]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Interworking: Fix failed GAS query processing
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
d93dfbd5 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
14
15#include "common.h"
d47fa330 16#include "crypto/random.h"
7d232e23 17#include "crypto/sha1.h"
6fc6879b
JM		 18#include "eapol_supp/eapol_supp_sm.h"
19#include "eap_peer/eap.h"
3ec97afe 20#include "eap_server/eap_methods.h"
3acb5005 21#include "rsn_supp/wpa.h"
6fc6879b 22#include "eloop.h"
6fc6879b 23#include "config.h"
306ae225 24#include "utils/ext_password.h"
6fc6879b
JM		 25#include "l2_packet/l2_packet.h"
26#include "wpa_supplicant_i.h"
2d5b792d 27#include "driver_i.h"
6fc6879b 28#include "ctrl_iface.h"
6fc6879b 29#include "pcsc_funcs.h"
90973fb2 30#include "common/version.h"
3acb5005
JM		 31#include "rsn_supp/preauth.h"
32#include "rsn_supp/pmksa_cache.h"
90973fb2 33#include "common/wpa_ctrl.h"
90973fb2 34#include "common/ieee802_11_defs.h"
72044390 35#include "p2p/p2p.h"
6fc6879b
JM		 36#include "blacklist.h"
37#include "wpas_glue.h"
116654ce 38#include "wps_supplicant.h"
11ef8d35 39#include "ibss_rsn.h"
c2a04078 40#include "sme.h"
04ea7b79 41#include "gas_query.h"
1f1b62a0 42#include "ap.h"
b22128ef 43#include "p2p_supplicant.h"
9675ce35 44#include "wifi_display.h"
8bac466b 45#include "notify.h"
60b94c98 46#include "bgscan.h"
7c865c68 47#include "autoscan.h"
83922c2d 48#include "bss.h"
9ba9fa07 49#include "scan.h"
24f6497c 50#include "offchannel.h"
cb418324 51#include "hs20_supplicant.h"
6fc6879b
JM		 52
53const char *wpa_supplicant_version =
54"wpa_supplicant v" VERSION_STR "\n"
57d38ddf 55"Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 56
57const char *wpa_supplicant_license =
331f89ff
JM		 58"This software may be distributed under the terms of the BSD license.\n"
59"See README for more details.\n"
6fc6879b
JM		 60#ifdef EAP_TLS_OPENSSL
61"\nThis product includes software developed by the OpenSSL Project\n"
62"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63#endif /* EAP_TLS_OPENSSL */
64;
65
66#ifndef CONFIG_NO_STDOUT_DEBUG
67/* Long text divided into parts in order to fit in C89 strings size limits. */
68const char *wpa_supplicant_full_license1 =
331f89ff 69"";
6fc6879b 70const char *wpa_supplicant_full_license2 =
331f89ff 71"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 72"\n"
73"Redistribution and use in source and binary forms, with or without\n"
74"modification, are permitted provided that the following conditions are\n"
75"met:\n"
76"\n";
77const char *wpa_supplicant_full_license3 =
78"1. Redistributions of source code must retain the above copyright\n"
79" notice, this list of conditions and the following disclaimer.\n"
80"\n"
81"2. Redistributions in binary form must reproduce the above copyright\n"
82" notice, this list of conditions and the following disclaimer in the\n"
83" documentation and/or other materials provided with the distribution.\n"
84"\n";
85const char *wpa_supplicant_full_license4 =
86"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
87" names of its contributors may be used to endorse or promote products\n"
88" derived from this software without specific prior written permission.\n"
89"\n"
90"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
91"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
92"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
93"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
94const char *wpa_supplicant_full_license5 =
95"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
96"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
97"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
98"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
99"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
100"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
101"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
102"\n";
103#endif /* CONFIG_NO_STDOUT_DEBUG */
104
6fc6879b
JM		 105extern int wpa_debug_level;
106extern int wpa_debug_show_keys;
107extern int wpa_debug_timestamp;
c5121837 108extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 109
110/* Configure default/group WEP keys for static WEP */
0194fedb 111int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 112{
113 int i, set = 0;
114
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
117 continue;
118
119 set = 1;
0382097e 120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 121 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 122 ssid->wep_key[i], ssid->wep_key_len[i]);
123 }
124
125 return set;
126}
127
128
129static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
131{
132 u8 key[32];
133 size_t keylen;
71934751 134 enum wpa_alg alg;
6fc6879b
JM		 135 u8 seq[6] = { 0 };
136
137 /* IBSS/WPA-None uses only one key (Group) for both receiving and
138 * sending unicast and multicast packets. */
139
d7dcba70 140 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 141 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
142 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 143 return -1;
144 }
145
146 if (!ssid->psk_set) {
f049052b
BG		 147 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
148 "WPA-None");
6fc6879b
JM		 149 return -1;
150 }
151
152 switch (wpa_s->group_cipher) {
153 case WPA_CIPHER_CCMP:
154 os_memcpy(key, ssid->psk, 16);
155 keylen = 16;
156 alg = WPA_ALG_CCMP;
157 break;
eb7719ff
JM		 158 case WPA_CIPHER_GCMP:
159 os_memcpy(key, ssid->psk, 16);
160 keylen = 16;
161 alg = WPA_ALG_GCMP;
162 break;
6fc6879b
JM		 163 case WPA_CIPHER_TKIP:
164 /* WPA-None uses the same Michael MIC key for both TX and RX */
165 os_memcpy(key, ssid->psk, 16 + 8);
166 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
167 keylen = 32;
168 alg = WPA_ALG_TKIP;
169 break;
170 default:
f049052b
BG		 171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
172 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 173 return -1;
174 }
175
176 /* TODO: should actually remember the previously used seq#, both for TX
177 * and RX from each STA.. */
178
0382097e 179 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
6fc6879b
JM		 180}
181
182
183static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
184{
185 struct wpa_supplicant *wpa_s = eloop_ctx;
186 const u8 *bssid = wpa_s->bssid;
a8e16edc 187 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 188 bssid = wpa_s->pending_bssid;
189 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
190 MAC2STR(bssid));
191 wpa_blacklist_add(wpa_s, bssid);
192 wpa_sm_notify_disassoc(wpa_s->wpa);
193 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
194 wpa_s->reassociate = 1;
48b84f18
BG		 195
196 /*
197 * If we timed out, the AP or the local radio may be busy.
198 * So, wait a second until scanning again.
199 */
200 wpa_supplicant_req_scan(wpa_s, 1, 0);
99fcd404
JM		 201
202#ifdef CONFIG_P2P
e665ca9a 203 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
99fcd404 204 wpa_s->global->p2p != NULL) {
e665ca9a 205 wpa_s->global->p2p_cb_on_scan_complete = 0;
99fcd404
JM		 206 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
207 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
208 "continued after timed out authentication");
99fcd404
JM		 209 }
210 }
211#endif /* CONFIG_P2P */
6fc6879b
JM		 212}
213
214
215/**
216 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
217 * @wpa_s: Pointer to wpa_supplicant data
218 * @sec: Number of seconds after which to time out authentication
219 * @usec: Number of microseconds after which to time out authentication
220 *
221 * This function is used to schedule a timeout for the current authentication
222 * attempt.
223 */
224void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
225 int sec, int usec)
226{
c2a04078
JM		 227 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
228 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 229 return;
230
f049052b 231 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 232 "%d usec", sec, usec);
233 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
234 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
235}
236
237
238/**
239 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
240 * @wpa_s: Pointer to wpa_supplicant data
241 *
242 * This function is used to cancel authentication timeout scheduled with
243 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
244 * been completed.
245 */
246void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
247{
f049052b 248 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 249 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
250 wpa_blacklist_del(wpa_s, wpa_s->bssid);
251}
252
253
254/**
255 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
256 * @wpa_s: Pointer to wpa_supplicant data
257 *
258 * This function is used to configure EAPOL state machine based on the selected
259 * authentication mode.
260 */
261void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
262{
263#ifdef IEEE8021X_EAPOL
264 struct eapol_config eapol_conf;
265 struct wpa_ssid *ssid = wpa_s->current_ssid;
266
53895c3b 267#ifdef CONFIG_IBSS_RSN
d7dcba70 268 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 269 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
270 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
271 /*
272 * RSN IBSS authentication is per-STA and we can disable the
273 * per-BSSID EAPOL authentication.
274 */
275 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
277 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
278 return;
279 }
280#endif /* CONFIG_IBSS_RSN */
281
0a40ec6a
JM		 282 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
283 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
284
6fc6879b
JM		 285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
286 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
287 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
288 else
289 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
290
291 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
292 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
293 eapol_conf.accept_802_1x_keys = 1;
294 eapol_conf.required_keys = 0;
295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
296 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
297 }
298 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
299 eapol_conf.required_keys |=
300 EAPOL_REQUIRE_KEY_BROADCAST;
301 }
302
c2a04078 303 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 304 eapol_conf.required_keys = 0;
6fc6879b
JM		 305 }
306 if (wpa_s->conf)
307 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
308 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 309 eapol_conf.eap_disabled =
310 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 311 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
312 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 313 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
314#endif /* IEEE8021X_EAPOL */
315}
316
317
318/**
319 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
320 * @wpa_s: Pointer to wpa_supplicant data
321 * @ssid: Configuration data for the network
322 *
323 * This function is used to configure WPA state machine and related parameters
324 * to a mode where WPA is not enabled. This is called as part of the
325 * authentication configuration when the selected network does not use WPA.
326 */
327void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
328 struct wpa_ssid *ssid)
329{
330 int i;
331
ad08c363
JM		 332 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
333 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
334 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 335 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
336 else
337 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
338 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
340 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
341 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
342 wpa_s->group_cipher = WPA_CIPHER_NONE;
343 wpa_s->mgmt_group_cipher = 0;
344
345 for (i = 0; i < NUM_WEP_KEYS; i++) {
346 if (ssid->wep_key_len[i] > 5) {
347 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
348 wpa_s->group_cipher = WPA_CIPHER_WEP104;
349 break;
350 } else if (ssid->wep_key_len[i] > 0) {
351 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
352 wpa_s->group_cipher = WPA_CIPHER_WEP40;
353 break;
354 }
355 }
356
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
359 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
360 wpa_s->pairwise_cipher);
361 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
362#ifdef CONFIG_IEEE80211W
363 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
364 wpa_s->mgmt_group_cipher);
365#endif /* CONFIG_IEEE80211W */
366
367 pmksa_cache_clear_current(wpa_s->wpa);
368}
369
370
6979582c 371void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 372{
373 int i;
374 if (wpa_s->hw.modes == NULL)
375 return;
376
377 for (i = 0; i < wpa_s->hw.num_modes; i++) {
378 os_free(wpa_s->hw.modes[i].channels);
379 os_free(wpa_s->hw.modes[i].rates);
380 }
381
382 os_free(wpa_s->hw.modes);
383 wpa_s->hw.modes = NULL;
384}
385
386
6fc6879b
JM		 387static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
388{
60b94c98 389 bgscan_deinit(wpa_s);
7c865c68 390 autoscan_deinit(wpa_s);
6fc6879b
JM		 391 scard_deinit(wpa_s->scard);
392 wpa_s->scard = NULL;
393 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
394 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
395 l2_packet_deinit(wpa_s->l2);
396 wpa_s->l2 = NULL;
397 if (wpa_s->l2_br) {
398 l2_packet_deinit(wpa_s->l2_br);
399 wpa_s->l2_br = NULL;
400 }
401
6fc6879b 402 if (wpa_s->conf != NULL) {
8e56d189
JM		 403 struct wpa_ssid *ssid;
404 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
405 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 406 }
407
408 os_free(wpa_s->confname);
409 wpa_s->confname = NULL;
410
411 wpa_sm_set_eapol(wpa_s->wpa, NULL);
412 eapol_sm_deinit(wpa_s->eapol);
413 wpa_s->eapol = NULL;
414
415 rsn_preauth_deinit(wpa_s->wpa);
416
281ff0aa
GP		 417#ifdef CONFIG_TDLS
418 wpa_tdls_deinit(wpa_s->wpa);
419#endif /* CONFIG_TDLS */
420
6fc6879b
JM		 421 pmksa_candidate_free(wpa_s->wpa);
422 wpa_sm_deinit(wpa_s->wpa);
423 wpa_s->wpa = NULL;
424 wpa_blacklist_clear(wpa_s);
425
83922c2d 426 wpa_bss_deinit(wpa_s);
6fc6879b
JM		 427
428 wpa_supplicant_cancel_scan(wpa_s);
429 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 430 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
431#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
432 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
433 wpa_s, NULL);
434#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 435
116654ce 436 wpas_wps_deinit(wpa_s);
11ef8d35 437
1ff73338
JM		 438 wpabuf_free(wpa_s->pending_eapol_rx);
439 wpa_s->pending_eapol_rx = NULL;
440
11ef8d35
JM		 441#ifdef CONFIG_IBSS_RSN
442 ibss_rsn_deinit(wpa_s->ibss_rsn);
443 wpa_s->ibss_rsn = NULL;
444#endif /* CONFIG_IBSS_RSN */
c2a04078 445
e29853bb 446 sme_deinit(wpa_s);
2d5b792d
JM		 447
448#ifdef CONFIG_AP
449 wpa_supplicant_ap_deinit(wpa_s);
450#endif /* CONFIG_AP */
b22128ef
JM		 451
452#ifdef CONFIG_P2P
453 wpas_p2p_deinit(wpa_s);
454#endif /* CONFIG_P2P */
f47d639d 455
24f6497c
JM		 456#ifdef CONFIG_OFFCHANNEL
457 offchannel_deinit(wpa_s);
458#endif /* CONFIG_OFFCHANNEL */
459
a4cba8f1
LC		 460 wpa_supplicant_cancel_sched_scan(wpa_s);
461
f47d639d
JM		 462 os_free(wpa_s->next_scan_freqs);
463 wpa_s->next_scan_freqs = NULL;
04ea7b79
JM		 464
465 gas_query_deinit(wpa_s->gas);
466 wpa_s->gas = NULL;
6bf731e8
CL		 467
468 free_hw_features(wpa_s);
d445a5cd
JM		 469
470 os_free(wpa_s->bssid_filter);
471 wpa_s->bssid_filter = NULL;
b6668734 472
6407f413
JM		 473 os_free(wpa_s->disallow_aps_bssid);
474 wpa_s->disallow_aps_bssid = NULL;
475 os_free(wpa_s->disallow_aps_ssid);
476 wpa_s->disallow_aps_ssid = NULL;
477
b6668734 478 wnm_bss_keep_alive_deinit(wpa_s);
306ae225
JM		 479
480 ext_password_deinit(wpa_s->ext_pw);
481 wpa_s->ext_pw = NULL;
b1f12296
JM		 482
483 wpabuf_free(wpa_s->last_gas_resp);
a297201d
JM		 484
485 os_free(wpa_s->last_scan_res);
486 wpa_s->last_scan_res = NULL;
6fc6879b
JM		 487}
488
489
490/**
491 * wpa_clear_keys - Clear keys configured for the driver
492 * @wpa_s: Pointer to wpa_supplicant data
493 * @addr: Previously used BSSID or %NULL if not available
494 *
495 * This function clears the encryption keys that has been previously configured
496 * for the driver.
497 */
498void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
499{
6fc6879b
JM		 500 if (wpa_s->keys_cleared) {
501 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
502 * timing issues with keys being cleared just before new keys
503 * are set or just after association or something similar. This
504 * shows up in group key handshake failing often because of the
505 * client not receiving the first encrypted packets correctly.
506 * Skipping some of the extra key clearing steps seems to help
507 * in completing group key handshake more reliably. */
f049052b
BG		 508 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
509 "skip key clearing");
6fc6879b
JM		 510 return;
511 }
512
513 /* MLME-DELETEKEYS.request */
0382097e
JM		 514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
0e27f655 518#ifdef CONFIG_IEEE80211W
0382097e
JM		 519 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
0e27f655 521#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 522 if (addr) {
523 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
524 0);
525 /* MLME-SETPROTECTION.request(None) */
526 wpa_drv_mlme_setprotection(
527 wpa_s, addr,
528 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
529 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
530 }
531 wpa_s->keys_cleared = 1;
532}
533
534
535/**
536 * wpa_supplicant_state_txt - Get the connection state name as a text string
537 * @state: State (wpa_state; WPA_*)
538 * Returns: The state name as a printable text string
539 */
71934751 540const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 541{
542 switch (state) {
543 case WPA_DISCONNECTED:
544 return "DISCONNECTED";
545 case WPA_INACTIVE:
546 return "INACTIVE";
8401a6b0
JM		 547 case WPA_INTERFACE_DISABLED:
548 return "INTERFACE_DISABLED";
6fc6879b
JM		 549 case WPA_SCANNING:
550 return "SCANNING";
c2a04078
JM		 551 case WPA_AUTHENTICATING:
552 return "AUTHENTICATING";
6fc6879b
JM		 553 case WPA_ASSOCIATING:
554 return "ASSOCIATING";
555 case WPA_ASSOCIATED:
556 return "ASSOCIATED";
557 case WPA_4WAY_HANDSHAKE:
558 return "4WAY_HANDSHAKE";
559 case WPA_GROUP_HANDSHAKE:
560 return "GROUP_HANDSHAKE";
561 case WPA_COMPLETED:
562 return "COMPLETED";
563 default:
564 return "UNKNOWN";
565 }
566}
567
568
cfe53c9a
PS		 569#ifdef CONFIG_BGSCAN
570
571static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
572{
0096c427
JM		 573 if (wpas_driver_bss_selection(wpa_s))
574 return;
cfe53c9a
PS		 575 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
576 return;
577
578 bgscan_deinit(wpa_s);
579 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
580 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
581 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
582 "bgscan");
583 /*
584 * Live without bgscan; it is only used as a roaming
585 * optimization, so the initial connection is not
586 * affected.
587 */
6409b7a7
YD		 588 } else {
589 struct wpa_scan_results *scan_res;
cfe53c9a 590 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 591 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
592 0);
593 if (scan_res) {
594 bgscan_notify_scan(wpa_s, scan_res);
595 wpa_scan_results_free(scan_res);
596 }
597 }
cfe53c9a
PS		 598 } else
599 wpa_s->bgscan_ssid = NULL;
600}
601
602
603static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
604{
605 if (wpa_s->bgscan_ssid != NULL) {
606 bgscan_deinit(wpa_s);
607 wpa_s->bgscan_ssid = NULL;
608 }
609}
610
611#endif /* CONFIG_BGSCAN */
612
613
7c865c68
TB		 614static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
615{
99218999 616 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 617 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
618}
619
620
621static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
622{
623 autoscan_deinit(wpa_s);
624}
625
626
c3d12238
JM		 627void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
628{
629 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
630 wpa_s->wpa_state == WPA_SCANNING) {
631 autoscan_deinit(wpa_s);
632 wpa_supplicant_start_autoscan(wpa_s);
633 }
634}
635
636
6fc6879b
JM		 637/**
638 * wpa_supplicant_set_state - Set current connection state
639 * @wpa_s: Pointer to wpa_supplicant data
640 * @state: The new connection state
641 *
642 * This function is called whenever the connection state changes, e.g.,
643 * association is completed for WPA/WPA2 4-Way Handshake is started.
644 */
71934751
JM		 645void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
646 enum wpa_states state)
6fc6879b 647{
27f43d8d
MH		 648 enum wpa_states old_state = wpa_s->wpa_state;
649
f049052b
BG		 650 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
651 wpa_supplicant_state_txt(wpa_s->wpa_state),
652 wpa_supplicant_state_txt(state));
6fc6879b 653
cb8564b1
DW		 654 if (state != WPA_SCANNING)
655 wpa_supplicant_notify_scanning(wpa_s, 0);
656
6fc6879b
JM		 657 if (state == WPA_COMPLETED && wpa_s->new_connection) {
658#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
659 struct wpa_ssid *ssid = wpa_s->current_ssid;
660 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
661 MACSTR " completed %s [id=%d id_str=%s]",
662 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
663 "(reauth)" : "(auth)",
664 ssid ? ssid->id : -1,
665 ssid && ssid->id_str ? ssid->id_str : "");
666#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 667 wpas_clear_temp_disabled(wpa_s, ssid, 1);
6fc6879b
JM		 668 wpa_s->new_connection = 0;
669 wpa_s->reassociated_connection = 1;
670 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 671#ifndef IEEE8021X_EAPOL
672 wpa_drv_set_supp_port(wpa_s, 1);
673#endif /* IEEE8021X_EAPOL */
17a4734d 674 wpa_s->after_wps = 0;
b22128ef
JM		 675#ifdef CONFIG_P2P
676 wpas_p2p_completed(wpa_s);
677#endif /* CONFIG_P2P */
c3701c66
RM		 678
679 sme_sched_obss_scan(wpa_s, 1);
6fc6879b
JM		 680 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
681 state == WPA_ASSOCIATED) {
682 wpa_s->new_connection = 1;
683 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 684#ifndef IEEE8021X_EAPOL
685 wpa_drv_set_supp_port(wpa_s, 0);
686#endif /* IEEE8021X_EAPOL */
c3701c66 687 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 688 }
689 wpa_s->wpa_state = state;
27f43d8d 690
cfe53c9a
PS		 691#ifdef CONFIG_BGSCAN
692 if (state == WPA_COMPLETED)
693 wpa_supplicant_start_bgscan(wpa_s);
694 else
695 wpa_supplicant_stop_bgscan(wpa_s);
696#endif /* CONFIG_BGSCAN */
697
7c865c68
TB		 698 if (state == WPA_AUTHENTICATING)
699 wpa_supplicant_stop_autoscan(wpa_s);
700
701 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
702 wpa_supplicant_start_autoscan(wpa_s);
703
5bbf9f10 704 if (wpa_s->wpa_state != old_state) {
27f43d8d 705 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10
PS		 706
707 if (wpa_s->wpa_state == WPA_COMPLETED ||
708 old_state == WPA_COMPLETED)
709 wpas_notify_auth_changed(wpa_s);
710 }
6fc6879b
JM		 711}
712
713
1a1bf008
JM		 714void wpa_supplicant_terminate_proc(struct wpa_global *global)
715{
716 int pending = 0;
717#ifdef CONFIG_WPS
718 struct wpa_supplicant *wpa_s = global->ifaces;
719 while (wpa_s) {
720 if (wpas_wps_terminate_pending(wpa_s) == 1)
721 pending = 1;
722 wpa_s = wpa_s->next;
723 }
724#endif /* CONFIG_WPS */
725 if (pending)
726 return;
727 eloop_terminate();
728}
729
730
0456ea16 731static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 732{
0456ea16 733 struct wpa_global *global = signal_ctx;
1a1bf008 734 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 735}
736
737
b22128ef 738void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 739{
71934751 740 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 741
6fc6879b
JM		 742 wpa_s->pairwise_cipher = 0;
743 wpa_s->group_cipher = 0;
744 wpa_s->mgmt_group_cipher = 0;
745 wpa_s->key_mgmt = 0;
8401a6b0 746 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 747 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 748
749 if (wpa_s->wpa_state != old_state)
750 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 751}
752
753
754/**
755 * wpa_supplicant_reload_configuration - Reload configuration data
756 * @wpa_s: Pointer to wpa_supplicant data
757 * Returns: 0 on success or -1 if configuration parsing failed
758 *
759 * This function can be used to request that the configuration data is reloaded
760 * (e.g., after configuration file change). This function is reloading
761 * configuration only for one interface, so this may need to be called multiple
762 * times if %wpa_supplicant is controlling multiple interfaces and all
763 * interfaces need reconfiguration.
764 */
765int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
766{
767 struct wpa_config *conf;
768 int reconf_ctrl;
8bac466b
JM		 769 int old_ap_scan;
770
6fc6879b
JM		 771 if (wpa_s->confname == NULL)
772 return -1;
773 conf = wpa_config_read(wpa_s->confname);
774 if (conf == NULL) {
775 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
776 "file '%s' - exiting", wpa_s->confname);
777 return -1;
778 }
611aea7d 779 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 780
781 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
782 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
783 os_strcmp(conf->ctrl_interface,
784 wpa_s->conf->ctrl_interface) != 0);
785
786 if (reconf_ctrl && wpa_s->ctrl_iface) {
787 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
788 wpa_s->ctrl_iface = NULL;
789 }
790
791 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa
JM		 792 if (wpa_s->current_ssid) {
793 wpa_supplicant_deauthenticate(wpa_s,
794 WLAN_REASON_DEAUTH_LEAVING);
795 }
8bac466b 796
6fc6879b
JM		 797 /*
798 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
799 * pkcs11_engine_path, pkcs11_module_path.
800 */
56586197 801 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 802 /*
803 * Clear forced success to clear EAP state for next
804 * authentication.
805 */
806 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
807 }
808 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
809 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 810 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 811 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
812 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 813
814 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 815 wpa_config_free(wpa_s->conf);
816 wpa_s->conf = conf;
8bac466b
JM		 817 if (old_ap_scan != wpa_s->conf->ap_scan)
818 wpas_notify_ap_scan_changed(wpa_s);
819
6fc6879b
JM		 820 if (reconf_ctrl)
821 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
822
611aea7d
JM		 823 wpa_supplicant_update_config(wpa_s);
824
6fc6879b 825 wpa_supplicant_clear_status(wpa_s);
349493bd 826 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 827 wpa_s->reassociate = 1;
828 wpa_supplicant_req_scan(wpa_s, 0, 0);
829 }
f049052b 830 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 831 return 0;
832}
833
834
0456ea16 835static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 836{
0456ea16 837 struct wpa_global *global = signal_ctx;
6fc6879b 838 struct wpa_supplicant *wpa_s;
6fc6879b 839 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 840 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
841 sig);
6fc6879b 842 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 843 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 844 }
845 }
846}
847
848
508545f3 849enum wpa_cipher cipher_suite2driver(int cipher)
6fc6879b
JM		 850{
851 switch (cipher) {
852 case WPA_CIPHER_NONE:
853 return CIPHER_NONE;
854 case WPA_CIPHER_WEP40:
855 return CIPHER_WEP40;
856 case WPA_CIPHER_WEP104:
857 return CIPHER_WEP104;
858 case WPA_CIPHER_CCMP:
859 return CIPHER_CCMP;
eb7719ff
JM		 860 case WPA_CIPHER_GCMP:
861 return CIPHER_GCMP;
6fc6879b
JM		 862 case WPA_CIPHER_TKIP:
863 default:
864 return CIPHER_TKIP;
865 }
866}
867
868
508545f3 869enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
6fc6879b
JM		 870{
871 switch (key_mgmt) {
872 case WPA_KEY_MGMT_NONE:
873 return KEY_MGMT_NONE;
874 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
875 return KEY_MGMT_802_1X_NO_WPA;
876 case WPA_KEY_MGMT_IEEE8021X:
877 return KEY_MGMT_802_1X;
878 case WPA_KEY_MGMT_WPA_NONE:
879 return KEY_MGMT_WPA_NONE;
880 case WPA_KEY_MGMT_FT_IEEE8021X:
881 return KEY_MGMT_FT_802_1X;
882 case WPA_KEY_MGMT_FT_PSK:
883 return KEY_MGMT_FT_PSK;
56586197
JM		 884 case WPA_KEY_MGMT_IEEE8021X_SHA256:
885 return KEY_MGMT_802_1X_SHA256;
886 case WPA_KEY_MGMT_PSK_SHA256:
887 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 888 case WPA_KEY_MGMT_WPS:
889 return KEY_MGMT_WPS;
6fc6879b
JM		 890 case WPA_KEY_MGMT_PSK:
891 default:
892 return KEY_MGMT_PSK;
893 }
894}
895
896
897static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
898 struct wpa_ssid *ssid,
899 struct wpa_ie_data *ie)
900{
901 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
902 if (ret) {
903 if (ret == -2) {
904 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
905 "from association info");
906 }
907 return -1;
908 }
909
f049052b
BG		 910 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
911 "cipher suites");
6fc6879b
JM		 912 if (!(ie->group_cipher & ssid->group_cipher)) {
913 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
914 "cipher 0x%x (mask 0x%x) - reject",
915 ie->group_cipher, ssid->group_cipher);
916 return -1;
917 }
918 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
919 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
920 "cipher 0x%x (mask 0x%x) - reject",
921 ie->pairwise_cipher, ssid->pairwise_cipher);
922 return -1;
923 }
924 if (!(ie->key_mgmt & ssid->key_mgmt)) {
925 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
926 "management 0x%x (mask 0x%x) - reject",
927 ie->key_mgmt, ssid->key_mgmt);
928 return -1;
929 }
930
931#ifdef CONFIG_IEEE80211W
0b60b0aa 932 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
70f8cc8e 933 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 934 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
935 "that does not support management frame protection - "
936 "reject");
937 return -1;
938 }
939#endif /* CONFIG_IEEE80211W */
940
941 return 0;
942}
943
944
945/**
946 * wpa_supplicant_set_suites - Set authentication and encryption parameters
947 * @wpa_s: Pointer to wpa_supplicant data
948 * @bss: Scan results for the selected BSS, or %NULL if not available
949 * @ssid: Configuration data for the selected network
950 * @wpa_ie: Buffer for the WPA/RSN IE
951 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
952 * used buffer length in case the functions returns success.
953 * Returns: 0 on success or -1 on failure
954 *
955 * This function is used to configure authentication and encryption parameters
956 * based on the network configuration and scan result for the selected BSS (if
957 * available).
958 */
959int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 960 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 961 u8 *wpa_ie, size_t *wpa_ie_len)
962{
963 struct wpa_ie_data ie;
964 int sel, proto;
965 const u8 *bss_wpa, *bss_rsn;
966
967 if (bss) {
6fa81a3b
JM		 968 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
969 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 970 } else
971 bss_wpa = bss_rsn = NULL;
972
973 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
974 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
975 (ie.group_cipher & ssid->group_cipher) &&
976 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
977 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 978 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 979 proto = WPA_PROTO_RSN;
980 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
981 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
982 (ie.group_cipher & ssid->group_cipher) &&
983 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
984 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 985 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b
JM		 986 proto = WPA_PROTO_WPA;
987 } else if (bss) {
988 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
989 return -1;
990 } else {
991 if (ssid->proto & WPA_PROTO_RSN)
992 proto = WPA_PROTO_RSN;
993 else
994 proto = WPA_PROTO_WPA;
995 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
996 os_memset(&ie, 0, sizeof(ie));
997 ie.group_cipher = ssid->group_cipher;
998 ie.pairwise_cipher = ssid->pairwise_cipher;
999 ie.key_mgmt = ssid->key_mgmt;
1000#ifdef CONFIG_IEEE80211W
1001 ie.mgmt_group_cipher =
70f8cc8e 1002 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 1003 WPA_CIPHER_AES_128_CMAC : 0;
1004#endif /* CONFIG_IEEE80211W */
f049052b
BG		 1005 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1006 "based on configuration");
6fc6879b
JM		 1007 } else
1008 proto = ie.proto;
1009 }
1010
f049052b
BG		 1011 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1012 "pairwise %d key_mgmt %d proto %d",
1013 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1014#ifdef CONFIG_IEEE80211W
1015 if (ssid->ieee80211w) {
f049052b
BG		 1016 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1017 ie.mgmt_group_cipher);
6fc6879b
JM		 1018 }
1019#endif /* CONFIG_IEEE80211W */
1020
64fa840a 1021 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1022 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1023 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1024 !!(ssid->proto & WPA_PROTO_RSN));
1025
1026 if (bss || !wpa_s->ap_ies_from_associnfo) {
1027 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1028 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1029 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1030 bss_rsn ? 2 + bss_rsn[1] : 0))
1031 return -1;
1032 }
1033
1034 sel = ie.group_cipher & ssid->group_cipher;
1035 if (sel & WPA_CIPHER_CCMP) {
1036 wpa_s->group_cipher = WPA_CIPHER_CCMP;
f049052b 1037 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
eb7719ff
JM		 1038 } else if (sel & WPA_CIPHER_GCMP) {
1039 wpa_s->group_cipher = WPA_CIPHER_GCMP;
1040 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK GCMP");
6fc6879b
JM		 1041 } else if (sel & WPA_CIPHER_TKIP) {
1042 wpa_s->group_cipher = WPA_CIPHER_TKIP;
f049052b 1043 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
6fc6879b
JM		 1044 } else if (sel & WPA_CIPHER_WEP104) {
1045 wpa_s->group_cipher = WPA_CIPHER_WEP104;
f049052b 1046 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
6fc6879b
JM		 1047 } else if (sel & WPA_CIPHER_WEP40) {
1048 wpa_s->group_cipher = WPA_CIPHER_WEP40;
f049052b 1049 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
6fc6879b 1050 } else {
f049052b
BG		 1051 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1052 "cipher");
6fc6879b
JM		 1053 return -1;
1054 }
1055
1056 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1057 if (sel & WPA_CIPHER_CCMP) {
1058 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
f049052b 1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
eb7719ff
JM		 1060 } else if (sel & WPA_CIPHER_GCMP) {
1061 wpa_s->pairwise_cipher = WPA_CIPHER_GCMP;
1062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK GCMP");
6fc6879b
JM		 1063 } else if (sel & WPA_CIPHER_TKIP) {
1064 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
f049052b 1065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
6fc6879b
JM		 1066 } else if (sel & WPA_CIPHER_NONE) {
1067 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
f049052b 1068 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
6fc6879b 1069 } else {
f049052b
BG		 1070 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1071 "cipher");
6fc6879b
JM		 1072 return -1;
1073 }
1074
1075 sel = ie.key_mgmt & ssid->key_mgmt;
1076 if (0) {
1077#ifdef CONFIG_IEEE80211R
1078 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1079 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1080 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
6fc6879b
JM		 1081 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1082 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1083 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1084#endif /* CONFIG_IEEE80211R */
56586197
JM		 1085#ifdef CONFIG_IEEE80211W
1086 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1087 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1088 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1089 "WPA: using KEY_MGMT 802.1X with SHA256");
1090 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1091 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1092 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1093 "WPA: using KEY_MGMT PSK with SHA256");
1094#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1095 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1096 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1097 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1098 } else if (sel & WPA_KEY_MGMT_PSK) {
1099 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1100 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1101 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1102 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1103 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
6fc6879b 1104 } else {
f049052b
BG		 1105 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1106 "authenticated key management type");
6fc6879b
JM		 1107 return -1;
1108 }
1109
1110 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1111 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1112 wpa_s->pairwise_cipher);
1113 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1114
1115#ifdef CONFIG_IEEE80211W
1116 sel = ie.mgmt_group_cipher;
70f8cc8e 1117 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1118 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1119 sel = 0;
1120 if (sel & WPA_CIPHER_AES_128_CMAC) {
1121 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1122 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b
JM		 1123 "AES-128-CMAC");
1124 } else {
1125 wpa_s->mgmt_group_cipher = 0;
f049052b 1126 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1127 }
1128 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1129 wpa_s->mgmt_group_cipher);
e820cf95 1130 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
6fc6879b
JM		 1131#endif /* CONFIG_IEEE80211W */
1132
1133 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1134 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1135 return -1;
1136 }
1137
0bf927a0 1138 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
6fc6879b 1139 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
7d232e23
ZC		 1140#ifndef CONFIG_NO_PBKDF2
1141 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1142 ssid->passphrase) {
1143 u8 psk[PMK_LEN];
986de33d
JM		 1144 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1145 4096, psk, PMK_LEN);
7d232e23
ZC		 1146 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1147 psk, PMK_LEN);
1148 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1149 }
1150#endif /* CONFIG_NO_PBKDF2 */
9173b16f
JM		 1151#ifdef CONFIG_EXT_PASSWORD
1152 if (ssid->ext_psk) {
1153 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1154 ssid->ext_psk);
1155 char pw_str[64 + 1];
1156 u8 psk[PMK_LEN];
1157
1158 if (pw == NULL) {
1159 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1160 "found from external storage");
1161 return -1;
1162 }
1163
1164 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1165 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1166 "PSK length %d in external storage",
1167 (int) wpabuf_len(pw));
1168 ext_password_free(pw);
1169 return -1;
1170 }
1171
1172 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1173 pw_str[wpabuf_len(pw)] = '\0';
1174
1175#ifndef CONFIG_NO_PBKDF2
1176 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1177 {
986de33d
JM		 1178 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1179 4096, psk, PMK_LEN);
9173b16f
JM		 1180 os_memset(pw_str, 0, sizeof(pw_str));
1181 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1182 "external passphrase)",
1183 psk, PMK_LEN);
1184 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1185 } else
1186#endif /* CONFIG_NO_PBKDF2 */
1187 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1188 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1189 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1190 "Invalid PSK hex string");
1191 os_memset(pw_str, 0, sizeof(pw_str));
1192 ext_password_free(pw);
1193 return -1;
1194 }
1195 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1196 } else {
1197 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1198 "PSK available");
1199 os_memset(pw_str, 0, sizeof(pw_str));
1200 ext_password_free(pw);
1201 return -1;
1202 }
1203
1204 os_memset(pw_str, 0, sizeof(pw_str));
1205 ext_password_free(pw);
1206 }
1207#endif /* CONFIG_EXT_PASSWORD */
7d232e23 1208 } else
6fc6879b
JM		 1209 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1210
1211 return 0;
1212}
1213
1214
1215/**
1216 * wpa_supplicant_associate - Request association
1217 * @wpa_s: Pointer to wpa_supplicant data
1218 * @bss: Scan results for the selected BSS, or %NULL if not available
1219 * @ssid: Configuration data for the selected network
1220 *
1221 * This function is used to request %wpa_supplicant to associate with a BSS.
1222 */
1223void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1224 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1225{
5f3a6aa0 1226 u8 wpa_ie[200];
6fc6879b 1227 size_t wpa_ie_len;
8bac466b 1228 int use_crypt, ret, i, bssid_changed;
abd9fafa 1229 int algs = WPA_AUTH_ALG_OPEN;
71934751 1230 enum wpa_cipher cipher_pairwise, cipher_group;
6fc6879b
JM		 1231 struct wpa_driver_associate_params params;
1232 int wep_keys_set = 0;
1233 struct wpa_driver_capa capa;
1234 int assoc_failed = 0;
8bac466b 1235 struct wpa_ssid *old_ssid;
80e8a5ee
BG		 1236#ifdef CONFIG_HT_OVERRIDES
1237 struct ieee80211_ht_capabilities htcaps;
1238 struct ieee80211_ht_capabilities htcaps_mask;
1239#endif /* CONFIG_HT_OVERRIDES */
6fc6879b 1240
78177a00
JM		 1241#ifdef CONFIG_IBSS_RSN
1242 ibss_rsn_deinit(wpa_s->ibss_rsn);
1243 wpa_s->ibss_rsn = NULL;
1244#endif /* CONFIG_IBSS_RSN */
1245
2c5d725c
JM		 1246 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1247 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1248#ifdef CONFIG_AP
1249 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1250 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1251 "mode");
1581b38b
JM		 1252 return;
1253 }
8c981d17
DW		 1254 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1255 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1256 return;
1257 }
8f770587 1258 wpa_s->current_bss = bss;
1581b38b 1259#else /* CONFIG_AP */
f049052b
BG		 1260 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1261 "the build");
1581b38b
JM		 1262#endif /* CONFIG_AP */
1263 return;
1264 }
1265
52c9e6f3 1266#ifdef CONFIG_TDLS
95cb2d88
JM		 1267 if (bss)
1268 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1269 bss->ie_len);
52c9e6f3
JM		 1270#endif /* CONFIG_TDLS */
1271
5cc4d64b
JM		 1272 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1273 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1274 sme_authenticate(wpa_s, bss, ssid);
1275 return;
1276 }
1277
0c80427d 1278 os_memset(&params, 0, sizeof(params));
6fc6879b 1279 wpa_s->reassociate = 0;
22628eca 1280 if (bss && !wpas_driver_bss_selection(wpa_s)) {
6fc6879b 1281#ifdef CONFIG_IEEE80211R
6fa81a3b 1282 const u8 *ie, *md = NULL;
6fc6879b 1283#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1284 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1285 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1286 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1287 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1288 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1289 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1290 if (bssid_changed)
1291 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1292#ifdef CONFIG_IEEE80211R
6fa81a3b 1293 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1294 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1295 md = ie + 2;
e7846b68 1296 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
91a05482
JM		 1297 if (md) {
1298 /* Prepare for the next transition */
76b7981d 1299 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
91a05482 1300 }
6fc6879b 1301#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1302#ifdef CONFIG_WPS
1303 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1304 wpa_s->conf->ap_scan == 2 &&
1305 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1306 /* Use ap_scan==1 style network selection to find the network
1307 */
1308 wpa_s->scan_req = 2;
1309 wpa_s->reassociate = 1;
1310 wpa_supplicant_req_scan(wpa_s, 0, 0);
1311 return;
1312#endif /* CONFIG_WPS */
6fc6879b
JM		 1313 } else {
1314 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1315 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1316 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1317 }
a4cba8f1 1318 wpa_supplicant_cancel_sched_scan(wpa_s);
6fc6879b
JM		 1319 wpa_supplicant_cancel_scan(wpa_s);
1320
1321 /* Starting new association, so clear the possibly used WPA IE from the
1322 * previous association. */
1323 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1324
1325#ifdef IEEE8021X_EAPOL
1326 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1327 if (ssid->leap) {
1328 if (ssid->non_leap == 0)
abd9fafa 1329 algs = WPA_AUTH_ALG_LEAP;
6fc6879b 1330 else
abd9fafa 1331 algs |= WPA_AUTH_ALG_LEAP;
6fc6879b
JM		 1332 }
1333 }
1334#endif /* IEEE8021X_EAPOL */
f049052b 1335 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
6fc6879b 1336 if (ssid->auth_alg) {
abd9fafa 1337 algs = ssid->auth_alg;
f049052b
BG		 1338 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1339 "0x%x", algs);
6fc6879b 1340 }
6fc6879b 1341
6fa81a3b
JM		 1342 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1343 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 1344 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b
JM		 1345 int try_opportunistic;
1346 try_opportunistic = ssid->proactive_key_caching &&
1347 (ssid->proto & WPA_PROTO_RSN);
1348 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1349 wpa_s->current_ssid,
1350 try_opportunistic) == 0)
1351 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1352 wpa_ie_len = sizeof(wpa_ie);
1353 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1354 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1355 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1356 "key management and encryption suites");
6fc6879b
JM		 1357 return;
1358 }
a3f7e518
JM		 1359 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1360 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1361 /*
1362 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1363 * use non-WPA since the scan results did not indicate that the
1364 * AP is using WPA or WPA2.
1365 */
1366 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1367 wpa_ie_len = 0;
1368 wpa_s->wpa_proto = 0;
0bf927a0 1369 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
6fc6879b
JM		 1370 wpa_ie_len = sizeof(wpa_ie);
1371 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1372 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1373 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1374 "key management and encryption suites (no "
1375 "scan results)");
6fc6879b
JM		 1376 return;
1377 }
ad08c363
JM		 1378#ifdef CONFIG_WPS
1379 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1380 struct wpabuf *wps_ie;
1381 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1382 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1383 wpa_ie_len = wpabuf_len(wps_ie);
1384 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1385 } else
1386 wpa_ie_len = 0;
ad08c363
JM		 1387 wpabuf_free(wps_ie);
1388 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d
JM		 1389 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1390 params.wps = WPS_MODE_PRIVACY;
1391 else
1392 params.wps = WPS_MODE_OPEN;
cf546f1a 1393 wpa_s->wpa_proto = 0;
ad08c363 1394#endif /* CONFIG_WPS */
6fc6879b
JM		 1395 } else {
1396 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1397 wpa_ie_len = 0;
cf546f1a 1398 wpa_s->wpa_proto = 0;
6fc6879b
JM		 1399 }
1400
5f3a6aa0
JM		 1401#ifdef CONFIG_P2P
1402 if (wpa_s->global->p2p) {
1403 u8 *pos;
1404 size_t len;
1405 int res;
5f3a6aa0
JM		 1406 pos = wpa_ie + wpa_ie_len;
1407 len = sizeof(wpa_ie) - wpa_ie_len;
b8a8d677
JM		 1408 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1409 ssid->p2p_group);
5f3a6aa0
JM		 1410 if (res >= 0)
1411 wpa_ie_len += res;
1412 }
72044390
JM		 1413
1414 wpa_s->cross_connect_disallowed = 0;
1415 if (bss) {
1416 struct wpabuf *p2p;
1417 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1418 if (p2p) {
1419 wpa_s->cross_connect_disallowed =
1420 p2p_get_cross_connect_disallowed(p2p);
1421 wpabuf_free(p2p);
f049052b
BG		 1422 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1423 "connection",
1424 wpa_s->cross_connect_disallowed ?
1425 "disallows" : "allows");
72044390
JM		 1426 }
1427 }
5f3a6aa0
JM		 1428#endif /* CONFIG_P2P */
1429
cb418324
JM		 1430#ifdef CONFIG_HS20
1431 if (wpa_s->conf->hs20) {
1432 struct wpabuf *hs20;
1433 hs20 = wpabuf_alloc(20);
1434 if (hs20) {
1435 wpas_hs20_add_indication(hs20);
1436 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1437 wpabuf_len(hs20));
1438 wpa_ie_len += wpabuf_len(hs20);
1439 wpabuf_free(hs20);
1440 }
1441 }
1442#endif /* CONFIG_HS20 */
1443
92cbcf91
JM		 1444#ifdef CONFIG_INTERWORKING
1445 if (wpa_s->conf->interworking) {
1446 u8 *pos = wpa_ie;
1447 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1448 pos += 2 + pos[1];
1449 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie));
1450 wpa_ie_len += 6;
1451 *pos++ = WLAN_EID_EXT_CAPAB;
1452 *pos++ = 4;
1453 *pos++ = 0x00;
1454 *pos++ = 0x00;
1455 *pos++ = 0x00;
1456 *pos++ = 0x80; /* Bit 31 - Interworking */
1457 }
1458#endif /* CONFIG_INTERWORKING */
1459
6fc6879b
JM		 1460 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1461 use_crypt = 1;
1462 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1463 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1464 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1465 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1466 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1467 use_crypt = 0;
1468 if (wpa_set_wep_keys(wpa_s, ssid)) {
1469 use_crypt = 1;
1470 wep_keys_set = 1;
1471 }
1472 }
ad08c363
JM		 1473 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1474 use_crypt = 0;
6fc6879b
JM		 1475
1476#ifdef IEEE8021X_EAPOL
1477 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1478 if ((ssid->eapol_flags &
1479 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1480 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1481 !wep_keys_set) {
1482 use_crypt = 0;
1483 } else {
1484 /* Assume that dynamic WEP-104 keys will be used and
1485 * set cipher suites in order for drivers to expect
1486 * encryption. */
1487 cipher_pairwise = cipher_group = CIPHER_WEP104;
1488 }
1489 }
1490#endif /* IEEE8021X_EAPOL */
1491
1492 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1493 /* Set the key before (and later after) association */
1494 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1495 }
1496
6fc6879b 1497 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 1498 if (bss) {
6fa81a3b
JM		 1499 params.ssid = bss->ssid;
1500 params.ssid_len = bss->ssid_len;
f15854d1
JM		 1501 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1502 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1503 MACSTR " freq=%u MHz based on scan results "
1504 "(bssid_set=%d)",
1505 MAC2STR(bss->bssid), bss->freq,
1506 ssid->bssid_set);
22628eca
JM		 1507 params.bssid = bss->bssid;
1508 params.freq = bss->freq;
1509 }
6fc6879b
JM		 1510 } else {
1511 params.ssid = ssid->ssid;
1512 params.ssid_len = ssid->ssid_len;
1513 }
9e2af29f
NC		 1514
1515 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1516 wpa_s->conf->ap_scan == 2) {
1517 params.bssid = ssid->bssid;
1518 params.fixed_bssid = 1;
1519 }
1520
d7dcba70
JM		 1521 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1522 params.freq == 0)
6fc6879b
JM		 1523 params.freq = ssid->frequency; /* Initial channel for IBSS */
1524 params.wpa_ie = wpa_ie;
1525 params.wpa_ie_len = wpa_ie_len;
1526 params.pairwise_suite = cipher_pairwise;
1527 params.group_suite = cipher_group;
1528 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
64fa840a 1529 params.wpa_proto = wpa_s->wpa_proto;
6fc6879b
JM		 1530 params.auth_alg = algs;
1531 params.mode = ssid->mode;
1f6c0ab8 1532 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 1533 for (i = 0; i < NUM_WEP_KEYS; i++) {
1534 if (ssid->wep_key_len[i])
1535 params.wep_key[i] = ssid->wep_key[i];
1536 params.wep_key_len[i] = ssid->wep_key_len[i];
1537 }
1538 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1539
c2a04078 1540 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1541 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1542 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1543 params.passphrase = ssid->passphrase;
1544 if (ssid->psk_set)
1545 params.psk = ssid->psk;
1546 }
1547
36b15723
JM		 1548 params.drop_unencrypted = use_crypt;
1549
6fc6879b 1550#ifdef CONFIG_IEEE80211W
70f8cc8e
JM		 1551 params.mgmt_frame_protection = ssid->ieee80211w;
1552 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1553 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1554 struct wpa_ie_data ie;
1555 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1556 ie.capabilities &
1557 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 1558 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1559 "MFP: require MFP");
97d3497e
JM		 1560 params.mgmt_frame_protection =
1561 MGMT_FRAME_PROTECTION_REQUIRED;
1562 }
1563 }
6fc6879b
JM		 1564#endif /* CONFIG_IEEE80211W */
1565
ffad8858 1566 params.p2p = ssid->p2p_group;
6e3f4b89 1567
eea2fd9e
JM		 1568 if (wpa_s->parent->set_sta_uapsd)
1569 params.uapsd = wpa_s->parent->sta_uapsd;
1570 else
1571 params.uapsd = -1;
1572
80e8a5ee
BG		 1573#ifdef CONFIG_HT_OVERRIDES
1574 os_memset(&htcaps, 0, sizeof(htcaps));
1575 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1576 params.htcaps = (u8 *) &htcaps;
1577 params.htcaps_mask = (u8 *) &htcaps_mask;
1578 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1579#endif /* CONFIG_HT_OVERRIDES */
1580
17fbb751 1581 ret = wpa_drv_associate(wpa_s, &params);
6fc6879b
JM		 1582 if (ret < 0) {
1583 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1584 "failed");
871f4dd0
JM		 1585 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1586 /*
1587 * The driver is known to mean what is saying, so we
1588 * can stop right here; the association will not
1589 * succeed.
1590 */
1591 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 1592 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 1593 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1594 return;
1595 }
6fc6879b
JM		 1596 /* try to continue anyway; new association will be tried again
1597 * after timeout */
1598 assoc_failed = 1;
1599 }
1600
1601 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1602 /* Set the key after the association just in case association
1603 * cleared the previously configured key. */
1604 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1605 /* No need to timeout authentication since there is no key
1606 * management. */
1607 wpa_supplicant_cancel_auth_timeout(wpa_s);
1608 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1609#ifdef CONFIG_IBSS_RSN
d7dcba70 1610 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1611 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1612 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1613 /*
1614 * RSN IBSS authentication is per-STA and we can disable the
1615 * per-BSSID authentication.
1616 */
1617 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1618#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1619 } else {
1620 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1621 int timeout = 60;
1622
1623 if (assoc_failed) {
1624 /* give IBSS a bit more time */
d7dcba70 1625 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1626 } else if (wpa_s->conf->ap_scan == 1) {
1627 /* give IBSS a bit more time */
d7dcba70 1628 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1629 }
6fc6879b
JM		 1630 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1631 }
1632
1633 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1634 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1635 /* Set static WEP keys again */
1636 wpa_set_wep_keys(wpa_s, ssid);
1637 }
1638
1639 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1640 /*
1641 * Do not allow EAP session resumption between different
1642 * network configurations.
1643 */
1644 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1645 }
8bac466b 1646 old_ssid = wpa_s->current_ssid;
6fc6879b 1647 wpa_s->current_ssid = ssid;
8f770587 1648 wpa_s->current_bss = bss;
6fc6879b
JM		 1649 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1650 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1651 if (old_ssid != wpa_s->current_ssid)
1652 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1653}
1654
1655
09f58c09
JM		 1656static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1657 const u8 *addr)
1658{
1659 struct wpa_ssid *old_ssid;
1660
1661 wpa_clear_keys(wpa_s, addr);
09f58c09 1662 old_ssid = wpa_s->current_ssid;
0d30cc24 1663 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 1664 wpa_sm_set_config(wpa_s->wpa, NULL);
1665 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1666 if (old_ssid != wpa_s->current_ssid)
1667 wpas_notify_network_changed(wpa_s);
1668 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1669}
1670
1671
6fc6879b
JM		 1672/**
1673 * wpa_supplicant_disassociate - Disassociate the current connection
1674 * @wpa_s: Pointer to wpa_supplicant data
1675 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1676 *
1677 * This function is used to request %wpa_supplicant to disassociate with the
1678 * current AP.
1679 */
1680void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1681 int reason_code)
1682{
1683 u8 *addr = NULL;
ef48ff94 1684 union wpa_event_data event;
8bac466b 1685
a8e16edc 1686 if (!is_zero_ether_addr(wpa_s->bssid)) {
17fbb751 1687 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
6fc6879b 1688 addr = wpa_s->bssid;
ef48ff94
JM		 1689 os_memset(&event, 0, sizeof(event));
1690 event.disassoc_info.reason_code = (u16) reason_code;
1691 event.disassoc_info.locally_generated = 1;
1692 wpa_supplicant_event(wpa_s, EVENT_DISASSOC, &event);
6fc6879b 1693 }
09f58c09
JM		 1694
1695 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1696}
1697
1698
1699/**
1700 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1701 * @wpa_s: Pointer to wpa_supplicant data
1702 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1703 *
073ab58f 1704 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1705 * current AP.
1706 */
1707void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1708 int reason_code)
1709{
1710 u8 *addr = NULL;
ef48ff94 1711 union wpa_event_data event;
8bac466b 1712
a8e16edc 1713 if (!is_zero_ether_addr(wpa_s->bssid)) {
17fbb751 1714 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
6fc6879b 1715 addr = wpa_s->bssid;
ef48ff94
JM		 1716 os_memset(&event, 0, sizeof(event));
1717 event.deauth_info.reason_code = (u16) reason_code;
1718 event.deauth_info.locally_generated = 1;
1719 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
6fc6879b 1720 }
09f58c09
JM		 1721
1722 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1723}
1724
1725
86b89452
WS		 1726/**
1727 * wpa_supplicant_enable_network - Mark a configured network as enabled
1728 * @wpa_s: wpa_supplicant structure for a network interface
1729 * @ssid: wpa_ssid structure for a configured network or %NULL
1730 *
1731 * Enables the specified network or all networks if no network specified.
1732 */
1733void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1734 struct wpa_ssid *ssid)
1735{
1736 struct wpa_ssid *other_ssid;
1737 int was_disabled;
1738
1739 if (ssid == NULL) {
4dac0245
JM		 1740 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1741 other_ssid = other_ssid->next) {
1742 if (other_ssid->disabled == 2)
1743 continue; /* do not change persistent P2P group
1744 * data */
86b89452
WS		 1745 if (other_ssid == wpa_s->current_ssid &&
1746 other_ssid->disabled)
1747 wpa_s->reassociate = 1;
1748
1749 was_disabled = other_ssid->disabled;
1750
1751 other_ssid->disabled = 0;
00e5e3d5
JM		 1752 if (was_disabled)
1753 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 1754
1755 if (was_disabled != other_ssid->disabled)
1756 wpas_notify_network_enabled_changed(
1757 wpa_s, other_ssid);
86b89452
WS		 1758 }
1759 if (wpa_s->reassociate)
1760 wpa_supplicant_req_scan(wpa_s, 0, 0);
4dac0245 1761 } else if (ssid->disabled && ssid->disabled != 2) {
adc8d4a7
KM		 1762 if (wpa_s->current_ssid == NULL) {
1763 /*
1764 * Try to reassociate since there is no current
1765 * configuration and a new network was made available.
1766 */
1767 wpa_s->reassociate = 1;
1768 wpa_supplicant_req_scan(wpa_s, 0, 0);
1769 }
86b89452
WS		 1770
1771 was_disabled = ssid->disabled;
1772
1773 ssid->disabled = 0;
00e5e3d5 1774 wpas_clear_temp_disabled(wpa_s, ssid, 1);
86b89452
WS		 1775
1776 if (was_disabled != ssid->disabled)
1777 wpas_notify_network_enabled_changed(wpa_s, ssid);
1778 }
1779}
1780
1781
1782/**
1783 * wpa_supplicant_disable_network - Mark a configured network as disabled
1784 * @wpa_s: wpa_supplicant structure for a network interface
1785 * @ssid: wpa_ssid structure for a configured network or %NULL
1786 *
1787 * Disables the specified network or all networks if no network specified.
1788 */
1789void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1790 struct wpa_ssid *ssid)
1791{
1792 struct wpa_ssid *other_ssid;
1793 int was_disabled;
1794
1795 if (ssid == NULL) {
4dac0245
JM		 1796 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1797 other_ssid = other_ssid->next) {
86b89452 1798 was_disabled = other_ssid->disabled;
4dac0245
JM		 1799 if (was_disabled == 2)
1800 continue; /* do not change persistent P2P group
1801 * data */
86b89452
WS		 1802
1803 other_ssid->disabled = 1;
1804
1805 if (was_disabled != other_ssid->disabled)
1806 wpas_notify_network_enabled_changed(
1807 wpa_s, other_ssid);
86b89452
WS		 1808 }
1809 if (wpa_s->current_ssid)
1810 wpa_supplicant_disassociate(
1811 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4dac0245 1812 } else if (ssid->disabled != 2) {
86b89452
WS		 1813 if (ssid == wpa_s->current_ssid)
1814 wpa_supplicant_disassociate(
1815 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1816
1817 was_disabled = ssid->disabled;
1818
1819 ssid->disabled = 1;
1820
1821 if (was_disabled != ssid->disabled)
1822 wpas_notify_network_enabled_changed(wpa_s, ssid);
1823 }
1824}
1825
1826
1827/**
1828 * wpa_supplicant_select_network - Attempt association with a network
1829 * @wpa_s: wpa_supplicant structure for a network interface
1830 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1831 */
1832void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1833 struct wpa_ssid *ssid)
1834{
1835
1836 struct wpa_ssid *other_ssid;
d93dfbd5 1837 int disconnected = 0;
86b89452 1838
d93dfbd5 1839 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
86b89452
WS		 1840 wpa_supplicant_disassociate(
1841 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 1842 disconnected = 1;
1843 }
86b89452 1844
00e5e3d5
JM		 1845 if (ssid)
1846 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1847
86b89452
WS		 1848 /*
1849 * Mark all other networks disabled or mark all networks enabled if no
1850 * network specified.
1851 */
4dac0245
JM		 1852 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1853 other_ssid = other_ssid->next) {
86b89452 1854 int was_disabled = other_ssid->disabled;
4dac0245
JM		 1855 if (was_disabled == 2)
1856 continue; /* do not change persistent P2P group data */
86b89452
WS		 1857
1858 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 1859 if (was_disabled && !other_ssid->disabled)
1860 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 1861
1862 if (was_disabled != other_ssid->disabled)
1863 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 1864 }
2a6f78fb
JJ		 1865
1866 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1867 /* We are already associated with the selected network */
1868 wpa_printf(MSG_DEBUG, "Already associated with the "
1869 "selected network - do nothing");
1870 return;
1871 }
1872
96efeeb6
JM		 1873 if (ssid)
1874 wpa_s->current_ssid = ssid;
7dcdcfd6 1875 wpa_s->connect_without_scan = NULL;
86b89452
WS		 1876 wpa_s->disconnected = 0;
1877 wpa_s->reassociate = 1;
d93dfbd5 1878 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
86b89452 1879
a1641d26
JM		 1880 if (ssid)
1881 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 1882}
1883
1884
1885/**
1886 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1887 * @wpa_s: wpa_supplicant structure for a network interface
1888 * @ap_scan: AP scan mode
1889 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1890 *
1891 */
1892int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1893{
1894
1895 int old_ap_scan;
1896
1897 if (ap_scan < 0 || ap_scan > 2)
1898 return -1;
1899
48f8e036
DS		 1900#ifdef ANDROID
1901 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1902 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1903 wpa_s->wpa_state < WPA_COMPLETED) {
1904 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1905 "associating", wpa_s->conf->ap_scan, ap_scan);
1906 return 0;
1907 }
1908#endif /* ANDROID */
1909
86b89452
WS		 1910 old_ap_scan = wpa_s->conf->ap_scan;
1911 wpa_s->conf->ap_scan = ap_scan;
1912
1913 if (old_ap_scan != wpa_s->conf->ap_scan)
1914 wpas_notify_ap_scan_changed(wpa_s);
1915
1916 return 0;
1917}
1918
1919
78633c37
SL		 1920/**
1921 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1922 * @wpa_s: wpa_supplicant structure for a network interface
1923 * @expire_age: Expiration age in seconds
1924 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1925 *
1926 */
1927int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1928 unsigned int bss_expire_age)
1929{
1930 if (bss_expire_age < 10) {
1931 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1932 bss_expire_age);
1933 return -1;
1934 }
1935 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1936 bss_expire_age);
1937 wpa_s->conf->bss_expiration_age = bss_expire_age;
1938
1939 return 0;
1940}
1941
1942
1943/**
1944 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1945 * @wpa_s: wpa_supplicant structure for a network interface
1946 * @expire_count: number of scans after which an unseen BSS is reclaimed
1947 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1948 *
1949 */
1950int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1951 unsigned int bss_expire_count)
1952{
1953 if (bss_expire_count < 1) {
1954 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1955 bss_expire_count);
1956 return -1;
1957 }
1958 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1959 bss_expire_count);
1960 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1961
1962 return 0;
1963}
1964
1965
c6e86b63
MA		 1966/**
1967 * wpa_supplicant_set_scan_interval - Set scan interval
1968 * @wpa_s: wpa_supplicant structure for a network interface
1969 * @scan_interval: scan interval in seconds
1970 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
1971 *
1972 */
1973int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
1974 int scan_interval)
1975{
1976 if (scan_interval < 0) {
1977 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
1978 scan_interval);
1979 return -1;
1980 }
1981 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
1982 scan_interval);
1983 wpa_s->scan_interval = scan_interval;
1984
1985 return 0;
1986}
1987
1988
86b89452
WS		 1989/**
1990 * wpa_supplicant_set_debug_params - Set global debug params
1991 * @global: wpa_global structure
1992 * @debug_level: debug level
1993 * @debug_timestamp: determines if show timestamp in debug data
1994 * @debug_show_keys: determines if show keys in debug data
1995 * Returns: 0 if succeed or -1 if debug_level has wrong value
1996 */
1997int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1998 int debug_timestamp, int debug_show_keys)
1999{
2000
2001 int old_level, old_timestamp, old_show_keys;
2002
2003 /* check for allowed debuglevels */
14dc0011
PS		 2004 if (debug_level != MSG_EXCESSIVE &&
2005 debug_level != MSG_MSGDUMP &&
86b89452
WS		 2006 debug_level != MSG_DEBUG &&
2007 debug_level != MSG_INFO &&
2008 debug_level != MSG_WARNING &&
2009 debug_level != MSG_ERROR)
2010 return -1;
2011
2012 old_level = wpa_debug_level;
2013 old_timestamp = wpa_debug_timestamp;
2014 old_show_keys = wpa_debug_show_keys;
2015
2016 wpa_debug_level = debug_level;
2017 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2018 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2019
db9133ac
WS		 2020 if (wpa_debug_level != old_level)
2021 wpas_notify_debug_level_changed(global);
2022 if (wpa_debug_timestamp != old_timestamp)
2023 wpas_notify_debug_timestamp_changed(global);
2024 if (wpa_debug_show_keys != old_show_keys)
2025 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 2026
2027 return 0;
2028}
2029
2030
6fc6879b
JM		 2031/**
2032 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2033 * @wpa_s: Pointer to wpa_supplicant data
2034 * Returns: A pointer to the current network structure or %NULL on failure
2035 */
2036struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2037{
2038 struct wpa_ssid *entry;
2039 u8 ssid[MAX_SSID_LEN];
2040 int res;
2041 size_t ssid_len;
2042 u8 bssid[ETH_ALEN];
2043 int wired;
2044
17fbb751
JM		 2045 res = wpa_drv_get_ssid(wpa_s, ssid);
2046 if (res < 0) {
2047 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2048 "driver");
2049 return NULL;
6fc6879b 2050 }
17fbb751 2051 ssid_len = res;
6fc6879b 2052
17fbb751 2053 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 2054 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2055 "driver");
6fc6879b
JM		 2056 return NULL;
2057 }
2058
c2a04078
JM		 2059 wired = wpa_s->conf->ap_scan == 0 &&
2060 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 2061
2062 entry = wpa_s->conf->ssid;
2063 while (entry) {
349493bd 2064 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 2065 ((ssid_len == entry->ssid_len &&
2066 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2067 (!entry->bssid_set ||
2068 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2069 return entry;
24c23d1b 2070#ifdef CONFIG_WPS
349493bd 2071 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 2072 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2073 (entry->ssid == NULL || entry->ssid_len == 0) &&
2074 (!entry->bssid_set ||
2075 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2076 return entry;
2077#endif /* CONFIG_WPS */
7d232e23 2078
349493bd 2079 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 2080 entry->ssid_len == 0 &&
2081 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2082 return entry;
2083
6fc6879b
JM		 2084 entry = entry->next;
2085 }
2086
2087 return NULL;
2088}
2089
2090
7756114f
JM		 2091static int select_driver(struct wpa_supplicant *wpa_s, int i)
2092{
2093 struct wpa_global *global = wpa_s->global;
2094
2095 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2096 global->drv_priv[i] = wpa_drivers[i]->global_init();
2097 if (global->drv_priv[i] == NULL) {
2098 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2099 "'%s'", wpa_drivers[i]->name);
2100 return -1;
2101 }
2102 }
2103
2104 wpa_s->driver = wpa_drivers[i];
2105 wpa_s->global_drv_priv = global->drv_priv[i];
2106
2107 return 0;
2108}
2109
2110
6fc6879b
JM		 2111static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2112 const char *name)
2113{
2114 int i;
362f781e 2115 size_t len;
74b1c84a 2116 const char *pos, *driver = name;
6fc6879b
JM		 2117
2118 if (wpa_s == NULL)
2119 return -1;
2120
c5121837 2121 if (wpa_drivers[0] == NULL) {
f049052b
BG		 2122 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2123 "wpa_supplicant");
6fc6879b
JM		 2124 return -1;
2125 }
2126
2127 if (name == NULL) {
2128 /* default to first driver in the list */
7756114f 2129 return select_driver(wpa_s, 0);
6fc6879b
JM		 2130 }
2131
74b1c84a
SO		 2132 do {
2133 pos = os_strchr(driver, ',');
2134 if (pos)
2135 len = pos - driver;
2136 else
2137 len = os_strlen(driver);
2138
2139 for (i = 0; wpa_drivers[i]; i++) {
2140 if (os_strlen(wpa_drivers[i]->name) == len &&
2141 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 2142 0) {
2143 /* First driver that succeeds wins */
2144 if (select_driver(wpa_s, i) == 0)
2145 return 0;
2146 }
6fc6879b 2147 }
74b1c84a
SO		 2148
2149 driver = pos + 1;
2150 } while (pos);
6fc6879b 2151
f049052b 2152 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 2153 return -1;
2154}
2155
2156
a8e0505b
JM		 2157/**
2158 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2159 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2160 * with struct wpa_driver_ops::init()
2161 * @src_addr: Source address of the EAPOL frame
2162 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2163 * @len: Length of the EAPOL data
2164 *
2165 * This function is called for each received EAPOL frame. Most driver
2166 * interfaces rely on more generic OS mechanism for receiving frames through
2167 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2168 * take care of received EAPOL frames and deliver them to the core supplicant
2169 * code by calling this function.
2170 */
6fc6879b
JM		 2171void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2172 const u8 *buf, size_t len)
2173{
2174 struct wpa_supplicant *wpa_s = ctx;
2175
f049052b 2176 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 2177 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2178
1ff73338
JM		 2179 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
2180 /*
2181 * There is possible race condition between receiving the
2182 * association event and the EAPOL frame since they are coming
2183 * through different paths from the driver. In order to avoid
2184 * issues in trying to process the EAPOL frame before receiving
2185 * association information, lets queue it for processing until
2186 * the association event is received.
2187 */
f049052b
BG		 2188 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2189 "of received EAPOL frame");
1ff73338
JM		 2190 wpabuf_free(wpa_s->pending_eapol_rx);
2191 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2192 if (wpa_s->pending_eapol_rx) {
2193 os_get_time(&wpa_s->pending_eapol_rx_time);
2194 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2195 ETH_ALEN);
2196 }
2197 return;
2198 }
2199
db149ac9
JM		 2200#ifdef CONFIG_AP
2201 if (wpa_s->ap_iface) {
2202 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2203 return;
2204 }
2205#endif /* CONFIG_AP */
2206
6fc6879b 2207 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 2208 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2209 "no key management is configured");
6fc6879b
JM		 2210 return;
2211 }
2212
2213 if (wpa_s->eapol_received == 0 &&
c2a04078 2214 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 2215 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 2216 wpa_s->wpa_state != WPA_COMPLETED) &&
2217 (wpa_s->current_ssid == NULL ||
2218 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 2219 /* Timeout for completing IEEE 802.1X and WPA authentication */
2220 wpa_supplicant_req_auth_timeout(
2221 wpa_s,
56586197 2222 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 2223 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2224 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 2225 70 : 10, 0);
2226 }
2227 wpa_s->eapol_received++;
2228
2229 if (wpa_s->countermeasures) {
f049052b
BG		 2230 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2231 "EAPOL packet");
6fc6879b
JM		 2232 return;
2233 }
2234
8be18440
JM		 2235#ifdef CONFIG_IBSS_RSN
2236 if (wpa_s->current_ssid &&
d7dcba70 2237 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 2238 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2239 return;
2240 }
2241#endif /* CONFIG_IBSS_RSN */
2242
6fc6879b
JM		 2243 /* Source address of the incoming EAPOL frame could be compared to the
2244 * current BSSID. However, it is possible that a centralized
2245 * Authenticator could be using another MAC address than the BSSID of
2246 * an AP, so just allow any address to be used for now. The replies are
2247 * still sent to the current BSSID (if available), though. */
2248
2249 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 2250 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 2251 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2252 return;
2253 wpa_drv_poll(wpa_s);
c2a04078 2254 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 2255 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 2256 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 2257 /*
2258 * Set portValid = TRUE here since we are going to skip 4-way
2259 * handshake processing which would normally set portValid. We
2260 * need this to allow the EAPOL state machines to be completed
2261 * without going through EAPOL-Key handshake.
2262 */
2263 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2264 }
2265}
2266
2267
bfba8deb 2268int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 2269{
6fc6879b
JM		 2270 if (wpa_s->driver->send_eapol) {
2271 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2272 if (addr)
2273 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
fdadd5fe
JM		 2274 } else if (!(wpa_s->drv_flags &
2275 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 2276 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 2277 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2278 wpa_drv_get_mac_addr(wpa_s),
2279 ETH_P_EAPOL,
2280 wpa_supplicant_rx_eapol, wpa_s, 0);
2281 if (wpa_s->l2 == NULL)
2282 return -1;
fdadd5fe
JM		 2283 } else {
2284 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2285 if (addr)
2286 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 2287 }
2288
2289 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 2290 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 2291 return -1;
2292 }
2293
f049052b
BG		 2294 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2295 MAC2STR(wpa_s->own_addr));
f98eb880 2296 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
6fc6879b 2297
bfba8deb
JM		 2298 return 0;
2299}
2300
2301
25f839c6
JM		 2302static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2303 const u8 *buf, size_t len)
2304{
2305 struct wpa_supplicant *wpa_s = ctx;
2306 const struct l2_ethhdr *eth;
2307
2308 if (len < sizeof(*eth))
2309 return;
2310 eth = (const struct l2_ethhdr *) buf;
2311
2312 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2313 !(eth->h_dest[0] & 0x01)) {
2314 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2315 " (bridge - not for this interface - ignore)",
2316 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2317 return;
2318 }
2319
2320 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2321 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2322 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2323 len - sizeof(*eth));
2324}
2325
2326
bfba8deb
JM		 2327/**
2328 * wpa_supplicant_driver_init - Initialize driver interface parameters
2329 * @wpa_s: Pointer to wpa_supplicant data
2330 * Returns: 0 on success, -1 on failure
2331 *
2332 * This function is called to initialize driver interface parameters.
2333 * wpa_drv_init() must have been called before this function to initialize the
2334 * driver interface.
2335 */
2336int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2337{
2338 static int interface_count = 0;
2339
2340 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2341 return -1;
2342
6fc6879b 2343 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 2344 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2345 "interface '%s'", wpa_s->bridge_ifname);
6fc6879b
JM		 2346 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2347 wpa_s->own_addr,
2348 ETH_P_EAPOL,
25f839c6
JM		 2349 wpa_supplicant_rx_eapol_bridge,
2350 wpa_s, 1);
6fc6879b 2351 if (wpa_s->l2_br == NULL) {
f049052b
BG		 2352 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2353 "connection for the bridge interface '%s'",
2354 wpa_s->bridge_ifname);
6fc6879b
JM		 2355 return -1;
2356 }
2357 }
2358
6fc6879b
JM		 2359 wpa_clear_keys(wpa_s, NULL);
2360
2361 /* Make sure that TKIP countermeasures are not left enabled (could
2362 * happen if wpa_supplicant is killed during countermeasures. */
2363 wpa_drv_set_countermeasures(wpa_s, 0);
2364
f049052b 2365 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 2366 wpa_drv_flush_pmkid(wpa_s);
2367
ba2a573c 2368 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 2369 wpa_s->prev_scan_wildcard = 0;
2370
349493bd 2371 if (wpa_supplicant_enabled_networks(wpa_s)) {
6a90053c
LC		 2372 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2373 100000))
a4cba8f1
LC		 2374 wpa_supplicant_req_scan(wpa_s, interface_count,
2375 100000);
74e259ec
JM		 2376 interface_count++;
2377 } else
2378 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 2379
2380 return 0;
2381}
2382
2383
2384static int wpa_supplicant_daemon(const char *pid_file)
2385{
2386 wpa_printf(MSG_DEBUG, "Daemonize..");
2387 return os_daemonize(pid_file);
2388}
2389
2390
2391static struct wpa_supplicant * wpa_supplicant_alloc(void)
2392{
2393 struct wpa_supplicant *wpa_s;
2394
2395 wpa_s = os_zalloc(sizeof(*wpa_s));
2396 if (wpa_s == NULL)
2397 return NULL;
2398 wpa_s->scan_req = 1;
67b9bd08 2399 wpa_s->scan_interval = 5;
c302f207 2400 wpa_s->new_connection = 1;
b22128ef 2401 wpa_s->parent = wpa_s;
cbdf3507 2402 wpa_s->sched_scanning = 0;
6fc6879b
JM		 2403
2404 return wpa_s;
2405}
2406
2407
80e8a5ee
BG		 2408#ifdef CONFIG_HT_OVERRIDES
2409
2410static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2411 struct ieee80211_ht_capabilities *htcaps,
2412 struct ieee80211_ht_capabilities *htcaps_mask,
2413 const char *ht_mcs)
2414{
2415 /* parse ht_mcs into hex array */
2416 int i;
2417 const char *tmp = ht_mcs;
2418 char *end = NULL;
2419
2420 /* If ht_mcs is null, do not set anything */
2421 if (!ht_mcs)
2422 return 0;
2423
2424 /* This is what we are setting in the kernel */
2425 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2426
2427 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2428
2429 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2430 errno = 0;
2431 long v = strtol(tmp, &end, 16);
2432 if (errno == 0) {
2433 wpa_msg(wpa_s, MSG_DEBUG,
2434 "htcap value[%i]: %ld end: %p tmp: %p",
2435 i, v, end, tmp);
2436 if (end == tmp)
2437 break;
2438
2439 htcaps->supported_mcs_set[i] = v;
2440 tmp = end;
2441 } else {
2442 wpa_msg(wpa_s, MSG_ERROR,
2443 "Failed to parse ht-mcs: %s, error: %s\n",
2444 ht_mcs, strerror(errno));
2445 return -1;
2446 }
2447 }
2448
2449 /*
2450 * If we were able to parse any values, then set mask for the MCS set.
2451 */
2452 if (i) {
2453 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2454 IEEE80211_HT_MCS_MASK_LEN - 1);
2455 /* skip the 3 reserved bits */
2456 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2457 0x1f;
2458 }
2459
2460 return 0;
2461}
2462
2463
2464static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2465 struct ieee80211_ht_capabilities *htcaps,
2466 struct ieee80211_ht_capabilities *htcaps_mask,
2467 int disabled)
2468{
2469 u16 msk;
2470
2471 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2472
2473 if (disabled == -1)
2474 return 0;
2475
2476 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2477 htcaps_mask->ht_capabilities_info |= msk;
2478 if (disabled)
2479 htcaps->ht_capabilities_info &= msk;
2480 else
2481 htcaps->ht_capabilities_info |= msk;
2482
2483 return 0;
2484}
2485
2486
2487static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2488 struct ieee80211_ht_capabilities *htcaps,
2489 struct ieee80211_ht_capabilities *htcaps_mask,
2490 int factor)
2491{
2492 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2493
2494 if (factor == -1)
2495 return 0;
2496
2497 if (factor < 0 || factor > 3) {
2498 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2499 "Must be 0-3 or -1", factor);
2500 return -EINVAL;
2501 }
2502
2503 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2504 htcaps->a_mpdu_params &= ~0x3;
2505 htcaps->a_mpdu_params |= factor & 0x3;
2506
2507 return 0;
2508}
2509
2510
2511static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2512 struct ieee80211_ht_capabilities *htcaps,
2513 struct ieee80211_ht_capabilities *htcaps_mask,
2514 int density)
2515{
2516 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2517
2518 if (density == -1)
2519 return 0;
2520
2521 if (density < 0 || density > 7) {
2522 wpa_msg(wpa_s, MSG_ERROR,
2523 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2524 density);
2525 return -EINVAL;
2526 }
2527
2528 htcaps_mask->a_mpdu_params |= 0x1C;
2529 htcaps->a_mpdu_params &= ~(0x1C);
2530 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2531
2532 return 0;
2533}
2534
2535
2536static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2537 struct ieee80211_ht_capabilities *htcaps,
2538 struct ieee80211_ht_capabilities *htcaps_mask,
2539 int disabled)
2540{
2541 /* Masking these out disables HT40 */
2542 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2543 HT_CAP_INFO_SHORT_GI40MHZ);
2544
2545 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2546
2547 if (disabled)
2548 htcaps->ht_capabilities_info &= ~msk;
2549 else
2550 htcaps->ht_capabilities_info |= msk;
2551
2552 htcaps_mask->ht_capabilities_info |= msk;
2553
2554 return 0;
2555}
2556
2557
2558void wpa_supplicant_apply_ht_overrides(
2559 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2560 struct wpa_driver_associate_params *params)
2561{
2562 struct ieee80211_ht_capabilities *htcaps;
2563 struct ieee80211_ht_capabilities *htcaps_mask;
2564
2565 if (!ssid)
2566 return;
2567
2568 params->disable_ht = ssid->disable_ht;
2569 if (!params->htcaps || !params->htcaps_mask)
2570 return;
2571
2572 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2573 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2574 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2575 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2576 ssid->disable_max_amsdu);
2577 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2578 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2579 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2580}
2581
2582#endif /* CONFIG_HT_OVERRIDES */
2583
2584
f64adcd7
JM		 2585static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2586{
2587#ifdef PCSC_FUNCS
2588 size_t len;
2589
2590 if (!wpa_s->conf->pcsc_reader)
2591 return 0;
2592
2593 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2594 if (!wpa_s->scard)
2595 return 1;
2596
2597 if (wpa_s->conf->pcsc_pin &&
2598 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2599 scard_deinit(wpa_s->scard);
2600 wpa_s->scard = NULL;
2601 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2602 return -1;
2603 }
2604
2605 len = sizeof(wpa_s->imsi) - 1;
2606 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2607 scard_deinit(wpa_s->scard);
2608 wpa_s->scard = NULL;
2609 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2610 return -1;
2611 }
2612 wpa_s->imsi[len] = '\0';
2613
2614 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2615
2616 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2617 wpa_s->imsi, wpa_s->mnc_len);
2618
2619 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2620 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2621#endif /* PCSC_FUNCS */
2622
2623 return 0;
2624}
2625
2626
306ae225
JM		 2627int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2628{
2629 char *val, *pos;
2630
2631 ext_password_deinit(wpa_s->ext_pw);
2632 wpa_s->ext_pw = NULL;
2633 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2634
2635 if (!wpa_s->conf->ext_password_backend)
2636 return 0;
2637
2638 val = os_strdup(wpa_s->conf->ext_password_backend);
2639 if (val == NULL)
2640 return -1;
2641 pos = os_strchr(val, ':');
2642 if (pos)
2643 *pos++ = '\0';
2644
2645 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2646
2647 wpa_s->ext_pw = ext_password_init(val, pos);
2648 os_free(val);
2649 if (wpa_s->ext_pw == NULL) {
2650 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2651 return -1;
2652 }
2653 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2654
2655 return 0;
2656}
2657
2658
6fc6879b
JM		 2659static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2660 struct wpa_interface *iface)
2661{
362f781e
JM		 2662 const char *ifname, *driver;
2663 struct wpa_driver_capa capa;
2664
6fc6879b
JM		 2665 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2666 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2667 iface->confname ? iface->confname : "N/A",
2668 iface->driver ? iface->driver : "default",
2669 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2670 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2671
6fc6879b
JM		 2672 if (iface->confname) {
2673#ifdef CONFIG_BACKEND_FILE
2674 wpa_s->confname = os_rel2abs_path(iface->confname);
2675 if (wpa_s->confname == NULL) {
2676 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2677 "for configuration file '%s'.",
2678 iface->confname);
2679 return -1;
2680 }
2681 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2682 iface->confname, wpa_s->confname);
2683#else /* CONFIG_BACKEND_FILE */
2684 wpa_s->confname = os_strdup(iface->confname);
2685#endif /* CONFIG_BACKEND_FILE */
2686 wpa_s->conf = wpa_config_read(wpa_s->confname);
2687 if (wpa_s->conf == NULL) {
2688 wpa_printf(MSG_ERROR, "Failed to read or parse "
2689 "configuration '%s'.", wpa_s->confname);
2690 return -1;
2691 }
2692
2693 /*
2694 * Override ctrl_interface and driver_param if set on command
2695 * line.
2696 */
2697 if (iface->ctrl_interface) {
2698 os_free(wpa_s->conf->ctrl_interface);
2699 wpa_s->conf->ctrl_interface =
2700 os_strdup(iface->ctrl_interface);
2701 }
2702
2703 if (iface->driver_param) {
2704 os_free(wpa_s->conf->driver_param);
2705 wpa_s->conf->driver_param =
2706 os_strdup(iface->driver_param);
2707 }
2708 } else
2709 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2710 iface->driver_param);
2711
2712 if (wpa_s->conf == NULL) {
2713 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2714 return -1;
2715 }
2716
2717 if (iface->ifname == NULL) {
2718 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2719 return -1;
2720 }
2721 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2722 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2723 iface->ifname);
2724 return -1;
2725 }
2726 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2727
2728 if (iface->bridge_ifname) {
2729 if (os_strlen(iface->bridge_ifname) >=
2730 sizeof(wpa_s->bridge_ifname)) {
2731 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2732 "name '%s'.", iface->bridge_ifname);
2733 return -1;
2734 }
2735 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2736 sizeof(wpa_s->bridge_ifname));
2737 }
2738
6fc6879b
JM		 2739 /* RSNA Supplicant Key Management - INITIALIZE */
2740 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2741 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2742
2743 /* Initialize driver interface and register driver event handler before
2744 * L2 receive handler so that association events are processed before
2745 * EAPOL-Key packets if both become available for the same select()
2746 * call. */
362f781e
JM		 2747 driver = iface->driver;
2748next_driver:
2749 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2750 return -1;
2751
6fc6879b
JM		 2752 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2753 if (wpa_s->drv_priv == NULL) {
362f781e 2754 const char *pos;
a5b9337f 2755 pos = driver ? os_strchr(driver, ',') : NULL;
362f781e 2756 if (pos) {
f049052b
BG		 2757 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2758 "driver interface - try next driver wrapper");
362f781e
JM		 2759 driver = pos + 1;
2760 goto next_driver;
2761 }
f049052b
BG		 2762 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2763 "interface");
6fc6879b
JM		 2764 return -1;
2765 }
2766 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
f049052b
BG		 2767 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2768 "driver_param '%s'", wpa_s->conf->driver_param);
6fc6879b
JM		 2769 return -1;
2770 }
2771
2772 ifname = wpa_drv_get_ifname(wpa_s);
2773 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
f049052b
BG		 2774 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2775 "interface name with '%s'", ifname);
6fc6879b
JM		 2776 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2777 }
2778
2779 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2780 return -1;
2781
2782 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2783 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2784 NULL);
2785 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2786
2787 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2788 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2789 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 2790 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2791 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 2792 return -1;
2793 }
2794
2795 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2796 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2797 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 2798 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 2799 "dot11RSNAConfigPMKReauthThreshold");
2800 return -1;
2801 }
2802
2803 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2804 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2805 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 2806 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2807 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 2808 return -1;
2809 }
2810
6bf731e8
CL		 2811 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2812 &wpa_s->hw.num_modes,
2813 &wpa_s->hw.flags);
2814
814782b9 2815 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c58ab8f2 2816 wpa_s->drv_capa_known = 1;
814782b9 2817 wpa_s->drv_flags = capa.flags;
349493bd 2818 wpa_s->drv_enc = capa.enc;
4f73d88a 2819 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 2820 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507
LC		 2821 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2822 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 2823 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 2824 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 2825 wpa_s->max_stations = capa.max_stations;
814782b9
JM		 2826 }
2827 if (wpa_s->max_remain_on_chan == 0)
2828 wpa_s->max_remain_on_chan = 1000;
2829
6fc6879b
JM		 2830 if (wpa_supplicant_driver_init(wpa_s) < 0)
2831 return -1;
2832
281ff0aa
GP		 2833#ifdef CONFIG_TDLS
2834 if (wpa_tdls_init(wpa_s->wpa))
2835 return -1;
2836#endif /* CONFIG_TDLS */
2837
315ce40a
JM		 2838 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2839 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 2840 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 2841 return -1;
2842 }
2843
116654ce
JM		 2844 if (wpas_wps_init(wpa_s))
2845 return -1;
2846
6fc6879b
JM		 2847 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2848 return -1;
2849 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2850
2851 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2852 if (wpa_s->ctrl_iface == NULL) {
2853 wpa_printf(MSG_ERROR,
2854 "Failed to initialize control interface '%s'.\n"
2855 "You may have another wpa_supplicant process "
2856 "already running or the file was\n"
2857 "left by an unclean termination of wpa_supplicant "
2858 "in which case you will need\n"
2859 "to manually remove this file before starting "
2860 "wpa_supplicant again.\n",
2861 wpa_s->conf->ctrl_interface);
2862 return -1;
2863 }
2864
04ea7b79
JM		 2865 wpa_s->gas = gas_query_init(wpa_s);
2866 if (wpa_s->gas == NULL) {
2867 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2868 return -1;
2869 }
2870
b22128ef
JM		 2871#ifdef CONFIG_P2P
2872 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 2873 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 2874 return -1;
2875 }
2876#endif /* CONFIG_P2P */
2877
83922c2d
JM		 2878 if (wpa_bss_init(wpa_s) < 0)
2879 return -1;
83922c2d 2880
f64adcd7
JM		 2881 if (pcsc_reader_init(wpa_s) < 0)
2882 return -1;
2883
306ae225
JM		 2884 if (wpas_init_ext_pw(wpa_s) < 0)
2885 return -1;
2886
6fc6879b
JM		 2887 return 0;
2888}
2889
2890
2ee055b3 2891static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 2892 int notify, int terminate)
6fc6879b
JM		 2893{
2894 if (wpa_s->drv_priv) {
2895 wpa_supplicant_deauthenticate(wpa_s,
2896 WLAN_REASON_DEAUTH_LEAVING);
2897
6fc6879b
JM		 2898 wpa_drv_set_countermeasures(wpa_s, 0);
2899 wpa_clear_keys(wpa_s, NULL);
2900 }
2901
8e56d189
JM		 2902 wpa_supplicant_cleanup(wpa_s);
2903
ab28911d
JM		 2904#ifdef CONFIG_P2P
2905 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
2906 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
2907 "the management interface is being removed");
2908 wpas_p2p_deinit_global(wpa_s->global);
2909 }
2910#endif /* CONFIG_P2P */
2911
6fc6879b
JM		 2912 if (wpa_s->drv_priv)
2913 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 2914
2915 if (notify)
2916 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 2917
2918 if (terminate)
2919 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2920
2921 if (wpa_s->ctrl_iface) {
2922 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2923 wpa_s->ctrl_iface = NULL;
2924 }
2925
2926 if (wpa_s->conf != NULL) {
2927 wpa_config_free(wpa_s->conf);
2928 wpa_s->conf = NULL;
2929 }
6fc6879b
JM		 2930}
2931
2932
2933/**
2934 * wpa_supplicant_add_iface - Add a new network interface
2935 * @global: Pointer to global data from wpa_supplicant_init()
2936 * @iface: Interface configuration options
2937 * Returns: Pointer to the created interface or %NULL on failure
2938 *
2939 * This function is used to add new network interfaces for %wpa_supplicant.
2940 * This can be called before wpa_supplicant_run() to add interfaces before the
2941 * main event loop has been started. In addition, new interfaces can be added
2942 * dynamically while %wpa_supplicant is already running. This could happen,
2943 * e.g., when a hotplug network adapter is inserted.
2944 */
2945struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2946 struct wpa_interface *iface)
2947{
2948 struct wpa_supplicant *wpa_s;
d27df100 2949 struct wpa_interface t_iface;
8e56d189 2950 struct wpa_ssid *ssid;
6fc6879b
JM		 2951
2952 if (global == NULL || iface == NULL)
2953 return NULL;
2954
2955 wpa_s = wpa_supplicant_alloc();
2956 if (wpa_s == NULL)
2957 return NULL;
2958
d8222ae3
JM		 2959 wpa_s->global = global;
2960
d27df100
JM		 2961 t_iface = *iface;
2962 if (global->params.override_driver) {
2963 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2964 "('%s' -> '%s')",
2965 iface->driver, global->params.override_driver);
2966 t_iface.driver = global->params.override_driver;
2967 }
2968 if (global->params.override_ctrl_interface) {
2969 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2970 "ctrl_interface ('%s' -> '%s')",
2971 iface->ctrl_interface,
2972 global->params.override_ctrl_interface);
2973 t_iface.ctrl_interface =
2974 global->params.override_ctrl_interface;
2975 }
2976 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 2977 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2978 iface->ifname);
df509539 2979 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 2980 os_free(wpa_s);
2981 return NULL;
2982 }
2983
dc461de4
WS		 2984 /* Notify the control interfaces about new iface */
2985 if (wpas_notify_iface_added(wpa_s)) {
df509539 2986 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6fc6879b
JM		 2987 os_free(wpa_s);
2988 return NULL;
2989 }
1bd3f426 2990
8e56d189
JM		 2991 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2992 wpas_notify_network_added(wpa_s, ssid);
2993
6fc6879b
JM		 2994 wpa_s->next = global->ifaces;
2995 global->ifaces = wpa_s;
2996
f049052b 2997 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 2998 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b
JM		 2999
3000 return wpa_s;
3001}
3002
3003
3004/**
3005 * wpa_supplicant_remove_iface - Remove a network interface
3006 * @global: Pointer to global data from wpa_supplicant_init()
3007 * @wpa_s: Pointer to the network interface to be removed
3008 * Returns: 0 if interface was removed, -1 if interface was not found
3009 *
3010 * This function can be used to dynamically remove network interfaces from
3011 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3012 * addition, this function is used to remove all remaining interfaces when
3013 * %wpa_supplicant is terminated.
3014 */
3015int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 3016 struct wpa_supplicant *wpa_s,
3017 int terminate)
6fc6879b
JM		 3018{
3019 struct wpa_supplicant *prev;
3020
3021 /* Remove interface from the global list of interfaces */
3022 prev = global->ifaces;
3023 if (prev == wpa_s) {
3024 global->ifaces = wpa_s->next;
3025 } else {
3026 while (prev && prev->next != wpa_s)
3027 prev = prev->next;
3028 if (prev == NULL)
3029 return -1;
3030 prev->next = wpa_s->next;
3031 }
3032
f049052b 3033 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 3034
b22128ef
JM		 3035 if (global->p2p_group_formation == wpa_s)
3036 global->p2p_group_formation = NULL;
df509539 3037 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b
JM		 3038 os_free(wpa_s);
3039
3040 return 0;
3041}
3042
3043
cf83fb0b
PS		 3044/**
3045 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3046 * @wpa_s: Pointer to the network interface
3047 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3048 */
3049const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3050{
3051 const char *eapol_method;
3052
3053 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3054 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3055 return "NO-EAP";
3056 }
3057
3058 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3059 if (eapol_method == NULL)
3060 return "UNKNOWN-EAP";
3061
3062 return eapol_method;
3063}
3064
3065
6fc6879b
JM		 3066/**
3067 * wpa_supplicant_get_iface - Get a new network interface
3068 * @global: Pointer to global data from wpa_supplicant_init()
3069 * @ifname: Interface name
3070 * Returns: Pointer to the interface or %NULL if not found
3071 */
3072struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3073 const char *ifname)
3074{
3075 struct wpa_supplicant *wpa_s;
3076
3077 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3078 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3079 return wpa_s;
3080 }
3081 return NULL;
3082}
3083
3084
50b16da1 3085#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 3086static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3087{
3088 struct wpa_supplicant *wpa_s = ctx;
3089 if (wpa_s == NULL)
3090 return NULL;
3091 return wpa_s->ifname;
3092}
50b16da1 3093#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 3094
3095
6fc6879b
JM		 3096/**
3097 * wpa_supplicant_init - Initialize %wpa_supplicant
3098 * @params: Parameters for %wpa_supplicant
3099 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3100 *
3101 * This function is used to initialize %wpa_supplicant. After successful
3102 * initialization, the returned data pointer can be used to add and remove
3103 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3104 */
3105struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3106{
3107 struct wpa_global *global;
ac305589 3108 int ret, i;
6fc6879b
JM		 3109
3110 if (params == NULL)
3111 return NULL;
3112
39e7d718
JM		 3113#ifdef CONFIG_DRIVER_NDIS
3114 {
3115 void driver_ndis_init_ops(void);
3116 driver_ndis_init_ops();
3117 }
3118#endif /* CONFIG_DRIVER_NDIS */
3119
50b16da1 3120#ifndef CONFIG_NO_WPA_MSG
4f1495ae 3121 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 3122#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 3123
6fc6879b 3124 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 3125 if (params->wpa_debug_syslog)
3126 wpa_debug_open_syslog();
4f68895e
JB		 3127 if (params->wpa_debug_tracing) {
3128 ret = wpa_debug_open_linux_tracing();
3129 if (ret) {
3130 wpa_printf(MSG_ERROR,
3131 "Failed to enable trace logging");
3132 return NULL;
3133 }
3134 }
6fc6879b 3135
12760815 3136 ret = eap_register_methods();
6fc6879b
JM		 3137 if (ret) {
3138 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3139 if (ret == -2)
3140 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3141 "the same EAP type.");
3142 return NULL;
3143 }
3144
3145 global = os_zalloc(sizeof(*global));
3146 if (global == NULL)
3147 return NULL;
b22128ef
JM		 3148 dl_list_init(&global->p2p_srv_bonjour);
3149 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 3150 global->params.daemonize = params->daemonize;
3151 global->params.wait_for_monitor = params->wait_for_monitor;
3152 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3153 if (params->pid_file)
3154 global->params.pid_file = os_strdup(params->pid_file);
3155 if (params->ctrl_interface)
3156 global->params.ctrl_interface =
3157 os_strdup(params->ctrl_interface);
d27df100
JM		 3158 if (params->override_driver)
3159 global->params.override_driver =
3160 os_strdup(params->override_driver);
3161 if (params->override_ctrl_interface)
3162 global->params.override_ctrl_interface =
3163 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 3164 wpa_debug_level = global->params.wpa_debug_level =
3165 params->wpa_debug_level;
3166 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3167 params->wpa_debug_show_keys;
3168 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3169 params->wpa_debug_timestamp;
3170
f19858f5
JM		 3171 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3172
0456ea16 3173 if (eloop_init()) {
6fc6879b
JM		 3174 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3175 wpa_supplicant_deinit(global);
3176 return NULL;
3177 }
3178
38e24575 3179 random_init(params->entropy_file);
d47fa330 3180
6fc6879b
JM		 3181 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3182 if (global->ctrl_iface == NULL) {
3183 wpa_supplicant_deinit(global);
3184 return NULL;
3185 }
3186
dc461de4
WS		 3187 if (wpas_notify_supplicant_initialized(global)) {
3188 wpa_supplicant_deinit(global);
3189 return NULL;
6fc6879b
JM		 3190 }
3191
c5121837 3192 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 3193 global->drv_count++;
3194 if (global->drv_count == 0) {
3195 wpa_printf(MSG_ERROR, "No drivers enabled");
3196 wpa_supplicant_deinit(global);
3197 return NULL;
3198 }
3199 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3200 if (global->drv_priv == NULL) {
3201 wpa_supplicant_deinit(global);
3202 return NULL;
3203 }
ac305589 3204
9675ce35
JM		 3205#ifdef CONFIG_WIFI_DISPLAY
3206 if (wifi_display_init(global) < 0) {
3207 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3208 wpa_supplicant_deinit(global);
3209 return NULL;
3210 }
3211#endif /* CONFIG_WIFI_DISPLAY */
3212
6fc6879b
JM		 3213 return global;
3214}
3215
3216
3217/**
3218 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3219 * @global: Pointer to global data from wpa_supplicant_init()
3220 * Returns: 0 after successful event loop run, -1 on failure
3221 *
3222 * This function starts the main event loop and continues running as long as
3223 * there are any remaining events. In most cases, this function is running as
3224 * long as the %wpa_supplicant process in still in use.
3225 */
3226int wpa_supplicant_run(struct wpa_global *global)
3227{
3228 struct wpa_supplicant *wpa_s;
3229
3230 if (global->params.daemonize &&
3231 wpa_supplicant_daemon(global->params.pid_file))
3232 return -1;
3233
3234 if (global->params.wait_for_monitor) {
3235 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3236 if (wpa_s->ctrl_iface)
3237 wpa_supplicant_ctrl_iface_wait(
3238 wpa_s->ctrl_iface);
3239 }
3240
0456ea16
JM		 3241 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3242 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 3243
3244 eloop_run();
3245
3246 return 0;
3247}
3248
3249
3250/**
3251 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3252 * @global: Pointer to global data from wpa_supplicant_init()
3253 *
3254 * This function is called to deinitialize %wpa_supplicant and to free all
3255 * allocated resources. Remaining network interfaces will also be removed.
3256 */
3257void wpa_supplicant_deinit(struct wpa_global *global)
3258{
ac305589
JM		 3259 int i;
3260
6fc6879b
JM		 3261 if (global == NULL)
3262 return;
3263
9675ce35
JM		 3264#ifdef CONFIG_WIFI_DISPLAY
3265 wifi_display_deinit(global);
3266#endif /* CONFIG_WIFI_DISPLAY */
b22128ef
JM		 3267#ifdef CONFIG_P2P
3268 wpas_p2p_deinit_global(global);
3269#endif /* CONFIG_P2P */
3270
6fc6879b 3271 while (global->ifaces)
df509539 3272 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 3273
3274 if (global->ctrl_iface)
3275 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 3276
3277 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 3278
3279 eap_peer_unregister_methods();
3ec97afe
JM		 3280#ifdef CONFIG_AP
3281 eap_server_unregister_methods();
3282#endif /* CONFIG_AP */
6fc6879b 3283
c5121837 3284 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 3285 if (!global->drv_priv[i])
3286 continue;
c5121837 3287 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 3288 }
3289 os_free(global->drv_priv);
3290
d47fa330
JM		 3291 random_deinit();
3292
6fc6879b
JM		 3293 eloop_destroy();
3294
3295 if (global->params.pid_file) {
3296 os_daemonize_terminate(global->params.pid_file);
3297 os_free(global->params.pid_file);
3298 }
3299 os_free(global->params.ctrl_interface);
d27df100
JM		 3300 os_free(global->params.override_driver);
3301 os_free(global->params.override_ctrl_interface);
6fc6879b 3302
6f3bc72b
JM		 3303 os_free(global->p2p_disallow_freq);
3304
6fc6879b 3305 os_free(global);
daa70d49 3306 wpa_debug_close_syslog();
6fc6879b 3307 wpa_debug_close_file();
4f68895e 3308 wpa_debug_close_linux_tracing();
6fc6879b 3309}
611aea7d
JM		 3310
3311
3312void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3313{
849b5dc7
JM		 3314 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3315 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3316 char country[3];
3317 country[0] = wpa_s->conf->country[0];
3318 country[1] = wpa_s->conf->country[1];
3319 country[2] = '\0';
3320 if (wpa_drv_set_country(wpa_s, country) < 0) {
3321 wpa_printf(MSG_ERROR, "Failed to set country code "
3322 "'%s'", country);
3323 }
3324 }
3325
306ae225
JM		 3326 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3327 wpas_init_ext_pw(wpa_s);
3328
611aea7d
JM		 3329#ifdef CONFIG_WPS
3330 wpas_wps_update_config(wpa_s);
3331#endif /* CONFIG_WPS */
3332
b22128ef
JM		 3333#ifdef CONFIG_P2P
3334 wpas_p2p_update_config(wpa_s);
3335#endif /* CONFIG_P2P */
3336
611aea7d
JM		 3337 wpa_s->conf->changed_parameters = 0;
3338}
2f9c6aa6
JM		 3339
3340
0fb337c1
JM		 3341static void add_freq(int *freqs, int *num_freqs, int freq)
3342{
3343 int i;
3344
3345 for (i = 0; i < *num_freqs; i++) {
3346 if (freqs[i] == freq)
3347 return;
3348 }
3349
3350 freqs[*num_freqs] = freq;
3351 (*num_freqs)++;
3352}
3353
3354
3355static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3356{
3357 struct wpa_bss *bss, *cbss;
3358 const int max_freqs = 10;
3359 int *freqs;
3360 int num_freqs = 0;
3361
3362 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3363 if (freqs == NULL)
3364 return NULL;
3365
3366 cbss = wpa_s->current_bss;
3367
3368 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3369 if (bss == cbss)
3370 continue;
3371 if (bss->ssid_len == cbss->ssid_len &&
3372 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3373 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3374 add_freq(freqs, &num_freqs, bss->freq);
3375 if (num_freqs == max_freqs)
3376 break;
3377 }
3378 }
3379
3380 if (num_freqs == 0) {
3381 os_free(freqs);
3382 freqs = NULL;
3383 }
3384
3385 return freqs;
3386}
3387
3388
3389void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3390{
3391 int timeout;
3392 int count;
3393 int *freqs = NULL;
3394
5fd9fb27
JM		 3395 /*
3396 * Remove possible authentication timeout since the connection failed.
3397 */
3398 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3399
0fb337c1
JM		 3400 /*
3401 * Add the failed BSSID into the blacklist and speed up next scan
3402 * attempt if there could be other APs that could accept association.
3403 * The current blacklist count indicates how many times we have tried
3404 * connecting to this AP and multiple attempts mean that other APs are
3405 * either not available or has already been tried, so that we can start
3406 * increasing the delay here to avoid constant scanning.
3407 */
3408 count = wpa_blacklist_add(wpa_s, bssid);
3409 if (count == 1 && wpa_s->current_bss) {
3410 /*
3411 * This BSS was not in the blacklist before. If there is
3412 * another BSS available for the same ESS, we should try that
3413 * next. Otherwise, we may as well try this one once more
3414 * before allowing other, likely worse, ESSes to be considered.
3415 */
3416 freqs = get_bss_freqs_in_ess(wpa_s);
3417 if (freqs) {
f049052b
BG		 3418 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3419 "has been seen; try it next");
0fb337c1
JM		 3420 wpa_blacklist_add(wpa_s, bssid);
3421 /*
3422 * On the next scan, go through only the known channels
3423 * used in this ESS based on previous scans to speed up
3424 * common load balancing use case.
3425 */
3426 os_free(wpa_s->next_scan_freqs);
3427 wpa_s->next_scan_freqs = freqs;
3428 }
3429 }
3430
3431 switch (count) {
3432 case 1:
3433 timeout = 100;
3434 break;
3435 case 2:
3436 timeout = 500;
3437 break;
3438 case 3:
3439 timeout = 1000;
3440 break;
3441 default:
3442 timeout = 5000;
3443 }
3444
3445 /*
3446 * TODO: if more than one possible AP is available in scan results,
3447 * could try the other ones before requesting a new scan.
3448 */
3449 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3450 1000 * (timeout % 1000));
99fcd404
JM		 3451
3452#ifdef CONFIG_P2P
e665ca9a 3453 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
99fcd404 3454 wpa_s->global->p2p != NULL) {
e665ca9a 3455 wpa_s->global->p2p_cb_on_scan_complete = 0;
99fcd404
JM		 3456 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
3457 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
3458 "continued after failed association");
3459 }
3460 }
3461#endif /* CONFIG_P2P */
0fb337c1 3462}
22628eca
JM		 3463
3464
3465int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3466{
3467 return wpa_s->conf->ap_scan == 2 ||
3468 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3469}
d2118814
JM		 3470
3471
3472#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3473int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3474 struct wpa_ssid *ssid,
3475 const char *field,
3476 const char *value)
3477{
3478#ifdef IEEE8021X_EAPOL
3479 struct eap_peer_config *eap = &ssid->eap;
3480
3481 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3482 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3483 (const u8 *) value, os_strlen(value));
3484
3485 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3486 case WPA_CTRL_REQ_EAP_IDENTITY:
3487 os_free(eap->identity);
3488 eap->identity = (u8 *) os_strdup(value);
3489 eap->identity_len = os_strlen(value);
3490 eap->pending_req_identity = 0;
3491 if (ssid == wpa_s->current_ssid)
3492 wpa_s->reassociate = 1;
3493 break;
3494 case WPA_CTRL_REQ_EAP_PASSWORD:
3495 os_free(eap->password);
3496 eap->password = (u8 *) os_strdup(value);
3497 eap->password_len = os_strlen(value);
3498 eap->pending_req_password = 0;
3499 if (ssid == wpa_s->current_ssid)
3500 wpa_s->reassociate = 1;
3501 break;
3502 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3503 os_free(eap->new_password);
3504 eap->new_password = (u8 *) os_strdup(value);
3505 eap->new_password_len = os_strlen(value);
3506 eap->pending_req_new_password = 0;
3507 if (ssid == wpa_s->current_ssid)
3508 wpa_s->reassociate = 1;
3509 break;
3510 case WPA_CTRL_REQ_EAP_PIN:
3511 os_free(eap->pin);
3512 eap->pin = os_strdup(value);
3513 eap->pending_req_pin = 0;
3514 if (ssid == wpa_s->current_ssid)
3515 wpa_s->reassociate = 1;
3516 break;
3517 case WPA_CTRL_REQ_EAP_OTP:
3518 os_free(eap->otp);
3519 eap->otp = (u8 *) os_strdup(value);
3520 eap->otp_len = os_strlen(value);
3521 os_free(eap->pending_req_otp);
3522 eap->pending_req_otp = NULL;
3523 eap->pending_req_otp_len = 0;
3524 break;
3525 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3526 os_free(eap->private_key_passwd);
3527 eap->private_key_passwd = (u8 *) os_strdup(value);
3528 eap->pending_req_passphrase = 0;
3529 if (ssid == wpa_s->current_ssid)
3530 wpa_s->reassociate = 1;
3531 break;
3532 default:
3533 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3534 return -1;
3535 }
3536
3537 return 0;
3538#else /* IEEE8021X_EAPOL */
3539 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3540 return -1;
3541#endif /* IEEE8021X_EAPOL */
3542}
3543#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 3544
3545
3546int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3547{
3548 int i;
3549 unsigned int drv_enc;
3550
3551 if (ssid == NULL)
3552 return 1;
3553
3554 if (ssid->disabled)
3555 return 1;
3556
3557 if (wpa_s && wpa_s->drv_capa_known)
3558 drv_enc = wpa_s->drv_enc;
3559 else
3560 drv_enc = (unsigned int) -1;
3561
3562 for (i = 0; i < NUM_WEP_KEYS; i++) {
3563 size_t len = ssid->wep_key_len[i];
3564 if (len == 0)
3565 continue;
3566 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3567 continue;
3568 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3569 continue;
3570 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3571 continue;
3572 return 1; /* invalid WEP key */
3573 }
3574
9173b16f
JM		 3575 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3576 !ssid->ext_psk)
2518aad3
JM		 3577 return 1;
3578
349493bd
JM		 3579 return 0;
3580}
b9cfc09a
JJ		 3581
3582
3583int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3584{
3585 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3586 return 1;
3587 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3588 return 0;
3589 return -1;
3590}
00e5e3d5
JM		 3591
3592
3593void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3594{
3595 struct wpa_ssid *ssid = wpa_s->current_ssid;
3596 int dur;
3597 struct os_time now;
3598
3599 if (ssid == NULL) {
3600 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3601 "SSID block");
3602 return;
3603 }
3604
3605 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3606 return;
3607
3608 ssid->auth_failures++;
3609 if (ssid->auth_failures > 50)
3610 dur = 300;
3611 else if (ssid->auth_failures > 20)
3612 dur = 120;
3613 else if (ssid->auth_failures > 10)
3614 dur = 60;
3615 else if (ssid->auth_failures > 5)
3616 dur = 30;
3617 else if (ssid->auth_failures > 1)
3618 dur = 20;
3619 else
3620 dur = 10;
3621
3622 os_get_time(&now);
3623 if (now.sec + dur <= ssid->disabled_until.sec)
3624 return;
3625
3626 ssid->disabled_until.sec = now.sec + dur;
3627
3628 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3629 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3630 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3631 ssid->auth_failures, dur);
3632}
3633
3634
3635void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3636 struct wpa_ssid *ssid, int clear_failures)
3637{
3638 if (ssid == NULL)
3639 return;
3640
3641 if (ssid->disabled_until.sec) {
3642 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3643 "id=%d ssid=\"%s\"",
3644 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3645 }
3646 ssid->disabled_until.sec = 0;
3647 ssid->disabled_until.usec = 0;
3648 if (clear_failures)
3649 ssid->auth_failures = 0;
3650}
6407f413
JM		 3651
3652
3653int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
3654{
3655 size_t i;
3656
3657 if (wpa_s->disallow_aps_bssid == NULL)
3658 return 0;
3659
3660 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
3661 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
3662 bssid, ETH_ALEN) == 0)
3663 return 1;
3664 }
3665
3666 return 0;
3667}
3668
3669
3670int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
3671 size_t ssid_len)
3672{
3673 size_t i;
3674
3675 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
3676 return 0;
3677
3678 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
3679 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
3680 if (ssid_len == s->ssid_len &&
3681 os_memcmp(ssid, s->ssid, ssid_len) == 0)
3682 return 1;
3683 }
3684
3685 return 0;
3686}
Unnamed repository; edit this file 'description' to name the repository.