason_code;
3d9975d5
JM		 2421 locally_generated =
2422 data->disassoc_info.locally_generated;
9fdd0fad
JM		 2423 wpa_hexdump(MSG_DEBUG, "Disassociation frame IE(s)",
2424 data->disassoc_info.ie,
2425 data->disassoc_info.ie_len);
2426#ifdef CONFIG_P2P
2427 wpas_p2p_disassoc_notif(
2428 wpa_s, data->disassoc_info.addr, reason_code,
2429 data->disassoc_info.ie,
3fc14102
JM		 2430 data->disassoc_info.ie_len,
2431 locally_generated);
9fdd0fad
JM		 2432#endif /* CONFIG_P2P */
2433 }
0e379654
JM		 2434 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
2435 sme_event_disassoc(wpa_s, data);
a84ed99e
JM		 2436 /* fall through */
2437 case EVENT_DEAUTH:
0544b242 2438 if (event == EVENT_DEAUTH) {
f049052b
BG		 2439 wpa_dbg(wpa_s, MSG_DEBUG,
2440 "Deauthentication notification");
2e75a2b3 2441 if (data) {
0544b242 2442 reason_code = data->deauth_info.reason_code;
3d9975d5
JM		 2443 locally_generated =
2444 data->deauth_info.locally_generated;
2445 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u%s",
2446 data->deauth_info.reason_code,
2447 data->deauth_info.locally_generated ?
2448 " (locally generated)" : "");
2e75a2b3 2449 if (data->deauth_info.addr) {
f049052b
BG		 2450 wpa_dbg(wpa_s, MSG_DEBUG, " * address "
2451 MACSTR,
2452 MAC2STR(data->deauth_info.
2453 addr));
2e75a2b3 2454 }
9fdd0fad
JM		 2455 wpa_hexdump(MSG_DEBUG,
2456 "Deauthentication frame IE(s)",
2457 data->deauth_info.ie,
2458 data->deauth_info.ie_len);
2e75a2b3 2459 }
0544b242 2460 }
1d041bec 2461#ifdef CONFIG_AP
7f542069 2462 if (wpa_s->ap_iface && data && data->deauth_info.addr) {
1d041bec
JM		 2463 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0],
2464 data->deauth_info.addr);
2465 break;
2466 }
4551dd90
JM		 2467 if (wpa_s->ap_iface) {
2468 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore deauth event in "
2469 "AP mode");
2470 break;
2471 }
1d041bec 2472#endif /* CONFIG_AP */
3d9975d5
JM		 2473 wpa_supplicant_event_disassoc(wpa_s, reason_code,
2474 locally_generated);
00e5e3d5
JM		 2475 if (reason_code == WLAN_REASON_IEEE_802_1X_AUTH_FAILED ||
2476 ((wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2477 (wpa_s->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) &&
2478 eapol_sm_failed(wpa_s->eapol)))
2479 wpas_auth_failed(wpa_s);
3fc14102
JM		 2480#ifdef CONFIG_P2P
2481 if (event == EVENT_DEAUTH && data) {
0aadd568
JM		 2482 if (wpas_p2p_deauth_notif(wpa_s,
2483 data->deauth_info.addr,
2484 reason_code,
2485 data->deauth_info.ie,
2486 data->deauth_info.ie_len,
2487 locally_generated) > 0) {
2488 /*
2489 * The interface was removed, so cannot
2490 * continue processing any additional
2491 * operations after this.
2492 */
2493 break;
2494 }
3fc14102
JM		 2495 }
2496#endif /* CONFIG_P2P */
0aadd568
JM		 2497 wpa_supplicant_event_disassoc_finish(wpa_s, reason_code,
2498 locally_generated);
6fc6879b
JM		 2499 break;
2500 case EVENT_MICHAEL_MIC_FAILURE:
2501 wpa_supplicant_event_michael_mic_failure(wpa_s, data);
2502 break;
2503#ifndef CONFIG_NO_SCAN_PROCESSING
2504 case EVENT_SCAN_RESULTS:
8d923a4a 2505 wpa_supplicant_event_scan_results(wpa_s, data);
99fcd404 2506#ifdef CONFIG_P2P
e665ca9a 2507 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
99fcd404
JM		 2508 wpa_s->global->p2p != NULL &&
2509 wpa_s->wpa_state != WPA_AUTHENTICATING &&
2510 wpa_s->wpa_state != WPA_ASSOCIATING) {
e665ca9a 2511 wpa_s->global->p2p_cb_on_scan_complete = 0;
99fcd404
JM		 2512 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
2513 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
2514 "continued after scan result processing");
2515 }
2516 }
2517#endif /* CONFIG_P2P */
6fc6879b
JM		 2518 break;
2519#endif /* CONFIG_NO_SCAN_PROCESSING */
2520 case EVENT_ASSOCINFO:
2521 wpa_supplicant_event_associnfo(wpa_s, data);
2522 break;
2523 case EVENT_INTERFACE_STATUS:
2524 wpa_supplicant_event_interface_status(wpa_s, data);
2525 break;
2526 case EVENT_PMKID_CANDIDATE:
2527 wpa_supplicant_event_pmkid_candidate(wpa_s, data);
2528 break;
2529#ifdef CONFIG_PEERKEY
2530 case EVENT_STKSTART:
2531 wpa_supplicant_event_stkstart(wpa_s, data);
2532 break;
2533#endif /* CONFIG_PEERKEY */
281ff0aa
GP		 2534#ifdef CONFIG_TDLS
2535 case EVENT_TDLS:
2536 wpa_supplicant_event_tdls(wpa_s, data);
2537 break;
2538#endif /* CONFIG_TDLS */
ad3872a3 2539#ifdef CONFIG_WNM
75cad1a0
XC		 2540 case EVENT_WNM:
2541 wpa_supplicant_event_wnm(wpa_s, data);
2542 break;
ad3872a3 2543#endif /* CONFIG_WNM */
6fc6879b
JM		 2544#ifdef CONFIG_IEEE80211R
2545 case EVENT_FT_RESPONSE:
2546 wpa_supplicant_event_ft_response(wpa_s, data);
2547 break;
2548#endif /* CONFIG_IEEE80211R */
11ef8d35
JM		 2549#ifdef CONFIG_IBSS_RSN
2550 case EVENT_IBSS_RSN_START:
2551 wpa_supplicant_event_ibss_rsn_start(wpa_s, data);
2552 break;
2553#endif /* CONFIG_IBSS_RSN */
efa46078 2554 case EVENT_ASSOC_REJECT:
c05d6d18
JM		 2555 if (data->assoc_reject.bssid)
2556 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT
2557 "bssid=" MACSTR " status_code=%u",
2558 MAC2STR(data->assoc_reject.bssid),
2559 data->assoc_reject.status_code);
2560 else
2561 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT
2562 "status_code=%u",
2563 data->assoc_reject.status_code);
ea78c315
JM		 2564 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
2565 sme_event_assoc_reject(wpa_s, data);
10737aba
JM		 2566 else {
2567 const u8 *bssid = data->assoc_reject.bssid;
2568 if (bssid == NULL || is_zero_ether_addr(bssid))
2569 bssid = wpa_s->pending_bssid;
2570 wpas_connection_failed(wpa_s, bssid);
2571 wpa_supplicant_mark_disassoc(wpa_s);
2572 }
efa46078 2573 break;
da1fb17c 2574 case EVENT_AUTH_TIMED_OUT:
ea78c315
JM		 2575 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
2576 sme_event_auth_timed_out(wpa_s, data);
da1fb17c
JM		 2577 break;
2578 case EVENT_ASSOC_TIMED_OUT:
ea78c315
JM		 2579 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
2580 sme_event_assoc_timed_out(wpa_s, data);
da1fb17c 2581 break;
f8b1f695 2582 case EVENT_TX_STATUS:
f049052b
BG		 2583 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS dst=" MACSTR
2584 " type=%d stype=%d",
2585 MAC2STR(data->tx_status.dst),
2586 data->tx_status.type, data->tx_status.stype);
24f6497c 2587#ifdef CONFIG_AP
9bae1be0 2588 if (wpa_s->ap_iface == NULL) {
24f6497c 2589#ifdef CONFIG_OFFCHANNEL
9bae1be0
JM		 2590 if (data->tx_status.type == WLAN_FC_TYPE_MGMT &&
2591 data->tx_status.stype == WLAN_FC_STYPE_ACTION)
24f6497c 2592 offchannel_send_action_tx_status(
9bae1be0
JM		 2593 wpa_s, data->tx_status.dst,
2594 data->tx_status.data,
2595 data->tx_status.data_len,
93b7ddd0 2596 data->tx_status.ack ?
24f6497c
JM		 2597 OFFCHANNEL_SEND_ACTION_SUCCESS :
2598 OFFCHANNEL_SEND_ACTION_NO_ACK);
2599#endif /* CONFIG_OFFCHANNEL */
9bae1be0
JM		 2600 break;
2601 }
24f6497c
JM		 2602#endif /* CONFIG_AP */
2603#ifdef CONFIG_OFFCHANNEL
f049052b
BG		 2604 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS pending_dst="
2605 MACSTR, MAC2STR(wpa_s->parent->pending_action_dst));
9bae1be0
JM		 2606 /*
2607 * Catch TX status events for Action frames we sent via group
2608 * interface in GO mode.
2609 */
2610 if (data->tx_status.type == WLAN_FC_TYPE_MGMT &&
2611 data->tx_status.stype == WLAN_FC_STYPE_ACTION &&
2612 os_memcmp(wpa_s->parent->pending_action_dst,
2613 data->tx_status.dst, ETH_ALEN) == 0) {
24f6497c 2614 offchannel_send_action_tx_status(
9bae1be0
JM		 2615 wpa_s->parent, data->tx_status.dst,
2616 data->tx_status.data,
2617 data->tx_status.data_len,
1d39378a 2618 data->tx_status.ack ?
24f6497c
JM		 2619 OFFCHANNEL_SEND_ACTION_SUCCESS :
2620 OFFCHANNEL_SEND_ACTION_NO_ACK);
f8b1f695 2621 break;
9bae1be0 2622 }
24f6497c
JM		 2623#endif /* CONFIG_OFFCHANNEL */
2624#ifdef CONFIG_AP
f8b1f695
JM		 2625 switch (data->tx_status.type) {
2626 case WLAN_FC_TYPE_MGMT:
2627 ap_mgmt_tx_cb(wpa_s, data->tx_status.data,
2628 data->tx_status.data_len,
2629 data->tx_status.stype,
2630 data->tx_status.ack);
2631 break;
2632 case WLAN_FC_TYPE_DATA:
2633 ap_tx_status(wpa_s, data->tx_status.dst,
2634 data->tx_status.data,
2635 data->tx_status.data_len,
2636 data->tx_status.ack);
2637 break;
2638 }
24f6497c 2639#endif /* CONFIG_AP */
f8b1f695 2640 break;
24f6497c 2641#ifdef CONFIG_AP
dd840f79
JB		 2642 case EVENT_EAPOL_TX_STATUS:
2643 ap_eapol_tx_status(wpa_s, data->eapol_tx_status.dst,
2644 data->eapol_tx_status.data,
2645 data->eapol_tx_status.data_len,
2646 data->eapol_tx_status.ack);
2647 break;
bcf24348
JB		 2648 case EVENT_DRIVER_CLIENT_POLL_OK:
2649 ap_client_poll_ok(wpa_s, data->client_poll.addr);
2650 break;
f8b1f695
JM		 2651 case EVENT_RX_FROM_UNKNOWN:
2652 if (wpa_s->ap_iface == NULL)
2653 break;
9b90955e
JB		 2654 ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.addr,
2655 data->rx_from_unknown.wds);
f8b1f695 2656 break;
1b487b8b
TP		 2657 case EVENT_CH_SWITCH:
2658 if (!data)
2659 break;
2660 if (!wpa_s->ap_iface) {
2661 wpa_dbg(wpa_s, MSG_DEBUG, "AP: Ignore channel switch "
2662 "event in non-AP mode");
2663 break;
2664 }
2665
2666#ifdef CONFIG_AP
2667 wpas_ap_ch_switch(wpa_s, data->ch_switch.freq,
2668 data->ch_switch.ht_enabled,
2669 data->ch_switch.ch_offset);
2670#endif /* CONFIG_AP */
2671 break;
2d43d37f
JB		 2672 case EVENT_RX_MGMT: {
2673 u16 fc, stype;
2674 const struct ieee80211_mgmt *mgmt;
2675
2676 mgmt = (const struct ieee80211_mgmt *)
2677 data->rx_mgmt.frame;
2678 fc = le_to_host16(mgmt->frame_control);
2679 stype = WLAN_FC_GET_STYPE(fc);
2680
9bae1be0
JM		 2681 if (wpa_s->ap_iface == NULL) {
2682#ifdef CONFIG_P2P
9bae1be0
JM		 2683 if (stype == WLAN_FC_STYPE_PROBE_REQ &&
2684 data->rx_mgmt.frame_len > 24) {
2685 const u8 *src = mgmt->sa;
2686 const u8 *ie = mgmt->u.probe_req.variable;
2687 size_t ie_len = data->rx_mgmt.frame_len -
2688 (mgmt->u.probe_req.variable -
2689 data->rx_mgmt.frame);
baf513d6
JB		 2690 wpas_p2p_probe_req_rx(
2691 wpa_s, src, mgmt->da,
2692 mgmt->bssid, ie, ie_len,
2693 data->rx_mgmt.ssi_signal);
9bae1be0
JM		 2694 break;
2695 }
2696#endif /* CONFIG_P2P */
f049052b
BG		 2697 wpa_dbg(wpa_s, MSG_DEBUG, "AP: ignore received "
2698 "management frame in non-AP mode");
f8b1f695 2699 break;
9bae1be0 2700 }
2d43d37f
JB		 2701
2702 if (stype == WLAN_FC_STYPE_PROBE_REQ &&
2703 data->rx_mgmt.frame_len > 24) {
2704 const u8 *ie = mgmt->u.probe_req.variable;
2705 size_t ie_len = data->rx_mgmt.frame_len -
2706 (mgmt->u.probe_req.variable -
2707 data->rx_mgmt.frame);
2708
2709 wpas_notify_preq(wpa_s, mgmt->sa, mgmt->da,
2710 mgmt->bssid, ie, ie_len,
2711 data->rx_mgmt.ssi_signal);
2d43d37f
JB		 2712 }
2713
2a8b7416 2714 ap_mgmt_rx(wpa_s, &data->rx_mgmt);
f8b1f695 2715 break;
2d43d37f 2716 }
f8b1f695 2717#endif /* CONFIG_AP */
036f7c4a 2718 case EVENT_RX_ACTION:
f049052b
BG		 2719 wpa_dbg(wpa_s, MSG_DEBUG, "Received Action frame: SA=" MACSTR
2720 " Category=%u DataLen=%d freq=%d MHz",
2721 MAC2STR(data->rx_action.sa),
2722 data->rx_action.category, (int) data->rx_action.len,
2723 data->rx_action.freq);
036f7c4a
JM		 2724#ifdef CONFIG_IEEE80211R
2725 if (data->rx_action.category == WLAN_ACTION_FT) {
2726 ft_rx_action(wpa_s, data->rx_action.data,
2727 data->rx_action.len);
2728 break;
2729 }
2730#endif /* CONFIG_IEEE80211R */
7d878ca7
JM		 2731#ifdef CONFIG_IEEE80211W
2732#ifdef CONFIG_SME
2733 if (data->rx_action.category == WLAN_ACTION_SA_QUERY) {
2734 sme_sa_query_rx(wpa_s, data->rx_action.sa,
2735 data->rx_action.data,
2736 data->rx_action.len);
2737 break;
2738 }
2739#endif /* CONFIG_SME */
2740#endif /* CONFIG_IEEE80211W */
ad3872a3 2741#ifdef CONFIG_WNM
75cad1a0
XC		 2742 if (data->rx_action.category == WLAN_ACTION_WNM) {
2743 ieee802_11_rx_wnm_action(wpa_s, &data->rx_action);
2744 break;
2745 }
ad3872a3 2746#endif /* CONFIG_WNM */
04ea7b79
JM		 2747#ifdef CONFIG_GAS
2748 if (data->rx_action.category == WLAN_ACTION_PUBLIC &&
2749 gas_query_rx(wpa_s->gas, data->rx_action.da,
2750 data->rx_action.sa, data->rx_action.bssid,
2751 data->rx_action.data, data->rx_action.len,
2752 data->rx_action.freq) == 0)
2753 break;
2754#endif /* CONFIG_GAS */
35287637
AN		 2755#ifdef CONFIG_TDLS
2756 if (data->rx_action.category == WLAN_ACTION_PUBLIC &&
2757 data->rx_action.len >= 4 &&
2758 data->rx_action.data[0] == WLAN_TDLS_DISCOVERY_RESPONSE) {
2759 wpa_dbg(wpa_s, MSG_DEBUG, "TDLS: Received Discovery "
2760 "Response from " MACSTR,
2761 MAC2STR(data->rx_action.sa));
2762 break;
2763 }
2764#endif /* CONFIG_TDLS */
9bae1be0
JM		 2765#ifdef CONFIG_P2P
2766 wpas_p2p_rx_action(wpa_s, data->rx_action.da,
2767 data->rx_action.sa,
2768 data->rx_action.bssid,
2769 data->rx_action.category,
2770 data->rx_action.data,
2771 data->rx_action.len, data->rx_action.freq);
e67b55fb
JM		 2772#endif /* CONFIG_P2P */
2773 break;
2774 case EVENT_RX_PROBE_REQ:
b211f3eb
JM		 2775 if (data->rx_probe_req.sa == NULL ||
2776 data->rx_probe_req.ie == NULL)
2777 break;
e67b55fb
JM		 2778#ifdef CONFIG_AP
2779 if (wpa_s->ap_iface) {
2780 hostapd_probe_req_rx(wpa_s->ap_iface->bss[0],
2781 data->rx_probe_req.sa,
04a85e44
JM		 2782 data->rx_probe_req.da,
2783 data->rx_probe_req.bssid,
e67b55fb 2784 data->rx_probe_req.ie,
baf513d6
JB		 2785 data->rx_probe_req.ie_len,
2786 data->rx_probe_req.ssi_signal);
e67b55fb
JM		 2787 break;
2788 }
2789#endif /* CONFIG_AP */
2790#ifdef CONFIG_P2P
2791 wpas_p2p_probe_req_rx(wpa_s, data->rx_probe_req.sa,
04a85e44
JM		 2792 data->rx_probe_req.da,
2793 data->rx_probe_req.bssid,
e67b55fb 2794 data->rx_probe_req.ie,
baf513d6
JB		 2795 data->rx_probe_req.ie_len,
2796 data->rx_probe_req.ssi_signal);
9bae1be0 2797#endif /* CONFIG_P2P */
036f7c4a 2798 break;
9bae1be0 2799 case EVENT_REMAIN_ON_CHANNEL:
24f6497c
JM		 2800#ifdef CONFIG_OFFCHANNEL
2801 offchannel_remain_on_channel_cb(
2802 wpa_s, data->remain_on_channel.freq,
2803 data->remain_on_channel.duration);
2804#endif /* CONFIG_OFFCHANNEL */
2805#ifdef CONFIG_P2P
9bae1be0
JM		 2806 wpas_p2p_remain_on_channel_cb(
2807 wpa_s, data->remain_on_channel.freq,
2808 data->remain_on_channel.duration);
24f6497c 2809#endif /* CONFIG_P2P */
9bae1be0
JM		 2810 break;
2811 case EVENT_CANCEL_REMAIN_ON_CHANNEL:
24f6497c
JM		 2812#ifdef CONFIG_OFFCHANNEL
2813 offchannel_cancel_remain_on_channel_cb(
2814 wpa_s, data->remain_on_channel.freq);
2815#endif /* CONFIG_OFFCHANNEL */
2816#ifdef CONFIG_P2P
9bae1be0
JM		 2817 wpas_p2p_cancel_remain_on_channel_cb(
2818 wpa_s, data->remain_on_channel.freq);
24f6497c 2819#endif /* CONFIG_P2P */
9bae1be0 2820 break;
24f6497c 2821#ifdef CONFIG_P2P
c5db8e51
KRK		 2822 case EVENT_P2P_DEV_FOUND: {
2823 struct p2p_peer_info peer_info;
2824
2825 os_memset(&peer_info, 0, sizeof(peer_info));
2826 if (data->p2p_dev_found.dev_addr)
2827 os_memcpy(peer_info.p2p_device_addr,
2828 data->p2p_dev_found.dev_addr, ETH_ALEN);
2829 if (data->p2p_dev_found.pri_dev_type)
2830 os_memcpy(peer_info.pri_dev_type,
2831 data->p2p_dev_found.pri_dev_type,
2832 sizeof(peer_info.pri_dev_type));
2833 if (data->p2p_dev_found.dev_name)
2834 os_strlcpy(peer_info.device_name,
2835 data->p2p_dev_found.dev_name,
2836 sizeof(peer_info.device_name));
2837 peer_info.config_methods = data->p2p_dev_found.config_methods;
2838 peer_info.dev_capab = data->p2p_dev_found.dev_capab;
2839 peer_info.group_capab = data->p2p_dev_found.group_capab;
2840
8fd7dc1b
JB		 2841 /*
2842 * FIX: new_device=1 is not necessarily correct. We should
2843 * maintain a P2P peer database in wpa_supplicant and update
2844 * this information based on whether the peer is truly new.
2845 */
2846 wpas_dev_found(wpa_s, data->p2p_dev_found.addr, &peer_info, 1);
3ac17eba 2847 break;
c5db8e51 2848 }
3ac17eba
JM		 2849 case EVENT_P2P_GO_NEG_REQ_RX:
2850 wpas_go_neg_req_rx(wpa_s, data->p2p_go_neg_req_rx.src,
2851 data->p2p_go_neg_req_rx.dev_passwd_id);
2852 break;
2853 case EVENT_P2P_GO_NEG_COMPLETED:
2854 wpas_go_neg_completed(wpa_s, data->p2p_go_neg_completed.res);
2855 break;
2856 case EVENT_P2P_PROV_DISC_REQUEST:
2857 wpas_prov_disc_req(wpa_s, data->p2p_prov_disc_req.peer,
2858 data->p2p_prov_disc_req.config_methods,
2859 data->p2p_prov_disc_req.dev_addr,
2860 data->p2p_prov_disc_req.pri_dev_type,
2861 data->p2p_prov_disc_req.dev_name,
2862 data->p2p_prov_disc_req.supp_config_methods,
2863 data->p2p_prov_disc_req.dev_capab,
c3f42784
JM		 2864 data->p2p_prov_disc_req.group_capab,
2865 NULL, 0);
3ac17eba
JM		 2866 break;
2867 case EVENT_P2P_PROV_DISC_RESPONSE:
2868 wpas_prov_disc_resp(wpa_s, data->p2p_prov_disc_resp.peer,
2869 data->p2p_prov_disc_resp.config_methods);
2870 break;
2871 case EVENT_P2P_SD_REQUEST:
2872 wpas_sd_request(wpa_s, data->p2p_sd_req.freq,
2873 data->p2p_sd_req.sa,
2874 data->p2p_sd_req.dialog_token,
2875 data->p2p_sd_req.update_indic,
2876 data->p2p_sd_req.tlvs,
2877 data->p2p_sd_req.tlvs_len);
2878 break;
2879 case EVENT_P2P_SD_RESPONSE:
2880 wpas_sd_response(wpa_s, data->p2p_sd_resp.sa,
2881 data->p2p_sd_resp.update_indic,
2882 data->p2p_sd_resp.tlvs,
2883 data->p2p_sd_resp.tlvs_len);
2884 break;
9bae1be0 2885#endif /* CONFIG_P2P */
a8e0505b
JM		 2886 case EVENT_EAPOL_RX:
2887 wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src,
2888 data->eapol_rx.data,
2889 data->eapol_rx.data_len);
2890 break;
e2f74005
JM		 2891 case EVENT_SIGNAL_CHANGE:
2892 bgscan_notify_signal_change(
60a972a6 2893 wpa_s, data->signal_change.above_threshold,
174fa789
PS		 2894 data->signal_change.current_signal,
2895 data->signal_change.current_noise,
2896 data->signal_change.current_txrate);
e2f74005 2897 break;
8401a6b0 2898 case EVENT_INTERFACE_ENABLED:
f049052b 2899 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled");
8401a6b0 2900 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
bfba8deb 2901 wpa_supplicant_update_mac_addr(wpa_s);
199716ad 2902#ifdef CONFIG_AP
9919f7a2
JB		 2903 if (!wpa_s->ap_iface) {
2904 wpa_supplicant_set_state(wpa_s,
2905 WPA_DISCONNECTED);
2906 wpa_supplicant_req_scan(wpa_s, 0, 0);
2907 } else
2908 wpa_supplicant_set_state(wpa_s,
2909 WPA_COMPLETED);
199716ad
BG		 2910#else /* CONFIG_AP */
2911 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2912 wpa_supplicant_req_scan(wpa_s, 0, 0);
2913#endif /* CONFIG_AP */
8401a6b0
JM		 2914 }
2915 break;
2916 case EVENT_INTERFACE_DISABLED:
f049052b 2917 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was disabled");
8401a6b0
JM		 2918 wpa_supplicant_mark_disassoc(wpa_s);
2919 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED);
2920 break;
b5c9da8d 2921 case EVENT_CHANNEL_LIST_CHANGED:
35c5d610
JM		 2922 if (wpa_s->drv_priv == NULL)
2923 break; /* Ignore event during drv initialization */
6979582c
JM		 2924
2925 free_hw_features(wpa_s);
2926 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(
2927 wpa_s, &wpa_s->hw.num_modes, &wpa_s->hw.flags);
2928
b5c9da8d
JM		 2929#ifdef CONFIG_P2P
2930 wpas_p2p_update_channel_list(wpa_s);
c973f386
JM		 2931#endif /* CONFIG_P2P */
2932 break;
2933 case EVENT_INTERFACE_UNAVAILABLE:
2934#ifdef CONFIG_P2P
2935 wpas_p2p_interface_unavailable(wpa_s);
7cfc4ac3
AGS		 2936#endif /* CONFIG_P2P */
2937 break;
2938 case EVENT_BEST_CHANNEL:
f049052b
BG		 2939 wpa_dbg(wpa_s, MSG_DEBUG, "Best channel event received "
2940 "(%d %d %d)",
2941 data->best_chan.freq_24, data->best_chan.freq_5,
2942 data->best_chan.freq_overall);
7cfc4ac3
AGS		 2943 wpa_s->best_24_freq = data->best_chan.freq_24;
2944 wpa_s->best_5_freq = data->best_chan.freq_5;
2945 wpa_s->best_overall_freq = data->best_chan.freq_overall;
2946#ifdef CONFIG_P2P
2947 wpas_p2p_update_best_channels(wpa_s, data->best_chan.freq_24,
2948 data->best_chan.freq_5,
2949 data->best_chan.freq_overall);
b5c9da8d
JM		 2950#endif /* CONFIG_P2P */
2951 break;
7d878ca7
JM		 2952 case EVENT_UNPROT_DEAUTH:
2953 wpa_supplicant_event_unprot_deauth(wpa_s,
2954 &data->unprot_deauth);
2955 break;
2956 case EVENT_UNPROT_DISASSOC:
2957 wpa_supplicant_event_unprot_disassoc(wpa_s,
2958 &data->unprot_disassoc);
2959 break;
0d7e5a3a
JB		 2960 case EVENT_STATION_LOW_ACK:
2961#ifdef CONFIG_AP
2962 if (wpa_s->ap_iface && data)
2963 hostapd_event_sta_low_ack(wpa_s->ap_iface->bss[0],
2964 data->low_ack.addr);
2965#endif /* CONFIG_AP */
8f15f711
AN		 2966#ifdef CONFIG_TDLS
2967 if (data)
2968 wpa_tdls_disable_link(wpa_s->wpa, data->low_ack.addr);
2969#endif /* CONFIG_TDLS */
0d7e5a3a 2970 break;
ea244d21
XC		 2971 case EVENT_IBSS_PEER_LOST:
2972#ifdef CONFIG_IBSS_RSN
2973 ibss_rsn_stop(wpa_s->ibss_rsn, data->ibss_peer_lost.peer);
2974#endif /* CONFIG_IBSS_RSN */
2975 break;
b14a210c
JB		 2976 case EVENT_DRIVER_GTK_REKEY:
2977 if (os_memcmp(data->driver_gtk_rekey.bssid,
2978 wpa_s->bssid, ETH_ALEN))
2979 break;
2980 if (!wpa_s->wpa)
2981 break;
2982 wpa_sm_update_replay_ctr(wpa_s->wpa,
2983 data->driver_gtk_rekey.replay_ctr);
2984 break;
cbdf3507
LC		 2985 case EVENT_SCHED_SCAN_STOPPED:
2986 wpa_s->sched_scanning = 0;
2987 wpa_supplicant_notify_scanning(wpa_s, 0);
2988
9b6f44cb
JM		 2989 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
2990 break;
2991
cbdf3507
LC		 2992 /*
2993 * If we timed out, start a new sched scan to continue
2994 * searching for more SSIDs.
2995 */
2996 if (wpa_s->sched_scan_timed_out)
2997 wpa_supplicant_req_sched_scan(wpa_s);
2998 break;
783fcb7d
GG		 2999 case EVENT_WPS_BUTTON_PUSHED:
3000#ifdef CONFIG_WPS
3001 wpas_wps_start_pbc(wpa_s, NULL, 0);
3002#endif /* CONFIG_WPS */
3003 break;
3140803b
RM		 3004 case EVENT_CONNECT_FAILED_REASON:
3005#ifdef CONFIG_AP
3006 if (!wpa_s->ap_iface || !data)
3007 break;
3008 hostapd_event_connect_failed_reason(
3009 wpa_s->ap_iface->bss[0],
3010 data->connect_failed_reason.addr,
3011 data->connect_failed_reason.code);
3012#endif /* CONFIG_AP */
3013 break;
6fc6879b 3014 default:
f049052b 3015 wpa_msg(wpa_s, MSG_INFO, "Unknown event %d", event);
6fc6879b
JM		 3016 break;
3017 }
3018}
Unnamed repository; edit this file 'description' to name the repository.