]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
WPS: Ignore other APs if PBC is used with a specific BSSID
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
cc58a357 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
cfde99a8 39#include "common/ieee802_11_common.h"
90973fb2 40#include "common/ieee802_11_defs.h"
6b8b0774 41#include "common/hw_features_common.h"
461d39af 42#include "common/gas_server.h"
10ec6a5f 43#include "common/dpp.h"
72044390 44#include "p2p/p2p.h"
b36a3a65 45#include "fst/fst.h"
6fc6879b
JM		 46#include "blacklist.h"
47#include "wpas_glue.h"
116654ce 48#include "wps_supplicant.h"
11ef8d35 49#include "ibss_rsn.h"
c2a04078 50#include "sme.h"
04ea7b79 51#include "gas_query.h"
1f1b62a0 52#include "ap.h"
b22128ef 53#include "p2p_supplicant.h"
9675ce35 54#include "wifi_display.h"
8bac466b 55#include "notify.h"
60b94c98 56#include "bgscan.h"
7c865c68 57#include "autoscan.h"
83922c2d 58#include "bss.h"
9ba9fa07 59#include "scan.h"
24f6497c 60#include "offchannel.h"
cb418324 61#include "hs20_supplicant.h"
e27d20bb 62#include "wnm_sta.h"
dd10abcc 63#include "wpas_kay.h"
603a3f34 64#include "mesh.h"
be27e185 65#include "dpp_supplicant.h"
a39b040b
SB		 66#ifdef CONFIG_MESH
67#include "ap/ap_config.h"
68#include "ap/hostapd.h"
69#endif /* CONFIG_MESH */
6fc6879b 70
8b423edb 71const char *const wpa_supplicant_version =
6fc6879b 72"wpa_supplicant v" VERSION_STR "\n"
cc58a357 73"Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 74
8b423edb 75const char *const wpa_supplicant_license =
331f89ff
JM		 76"This software may be distributed under the terms of the BSD license.\n"
77"See README for more details.\n"
6fc6879b
JM		 78#ifdef EAP_TLS_OPENSSL
79"\nThis product includes software developed by the OpenSSL Project\n"
80"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81#endif /* EAP_TLS_OPENSSL */
82;
83
84#ifndef CONFIG_NO_STDOUT_DEBUG
85/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 86const char *const wpa_supplicant_full_license1 =
331f89ff 87"";
8b423edb 88const char *const wpa_supplicant_full_license2 =
331f89ff 89"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 90"\n"
91"Redistribution and use in source and binary forms, with or without\n"
92"modification, are permitted provided that the following conditions are\n"
93"met:\n"
94"\n";
8b423edb 95const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 96"1. Redistributions of source code must retain the above copyright\n"
97" notice, this list of conditions and the following disclaimer.\n"
98"\n"
99"2. Redistributions in binary form must reproduce the above copyright\n"
100" notice, this list of conditions and the following disclaimer in the\n"
101" documentation and/or other materials provided with the distribution.\n"
102"\n";
8b423edb 103const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 104"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105" names of its contributors may be used to endorse or promote products\n"
106" derived from this software without specific prior written permission.\n"
107"\n"
108"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 112const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 113"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120"\n";
121#endif /* CONFIG_NO_STDOUT_DEBUG */
122
b04854ce
AP		 123
124static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 125#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 128#ifdef CONFIG_OWE
129static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130#endif /* CONFIG_OWE */
b04854ce
AP		 131
132
6fc6879b 133/* Configure default/group WEP keys for static WEP */
0194fedb 134int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 135{
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
0382097e 143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 144 i, i == ssid->wep_tx_keyidx, NULL, 0,
a919a260
AW		 145 ssid->wep_key[i], ssid->wep_key_len[i],
146 i == ssid->wep_tx_keyidx ?
147 KEY_FLAG_GROUP_RX_TX_DEFAULT :
148 KEY_FLAG_GROUP_RX_TX);
6fc6879b
JM		 149 }
150
151 return set;
152}
153
154
6ea1f413
JM		 155int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
156 struct wpa_ssid *ssid)
6fc6879b
JM		 157{
158 u8 key[32];
159 size_t keylen;
71934751 160 enum wpa_alg alg;
6fc6879b 161 u8 seq[6] = { 0 };
658da804 162 int ret;
6fc6879b
JM		 163
164 /* IBSS/WPA-None uses only one key (Group) for both receiving and
165 * sending unicast and multicast packets. */
166
d7dcba70 167 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
169 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 170 return -1;
171 }
172
173 if (!ssid->psk_set) {
f049052b
BG		 174 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
175 "WPA-None");
6fc6879b
JM		 176 return -1;
177 }
178
179 switch (wpa_s->group_cipher) {
180 case WPA_CIPHER_CCMP:
181 os_memcpy(key, ssid->psk, 16);
182 keylen = 16;
183 alg = WPA_ALG_CCMP;
184 break;
eb7719ff
JM		 185 case WPA_CIPHER_GCMP:
186 os_memcpy(key, ssid->psk, 16);
187 keylen = 16;
188 alg = WPA_ALG_GCMP;
189 break;
6fc6879b
JM		 190 case WPA_CIPHER_TKIP:
191 /* WPA-None uses the same Michael MIC key for both TX and RX */
192 os_memcpy(key, ssid->psk, 16 + 8);
193 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
194 keylen = 32;
195 alg = WPA_ALG_TKIP;
196 break;
197 default:
f049052b
BG		 198 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
199 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 200 return -1;
201 }
202
203 /* TODO: should actually remember the previously used seq#, both for TX
204 * and RX from each STA.. */
205
a919a260
AW		 206 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
207 KEY_FLAG_GROUP_RX_TX_DEFAULT);
658da804
JM		 208 os_memset(key, 0, sizeof(key));
209 return ret;
6fc6879b
JM		 210}
211
212
213static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
214{
215 struct wpa_supplicant *wpa_s = eloop_ctx;
216 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 217 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
218 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
219 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 220 bssid = wpa_s->pending_bssid;
221 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
222 MAC2STR(bssid));
223 wpa_blacklist_add(wpa_s, bssid);
224 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 225 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 226 wpa_s->reassociate = 1;
48b84f18
BG		 227
228 /*
229 * If we timed out, the AP or the local radio may be busy.
230 * So, wait a second until scanning again.
231 */
232 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 233}
234
235
236/**
237 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
238 * @wpa_s: Pointer to wpa_supplicant data
239 * @sec: Number of seconds after which to time out authentication
240 * @usec: Number of microseconds after which to time out authentication
241 *
242 * This function is used to schedule a timeout for the current authentication
243 * attempt.
244 */
245void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
246 int sec, int usec)
247{
a2a535f8 248 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 249 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 250 return;
251
f049052b 252 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 253 "%d usec", sec, usec);
254 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 255 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 256 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
257}
258
259
37547ad6
DL		 260/*
261 * wpas_auth_timeout_restart - Restart and change timeout for authentication
262 * @wpa_s: Pointer to wpa_supplicant data
263 * @sec_diff: difference in seconds applied to original timeout value
264 */
265void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
266{
267 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
268
269 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
270 wpa_dbg(wpa_s, MSG_DEBUG,
271 "Authentication timeout restart: %d sec", new_sec);
272 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
273 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
274 wpa_s, NULL);
275 }
276}
277
278
6fc6879b
JM		 279/**
280 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
281 * @wpa_s: Pointer to wpa_supplicant data
282 *
283 * This function is used to cancel authentication timeout scheduled with
284 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
285 * been completed.
286 */
287void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
288{
f049052b 289 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 290 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
291 wpa_blacklist_del(wpa_s, wpa_s->bssid);
af835d75
AB		 292 os_free(wpa_s->last_con_fail_realm);
293 wpa_s->last_con_fail_realm = NULL;
294 wpa_s->last_con_fail_realm_len = 0;
6fc6879b
JM		 295}
296
297
298/**
299 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
300 * @wpa_s: Pointer to wpa_supplicant data
301 *
302 * This function is used to configure EAPOL state machine based on the selected
303 * authentication mode.
304 */
305void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
306{
307#ifdef IEEE8021X_EAPOL
308 struct eapol_config eapol_conf;
309 struct wpa_ssid *ssid = wpa_s->current_ssid;
310
53895c3b 311#ifdef CONFIG_IBSS_RSN
d7dcba70 312 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 313 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
314 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
315 /*
316 * RSN IBSS authentication is per-STA and we can disable the
317 * per-BSSID EAPOL authentication.
318 */
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
321 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
322 return;
323 }
324#endif /* CONFIG_IBSS_RSN */
325
0a40ec6a
JM		 326 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
328
6fc6879b
JM		 329 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
330 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
331 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
332 else
333 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
334
335 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
337 eapol_conf.accept_802_1x_keys = 1;
338 eapol_conf.required_keys = 0;
339 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
340 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
341 }
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
343 eapol_conf.required_keys |=
344 EAPOL_REQUIRE_KEY_BROADCAST;
345 }
346
a2a535f8 347 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 348 eapol_conf.required_keys = 0;
6fc6879b 349 }
a2a535f8 350 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 351 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 352 eapol_conf.eap_disabled =
353 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 354 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
355 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 356 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 357
358#ifdef CONFIG_WPS
359 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
360 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
361 if (wpa_s->current_bss) {
362 struct wpabuf *ie;
363 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
364 WPS_IE_VENDOR_TYPE);
365 if (ie) {
366 if (wps_is_20(ie))
367 eapol_conf.wps |=
368 EAPOL_PEER_IS_WPS20_AP;
369 wpabuf_free(ie);
370 }
371 }
372 }
373#endif /* CONFIG_WPS */
374
6fc6879b 375 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 376
ad51731a
SD		 377#ifdef CONFIG_MACSEC
378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
379 ieee802_1x_create_preshared_mka(wpa_s, ssid);
380 else
381 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
382#endif /* CONFIG_MACSEC */
cd3153a9 383#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 384}
385
386
387/**
388 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
389 * @wpa_s: Pointer to wpa_supplicant data
390 * @ssid: Configuration data for the network
391 *
392 * This function is used to configure WPA state machine and related parameters
393 * to a mode where WPA is not enabled. This is called as part of the
394 * authentication configuration when the selected network does not use WPA.
395 */
396void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
397 struct wpa_ssid *ssid)
398{
399 int i;
400
ad08c363
JM		 401 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
402 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
403 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 404 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
405 else
406 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
407 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
408 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
146889e3 409 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
6fc6879b 410 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 411 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
412 wpa_s->rsnxe_len = 0;
6fc6879b
JM		 413 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
414 wpa_s->group_cipher = WPA_CIPHER_NONE;
415 wpa_s->mgmt_group_cipher = 0;
416
417 for (i = 0; i < NUM_WEP_KEYS; i++) {
418 if (ssid->wep_key_len[i] > 5) {
419 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
420 wpa_s->group_cipher = WPA_CIPHER_WEP104;
421 break;
422 } else if (ssid->wep_key_len[i] > 0) {
423 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
424 wpa_s->group_cipher = WPA_CIPHER_WEP40;
425 break;
426 }
427 }
428
429 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
431 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
432 wpa_s->pairwise_cipher);
433 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
6fc6879b
JM		 434 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
435 wpa_s->mgmt_group_cipher);
6fc6879b
JM		 436
437 pmksa_cache_clear_current(wpa_s->wpa);
438}
439
440
6979582c 441void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 442{
443 int i;
444 if (wpa_s->hw.modes == NULL)
445 return;
446
447 for (i = 0; i < wpa_s->hw.num_modes; i++) {
448 os_free(wpa_s->hw.modes[i].channels);
449 os_free(wpa_s->hw.modes[i].rates);
450 }
451
452 os_free(wpa_s->hw.modes);
453 wpa_s->hw.modes = NULL;
454}
455
456
19677b77 457void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
dd599908
AS		 458{
459 struct wpa_bss_tmp_disallowed *bss, *prev;
460
461 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
462 struct wpa_bss_tmp_disallowed, list) {
b04854ce 463 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 464 dl_list_del(&bss->list);
465 os_free(bss);
466 }
467}
468
469
5732b770
JM		 470void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
471{
472 struct fils_hlp_req *req;
473
474 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
475 list)) != NULL) {
476 dl_list_del(&req->list);
477 wpabuf_free(req->pkt);
478 os_free(req);
479 }
480}
481
482
ad2f0966
JM		 483void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
484{
485 struct wpa_supplicant *wpa_s = eloop_ctx;
486
487 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
488 return;
489 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
490 wpa_bss_flush(wpa_s);
491}
492
493
6c570193
JM		 494#ifdef CONFIG_TESTING_OPTIONS
495void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
496{
497 struct driver_signal_override *dso;
498
499 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
500 struct driver_signal_override, list))) {
501 dl_list_del(&dso->list);
502 os_free(dso);
503 }
504}
505#endif /* CONFIG_TESTING_OPTIONS */
506
507
6fc6879b
JM		 508static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
509{
86bd36f0
JM		 510 int i;
511
60b94c98 512 bgscan_deinit(wpa_s);
7c865c68 513 autoscan_deinit(wpa_s);
6fc6879b
JM		 514 scard_deinit(wpa_s->scard);
515 wpa_s->scard = NULL;
516 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
517 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
518 l2_packet_deinit(wpa_s->l2);
519 wpa_s->l2 = NULL;
520 if (wpa_s->l2_br) {
521 l2_packet_deinit(wpa_s->l2_br);
522 wpa_s->l2_br = NULL;
523 }
4a6cc862
JM		 524#ifdef CONFIG_TESTING_OPTIONS
525 l2_packet_deinit(wpa_s->l2_test);
526 wpa_s->l2_test = NULL;
c06fca04
JM		 527 os_free(wpa_s->get_pref_freq_list_override);
528 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 529 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
530 wpa_s->last_assoc_req_wpa_ie = NULL;
b834e970
JM		 531 os_free(wpa_s->extra_sae_rejected_groups);
532 wpa_s->extra_sae_rejected_groups = NULL;
13256553
JM		 533 wpabuf_free(wpa_s->rsnxe_override_assoc);
534 wpa_s->rsnxe_override_assoc = NULL;
535 wpabuf_free(wpa_s->rsnxe_override_eapol);
536 wpa_s->rsnxe_override_eapol = NULL;
6c570193 537 wpas_clear_driver_signal_override(wpa_s);
4a6cc862 538#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 539
6fc6879b 540 if (wpa_s->conf != NULL) {
8e56d189
JM		 541 struct wpa_ssid *ssid;
542 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
543 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 544 }
545
546 os_free(wpa_s->confname);
547 wpa_s->confname = NULL;
548
e6304cad
DS		 549 os_free(wpa_s->confanother);
550 wpa_s->confanother = NULL;
551
af835d75
AB		 552 os_free(wpa_s->last_con_fail_realm);
553 wpa_s->last_con_fail_realm = NULL;
554 wpa_s->last_con_fail_realm_len = 0;
555
6fc6879b
JM		 556 wpa_sm_set_eapol(wpa_s->wpa, NULL);
557 eapol_sm_deinit(wpa_s->eapol);
558 wpa_s->eapol = NULL;
559
560 rsn_preauth_deinit(wpa_s->wpa);
561
281ff0aa
GP		 562#ifdef CONFIG_TDLS
563 wpa_tdls_deinit(wpa_s->wpa);
564#endif /* CONFIG_TDLS */
565
8c42b369 566 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 567 pmksa_candidate_free(wpa_s->wpa);
568 wpa_sm_deinit(wpa_s->wpa);
569 wpa_s->wpa = NULL;
570 wpa_blacklist_clear(wpa_s);
571
83922c2d 572 wpa_bss_deinit(wpa_s);
6fc6879b 573
831770bf 574 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 575 wpa_supplicant_cancel_scan(wpa_s);
576 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 577 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
578#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
579 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
580 wpa_s, NULL);
581#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 582
9bd566a3 583 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
ad2f0966 584 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
9bd566a3 585
116654ce 586 wpas_wps_deinit(wpa_s);
11ef8d35 587
1ff73338
JM		 588 wpabuf_free(wpa_s->pending_eapol_rx);
589 wpa_s->pending_eapol_rx = NULL;
590
11ef8d35
JM		 591#ifdef CONFIG_IBSS_RSN
592 ibss_rsn_deinit(wpa_s->ibss_rsn);
593 wpa_s->ibss_rsn = NULL;
594#endif /* CONFIG_IBSS_RSN */
c2a04078 595
e29853bb 596 sme_deinit(wpa_s);
2d5b792d
JM		 597
598#ifdef CONFIG_AP
599 wpa_supplicant_ap_deinit(wpa_s);
600#endif /* CONFIG_AP */
b22128ef 601
b22128ef 602 wpas_p2p_deinit(wpa_s);
f47d639d 603
24f6497c
JM		 604#ifdef CONFIG_OFFCHANNEL
605 offchannel_deinit(wpa_s);
606#endif /* CONFIG_OFFCHANNEL */
607
a4cba8f1
LC		 608 wpa_supplicant_cancel_sched_scan(wpa_s);
609
f47d639d
JM		 610 os_free(wpa_s->next_scan_freqs);
611 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 612
613 os_free(wpa_s->manual_scan_freqs);
614 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 615 os_free(wpa_s->select_network_scan_freqs);
616 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 617
d3c9c35f
DS		 618 os_free(wpa_s->manual_sched_scan_freqs);
619 wpa_s->manual_sched_scan_freqs = NULL;
620
56c76fa5
IP		 621 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
622
57e832de
IP		 623 /*
624 * Need to remove any pending gas-query radio work before the
625 * gas_query_deinit() call because gas_query::work has not yet been set
626 * for works that have not been started. gas_query_free() will be unable
627 * to cancel such pending radio works and once the pending gas-query
628 * radio work eventually gets removed, the deinit notification call to
629 * gas_query_start_cb() would result in dereferencing freed memory.
630 */
631 if (wpa_s->radio)
632 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 633 gas_query_deinit(wpa_s->gas);
634 wpa_s->gas = NULL;
461d39af
JM		 635 gas_server_deinit(wpa_s->gas_server);
636 wpa_s->gas_server = NULL;
6bf731e8
CL		 637
638 free_hw_features(wpa_s);
d445a5cd 639
dd10abcc
HW		 640 ieee802_1x_dealloc_kay_sm(wpa_s);
641
d445a5cd
JM		 642 os_free(wpa_s->bssid_filter);
643 wpa_s->bssid_filter = NULL;
b6668734 644
6407f413
JM		 645 os_free(wpa_s->disallow_aps_bssid);
646 wpa_s->disallow_aps_bssid = NULL;
647 os_free(wpa_s->disallow_aps_ssid);
648 wpa_s->disallow_aps_ssid = NULL;
649
b6668734 650 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 651#ifdef CONFIG_WNM
652 wnm_deallocate_memory(wpa_s);
653#endif /* CONFIG_WNM */
306ae225
JM		 654
655 ext_password_deinit(wpa_s->ext_pw);
656 wpa_s->ext_pw = NULL;
b1f12296
JM		 657
658 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 659 wpa_s->last_gas_resp = NULL;
660 wpabuf_free(wpa_s->prev_gas_resp);
661 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 662
663 os_free(wpa_s->last_scan_res);
664 wpa_s->last_scan_res = NULL;
b572df86
JM		 665
666#ifdef CONFIG_HS20
ece4ac5f
MG		 667 if (wpa_s->drv_priv)
668 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 669 hs20_deinit(wpa_s);
b572df86 670#endif /* CONFIG_HS20 */
86bd36f0
JM		 671
672 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
673 wpabuf_free(wpa_s->vendor_elem[i]);
674 wpa_s->vendor_elem[i] = NULL;
675 }
3882a708
JM		 676
677 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 678
679 wpa_s->sched_scan_plans_num = 0;
680 os_free(wpa_s->sched_scan_plans);
681 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 682
683#ifdef CONFIG_MBO
684 wpa_s->non_pref_chan_num = 0;
685 os_free(wpa_s->non_pref_chan);
686 wpa_s->non_pref_chan = NULL;
687#endif /* CONFIG_MBO */
dd599908
AS		 688
689 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 690
691 wpabuf_free(wpa_s->lci);
692 wpa_s->lci = NULL;
76196ddb 693 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 694
695#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
696#ifdef CONFIG_MESH
697 {
698 struct external_pmksa_cache *entry;
699
700 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
701 struct external_pmksa_cache,
702 list)) != NULL) {
703 dl_list_del(&entry->list);
704 os_free(entry->pmksa_cache);
705 os_free(entry);
706 }
707 }
708#endif /* CONFIG_MESH */
709#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 710
711 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 712
713 wpabuf_free(wpa_s->ric_ies);
714 wpa_s->ric_ies = NULL;
be27e185
JM		 715
716#ifdef CONFIG_DPP
717 wpas_dpp_deinit(wpa_s);
87d8435c
JM		 718 dpp_global_deinit(wpa_s->dpp);
719 wpa_s->dpp = NULL;
be27e185 720#endif /* CONFIG_DPP */
6fc6879b
JM		 721}
722
723
724/**
725 * wpa_clear_keys - Clear keys configured for the driver
726 * @wpa_s: Pointer to wpa_supplicant data
727 * @addr: Previously used BSSID or %NULL if not available
728 *
729 * This function clears the encryption keys that has been previously configured
730 * for the driver.
731 */
732void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
733{
7d2ed8ba 734 int i, max = 6;
2f30cac3
JM		 735
736 /* MLME-DELETEKEYS.request */
737 for (i = 0; i < max; i++) {
738 if (wpa_s->keys_cleared & BIT(i))
739 continue;
740 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
a919a260 741 NULL, 0, KEY_FLAG_GROUP);
2f30cac3
JM		 742 }
743 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
744 !is_zero_ether_addr(addr)) {
6fc6879b 745 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
a919a260 746 0, KEY_FLAG_PAIRWISE);
6fc6879b
JM		 747 /* MLME-SETPROTECTION.request(None) */
748 wpa_drv_mlme_setprotection(
749 wpa_s, addr,
750 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
751 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
752 }
2f30cac3 753 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 754}
755
756
757/**
758 * wpa_supplicant_state_txt - Get the connection state name as a text string
759 * @state: State (wpa_state; WPA_*)
760 * Returns: The state name as a printable text string
761 */
71934751 762const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 763{
764 switch (state) {
765 case WPA_DISCONNECTED:
766 return "DISCONNECTED";
767 case WPA_INACTIVE:
768 return "INACTIVE";
8401a6b0
JM		 769 case WPA_INTERFACE_DISABLED:
770 return "INTERFACE_DISABLED";
6fc6879b
JM		 771 case WPA_SCANNING:
772 return "SCANNING";
c2a04078
JM		 773 case WPA_AUTHENTICATING:
774 return "AUTHENTICATING";
6fc6879b
JM		 775 case WPA_ASSOCIATING:
776 return "ASSOCIATING";
777 case WPA_ASSOCIATED:
778 return "ASSOCIATED";
779 case WPA_4WAY_HANDSHAKE:
780 return "4WAY_HANDSHAKE";
781 case WPA_GROUP_HANDSHAKE:
782 return "GROUP_HANDSHAKE";
783 case WPA_COMPLETED:
784 return "COMPLETED";
785 default:
786 return "UNKNOWN";
787 }
788}
789
790
cfe53c9a
PS		 791#ifdef CONFIG_BGSCAN
792
793static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
794{
31392709
HD		 795 const char *name;
796
797 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
798 name = wpa_s->current_ssid->bgscan;
799 else
800 name = wpa_s->conf->bgscan;
268043d5 801 if (name == NULL || name[0] == '\0')
31392709 802 return;
0096c427
JM		 803 if (wpas_driver_bss_selection(wpa_s))
804 return;
cfe53c9a
PS		 805 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
806 return;
aa109830
DS		 807#ifdef CONFIG_P2P
808 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
809 return;
810#endif /* CONFIG_P2P */
cfe53c9a
PS		 811
812 bgscan_deinit(wpa_s);
31392709
HD		 813 if (wpa_s->current_ssid) {
814 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
816 "bgscan");
817 /*
818 * Live without bgscan; it is only used as a roaming
819 * optimization, so the initial connection is not
820 * affected.
821 */
6409b7a7
YD		 822 } else {
823 struct wpa_scan_results *scan_res;
cfe53c9a 824 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 825 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
826 0);
827 if (scan_res) {
828 bgscan_notify_scan(wpa_s, scan_res);
829 wpa_scan_results_free(scan_res);
830 }
831 }
cfe53c9a
PS		 832 } else
833 wpa_s->bgscan_ssid = NULL;
834}
835
836
837static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
838{
839 if (wpa_s->bgscan_ssid != NULL) {
840 bgscan_deinit(wpa_s);
841 wpa_s->bgscan_ssid = NULL;
842 }
843}
844
845#endif /* CONFIG_BGSCAN */
846
847
7c865c68
TB		 848static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
849{
99218999 850 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 851 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
852}
853
854
855static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
856{
857 autoscan_deinit(wpa_s);
858}
859
860
c3d12238
JM		 861void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
862{
863 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
864 wpa_s->wpa_state == WPA_SCANNING) {
865 autoscan_deinit(wpa_s);
866 wpa_supplicant_start_autoscan(wpa_s);
867 }
868}
869
870
6fc6879b
JM		 871/**
872 * wpa_supplicant_set_state - Set current connection state
873 * @wpa_s: Pointer to wpa_supplicant data
874 * @state: The new connection state
875 *
876 * This function is called whenever the connection state changes, e.g.,
877 * association is completed for WPA/WPA2 4-Way Handshake is started.
878 */
71934751
JM		 879void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
880 enum wpa_states state)
6fc6879b 881{
27f43d8d 882 enum wpa_states old_state = wpa_s->wpa_state;
a8bfc6ff
AB		 883#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
884 Boolean update_fils_connect_params = FALSE;
885#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
27f43d8d 886
f049052b
BG		 887 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
888 wpa_supplicant_state_txt(wpa_s->wpa_state),
889 wpa_supplicant_state_txt(state));
6fc6879b 890
2bbad1c7
MW		 891 if (state == WPA_COMPLETED &&
892 os_reltime_initialized(&wpa_s->roam_start)) {
893 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
894 wpa_s->roam_start.sec = 0;
895 wpa_s->roam_start.usec = 0;
896 wpas_notify_auth_changed(wpa_s);
897 wpas_notify_roam_time(wpa_s);
898 wpas_notify_roam_complete(wpa_s);
899 } else if (state == WPA_DISCONNECTED &&
900 os_reltime_initialized(&wpa_s->roam_start)) {
901 wpa_s->roam_start.sec = 0;
902 wpa_s->roam_start.usec = 0;
903 wpa_s->roam_time.sec = 0;
904 wpa_s->roam_time.usec = 0;
905 wpas_notify_roam_complete(wpa_s);
906 }
907
5ddd07cb
AS		 908 if (state == WPA_INTERFACE_DISABLED) {
909 /* Assure normal scan when interface is restored */
910 wpa_s->normal_scans = 0;
911 }
912
0cf24fda 913 if (state == WPA_COMPLETED) {
6ac4b15e 914 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 915 /* Reinitialize normal_scan counter */
916 wpa_s->normal_scans = 0;
917 }
6ac4b15e 918
07c1e987
MS		 919#ifdef CONFIG_P2P
920 /*
921 * P2PS client has to reply to Probe Request frames received on the
922 * group operating channel. Enable Probe Request frame reporting for
923 * P2P connected client in case p2p_cli_probe configuration property is
924 * set to 1.
925 */
926 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
927 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
928 wpa_s->current_ssid->p2p_group) {
929 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
930 wpa_dbg(wpa_s, MSG_DEBUG,
931 "P2P: Enable CLI Probe Request RX reporting");
932 wpa_s->p2p_cli_probe =
933 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
934 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
935 wpa_dbg(wpa_s, MSG_DEBUG,
936 "P2P: Disable CLI Probe Request RX reporting");
937 wpa_s->p2p_cli_probe = 0;
938 wpa_drv_probe_req_report(wpa_s, 0);
939 }
940 }
941#endif /* CONFIG_P2P */
942
cb8564b1
DW		 943 if (state != WPA_SCANNING)
944 wpa_supplicant_notify_scanning(wpa_s, 0);
945
6fc6879b 946 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 947 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 948 int fils_hlp_sent = 0;
949
950#ifdef CONFIG_SME
951 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
952 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
953 fils_hlp_sent = 1;
954#endif /* CONFIG_SME */
955 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
956 wpa_auth_alg_fils(wpa_s->auth_alg))
957 fils_hlp_sent = 1;
958
7d37a357 959#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 960 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 961 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 962 MAC2STR(wpa_s->bssid),
6fc6879b 963 ssid ? ssid->id : -1,
da6a28ba
VK		 964 ssid && ssid->id_str ? ssid->id_str : "",
965 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 966#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 967 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 968 wpa_blacklist_clear(wpa_s);
f1a52633 969 wpa_s->extra_blacklist_count = 0;
6fc6879b 970 wpa_s->new_connection = 0;
6fc6879b 971 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 972#ifndef IEEE8021X_EAPOL
973 wpa_drv_set_supp_port(wpa_s, 1);
974#endif /* IEEE8021X_EAPOL */
17a4734d 975 wpa_s->after_wps = 0;
4d9fb08d 976 wpa_s->known_wps_freq = 0;
b22128ef 977 wpas_p2p_completed(wpa_s);
c3701c66
RM		 978
979 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 980
981#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
982 if (!fils_hlp_sent && ssid && ssid->eap.erp)
a8bfc6ff 983 update_fils_connect_params = TRUE;
6338c99e 984#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 985#ifdef CONFIG_OWE
986 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
987 wpas_update_owe_connect_params(wpa_s);
988#endif /* CONFIG_OWE */
6fc6879b
JM		 989 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
990 state == WPA_ASSOCIATED) {
991 wpa_s->new_connection = 1;
992 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 993#ifndef IEEE8021X_EAPOL
994 wpa_drv_set_supp_port(wpa_s, 0);
995#endif /* IEEE8021X_EAPOL */
c3701c66 996 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 997 }
998 wpa_s->wpa_state = state;
27f43d8d 999
cfe53c9a
PS		 1000#ifdef CONFIG_BGSCAN
1001 if (state == WPA_COMPLETED)
1002 wpa_supplicant_start_bgscan(wpa_s);
37271232 1003 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 1004 wpa_supplicant_stop_bgscan(wpa_s);
1005#endif /* CONFIG_BGSCAN */
1006
bce3d4f7 1007 if (state > WPA_SCANNING)
7c865c68
TB		 1008 wpa_supplicant_stop_autoscan(wpa_s);
1009
1010 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1011 wpa_supplicant_start_autoscan(wpa_s);
1012
fecc2bb5
EP		 1013 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1014 wmm_ac_notify_disassoc(wpa_s);
1015
5bbf9f10 1016 if (wpa_s->wpa_state != old_state) {
27f43d8d 1017 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 1018
e3bd6e9d
IP		 1019 /*
1020 * Notify the P2P Device interface about a state change in one
1021 * of the interfaces.
1022 */
1023 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 1024
5bbf9f10
PS		 1025 if (wpa_s->wpa_state == WPA_COMPLETED ||
1026 old_state == WPA_COMPLETED)
1027 wpas_notify_auth_changed(wpa_s);
16ef233b
JM		 1028#ifdef CONFIG_DPP2
1029 if (wpa_s->wpa_state == WPA_COMPLETED)
1030 wpas_dpp_connected(wpa_s);
1031#endif /* CONFIG_DPP2 */
5bbf9f10 1032 }
a8bfc6ff
AB		 1033#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1034 if (update_fils_connect_params)
1035 wpas_update_fils_connect_params(wpa_s);
1036#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 1037}
1038
1039
1a1bf008
JM		 1040void wpa_supplicant_terminate_proc(struct wpa_global *global)
1041{
1042 int pending = 0;
1043#ifdef CONFIG_WPS
1044 struct wpa_supplicant *wpa_s = global->ifaces;
1045 while (wpa_s) {
ab41595f 1046 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 1047 if (wpas_wps_terminate_pending(wpa_s) == 1)
1048 pending = 1;
20625e97
JM		 1049#ifdef CONFIG_P2P
1050 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1051 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1052 wpas_p2p_disconnect(wpa_s);
1053#endif /* CONFIG_P2P */
ab41595f 1054 wpa_s = next;
1a1bf008
JM		 1055 }
1056#endif /* CONFIG_WPS */
1057 if (pending)
1058 return;
1059 eloop_terminate();
1060}
1061
1062
0456ea16 1063static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 1064{
0456ea16 1065 struct wpa_global *global = signal_ctx;
1a1bf008 1066 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1067}
1068
1069
b22128ef 1070void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 1071{
71934751 1072 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 1073
6fc6879b
JM		 1074 wpa_s->pairwise_cipher = 0;
1075 wpa_s->group_cipher = 0;
1076 wpa_s->mgmt_group_cipher = 0;
1077 wpa_s->key_mgmt = 0;
8401a6b0 1078 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1079 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1080
1081 if (wpa_s->wpa_state != old_state)
1082 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1083}
1084
1085
1086/**
1087 * wpa_supplicant_reload_configuration - Reload configuration data
1088 * @wpa_s: Pointer to wpa_supplicant data
1089 * Returns: 0 on success or -1 if configuration parsing failed
1090 *
1091 * This function can be used to request that the configuration data is reloaded
1092 * (e.g., after configuration file change). This function is reloading
1093 * configuration only for one interface, so this may need to be called multiple
1094 * times if %wpa_supplicant is controlling multiple interfaces and all
1095 * interfaces need reconfiguration.
1096 */
1097int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1098{
1099 struct wpa_config *conf;
1100 int reconf_ctrl;
8bac466b
JM		 1101 int old_ap_scan;
1102
6fc6879b
JM		 1103 if (wpa_s->confname == NULL)
1104 return -1;
e6304cad 1105 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1106 if (conf == NULL) {
1107 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1108 "file '%s' - exiting", wpa_s->confname);
1109 return -1;
1110 }
3bd35b68
JM		 1111 if (wpa_s->confanother &&
1112 !wpa_config_read(wpa_s->confanother, conf)) {
1113 wpa_msg(wpa_s, MSG_ERROR,
1114 "Failed to parse the configuration file '%s' - exiting",
1115 wpa_s->confanother);
1116 return -1;
1117 }
e6304cad 1118
611aea7d 1119 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1120
1121 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1122 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1123 os_strcmp(conf->ctrl_interface,
1124 wpa_s->conf->ctrl_interface) != 0);
1125
1126 if (reconf_ctrl && wpa_s->ctrl_iface) {
1127 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1128 wpa_s->ctrl_iface = NULL;
1129 }
1130
1131 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1132 if (wpa_s->current_ssid) {
e66bcedd
JM		 1133 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1134 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1135 wpa_supplicant_deauthenticate(wpa_s,
1136 WLAN_REASON_DEAUTH_LEAVING);
1137 }
8bac466b 1138
6fc6879b
JM		 1139 /*
1140 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1141 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1142 */
a1ea1b45 1143 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1144 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1145 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1146 /*
1147 * Clear forced success to clear EAP state for next
1148 * authentication.
1149 */
1150 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1151 }
1152 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1153 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1154 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1155 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1156 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1157
1158 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1159 wpa_config_free(wpa_s->conf);
1160 wpa_s->conf = conf;
8bac466b
JM		 1161 if (old_ap_scan != wpa_s->conf->ap_scan)
1162 wpas_notify_ap_scan_changed(wpa_s);
1163
6fc6879b
JM		 1164 if (reconf_ctrl)
1165 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1166
611aea7d
JM		 1167 wpa_supplicant_update_config(wpa_s);
1168
6fc6879b 1169 wpa_supplicant_clear_status(wpa_s);
349493bd 1170 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1171 wpa_s->reassociate = 1;
1172 wpa_supplicant_req_scan(wpa_s, 0, 0);
1173 }
f049052b 1174 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1175 return 0;
1176}
1177
1178
0456ea16 1179static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1180{
0456ea16 1181 struct wpa_global *global = signal_ctx;
6fc6879b 1182 struct wpa_supplicant *wpa_s;
6fc6879b 1183 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1184 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1185 sig);
6fc6879b 1186 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1187 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1188 }
1189 }
1248e584
LR		 1190
1191 if (wpa_debug_reopen_file() < 0) {
1192 /* Ignore errors since we cannot really do much to fix this */
1193 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1194 }
6fc6879b
JM		 1195}
1196
1197
6fc6879b
JM		 1198static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1199 struct wpa_ssid *ssid,
1200 struct wpa_ie_data *ie)
1201{
1202 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1203 if (ret) {
1204 if (ret == -2) {
1205 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1206 "from association info");
1207 }
1208 return -1;
1209 }
1210
f049052b
BG		 1211 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1212 "cipher suites");
6fc6879b
JM		 1213 if (!(ie->group_cipher & ssid->group_cipher)) {
1214 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1215 "cipher 0x%x (mask 0x%x) - reject",
1216 ie->group_cipher, ssid->group_cipher);
1217 return -1;
1218 }
1219 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1220 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1221 "cipher 0x%x (mask 0x%x) - reject",
1222 ie->pairwise_cipher, ssid->pairwise_cipher);
1223 return -1;
1224 }
1225 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1226 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1227 "management 0x%x (mask 0x%x) - reject",
1228 ie->key_mgmt, ssid->key_mgmt);
1229 return -1;
1230 }
1231
0b60b0aa 1232 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1233 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1234 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1235 "that does not support management frame protection - "
1236 "reject");
1237 return -1;
1238 }
6fc6879b
JM		 1239
1240 return 0;
1241}
1242
1243
2c129a1b
LD		 1244static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1245 int freq)
1246{
1247 if (!ie->has_group)
1248 ie->group_cipher = wpa_default_rsn_cipher(freq);
1249 if (!ie->has_pairwise)
1250 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1251 return (ie->group_cipher & ssid->group_cipher) &&
1252 (ie->pairwise_cipher & ssid->pairwise_cipher);
1253}
1254
1255
6fc6879b
JM		 1256/**
1257 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1258 * @wpa_s: Pointer to wpa_supplicant data
1259 * @bss: Scan results for the selected BSS, or %NULL if not available
1260 * @ssid: Configuration data for the selected network
1261 * @wpa_ie: Buffer for the WPA/RSN IE
1262 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1263 * used buffer length in case the functions returns success.
1264 * Returns: 0 on success or -1 on failure
1265 *
1266 * This function is used to configure authentication and encryption parameters
1267 * based on the network configuration and scan result for the selected BSS (if
1268 * available).
1269 */
1270int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1271 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1272 u8 *wpa_ie, size_t *wpa_ie_len)
1273{
1274 struct wpa_ie_data ie;
e36a5894 1275 int sel, proto, sae_pwe;
146889e3 1276 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
6fc6879b
JM		 1277
1278 if (bss) {
6fa81a3b
JM		 1279 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1280 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
146889e3 1281 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
df0f01d9 1282 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
146889e3
JM		 1283 } else {
1284 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1285 }
6fc6879b
JM		 1286
1287 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1288 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
2c129a1b 1289 matching_ciphers(ssid, &ie, bss->freq) &&
6fc6879b 1290 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1291 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1292 proto = WPA_PROTO_RSN;
1293 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1294 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1295 (ie.group_cipher & ssid->group_cipher) &&
1296 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1297 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1298 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1299 proto = WPA_PROTO_WPA;
df0f01d9 1300#ifdef CONFIG_HS20
dc673aec
JM		 1301 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1302 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1303 (ie.group_cipher & ssid->group_cipher) &&
1304 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1305 (ie.key_mgmt & ssid->key_mgmt)) {
df0f01d9 1306 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
df0f01d9 1307 proto = WPA_PROTO_OSEN;
f5a60216
JM		 1308 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1309 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1310 (ie.group_cipher & ssid->group_cipher) &&
1311 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1312 (ie.key_mgmt & ssid->key_mgmt)) {
1313 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1314 proto = WPA_PROTO_RSN;
df0f01d9 1315#endif /* CONFIG_HS20 */
6fc6879b
JM		 1316 } else if (bss) {
1317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1318 wpa_dbg(wpa_s, MSG_DEBUG,
1319 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1320 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1321 ssid->key_mgmt);
1322 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1323 MAC2STR(bss->bssid),
1324 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1325 bss_wpa ? " WPA" : "",
1326 bss_rsn ? " RSN" : "",
1327 bss_osen ? " OSEN" : "");
1328 if (bss_rsn) {
1329 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1330 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1331 wpa_dbg(wpa_s, MSG_DEBUG,
1332 "Could not parse RSN element");
1333 } else {
1334 wpa_dbg(wpa_s, MSG_DEBUG,
1335 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1336 ie.pairwise_cipher, ie.group_cipher,
1337 ie.key_mgmt);
1338 }
1339 }
1340 if (bss_wpa) {
1341 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1342 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1343 wpa_dbg(wpa_s, MSG_DEBUG,
1344 "Could not parse WPA element");
1345 } else {
1346 wpa_dbg(wpa_s, MSG_DEBUG,
1347 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1348 ie.pairwise_cipher, ie.group_cipher,
1349 ie.key_mgmt);
1350 }
1351 }
6fc6879b
JM		 1352 return -1;
1353 } else {
df0f01d9
JM		 1354 if (ssid->proto & WPA_PROTO_OSEN)
1355 proto = WPA_PROTO_OSEN;
1356 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1357 proto = WPA_PROTO_RSN;
1358 else
1359 proto = WPA_PROTO_WPA;
1360 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1361 os_memset(&ie, 0, sizeof(ie));
1362 ie.group_cipher = ssid->group_cipher;
1363 ie.pairwise_cipher = ssid->pairwise_cipher;
1364 ie.key_mgmt = ssid->key_mgmt;
61a56c14
JM		 1365 ie.mgmt_group_cipher = 0;
1366 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1367 if (ssid->group_mgmt_cipher &
1368 WPA_CIPHER_BIP_GMAC_256)
1369 ie.mgmt_group_cipher =
1370 WPA_CIPHER_BIP_GMAC_256;
1371 else if (ssid->group_mgmt_cipher &
1372 WPA_CIPHER_BIP_CMAC_256)
1373 ie.mgmt_group_cipher =
1374 WPA_CIPHER_BIP_CMAC_256;
1375 else if (ssid->group_mgmt_cipher &
1376 WPA_CIPHER_BIP_GMAC_128)
1377 ie.mgmt_group_cipher =
1378 WPA_CIPHER_BIP_GMAC_128;
1379 else
1380 ie.mgmt_group_cipher =
1381 WPA_CIPHER_AES_128_CMAC;
1382 }
c1790a5f
JM		 1383#ifdef CONFIG_OWE
1384 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1385 !ssid->owe_only &&
1386 !bss_wpa && !bss_rsn && !bss_osen) {
1387 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1388 wpa_s->wpa_proto = 0;
9f8d459d 1389 *wpa_ie_len = 0;
c1790a5f
JM		 1390 return 0;
1391 }
1392#endif /* CONFIG_OWE */
f049052b
BG		 1393 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1394 "based on configuration");
6fc6879b
JM		 1395 } else
1396 proto = ie.proto;
1397 }
1398
f049052b
BG		 1399 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1400 "pairwise %d key_mgmt %d proto %d",
1401 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b 1402 if (ssid->ieee80211w) {
f049052b
BG		 1403 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1404 ie.mgmt_group_cipher);
6fc6879b 1405 }
6fc6879b 1406
64fa840a 1407 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1408 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1409 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1410 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1411
1412 if (bss || !wpa_s->ap_ies_from_associnfo) {
1413 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1414 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1415 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
146889e3
JM		 1416 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1417 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1418 bss_rsnx ? 2 + bss_rsnx[1] : 0))
6fc6879b
JM		 1419 return -1;
1420 }
1421
9e68742e
JM		 1422#ifdef CONFIG_NO_WPA
1423 wpa_s->group_cipher = WPA_CIPHER_NONE;
1424 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1425#else /* CONFIG_NO_WPA */
6fc6879b 1426 sel = ie.group_cipher & ssid->group_cipher;
853bd19f
JM		 1427 wpa_dbg(wpa_s, MSG_DEBUG,
1428 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1429 ie.group_cipher, ssid->group_cipher, sel);
edbd2a19
JM		 1430 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1431 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1432 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1433 "cipher");
6fc6879b
JM		 1434 return -1;
1435 }
edbd2a19
JM		 1436 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1437 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1438
1439 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
853bd19f
JM		 1440 wpa_dbg(wpa_s, MSG_DEBUG,
1441 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1442 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
edbd2a19
JM		 1443 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1444 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1445 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1446 "cipher");
6fc6879b
JM		 1447 return -1;
1448 }
edbd2a19
JM		 1449 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1450 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1451#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1452
1453 sel = ie.key_mgmt & ssid->key_mgmt;
853bd19f
JM		 1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1456 ie.key_mgmt, ssid->key_mgmt, sel);
c10347f2
JM		 1457#ifdef CONFIG_SAE
1458 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1459 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1460#endif /* CONFIG_SAE */
23dc196f
MW		 1461#ifdef CONFIG_IEEE80211R
1462 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1463 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1464 sel &= ~WPA_KEY_MGMT_FT;
1465#endif /* CONFIG_IEEE80211R */
6fc6879b 1466 if (0) {
6d77014e
JM		 1467#ifdef CONFIG_IEEE80211R
1468#ifdef CONFIG_SHA384
dd0153fc
MW		 1469 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1470 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6d77014e
JM		 1471 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1472 wpa_dbg(wpa_s, MSG_DEBUG,
1473 "WPA: using KEY_MGMT FT/802.1X-SHA384");
9083ef13
JM		 1474 if (!ssid->ft_eap_pmksa_caching &&
1475 pmksa_cache_get_current(wpa_s->wpa)) {
1476 /* PMKSA caching with FT may have interoperability
1477 * issues, so disable that case by default for now. */
6d77014e
JM		 1478 wpa_dbg(wpa_s, MSG_DEBUG,
1479 "WPA: Disable PMKSA caching for FT/802.1X connection");
1480 pmksa_cache_clear_current(wpa_s->wpa);
1481 }
1482#endif /* CONFIG_SHA384 */
1483#endif /* CONFIG_IEEE80211R */
5e3b5197
JM		 1484#ifdef CONFIG_SUITEB192
1485 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1486 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1487 wpa_dbg(wpa_s, MSG_DEBUG,
1488 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1489#endif /* CONFIG_SUITEB192 */
1490#ifdef CONFIG_SUITEB
666497c8
JM		 1491 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1492 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1493 wpa_dbg(wpa_s, MSG_DEBUG,
1494 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1495#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1496#ifdef CONFIG_FILS
1497#ifdef CONFIG_IEEE80211R
1498 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1499 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1500 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1501 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1502 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1503 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1504#endif /* CONFIG_IEEE80211R */
1505 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1506 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1507 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1508 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1509 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1510 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1511#endif /* CONFIG_FILS */
6fc6879b 1512#ifdef CONFIG_IEEE80211R
dd0153fc
MW		 1513 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1514 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6fc6879b 1515 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1516 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
9083ef13
JM		 1517 if (!ssid->ft_eap_pmksa_caching &&
1518 pmksa_cache_get_current(wpa_s->wpa)) {
1519 /* PMKSA caching with FT may have interoperability
1520 * issues, so disable that case by default for now. */
833bb2ab
JM		 1521 wpa_dbg(wpa_s, MSG_DEBUG,
1522 "WPA: Disable PMKSA caching for FT/802.1X connection");
1523 pmksa_cache_clear_current(wpa_s->wpa);
1524 }
6fc6879b 1525#endif /* CONFIG_IEEE80211R */
dd6c5980
JM		 1526#ifdef CONFIG_DPP
1527 } else if (sel & WPA_KEY_MGMT_DPP) {
1528 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1529 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1530#endif /* CONFIG_DPP */
c10347f2 1531#ifdef CONFIG_SAE
c10347f2
JM		 1532 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1533 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1534 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
76fd782a
JM		 1535 } else if (sel & WPA_KEY_MGMT_SAE) {
1536 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1537 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
c10347f2 1538#endif /* CONFIG_SAE */
9af1eea3
JM		 1539#ifdef CONFIG_IEEE80211R
1540 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1541 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1542 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1543#endif /* CONFIG_IEEE80211R */
56586197
JM		 1544 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1545 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1546 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1547 "WPA: using KEY_MGMT 802.1X with SHA256");
1548 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1549 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1550 wpa_dbg(wpa_s, MSG_DEBUG,
56586197 1551 "WPA: using KEY_MGMT PSK with SHA256");
6fc6879b
JM		 1552 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1553 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1554 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1555 } else if (sel & WPA_KEY_MGMT_PSK) {
1556 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1557 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1558 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1559 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1560 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1561#ifdef CONFIG_HS20
1562 } else if (sel & WPA_KEY_MGMT_OSEN) {
1563 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1564 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1565#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1566#ifdef CONFIG_OWE
1567 } else if (sel & WPA_KEY_MGMT_OWE) {
1568 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1569 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1570#endif /* CONFIG_OWE */
6fc6879b 1571 } else {
f049052b
BG		 1572 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1573 "authenticated key management type");
6fc6879b
JM		 1574 return -1;
1575 }
1576
1577 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1578 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1579 wpa_s->pairwise_cipher);
1580 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1581
ae05b6a2
JM		 1582 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1583 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1584 wpa_msg(wpa_s, MSG_INFO,
1585 "RSN: Management frame protection required but the selected AP does not enable it");
1586 return -1;
1587 }
1588
6fc6879b 1589 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1590 if (ssid->group_mgmt_cipher)
1591 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1592 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1593 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b 1594 sel = 0;
853bd19f
JM		 1595 wpa_dbg(wpa_s, MSG_DEBUG,
1596 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1597 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
6fc6879b
JM		 1598 if (sel & WPA_CIPHER_AES_128_CMAC) {
1599 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1600 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1601 "AES-128-CMAC");
8dd9f9cd
JM		 1602 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1603 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1604 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1605 "BIP-GMAC-128");
1606 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1607 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1608 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1609 "BIP-GMAC-256");
1610 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1611 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1612 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1613 "BIP-CMAC-256");
6fc6879b
JM		 1614 } else {
1615 wpa_s->mgmt_group_cipher = 0;
f049052b 1616 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1617 }
1618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1619 wpa_s->mgmt_group_cipher);
62d49803 1620 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1621 wpas_get_ssid_pmf(wpa_s, ssid));
55c12f5d
MV		 1622#ifdef CONFIG_OCV
1623 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1624#endif /* CONFIG_OCV */
e36a5894 1625 sae_pwe = wpa_s->conf->sae_pwe;
641d79f1 1626 if (ssid->sae_password_id && sae_pwe != 3)
e36a5894
JM		 1627 sae_pwe = 1;
1628 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
6fc6879b
JM		 1629
1630 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1631 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1632 return -1;
1633 }
1634
6d6c8877
JM		 1635 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1636 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1637 &wpa_s->rsnxe_len)) {
1638 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1639 return -1;
1640 }
1641
dd6c5980
JM		 1642 if (0) {
1643#ifdef CONFIG_DPP
1644 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1645 /* Use PMK from DPP network introduction (PMKSA entry) */
1646 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1647#endif /* CONFIG_DPP */
1648 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1649 int psk_set = 0;
06b1a104 1650 int sae_only;
a52410c2 1651
06b1a104
JM		 1652 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1653 WPA_KEY_MGMT_FT_PSK |
1654 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1655
1656 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1657 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1658 ssid->psk, PMK_LEN);
70c93963
MH		 1659 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1660 NULL);
a52410c2
JM		 1661 psk_set = 1;
1662 }
a34ca59e 1663
06b1a104
JM		 1664 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1665 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1666 psk_set = 1;
1667
7d232e23
ZC		 1668#ifndef CONFIG_NO_PBKDF2
1669 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1670 ssid->passphrase && !sae_only) {
7d232e23 1671 u8 psk[PMK_LEN];
986de33d
JM		 1672 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1673 4096, psk, PMK_LEN);
7d232e23
ZC		 1674 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1675 psk, PMK_LEN);
70c93963 1676 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1677 psk_set = 1;
e886c88e 1678 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1679 }
1680#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1681#ifdef CONFIG_EXT_PASSWORD
06b1a104 1682 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1683 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1684 ssid->ext_psk);
1685 char pw_str[64 + 1];
1686 u8 psk[PMK_LEN];
1687
1688 if (pw == NULL) {
1689 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1690 "found from external storage");
1691 return -1;
1692 }
1693
1694 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1695 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1696 "PSK length %d in external storage",
1697 (int) wpabuf_len(pw));
1698 ext_password_free(pw);
1699 return -1;
1700 }
1701
1702 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1703 pw_str[wpabuf_len(pw)] = '\0';
1704
1705#ifndef CONFIG_NO_PBKDF2
1706 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1707 {
986de33d
JM		 1708 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1709 4096, psk, PMK_LEN);
9173b16f
JM		 1710 os_memset(pw_str, 0, sizeof(pw_str));
1711 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1712 "external passphrase)",
1713 psk, PMK_LEN);
70c93963
MH		 1714 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1715 NULL);
a52410c2 1716 psk_set = 1;
e886c88e 1717 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1718 } else
1719#endif /* CONFIG_NO_PBKDF2 */
1720 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1721 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1722 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1723 "Invalid PSK hex string");
1724 os_memset(pw_str, 0, sizeof(pw_str));
1725 ext_password_free(pw);
1726 return -1;
1727 }
66dbc8d9
JM		 1728 wpa_hexdump_key(MSG_MSGDUMP,
1729 "PSK (from external PSK)",
1730 psk, PMK_LEN);
70c93963
MH		 1731 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1732 NULL);
a52410c2 1733 psk_set = 1;
e886c88e 1734 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1735 } else {
1736 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1737 "PSK available");
1738 os_memset(pw_str, 0, sizeof(pw_str));
1739 ext_password_free(pw);
1740 return -1;
1741 }
1742
1743 os_memset(pw_str, 0, sizeof(pw_str));
1744 ext_password_free(pw);
1745 }
1746#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1747
1748 if (!psk_set) {
1749 wpa_msg(wpa_s, MSG_INFO,
1750 "No PSK available for association");
06b1a104 1751 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1752 return -1;
1753 }
675112df
JM		 1754#ifdef CONFIG_OWE
1755 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1756 /* OWE Diffie-Hellman exchange in (Re)Association
1757 * Request/Response frames set the PMK, so do not override it
1758 * here. */
1759#endif /* CONFIG_OWE */
7d232e23 1760 } else
6fc6879b
JM		 1761 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1762
1f90a49d
AW		 1763 if (ssid->mode != WPAS_MODE_IBSS &&
1764 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
1765 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
1766 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
1767 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
1768 wpa_msg(wpa_s, MSG_INFO,
1769 "Disable PTK0 rekey support - replaced with reconnect");
1770 wpa_s->deny_ptk0_rekey = 1;
1771 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
1772 } else {
1773 wpa_s->deny_ptk0_rekey = 0;
1774 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
1775 }
1776
6fc6879b
JM		 1777 return 0;
1778}
1779
1780
8cd6b7bc 1781static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1782{
8cd6b7bc 1783 *pos = 0x00;
03e47c9c 1784
8cd6b7bc
JB		 1785 switch (idx) {
1786 case 0: /* Bits 0-7 */
1787 break;
1788 case 1: /* Bits 8-15 */
d514b502
JM		 1789 if (wpa_s->conf->coloc_intf_reporting) {
1790 /* Bit 13 - Collocated Interference Reporting */
1791 *pos |= 0x20;
1792 }
8cd6b7bc
JB		 1793 break;
1794 case 2: /* Bits 16-23 */
1795#ifdef CONFIG_WNM
1796 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2e06cef8 1797 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
ef59f987 1798 *pos |= 0x08; /* Bit 19 - BSS Transition */
8cd6b7bc
JB		 1799#endif /* CONFIG_WNM */
1800 break;
1801 case 3: /* Bits 24-31 */
1802#ifdef CONFIG_WNM
1803 *pos |= 0x02; /* Bit 25 - SSID List */
1804#endif /* CONFIG_WNM */
03e47c9c 1805#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1806 if (wpa_s->conf->interworking)
1807 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1808#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1809 break;
1810 case 4: /* Bits 32-39 */
56f5af48 1811#ifdef CONFIG_INTERWORKING
1e1245bc 1812 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
429dd9af 1813 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1814#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1815 break;
1816 case 5: /* Bits 40-47 */
95a3ea94
JM		 1817#ifdef CONFIG_HS20
1818 if (wpa_s->conf->hs20)
1819 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1820#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1821#ifdef CONFIG_MBO
1822 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1823#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1824 break;
1825 case 6: /* Bits 48-55 */
1826 break;
d1723c55
LD		 1827 case 7: /* Bits 56-63 */
1828 break;
1829 case 8: /* Bits 64-71 */
1830 if (wpa_s->conf->ftm_responder)
1831 *pos |= 0x40; /* Bit 70 - FTM responder */
1832 if (wpa_s->conf->ftm_initiator)
1833 *pos |= 0x80; /* Bit 71 - FTM initiator */
1834 break;
e4d2ce1b
JM		 1835 case 9: /* Bits 72-79 */
1836#ifdef CONFIG_FILS
d98038bb 1837 if (!wpa_s->disable_fils)
1838 *pos |= 0x01;
e4d2ce1b
JM		 1839#endif /* CONFIG_FILS */
1840 break;
8cd6b7bc
JB		 1841 }
1842}
03e47c9c 1843
03e47c9c 1844
0bbaa9b9 1845int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1846{
1847 u8 *pos = buf;
e4d2ce1b 1848 u8 len = 10, i;
8cd6b7bc
JB		 1849
1850 if (len < wpa_s->extended_capa_len)
1851 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1852 if (buflen < (size_t) len + 2) {
1853 wpa_printf(MSG_INFO,
1854 "Not enough room for building extended capabilities element");
1855 return -1;
1856 }
03e47c9c
JM		 1857
1858 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1859 *pos++ = len;
1860 for (i = 0; i < len; i++, pos++) {
1861 wpas_ext_capab_byte(wpa_s, pos, i);
1862
1863 if (i < wpa_s->extended_capa_len) {
1864 *pos &= ~wpa_s->extended_capa_mask[i];
1865 *pos |= wpa_s->extended_capa[i];
1866 }
1867 }
03e47c9c 1868
3db5439a
JM		 1869 while (len > 0 && buf[1 + len] == 0) {
1870 len--;
1871 buf[1] = len;
1872 }
1873 if (len == 0)
1874 return 0;
1875
1876 return 2 + len;
03e47c9c
JM		 1877}
1878
1879
6ac4b15e
JM		 1880static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1881 struct wpa_bss *test_bss)
1882{
1883 struct wpa_bss *bss;
1884
1885 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1886 if (bss == test_bss)
1887 return 1;
1888 }
1889
1890 return 0;
1891}
1892
1893
1894static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1895 struct wpa_ssid *test_ssid)
1896{
1897 struct wpa_ssid *ssid;
1898
1899 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1900 if (ssid == test_ssid)
1901 return 1;
1902 }
1903
1904 return 0;
1905}
1906
1907
1908int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1909 struct wpa_ssid *test_ssid)
1910{
1911 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1912 return 0;
1913
1914 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1915}
1916
1917
1918void wpas_connect_work_free(struct wpa_connect_work *cwork)
1919{
1920 if (cwork == NULL)
1921 return;
1922 os_free(cwork);
1923}
1924
1925
1926void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1927{
1928 struct wpa_connect_work *cwork;
1929 struct wpa_radio_work *work = wpa_s->connect_work;
1930
1931 if (!work)
1932 return;
1933
1934 wpa_s->connect_work = NULL;
1935 cwork = work->ctx;
1936 work->ctx = NULL;
1937 wpas_connect_work_free(cwork);
1938 radio_work_done(work);
1939}
1940
1941
a313d17d 1942int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1943{
1944 struct os_reltime now;
1945 u8 addr[ETH_ALEN];
1946
1947 os_get_reltime(&now);
a313d17d
JM		 1948 if (wpa_s->last_mac_addr_style == style &&
1949 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1950 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1951 wpa_s->conf->rand_addr_lifetime)) {
1952 wpa_msg(wpa_s, MSG_DEBUG,
1953 "Previously selected random MAC address has not yet expired");
1954 return 0;
1955 }
1956
a313d17d
JM		 1957 switch (style) {
1958 case 1:
1959 if (random_mac_addr(addr) < 0)
1960 return -1;
1961 break;
1962 case 2:
1963 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1964 if (random_mac_addr_keep_oui(addr) < 0)
1965 return -1;
1966 break;
1967 default:
c267753b 1968 return -1;
a313d17d 1969 }
c267753b
JM		 1970
1971 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1972 wpa_msg(wpa_s, MSG_INFO,
1973 "Failed to set random MAC address");
1974 return -1;
1975 }
1976
1977 os_get_reltime(&wpa_s->last_mac_addr_change);
1978 wpa_s->mac_addr_changed = 1;
a313d17d 1979 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1980
1981 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1982 wpa_msg(wpa_s, MSG_INFO,
1983 "Could not update MAC address information");
1984 return -1;
1985 }
1986
1987 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1988 MAC2STR(addr));
1989
1990 return 0;
1991}
1992
1993
1994int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1995{
1996 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1997 !wpa_s->conf->preassoc_mac_addr)
1998 return 0;
1999
a313d17d 2000 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 2001}
2002
2003
05a2fb0d
JM		 2004static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
2005{
2006#ifdef CONFIG_SAE
2007 int *groups = conf->sae_groups;
2008 int default_groups[] = { 19, 20, 21, 0 };
2009 const char *password;
2010
2011 if (!groups || groups[0] <= 0)
2012 groups = default_groups;
2013
2014 password = ssid->sae_password;
2015 if (!password)
2016 password = ssid->passphrase;
2017
641d79f1
JM		 2018 if ((conf->sae_pwe == 0 && !ssid->sae_password_id) || !password ||
2019 conf->sae_pwe == 3) {
05a2fb0d
JM		 2020 /* PT derivation not needed */
2021 sae_deinit_pt(ssid->pt);
2022 ssid->pt = NULL;
2023 return;
2024 }
2025
2026 if (ssid->pt)
2027 return; /* PT already derived */
2028 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2029 (const u8 *) password, os_strlen(password),
2030 ssid->sae_password_id);
2031#endif /* CONFIG_SAE */
2032}
2033
2034
b834e970
JM		 2035static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2036{
2037#if defined(CONFIG_SAE) && defined(CONFIG_SME)
2038 os_free(wpa_s->sme.sae_rejected_groups);
2039 wpa_s->sme.sae_rejected_groups = NULL;
2040#ifdef CONFIG_TESTING_OPTIONS
2041 if (wpa_s->extra_sae_rejected_groups) {
2042 int i, *groups = wpa_s->extra_sae_rejected_groups;
2043
2044 for (i = 0; groups[i]; i++) {
2045 wpa_printf(MSG_DEBUG,
2046 "TESTING: Indicate rejection of an extra SAE group %d",
2047 groups[i]);
2048 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2049 groups[i]);
2050 }
2051 }
2052#endif /* CONFIG_TESTING_OPTIONS */
2053#endif /* CONFIG_SAE && CONFIG_SME */
2054}
2055
2056
6ac4b15e
JM		 2057static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2058
6fc6879b
JM		 2059/**
2060 * wpa_supplicant_associate - Request association
2061 * @wpa_s: Pointer to wpa_supplicant data
2062 * @bss: Scan results for the selected BSS, or %NULL if not available
2063 * @ssid: Configuration data for the selected network
2064 *
2065 * This function is used to request %wpa_supplicant to associate with a BSS.
2066 */
2067void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 2068 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 2069{
6ac4b15e 2070 struct wpa_connect_work *cwork;
a313d17d
JM		 2071 int rand_style;
2072
a8412ec9 2073 wpa_s->own_disconnect_req = 0;
1f90a49d 2074 wpa_s->own_reconnect_req = 0;
a8412ec9 2075
e7160bd8
JM		 2076 /*
2077 * If we are starting a new connection, any previously pending EAPOL
2078 * RX cannot be valid anymore.
2079 */
2080 wpabuf_free(wpa_s->pending_eapol_rx);
2081 wpa_s->pending_eapol_rx = NULL;
2082
a313d17d
JM		 2083 if (ssid->mac_addr == -1)
2084 rand_style = wpa_s->conf->mac_addr;
2085 else
2086 rand_style = ssid->mac_addr;
6fc6879b 2087
8c42b369
EP		 2088 wmm_ac_clear_saved_tspecs(wpa_s);
2089 wpa_s->reassoc_same_bss = 0;
6a5ee810 2090 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 2091#ifdef CONFIG_TESTING_OPTIONS
2092 wpa_s->testing_resend_assoc = 0;
2093#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 2094
c267753b
JM		 2095 if (wpa_s->last_ssid == ssid) {
2096 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 2097 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 2098 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2099 wmm_ac_save_tspecs(wpa_s);
2100 wpa_s->reassoc_same_bss = 1;
2bbad1c7
MW		 2101 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2102 os_get_reltime(&wpa_s->roam_start);
8c42b369 2103 }
05a2fb0d
JM		 2104 } else {
2105#ifdef CONFIG_SAE
b834e970 2106 wpa_s_clear_sae_rejected(wpa_s);
05a2fb0d
JM		 2107 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2108#endif /* CONFIG_SAE */
5d30f927
BR		 2109 }
2110
2111 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 2112 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 2113 return;
2114 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 2115 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 2116 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2117 wpa_msg(wpa_s, MSG_INFO,
2118 "Could not restore permanent MAC address");
2119 return;
2120 }
2121 wpa_s->mac_addr_changed = 0;
2122 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2123 wpa_msg(wpa_s, MSG_INFO,
2124 "Could not update MAC address information");
2125 return;
2126 }
2127 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2128 }
2129 wpa_s->last_ssid = ssid;
2130
78177a00
JM		 2131#ifdef CONFIG_IBSS_RSN
2132 ibss_rsn_deinit(wpa_s->ibss_rsn);
2133 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 2134#else /* CONFIG_IBSS_RSN */
2135 if (ssid->mode == WPAS_MODE_IBSS &&
2136 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2137 wpa_msg(wpa_s, MSG_INFO,
2138 "IBSS RSN not supported in the build");
2139 return;
2140 }
78177a00
JM		 2141#endif /* CONFIG_IBSS_RSN */
2142
2c5d725c
JM		 2143 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2144 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 2145#ifdef CONFIG_AP
2146 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 2147 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2148 "mode");
1581b38b
JM		 2149 return;
2150 }
8c981d17
DW		 2151 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2152 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 2153 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2154 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 2155 return;
2156 }
8f770587 2157 wpa_s->current_bss = bss;
1581b38b 2158#else /* CONFIG_AP */
f049052b
BG		 2159 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2160 "the build");
1581b38b
JM		 2161#endif /* CONFIG_AP */
2162 return;
2163 }
2164
603a3f34
JL		 2165 if (ssid->mode == WPAS_MODE_MESH) {
2166#ifdef CONFIG_MESH
2167 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2168 wpa_msg(wpa_s, MSG_INFO,
2169 "Driver does not support mesh mode");
2170 return;
2171 }
2172 if (bss)
2173 ssid->frequency = bss->freq;
2174 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2175 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2176 return;
2177 }
2178 wpa_s->current_bss = bss;
6174de66
JM		 2179 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2180 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2181 ssid->id);
89e9cd25 2182 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 2183#else /* CONFIG_MESH */
2184 wpa_msg(wpa_s, MSG_ERROR,
2185 "mesh mode support not included in the build");
2186#endif /* CONFIG_MESH */
2187 return;
2188 }
2189
2efc6720
JM		 2190 /*
2191 * Set WPA state machine configuration to match the selected network now
2192 * so that the information is available before wpas_start_assoc_cb()
2193 * gets called. This is needed at least for RSN pre-authentication where
2194 * candidate APs are added to a list based on scan result processing
2195 * before completion of the first association.
2196 */
2197 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2198
a0d5c56f
JM		 2199#ifdef CONFIG_DPP
2200 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2201 return;
2202#endif /* CONFIG_DPP */
2203
52c9e6f3 2204#ifdef CONFIG_TDLS
95cb2d88
JM		 2205 if (bss)
2206 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2207 bss->ie_len);
52c9e6f3
JM		 2208#endif /* CONFIG_TDLS */
2209
2e06cef8
VK		 2210#ifdef CONFIG_MBO
2211 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2212#endif /* CONFIG_MBO */
2213
5cc4d64b 2214 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
f74618cb 2215 ssid->mode == WPAS_MODE_INFRA) {
c2a04078
JM		 2216 sme_authenticate(wpa_s, bss, ssid);
2217 return;
2218 }
2219
6ac4b15e
JM		 2220 if (wpa_s->connect_work) {
2221 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2222 return;
2223 }
2224
f0e30c84
JM		 2225 if (radio_work_pending(wpa_s, "connect")) {
2226 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2227 return;
2228 }
2229
a1836de6
JM		 2230#ifdef CONFIG_SME
2231 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2232 /* Clear possibly set auth_alg, if any, from last attempt. */
2233 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2234 }
2235#endif /* CONFIG_SME */
2236
4ead7cfd
KV		 2237 wpas_abort_ongoing_scan(wpa_s);
2238
6ac4b15e
JM		 2239 cwork = os_zalloc(sizeof(*cwork));
2240 if (cwork == NULL)
2241 return;
2242
2243 cwork->bss = bss;
2244 cwork->ssid = ssid;
2245
2246 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2247 wpas_start_assoc_cb, cwork) < 0) {
2248 os_free(cwork);
2249 }
2250}
2251
2252
98479dc9
JD		 2253static int bss_is_ibss(struct wpa_bss *bss)
2254{
2255 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2256 IEEE80211_CAP_IBSS;
2257}
2258
2259
a65efbfb
PO		 2260static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2261 const struct wpa_ssid *ssid)
2262{
2263 enum hostapd_hw_mode hw_mode;
2264 struct hostapd_hw_modes *mode = NULL;
2265 u8 channel;
2266 int i;
2267
a65efbfb
PO		 2268 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2269 if (hw_mode == NUM_HOSTAPD_MODES)
2270 return 0;
2271 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2272 if (wpa_s->hw.modes[i].mode == hw_mode) {
2273 mode = &wpa_s->hw.modes[i];
2274 break;
2275 }
2276 }
2277
2278 if (!mode)
2279 return 0;
2280
2281 return mode->vht_capab != 0;
2282}
2283
2284
54fe48b9
JM		 2285void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2286 const struct wpa_ssid *ssid,
2287 struct hostapd_freq_params *freq)
1830817e 2288{
3459c54a 2289 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
1830817e
JD		 2290 enum hostapd_hw_mode hw_mode;
2291 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2292 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2293 184, 192 };
563ee183 2294 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2295 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2296 u8 channel;
98479dc9 2297 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2298 unsigned int j, k;
563ee183 2299 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2300 int chwidth, seg0, seg1;
2301 u32 vht_caps = 0;
6e711e7a 2302 int is_24ghz;
1830817e
JD		 2303
2304 freq->freq = ssid->frequency;
2305
98479dc9
JD		 2306 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2307 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2308
2309 if (ssid->mode != WPAS_MODE_IBSS)
2310 break;
2311
2312 /* Don't adjust control freq in case of fixed_freq */
2313 if (ssid->fixed_freq)
2314 break;
2315
2316 if (!bss_is_ibss(bss))
2317 continue;
2318
2319 if (ssid->ssid_len == bss->ssid_len &&
2320 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2321 wpa_printf(MSG_DEBUG,
2322 "IBSS already found in scan results, adjust control freq: %d",
2323 bss->freq);
2324 freq->freq = bss->freq;
2325 obss_scan = 0;
2326 break;
2327 }
2328 }
2329
1830817e
JD		 2330 /* For IBSS check HT_IBSS flag */
2331 if (ssid->mode == WPAS_MODE_IBSS &&
2332 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2333 return;
2334
d9a9bc04
JD		 2335 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2336 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2337 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2338 wpa_printf(MSG_DEBUG,
2339 "IBSS: WEP/TKIP detected, do not try to enable HT");
2340 return;
2341 }
2342
98479dc9 2343 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2344 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2345 if (wpa_s->hw.modes[i].mode == hw_mode) {
2346 mode = &wpa_s->hw.modes[i];
2347 break;
2348 }
2349 }
2350
2351 if (!mode)
2352 return;
2353
6e711e7a
SE		 2354 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2355 hw_mode == HOSTAPD_MODE_IEEE80211B;
3459c54a 2356
3388e7b9
MH		 2357#ifdef CONFIG_HT_OVERRIDES
2358 if (ssid->disable_ht) {
2359 freq->ht_enabled = 0;
2360 return;
2361 }
2362#endif /* CONFIG_HT_OVERRIDES */
2363
1830817e 2364 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2365 if (!freq->ht_enabled)
2366 return;
2367
6e711e7a
SE		 2368 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2369 if (is_24ghz)
2370 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2371
6b8b0774
JD		 2372 /* Setup higher BW only for 5 GHz */
2373 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2374 return;
2375
2376 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2377 pri_chan = &mode->channels[chan_idx];
2378 if (pri_chan->chan == channel)
2379 break;
2380 pri_chan = NULL;
2381 }
2382 if (!pri_chan)
2383 return;
2384
2385 /* Check primary channel flags */
2386 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2387 return;
2388
e5a9b1e8
PO		 2389 freq->channel = pri_chan->chan;
2390
05aed438 2391#ifdef CONFIG_HT_OVERRIDES
e5a9b1e8
PO		 2392 if (ssid->disable_ht40) {
2393 if (ssid->disable_vht)
2394 return;
2395 goto skip_ht40;
2396 }
05aed438
MH		 2397#endif /* CONFIG_HT_OVERRIDES */
2398
6b8b0774
JD		 2399 /* Check/setup HT40+/HT40- */
2400 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2401 if (ht40plus[j] == channel) {
2402 ht40 = 1;
2403 break;
2404 }
2405 }
2406
2407 /* Find secondary channel */
2408 for (i = 0; i < mode->num_channels; i++) {
2409 sec_chan = &mode->channels[i];
2410 if (sec_chan->chan == channel + ht40 * 4)
2411 break;
2412 sec_chan = NULL;
2413 }
2414 if (!sec_chan)
2415 return;
2416
2417 /* Check secondary channel flags */
2418 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2419 return;
2420
ecba4509 2421 if (ht40 == -1) {
6b8b0774
JD		 2422 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2423 return;
ecba4509 2424 } else {
6b8b0774
JD		 2425 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2426 return;
6b8b0774 2427 }
ecba4509 2428 freq->sec_channel_offset = ht40;
6b8b0774 2429
ecba4509 2430 if (obss_scan) {
6b8b0774
JD		 2431 struct wpa_scan_results *scan_res;
2432
2433 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2434 if (scan_res == NULL) {
2435 /* Back to HT20 */
2436 freq->sec_channel_offset = 0;
2437 return;
2438 }
2439
5f9b4afd 2440 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
6b8b0774
JD		 2441 switch (res) {
2442 case 0:
2443 /* Back to HT20 */
2444 freq->sec_channel_offset = 0;
2445 break;
2446 case 1:
2447 /* Configuration allowed */
2448 break;
2449 case 2:
2450 /* Switch pri/sec channels */
2451 freq->freq = hw_get_freq(mode, sec_chan->chan);
2452 freq->sec_channel_offset = -freq->sec_channel_offset;
2453 freq->channel = sec_chan->chan;
2454 break;
2455 default:
2456 freq->sec_channel_offset = 0;
2457 break;
2458 }
2459
2460 wpa_scan_results_free(scan_res);
2461 }
2462
e5a9b1e8
PO		 2463#ifdef CONFIG_HT_OVERRIDES
2464skip_ht40:
2465#endif /* CONFIG_HT_OVERRIDES */
6b8b0774
JD		 2466 wpa_printf(MSG_DEBUG,
2467 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2468 freq->channel, freq->sec_channel_offset);
563ee183 2469
a65efbfb 2470 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2471 return;
2472
2473 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2474 if (ssid->mode == WPAS_MODE_IBSS &&
2475 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2476 return;
2477
2478 vht_freq = *freq;
2479
b301f54e
JM		 2480#ifdef CONFIG_VHT_OVERRIDES
2481 if (ssid->disable_vht) {
2482 freq->vht_enabled = 0;
2483 return;
2484 }
2485#endif /* CONFIG_VHT_OVERRIDES */
2486
563ee183
JD		 2487 vht_freq.vht_enabled = vht_supported(mode);
2488 if (!vht_freq.vht_enabled)
2489 return;
2490
6e711e7a
SE		 2491 /* Enable HE for VHT */
2492 vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2493
563ee183
JD		 2494 /* setup center_freq1, bandwidth */
2495 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2496 if (freq->channel >= vht80[j] &&
2497 freq->channel < vht80[j] + 16)
2498 break;
2499 }
2500
2501 if (j == ARRAY_SIZE(vht80))
2502 return;
2503
2504 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2505 struct hostapd_channel_data *chan;
2506
2507 chan = hw_get_channel_chan(mode, i, NULL);
2508 if (!chan)
2509 return;
2510
2511 /* Back to HT configuration if channel not usable */
2512 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2513 return;
2514 }
2515
464dcfd0 2516 chwidth = CHANWIDTH_80MHZ;
0f29bc68
AK		 2517 seg0 = vht80[j] + 6;
2518 seg1 = 0;
2519
464dcfd0 2520 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
0f29bc68
AK		 2521 /* setup center_freq2, bandwidth */
2522 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2523 /* Only accept 80 MHz segments separated by a gap */
2524 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2525 continue;
2526 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2527 struct hostapd_channel_data *chan;
2528
2529 chan = hw_get_channel_chan(mode, i, NULL);
2530 if (!chan)
2531 continue;
2532
2533 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2534 HOSTAPD_CHAN_NO_IR |
2535 HOSTAPD_CHAN_RADAR))
2536 continue;
2537
2538 /* Found a suitable second segment for 80+80 */
464dcfd0 2539 chwidth = CHANWIDTH_80P80MHZ;
0f29bc68
AK		 2540 vht_caps |=
2541 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2542 seg1 = vht80[k] + 6;
2543 }
2544
464dcfd0 2545 if (chwidth == CHANWIDTH_80P80MHZ)
0f29bc68
AK		 2546 break;
2547 }
464dcfd0 2548 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
331f0774 2549 if (freq->freq == 5180) {
464dcfd0 2550 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2551 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2552 seg0 = 50;
2553 } else if (freq->freq == 5520) {
464dcfd0 2554 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2555 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2556 seg0 = 114;
2557 }
464dcfd0
JC		 2558 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2559 chwidth = CHANWIDTH_USE_HT;
806db174 2560 seg0 = vht80[j] + 2;
e5a9b1e8
PO		 2561#ifdef CONFIG_HT_OVERRIDES
2562 if (ssid->disable_ht40)
2563 seg0 = 0;
2564#endif /* CONFIG_HT_OVERRIDES */
0f29bc68
AK		 2565 }
2566
563ee183 2567 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
bebd91e9
AAL		 2568 freq->channel, ssid->enable_edmg,
2569 ssid->edmg_channel, freq->ht_enabled,
3459c54a 2570 vht_freq.vht_enabled, freq->he_enabled,
563ee183 2571 freq->sec_channel_offset,
3459c54a
SE		 2572 chwidth, seg0, seg1, vht_caps,
2573 &mode->he_capab[ieee80211_mode]) != 0)
563ee183
JD		 2574 return;
2575
2576 *freq = vht_freq;
2577
2578 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2579 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2580}
2581
2582
a38090b1
VK		 2583#ifdef CONFIG_FILS
2584static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2585 size_t ie_buf_len)
2586{
2587 struct fils_hlp_req *req;
2588 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2589 const u8 *pos;
2590 u8 *buf = ie_buf;
2591
2592 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2593 list) {
2594 rem_len = ie_buf_len - ie_len;
2595 pos = wpabuf_head(req->pkt);
2596 hdr_len = 1 + 2 * ETH_ALEN + 6;
2597 hlp_len = wpabuf_len(req->pkt);
2598
2599 if (rem_len < 2 + hdr_len + hlp_len) {
2600 wpa_printf(MSG_ERROR,
2601 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2602 (unsigned long) rem_len,
2603 (unsigned long) (2 + hdr_len + hlp_len));
2604 break;
2605 }
2606
2607 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2608 /* Element ID */
2609 *buf++ = WLAN_EID_EXTENSION;
2610 /* Length */
2611 *buf++ = len;
2612 /* Element ID Extension */
2613 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2614 /* Destination MAC address */
2615 os_memcpy(buf, req->dst, ETH_ALEN);
2616 buf += ETH_ALEN;
2617 /* Source MAC address */
2618 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2619 buf += ETH_ALEN;
2620 /* LLC/SNAP Header */
2621 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2622 buf += 6;
2623 /* HLP Packet */
2624 os_memcpy(buf, pos, len - hdr_len);
2625 buf += len - hdr_len;
2626 pos += len - hdr_len;
2627
2628 hlp_len -= len - hdr_len;
2629 ie_len += 2 + len;
2630 rem_len -= 2 + len;
2631
2632 while (hlp_len) {
2633 len = (hlp_len > 255) ? 255 : hlp_len;
2634 if (rem_len < 2 + len)
2635 break;
2636 *buf++ = WLAN_EID_FRAGMENT;
2637 *buf++ = len;
2638 os_memcpy(buf, pos, len);
2639 buf += len;
2640 pos += len;
2641
2642 hlp_len -= len;
2643 ie_len += 2 + len;
2644 rem_len -= 2 + len;
2645 }
2646 }
2647
2648 return ie_len;
2649}
e4802127
MH		 2650
2651
2652int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2653{
2654 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2655 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2656 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2657 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2658}
2659
2660
2661int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2662{
2663#ifdef CONFIG_FILS_SK_PFS
2664 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2665 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2666#else /* CONFIG_FILS_SK_PFS */
2667 return 0;
2668#endif /* CONFIG_FILS_SK_PFS */
2669}
2670
a38090b1
VK		 2671#endif /* CONFIG_FILS */
2672
2673
d2ba0d71
VK		 2674static u8 * wpas_populate_assoc_ies(
2675 struct wpa_supplicant *wpa_s,
2676 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2677 struct wpa_driver_associate_params *params,
2678 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2679{
1e6780bd 2680 u8 *wpa_ie;
10970465 2681 size_t max_wpa_ie_len = 500;
6ac4b15e 2682 size_t wpa_ie_len;
6ac4b15e 2683 int algs = WPA_AUTH_ALG_OPEN;
077232f6
BL		 2684#ifdef CONFIG_MBO
2685 const u8 *mbo_ie;
2686#endif
eb3234c0
SM		 2687#ifdef CONFIG_SAE
2688 int sae_pmksa_cached = 0;
2689#endif /* CONFIG_SAE */
8b0a6dba
VK		 2690#ifdef CONFIG_FILS
2691 const u8 *realm, *username, *rrk;
2692 size_t realm_len, username_len, rrk_len;
2693 u16 next_seq_num;
b377ec25 2694 struct fils_hlp_req *req;
6fc6879b 2695
b377ec25
VK		 2696 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2697 list) {
2698 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2699 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2700 }
2701#endif /* CONFIG_FILS */
8b0a6dba 2702
1e6780bd
VK		 2703 wpa_ie = os_malloc(max_wpa_ie_len);
2704 if (!wpa_ie) {
2705 wpa_printf(MSG_ERROR,
2706 "Failed to allocate connect IE buffer for %lu bytes",
2707 (unsigned long) max_wpa_ie_len);
d2ba0d71 2708 return NULL;
1e6780bd
VK		 2709 }
2710
6fa81a3b
JM		 2711 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2712 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2713 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2714 int try_opportunistic;
79f3121b
VK		 2715 const u8 *cache_id = NULL;
2716
6e202021
JM		 2717 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2718 wpa_s->conf->okc :
2719 ssid->proactive_key_caching) &&
6fc6879b 2720 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2721#ifdef CONFIG_FILS
2722 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2723 cache_id = wpa_bss_get_fils_cache_id(bss);
2724#endif /* CONFIG_FILS */
6fc6879b 2725 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2726 ssid, try_opportunistic,
eb3234c0 2727 cache_id, 0) == 0) {
ba422613 2728 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
eb3234c0
SM		 2729#ifdef CONFIG_SAE
2730 sae_pmksa_cached = 1;
2731#endif /* CONFIG_SAE */
2732 }
1e6780bd 2733 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2734 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2735 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2736 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2737 "key management and encryption suites");
1e6780bd 2738 os_free(wpa_ie);
d2ba0d71 2739 return NULL;
6fc6879b 2740 }
dc673aec
JM		 2741#ifdef CONFIG_HS20
2742 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2743 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2744 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2745 wpa_ie_len = max_wpa_ie_len;
2746 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2747 wpa_ie, &wpa_ie_len)) {
2748 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2749 "key management and encryption suites");
2750 os_free(wpa_ie);
2751 return NULL;
2752 }
2753#endif /* CONFIG_HS20 */
a3f7e518
JM		 2754 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2755 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2756 /*
2757 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2758 * use non-WPA since the scan results did not indicate that the
2759 * AP is using WPA or WPA2.
2760 */
2761 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2762 wpa_ie_len = 0;
2763 wpa_s->wpa_proto = 0;
0bf927a0 2764 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2765 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2766 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2767 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2768 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2769 "key management and encryption suites (no "
2770 "scan results)");
1e6780bd 2771 os_free(wpa_ie);
d2ba0d71 2772 return NULL;
6fc6879b 2773 }
ad08c363
JM		 2774#ifdef CONFIG_WPS
2775 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2776 struct wpabuf *wps_ie;
2777 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2778 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2779 wpa_ie_len = wpabuf_len(wps_ie);
2780 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2781 } else
2782 wpa_ie_len = 0;
ad08c363
JM		 2783 wpabuf_free(wps_ie);
2784 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2785 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2786 params->wps = WPS_MODE_PRIVACY;
0c80427d 2787 else
d2ba0d71 2788 params->wps = WPS_MODE_OPEN;
cf546f1a 2789 wpa_s->wpa_proto = 0;
ad08c363 2790#endif /* CONFIG_WPS */
6fc6879b
JM		 2791 } else {
2792 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2793 wpa_ie_len = 0;
cf546f1a 2794 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2795 }
2796
b377ec25
VK		 2797#ifdef IEEE8021X_EAPOL
2798 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2799 if (ssid->leap) {
2800 if (ssid->non_leap == 0)
2801 algs = WPA_AUTH_ALG_LEAP;
2802 else
2803 algs |= WPA_AUTH_ALG_LEAP;
2804 }
2805 }
2806
2807#ifdef CONFIG_FILS
2808 /* Clear FILS association */
2809 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2810
2811 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2812 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2813 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2814 &username_len, &realm, &realm_len,
af835d75
AB		 2815 &next_seq_num, &rrk, &rrk_len) == 0 &&
2816 (!wpa_s->last_con_fail_realm ||
2817 wpa_s->last_con_fail_realm_len != realm_len ||
2818 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
b377ec25 2819 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2820 params->fils_erp_username = username;
2821 params->fils_erp_username_len = username_len;
2822 params->fils_erp_realm = realm;
2823 params->fils_erp_realm_len = realm_len;
2824 params->fils_erp_next_seq_num = next_seq_num;
2825 params->fils_erp_rrk = rrk;
2826 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2827
2828 if (mask)
2829 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2830 }
2831#endif /* CONFIG_FILS */
2832#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2833#ifdef CONFIG_SAE
2834 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2835 algs = WPA_AUTH_ALG_SAE;
2836#endif /* CONFIG_SAE */
b377ec25
VK		 2837
2838 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2839 if (ssid->auth_alg) {
2840 algs = ssid->auth_alg;
2841 wpa_dbg(wpa_s, MSG_DEBUG,
2842 "Overriding auth_alg selection: 0x%x", algs);
2843 }
2844
eb3234c0
SM		 2845#ifdef CONFIG_SAE
2846 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2847 wpa_dbg(wpa_s, MSG_DEBUG,
2848 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2849 algs = WPA_AUTH_ALG_OPEN;
2850 }
2851#endif /* CONFIG_SAE */
2852
5f3a6aa0
JM		 2853#ifdef CONFIG_P2P
2854 if (wpa_s->global->p2p) {
2855 u8 *pos;
2856 size_t len;
2857 int res;
5f3a6aa0 2858 pos = wpa_ie + wpa_ie_len;
1e6780bd 2859 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2860 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2861 ssid->p2p_group);
5f3a6aa0
JM		 2862 if (res >= 0)
2863 wpa_ie_len += res;
2864 }
72044390
JM		 2865
2866 wpa_s->cross_connect_disallowed = 0;
2867 if (bss) {
2868 struct wpabuf *p2p;
2869 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2870 if (p2p) {
2871 wpa_s->cross_connect_disallowed =
2872 p2p_get_cross_connect_disallowed(p2p);
2873 wpabuf_free(p2p);
f049052b
BG		 2874 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2875 "connection",
2876 wpa_s->cross_connect_disallowed ?
2877 "disallows" : "allows");
72044390
JM		 2878 }
2879 }
25ef8529
JM		 2880
2881 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2882#endif /* CONFIG_P2P */
2883
5e57ba25 2884 if (bss) {
cb828507 2885 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
065c029a 2886 wpa_ie + wpa_ie_len,
1e6780bd 2887 max_wpa_ie_len -
065c029a 2888 wpa_ie_len);
5e57ba25 2889 }
5e57ba25 2890
8b3b803a
AH		 2891 /*
2892 * Workaround: Add Extended Capabilities element only if the AP
2893 * included this element in Beacon/Probe Response frames. Some older
2894 * APs seem to have interoperability issues if this element is
2895 * included, so while the standard may require us to include the
2896 * element in all cases, it is justifiable to skip it to avoid
2897 * interoperability issues.
2898 */
cc9a2575
KV		 2899 if (ssid->p2p_group)
2900 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2901 else
2902 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2903
8b3b803a 2904 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2905 u8 ext_capab[18];
8b3b803a 2906 int ext_capab_len;
0bbaa9b9
JM		 2907 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2908 sizeof(ext_capab));
2c66c7d1
AA		 2909 if (ext_capab_len > 0 &&
2910 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2911 u8 *pos = wpa_ie;
2912 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2913 pos += 2 + pos[1];
2914 os_memmove(pos + ext_capab_len, pos,
2915 wpa_ie_len - (pos - wpa_ie));
2916 wpa_ie_len += ext_capab_len;
2917 os_memcpy(pos, ext_capab, ext_capab_len);
2918 }
92cbcf91 2919 }
92cbcf91 2920
c484b198
AS		 2921#ifdef CONFIG_HS20
2922 if (is_hs20_network(wpa_s, ssid, bss)) {
2923 struct wpabuf *hs20;
2924
4204669c 2925 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2926 if (hs20) {
2927 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2928 size_t len;
2929
ec2cf403
JM		 2930 wpas_hs20_add_indication(hs20, pps_mo_id,
2931 get_hs20_version(bss));
4204669c 2932 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2933 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2934 if (wpabuf_len(hs20) <= len) {
2935 os_memcpy(wpa_ie + wpa_ie_len,
2936 wpabuf_head(hs20), wpabuf_len(hs20));
2937 wpa_ie_len += wpabuf_len(hs20);
2938 }
2939 wpabuf_free(hs20);
ece4ac5f
MG		 2940
2941 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2942 }
2943 }
2944#endif /* CONFIG_HS20 */
2945
d29fa3a7
JM		 2946 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2947 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2948 size_t len;
2949
1e6780bd 2950 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2951 if (wpabuf_len(buf) <= len) {
2952 os_memcpy(wpa_ie + wpa_ie_len,
2953 wpabuf_head(buf), wpabuf_len(buf));
2954 wpa_ie_len += wpabuf_len(buf);
2955 }
2956 }
2957
b36a3a65
AN		 2958#ifdef CONFIG_FST
2959 if (wpa_s->fst_ies) {
2960 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2961
1e6780bd 2962 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2963 os_memcpy(wpa_ie + wpa_ie_len,
2964 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2965 wpa_ie_len += fst_ies_len;
2966 }
2967 }
2968#endif /* CONFIG_FST */
2969
92c6e2e3 2970#ifdef CONFIG_MBO
077232f6 2971 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2e06cef8 2972 if (!wpa_s->disable_mbo_oce && mbo_ie) {
5e57ba25 2973 int len;
92c6e2e3 2974
5e57ba25 2975 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
077232f6
BL		 2976 max_wpa_ie_len - wpa_ie_len,
2977 !!mbo_attr_from_mbo_ie(mbo_ie,
2978 OCE_ATTR_ID_CAPA_IND));
5e57ba25
AS		 2979 if (len >= 0)
2980 wpa_ie_len += len;
92c6e2e3
DS		 2981 }
2982#endif /* CONFIG_MBO */
2983
a38090b1
VK		 2984#ifdef CONFIG_FILS
2985 if (algs == WPA_AUTH_ALG_FILS) {
2986 size_t len;
2987
2988 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2989 max_wpa_ie_len - wpa_ie_len);
2990 wpa_ie_len += len;
2991 }
2992#endif /* CONFIG_FILS */
2993
10970465 2994#ifdef CONFIG_OWE
5f30b69c
JM		 2995#ifdef CONFIG_TESTING_OPTIONS
2996 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2997 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2998 } else
2999#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 3000 if (algs == WPA_AUTH_ALG_OPEN &&
3001 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
3002 struct wpabuf *owe_ie;
2cb40e9f 3003 u16 group;
10970465 3004
2cb40e9f 3005 if (ssid->owe_group) {
10970465 3006 group = ssid->owe_group;
698c9e20
AK		 3007 } else if (wpa_s->assoc_status_code ==
3008 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2cb40e9f
JM		 3009 if (wpa_s->last_owe_group == 19)
3010 group = 20;
3011 else if (wpa_s->last_owe_group == 20)
3012 group = 21;
3013 else
3014 group = OWE_DH_GROUP;
698c9e20
AK		 3015 } else {
3016 group = OWE_DH_GROUP;
2cb40e9f 3017 }
698c9e20 3018
2cb40e9f
JM		 3019 wpa_s->last_owe_group = group;
3020 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 3021 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3022 if (owe_ie &&
3023 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3024 os_memcpy(wpa_ie + wpa_ie_len,
3025 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3026 wpa_ie_len += wpabuf_len(owe_ie);
10970465 3027 }
04879671 3028 wpabuf_free(owe_ie);
10970465
JM		 3029 }
3030#endif /* CONFIG_OWE */
3031
10ec6a5f
JM		 3032#ifdef CONFIG_DPP2
3033 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3034 ssid->dpp_netaccesskey) {
3035 dpp_pfs_free(wpa_s->dpp_pfs);
3036 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3037 ssid->dpp_netaccesskey_len);
3038 if (!wpa_s->dpp_pfs) {
3039 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3040 /* Try to continue without PFS */
3041 goto pfs_fail;
3042 }
3043 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3044 max_wpa_ie_len - wpa_ie_len) {
3045 os_memcpy(wpa_ie + wpa_ie_len,
3046 wpabuf_head(wpa_s->dpp_pfs->ie),
3047 wpabuf_len(wpa_s->dpp_pfs->ie));
3048 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3049 }
3050 }
3051pfs_fail:
3052#endif /* CONFIG_DPP2 */
3053
3dc3afe2
AM		 3054#ifdef CONFIG_IEEE80211R
3055 /*
3056 * Add MDIE under these conditions: the network profile allows FT,
3057 * the AP supports FT, and the mobility domain ID matches.
3058 */
88bf44be 3059 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3dc3afe2
AM		 3060 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3061
3062 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 3063 size_t len = 0;
3dc3afe2
AM		 3064 const u8 *md = mdie + 2;
3065 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3066
3067 if (os_memcmp(md, wpa_md,
3068 MOBILITY_DOMAIN_ID_LEN) == 0) {
3069 /* Add mobility domain IE */
86c998d3 3070 len = wpa_ft_add_mdie(
3dc3afe2
AM		 3071 wpa_s->wpa, wpa_ie + wpa_ie_len,
3072 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 3073 wpa_ie_len += len;
3dc3afe2 3074 }
86c998d3
AM		 3075#ifdef CONFIG_SME
3076 if (len > 0 && wpa_s->sme.ft_used &&
3077 wpa_sm_has_ptk(wpa_s->wpa)) {
3078 wpa_dbg(wpa_s, MSG_DEBUG,
3079 "SME: Trying to use FT over-the-air");
3080 algs |= WPA_AUTH_ALG_FT;
3081 }
3082#endif /* CONFIG_SME */
3dc3afe2
AM		 3083 }
3084 }
3085#endif /* CONFIG_IEEE80211R */
3086
13256553
JM		 3087#ifdef CONFIG_TESTING_OPTIONS
3088 if (wpa_s->rsnxe_override_assoc &&
3089 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3090 max_wpa_ie_len - wpa_ie_len) {
3091 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3092 os_memcpy(wpa_ie + wpa_ie_len,
3093 wpabuf_head(wpa_s->rsnxe_override_assoc),
3094 wpabuf_len(wpa_s->rsnxe_override_assoc));
3095 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3096 } else
3097#endif /* CONFIG_TESTING_OPTIONS */
6d6c8877
JM		 3098 if (wpa_s->rsnxe_len > 0 &&
3099 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3100 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3101 wpa_ie_len += wpa_s->rsnxe_len;
3102 }
3103
5abc7823
VN		 3104 if (ssid->multi_ap_backhaul_sta) {
3105 size_t multi_ap_ie_len;
3106
3107 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3108 max_wpa_ie_len - wpa_ie_len,
3109 MULTI_AP_BACKHAUL_STA);
3110 if (multi_ap_ie_len == 0) {
3111 wpa_printf(MSG_ERROR,
3112 "Multi-AP: Failed to build Multi-AP IE");
3113 os_free(wpa_ie);
3114 return NULL;
3115 }
3116 wpa_ie_len += multi_ap_ie_len;
3117 }
3118
d2ba0d71
VK		 3119 params->wpa_ie = wpa_ie;
3120 params->wpa_ie_len = wpa_ie_len;
3121 params->auth_alg = algs;
6338c99e
VK		 3122 if (mask)
3123 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 3124
3125 return wpa_ie;
3126}
3127
3128
e0b331d8
SD		 3129#ifdef CONFIG_OWE
3130static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3131{
3132 struct wpa_driver_associate_params params;
3133 u8 *wpa_ie;
3134
3135 os_memset(&params, 0, sizeof(params));
3136 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3137 wpa_s->current_ssid, &params, NULL);
3138 if (!wpa_ie)
3139 return;
3140
3141 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3142 os_free(wpa_ie);
3143}
3144#endif /* CONFIG_OWE */
3145
3146
6338c99e
VK		 3147#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3148static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3149{
3150 struct wpa_driver_associate_params params;
3151 enum wpa_drv_update_connect_params_mask mask = 0;
3152 u8 *wpa_ie;
3153
3154 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3155 return; /* nothing to do */
3156
3157 os_memset(&params, 0, sizeof(params));
3158 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3159 wpa_s->current_ssid, &params, &mask);
3160 if (!wpa_ie)
3161 return;
3162
3163 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3164 os_free(wpa_ie);
3165 return;
3166 }
3167
3168 wpa_s->auth_alg = params.auth_alg;
3169 wpa_drv_update_connect_params(wpa_s, &params, mask);
3170 os_free(wpa_ie);
3171}
3172#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3173
3174
a82aee1f
AAL		 3175static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3176{
3177 if (!edmg_ie || edmg_ie[1] < 6)
3178 return 0;
3179 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3180}
3181
3182
3183static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3184{
3185 if (!edmg_ie || edmg_ie[1] < 6)
3186 return 0;
3187 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3188}
3189
3190
3191/* Returns the intersection of two EDMG configurations.
3192 * Note: The current implementation is limited to CB2 only (CB1 included),
3193 * i.e., the implementation supports up to 2 contiguous channels.
3194 * For supporting non-contiguous (aggregated) channels and for supporting
3195 * CB3 and above, this function will need to be extended.
3196 */
3197static struct ieee80211_edmg_config
3198get_edmg_intersection(struct ieee80211_edmg_config a,
3199 struct ieee80211_edmg_config b,
3200 u8 primary_channel)
3201{
3202 struct ieee80211_edmg_config result;
3203 int i, contiguous = 0;
3204 int max_contiguous = 0;
3205
3206 result.channels = b.channels & a.channels;
3207 if (!result.channels) {
3208 wpa_printf(MSG_DEBUG,
3209 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3210 a.channels, b.channels);
3211 goto fail;
3212 }
3213
3214 if (!(result.channels & BIT(primary_channel - 1))) {
3215 wpa_printf(MSG_DEBUG,
3216 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3217 primary_channel, result.channels);
3218 goto fail;
3219 }
3220
3221 /* Find max contiguous channels */
3222 for (i = 0; i < 6; i++) {
3223 if (result.channels & BIT(i))
3224 contiguous++;
3225 else
3226 contiguous = 0;
3227
3228 if (contiguous > max_contiguous)
3229 max_contiguous = contiguous;
3230 }
3231
3232 /* Assuming AP and STA supports ONLY contiguous channels,
3233 * bw configuration can have value between 4-7.
3234 */
3235 if ((b.bw_config < a.bw_config))
3236 result.bw_config = b.bw_config;
3237 else
3238 result.bw_config = a.bw_config;
3239
3240 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3241 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3242 wpa_printf(MSG_DEBUG,
3243 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3244 max_contiguous);
3245 goto fail;
3246 }
3247
3248 return result;
3249
3250fail:
3251 result.channels = 0;
3252 result.bw_config = 0;
3253 return result;
3254}
3255
3256
3257static struct ieee80211_edmg_config
3258get_supported_edmg(struct wpa_supplicant *wpa_s,
3259 struct hostapd_freq_params *freq,
3260 struct ieee80211_edmg_config request_edmg)
3261{
3262 enum hostapd_hw_mode hw_mode;
3263 struct hostapd_hw_modes *mode = NULL;
3264 u8 primary_channel;
3265
3266 if (!wpa_s->hw.modes)
3267 goto fail;
3268
3269 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3270 if (hw_mode == NUM_HOSTAPD_MODES)
3271 goto fail;
3272
d0e116f6 3273 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, 0);
a82aee1f
AAL		 3274 if (!mode)
3275 goto fail;
3276
3277 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3278
3279fail:
3280 request_edmg.channels = 0;
3281 request_edmg.bw_config = 0;
3282 return request_edmg;
3283}
3284
3285
822c756e
AB		 3286#ifdef CONFIG_MBO
3287void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3288{
3289 struct wpa_driver_associate_params params;
3290 u8 *wpa_ie;
3291
3292 /*
3293 * Update MBO connect params only in case of change of MBO attributes
3294 * when connected, if the AP support MBO.
3295 */
3296
3297 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3298 !wpa_s->current_bss ||
3299 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3300 return;
3301
3302 os_memset(&params, 0, sizeof(params));
3303 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3304 wpa_s->current_ssid, &params, NULL);
3305 if (!wpa_ie)
3306 return;
3307
3308 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3309 os_free(wpa_ie);
3310}
3311#endif /* CONFIG_MBO */
3312
3313
d2ba0d71
VK		 3314static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3315{
3316 struct wpa_connect_work *cwork = work->ctx;
3317 struct wpa_bss *bss = cwork->bss;
3318 struct wpa_ssid *ssid = cwork->ssid;
3319 struct wpa_supplicant *wpa_s = work->wpa_s;
3320 u8 *wpa_ie;
a82aee1f 3321 const u8 *edmg_ie_oper;
d2ba0d71
VK		 3322 int use_crypt, ret, i, bssid_changed;
3323 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3324 struct wpa_driver_associate_params params;
3325 int wep_keys_set = 0;
3326 int assoc_failed = 0;
3327 struct wpa_ssid *old_ssid;
3328 u8 prev_bssid[ETH_ALEN];
3329#ifdef CONFIG_HT_OVERRIDES
3330 struct ieee80211_ht_capabilities htcaps;
3331 struct ieee80211_ht_capabilities htcaps_mask;
3332#endif /* CONFIG_HT_OVERRIDES */
3333#ifdef CONFIG_VHT_OVERRIDES
3334 struct ieee80211_vht_capabilities vhtcaps;
3335 struct ieee80211_vht_capabilities vhtcaps_mask;
3336#endif /* CONFIG_VHT_OVERRIDES */
3337
3338 if (deinit) {
3339 if (work->started) {
3340 wpa_s->connect_work = NULL;
3341
3342 /* cancel possible auth. timeout */
3343 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3344 NULL);
3345 }
3346 wpas_connect_work_free(cwork);
3347 return;
3348 }
3349
3350 wpa_s->connect_work = work;
3351
3352 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3353 wpas_network_disabled(wpa_s, ssid)) {
3354 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3355 wpas_connect_work_done(wpa_s);
3356 return;
3357 }
3358
3359 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3360 os_memset(&params, 0, sizeof(params));
3361 wpa_s->reassociate = 0;
3362 wpa_s->eap_expected_failure = 0;
3363 if (bss &&
3364 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3365#ifdef CONFIG_IEEE80211R
3366 const u8 *ie, *md = NULL;
3367#endif /* CONFIG_IEEE80211R */
3368 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3369 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3370 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3371 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3372 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3373 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3374 if (bssid_changed)
3375 wpas_notify_bssid_changed(wpa_s);
3376#ifdef CONFIG_IEEE80211R
3377 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3378 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3379 md = ie + 2;
3380 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3381 if (md) {
3382 /* Prepare for the next transition */
3383 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3384 }
3385#endif /* CONFIG_IEEE80211R */
3386#ifdef CONFIG_WPS
3387 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3388 wpa_s->conf->ap_scan == 2 &&
3389 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3390 /* Use ap_scan==1 style network selection to find the network
3391 */
3392 wpas_connect_work_done(wpa_s);
3393 wpa_s->scan_req = MANUAL_SCAN_REQ;
3394 wpa_s->reassociate = 1;
3395 wpa_supplicant_req_scan(wpa_s, 0, 0);
3396 return;
3397#endif /* CONFIG_WPS */
3398 } else {
3399 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3400 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3401 if (bss)
3402 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3403 else
3404 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3405 }
3406 if (!wpa_s->pno)
3407 wpa_supplicant_cancel_sched_scan(wpa_s);
3408
3409 wpa_supplicant_cancel_scan(wpa_s);
3410
3411 /* Starting new association, so clear the possibly used WPA IE from the
3412 * previous association. */
3413 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 3414 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3415 wpa_s->rsnxe_len = 0;
d2ba0d71 3416
6338c99e 3417 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 3418 if (!wpa_ie) {
3419 wpas_connect_work_done(wpa_s);
3420 return;
3421 }
3422
6fc6879b
JM		 3423 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3424 use_crypt = 1;
4848a38d
JM		 3425 cipher_pairwise = wpa_s->pairwise_cipher;
3426 cipher_group = wpa_s->group_cipher;
61a56c14 3427 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 3428 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3429 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3430 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3431 use_crypt = 0;
3432 if (wpa_set_wep_keys(wpa_s, ssid)) {
3433 use_crypt = 1;
3434 wep_keys_set = 1;
3435 }
3436 }
ad08c363
JM		 3437 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3438 use_crypt = 0;
6fc6879b
JM		 3439
3440#ifdef IEEE8021X_EAPOL
3441 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3442 if ((ssid->eapol_flags &
3443 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3444 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3445 !wep_keys_set) {
3446 use_crypt = 0;
3447 } else {
3448 /* Assume that dynamic WEP-104 keys will be used and
3449 * set cipher suites in order for drivers to expect
3450 * encryption. */
4848a38d 3451 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 3452 }
3453 }
3454#endif /* IEEE8021X_EAPOL */
3455
3456 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3457 /* Set the key before (and later after) association */
3458 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3459 }
3460
6fc6879b 3461 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 3462 if (bss) {
6fa81a3b
JM		 3463 params.ssid = bss->ssid;
3464 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 3465 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3466 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 3467 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3468 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 3469 "(bssid_set=%d wps=%d)",
f15854d1 3470 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 3471 ssid->bssid_set,
3472 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 3473 params.bssid = bss->bssid;
4ec68377 3474 params.freq.freq = bss->freq;
22628eca 3475 }
7ac7fd43
DS		 3476 params.bssid_hint = bss->bssid;
3477 params.freq_hint = bss->freq;
b9074912 3478 params.pbss = bss_is_pbss(bss);
6fc6879b 3479 } else {
43a356b2
PK		 3480 if (ssid->bssid_hint_set)
3481 params.bssid_hint = ssid->bssid_hint;
3482
6fc6879b
JM		 3483 params.ssid = ssid->ssid;
3484 params.ssid_len = ssid->ssid_len;
90f14962 3485 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 3486 }
9e2af29f
NC		 3487
3488 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3489 wpa_s->conf->ap_scan == 2) {
3490 params.bssid = ssid->bssid;
3491 params.fixed_bssid = 1;
3492 }
3493
603a3f34
JL		 3494 /* Initial frequency for IBSS/mesh */
3495 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 3496 ssid->frequency > 0 && params.freq.freq == 0)
3497 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 3498
8f05577d 3499 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 3500 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 3501 if (ssid->beacon_int)
3502 params.beacon_int = ssid->beacon_int;
3503 else
3504 params.beacon_int = wpa_s->conf->beacon_int;
3505 }
3506
a82aee1f
AAL		 3507 if (bss && ssid->enable_edmg)
3508 edmg_ie_oper = get_ie_ext((const u8 *) (bss + 1), bss->ie_len,
3509 WLAN_EID_EXT_EDMG_OPERATION);
3510 else
3511 edmg_ie_oper = NULL;
3512
3513 if (edmg_ie_oper) {
3514 params.freq.edmg.channels =
3515 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3516 params.freq.edmg.bw_config =
3517 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3518 wpa_printf(MSG_DEBUG,
3519 "AP supports EDMG channels 0x%x, bw_config %d",
3520 params.freq.edmg.channels,
3521 params.freq.edmg.bw_config);
3522
3523 /* User may ask for specific EDMG channel for EDMG connection
3524 * (must be supported by AP)
3525 */
3526 if (ssid->edmg_channel) {
3527 struct ieee80211_edmg_config configured_edmg;
3528 enum hostapd_hw_mode hw_mode;
3529 u8 primary_channel;
3530
3531 hw_mode = ieee80211_freq_to_chan(bss->freq,
3532 &primary_channel);
3533 if (hw_mode == NUM_HOSTAPD_MODES)
3534 goto edmg_fail;
3535
3536 hostapd_encode_edmg_chan(ssid->enable_edmg,
3537 ssid->edmg_channel,
3538 primary_channel,
3539 &configured_edmg);
3540
3541 if (ieee802_edmg_is_allowed(params.freq.edmg,
3542 configured_edmg)) {
3543 params.freq.edmg = configured_edmg;
3544 wpa_printf(MSG_DEBUG,
3545 "Use EDMG channel %d for connection",
3546 ssid->edmg_channel);
3547 } else {
3548 edmg_fail:
3549 params.freq.edmg.channels = 0;
3550 params.freq.edmg.bw_config = 0;
3551 wpa_printf(MSG_WARNING,
3552 "EDMG channel %d not supported by AP, fallback to DMG",
3553 ssid->edmg_channel);
3554 }
3555 }
3556
3557 if (params.freq.edmg.channels) {
3558 wpa_printf(MSG_DEBUG,
3559 "EDMG before: channels 0x%x, bw_config %d",
3560 params.freq.edmg.channels,
3561 params.freq.edmg.bw_config);
3562 params.freq.edmg = get_supported_edmg(wpa_s,
3563 &params.freq,
3564 params.freq.edmg);
3565 wpa_printf(MSG_DEBUG,
3566 "EDMG after: channels 0x%x, bw_config %d",
3567 params.freq.edmg.channels,
3568 params.freq.edmg.bw_config);
3569 }
3570 }
3571
6fc6879b
JM		 3572 params.pairwise_suite = cipher_pairwise;
3573 params.group_suite = cipher_group;
61a56c14 3574 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 3575 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 3576 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 3577 wpa_s->auth_alg = params.auth_alg;
6fc6879b 3578 params.mode = ssid->mode;
1f6c0ab8 3579 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 3580 for (i = 0; i < NUM_WEP_KEYS; i++) {
3581 if (ssid->wep_key_len[i])
3582 params.wep_key[i] = ssid->wep_key[i];
3583 params.wep_key_len[i] = ssid->wep_key_len[i];
3584 }
3585 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3586
436ee2fd 3587 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4848a38d
JM		 3588 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3589 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3590 params.passphrase = ssid->passphrase;
3591 if (ssid->psk_set)
3592 params.psk = ssid->psk;
b41f2684
CL		 3593 }
3594
d896874f
AS		 3595 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3596 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3597 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3598 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3599 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
cb28bd52 3600 params.req_handshake_offload = 1;
d896874f 3601
b41f2684
CL		 3602 if (wpa_s->conf->key_mgmt_offload) {
3603 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3604 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3605 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3606 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3607 params.req_key_mgmt_offload =
3608 ssid->proactive_key_caching < 0 ?
3609 wpa_s->conf->okc : ssid->proactive_key_caching;
3610 else
3611 params.req_key_mgmt_offload = 1;
3612
3613 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3614 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3615 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3616 ssid->psk_set)
3617 params.psk = ssid->psk;
6fc6879b
JM		 3618 }
3619
36b15723
JM		 3620 params.drop_unencrypted = use_crypt;
3621
3f56a2b7 3622 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3623 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3624 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3625 struct wpa_ie_data ie;
3626 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3627 ie.capabilities &
3628 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3629 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3630 "MFP: require MFP");
97d3497e
JM		 3631 params.mgmt_frame_protection =
3632 MGMT_FRAME_PROTECTION_REQUIRED;
cf94626c
PK		 3633#ifdef CONFIG_OWE
3634 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3635 !ssid->owe_only) {
3636 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3637#endif /* CONFIG_OWE */
97d3497e
JM		 3638 }
3639 }
6fc6879b 3640
ffad8858 3641 params.p2p = ssid->p2p_group;
6e3f4b89 3642
ba307f85
LD		 3643 if (wpa_s->p2pdev->set_sta_uapsd)
3644 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3645 else
3646 params.uapsd = -1;
3647
80e8a5ee
BG		 3648#ifdef CONFIG_HT_OVERRIDES
3649 os_memset(&htcaps, 0, sizeof(htcaps));
3650 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3651 params.htcaps = (u8 *) &htcaps;
3652 params.htcaps_mask = (u8 *) &htcaps_mask;
3653 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3654#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3655#ifdef CONFIG_VHT_OVERRIDES
3656 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3657 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3658 params.vhtcaps = &vhtcaps;
3659 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3660 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3661#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3662
8567866d
JJ		 3663#ifdef CONFIG_P2P
3664 /*
3665 * If multi-channel concurrency is not supported, check for any
3666 * frequency conflict. In case of any frequency conflict, remove the
3667 * least prioritized connection.
3668 */
3669 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3670 int freq, num;
3671 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3672 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3673 wpa_printf(MSG_DEBUG,
3674 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3675 freq, params.freq.freq);
3676 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3677 wpa_s, params.freq.freq, ssid) < 0) {
3678 wpas_connect_work_done(wpa_s);
1e6780bd 3679 os_free(wpa_ie);
8567866d 3680 return;
74656400 3681 }
8567866d
JJ		 3682 }
3683 }
3684#endif /* CONFIG_P2P */
3685
6a5ee810
JM		 3686 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3687 wpa_s->current_ssid)
3688 params.prev_bssid = prev_bssid;
3689
17fbb751 3690 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3691 os_free(wpa_ie);
6fc6879b
JM		 3692 if (ret < 0) {
3693 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3694 "failed");
871f4dd0
JM		 3695 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3696 /*
3697 * The driver is known to mean what is saying, so we
3698 * can stop right here; the association will not
3699 * succeed.
3700 */
3701 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3702 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3703 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3704 return;
3705 }
6fc6879b
JM		 3706 /* try to continue anyway; new association will be tried again
3707 * after timeout */
3708 assoc_failed = 1;
3709 }
3710
3711 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3712 /* Set the key after the association just in case association
3713 * cleared the previously configured key. */
3714 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3715 /* No need to timeout authentication since there is no key
3716 * management. */
3717 wpa_supplicant_cancel_auth_timeout(wpa_s);
3718 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3719#ifdef CONFIG_IBSS_RSN
d7dcba70 3720 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3721 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3722 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3723 /*
3724 * RSN IBSS authentication is per-STA and we can disable the
3725 * per-BSSID authentication.
3726 */
3727 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3728#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3729 } else {
3730 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3731 int timeout = 60;
3732
3733 if (assoc_failed) {
3734 /* give IBSS a bit more time */
d7dcba70 3735 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3736 } else if (wpa_s->conf->ap_scan == 1) {
3737 /* give IBSS a bit more time */
d7dcba70 3738 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3739 }
6fc6879b
JM		 3740 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3741 }
3742
66562e9c
JM		 3743 if (wep_keys_set &&
3744 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3745 /* Set static WEP keys again */
3746 wpa_set_wep_keys(wpa_s, ssid);
3747 }
3748
3749 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3750 /*
3751 * Do not allow EAP session resumption between different
3752 * network configurations.
3753 */
3754 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3755 }
8bac466b 3756 old_ssid = wpa_s->current_ssid;
6fc6879b 3757 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3758
3759 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3760 wpa_s->current_bss = bss;
ece4ac5f
MG		 3761#ifdef CONFIG_HS20
3762 hs20_configure_frame_filters(wpa_s);
3763#endif /* CONFIG_HS20 */
3764 }
3765
6fc6879b
JM		 3766 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3767 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3768 if (old_ssid != wpa_s->current_ssid)
3769 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3770}
3771
3772
09f58c09
JM		 3773static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3774 const u8 *addr)
3775{
3776 struct wpa_ssid *old_ssid;
3777
c155305f 3778 wpas_connect_work_done(wpa_s);
09f58c09 3779 wpa_clear_keys(wpa_s, addr);
09f58c09 3780 old_ssid = wpa_s->current_ssid;
0d30cc24 3781 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3782 wpa_sm_set_config(wpa_s->wpa, NULL);
3783 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3784 if (old_ssid != wpa_s->current_ssid)
3785 wpas_notify_network_changed(wpa_s);
3786 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3787}
3788
3789
6fc6879b
JM		 3790/**
3791 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3792 * @wpa_s: Pointer to wpa_supplicant data
3793 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3794 *
073ab58f 3795 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3796 * current AP.
3797 */
3798void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4be17ffb 3799 u16 reason_code)
6fc6879b
JM		 3800{
3801 u8 *addr = NULL;
ef48ff94 3802 union wpa_event_data event;
42d23547 3803 int zero_addr = 0;
8bac466b 3804
42d23547 3805 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
cfde99a8 3806 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
42d23547 3807 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
cfde99a8
AK		 3808 reason_code, reason2str(reason_code),
3809 wpa_supplicant_state_txt(wpa_s->wpa_state));
42d23547 3810
04e3d815
MK		 3811 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3812 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3813 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3814 addr = wpa_s->pending_bssid;
04e3d815
MK		 3815 else if (!is_zero_ether_addr(wpa_s->bssid))
3816 addr = wpa_s->bssid;
42d23547
JM		 3817 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3818 /*
3819 * When using driver-based BSS selection, we may not know the
3820 * BSSID with which we are currently trying to associate. We
3821 * need to notify the driver of this disconnection even in such
3822 * a case, so use the all zeros address here.
3823 */
6fc6879b 3824 addr = wpa_s->bssid;
42d23547
JM		 3825 zero_addr = 1;
3826 }
3827
5abc7823
VN		 3828 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3829 wpa_s->enabled_4addr_mode = 0;
3830
7b44ff2c
SD		 3831#ifdef CONFIG_TDLS
3832 wpa_tdls_teardown_peers(wpa_s->wpa);
3833#endif /* CONFIG_TDLS */
3834
603a3f34
JL		 3835#ifdef CONFIG_MESH
3836 if (wpa_s->ifmsh) {
a39b040b
SB		 3837 struct mesh_conf *mconf;
3838
3839 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3840 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3841 wpa_s->ifname);
a39b040b
SB		 3842 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3843 mconf->meshid_len, reason_code);
603a3f34
JL		 3844 wpa_supplicant_leave_mesh(wpa_s);
3845 }
3846#endif /* CONFIG_MESH */
3847
42d23547
JM		 3848 if (addr) {
3849 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94 3850 os_memset(&event, 0, sizeof(event));
4be17ffb 3851 event.deauth_info.reason_code = reason_code;
ef48ff94
JM		 3852 event.deauth_info.locally_generated = 1;
3853 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3854 if (zero_addr)
3855 addr = NULL;
6fc6879b 3856 }
09f58c09
JM		 3857
3858 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3859}
3860
1f90a49d
AW		 3861
3862void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
3863{
3864 wpa_s->own_reconnect_req = 1;
3865 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
3866
3867}
3868
3869
dca1a511
DS		 3870static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3871 struct wpa_ssid *ssid)
3872{
3873 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3874 return;
3875
3876 ssid->disabled = 0;
91073cca 3877 ssid->owe_transition_bss_select_count = 0;
dca1a511
DS		 3878 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3879 wpas_notify_network_enabled_changed(wpa_s, ssid);
3880
3881 /*
3882 * Try to reassociate since there is no current configuration and a new
3883 * network was made available.
3884 */
d2592497 3885 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3886 wpa_s->reassociate = 1;
3887}
3888
6fc6879b 3889
d015bb05
RP		 3890/**
3891 * wpa_supplicant_add_network - Add a new network
3892 * @wpa_s: wpa_supplicant structure for a network interface
3893 * Returns: The new network configuration or %NULL if operation failed
3894 *
3895 * This function performs the following operations:
3896 * 1. Adds a new network.
3897 * 2. Send network addition notification.
3898 * 3. Marks the network disabled.
3899 * 4. Set network default parameters.
3900 */
3901struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3902{
3903 struct wpa_ssid *ssid;
3904
3905 ssid = wpa_config_add_network(wpa_s->conf);
3906 if (!ssid)
3907 return NULL;
3908 wpas_notify_network_added(wpa_s, ssid);
3909 ssid->disabled = 1;
3910 wpa_config_set_network_defaults(ssid);
3911
3912 return ssid;
3913}
3914
3915
3916/**
3917 * wpa_supplicant_remove_network - Remove a configured network based on id
3918 * @wpa_s: wpa_supplicant structure for a network interface
3919 * @id: Unique network id to search for
3920 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3921 * could not be removed
3922 *
3923 * This function performs the following operations:
3924 * 1. Removes the network.
3925 * 2. Send network removal notification.
3926 * 3. Update internal state machines.
3927 * 4. Stop any running sched scans.
3928 */
3929int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3930{
3931 struct wpa_ssid *ssid;
3932 int was_disabled;
3933
3934 ssid = wpa_config_get_network(wpa_s->conf, id);
3935 if (!ssid)
3936 return -1;
3937 wpas_notify_network_removed(wpa_s, ssid);
3938
3939 if (wpa_s->last_ssid == ssid)
3940 wpa_s->last_ssid = NULL;
3941
3942 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3943#ifdef CONFIG_SME
3944 wpa_s->sme.prev_bssid_set = 0;
3945#endif /* CONFIG_SME */
3946 /*
3947 * Invalidate the EAP session cache if the current or
3948 * previously used network is removed.
3949 */
3950 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3951 }
3952
3953 if (ssid == wpa_s->current_ssid) {
3954 wpa_sm_set_config(wpa_s->wpa, NULL);
3955 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3956
3957 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3958 wpa_s->own_disconnect_req = 1;
3959 wpa_supplicant_deauthenticate(wpa_s,
3960 WLAN_REASON_DEAUTH_LEAVING);
3961 }
3962
3963 was_disabled = ssid->disabled;
3964
3965 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3966 return -2;
3967
3968 if (!was_disabled && wpa_s->sched_scanning) {
3969 wpa_printf(MSG_DEBUG,
3970 "Stop ongoing sched_scan to remove network from filters");
3971 wpa_supplicant_cancel_sched_scan(wpa_s);
3972 wpa_supplicant_req_scan(wpa_s, 0, 0);
3973 }
3974
3975 return 0;
3976}
3977
3978
86b89452
WS		 3979/**
3980 * wpa_supplicant_enable_network - Mark a configured network as enabled
3981 * @wpa_s: wpa_supplicant structure for a network interface
3982 * @ssid: wpa_ssid structure for a configured network or %NULL
3983 *
3984 * Enables the specified network or all networks if no network specified.
3985 */
3986void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3987 struct wpa_ssid *ssid)
3988{
86b89452 3989 if (ssid == NULL) {
14f79078
JM		 3990 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3991 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3992 } else
3993 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3994
5a1d9d1a
JM		 3995 if (wpa_s->reassociate && !wpa_s->disconnected &&
3996 (!wpa_s->current_ssid ||
3997 wpa_s->wpa_state == WPA_DISCONNECTED ||
3998 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3999 if (wpa_s->sched_scanning) {
4000 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4001 "new network to scan filters");
4002 wpa_supplicant_cancel_sched_scan(wpa_s);
4003 }
86b89452 4004
35d40309
JM		 4005 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4006 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 4007 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 4008 }
86b89452
WS		 4009 }
4010}
4011
4012
4013/**
4014 * wpa_supplicant_disable_network - Mark a configured network as disabled
4015 * @wpa_s: wpa_supplicant structure for a network interface
4016 * @ssid: wpa_ssid structure for a configured network or %NULL
4017 *
4018 * Disables the specified network or all networks if no network specified.
4019 */
4020void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4021 struct wpa_ssid *ssid)
4022{
4023 struct wpa_ssid *other_ssid;
4024 int was_disabled;
4025
4026 if (ssid == NULL) {
725fc39e
DS		 4027 if (wpa_s->sched_scanning)
4028 wpa_supplicant_cancel_sched_scan(wpa_s);
4029
4dac0245
JM		 4030 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4031 other_ssid = other_ssid->next) {
86b89452 4032 was_disabled = other_ssid->disabled;
4dac0245
JM		 4033 if (was_disabled == 2)
4034 continue; /* do not change persistent P2P group
4035 * data */
86b89452
WS		 4036
4037 other_ssid->disabled = 1;
4038
4039 if (was_disabled != other_ssid->disabled)
4040 wpas_notify_network_enabled_changed(
4041 wpa_s, other_ssid);
86b89452 4042 }
0661163e
SD		 4043 if (wpa_s->current_ssid) {
4044 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4045 wpa_s->own_disconnect_req = 1;
07783eaa 4046 wpa_supplicant_deauthenticate(
86b89452 4047 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4048 }
4dac0245 4049 } else if (ssid->disabled != 2) {
0661163e
SD		 4050 if (ssid == wpa_s->current_ssid) {
4051 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4052 wpa_s->own_disconnect_req = 1;
07783eaa 4053 wpa_supplicant_deauthenticate(
86b89452 4054 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4055 }
86b89452
WS		 4056
4057 was_disabled = ssid->disabled;
4058
4059 ssid->disabled = 1;
4060
725fc39e 4061 if (was_disabled != ssid->disabled) {
86b89452 4062 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 4063 if (wpa_s->sched_scanning) {
4064 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4065 "to remove network from filters");
4066 wpa_supplicant_cancel_sched_scan(wpa_s);
4067 wpa_supplicant_req_scan(wpa_s, 0, 0);
4068 }
4069 }
86b89452
WS		 4070 }
4071}
4072
4073
4074/**
4075 * wpa_supplicant_select_network - Attempt association with a network
4076 * @wpa_s: wpa_supplicant structure for a network interface
4077 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4078 */
4079void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4080 struct wpa_ssid *ssid)
4081{
4082
4083 struct wpa_ssid *other_ssid;
d93dfbd5 4084 int disconnected = 0;
86b89452 4085
d93dfbd5 4086 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 4087 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4088 wpa_s->own_disconnect_req = 1;
07783eaa 4089 wpa_supplicant_deauthenticate(
86b89452 4090 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 4091 disconnected = 1;
4092 }
86b89452 4093
00e5e3d5
JM		 4094 if (ssid)
4095 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4096
86b89452
WS		 4097 /*
4098 * Mark all other networks disabled or mark all networks enabled if no
4099 * network specified.
4100 */
4dac0245
JM		 4101 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4102 other_ssid = other_ssid->next) {
86b89452 4103 int was_disabled = other_ssid->disabled;
4dac0245
JM		 4104 if (was_disabled == 2)
4105 continue; /* do not change persistent P2P group data */
86b89452
WS		 4106
4107 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 4108 if (was_disabled && !other_ssid->disabled)
4109 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 4110
4111 if (was_disabled != other_ssid->disabled)
4112 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 4113 }
2a6f78fb 4114
d38c7be0
JM		 4115 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4116 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 4117 /* We are already associated with the selected network */
4118 wpa_printf(MSG_DEBUG, "Already associated with the "
4119 "selected network - do nothing");
4120 return;
4121 }
4122
25a8f9e3 4123 if (ssid) {
96efeeb6 4124 wpa_s->current_ssid = ssid;
25a8f9e3 4125 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 4126 wpa_s->connect_without_scan =
4127 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 4128
4129 /*
4130 * Don't optimize next scan freqs since a new ESS has been
4131 * selected.
4132 */
4133 os_free(wpa_s->next_scan_freqs);
4134 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 4135 } else {
4136 wpa_s->connect_without_scan = NULL;
25a8f9e3 4137 }
603a3f34 4138
86b89452
WS		 4139 wpa_s->disconnected = 0;
4140 wpa_s->reassociate = 1;
b834e970 4141 wpa_s_clear_sae_rejected(wpa_s);
2cb40e9f 4142 wpa_s->last_owe_group = 0;
05a2fb0d 4143 if (ssid) {
91073cca 4144 ssid->owe_transition_bss_select_count = 0;
05a2fb0d
JM		 4145 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4146 }
cecdddc1 4147
e4a35f07 4148 if (wpa_s->connect_without_scan ||
35d40309
JM		 4149 wpa_supplicant_fast_associate(wpa_s) != 1) {
4150 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 4151 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 4152 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 4153 }
86b89452 4154
a1641d26
JM		 4155 if (ssid)
4156 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 4157}
4158
4159
bdec7ee5
MS		 4160/**
4161 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4162 * @wpa_s: wpa_supplicant structure for a network interface
4163 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4164 * @pkcs11_module_path: PKCS #11 module path or NULL
4165 * Returns: 0 on success; -1 on failure
4166 *
4167 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4168 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4169 * module path fails the paths will be reset to the default value (NULL).
4170 */
4171int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4172 const char *pkcs11_engine_path,
4173 const char *pkcs11_module_path)
4174{
4175 char *pkcs11_engine_path_copy = NULL;
4176 char *pkcs11_module_path_copy = NULL;
4177
4178 if (pkcs11_engine_path != NULL) {
4179 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4180 if (pkcs11_engine_path_copy == NULL)
4181 return -1;
4182 }
4183 if (pkcs11_module_path != NULL) {
4184 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 4185 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 4186 os_free(pkcs11_engine_path_copy);
4187 return -1;
4188 }
4189 }
4190
4191 os_free(wpa_s->conf->pkcs11_engine_path);
4192 os_free(wpa_s->conf->pkcs11_module_path);
4193 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4194 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4195
4196 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4197 eapol_sm_deinit(wpa_s->eapol);
4198 wpa_s->eapol = NULL;
4199 if (wpa_supplicant_init_eapol(wpa_s)) {
4200 /* Error -> Reset paths to the default value (NULL) once. */
4201 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4202 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4203 NULL);
4204
4205 return -1;
4206 }
4207 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4208
4209 return 0;
4210}
4211
4212
86b89452
WS		 4213/**
4214 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4215 * @wpa_s: wpa_supplicant structure for a network interface
4216 * @ap_scan: AP scan mode
4217 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4218 *
4219 */
4220int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4221{
4222
4223 int old_ap_scan;
4224
4225 if (ap_scan < 0 || ap_scan > 2)
4226 return -1;
4227
8406cd35
JM		 4228 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4229 wpa_printf(MSG_INFO,
4230 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4231 }
4232
48f8e036
DS		 4233#ifdef ANDROID
4234 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4235 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4236 wpa_s->wpa_state < WPA_COMPLETED) {
4237 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4238 "associating", wpa_s->conf->ap_scan, ap_scan);
4239 return 0;
4240 }
4241#endif /* ANDROID */
4242
86b89452
WS		 4243 old_ap_scan = wpa_s->conf->ap_scan;
4244 wpa_s->conf->ap_scan = ap_scan;
4245
4246 if (old_ap_scan != wpa_s->conf->ap_scan)
4247 wpas_notify_ap_scan_changed(wpa_s);
4248
4249 return 0;
4250}
4251
4252
78633c37
SL		 4253/**
4254 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4255 * @wpa_s: wpa_supplicant structure for a network interface
4256 * @expire_age: Expiration age in seconds
4257 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4258 *
4259 */
4260int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4261 unsigned int bss_expire_age)
4262{
4263 if (bss_expire_age < 10) {
4264 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4265 bss_expire_age);
4266 return -1;
4267 }
4268 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4269 bss_expire_age);
4270 wpa_s->conf->bss_expiration_age = bss_expire_age;
4271
4272 return 0;
4273}
4274
4275
4276/**
4277 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4278 * @wpa_s: wpa_supplicant structure for a network interface
4279 * @expire_count: number of scans after which an unseen BSS is reclaimed
4280 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4281 *
4282 */
4283int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4284 unsigned int bss_expire_count)
4285{
4286 if (bss_expire_count < 1) {
4287 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4288 bss_expire_count);
4289 return -1;
4290 }
4291 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4292 bss_expire_count);
4293 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4294
4295 return 0;
4296}
4297
4298
c6e86b63
MA		 4299/**
4300 * wpa_supplicant_set_scan_interval - Set scan interval
4301 * @wpa_s: wpa_supplicant structure for a network interface
4302 * @scan_interval: scan interval in seconds
4303 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4304 *
4305 */
4306int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4307 int scan_interval)
4308{
4309 if (scan_interval < 0) {
4310 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4311 scan_interval);
4312 return -1;
4313 }
4314 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4315 scan_interval);
9e737f08 4316 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 4317
4318 return 0;
4319}
4320
4321
86b89452
WS		 4322/**
4323 * wpa_supplicant_set_debug_params - Set global debug params
4324 * @global: wpa_global structure
4325 * @debug_level: debug level
4326 * @debug_timestamp: determines if show timestamp in debug data
4327 * @debug_show_keys: determines if show keys in debug data
4328 * Returns: 0 if succeed or -1 if debug_level has wrong value
4329 */
4330int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4331 int debug_timestamp, int debug_show_keys)
4332{
4333
4334 int old_level, old_timestamp, old_show_keys;
4335
4336 /* check for allowed debuglevels */
14dc0011
PS		 4337 if (debug_level != MSG_EXCESSIVE &&
4338 debug_level != MSG_MSGDUMP &&
86b89452
WS		 4339 debug_level != MSG_DEBUG &&
4340 debug_level != MSG_INFO &&
4341 debug_level != MSG_WARNING &&
4342 debug_level != MSG_ERROR)
4343 return -1;
4344
4345 old_level = wpa_debug_level;
4346 old_timestamp = wpa_debug_timestamp;
4347 old_show_keys = wpa_debug_show_keys;
4348
4349 wpa_debug_level = debug_level;
4350 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4351 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4352
db9133ac
WS		 4353 if (wpa_debug_level != old_level)
4354 wpas_notify_debug_level_changed(global);
4355 if (wpa_debug_timestamp != old_timestamp)
4356 wpas_notify_debug_timestamp_changed(global);
4357 if (wpa_debug_show_keys != old_show_keys)
4358 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 4359
4360 return 0;
4361}
4362
4363
e8b96490
JM		 4364#ifdef CONFIG_OWE
4365static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4366 const u8 *entry_ssid, size_t entry_ssid_len)
4367{
4368 const u8 *owe, *pos, *end;
4369 u8 ssid_len;
4370 struct wpa_bss *bss;
4371
4372 /* Check network profile SSID aganst the SSID in the
4373 * OWE Transition Mode element. */
4374
4375 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4376 if (!bss)
4377 return 0;
4378
4379 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4380 if (!owe)
4381 return 0;
4382
4383 pos = owe + 6;
4384 end = owe + 2 + owe[1];
4385
4386 if (end - pos < ETH_ALEN + 1)
4387 return 0;
4388 pos += ETH_ALEN;
4389 ssid_len = *pos++;
4390 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4391 return 0;
4392
4393 return entry_ssid_len == ssid_len &&
4394 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4395}
4396#endif /* CONFIG_OWE */
4397
4398
6fc6879b
JM		 4399/**
4400 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4401 * @wpa_s: Pointer to wpa_supplicant data
4402 * Returns: A pointer to the current network structure or %NULL on failure
4403 */
4404struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4405{
4406 struct wpa_ssid *entry;
eaa8eefe 4407 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 4408 int res;
4409 size_t ssid_len;
4410 u8 bssid[ETH_ALEN];
4411 int wired;
4412
17fbb751
JM		 4413 res = wpa_drv_get_ssid(wpa_s, ssid);
4414 if (res < 0) {
4415 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4416 "driver");
4417 return NULL;
6fc6879b 4418 }
17fbb751 4419 ssid_len = res;
6fc6879b 4420
17fbb751 4421 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 4422 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4423 "driver");
6fc6879b
JM		 4424 return NULL;
4425 }
4426
c2a04078
JM		 4427 wired = wpa_s->conf->ap_scan == 0 &&
4428 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 4429
4430 entry = wpa_s->conf->ssid;
4431 while (entry) {
349493bd 4432 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b 4433 ((ssid_len == entry->ssid_len &&
c4fccfc7
JM		 4434 (!entry->ssid ||
4435 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4436 wired) &&
6fc6879b
JM		 4437 (!entry->bssid_set ||
4438 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4439 return entry;
24c23d1b 4440#ifdef CONFIG_WPS
349493bd 4441 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 4442 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4443 (entry->ssid == NULL || entry->ssid_len == 0) &&
4444 (!entry->bssid_set ||
4445 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4446 return entry;
4447#endif /* CONFIG_WPS */
7d232e23 4448
e8b96490
JM		 4449#ifdef CONFIG_OWE
4450 if (!wpas_network_disabled(wpa_s, entry) &&
4451 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4452 entry->ssid_len) &&
4453 (!entry->bssid_set ||
4454 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4455 return entry;
4456#endif /* CONFIG_OWE */
4457
349493bd 4458 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 4459 entry->ssid_len == 0 &&
4460 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4461 return entry;
4462
6fc6879b
JM		 4463 entry = entry->next;
4464 }
4465
4466 return NULL;
4467}
4468
4469
7756114f
JM		 4470static int select_driver(struct wpa_supplicant *wpa_s, int i)
4471{
4472 struct wpa_global *global = wpa_s->global;
4473
4474 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 4475 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 4476 if (global->drv_priv[i] == NULL) {
4477 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4478 "'%s'", wpa_drivers[i]->name);
4479 return -1;
4480 }
4481 }
4482
4483 wpa_s->driver = wpa_drivers[i];
4484 wpa_s->global_drv_priv = global->drv_priv[i];
4485
4486 return 0;
4487}
4488
4489
6fc6879b
JM		 4490static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4491 const char *name)
4492{
4493 int i;
362f781e 4494 size_t len;
74b1c84a 4495 const char *pos, *driver = name;
6fc6879b
JM		 4496
4497 if (wpa_s == NULL)
4498 return -1;
4499
c5121837 4500 if (wpa_drivers[0] == NULL) {
f049052b
BG		 4501 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4502 "wpa_supplicant");
6fc6879b
JM		 4503 return -1;
4504 }
4505
4506 if (name == NULL) {
4507 /* default to first driver in the list */
7756114f 4508 return select_driver(wpa_s, 0);
6fc6879b
JM		 4509 }
4510
74b1c84a
SO		 4511 do {
4512 pos = os_strchr(driver, ',');
4513 if (pos)
4514 len = pos - driver;
4515 else
4516 len = os_strlen(driver);
4517
4518 for (i = 0; wpa_drivers[i]; i++) {
4519 if (os_strlen(wpa_drivers[i]->name) == len &&
4520 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 4521 0) {
4522 /* First driver that succeeds wins */
4523 if (select_driver(wpa_s, i) == 0)
4524 return 0;
4525 }
6fc6879b 4526 }
74b1c84a
SO		 4527
4528 driver = pos + 1;
4529 } while (pos);
6fc6879b 4530
f049052b 4531 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 4532 return -1;
4533}
4534
4535
a8e0505b
JM		 4536/**
4537 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4538 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4539 * with struct wpa_driver_ops::init()
4540 * @src_addr: Source address of the EAPOL frame
4541 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4542 * @len: Length of the EAPOL data
4543 *
4544 * This function is called for each received EAPOL frame. Most driver
4545 * interfaces rely on more generic OS mechanism for receiving frames through
4546 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4547 * take care of received EAPOL frames and deliver them to the core supplicant
4548 * code by calling this function.
4549 */
6fc6879b
JM		 4550void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4551 const u8 *buf, size_t len)
4552{
4553 struct wpa_supplicant *wpa_s = ctx;
4554
f049052b 4555 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 4556 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4557
02adead5
MK		 4558#ifdef CONFIG_TESTING_OPTIONS
4559 if (wpa_s->ignore_auth_resp) {
4560 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4561 return;
4562 }
4563#endif /* CONFIG_TESTING_OPTIONS */
4564
3ab35a66
JM		 4565 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4566 (wpa_s->last_eapol_matches_bssid &&
4567#ifdef CONFIG_AP
4568 !wpa_s->ap_iface &&
4569#endif /* CONFIG_AP */
4570 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 4571 /*
4572 * There is possible race condition between receiving the
4573 * association event and the EAPOL frame since they are coming
4574 * through different paths from the driver. In order to avoid
4575 * issues in trying to process the EAPOL frame before receiving
4576 * association information, lets queue it for processing until
3ab35a66
JM		 4577 * the association event is received. This may also be needed in
4578 * driver-based roaming case, so also use src_addr != BSSID as a
4579 * trigger if we have previously confirmed that the
4580 * Authenticator uses BSSID as the src_addr (which is not the
4581 * case with wired IEEE 802.1X).
1ff73338 4582 */
f049052b 4583 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 4584 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4585 wpa_supplicant_state_txt(wpa_s->wpa_state),
4586 MAC2STR(wpa_s->bssid));
1ff73338
JM		 4587 wpabuf_free(wpa_s->pending_eapol_rx);
4588 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4589 if (wpa_s->pending_eapol_rx) {
c2be937c 4590 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 4591 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4592 ETH_ALEN);
4593 }
4594 return;
4595 }
4596
3ab35a66
JM		 4597 wpa_s->last_eapol_matches_bssid =
4598 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4599
db149ac9
JM		 4600#ifdef CONFIG_AP
4601 if (wpa_s->ap_iface) {
4602 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4603 return;
4604 }
4605#endif /* CONFIG_AP */
4606
6fc6879b 4607 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 4608 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4609 "no key management is configured");
6fc6879b
JM		 4610 return;
4611 }
4612
4613 if (wpa_s->eapol_received == 0 &&
436ee2fd 4614 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
56586197 4615 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4616 wpa_s->wpa_state != WPA_COMPLETED) &&
4617 (wpa_s->current_ssid == NULL ||
f74618cb 4618 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
6fc6879b 4619 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4620 int timeout = 10;
4621
4622 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4623 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4624 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4625 /* Use longer timeout for IEEE 802.1X/EAP */
4626 timeout = 70;
4627 }
4628
c7dafdf9 4629#ifdef CONFIG_WPS
5add4101
JM		 4630 if (wpa_s->current_ssid && wpa_s->current_bss &&
4631 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4632 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4633 /*
4634 * Use shorter timeout if going through WPS AP iteration
4635 * for PIN config method with an AP that does not
4636 * advertise Selected Registrar.
4637 */
4638 struct wpabuf *wps_ie;
4639
4640 wps_ie = wpa_bss_get_vendor_ie_multi(
4641 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4642 if (wps_ie &&
4643 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4644 timeout = 10;
4645 wpabuf_free(wps_ie);
4646 }
c7dafdf9 4647#endif /* CONFIG_WPS */
5add4101
JM		 4648
4649 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4650 }
4651 wpa_s->eapol_received++;
4652
4653 if (wpa_s->countermeasures) {
f049052b
BG		 4654 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4655 "EAPOL packet");
6fc6879b
JM		 4656 return;
4657 }
4658
8be18440
JM		 4659#ifdef CONFIG_IBSS_RSN
4660 if (wpa_s->current_ssid &&
d7dcba70 4661 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4662 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4663 return;
4664 }
4665#endif /* CONFIG_IBSS_RSN */
4666
6fc6879b
JM		 4667 /* Source address of the incoming EAPOL frame could be compared to the
4668 * current BSSID. However, it is possible that a centralized
4669 * Authenticator could be using another MAC address than the BSSID of
4670 * an AP, so just allow any address to be used for now. The replies are
4671 * still sent to the current BSSID (if available), though. */
4672
4673 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4674 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4675 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4676 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4677 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4678 return;
4679 wpa_drv_poll(wpa_s);
436ee2fd 4680 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
6fc6879b 4681 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4682 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4683 /*
4684 * Set portValid = TRUE here since we are going to skip 4-way
4685 * handshake processing which would normally set portValid. We
4686 * need this to allow the EAPOL state machines to be completed
4687 * without going through EAPOL-Key handshake.
4688 */
4689 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4690 }
4691}
4692
4693
bfba8deb 4694int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4695{
2961bfa8
JM		 4696 if ((!wpa_s->p2p_mgmt ||
4697 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4698 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4699 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4700 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4701 wpa_drv_get_mac_addr(wpa_s),
4702 ETH_P_EAPOL,
4703 wpa_supplicant_rx_eapol, wpa_s, 0);
4704 if (wpa_s->l2 == NULL)
4705 return -1;
d89edb61
DC		 4706
4707 if (l2_packet_set_packet_filter(wpa_s->l2,
4708 L2_PACKET_FILTER_PKTTYPE))
4709 wpa_dbg(wpa_s, MSG_DEBUG,
4710 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4711 } else {
4712 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4713 if (addr)
4714 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4715 }
4716
4717 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4718 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4719 return -1;
4720 }
4721
c267753b 4722 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
8788a314 4723 wpas_wps_update_mac_addr(wpa_s);
c267753b 4724
cdb5774f
DL		 4725#ifdef CONFIG_FST
4726 if (wpa_s->fst)
4727 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4728#endif /* CONFIG_FST */
4729
bfba8deb
JM		 4730 return 0;
4731}
4732
4733
25f839c6
JM		 4734static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4735 const u8 *buf, size_t len)
4736{
4737 struct wpa_supplicant *wpa_s = ctx;
4738 const struct l2_ethhdr *eth;
4739
4740 if (len < sizeof(*eth))
4741 return;
4742 eth = (const struct l2_ethhdr *) buf;
4743
4744 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4745 !(eth->h_dest[0] & 0x01)) {
4746 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4747 " (bridge - not for this interface - ignore)",
4748 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4749 return;
4750 }
4751
4752 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4753 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4754 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4755 len - sizeof(*eth));
4756}
4757
4758
bfba8deb
JM		 4759/**
4760 * wpa_supplicant_driver_init - Initialize driver interface parameters
4761 * @wpa_s: Pointer to wpa_supplicant data
4762 * Returns: 0 on success, -1 on failure
4763 *
4764 * This function is called to initialize driver interface parameters.
4765 * wpa_drv_init() must have been called before this function to initialize the
4766 * driver interface.
4767 */
4768int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4769{
4770 static int interface_count = 0;
4771
4772 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4773 return -1;
4774
c68f6200
AS		 4775 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4776 MAC2STR(wpa_s->own_addr));
a313d17d 4777 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4778 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4779
6fc6879b 4780 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4781 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4782 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4783 wpa_s->l2_br = l2_packet_init_bridge(
4784 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4785 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4786 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4787 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4788 "connection for the bridge interface '%s'",
4789 wpa_s->bridge_ifname);
6fc6879b
JM		 4790 return -1;
4791 }
4792 }
4793
8406cd35
JM		 4794 if (wpa_s->conf->ap_scan == 2 &&
4795 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4796 wpa_printf(MSG_INFO,
4797 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4798 }
4799
6fc6879b
JM		 4800 wpa_clear_keys(wpa_s, NULL);
4801
4802 /* Make sure that TKIP countermeasures are not left enabled (could
4803 * happen if wpa_supplicant is killed during countermeasures. */
4804 wpa_drv_set_countermeasures(wpa_s, 0);
4805
f049052b 4806 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4807 wpa_drv_flush_pmkid(wpa_s);
4808
ba2a573c 4809 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4810 wpa_s->prev_scan_wildcard = 0;
4811
349493bd 4812 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4813 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4814 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4815 interface_count = 0;
4816 }
ee82e33d 4817#ifndef ANDROID
3a94adbf 4818 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4819 wpa_supplicant_delayed_sched_scan(wpa_s,
4820 interface_count % 3,
6a90053c 4821 100000))
5d0d72a3 4822 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4823 100000);
ee82e33d 4824#endif /* ANDROID */
74e259ec
JM		 4825 interface_count++;
4826 } else
4827 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4828
4829 return 0;
4830}
4831
4832
4833static int wpa_supplicant_daemon(const char *pid_file)
4834{
4835 wpa_printf(MSG_DEBUG, "Daemonize..");
4836 return os_daemonize(pid_file);
4837}
4838
4839
1772d348
JM		 4840static struct wpa_supplicant *
4841wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4842{
4843 struct wpa_supplicant *wpa_s;
4844
4845 wpa_s = os_zalloc(sizeof(*wpa_s));
4846 if (wpa_s == NULL)
4847 return NULL;
4115303b 4848 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4849 wpa_s->scan_interval = 5;
c302f207 4850 wpa_s->new_connection = 1;
1772d348 4851 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4852 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4853 wpa_s->sched_scanning = 0;
6fc6879b 4854
dd599908 4855 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4856 dl_list_init(&wpa_s->fils_hlp_req);
6c570193
JM		 4857#ifdef CONFIG_TESTING_OPTIONS
4858 dl_list_init(&wpa_s->drv_signal_override);
4859#endif /* CONFIG_TESTING_OPTIONS */
dd599908 4860
6fc6879b
JM		 4861 return wpa_s;
4862}
4863
4864
80e8a5ee
BG		 4865#ifdef CONFIG_HT_OVERRIDES
4866
4867static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4868 struct ieee80211_ht_capabilities *htcaps,
4869 struct ieee80211_ht_capabilities *htcaps_mask,
4870 const char *ht_mcs)
4871{
4872 /* parse ht_mcs into hex array */
4873 int i;
4874 const char *tmp = ht_mcs;
4875 char *end = NULL;
4876
4877 /* If ht_mcs is null, do not set anything */
4878 if (!ht_mcs)
4879 return 0;
4880
4881 /* This is what we are setting in the kernel */
4882 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4883
4884 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4885
4886 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4887 long v;
4888
80e8a5ee 4889 errno = 0;
30eddf35
JB		 4890 v = strtol(tmp, &end, 16);
4891
80e8a5ee
BG		 4892 if (errno == 0) {
4893 wpa_msg(wpa_s, MSG_DEBUG,
4894 "htcap value[%i]: %ld end: %p tmp: %p",
4895 i, v, end, tmp);
4896 if (end == tmp)
4897 break;
4898
4899 htcaps->supported_mcs_set[i] = v;
4900 tmp = end;
4901 } else {
4902 wpa_msg(wpa_s, MSG_ERROR,
4903 "Failed to parse ht-mcs: %s, error: %s\n",
4904 ht_mcs, strerror(errno));
4905 return -1;
4906 }
4907 }
4908
4909 /*
4910 * If we were able to parse any values, then set mask for the MCS set.
4911 */
4912 if (i) {
4913 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4914 IEEE80211_HT_MCS_MASK_LEN - 1);
4915 /* skip the 3 reserved bits */
4916 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4917 0x1f;
4918 }
4919
4920 return 0;
4921}
4922
4923
4924static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4925 struct ieee80211_ht_capabilities *htcaps,
4926 struct ieee80211_ht_capabilities *htcaps_mask,
4927 int disabled)
4928{
5bc28571 4929 le16 msk;
80e8a5ee 4930
80e8a5ee
BG		 4931 if (disabled == -1)
4932 return 0;
4933
bbdb5014
JM		 4934 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4935
80e8a5ee
BG		 4936 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4937 htcaps_mask->ht_capabilities_info |= msk;
4938 if (disabled)
4939 htcaps->ht_capabilities_info &= msk;
4940 else
4941 htcaps->ht_capabilities_info |= msk;
4942
4943 return 0;
4944}
4945
4946
4947static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4948 struct ieee80211_ht_capabilities *htcaps,
4949 struct ieee80211_ht_capabilities *htcaps_mask,
4950 int factor)
4951{
80e8a5ee
BG		 4952 if (factor == -1)
4953 return 0;
4954
bbdb5014
JM		 4955 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4956
80e8a5ee
BG		 4957 if (factor < 0 || factor > 3) {
4958 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4959 "Must be 0-3 or -1", factor);
4960 return -EINVAL;
4961 }
4962
4963 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4964 htcaps->a_mpdu_params &= ~0x3;
4965 htcaps->a_mpdu_params |= factor & 0x3;
4966
4967 return 0;
4968}
4969
4970
4971static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4972 struct ieee80211_ht_capabilities *htcaps,
4973 struct ieee80211_ht_capabilities *htcaps_mask,
4974 int density)
4975{
80e8a5ee
BG		 4976 if (density == -1)
4977 return 0;
4978
bbdb5014
JM		 4979 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4980
80e8a5ee
BG		 4981 if (density < 0 || density > 7) {
4982 wpa_msg(wpa_s, MSG_ERROR,
4983 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4984 density);
4985 return -EINVAL;
4986 }
4987
4988 htcaps_mask->a_mpdu_params |= 0x1C;
4989 htcaps->a_mpdu_params &= ~(0x1C);
4990 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4991
4992 return 0;
4993}
4994
4995
4996static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4997 struct ieee80211_ht_capabilities *htcaps,
4998 struct ieee80211_ht_capabilities *htcaps_mask,
4999 int disabled)
5000{
bbdb5014
JM		 5001 if (disabled)
5002 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
80e8a5ee 5003
9eb5757a
MH		 5004 set_disable_ht40(htcaps, disabled);
5005 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 5006
5007 return 0;
5008}
5009
5010
a90497f8
BG		 5011static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
5012 struct ieee80211_ht_capabilities *htcaps,
5013 struct ieee80211_ht_capabilities *htcaps_mask,
5014 int disabled)
5015{
5016 /* Masking these out disables SGI */
5bc28571
JM		 5017 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
5018 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8 5019
bbdb5014
JM		 5020 if (disabled)
5021 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
a90497f8
BG		 5022
5023 if (disabled)
5024 htcaps->ht_capabilities_info &= ~msk;
5025 else
5026 htcaps->ht_capabilities_info |= msk;
5027
5028 htcaps_mask->ht_capabilities_info |= msk;
5029
5030 return 0;
5031}
5032
5033
39a5800f
PK		 5034static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5035 struct ieee80211_ht_capabilities *htcaps,
5036 struct ieee80211_ht_capabilities *htcaps_mask,
5037 int disabled)
5038{
5039 /* Masking these out disables LDPC */
5bc28571 5040 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f 5041
bbdb5014
JM		 5042 if (disabled)
5043 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
39a5800f
PK		 5044
5045 if (disabled)
5046 htcaps->ht_capabilities_info &= ~msk;
5047 else
5048 htcaps->ht_capabilities_info |= msk;
5049
5050 htcaps_mask->ht_capabilities_info |= msk;
5051
5052 return 0;
5053}
5054
5055
cdeea70f
SM		 5056static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5057 struct ieee80211_ht_capabilities *htcaps,
5058 struct ieee80211_ht_capabilities *htcaps_mask,
5059 int tx_stbc)
5060{
5061 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5062
cdeea70f
SM		 5063 if (tx_stbc == -1)
5064 return 0;
5065
bbdb5014
JM		 5066 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5067
cdeea70f
SM		 5068 if (tx_stbc < 0 || tx_stbc > 1) {
5069 wpa_msg(wpa_s, MSG_ERROR,
5070 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5071 return -EINVAL;
5072 }
5073
5074 htcaps_mask->ht_capabilities_info |= msk;
5075 htcaps->ht_capabilities_info &= ~msk;
5076 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5077
5078 return 0;
5079}
5080
5081
5082static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5083 struct ieee80211_ht_capabilities *htcaps,
5084 struct ieee80211_ht_capabilities *htcaps_mask,
5085 int rx_stbc)
5086{
5087 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5088
cdeea70f
SM		 5089 if (rx_stbc == -1)
5090 return 0;
5091
bbdb5014
JM		 5092 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5093
cdeea70f
SM		 5094 if (rx_stbc < 0 || rx_stbc > 3) {
5095 wpa_msg(wpa_s, MSG_ERROR,
5096 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5097 return -EINVAL;
5098 }
5099
5100 htcaps_mask->ht_capabilities_info |= msk;
5101 htcaps->ht_capabilities_info &= ~msk;
5102 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5103
5104 return 0;
5105}
5106
5107
80e8a5ee
BG		 5108void wpa_supplicant_apply_ht_overrides(
5109 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5110 struct wpa_driver_associate_params *params)
5111{
5112 struct ieee80211_ht_capabilities *htcaps;
5113 struct ieee80211_ht_capabilities *htcaps_mask;
5114
5115 if (!ssid)
5116 return;
5117
5118 params->disable_ht = ssid->disable_ht;
5119 if (!params->htcaps || !params->htcaps_mask)
5120 return;
5121
5122 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5123 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5124 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5125 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5126 ssid->disable_max_amsdu);
5127 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5128 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5129 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 5130 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 5131 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
cdeea70f
SM		 5132 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5133 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
d41cc8cc
JM		 5134
5135 if (ssid->ht40_intolerant) {
5bc28571 5136 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 5137 htcaps->ht_capabilities_info |= bit;
5138 htcaps_mask->ht_capabilities_info |= bit;
5139 }
80e8a5ee
BG		 5140}
5141
5142#endif /* CONFIG_HT_OVERRIDES */
5143
5144
e9ee8dc3
JB		 5145#ifdef CONFIG_VHT_OVERRIDES
5146void wpa_supplicant_apply_vht_overrides(
5147 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5148 struct wpa_driver_associate_params *params)
5149{
5150 struct ieee80211_vht_capabilities *vhtcaps;
5151 struct ieee80211_vht_capabilities *vhtcaps_mask;
5152
5153 if (!ssid)
5154 return;
5155
5156 params->disable_vht = ssid->disable_vht;
5157
5158 vhtcaps = (void *) params->vhtcaps;
5159 vhtcaps_mask = (void *) params->vhtcaps_mask;
5160
5161 if (!vhtcaps || !vhtcaps_mask)
5162 return;
5163
4d8d710f
JM		 5164 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5165 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 5166
4f560cde 5167#ifdef CONFIG_HT_OVERRIDES
fd83a808
BG		 5168 if (ssid->disable_sgi) {
5169 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5170 VHT_CAP_SHORT_GI_160);
5171 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5172 VHT_CAP_SHORT_GI_160);
5173 wpa_msg(wpa_s, MSG_DEBUG,
5174 "disable-sgi override specified, vht-caps: 0x%x",
5175 vhtcaps->vht_capabilities_info);
5176 }
5177
4f560cde 5178 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 5179 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5180 int max_ampdu;
5181
5182 max_ampdu = (ssid->vht_capa &
5183 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5184 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 5185
5186 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5187 wpa_set_ampdu_factor(wpa_s,
5188 (void *) params->htcaps,
5189 (void *) params->htcaps_mask,
5190 max_ampdu);
5191 }
5192#endif /* CONFIG_HT_OVERRIDES */
5193
e9ee8dc3
JB		 5194#define OVERRIDE_MCS(i) \
5195 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5196 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 5197 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5198 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 5199 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5200 2 * (i - 1)); \
e9ee8dc3
JB		 5201 } \
5202 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5203 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 5204 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5205 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 5206 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5207 2 * (i - 1)); \
e9ee8dc3
JB		 5208 }
5209
5210 OVERRIDE_MCS(1);
5211 OVERRIDE_MCS(2);
5212 OVERRIDE_MCS(3);
5213 OVERRIDE_MCS(4);
5214 OVERRIDE_MCS(5);
5215 OVERRIDE_MCS(6);
5216 OVERRIDE_MCS(7);
5217 OVERRIDE_MCS(8);
5218}
5219#endif /* CONFIG_VHT_OVERRIDES */
5220
5221
f64adcd7
JM		 5222static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5223{
5224#ifdef PCSC_FUNCS
5225 size_t len;
5226
5227 if (!wpa_s->conf->pcsc_reader)
5228 return 0;
5229
22cf7d73 5230 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 5231 if (!wpa_s->scard)
5232 return 1;
5233
5234 if (wpa_s->conf->pcsc_pin &&
5235 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5236 scard_deinit(wpa_s->scard);
5237 wpa_s->scard = NULL;
5238 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5239 return -1;
5240 }
5241
5242 len = sizeof(wpa_s->imsi) - 1;
5243 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5244 scard_deinit(wpa_s->scard);
5245 wpa_s->scard = NULL;
5246 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5247 return -1;
5248 }
5249 wpa_s->imsi[len] = '\0';
5250
5251 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5252
5253 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5254 wpa_s->imsi, wpa_s->mnc_len);
5255
5256 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5257 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5258#endif /* PCSC_FUNCS */
5259
5260 return 0;
5261}
5262
5263
306ae225
JM		 5264int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5265{
5266 char *val, *pos;
5267
5268 ext_password_deinit(wpa_s->ext_pw);
5269 wpa_s->ext_pw = NULL;
5270 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5271
5272 if (!wpa_s->conf->ext_password_backend)
5273 return 0;
5274
5275 val = os_strdup(wpa_s->conf->ext_password_backend);
5276 if (val == NULL)
5277 return -1;
5278 pos = os_strchr(val, ':');
5279 if (pos)
5280 *pos++ = '\0';
5281
5282 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5283
5284 wpa_s->ext_pw = ext_password_init(val, pos);
5285 os_free(val);
5286 if (wpa_s->ext_pw == NULL) {
5287 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5288 return -1;
5289 }
5290 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5291
5292 return 0;
5293}
5294
5295
b36a3a65
AN		 5296#ifdef CONFIG_FST
5297
5298static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5299{
5300 struct wpa_supplicant *wpa_s = ctx;
5301
5302 return (is_zero_ether_addr(wpa_s->bssid) ||
5303 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5304}
5305
5306
5307static void wpas_fst_get_channel_info_cb(void *ctx,
5308 enum hostapd_hw_mode *hw_mode,
5309 u8 *channel)
5310{
5311 struct wpa_supplicant *wpa_s = ctx;
5312
5313 if (wpa_s->current_bss) {
5314 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5315 channel);
5316 } else if (wpa_s->hw.num_modes) {
5317 *hw_mode = wpa_s->hw.modes[0].mode;
5318 } else {
5319 WPA_ASSERT(0);
5320 *hw_mode = 0;
5321 }
5322}
5323
5324
5325static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5326{
5327 struct wpa_supplicant *wpa_s = ctx;
5328
5329 *modes = wpa_s->hw.modes;
5330 return wpa_s->hw.num_modes;
5331}
5332
5333
84bcb4e7 5334static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 5335{
5336 struct wpa_supplicant *wpa_s = ctx;
5337
b7a07937 5338 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 5339 wpa_s->fst_ies = fst_ies;
5340}
5341
5342
5343static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5344{
5345 struct wpa_supplicant *wpa_s = ctx;
5346
0da35523
JM		 5347 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5348 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5349 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5350 return -1;
5351 }
b36a3a65 5352 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 5353 wpa_s->own_addr, wpa_s->bssid,
5354 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 5355 0);
5356}
5357
5358
a0f04da5 5359static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 5360{
5361 struct wpa_supplicant *wpa_s = ctx;
5362
5363 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5364 return wpa_s->received_mb_ies;
5365}
5366
5367
5368static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5369 const u8 *buf, size_t size)
5370{
5371 struct wpa_supplicant *wpa_s = ctx;
5372 struct mb_ies_info info;
5373
5374 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5375
5376 if (!mb_ies_info_by_ies(&info, buf, size)) {
5377 wpabuf_free(wpa_s->received_mb_ies);
5378 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5379 }
5380}
5381
5382
39cdd3a0
JM		 5383static const u8 * wpas_fst_get_peer_first(void *ctx,
5384 struct fst_get_peer_ctx **get_ctx,
5385 Boolean mb_only)
b36a3a65
AN		 5386{
5387 struct wpa_supplicant *wpa_s = ctx;
5388
5389 *get_ctx = NULL;
5390 if (!is_zero_ether_addr(wpa_s->bssid))
5391 return (wpa_s->received_mb_ies || !mb_only) ?
5392 wpa_s->bssid : NULL;
5393 return NULL;
5394}
5395
5396
39cdd3a0
JM		 5397static const u8 * wpas_fst_get_peer_next(void *ctx,
5398 struct fst_get_peer_ctx **get_ctx,
5399 Boolean mb_only)
b36a3a65
AN		 5400{
5401 return NULL;
5402}
5403
5404void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5405 struct fst_wpa_obj *iface_obj)
5406{
5407 iface_obj->ctx = wpa_s;
5408 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5409 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5410 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5411 iface_obj->set_ies = wpas_fst_set_ies_cb;
5412 iface_obj->send_action = wpas_fst_send_action_cb;
5413 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5414 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5415 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5416 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5417}
5418#endif /* CONFIG_FST */
5419
a520bf4a 5420static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 5421 const struct wpa_driver_capa *capa)
e4fa8b12 5422{
88cb27c7
DS		 5423 struct wowlan_triggers *triggers;
5424 int ret = 0;
e4fa8b12
EP		 5425
5426 if (!wpa_s->conf->wowlan_triggers)
5427 return 0;
5428
88cb27c7
DS		 5429 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5430 if (triggers) {
5431 ret = wpa_drv_wowlan(wpa_s, triggers);
5432 os_free(triggers);
e4fa8b12 5433 }
e4fa8b12
EP		 5434 return ret;
5435}
5436
5437
2b6e9f91 5438enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 5439{
5440 if (freq < 3000)
5441 return BAND_2_4_GHZ;
5442 if (freq > 50000)
5443 return BAND_60_GHZ;
5444 return BAND_5_GHZ;
5445}
5446
5447
2b6e9f91 5448unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 5449{
5450 int i;
5451 unsigned int band = 0;
5452
5453 if (freqs) {
5454 /* freqs are specified for the radio work */
5455 for (i = 0; freqs[i]; i++)
5456 band |= wpas_freq_to_band(freqs[i]);
5457 } else {
5458 /*
5459 * freqs are not specified, implies all
5460 * the supported freqs by HW
5461 */
5462 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5463 if (wpa_s->hw.modes[i].num_channels != 0) {
5464 if (wpa_s->hw.modes[i].mode ==
5465 HOSTAPD_MODE_IEEE80211B ||
5466 wpa_s->hw.modes[i].mode ==
5467 HOSTAPD_MODE_IEEE80211G)
5468 band |= BAND_2_4_GHZ;
5469 else if (wpa_s->hw.modes[i].mode ==
5470 HOSTAPD_MODE_IEEE80211A)
5471 band |= BAND_5_GHZ;
5472 else if (wpa_s->hw.modes[i].mode ==
5473 HOSTAPD_MODE_IEEE80211AD)
5474 band |= BAND_60_GHZ;
5475 else if (wpa_s->hw.modes[i].mode ==
5476 HOSTAPD_MODE_IEEE80211ANY)
5477 band = BAND_2_4_GHZ | BAND_5_GHZ |
5478 BAND_60_GHZ;
5479 }
5480 }
5481 }
5482
5483 return band;
5484}
5485
5486
202dec2a
JM		 5487static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5488 const char *rn)
5489{
5490 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5491 struct wpa_radio *radio;
5492
5493 while (rn && iface) {
5494 radio = iface->radio;
5495 if (radio && os_strcmp(rn, radio->name) == 0) {
5496 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5497 wpa_s->ifname, rn);
5498 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5499 return radio;
5500 }
b154a24e
TB		 5501
5502 iface = iface->next;
202dec2a
JM		 5503 }
5504
5505 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5506 wpa_s->ifname, rn ? rn : "N/A");
5507 radio = os_zalloc(sizeof(*radio));
5508 if (radio == NULL)
5509 return NULL;
5510
5511 if (rn)
5512 os_strlcpy(radio->name, rn, sizeof(radio->name));
5513 dl_list_init(&radio->ifaces);
b1ae396f 5514 dl_list_init(&radio->work);
202dec2a
JM		 5515 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5516
5517 return radio;
5518}
5519
5520
b1ae396f
JM		 5521static void radio_work_free(struct wpa_radio_work *work)
5522{
d12a51b5
JM		 5523 if (work->wpa_s->scan_work == work) {
5524 /* This should not really happen. */
5525 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5526 work->type, work, work->started);
5527 work->wpa_s->scan_work = NULL;
5528 }
5529
1b5d4714
JM		 5530#ifdef CONFIG_P2P
5531 if (work->wpa_s->p2p_scan_work == work) {
5532 /* This should not really happen. */
5533 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5534 work->type, work, work->started);
5535 work->wpa_s->p2p_scan_work = NULL;
5536 }
5537#endif /* CONFIG_P2P */
5538
e903d32d
KV		 5539 if (work->started) {
5540 work->wpa_s->radio->num_active_works--;
5541 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 5542 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 5543 work->type, work,
5544 work->wpa_s->radio->num_active_works);
5545 }
5546
b1ae396f
JM		 5547 dl_list_del(&work->list);
5548 os_free(work);
5549}
5550
5551
4c6f450c
JM		 5552static int radio_work_is_connect(struct wpa_radio_work *work)
5553{
5554 return os_strcmp(work->type, "sme-connect") == 0 ||
5555 os_strcmp(work->type, "connect") == 0;
5556}
5557
5558
85b6b6b6
SD		 5559static int radio_work_is_scan(struct wpa_radio_work *work)
5560{
5561 return os_strcmp(work->type, "scan") == 0 ||
5562 os_strcmp(work->type, "p2p-scan") == 0;
5563}
5564
5565
e903d32d
KV		 5566static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5567{
5568 struct wpa_radio_work *active_work = NULL;
5569 struct wpa_radio_work *tmp;
5570
5571 /* Get the active work to know the type and band. */
5572 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5573 if (tmp->started) {
5574 active_work = tmp;
5575 break;
5576 }
5577 }
5578
5579 if (!active_work) {
5580 /* No active work, start one */
5581 radio->num_active_works = 0;
5582 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5583 list) {
5584 if (os_strcmp(tmp->type, "scan") == 0 &&
5585 radio->external_scan_running &&
5586 (((struct wpa_driver_scan_params *)
5587 tmp->ctx)->only_new_results ||
5588 tmp->wpa_s->clear_driver_scan_cache))
5589 continue;
5590 return tmp;
5591 }
5592 return NULL;
5593 }
5594
4c6f450c 5595 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 5596 /*
5597 * If the active work is either connect or sme-connect,
5598 * do not parallelize them with other radio works.
5599 */
5600 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5601 "Do not parallelize radio work with %s",
5602 active_work->type);
5603 return NULL;
5604 }
5605
5606 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5607 if (tmp->started)
5608 continue;
5609
5610 /*
5611 * If connect or sme-connect are enqueued, parallelize only
5612 * those operations ahead of them in the queue.
5613 */
4c6f450c 5614 if (radio_work_is_connect(tmp))
e903d32d
KV		 5615 break;
5616
85b6b6b6
SD		 5617 /* Serialize parallel scan and p2p_scan operations on the same
5618 * interface since the driver_nl80211 mechanism for tracking
5619 * scan cookies does not yet have support for this. */
5620 if (active_work->wpa_s == tmp->wpa_s &&
5621 radio_work_is_scan(active_work) &&
5622 radio_work_is_scan(tmp)) {
5623 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5624 "Do not start work '%s' when another work '%s' is already scheduled",
5625 tmp->type, active_work->type);
5626 continue;
5627 }
e903d32d
KV		 5628 /*
5629 * Check that the radio works are distinct and
5630 * on different bands.
5631 */
5632 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5633 (active_work->bands != tmp->bands)) {
5634 /*
5635 * If a scan has to be scheduled through nl80211 scan
5636 * interface and if an external scan is already running,
5637 * do not schedule the scan since it is likely to get
5638 * rejected by kernel.
5639 */
5640 if (os_strcmp(tmp->type, "scan") == 0 &&
5641 radio->external_scan_running &&
5642 (((struct wpa_driver_scan_params *)
5643 tmp->ctx)->only_new_results ||
5644 tmp->wpa_s->clear_driver_scan_cache))
5645 continue;
5646
5647 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5648 "active_work:%s new_work:%s",
5649 active_work->type, tmp->type);
5650 return tmp;
5651 }
5652 }
5653
5654 /* Did not find a radio work to schedule in parallel. */
5655 return NULL;
5656}
5657
5658
b1ae396f
JM		 5659static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5660{
5661 struct wpa_radio *radio = eloop_ctx;
5662 struct wpa_radio_work *work;
5663 struct os_reltime now, diff;
6428d0a7 5664 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 5665
5666 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 5667 if (work == NULL) {
5668 radio->num_active_works = 0;
b1ae396f 5669 return;
e903d32d 5670 }
b1ae396f 5671
6428d0a7
JM		 5672 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5673 radio_list);
e903d32d
KV		 5674
5675 if (!(wpa_s &&
5676 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5677 if (work->started)
5678 return; /* already started and still in progress */
5679
5680 if (wpa_s && wpa_s->radio->external_scan_running) {
5681 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5682 return;
5683 }
5684 } else {
5685 work = NULL;
5686 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5687 /* get the work to schedule next */
5688 work = radio_work_get_next_work(radio);
5689 }
5690 if (!work)
5691 return;
6428d0a7
JM		 5692 }
5693
e903d32d 5694 wpa_s = work->wpa_s;
b1ae396f
JM		 5695 os_get_reltime(&now);
5696 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5697 wpa_dbg(wpa_s, MSG_DEBUG,
5698 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5699 work->type, work, diff.sec, diff.usec);
5700 work->started = 1;
5701 work->time = now;
e903d32d
KV		 5702 radio->num_active_works++;
5703
b1ae396f 5704 work->cb(work, 0);
e903d32d
KV		 5705
5706 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5707 radio->num_active_works < MAX_ACTIVE_WORKS)
5708 radio_work_check_next(wpa_s);
b1ae396f
JM		 5709}
5710
5711
b3253ebb
AO		 5712/*
5713 * This function removes both started and pending radio works running on
5714 * the provided interface's radio.
5715 * Prior to the removal of the radio work, its callback (cb) is called with
5716 * deinit set to be 1. Each work's callback is responsible for clearing its
5717 * internal data and restoring to a correct state.
5718 * @wpa_s: wpa_supplicant data
5719 * @type: type of works to be removed
5720 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5721 * this interface's works.
5722 */
5723void radio_remove_works(struct wpa_supplicant *wpa_s,
5724 const char *type, int remove_all)
b1ae396f
JM		 5725{
5726 struct wpa_radio_work *work, *tmp;
5727 struct wpa_radio *radio = wpa_s->radio;
5728
5729 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5730 list) {
b3253ebb 5731 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5732 continue;
b3253ebb
AO		 5733
5734 /* skip other ifaces' works */
5735 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5736 continue;
b3253ebb
AO		 5737
5738 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5739 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5740 work->cb(work, 1);
5741 radio_work_free(work);
5742 }
b3253ebb
AO		 5743
5744 /* in case we removed the started work */
5745 radio_work_check_next(wpa_s);
b1ae396f
JM		 5746}
5747
5748
6a252ece
JM		 5749void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5750{
5751 struct wpa_radio_work *work;
5752 struct wpa_radio *radio = wpa_s->radio;
5753
5754 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5755 if (work->ctx != ctx)
5756 continue;
5757 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5758 work->type, work, work->started ? " (started)" : "");
5759 radio_work_free(work);
5760 break;
5761 }
5762}
5763
5764
202dec2a
JM		 5765static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5766{
5767 struct wpa_radio *radio = wpa_s->radio;
5768
5769 if (!radio)
5770 return;
5771
5772 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5773 wpa_s->ifname, radio->name);
5774 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5775 radio_remove_works(wpa_s, NULL, 0);
5776 wpa_s->radio = NULL;
5777 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5778 return; /* Interfaces remain for this radio */
5779
5780 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5781 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5782 os_free(radio);
5783}
5784
5785
6428d0a7 5786void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5787{
5788 struct wpa_radio *radio = wpa_s->radio;
5789
5790 if (dl_list_empty(&radio->work))
5791 return;
e3745228
JM		 5792 if (wpa_s->ext_work_in_progress) {
5793 wpa_printf(MSG_DEBUG,
5794 "External radio work in progress - delay start of pending item");
5795 return;
5796 }
b1ae396f
JM		 5797 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5798 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5799}
5800
5801
5802/**
5803 * radio_add_work - Add a radio work item
5804 * @wpa_s: Pointer to wpa_supplicant data
5805 * @freq: Frequency of the offchannel operation in MHz or 0
5806 * @type: Unique identifier for each type of work
5807 * @next: Force as the next work to be executed
5808 * @cb: Callback function for indicating when radio is available
5809 * @ctx: Context pointer for the work (work->ctx in cb())
5810 * Returns: 0 on success, -1 on failure
5811 *
5812 * This function is used to request time for an operation that requires
5813 * exclusive radio control. Once the radio is available, the registered callback
5814 * function will be called. radio_work_done() must be called once the exclusive
5815 * radio operation has been completed, so that the radio is freed for other
5816 * operations. The special case of deinit=1 is used to free the context data
5817 * during interface removal. That does not allow the callback function to start
5818 * the radio operation, i.e., it must free any resources allocated for the radio
5819 * work and return.
5820 *
5821 * The @freq parameter can be used to indicate a single channel on which the
5822 * offchannel operation will occur. This may allow multiple radio work
5823 * operations to be performed in parallel if they apply for the same channel.
5824 * Setting this to 0 indicates that the work item may use multiple channels or
5825 * requires exclusive control of the radio.
5826 */
5827int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5828 const char *type, int next,
5829 void (*cb)(struct wpa_radio_work *work, int deinit),
5830 void *ctx)
5831{
e903d32d 5832 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5833 struct wpa_radio_work *work;
5834 int was_empty;
5835
5836 work = os_zalloc(sizeof(*work));
5837 if (work == NULL)
5838 return -1;
5839 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5840 os_get_reltime(&work->time);
5841 work->freq = freq;
5842 work->type = type;
5843 work->wpa_s = wpa_s;
5844 work->cb = cb;
5845 work->ctx = ctx;
5846
e903d32d
KV		 5847 if (freq)
5848 work->bands = wpas_freq_to_band(freq);
5849 else if (os_strcmp(type, "scan") == 0 ||
5850 os_strcmp(type, "p2p-scan") == 0)
5851 work->bands = wpas_get_bands(wpa_s,
5852 ((struct wpa_driver_scan_params *)
5853 ctx)->freqs);
5854 else
5855 work->bands = wpas_get_bands(wpa_s, NULL);
5856
b1ae396f
JM		 5857 was_empty = dl_list_empty(&wpa_s->radio->work);
5858 if (next)
5859 dl_list_add(&wpa_s->radio->work, &work->list);
5860 else
5861 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5862 if (was_empty) {
5863 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5864 radio_work_check_next(wpa_s);
e903d32d
KV		 5865 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5866 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5867 wpa_dbg(wpa_s, MSG_DEBUG,
5868 "Try to schedule a radio work (num_active_works=%u)",
5869 radio->num_active_works);
5870 radio_work_check_next(wpa_s);
b1ae396f
JM		 5871 }
5872
5873 return 0;
5874}
5875
5876
5877/**
5878 * radio_work_done - Indicate that a radio work item has been completed
5879 * @work: Completed work
5880 *
5881 * This function is called once the callback function registered with
5882 * radio_add_work() has completed its work.
5883 */
5884void radio_work_done(struct wpa_radio_work *work)
5885{
5886 struct wpa_supplicant *wpa_s = work->wpa_s;
5887 struct os_reltime now, diff;
1f965e62 5888 unsigned int started = work->started;
b1ae396f
JM		 5889
5890 os_get_reltime(&now);
5891 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5892 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5893 work->type, work, started ? "done" : "canceled",
5894 diff.sec, diff.usec);
b1ae396f 5895 radio_work_free(work);
1f965e62
JM		 5896 if (started)
5897 radio_work_check_next(wpa_s);
b1ae396f
JM		 5898}
5899
5900
a7f5271d
JM		 5901struct wpa_radio_work *
5902radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5903{
5904 struct wpa_radio_work *work;
5905 struct wpa_radio *radio = wpa_s->radio;
5906
5907 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5908 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5909 return work;
f0e30c84
JM		 5910 }
5911
a7f5271d 5912 return NULL;
f0e30c84
JM		 5913}
5914
5915
73c00fd7 5916static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5917 const struct wpa_interface *iface)
73c00fd7 5918{
202dec2a 5919 const char *ifname, *driver, *rn;
73c00fd7
JM		 5920
5921 driver = iface->driver;
5922next_driver:
5923 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5924 return -1;
5925
5926 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5927 if (wpa_s->drv_priv == NULL) {
5928 const char *pos;
5929 pos = driver ? os_strchr(driver, ',') : NULL;
5930 if (pos) {
5931 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5932 "driver interface - try next driver wrapper");
5933 driver = pos + 1;
5934 goto next_driver;
5935 }
5936 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5937 "interface");
5938 return -1;
5939 }
5940 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5941 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5942 "driver_param '%s'", wpa_s->conf->driver_param);
5943 return -1;
5944 }
5945
5946 ifname = wpa_drv_get_ifname(wpa_s);
5947 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5948 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5949 "interface name with '%s'", ifname);
5950 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5951 }
5952
95bf699f 5953 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5954 if (rn && rn[0] == '\0')
5955 rn = NULL;
5956
5957 wpa_s->radio = radio_add_interface(wpa_s, rn);
5958 if (wpa_s->radio == NULL)
5959 return -1;
5960
73c00fd7
JM		 5961 return 0;
5962}
5963
5964
461d39af
JM		 5965#ifdef CONFIG_GAS_SERVER
5966
5967static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5968 unsigned int freq, const u8 *dst,
5969 const u8 *src, const u8 *bssid,
5970 const u8 *data, size_t data_len,
5971 enum offchannel_send_action_result result)
5972{
5973 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5974 " result=%s",
5975 freq, MAC2STR(dst),
5976 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5977 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5978 "FAILED"));
5979 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5980 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5981}
5982
5983
5984static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5985 struct wpabuf *buf, unsigned int wait_time)
5986{
5987 struct wpa_supplicant *wpa_s = ctx;
5988 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5989
5990 if (wait_time > wpa_s->max_remain_on_chan)
5991 wait_time = wpa_s->max_remain_on_chan;
5992
5993 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5994 wpabuf_head(buf), wpabuf_len(buf),
5995 wait_time, wpas_gas_server_tx_status, 0);
5996}
5997
5998#endif /* CONFIG_GAS_SERVER */
5999
6fc6879b 6000static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 6001 const struct wpa_interface *iface)
6fc6879b 6002{
362f781e 6003 struct wpa_driver_capa capa;
6cbdb0c5 6004 int capa_res;
aa56e36d 6005 u8 dfs_domain;
362f781e 6006
6fc6879b
JM		 6007 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
6008 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
6009 iface->confname ? iface->confname : "N/A",
6010 iface->driver ? iface->driver : "default",
6011 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
6012 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
6013
6fc6879b
JM		 6014 if (iface->confname) {
6015#ifdef CONFIG_BACKEND_FILE
6016 wpa_s->confname = os_rel2abs_path(iface->confname);
6017 if (wpa_s->confname == NULL) {
6018 wpa_printf(MSG_ERROR, "Failed to get absolute path "
6019 "for configuration file '%s'.",
6020 iface->confname);
6021 return -1;
6022 }
6023 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
6024 iface->confname, wpa_s->confname);
6025#else /* CONFIG_BACKEND_FILE */
6026 wpa_s->confname = os_strdup(iface->confname);
6027#endif /* CONFIG_BACKEND_FILE */
e6304cad 6028 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 6029 if (wpa_s->conf == NULL) {
6030 wpa_printf(MSG_ERROR, "Failed to read or parse "
6031 "configuration '%s'.", wpa_s->confname);
6032 return -1;
6033 }
e6304cad 6034 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 6035 if (wpa_s->confanother &&
6036 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6037 wpa_printf(MSG_ERROR,
6038 "Failed to read or parse configuration '%s'.",
6039 wpa_s->confanother);
6040 return -1;
6041 }
6fc6879b
JM		 6042
6043 /*
6044 * Override ctrl_interface and driver_param if set on command
6045 * line.
6046 */
6047 if (iface->ctrl_interface) {
6048 os_free(wpa_s->conf->ctrl_interface);
6049 wpa_s->conf->ctrl_interface =
6050 os_strdup(iface->ctrl_interface);
6051 }
6052
6053 if (iface->driver_param) {
6054 os_free(wpa_s->conf->driver_param);
6055 wpa_s->conf->driver_param =
6056 os_strdup(iface->driver_param);
6057 }
78f79fe5
JM		 6058
6059 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6060 os_free(wpa_s->conf->ctrl_interface);
6061 wpa_s->conf->ctrl_interface = NULL;
6062 }
6fc6879b
JM		 6063 } else
6064 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6065 iface->driver_param);
6066
6067 if (wpa_s->conf == NULL) {
6068 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6069 return -1;
6070 }
6071
6072 if (iface->ifname == NULL) {
6073 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6074 return -1;
6075 }
6076 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6077 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6078 iface->ifname);
6079 return -1;
6080 }
6081 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6082
6083 if (iface->bridge_ifname) {
6084 if (os_strlen(iface->bridge_ifname) >=
6085 sizeof(wpa_s->bridge_ifname)) {
6086 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6087 "name '%s'.", iface->bridge_ifname);
6088 return -1;
6089 }
6090 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6091 sizeof(wpa_s->bridge_ifname));
6092 }
6093
6fc6879b
JM		 6094 /* RSNA Supplicant Key Management - INITIALIZE */
6095 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
6096 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
6097
6098 /* Initialize driver interface and register driver event handler before
6099 * L2 receive handler so that association events are processed before
6100 * EAPOL-Key packets if both become available for the same select()
6101 * call. */
73c00fd7 6102 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 6103 return -1;
6104
6fc6879b
JM		 6105 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6106 return -1;
6107
6108 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6109 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6110 NULL);
6111 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6112
6113 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6114 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6115 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 6116 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6117 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 6118 return -1;
6119 }
6120
6121 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6122 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6123 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 6124 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 6125 "dot11RSNAConfigPMKReauthThreshold");
6126 return -1;
6127 }
6128
6129 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6130 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6131 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 6132 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6133 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 6134 return -1;
6135 }
6136
6bf731e8
CL		 6137 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6138 &wpa_s->hw.num_modes,
aa56e36d
VT		 6139 &wpa_s->hw.flags,
6140 &dfs_domain);
a1b790eb
JM		 6141 if (wpa_s->hw.modes) {
6142 u16 i;
6143
6144 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6145 if (wpa_s->hw.modes[i].vht_capab) {
6146 wpa_s->hw_capab = CAPAB_VHT;
6147 break;
6148 }
6149
6150 if (wpa_s->hw.modes[i].ht_capab &
6151 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6152 wpa_s->hw_capab = CAPAB_HT40;
6153 else if (wpa_s->hw.modes[i].ht_capab &&
6154 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6155 wpa_s->hw_capab = CAPAB_HT;
6156 }
6157 }
6bf731e8 6158
6cbdb0c5
JM		 6159 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6160 if (capa_res == 0) {
c58ab8f2 6161 wpa_s->drv_capa_known = 1;
814782b9 6162 wpa_s->drv_flags = capa.flags;
349493bd 6163 wpa_s->drv_enc = capa.enc;
f936b73c 6164 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 6165 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 6166 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 6167 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 6168 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6169 wpa_s->max_sched_scan_plan_interval =
6170 capa.max_sched_scan_plan_interval;
6171 wpa_s->max_sched_scan_plan_iterations =
6172 capa.max_sched_scan_plan_iterations;
cbdf3507 6173 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 6174 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 6175 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 6176 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 6177 wpa_s->extended_capa = capa.extended_capa;
6178 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6179 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 6180 wpa_s->num_multichan_concurrent =
6181 capa.num_multichan_concurrent;
471cd6e1 6182 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 6183
6184 if (capa.mac_addr_rand_scan_supported)
6185 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6186 if (wpa_s->sched_scan_supported &&
6187 capa.mac_addr_rand_sched_scan_supported)
6188 wpa_s->mac_addr_rand_supported |=
6189 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
2a93ecc8
JM		 6190
6191 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6192 if (wpa_s->extended_capa &&
6193 wpa_s->extended_capa_len >= 3 &&
6194 wpa_s->extended_capa[2] & 0x40)
6195 wpa_s->multi_bss_support = 1;
814782b9
JM		 6196 }
6197 if (wpa_s->max_remain_on_chan == 0)
6198 wpa_s->max_remain_on_chan = 1000;
6199
c68f6200
AS		 6200 /*
6201 * Only take p2p_mgmt parameters when P2P Device is supported.
6202 * Doing it here as it determines whether l2_packet_init() will be done
6203 * during wpa_supplicant_driver_init().
6204 */
6205 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6206 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 6207
4752147d
IP		 6208 if (wpa_s->num_multichan_concurrent == 0)
6209 wpa_s->num_multichan_concurrent = 1;
6210
6fc6879b
JM		 6211 if (wpa_supplicant_driver_init(wpa_s) < 0)
6212 return -1;
6213
281ff0aa 6214#ifdef CONFIG_TDLS
8fb2b357 6215 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 6216 return -1;
6217#endif /* CONFIG_TDLS */
6218
315ce40a
JM		 6219 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6220 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 6221 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 6222 return -1;
6223 }
6224
b36a3a65
AN		 6225#ifdef CONFIG_FST
6226 if (wpa_s->conf->fst_group_id) {
6227 struct fst_iface_cfg cfg;
6228 struct fst_wpa_obj iface_obj;
6229
6230 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6231 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6232 sizeof(cfg.group_id));
6233 cfg.priority = wpa_s->conf->fst_priority;
6234 cfg.llt = wpa_s->conf->fst_llt;
6235
6236 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6237 &iface_obj, &cfg);
6238 if (!wpa_s->fst) {
6239 wpa_msg(wpa_s, MSG_ERROR,
6240 "FST: Cannot attach iface %s to group %s",
6241 wpa_s->ifname, cfg.group_id);
6242 return -1;
6243 }
6244 }
6245#endif /* CONFIG_FST */
6246
116654ce
JM		 6247 if (wpas_wps_init(wpa_s))
6248 return -1;
6249
461d39af
JM		 6250#ifdef CONFIG_GAS_SERVER
6251 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6252 if (!wpa_s->gas_server) {
6253 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6254 return -1;
6255 }
6256#endif /* CONFIG_GAS_SERVER */
6257
be27e185
JM		 6258#ifdef CONFIG_DPP
6259 if (wpas_dpp_init(wpa_s) < 0)
6260 return -1;
6261#endif /* CONFIG_DPP */
6262
6fc6879b
JM		 6263 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6264 return -1;
6265 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6266
6267 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6268 if (wpa_s->ctrl_iface == NULL) {
6269 wpa_printf(MSG_ERROR,
6270 "Failed to initialize control interface '%s'.\n"
6271 "You may have another wpa_supplicant process "
6272 "already running or the file was\n"
6273 "left by an unclean termination of wpa_supplicant "
6274 "in which case you will need\n"
6275 "to manually remove this file before starting "
6276 "wpa_supplicant again.\n",
6277 wpa_s->conf->ctrl_interface);
6278 return -1;
6279 }
6280
04ea7b79
JM		 6281 wpa_s->gas = gas_query_init(wpa_s);
6282 if (wpa_s->gas == NULL) {
6283 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6284 return -1;
6285 }
6286
8fb2b357
VV		 6287 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6288 wpa_s->p2p_mgmt) &&
6289 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 6290 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 6291 return -1;
6292 }
b22128ef 6293
83922c2d
JM		 6294 if (wpa_bss_init(wpa_s) < 0)
6295 return -1;
83922c2d 6296
4d77d80e
MH		 6297#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6298#ifdef CONFIG_MESH
6299 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6300#endif /* CONFIG_MESH */
6301#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6302
e4fa8b12
EP		 6303 /*
6304 * Set Wake-on-WLAN triggers, if configured.
6305 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6306 * have effect anyway when the interface is down).
6307 */
6cbdb0c5 6308 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 6309 return -1;
6310
ec7b97ab
JM		 6311#ifdef CONFIG_EAP_PROXY
6312{
6313 size_t len;
b5db6e5d
VK		 6314 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6315 wpa_s->imsi, &len);
ec7b97ab
JM		 6316 if (wpa_s->mnc_len > 0) {
6317 wpa_s->imsi[len] = '\0';
6318 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6319 wpa_s->imsi, wpa_s->mnc_len);
6320 } else {
6321 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6322 }
6323}
6324#endif /* CONFIG_EAP_PROXY */
6325
f64adcd7
JM		 6326 if (pcsc_reader_init(wpa_s) < 0)
6327 return -1;
6328
306ae225
JM		 6329 if (wpas_init_ext_pw(wpa_s) < 0)
6330 return -1;
6331
b361d580
AK		 6332 wpas_rrm_reset(wpa_s);
6333
32c02261
AS		 6334 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6335
ca9968a0
JM		 6336#ifdef CONFIG_HS20
6337 hs20_init(wpa_s);
6338#endif /* CONFIG_HS20 */
92c6e2e3 6339#ifdef CONFIG_MBO
2e06cef8 6340 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
332aadb8
AP		 6341 if ((wpa_s->conf->oce & OCE_STA) &&
6342 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6343 wpa_s->enable_oce = OCE_STA;
6344 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6345 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6346 /* TODO: Need to add STA-CFON support */
6347 wpa_printf(MSG_ERROR,
6348 "OCE STA-CFON feature is not yet supported");
6349 }
6350 }
92c6e2e3
DS		 6351 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6352#endif /* CONFIG_MBO */
ca9968a0 6353
cc9985d1 6354 wpa_supplicant_set_default_scan_ies(wpa_s);
6355
6fc6879b
JM		 6356 return 0;
6357}
6358
6359
2ee055b3 6360static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 6361 int notify, int terminate)
6fc6879b 6362{
26fc96e8
JM		 6363 struct wpa_global *global = wpa_s->global;
6364 struct wpa_supplicant *iface, *prev;
6365
6366 if (wpa_s == wpa_s->parent)
6367 wpas_p2p_group_remove(wpa_s, "*");
6368
6369 iface = global->ifaces;
6370 while (iface) {
96a26ab7
LD		 6371 if (iface->p2pdev == wpa_s)
6372 iface->p2pdev = iface->parent;
26fc96e8
JM		 6373 if (iface == wpa_s || iface->parent != wpa_s) {
6374 iface = iface->next;
6375 continue;
6376 }
6377 wpa_printf(MSG_DEBUG,
6378 "Remove remaining child interface %s from parent %s",
6379 iface->ifname, wpa_s->ifname);
6380 prev = iface;
6381 iface = iface->next;
6382 wpa_supplicant_remove_iface(global, prev, terminate);
6383 }
6384
e679f140 6385 wpa_s->disconnected = 1;
6fc6879b 6386 if (wpa_s->drv_priv) {
02c21c02
ASB		 6387 /* Don't deauthenticate if WoWLAN is enabled */
6388 if (!wpa_drv_get_wowlan(wpa_s)) {
6389 wpa_supplicant_deauthenticate(
6390 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 6391
02c21c02
ASB		 6392 wpa_drv_set_countermeasures(wpa_s, 0);
6393 wpa_clear_keys(wpa_s, NULL);
6394 } else {
6395 wpa_msg(wpa_s, MSG_INFO,
6396 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6397 }
6fc6879b
JM		 6398 }
6399
8e56d189 6400 wpa_supplicant_cleanup(wpa_s);
bd10d938 6401 wpas_p2p_deinit_iface(wpa_s);
ab28911d 6402
1f965e62 6403 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 6404 radio_remove_interface(wpa_s);
6405
b36a3a65
AN		 6406#ifdef CONFIG_FST
6407 if (wpa_s->fst) {
6408 fst_detach(wpa_s->fst);
6409 wpa_s->fst = NULL;
6410 }
6411 if (wpa_s->received_mb_ies) {
6412 wpabuf_free(wpa_s->received_mb_ies);
6413 wpa_s->received_mb_ies = NULL;
6414 }
6415#endif /* CONFIG_FST */
6416
6fc6879b
JM		 6417 if (wpa_s->drv_priv)
6418 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 6419
6420 if (notify)
6421 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 6422
6423 if (terminate)
6424 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6425
6426 if (wpa_s->ctrl_iface) {
6427 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6428 wpa_s->ctrl_iface = NULL;
6429 }
6430
603a3f34
JL		 6431#ifdef CONFIG_MESH
6432 if (wpa_s->ifmsh) {
6433 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6434 wpa_s->ifmsh = NULL;
6435 }
6436#endif /* CONFIG_MESH */
6437
f0811516
DS		 6438 if (wpa_s->conf != NULL) {
6439 wpa_config_free(wpa_s->conf);
6440 wpa_s->conf = NULL;
6441 }
18e00b5e 6442
a80651d0 6443 os_free(wpa_s->ssids_from_scan_req);
16ef233b 6444 os_free(wpa_s->last_scan_freqs);
a80651d0 6445
18e00b5e 6446 os_free(wpa_s);
6fc6879b
JM		 6447}
6448
6449
2e997eec
RM		 6450#ifdef CONFIG_MATCH_IFACE
6451
6452/**
6453 * wpa_supplicant_match_iface - Match an interface description to a name
6454 * @global: Pointer to global data from wpa_supplicant_init()
6455 * @ifname: Name of the interface to match
6456 * Returns: Pointer to the created interface description or %NULL on failure
6457 */
6458struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6459 const char *ifname)
6460{
6461 int i;
6462 struct wpa_interface *iface, *miface;
6463
6464 for (i = 0; i < global->params.match_iface_count; i++) {
6465 miface = &global->params.match_ifaces[i];
6466 if (!miface->ifname ||
6467 fnmatch(miface->ifname, ifname, 0) == 0) {
6468 iface = os_zalloc(sizeof(*iface));
6469 if (!iface)
6470 return NULL;
6471 *iface = *miface;
6472 iface->ifname = ifname;
6473 return iface;
6474 }
6475 }
6476
6477 return NULL;
6478}
6479
6480
6481/**
6482 * wpa_supplicant_match_existing - Match existing interfaces
6483 * @global: Pointer to global data from wpa_supplicant_init()
6484 * Returns: 0 on success, -1 on failure
6485 */
6486static int wpa_supplicant_match_existing(struct wpa_global *global)
6487{
6488 struct if_nameindex *ifi, *ifp;
6489 struct wpa_supplicant *wpa_s;
6490 struct wpa_interface *iface;
6491
6492 ifp = if_nameindex();
6493 if (!ifp) {
6494 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6495 return -1;
6496 }
6497
6498 for (ifi = ifp; ifi->if_name; ifi++) {
6499 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6500 if (wpa_s)
6501 continue;
6502 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6503 if (iface) {
6504 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6505 os_free(iface);
6506 if (wpa_s)
6507 wpa_s->matched = 1;
6508 }
6509 }
6510
6511 if_freenameindex(ifp);
6512 return 0;
6513}
6514
6515#endif /* CONFIG_MATCH_IFACE */
6516
6517
6fc6879b
JM		 6518/**
6519 * wpa_supplicant_add_iface - Add a new network interface
6520 * @global: Pointer to global data from wpa_supplicant_init()
6521 * @iface: Interface configuration options
1772d348 6522 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 6523 * Returns: Pointer to the created interface or %NULL on failure
6524 *
6525 * This function is used to add new network interfaces for %wpa_supplicant.
6526 * This can be called before wpa_supplicant_run() to add interfaces before the
6527 * main event loop has been started. In addition, new interfaces can be added
6528 * dynamically while %wpa_supplicant is already running. This could happen,
6529 * e.g., when a hotplug network adapter is inserted.
6530 */
6531struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 6532 struct wpa_interface *iface,
6533 struct wpa_supplicant *parent)
6fc6879b
JM		 6534{
6535 struct wpa_supplicant *wpa_s;
d27df100 6536 struct wpa_interface t_iface;
8e56d189 6537 struct wpa_ssid *ssid;
6fc6879b
JM		 6538
6539 if (global == NULL || iface == NULL)
6540 return NULL;
6541
1772d348 6542 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 6543 if (wpa_s == NULL)
6544 return NULL;
6545
d8222ae3
JM		 6546 wpa_s->global = global;
6547
d27df100
JM		 6548 t_iface = *iface;
6549 if (global->params.override_driver) {
6550 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6551 "('%s' -> '%s')",
6552 iface->driver, global->params.override_driver);
6553 t_iface.driver = global->params.override_driver;
6554 }
6555 if (global->params.override_ctrl_interface) {
6556 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6557 "ctrl_interface ('%s' -> '%s')",
6558 iface->ctrl_interface,
6559 global->params.override_ctrl_interface);
6560 t_iface.ctrl_interface =
6561 global->params.override_ctrl_interface;
6562 }
6563 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 6564 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6565 iface->ifname);
df509539 6566 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 6567 return NULL;
6568 }
6569
21efc940
TB		 6570 if (iface->p2p_mgmt == 0) {
6571 /* Notify the control interfaces about new iface */
6572 if (wpas_notify_iface_added(wpa_s)) {
6573 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6574 return NULL;
6575 }
1bd3f426 6576
21efc940
TB		 6577 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6578 wpas_notify_network_added(wpa_s, ssid);
6579 }
8e56d189 6580
6fc6879b
JM		 6581 wpa_s->next = global->ifaces;
6582 global->ifaces = wpa_s;
6583
f049052b 6584 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 6585 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 6586
c3c4b3ed
JM		 6587#ifdef CONFIG_P2P
6588 if (wpa_s->global->p2p == NULL &&
74802c09 6589 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 6590 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 6591 wpas_p2p_add_p2pdev_interface(
6592 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 6593 wpa_printf(MSG_INFO,
6594 "P2P: Failed to enable P2P Device interface");
6595 /* Try to continue without. P2P will be disabled. */
6596 }
6597#endif /* CONFIG_P2P */
6598
6fc6879b
JM		 6599 return wpa_s;
6600}
6601
6602
6603/**
6604 * wpa_supplicant_remove_iface - Remove a network interface
6605 * @global: Pointer to global data from wpa_supplicant_init()
6606 * @wpa_s: Pointer to the network interface to be removed
6607 * Returns: 0 if interface was removed, -1 if interface was not found
6608 *
6609 * This function can be used to dynamically remove network interfaces from
6610 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6611 * addition, this function is used to remove all remaining interfaces when
6612 * %wpa_supplicant is terminated.
6613 */
6614int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 6615 struct wpa_supplicant *wpa_s,
6616 int terminate)
6fc6879b
JM		 6617{
6618 struct wpa_supplicant *prev;
5b78493f
MH		 6619#ifdef CONFIG_MESH
6620 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6621 char *ifname = NULL;
9b170991 6622 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 6623#endif /* CONFIG_MESH */
6fc6879b
JM		 6624
6625 /* Remove interface from the global list of interfaces */
6626 prev = global->ifaces;
6627 if (prev == wpa_s) {
6628 global->ifaces = wpa_s->next;
6629 } else {
6630 while (prev && prev->next != wpa_s)
6631 prev = prev->next;
6632 if (prev == NULL)
6633 return -1;
6634 prev->next = wpa_s->next;
6635 }
6636
f049052b 6637 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 6638
5b78493f
MH		 6639#ifdef CONFIG_MESH
6640 if (mesh_if_created) {
6641 ifname = os_strdup(wpa_s->ifname);
6642 if (ifname == NULL) {
6643 wpa_dbg(wpa_s, MSG_ERROR,
6644 "mesh: Failed to malloc ifname");
6645 return -1;
6646 }
6647 }
6648#endif /* CONFIG_MESH */
6649
b22128ef
JM		 6650 if (global->p2p_group_formation == wpa_s)
6651 global->p2p_group_formation = NULL;
dbca75f8
JM		 6652 if (global->p2p_invite_group == wpa_s)
6653 global->p2p_invite_group = NULL;
df509539 6654 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 6655
5b78493f
MH		 6656#ifdef CONFIG_MESH
6657 if (mesh_if_created) {
9b170991 6658 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 6659 os_free(ifname);
6660 }
6661#endif /* CONFIG_MESH */
6662
6fc6879b
JM		 6663 return 0;
6664}
6665
6666
cf83fb0b
PS		 6667/**
6668 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6669 * @wpa_s: Pointer to the network interface
6670 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6671 */
6672const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6673{
6674 const char *eapol_method;
6675
6676 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6677 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6678 return "NO-EAP";
6679 }
6680
6681 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6682 if (eapol_method == NULL)
6683 return "UNKNOWN-EAP";
6684
6685 return eapol_method;
6686}
6687
6688
6fc6879b
JM		 6689/**
6690 * wpa_supplicant_get_iface - Get a new network interface
6691 * @global: Pointer to global data from wpa_supplicant_init()
6692 * @ifname: Interface name
6693 * Returns: Pointer to the interface or %NULL if not found
6694 */
6695struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6696 const char *ifname)
6697{
6698 struct wpa_supplicant *wpa_s;
6699
6700 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6701 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6702 return wpa_s;
6703 }
6704 return NULL;
6705}
6706
6707
50b16da1 6708#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6709static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6710{
6711 struct wpa_supplicant *wpa_s = ctx;
6712 if (wpa_s == NULL)
6713 return NULL;
6714 return wpa_s->ifname;
6715}
50b16da1 6716#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6717
6718
8c0d0ff2
JM		 6719#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6720#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6721#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6722
6723/* Periodic cleanup tasks */
6724static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6725{
6726 struct wpa_global *global = eloop_ctx;
6727 struct wpa_supplicant *wpa_s;
6728
6729 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6730 wpas_periodic, global, NULL);
6731
6732#ifdef CONFIG_P2P
6733 if (global->p2p)
6734 p2p_expire_peers(global->p2p);
6735#endif /* CONFIG_P2P */
6736
3188aaba 6737 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6738 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6739#ifdef CONFIG_AP
6740 ap_periodic(wpa_s);
6741#endif /* CONFIG_AP */
6742 }
8c0d0ff2
JM		 6743}
6744
6745
6fc6879b
JM		 6746/**
6747 * wpa_supplicant_init - Initialize %wpa_supplicant
6748 * @params: Parameters for %wpa_supplicant
6749 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6750 *
6751 * This function is used to initialize %wpa_supplicant. After successful
6752 * initialization, the returned data pointer can be used to add and remove
6753 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6754 */
6755struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6756{
6757 struct wpa_global *global;
ac305589 6758 int ret, i;
6fc6879b
JM		 6759
6760 if (params == NULL)
6761 return NULL;
6762
39e7d718
JM		 6763#ifdef CONFIG_DRIVER_NDIS
6764 {
6765 void driver_ndis_init_ops(void);
6766 driver_ndis_init_ops();
6767 }
6768#endif /* CONFIG_DRIVER_NDIS */
6769
50b16da1 6770#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6771 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6772#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6773
f4637fe0
JM		 6774 if (params->wpa_debug_file_path)
6775 wpa_debug_open_file(params->wpa_debug_file_path);
53661e3a 6776 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
f4637fe0 6777 wpa_debug_setup_stdout();
daa70d49
SL		 6778 if (params->wpa_debug_syslog)
6779 wpa_debug_open_syslog();
4f68895e
JB		 6780 if (params->wpa_debug_tracing) {
6781 ret = wpa_debug_open_linux_tracing();
6782 if (ret) {
6783 wpa_printf(MSG_ERROR,
6784 "Failed to enable trace logging");
6785 return NULL;
6786 }
6787 }
6fc6879b 6788
12760815 6789 ret = eap_register_methods();
6fc6879b
JM		 6790 if (ret) {
6791 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6792 if (ret == -2)
6793 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6794 "the same EAP type.");
6795 return NULL;
6796 }
6797
6798 global = os_zalloc(sizeof(*global));
6799 if (global == NULL)
6800 return NULL;
b22128ef
JM		 6801 dl_list_init(&global->p2p_srv_bonjour);
6802 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6803 global->params.daemonize = params->daemonize;
6804 global->params.wait_for_monitor = params->wait_for_monitor;
6805 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6806 if (params->pid_file)
6807 global->params.pid_file = os_strdup(params->pid_file);
6808 if (params->ctrl_interface)
6809 global->params.ctrl_interface =
6810 os_strdup(params->ctrl_interface);
29257565
JM		 6811 if (params->ctrl_interface_group)
6812 global->params.ctrl_interface_group =
6813 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6814 if (params->override_driver)
6815 global->params.override_driver =
6816 os_strdup(params->override_driver);
6817 if (params->override_ctrl_interface)
6818 global->params.override_ctrl_interface =
6819 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6820#ifdef CONFIG_MATCH_IFACE
6821 global->params.match_iface_count = params->match_iface_count;
6822 if (params->match_iface_count) {
6823 global->params.match_ifaces =
6824 os_calloc(params->match_iface_count,
6825 sizeof(struct wpa_interface));
6826 os_memcpy(global->params.match_ifaces,
6827 params->match_ifaces,
6828 params->match_iface_count *
6829 sizeof(struct wpa_interface));
6830 }
6831#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6832#ifdef CONFIG_P2P
6833 if (params->conf_p2p_dev)
6834 global->params.conf_p2p_dev =
6835 os_strdup(params->conf_p2p_dev);
6836#endif /* CONFIG_P2P */
6fc6879b
JM		 6837 wpa_debug_level = global->params.wpa_debug_level =
6838 params->wpa_debug_level;
6839 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6840 params->wpa_debug_show_keys;
6841 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6842 params->wpa_debug_timestamp;
6843
8155b36f 6844 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
f19858f5 6845
0456ea16 6846 if (eloop_init()) {
6fc6879b
JM		 6847 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6848 wpa_supplicant_deinit(global);
6849 return NULL;
6850 }
6851
38e24575 6852 random_init(params->entropy_file);
d47fa330 6853
6fc6879b
JM		 6854 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6855 if (global->ctrl_iface == NULL) {
6856 wpa_supplicant_deinit(global);
6857 return NULL;
6858 }
6859
dc461de4
WS		 6860 if (wpas_notify_supplicant_initialized(global)) {
6861 wpa_supplicant_deinit(global);
6862 return NULL;
6fc6879b
JM		 6863 }
6864
c5121837 6865 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6866 global->drv_count++;
6867 if (global->drv_count == 0) {
6868 wpa_printf(MSG_ERROR, "No drivers enabled");
6869 wpa_supplicant_deinit(global);
6870 return NULL;
6871 }
faebdeaa 6872 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6873 if (global->drv_priv == NULL) {
6874 wpa_supplicant_deinit(global);
6875 return NULL;
6876 }
ac305589 6877
9675ce35
JM		 6878#ifdef CONFIG_WIFI_DISPLAY
6879 if (wifi_display_init(global) < 0) {
6880 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6881 wpa_supplicant_deinit(global);
6882 return NULL;
6883 }
6884#endif /* CONFIG_WIFI_DISPLAY */
6885
8c0d0ff2
JM		 6886 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6887 wpas_periodic, global, NULL);
6888
6fc6879b
JM		 6889 return global;
6890}
6891
6892
6893/**
6894 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6895 * @global: Pointer to global data from wpa_supplicant_init()
6896 * Returns: 0 after successful event loop run, -1 on failure
6897 *
6898 * This function starts the main event loop and continues running as long as
6899 * there are any remaining events. In most cases, this function is running as
6900 * long as the %wpa_supplicant process in still in use.
6901 */
6902int wpa_supplicant_run(struct wpa_global *global)
6903{
6904 struct wpa_supplicant *wpa_s;
6905
6906 if (global->params.daemonize &&
2e69bdd1
RM		 6907 (wpa_supplicant_daemon(global->params.pid_file) ||
6908 eloop_sock_requeue()))
6fc6879b
JM		 6909 return -1;
6910
2e997eec
RM		 6911#ifdef CONFIG_MATCH_IFACE
6912 if (wpa_supplicant_match_existing(global))
6913 return -1;
6914#endif
6915
6fc6879b
JM		 6916 if (global->params.wait_for_monitor) {
6917 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6918 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6919 wpa_supplicant_ctrl_iface_wait(
6920 wpa_s->ctrl_iface);
6921 }
6922
0456ea16
JM		 6923 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6924 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6925
6926 eloop_run();
6927
6928 return 0;
6929}
6930
6931
6932/**
6933 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6934 * @global: Pointer to global data from wpa_supplicant_init()
6935 *
6936 * This function is called to deinitialize %wpa_supplicant and to free all
6937 * allocated resources. Remaining network interfaces will also be removed.
6938 */
6939void wpa_supplicant_deinit(struct wpa_global *global)
6940{
ac305589
JM		 6941 int i;
6942
6fc6879b
JM		 6943 if (global == NULL)
6944 return;
6945
8c0d0ff2
JM		 6946 eloop_cancel_timeout(wpas_periodic, global, NULL);
6947
9675ce35
JM		 6948#ifdef CONFIG_WIFI_DISPLAY
6949 wifi_display_deinit(global);
6950#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6951
6fc6879b 6952 while (global->ifaces)
df509539 6953 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6954
6955 if (global->ctrl_iface)
6956 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6957
6958 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6959
6960 eap_peer_unregister_methods();
3ec97afe
JM		 6961#ifdef CONFIG_AP
6962 eap_server_unregister_methods();
6963#endif /* CONFIG_AP */
6fc6879b 6964
c5121837 6965 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6966 if (!global->drv_priv[i])
6967 continue;
c5121837 6968 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6969 }
6970 os_free(global->drv_priv);
6971
d47fa330
JM		 6972 random_deinit();
6973
6fc6879b
JM		 6974 eloop_destroy();
6975
6976 if (global->params.pid_file) {
6977 os_daemonize_terminate(global->params.pid_file);
6978 os_free(global->params.pid_file);
6979 }
6980 os_free(global->params.ctrl_interface);
29257565 6981 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6982 os_free(global->params.override_driver);
6983 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6984#ifdef CONFIG_MATCH_IFACE
6985 os_free(global->params.match_ifaces);
6986#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6987#ifdef CONFIG_P2P
6988 os_free(global->params.conf_p2p_dev);
6989#endif /* CONFIG_P2P */
6fc6879b 6990
af8a827b 6991 os_free(global->p2p_disallow_freq.range);
253f2e37 6992 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6993 os_free(global->add_psk);
6f3bc72b 6994
6fc6879b 6995 os_free(global);
daa70d49 6996 wpa_debug_close_syslog();
6fc6879b 6997 wpa_debug_close_file();
4f68895e 6998 wpa_debug_close_linux_tracing();
6fc6879b 6999}
611aea7d
JM		 7000
7001
7002void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
7003{
849b5dc7
JM		 7004 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
7005 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
7006 char country[3];
7007 country[0] = wpa_s->conf->country[0];
7008 country[1] = wpa_s->conf->country[1];
7009 country[2] = '\0';
7010 if (wpa_drv_set_country(wpa_s, country) < 0) {
7011 wpa_printf(MSG_ERROR, "Failed to set country code "
7012 "'%s'", country);
7013 }
7014 }
7015
306ae225
JM		 7016 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
7017 wpas_init_ext_pw(wpa_s);
7018
bea48f77
JM		 7019 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
7020 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7021
3c7863f8
LD		 7022 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
7023 struct wpa_driver_capa capa;
7024 int res = wpa_drv_get_capa(wpa_s, &capa);
7025
7026 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7027 wpa_printf(MSG_ERROR,
7028 "Failed to update wowlan_triggers to '%s'",
7029 wpa_s->conf->wowlan_triggers);
7030 }
7031
ef59f987
AB		 7032 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7033 wpa_supplicant_set_default_scan_ies(wpa_s);
7034
611aea7d
JM		 7035#ifdef CONFIG_WPS
7036 wpas_wps_update_config(wpa_s);
7037#endif /* CONFIG_WPS */
b22128ef 7038 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 7039 wpa_s->conf->changed_parameters = 0;
7040}
2f9c6aa6
JM		 7041
7042
e1117c1c 7043void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 7044{
7045 int i;
7046
7047 for (i = 0; i < *num_freqs; i++) {
7048 if (freqs[i] == freq)
7049 return;
7050 }
7051
7052 freqs[*num_freqs] = freq;
7053 (*num_freqs)++;
7054}
7055
7056
7057static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7058{
7059 struct wpa_bss *bss, *cbss;
7060 const int max_freqs = 10;
7061 int *freqs;
7062 int num_freqs = 0;
7063
faebdeaa 7064 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 7065 if (freqs == NULL)
7066 return NULL;
7067
7068 cbss = wpa_s->current_bss;
7069
7070 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7071 if (bss == cbss)
7072 continue;
7073 if (bss->ssid_len == cbss->ssid_len &&
7074 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7075 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
7076 add_freq(freqs, &num_freqs, bss->freq);
7077 if (num_freqs == max_freqs)
7078 break;
7079 }
7080 }
7081
7082 if (num_freqs == 0) {
7083 os_free(freqs);
7084 freqs = NULL;
7085 }
7086
7087 return freqs;
7088}
7089
7090
7091void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7092{
7093 int timeout;
7094 int count;
7095 int *freqs = NULL;
7096
6ac4b15e
JM		 7097 wpas_connect_work_done(wpa_s);
7098
5fd9fb27
JM		 7099 /*
7100 * Remove possible authentication timeout since the connection failed.
7101 */
7102 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7103
c2805909
JM		 7104 /*
7105 * There is no point in blacklisting the AP if this event is
7106 * generated based on local request to disconnect.
7107 */
1f90a49d 7108 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
c2805909
JM		 7109 wpa_s->own_disconnect_req = 0;
7110 wpa_dbg(wpa_s, MSG_DEBUG,
7111 "Ignore connection failure due to local request to disconnect");
7112 return;
7113 }
0cdb93fe 7114 if (wpa_s->disconnected) {
0cdb93fe
JM		 7115 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7116 "indication since interface has been put into "
7117 "disconnected state");
7118 return;
7119 }
7120
0fb337c1
JM		 7121 /*
7122 * Add the failed BSSID into the blacklist and speed up next scan
7123 * attempt if there could be other APs that could accept association.
7124 * The current blacklist count indicates how many times we have tried
7125 * connecting to this AP and multiple attempts mean that other APs are
7126 * either not available or has already been tried, so that we can start
7127 * increasing the delay here to avoid constant scanning.
7128 */
7129 count = wpa_blacklist_add(wpa_s, bssid);
7130 if (count == 1 && wpa_s->current_bss) {
7131 /*
7132 * This BSS was not in the blacklist before. If there is
7133 * another BSS available for the same ESS, we should try that
7134 * next. Otherwise, we may as well try this one once more
7135 * before allowing other, likely worse, ESSes to be considered.
7136 */
7137 freqs = get_bss_freqs_in_ess(wpa_s);
7138 if (freqs) {
f049052b
BG		 7139 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7140 "has been seen; try it next");
0fb337c1
JM		 7141 wpa_blacklist_add(wpa_s, bssid);
7142 /*
7143 * On the next scan, go through only the known channels
7144 * used in this ESS based on previous scans to speed up
7145 * common load balancing use case.
7146 */
7147 os_free(wpa_s->next_scan_freqs);
7148 wpa_s->next_scan_freqs = freqs;
7149 }
7150 }
7151
f1a52633
JM		 7152 /*
7153 * Add previous failure count in case the temporary blacklist was
7154 * cleared due to no other BSSes being available.
7155 */
7156 count += wpa_s->extra_blacklist_count;
7157
dd579704
JM		 7158 if (count > 3 && wpa_s->current_ssid) {
7159 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7160 "consider temporary network disabling");
b19c098e 7161 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 7162 }
7163
0fb337c1
JM		 7164 switch (count) {
7165 case 1:
7166 timeout = 100;
7167 break;
7168 case 2:
7169 timeout = 500;
7170 break;
7171 case 3:
7172 timeout = 1000;
7173 break;
f1a52633 7174 case 4:
0fb337c1 7175 timeout = 5000;
f1a52633
JM		 7176 break;
7177 default:
7178 timeout = 10000;
7179 break;
0fb337c1
JM		 7180 }
7181
f1a52633
JM		 7182 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
7183 "ms", count, timeout);
7184
0fb337c1
JM		 7185 /*
7186 * TODO: if more than one possible AP is available in scan results,
7187 * could try the other ones before requesting a new scan.
7188 */
0a42f1ed
IP		 7189
7190 /* speed up the connection attempt with normal scan */
7191 wpa_s->normal_scans = 0;
0fb337c1
JM		 7192 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7193 1000 * (timeout % 1000));
7194}
22628eca
JM		 7195
7196
af835d75
AB		 7197#ifdef CONFIG_FILS
7198void fils_connection_failure(struct wpa_supplicant *wpa_s)
7199{
7200 struct wpa_ssid *ssid = wpa_s->current_ssid;
7201 const u8 *realm, *username, *rrk;
7202 size_t realm_len, username_len, rrk_len;
7203 u16 next_seq_num;
7204
7205 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7206 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7207 &username, &username_len,
7208 &realm, &realm_len, &next_seq_num,
7209 &rrk, &rrk_len) != 0 ||
7210 !realm)
7211 return;
7212
7213 wpa_hexdump_ascii(MSG_DEBUG,
7214 "FILS: Store last connection failure realm",
7215 realm, realm_len);
7216 os_free(wpa_s->last_con_fail_realm);
7217 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7218 if (wpa_s->last_con_fail_realm) {
7219 wpa_s->last_con_fail_realm_len = realm_len;
7220 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7221 }
7222}
7223#endif /* CONFIG_FILS */
7224
7225
22628eca
JM		 7226int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7227{
7228 return wpa_s->conf->ap_scan == 2 ||
7229 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7230}
d2118814
JM		 7231
7232
7233#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
7234int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7235 struct wpa_ssid *ssid,
7236 const char *field,
7237 const char *value)
7238{
7239#ifdef IEEE8021X_EAPOL
7240 struct eap_peer_config *eap = &ssid->eap;
7241
7242 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7243 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7244 (const u8 *) value, os_strlen(value));
7245
7246 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7247 case WPA_CTRL_REQ_EAP_IDENTITY:
7248 os_free(eap->identity);
7249 eap->identity = (u8 *) os_strdup(value);
7250 eap->identity_len = os_strlen(value);
7251 eap->pending_req_identity = 0;
7252 if (ssid == wpa_s->current_ssid)
7253 wpa_s->reassociate = 1;
7254 break;
7255 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 7256 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 7257 eap->password = (u8 *) os_strdup(value);
7258 eap->password_len = os_strlen(value);
7259 eap->pending_req_password = 0;
7260 if (ssid == wpa_s->current_ssid)
7261 wpa_s->reassociate = 1;
7262 break;
7263 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 7264 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 7265 eap->new_password = (u8 *) os_strdup(value);
7266 eap->new_password_len = os_strlen(value);
7267 eap->pending_req_new_password = 0;
7268 if (ssid == wpa_s->current_ssid)
7269 wpa_s->reassociate = 1;
7270 break;
7271 case WPA_CTRL_REQ_EAP_PIN:
b99c4cad
JM		 7272 str_clear_free(eap->cert.pin);
7273 eap->cert.pin = os_strdup(value);
d2118814
JM		 7274 eap->pending_req_pin = 0;
7275 if (ssid == wpa_s->current_ssid)
7276 wpa_s->reassociate = 1;
7277 break;
7278 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 7279 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 7280 eap->otp = (u8 *) os_strdup(value);
7281 eap->otp_len = os_strlen(value);
7282 os_free(eap->pending_req_otp);
7283 eap->pending_req_otp = NULL;
7284 eap->pending_req_otp_len = 0;
7285 break;
7286 case WPA_CTRL_REQ_EAP_PASSPHRASE:
b99c4cad
JM		 7287 str_clear_free(eap->cert.private_key_passwd);
7288 eap->cert.private_key_passwd = os_strdup(value);
d2118814
JM		 7289 eap->pending_req_passphrase = 0;
7290 if (ssid == wpa_s->current_ssid)
7291 wpa_s->reassociate = 1;
7292 break;
a5d44ac0 7293 case WPA_CTRL_REQ_SIM:
19c48da0 7294 str_clear_free(eap->external_sim_resp);
a5d44ac0 7295 eap->external_sim_resp = os_strdup(value);
ed9b1c16 7296 eap->pending_req_sim = 0;
a5d44ac0 7297 break;
a52410c2
JM		 7298 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7299 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7300 return -1;
7301 ssid->mem_only_psk = 1;
7302 if (ssid->passphrase)
7303 wpa_config_update_psk(ssid);
7304 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7305 wpa_supplicant_req_scan(wpa_s, 0, 0);
7306 break;
3c108b75
JM		 7307 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7308 if (eap->pending_ext_cert_check != PENDING_CHECK)
7309 return -1;
7310 if (os_strcmp(value, "good") == 0)
7311 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7312 else if (os_strcmp(value, "bad") == 0)
7313 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7314 else
7315 return -1;
7316 break;
d2118814
JM		 7317 default:
7318 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7319 return -1;
7320 }
7321
7322 return 0;
7323#else /* IEEE8021X_EAPOL */
7324 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7325 return -1;
7326#endif /* IEEE8021X_EAPOL */
7327}
7328#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 7329
7330
7331int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7332{
7333 int i;
7334 unsigned int drv_enc;
7335
44b9ea5b
JM		 7336 if (wpa_s->p2p_mgmt)
7337 return 1; /* no normal network profiles on p2p_mgmt interface */
7338
349493bd
JM		 7339 if (ssid == NULL)
7340 return 1;
7341
7342 if (ssid->disabled)
7343 return 1;
7344
9feadba1 7345 if (wpa_s->drv_capa_known)
349493bd
JM		 7346 drv_enc = wpa_s->drv_enc;
7347 else
7348 drv_enc = (unsigned int) -1;
7349
7350 for (i = 0; i < NUM_WEP_KEYS; i++) {
7351 size_t len = ssid->wep_key_len[i];
7352 if (len == 0)
7353 continue;
7354 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7355 continue;
7356 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7357 continue;
7358 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7359 continue;
7360 return 1; /* invalid WEP key */
7361 }
7362
9173b16f 7363 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 7364 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 7365 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 7366 !ssid->mem_only_psk)
2518aad3
JM		 7367 return 1;
7368
349493bd
JM		 7369 return 0;
7370}
b9cfc09a
JJ		 7371
7372
3f56a2b7
JM		 7373int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7374{
3f56a2b7
JM		 7375 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7376 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7377 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7378 /*
7379 * Driver does not support BIP -- ignore pmf=1 default
7380 * since the connection with PMF would fail and the
7381 * configuration does not require PMF to be enabled.
7382 */
7383 return NO_MGMT_FRAME_PROTECTION;
7384 }
7385
22950049
JM		 7386 if (ssid &&
7387 (ssid->key_mgmt &
7388 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7389 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7390 /*
7391 * Do not use the default PMF value for non-RSN networks
7392 * since PMF is available only with RSN and pmf=2
7393 * configuration would otherwise prevent connections to
7394 * all open networks.
7395 */
7396 return NO_MGMT_FRAME_PROTECTION;
7397 }
7398
3f56a2b7
JM		 7399 return wpa_s->conf->pmf;
7400 }
7401
7402 return ssid->ieee80211w;
3f56a2b7
JM		 7403}
7404
7405
b9cfc09a
JJ		 7406int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7407{
7408 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7409 return 1;
7410 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7411 return 0;
7412 return -1;
7413}
00e5e3d5
JM		 7414
7415
b19c098e 7416void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 7417{
7418 struct wpa_ssid *ssid = wpa_s->current_ssid;
7419 int dur;
4e1eae1d 7420 struct os_reltime now;
00e5e3d5
JM		 7421
7422 if (ssid == NULL) {
7423 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7424 "SSID block");
7425 return;
7426 }
7427
7428 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7429 return;
7430
7431 ssid->auth_failures++;
cbf41ca7
SL		 7432
7433#ifdef CONFIG_P2P
7434 if (ssid->p2p_group &&
7435 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7436 /*
7437 * Skip the wait time since there is a short timeout on the
7438 * connection to a P2P group.
7439 */
7440 return;
7441 }
7442#endif /* CONFIG_P2P */
7443
00e5e3d5
JM		 7444 if (ssid->auth_failures > 50)
7445 dur = 300;
00e5e3d5 7446 else if (ssid->auth_failures > 10)
8a77f1be 7447 dur = 120;
00e5e3d5 7448 else if (ssid->auth_failures > 5)
8a77f1be
JM		 7449 dur = 90;
7450 else if (ssid->auth_failures > 3)
7451 dur = 60;
7452 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 7453 dur = 30;
7454 else if (ssid->auth_failures > 1)
7455 dur = 20;
7456 else
7457 dur = 10;
7458
8a77f1be
JM		 7459 if (ssid->auth_failures > 1 &&
7460 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7461 dur += os_random() % (ssid->auth_failures * 10);
7462
4e1eae1d 7463 os_get_reltime(&now);
00e5e3d5
JM		 7464 if (now.sec + dur <= ssid->disabled_until.sec)
7465 return;
7466
7467 ssid->disabled_until.sec = now.sec + dur;
7468
7469 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 7470 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 7471 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 7472 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 7473}
7474
7475
7476void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7477 struct wpa_ssid *ssid, int clear_failures)
7478{
7479 if (ssid == NULL)
7480 return;
7481
7482 if (ssid->disabled_until.sec) {
7483 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7484 "id=%d ssid=\"%s\"",
7485 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7486 }
7487 ssid->disabled_until.sec = 0;
7488 ssid->disabled_until.usec = 0;
7489 if (clear_failures)
7490 ssid->auth_failures = 0;
7491}
6407f413
JM		 7492
7493
7494int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7495{
7496 size_t i;
7497
7498 if (wpa_s->disallow_aps_bssid == NULL)
7499 return 0;
7500
7501 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7502 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7503 bssid, ETH_ALEN) == 0)
7504 return 1;
7505 }
7506
7507 return 0;
7508}
7509
7510
7511int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7512 size_t ssid_len)
7513{
7514 size_t i;
7515
7516 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7517 return 0;
7518
7519 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7520 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7521 if (ssid_len == s->ssid_len &&
7522 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7523 return 1;
7524 }
7525
7526 return 0;
7527}
9796a86c
JM		 7528
7529
7530/**
7531 * wpas_request_connection - Request a new connection
7532 * @wpa_s: Pointer to the network interface
7533 *
7534 * This function is used to request a new connection to be found. It will mark
7535 * the interface to allow reassociation and request a new scan to find a
7536 * suitable network to connect to.
7537 */
7538void wpas_request_connection(struct wpa_supplicant *wpa_s)
7539{
7540 wpa_s->normal_scans = 0;
5214f4fa 7541 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 7542 wpa_supplicant_reinit_autoscan(wpa_s);
7543 wpa_s->extra_blacklist_count = 0;
7544 wpa_s->disconnected = 0;
7545 wpa_s->reassociate = 1;
2cb40e9f 7546 wpa_s->last_owe_group = 0;
5e24beae
MH		 7547
7548 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7549 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 7550 else
7551 wpa_s->reattach = 0;
9796a86c 7552}
36b9883d
DG		 7553
7554
5f040be4
RP		 7555/**
7556 * wpas_request_disconnection - Request disconnection
7557 * @wpa_s: Pointer to the network interface
7558 *
7559 * This function is used to request disconnection from the currently connected
7560 * network. This will stop any ongoing scans and initiate deauthentication.
7561 */
7562void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7563{
7564#ifdef CONFIG_SME
7565 wpa_s->sme.prev_bssid_set = 0;
7566#endif /* CONFIG_SME */
7567 wpa_s->reassociate = 0;
7568 wpa_s->disconnected = 1;
7569 wpa_supplicant_cancel_sched_scan(wpa_s);
7570 wpa_supplicant_cancel_scan(wpa_s);
7571 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7572 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
f5db7750
JM		 7573 radio_remove_works(wpa_s, "connect", 0);
7574 radio_remove_works(wpa_s, "sme-connect", 0);
5f040be4
RP		 7575}
7576
7577
a0c90bb0
IP		 7578void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7579 struct wpa_used_freq_data *freqs_data,
7580 unsigned int len)
7581{
7582 unsigned int i;
7583
7584 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7585 len, title);
7586 for (i = 0; i < len; i++) {
7587 struct wpa_used_freq_data *cur = &freqs_data[i];
7588 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7589 i, cur->freq, cur->flags);
7590 }
7591}
7592
7593
53c5dfc2
IP		 7594/*
7595 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 7596 * are using the same radio as the current interface, and in addition, get
7597 * information about the interface types that are using the frequency.
53c5dfc2 7598 */
a0c90bb0
IP		 7599int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7600 struct wpa_used_freq_data *freqs_data,
7601 unsigned int len)
53c5dfc2 7602{
53c5dfc2
IP		 7603 struct wpa_supplicant *ifs;
7604 u8 bssid[ETH_ALEN];
7605 int freq;
7606 unsigned int idx = 0, i;
7607
217cf499
JM		 7608 wpa_dbg(wpa_s, MSG_DEBUG,
7609 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 7610 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 7611
0ad3b9c4
JM		 7612 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7613 radio_list) {
a0c90bb0
IP		 7614 if (idx == len)
7615 break;
7616
53c5dfc2
IP		 7617 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7618 continue;
7619
7620 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 7621 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7622 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 7623 freq = ifs->current_ssid->frequency;
7624 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7625 freq = ifs->assoc_freq;
7626 else
7627 continue;
7628
7629 /* Hold only distinct freqs */
7630 for (i = 0; i < idx; i++)
a0c90bb0 7631 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 7632 break;
7633
7634 if (i == idx)
a0c90bb0
IP		 7635 freqs_data[idx++].freq = freq;
7636
7637 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 7638 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 7639 WPA_FREQ_USED_BY_P2P_CLIENT :
7640 WPA_FREQ_USED_BY_INFRA_STATION;
7641 }
53c5dfc2 7642 }
217cf499 7643
a0c90bb0 7644 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 7645 return idx;
7646}
a0c90bb0
IP		 7647
7648
7649/*
7650 * Find the operating frequencies of any of the virtual interfaces that
7651 * are using the same radio as the current interface.
7652 */
7653int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7654 int *freq_array, unsigned int len)
7655{
7656 struct wpa_used_freq_data *freqs_data;
7657 int num, i;
7658
7659 os_memset(freq_array, 0, sizeof(int) * len);
7660
7661 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7662 if (!freqs_data)
7663 return -1;
7664
7665 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7666 for (i = 0; i < num; i++)
7667 freq_array[i] = freqs_data[i].freq;
7668
7669 os_free(freqs_data);
7670
7671 return num;
7672}
b361d580
AK		 7673
7674
af041f99
AA		 7675struct wpa_supplicant *
7676wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7677{
7678 switch (frame) {
7679#ifdef CONFIG_P2P
7680 case VENDOR_ELEM_PROBE_REQ_P2P:
7681 case VENDOR_ELEM_PROBE_RESP_P2P:
7682 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7683 case VENDOR_ELEM_BEACON_P2P_GO:
7684 case VENDOR_ELEM_P2P_PD_REQ:
7685 case VENDOR_ELEM_P2P_PD_RESP:
7686 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7687 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7688 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7689 case VENDOR_ELEM_P2P_INV_REQ:
7690 case VENDOR_ELEM_P2P_INV_RESP:
7691 case VENDOR_ELEM_P2P_ASSOC_REQ:
7692 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 7693 return wpa_s->p2pdev;
af041f99
AA		 7694#endif /* CONFIG_P2P */
7695 default:
7696 return wpa_s;
7697 }
7698}
7699
7700
7701void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7702{
7703 unsigned int i;
7704 char buf[30];
7705
7706 wpa_printf(MSG_DEBUG, "Update vendor elements");
7707
7708 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7709 if (wpa_s->vendor_elem[i]) {
7710 int res;
7711
7712 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7713 if (!os_snprintf_error(sizeof(buf), res)) {
7714 wpa_hexdump_buf(MSG_DEBUG, buf,
7715 wpa_s->vendor_elem[i]);
7716 }
7717 }
7718 }
7719
7720#ifdef CONFIG_P2P
7721 if (wpa_s->parent == wpa_s &&
7722 wpa_s->global->p2p &&
7723 !wpa_s->global->p2p_disabled)
7724 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7725#endif /* CONFIG_P2P */
7726}
7727
7728
7729int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7730 const u8 *elem, size_t len)
7731{
7732 u8 *ie, *end;
7733
7734 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7735 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7736
7737 for (; ie + 1 < end; ie += 2 + ie[1]) {
7738 if (ie + len > end)
7739 break;
7740 if (os_memcmp(ie, elem, len) != 0)
7741 continue;
7742
7743 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7744 wpabuf_free(wpa_s->vendor_elem[frame]);
7745 wpa_s->vendor_elem[frame] = NULL;
7746 } else {
7747 os_memmove(ie, ie + len, end - (ie + len));
7748 wpa_s->vendor_elem[frame]->used -= len;
7749 }
7750 wpas_vendor_elem_update(wpa_s);
7751 return 0;
7752 }
7753
7754 return -1;
7755}
ea69d973
AS		 7756
7757
7758struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
d0e116f6
VK		 7759 u16 num_modes, enum hostapd_hw_mode mode,
7760 int is_6ghz)
ea69d973
AS		 7761{
7762 u16 i;
7763
7764 for (i = 0; i < num_modes; i++) {
d0e116f6
VK		 7765 if (modes[i].mode != mode ||
7766 !modes[i].num_channels || !modes[i].channels)
7767 continue;
7768 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
7769 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
ea69d973
AS		 7770 return &modes[i];
7771 }
7772
7773 return NULL;
7774}
dd599908
AS		 7775
7776
7777static struct
7778wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7779 const u8 *bssid)
7780{
7781 struct wpa_bss_tmp_disallowed *bss;
7782
7783 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7784 struct wpa_bss_tmp_disallowed, list) {
7785 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7786 return bss;
7787 }
7788
7789 return NULL;
7790}
7791
7792
b04854ce
AP		 7793static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7794{
7795 struct wpa_bss_tmp_disallowed *tmp;
7796 unsigned int num_bssid = 0;
7797 u8 *bssids;
7798 int ret;
7799
7800 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7801 if (!bssids)
7802 return -1;
7803 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7804 struct wpa_bss_tmp_disallowed, list) {
7805 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7806 ETH_ALEN);
7807 num_bssid++;
7808 }
7809 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7810 os_free(bssids);
7811 return ret;
7812}
7813
7814
7815static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7816{
7817 struct wpa_supplicant *wpa_s = eloop_ctx;
7818 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7819
7820 /* Make sure the bss is not already freed */
7821 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7822 struct wpa_bss_tmp_disallowed, list) {
7823 if (bss == tmp) {
7824 dl_list_del(&tmp->list);
7825 os_free(tmp);
7826 wpa_set_driver_tmp_disallow_list(wpa_s);
7827 break;
7828 }
7829 }
7830}
7831
7832
dd599908 7833void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
19677b77 7834 unsigned int sec, int rssi_threshold)
dd599908
AS		 7835{
7836 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7837
7838 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7839 if (bss) {
b04854ce 7840 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
19677b77 7841 goto finish;
dd599908
AS		 7842 }
7843
7844 bss = os_malloc(sizeof(*bss));
7845 if (!bss) {
7846 wpa_printf(MSG_DEBUG,
7847 "Failed to allocate memory for temp disallow BSS");
7848 return;
7849 }
7850
dd599908
AS		 7851 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7852 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce 7853 wpa_set_driver_tmp_disallow_list(wpa_s);
19677b77
BL		 7854
7855finish:
7856 bss->rssi_threshold = rssi_threshold;
b04854ce
AP		 7857 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7858 wpa_s, bss);
dd599908
AS		 7859}
7860
7861
19677b77
BL		 7862int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7863 struct wpa_bss *bss)
dd599908 7864{
19677b77 7865 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
dd599908 7866
d010048c
JM		 7867 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7868 struct wpa_bss_tmp_disallowed, list) {
19677b77
BL		 7869 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7870 disallowed = tmp;
d010048c
JM		 7871 break;
7872 }
7873 }
19677b77
BL		 7874 if (!disallowed)
7875 return 0;
7876
7877 if (disallowed->rssi_threshold != 0 &&
7878 bss->level > disallowed->rssi_threshold)
dd599908
AS		 7879 return 0;
7880
d010048c 7881 return 1;
dd599908 7882}
91b6eba7
EC		 7883
7884
7885int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7886 unsigned int type, const u8 *addr,
7887 const u8 *mask)
7888{
7889 if ((addr && !mask) || (!addr && mask)) {
7890 wpa_printf(MSG_INFO,
7891 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7892 return -1;
7893 }
7894
7895 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7896 wpa_printf(MSG_INFO,
7897 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7898 return -1;
7899 }
7900
7901 if (type & MAC_ADDR_RAND_SCAN) {
7902 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7903 addr, mask))
7904 return -1;
7905 }
7906
7907 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7908 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7909 addr, mask))
7910 return -1;
7911
7912 if (wpa_s->sched_scanning && !wpa_s->pno)
7913 wpas_scan_restart_sched_scan(wpa_s);
7914 }
7915
7916 if (type & MAC_ADDR_RAND_PNO) {
7917 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7918 addr, mask))
7919 return -1;
7920
7921 if (wpa_s->pno) {
7922 wpas_stop_pno(wpa_s);
7923 wpas_start_pno(wpa_s);
7924 }
7925 }
7926
7927 return 0;
7928}
7929
7930
7931int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7932 unsigned int type)
7933{
7934 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7935 if (wpa_s->pno) {
7936 if (type & MAC_ADDR_RAND_PNO) {
7937 wpas_stop_pno(wpa_s);
7938 wpas_start_pno(wpa_s);
7939 }
7940 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7941 wpas_scan_restart_sched_scan(wpa_s);
7942 }
7943
7944 return 0;
7945}
6c570193
JM		 7946
7947
7948int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
7949 struct wpa_signal_info *si)
7950{
7951 int res;
7952
7953 if (!wpa_s->driver->signal_poll)
7954 return -1;
7955
7956 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
7957
7958#ifdef CONFIG_TESTING_OPTIONS
7959 if (res == 0) {
7960 struct driver_signal_override *dso;
7961
7962 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7963 struct driver_signal_override, list) {
7964 if (os_memcmp(wpa_s->bssid, dso->bssid,
7965 ETH_ALEN) != 0)
7966 continue;
7967 wpa_printf(MSG_DEBUG,
7968 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
7969 si->current_signal,
7970 dso->si_current_signal,
7971 si->avg_signal,
7972 dso->si_avg_signal,
7973 si->avg_beacon_signal,
7974 dso->si_avg_beacon_signal,
7975 si->current_noise,
7976 dso->si_current_noise);
7977 si->current_signal = dso->si_current_signal;
7978 si->avg_signal = dso->si_avg_signal;
7979 si->avg_beacon_signal = dso->si_avg_beacon_signal;
7980 si->current_noise = dso->si_current_noise;
7981 break;
7982 }
7983 }
7984#endif /* CONFIG_TESTING_OPTIONS */
7985
7986 return res;
7987}
7988
7989
7990struct wpa_scan_results *
7991wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
7992{
7993 struct wpa_scan_results *scan_res;
7994#ifdef CONFIG_TESTING_OPTIONS
7995 size_t idx;
7996#endif /* CONFIG_TESTING_OPTIONS */
7997
7998 if (!wpa_s->driver->get_scan_results2)
7999 return NULL;
8000
8001 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
8002
8003#ifdef CONFIG_TESTING_OPTIONS
8004 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
8005 struct driver_signal_override *dso;
8006 struct wpa_scan_res *res = scan_res->res[idx];
8007
8008 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8009 struct driver_signal_override, list) {
8010 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
8011 continue;
8012 wpa_printf(MSG_DEBUG,
8013 "Override driver scan signal level %d->%d for "
8014 MACSTR,
8015 res->level, dso->scan_level,
8016 MAC2STR(res->bssid));
8017 res->flags |= WPA_SCAN_QUAL_INVALID;
8018 if (dso->scan_level < 0)
8019 res->flags |= WPA_SCAN_LEVEL_DBM;
8020 else
8021 res->flags &= ~WPA_SCAN_LEVEL_DBM;
8022 res->level = dso->scan_level;
8023 break;
8024 }
8025 }
8026#endif /* CONFIG_TESTING_OPTIONS */
8027
8028 return scan_res;
8029}
Unnamed repository; edit this file 'description' to name the repository.