]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
wpa_supplicant: Fix updating GO beacons on WFD subelements change
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
d93dfbd5 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
14
15#include "common.h"
d47fa330 16#include "crypto/random.h"
7d232e23 17#include "crypto/sha1.h"
6fc6879b
JM		 18#include "eapol_supp/eapol_supp_sm.h"
19#include "eap_peer/eap.h"
ec7b97ab 20#include "eap_peer/eap_proxy.h"
3ec97afe 21#include "eap_server/eap_methods.h"
3acb5005 22#include "rsn_supp/wpa.h"
6fc6879b 23#include "eloop.h"
6fc6879b 24#include "config.h"
306ae225 25#include "utils/ext_password.h"
6fc6879b
JM		 26#include "l2_packet/l2_packet.h"
27#include "wpa_supplicant_i.h"
2d5b792d 28#include "driver_i.h"
6fc6879b 29#include "ctrl_iface.h"
6fc6879b 30#include "pcsc_funcs.h"
90973fb2 31#include "common/version.h"
3acb5005
JM		 32#include "rsn_supp/preauth.h"
33#include "rsn_supp/pmksa_cache.h"
90973fb2 34#include "common/wpa_ctrl.h"
90973fb2 35#include "common/ieee802_11_defs.h"
72044390 36#include "p2p/p2p.h"
6fc6879b
JM		 37#include "blacklist.h"
38#include "wpas_glue.h"
116654ce 39#include "wps_supplicant.h"
11ef8d35 40#include "ibss_rsn.h"
c2a04078 41#include "sme.h"
04ea7b79 42#include "gas_query.h"
1f1b62a0 43#include "ap.h"
b22128ef 44#include "p2p_supplicant.h"
9675ce35 45#include "wifi_display.h"
8bac466b 46#include "notify.h"
60b94c98 47#include "bgscan.h"
7c865c68 48#include "autoscan.h"
83922c2d 49#include "bss.h"
9ba9fa07 50#include "scan.h"
24f6497c 51#include "offchannel.h"
cb418324 52#include "hs20_supplicant.h"
e27d20bb 53#include "wnm_sta.h"
6fc6879b
JM		 54
55const char *wpa_supplicant_version =
56"wpa_supplicant v" VERSION_STR "\n"
e056f93e 57"Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 58
59const char *wpa_supplicant_license =
331f89ff
JM		 60"This software may be distributed under the terms of the BSD license.\n"
61"See README for more details.\n"
6fc6879b
JM		 62#ifdef EAP_TLS_OPENSSL
63"\nThis product includes software developed by the OpenSSL Project\n"
64"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65#endif /* EAP_TLS_OPENSSL */
66;
67
68#ifndef CONFIG_NO_STDOUT_DEBUG
69/* Long text divided into parts in order to fit in C89 strings size limits. */
70const char *wpa_supplicant_full_license1 =
331f89ff 71"";
6fc6879b 72const char *wpa_supplicant_full_license2 =
331f89ff 73"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 74"\n"
75"Redistribution and use in source and binary forms, with or without\n"
76"modification, are permitted provided that the following conditions are\n"
77"met:\n"
78"\n";
79const char *wpa_supplicant_full_license3 =
80"1. Redistributions of source code must retain the above copyright\n"
81" notice, this list of conditions and the following disclaimer.\n"
82"\n"
83"2. Redistributions in binary form must reproduce the above copyright\n"
84" notice, this list of conditions and the following disclaimer in the\n"
85" documentation and/or other materials provided with the distribution.\n"
86"\n";
87const char *wpa_supplicant_full_license4 =
88"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89" names of its contributors may be used to endorse or promote products\n"
90" derived from this software without specific prior written permission.\n"
91"\n"
92"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96const char *wpa_supplicant_full_license5 =
97"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
104"\n";
105#endif /* CONFIG_NO_STDOUT_DEBUG */
106
6fc6879b
JM		 107extern int wpa_debug_level;
108extern int wpa_debug_show_keys;
109extern int wpa_debug_timestamp;
c5121837 110extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 111
112/* Configure default/group WEP keys for static WEP */
0194fedb 113int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 114{
115 int i, set = 0;
116
117 for (i = 0; i < NUM_WEP_KEYS; i++) {
118 if (ssid->wep_key_len[i] == 0)
119 continue;
120
121 set = 1;
0382097e 122 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 123 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 124 ssid->wep_key[i], ssid->wep_key_len[i]);
125 }
126
127 return set;
128}
129
130
6ea1f413
JM		 131int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
132 struct wpa_ssid *ssid)
6fc6879b
JM		 133{
134 u8 key[32];
135 size_t keylen;
71934751 136 enum wpa_alg alg;
6fc6879b
JM		 137 u8 seq[6] = { 0 };
138
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
141
d7dcba70 142 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 145 return -1;
146 }
147
148 if (!ssid->psk_set) {
f049052b
BG		 149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150 "WPA-None");
6fc6879b
JM		 151 return -1;
152 }
153
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
157 keylen = 16;
158 alg = WPA_ALG_CCMP;
159 break;
eb7719ff
JM		 160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
162 keylen = 16;
163 alg = WPA_ALG_GCMP;
164 break;
6fc6879b
JM		 165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
169 keylen = 32;
170 alg = WPA_ALG_TKIP;
171 break;
172 default:
f049052b
BG		 173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 175 return -1;
176 }
177
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
180
0382097e 181 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
6fc6879b
JM		 182}
183
184
185static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
186{
187 struct wpa_supplicant *wpa_s = eloop_ctx;
188 const u8 *bssid = wpa_s->bssid;
a8e16edc 189 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 190 bssid = wpa_s->pending_bssid;
191 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
192 MAC2STR(bssid));
193 wpa_blacklist_add(wpa_s, bssid);
194 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 195 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 196 wpa_s->reassociate = 1;
48b84f18
BG		 197
198 /*
199 * If we timed out, the AP or the local radio may be busy.
200 * So, wait a second until scanning again.
201 */
202 wpa_supplicant_req_scan(wpa_s, 1, 0);
99fcd404 203
f85f545e 204 wpas_p2p_continue_after_scan(wpa_s);
6fc6879b
JM		 205}
206
207
208/**
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
213 *
214 * This function is used to schedule a timeout for the current authentication
215 * attempt.
216 */
217void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
218 int sec, int usec)
219{
a2a535f8 220 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 222 return;
223
f049052b 224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228}
229
230
231/**
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
234 *
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
237 * been completed.
238 */
239void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
240{
f049052b 241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244}
245
246
247/**
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
253 */
254void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
255{
256#ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
259
53895c3b 260#ifdef CONFIG_IBSS_RSN
d7dcba70 261 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
264 /*
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
267 */
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 return;
272 }
273#endif /* CONFIG_IBSS_RSN */
274
0a40ec6a
JM		 275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277
6fc6879b
JM		 278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
281 else
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
283
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
290 }
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
294 }
295
a2a535f8 296 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 297 eapol_conf.required_keys = 0;
6fc6879b 298 }
a2a535f8 299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 300 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 305 eapol_conf.external_sim = wpa_s->conf->external_sim;
6fc6879b
JM		 306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307#endif /* IEEE8021X_EAPOL */
308}
309
310
311/**
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
315 *
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
319 */
320void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
322{
323 int i;
324
ad08c363
JM		 325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
329 else
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
337
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
342 break;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 break;
347 }
348 }
349
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355#ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358#endif /* CONFIG_IEEE80211W */
359
360 pmksa_cache_clear_current(wpa_s->wpa);
361}
362
363
6979582c 364void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 365{
366 int i;
367 if (wpa_s->hw.modes == NULL)
368 return;
369
370 for (i = 0; i < wpa_s->hw.num_modes; i++) {
371 os_free(wpa_s->hw.modes[i].channels);
372 os_free(wpa_s->hw.modes[i].rates);
373 }
374
375 os_free(wpa_s->hw.modes);
376 wpa_s->hw.modes = NULL;
377}
378
379
6fc6879b
JM		 380static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
381{
60b94c98 382 bgscan_deinit(wpa_s);
7c865c68 383 autoscan_deinit(wpa_s);
6fc6879b
JM		 384 scard_deinit(wpa_s->scard);
385 wpa_s->scard = NULL;
386 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
387 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
388 l2_packet_deinit(wpa_s->l2);
389 wpa_s->l2 = NULL;
390 if (wpa_s->l2_br) {
391 l2_packet_deinit(wpa_s->l2_br);
392 wpa_s->l2_br = NULL;
393 }
394
6fc6879b 395 if (wpa_s->conf != NULL) {
8e56d189
JM		 396 struct wpa_ssid *ssid;
397 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
398 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 399 }
400
401 os_free(wpa_s->confname);
402 wpa_s->confname = NULL;
403
e6304cad
DS		 404 os_free(wpa_s->confanother);
405 wpa_s->confanother = NULL;
406
6fc6879b
JM		 407 wpa_sm_set_eapol(wpa_s->wpa, NULL);
408 eapol_sm_deinit(wpa_s->eapol);
409 wpa_s->eapol = NULL;
410
411 rsn_preauth_deinit(wpa_s->wpa);
412
281ff0aa
GP		 413#ifdef CONFIG_TDLS
414 wpa_tdls_deinit(wpa_s->wpa);
415#endif /* CONFIG_TDLS */
416
6fc6879b
JM		 417 pmksa_candidate_free(wpa_s->wpa);
418 wpa_sm_deinit(wpa_s->wpa);
419 wpa_s->wpa = NULL;
420 wpa_blacklist_clear(wpa_s);
421
83922c2d 422 wpa_bss_deinit(wpa_s);
6fc6879b 423
831770bf 424 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 425 wpa_supplicant_cancel_scan(wpa_s);
426 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 427 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
428#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
429 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
430 wpa_s, NULL);
431#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 432
116654ce 433 wpas_wps_deinit(wpa_s);
11ef8d35 434
1ff73338
JM		 435 wpabuf_free(wpa_s->pending_eapol_rx);
436 wpa_s->pending_eapol_rx = NULL;
437
11ef8d35
JM		 438#ifdef CONFIG_IBSS_RSN
439 ibss_rsn_deinit(wpa_s->ibss_rsn);
440 wpa_s->ibss_rsn = NULL;
441#endif /* CONFIG_IBSS_RSN */
c2a04078 442
e29853bb 443 sme_deinit(wpa_s);
2d5b792d
JM		 444
445#ifdef CONFIG_AP
446 wpa_supplicant_ap_deinit(wpa_s);
447#endif /* CONFIG_AP */
b22128ef
JM		 448
449#ifdef CONFIG_P2P
450 wpas_p2p_deinit(wpa_s);
451#endif /* CONFIG_P2P */
f47d639d 452
24f6497c
JM		 453#ifdef CONFIG_OFFCHANNEL
454 offchannel_deinit(wpa_s);
455#endif /* CONFIG_OFFCHANNEL */
456
a4cba8f1
LC		 457 wpa_supplicant_cancel_sched_scan(wpa_s);
458
f47d639d
JM		 459 os_free(wpa_s->next_scan_freqs);
460 wpa_s->next_scan_freqs = NULL;
04ea7b79
JM		 461
462 gas_query_deinit(wpa_s->gas);
463 wpa_s->gas = NULL;
6bf731e8
CL		 464
465 free_hw_features(wpa_s);
d445a5cd
JM		 466
467 os_free(wpa_s->bssid_filter);
468 wpa_s->bssid_filter = NULL;
b6668734 469
6407f413
JM		 470 os_free(wpa_s->disallow_aps_bssid);
471 wpa_s->disallow_aps_bssid = NULL;
472 os_free(wpa_s->disallow_aps_ssid);
473 wpa_s->disallow_aps_ssid = NULL;
474
b6668734 475 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 476#ifdef CONFIG_WNM
477 wnm_deallocate_memory(wpa_s);
478#endif /* CONFIG_WNM */
306ae225
JM		 479
480 ext_password_deinit(wpa_s->ext_pw);
481 wpa_s->ext_pw = NULL;
b1f12296
JM		 482
483 wpabuf_free(wpa_s->last_gas_resp);
a297201d
JM		 484
485 os_free(wpa_s->last_scan_res);
486 wpa_s->last_scan_res = NULL;
6fc6879b
JM		 487}
488
489
490/**
491 * wpa_clear_keys - Clear keys configured for the driver
492 * @wpa_s: Pointer to wpa_supplicant data
493 * @addr: Previously used BSSID or %NULL if not available
494 *
495 * This function clears the encryption keys that has been previously configured
496 * for the driver.
497 */
498void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
499{
6fc6879b
JM		 500 if (wpa_s->keys_cleared) {
501 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
502 * timing issues with keys being cleared just before new keys
503 * are set or just after association or something similar. This
504 * shows up in group key handshake failing often because of the
505 * client not receiving the first encrypted packets correctly.
506 * Skipping some of the extra key clearing steps seems to help
507 * in completing group key handshake more reliably. */
f049052b
BG		 508 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
509 "skip key clearing");
6fc6879b
JM		 510 return;
511 }
512
513 /* MLME-DELETEKEYS.request */
0382097e
JM		 514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
0e27f655 518#ifdef CONFIG_IEEE80211W
0382097e
JM		 519 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
0e27f655 521#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 522 if (addr) {
523 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
524 0);
525 /* MLME-SETPROTECTION.request(None) */
526 wpa_drv_mlme_setprotection(
527 wpa_s, addr,
528 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
529 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
530 }
531 wpa_s->keys_cleared = 1;
532}
533
534
535/**
536 * wpa_supplicant_state_txt - Get the connection state name as a text string
537 * @state: State (wpa_state; WPA_*)
538 * Returns: The state name as a printable text string
539 */
71934751 540const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 541{
542 switch (state) {
543 case WPA_DISCONNECTED:
544 return "DISCONNECTED";
545 case WPA_INACTIVE:
546 return "INACTIVE";
8401a6b0
JM		 547 case WPA_INTERFACE_DISABLED:
548 return "INTERFACE_DISABLED";
6fc6879b
JM		 549 case WPA_SCANNING:
550 return "SCANNING";
c2a04078
JM		 551 case WPA_AUTHENTICATING:
552 return "AUTHENTICATING";
6fc6879b
JM		 553 case WPA_ASSOCIATING:
554 return "ASSOCIATING";
555 case WPA_ASSOCIATED:
556 return "ASSOCIATED";
557 case WPA_4WAY_HANDSHAKE:
558 return "4WAY_HANDSHAKE";
559 case WPA_GROUP_HANDSHAKE:
560 return "GROUP_HANDSHAKE";
561 case WPA_COMPLETED:
562 return "COMPLETED";
563 default:
564 return "UNKNOWN";
565 }
566}
567
568
cfe53c9a
PS		 569#ifdef CONFIG_BGSCAN
570
571static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
572{
31392709
HD		 573 const char *name;
574
575 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
576 name = wpa_s->current_ssid->bgscan;
577 else
578 name = wpa_s->conf->bgscan;
579 if (name == NULL)
580 return;
0096c427
JM		 581 if (wpas_driver_bss_selection(wpa_s))
582 return;
cfe53c9a
PS		 583 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
584 return;
585
586 bgscan_deinit(wpa_s);
31392709
HD		 587 if (wpa_s->current_ssid) {
588 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 589 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
590 "bgscan");
591 /*
592 * Live without bgscan; it is only used as a roaming
593 * optimization, so the initial connection is not
594 * affected.
595 */
6409b7a7
YD		 596 } else {
597 struct wpa_scan_results *scan_res;
cfe53c9a 598 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 599 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
600 0);
601 if (scan_res) {
602 bgscan_notify_scan(wpa_s, scan_res);
603 wpa_scan_results_free(scan_res);
604 }
605 }
cfe53c9a
PS		 606 } else
607 wpa_s->bgscan_ssid = NULL;
608}
609
610
611static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
612{
613 if (wpa_s->bgscan_ssid != NULL) {
614 bgscan_deinit(wpa_s);
615 wpa_s->bgscan_ssid = NULL;
616 }
617}
618
619#endif /* CONFIG_BGSCAN */
620
621
7c865c68
TB		 622static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
623{
99218999 624 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 625 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
626}
627
628
629static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
630{
631 autoscan_deinit(wpa_s);
632}
633
634
c3d12238
JM		 635void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
636{
637 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
638 wpa_s->wpa_state == WPA_SCANNING) {
639 autoscan_deinit(wpa_s);
640 wpa_supplicant_start_autoscan(wpa_s);
641 }
642}
643
644
6fc6879b
JM		 645/**
646 * wpa_supplicant_set_state - Set current connection state
647 * @wpa_s: Pointer to wpa_supplicant data
648 * @state: The new connection state
649 *
650 * This function is called whenever the connection state changes, e.g.,
651 * association is completed for WPA/WPA2 4-Way Handshake is started.
652 */
71934751
JM		 653void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
654 enum wpa_states state)
6fc6879b 655{
27f43d8d
MH		 656 enum wpa_states old_state = wpa_s->wpa_state;
657
f049052b
BG		 658 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
659 wpa_supplicant_state_txt(wpa_s->wpa_state),
660 wpa_supplicant_state_txt(state));
6fc6879b 661
cb8564b1
DW		 662 if (state != WPA_SCANNING)
663 wpa_supplicant_notify_scanning(wpa_s, 0);
664
6fc6879b 665 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 666 struct wpa_ssid *ssid = wpa_s->current_ssid;
7d37a357 667#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 668 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1cfc6787
JM		 669 MACSTR " completed [id=%d id_str=%s]",
670 MAC2STR(wpa_s->bssid),
6fc6879b
JM		 671 ssid ? ssid->id : -1,
672 ssid && ssid->id_str ? ssid->id_str : "");
673#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 674 wpas_clear_temp_disabled(wpa_s, ssid, 1);
f1a52633 675 wpa_s->extra_blacklist_count = 0;
6fc6879b 676 wpa_s->new_connection = 0;
6fc6879b 677 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 678#ifndef IEEE8021X_EAPOL
679 wpa_drv_set_supp_port(wpa_s, 1);
680#endif /* IEEE8021X_EAPOL */
17a4734d 681 wpa_s->after_wps = 0;
4d9fb08d 682 wpa_s->known_wps_freq = 0;
b22128ef
JM		 683#ifdef CONFIG_P2P
684 wpas_p2p_completed(wpa_s);
685#endif /* CONFIG_P2P */
c3701c66
RM		 686
687 sme_sched_obss_scan(wpa_s, 1);
6fc6879b
JM		 688 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
689 state == WPA_ASSOCIATED) {
690 wpa_s->new_connection = 1;
691 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 692#ifndef IEEE8021X_EAPOL
693 wpa_drv_set_supp_port(wpa_s, 0);
694#endif /* IEEE8021X_EAPOL */
c3701c66 695 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 696 }
697 wpa_s->wpa_state = state;
27f43d8d 698
cfe53c9a
PS		 699#ifdef CONFIG_BGSCAN
700 if (state == WPA_COMPLETED)
701 wpa_supplicant_start_bgscan(wpa_s);
702 else
703 wpa_supplicant_stop_bgscan(wpa_s);
704#endif /* CONFIG_BGSCAN */
705
7c865c68
TB		 706 if (state == WPA_AUTHENTICATING)
707 wpa_supplicant_stop_autoscan(wpa_s);
708
709 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
710 wpa_supplicant_start_autoscan(wpa_s);
711
5bbf9f10 712 if (wpa_s->wpa_state != old_state) {
27f43d8d 713 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10
PS		 714
715 if (wpa_s->wpa_state == WPA_COMPLETED ||
716 old_state == WPA_COMPLETED)
717 wpas_notify_auth_changed(wpa_s);
718 }
6fc6879b
JM		 719}
720
721
1a1bf008
JM		 722void wpa_supplicant_terminate_proc(struct wpa_global *global)
723{
724 int pending = 0;
725#ifdef CONFIG_WPS
726 struct wpa_supplicant *wpa_s = global->ifaces;
727 while (wpa_s) {
20625e97
JM		 728#ifdef CONFIG_P2P
729 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
730 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
731 wpas_p2p_disconnect(wpa_s);
732#endif /* CONFIG_P2P */
1a1bf008
JM		 733 if (wpas_wps_terminate_pending(wpa_s) == 1)
734 pending = 1;
735 wpa_s = wpa_s->next;
736 }
737#endif /* CONFIG_WPS */
738 if (pending)
739 return;
740 eloop_terminate();
741}
742
743
0456ea16 744static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 745{
0456ea16 746 struct wpa_global *global = signal_ctx;
1a1bf008 747 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 748}
749
750
b22128ef 751void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 752{
71934751 753 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 754
6fc6879b
JM		 755 wpa_s->pairwise_cipher = 0;
756 wpa_s->group_cipher = 0;
757 wpa_s->mgmt_group_cipher = 0;
758 wpa_s->key_mgmt = 0;
8401a6b0 759 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 760 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 761
762 if (wpa_s->wpa_state != old_state)
763 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 764}
765
766
767/**
768 * wpa_supplicant_reload_configuration - Reload configuration data
769 * @wpa_s: Pointer to wpa_supplicant data
770 * Returns: 0 on success or -1 if configuration parsing failed
771 *
772 * This function can be used to request that the configuration data is reloaded
773 * (e.g., after configuration file change). This function is reloading
774 * configuration only for one interface, so this may need to be called multiple
775 * times if %wpa_supplicant is controlling multiple interfaces and all
776 * interfaces need reconfiguration.
777 */
778int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
779{
780 struct wpa_config *conf;
781 int reconf_ctrl;
8bac466b
JM		 782 int old_ap_scan;
783
6fc6879b
JM		 784 if (wpa_s->confname == NULL)
785 return -1;
e6304cad 786 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 787 if (conf == NULL) {
788 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
789 "file '%s' - exiting", wpa_s->confname);
790 return -1;
791 }
e6304cad
DS		 792 wpa_config_read(wpa_s->confanother, conf);
793
611aea7d 794 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 795
796 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
797 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
798 os_strcmp(conf->ctrl_interface,
799 wpa_s->conf->ctrl_interface) != 0);
800
801 if (reconf_ctrl && wpa_s->ctrl_iface) {
802 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
803 wpa_s->ctrl_iface = NULL;
804 }
805
806 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa
JM		 807 if (wpa_s->current_ssid) {
808 wpa_supplicant_deauthenticate(wpa_s,
809 WLAN_REASON_DEAUTH_LEAVING);
810 }
8bac466b 811
6fc6879b
JM		 812 /*
813 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
814 * pkcs11_engine_path, pkcs11_module_path.
815 */
56586197 816 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 817 /*
818 * Clear forced success to clear EAP state for next
819 * authentication.
820 */
821 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
822 }
823 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
824 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 825 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 826 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
827 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 828
829 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 830 wpa_config_free(wpa_s->conf);
831 wpa_s->conf = conf;
8bac466b
JM		 832 if (old_ap_scan != wpa_s->conf->ap_scan)
833 wpas_notify_ap_scan_changed(wpa_s);
834
6fc6879b
JM		 835 if (reconf_ctrl)
836 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
837
611aea7d
JM		 838 wpa_supplicant_update_config(wpa_s);
839
6fc6879b 840 wpa_supplicant_clear_status(wpa_s);
349493bd 841 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 842 wpa_s->reassociate = 1;
843 wpa_supplicant_req_scan(wpa_s, 0, 0);
844 }
f049052b 845 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 846 return 0;
847}
848
849
0456ea16 850static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 851{
0456ea16 852 struct wpa_global *global = signal_ctx;
6fc6879b 853 struct wpa_supplicant *wpa_s;
6fc6879b 854 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 855 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
856 sig);
6fc6879b 857 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 858 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 859 }
860 }
861}
862
863
508545f3 864enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
6fc6879b
JM		 865{
866 switch (key_mgmt) {
867 case WPA_KEY_MGMT_NONE:
868 return KEY_MGMT_NONE;
869 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
870 return KEY_MGMT_802_1X_NO_WPA;
871 case WPA_KEY_MGMT_IEEE8021X:
872 return KEY_MGMT_802_1X;
873 case WPA_KEY_MGMT_WPA_NONE:
874 return KEY_MGMT_WPA_NONE;
875 case WPA_KEY_MGMT_FT_IEEE8021X:
876 return KEY_MGMT_FT_802_1X;
877 case WPA_KEY_MGMT_FT_PSK:
878 return KEY_MGMT_FT_PSK;
56586197
JM		 879 case WPA_KEY_MGMT_IEEE8021X_SHA256:
880 return KEY_MGMT_802_1X_SHA256;
881 case WPA_KEY_MGMT_PSK_SHA256:
882 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 883 case WPA_KEY_MGMT_WPS:
884 return KEY_MGMT_WPS;
6fc6879b
JM		 885 case WPA_KEY_MGMT_PSK:
886 default:
887 return KEY_MGMT_PSK;
888 }
889}
890
891
892static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
893 struct wpa_ssid *ssid,
894 struct wpa_ie_data *ie)
895{
896 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
897 if (ret) {
898 if (ret == -2) {
899 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
900 "from association info");
901 }
902 return -1;
903 }
904
f049052b
BG		 905 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
906 "cipher suites");
6fc6879b
JM		 907 if (!(ie->group_cipher & ssid->group_cipher)) {
908 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
909 "cipher 0x%x (mask 0x%x) - reject",
910 ie->group_cipher, ssid->group_cipher);
911 return -1;
912 }
913 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
914 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
915 "cipher 0x%x (mask 0x%x) - reject",
916 ie->pairwise_cipher, ssid->pairwise_cipher);
917 return -1;
918 }
919 if (!(ie->key_mgmt & ssid->key_mgmt)) {
920 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
921 "management 0x%x (mask 0x%x) - reject",
922 ie->key_mgmt, ssid->key_mgmt);
923 return -1;
924 }
925
926#ifdef CONFIG_IEEE80211W
0b60b0aa 927 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
62d49803
JM		 928 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
929 wpa_s->conf->pmf : ssid->ieee80211w) ==
930 MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 931 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
932 "that does not support management frame protection - "
933 "reject");
934 return -1;
935 }
936#endif /* CONFIG_IEEE80211W */
937
938 return 0;
939}
940
941
942/**
943 * wpa_supplicant_set_suites - Set authentication and encryption parameters
944 * @wpa_s: Pointer to wpa_supplicant data
945 * @bss: Scan results for the selected BSS, or %NULL if not available
946 * @ssid: Configuration data for the selected network
947 * @wpa_ie: Buffer for the WPA/RSN IE
948 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
949 * used buffer length in case the functions returns success.
950 * Returns: 0 on success or -1 on failure
951 *
952 * This function is used to configure authentication and encryption parameters
953 * based on the network configuration and scan result for the selected BSS (if
954 * available).
955 */
956int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 957 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 958 u8 *wpa_ie, size_t *wpa_ie_len)
959{
960 struct wpa_ie_data ie;
961 int sel, proto;
962 const u8 *bss_wpa, *bss_rsn;
963
964 if (bss) {
6fa81a3b
JM		 965 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
966 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 967 } else
968 bss_wpa = bss_rsn = NULL;
969
970 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
971 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
972 (ie.group_cipher & ssid->group_cipher) &&
973 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
974 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 975 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 976 proto = WPA_PROTO_RSN;
977 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
978 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
979 (ie.group_cipher & ssid->group_cipher) &&
980 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
981 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b
JM		 983 proto = WPA_PROTO_WPA;
984 } else if (bss) {
985 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
986 return -1;
987 } else {
988 if (ssid->proto & WPA_PROTO_RSN)
989 proto = WPA_PROTO_RSN;
990 else
991 proto = WPA_PROTO_WPA;
992 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
993 os_memset(&ie, 0, sizeof(ie));
994 ie.group_cipher = ssid->group_cipher;
995 ie.pairwise_cipher = ssid->pairwise_cipher;
996 ie.key_mgmt = ssid->key_mgmt;
997#ifdef CONFIG_IEEE80211W
998 ie.mgmt_group_cipher =
70f8cc8e 999 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 1000 WPA_CIPHER_AES_128_CMAC : 0;
1001#endif /* CONFIG_IEEE80211W */
f049052b
BG		 1002 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1003 "based on configuration");
6fc6879b
JM		 1004 } else
1005 proto = ie.proto;
1006 }
1007
f049052b
BG		 1008 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1009 "pairwise %d key_mgmt %d proto %d",
1010 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1011#ifdef CONFIG_IEEE80211W
1012 if (ssid->ieee80211w) {
f049052b
BG		 1013 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1014 ie.mgmt_group_cipher);
6fc6879b
JM		 1015 }
1016#endif /* CONFIG_IEEE80211W */
1017
64fa840a 1018 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1019 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1020 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1021 !!(ssid->proto & WPA_PROTO_RSN));
1022
1023 if (bss || !wpa_s->ap_ies_from_associnfo) {
1024 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1025 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1026 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1027 bss_rsn ? 2 + bss_rsn[1] : 0))
1028 return -1;
1029 }
1030
1031 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1032 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1033 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1034 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1035 "cipher");
6fc6879b
JM		 1036 return -1;
1037 }
edbd2a19
JM		 1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1039 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1040
1041 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1042 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1043 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1044 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1045 "cipher");
6fc6879b
JM		 1046 return -1;
1047 }
edbd2a19
JM		 1048 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1049 wpa_cipher_txt(wpa_s->pairwise_cipher));
6fc6879b
JM		 1050
1051 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1052#ifdef CONFIG_SAE
1053 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1054 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1055#endif /* CONFIG_SAE */
6fc6879b
JM		 1056 if (0) {
1057#ifdef CONFIG_IEEE80211R
1058 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1059 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1060 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
6fc6879b
JM		 1061 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1062 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1063 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1064#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1065#ifdef CONFIG_SAE
1066 } else if (sel & WPA_KEY_MGMT_SAE) {
1067 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1068 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1069 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1070 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1071 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1072#endif /* CONFIG_SAE */
56586197
JM		 1073#ifdef CONFIG_IEEE80211W
1074 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1075 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1076 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1077 "WPA: using KEY_MGMT 802.1X with SHA256");
1078 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1079 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1080 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1081 "WPA: using KEY_MGMT PSK with SHA256");
1082#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1083 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1084 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1085 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1086 } else if (sel & WPA_KEY_MGMT_PSK) {
1087 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1088 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1089 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1090 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1091 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
6fc6879b 1092 } else {
f049052b
BG		 1093 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1094 "authenticated key management type");
6fc6879b
JM		 1095 return -1;
1096 }
1097
1098 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1099 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1100 wpa_s->pairwise_cipher);
1101 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1102
1103#ifdef CONFIG_IEEE80211W
1104 sel = ie.mgmt_group_cipher;
62d49803
JM		 1105 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1106 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1107 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1108 sel = 0;
1109 if (sel & WPA_CIPHER_AES_128_CMAC) {
1110 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1111 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b
JM		 1112 "AES-128-CMAC");
1113 } else {
1114 wpa_s->mgmt_group_cipher = 0;
f049052b 1115 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1116 }
1117 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1118 wpa_s->mgmt_group_cipher);
62d49803
JM		 1119 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1120 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1121 wpa_s->conf->pmf : ssid->ieee80211w));
6fc6879b
JM		 1122#endif /* CONFIG_IEEE80211W */
1123
1124 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1125 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1126 return -1;
1127 }
1128
0bf927a0 1129 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
6fc6879b 1130 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
7d232e23
ZC		 1131#ifndef CONFIG_NO_PBKDF2
1132 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1133 ssid->passphrase) {
1134 u8 psk[PMK_LEN];
986de33d
JM		 1135 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1136 4096, psk, PMK_LEN);
7d232e23
ZC		 1137 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1138 psk, PMK_LEN);
1139 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1140 }
1141#endif /* CONFIG_NO_PBKDF2 */
9173b16f
JM		 1142#ifdef CONFIG_EXT_PASSWORD
1143 if (ssid->ext_psk) {
1144 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1145 ssid->ext_psk);
1146 char pw_str[64 + 1];
1147 u8 psk[PMK_LEN];
1148
1149 if (pw == NULL) {
1150 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1151 "found from external storage");
1152 return -1;
1153 }
1154
1155 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1156 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1157 "PSK length %d in external storage",
1158 (int) wpabuf_len(pw));
1159 ext_password_free(pw);
1160 return -1;
1161 }
1162
1163 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1164 pw_str[wpabuf_len(pw)] = '\0';
1165
1166#ifndef CONFIG_NO_PBKDF2
1167 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1168 {
986de33d
JM		 1169 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1170 4096, psk, PMK_LEN);
9173b16f
JM		 1171 os_memset(pw_str, 0, sizeof(pw_str));
1172 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1173 "external passphrase)",
1174 psk, PMK_LEN);
1175 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1176 } else
1177#endif /* CONFIG_NO_PBKDF2 */
1178 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1179 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1180 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1181 "Invalid PSK hex string");
1182 os_memset(pw_str, 0, sizeof(pw_str));
1183 ext_password_free(pw);
1184 return -1;
1185 }
1186 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1187 } else {
1188 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1189 "PSK available");
1190 os_memset(pw_str, 0, sizeof(pw_str));
1191 ext_password_free(pw);
1192 return -1;
1193 }
1194
1195 os_memset(pw_str, 0, sizeof(pw_str));
1196 ext_password_free(pw);
1197 }
1198#endif /* CONFIG_EXT_PASSWORD */
7d232e23 1199 } else
6fc6879b
JM		 1200 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1201
1202 return 0;
1203}
1204
1205
8cd6b7bc 1206static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1207{
8cd6b7bc 1208 *pos = 0x00;
03e47c9c 1209
8cd6b7bc
JB		 1210 switch (idx) {
1211 case 0: /* Bits 0-7 */
1212 break;
1213 case 1: /* Bits 8-15 */
1214 break;
1215 case 2: /* Bits 16-23 */
1216#ifdef CONFIG_WNM
1217 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1218 *pos |= 0x08; /* Bit 19 - BSS Transition */
1219#endif /* CONFIG_WNM */
1220 break;
1221 case 3: /* Bits 24-31 */
1222#ifdef CONFIG_WNM
1223 *pos |= 0x02; /* Bit 25 - SSID List */
1224#endif /* CONFIG_WNM */
03e47c9c 1225#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1226 if (wpa_s->conf->interworking)
1227 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1228#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1229 break;
1230 case 4: /* Bits 32-39 */
56f5af48
JM		 1231#ifdef CONFIG_INTERWORKING
1232 *pos |= 0x01; /* Bit 32 - QoS Map */
1233#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1234 break;
1235 case 5: /* Bits 40-47 */
1236 break;
1237 case 6: /* Bits 48-55 */
1238 break;
1239 }
1240}
03e47c9c 1241
03e47c9c 1242
8cd6b7bc
JB		 1243int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1244{
1245 u8 *pos = buf;
1246 u8 len = 4, i;
1247
1248 if (len < wpa_s->extended_capa_len)
1249 len = wpa_s->extended_capa_len;
03e47c9c
JM		 1250
1251 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1252 *pos++ = len;
1253 for (i = 0; i < len; i++, pos++) {
1254 wpas_ext_capab_byte(wpa_s, pos, i);
1255
1256 if (i < wpa_s->extended_capa_len) {
1257 *pos &= ~wpa_s->extended_capa_mask[i];
1258 *pos |= wpa_s->extended_capa[i];
1259 }
1260 }
03e47c9c 1261
3db5439a
JM		 1262 while (len > 0 && buf[1 + len] == 0) {
1263 len--;
1264 buf[1] = len;
1265 }
1266 if (len == 0)
1267 return 0;
1268
1269 return 2 + len;
03e47c9c
JM		 1270}
1271
1272
6fc6879b
JM		 1273/**
1274 * wpa_supplicant_associate - Request association
1275 * @wpa_s: Pointer to wpa_supplicant data
1276 * @bss: Scan results for the selected BSS, or %NULL if not available
1277 * @ssid: Configuration data for the selected network
1278 *
1279 * This function is used to request %wpa_supplicant to associate with a BSS.
1280 */
1281void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1282 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1283{
5f3a6aa0 1284 u8 wpa_ie[200];
6fc6879b 1285 size_t wpa_ie_len;
8bac466b 1286 int use_crypt, ret, i, bssid_changed;
abd9fafa 1287 int algs = WPA_AUTH_ALG_OPEN;
71934751 1288 enum wpa_cipher cipher_pairwise, cipher_group;
6fc6879b
JM		 1289 struct wpa_driver_associate_params params;
1290 int wep_keys_set = 0;
6fc6879b 1291 int assoc_failed = 0;
8bac466b 1292 struct wpa_ssid *old_ssid;
80e8a5ee
BG		 1293#ifdef CONFIG_HT_OVERRIDES
1294 struct ieee80211_ht_capabilities htcaps;
1295 struct ieee80211_ht_capabilities htcaps_mask;
1296#endif /* CONFIG_HT_OVERRIDES */
6fc6879b 1297
78177a00
JM		 1298#ifdef CONFIG_IBSS_RSN
1299 ibss_rsn_deinit(wpa_s->ibss_rsn);
1300 wpa_s->ibss_rsn = NULL;
1301#endif /* CONFIG_IBSS_RSN */
1302
2c5d725c
JM		 1303 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1304 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1305#ifdef CONFIG_AP
1306 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1307 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1308 "mode");
1581b38b
JM		 1309 return;
1310 }
8c981d17
DW		 1311 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1312 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 1313 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1314 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 1315 return;
1316 }
8f770587 1317 wpa_s->current_bss = bss;
1581b38b 1318#else /* CONFIG_AP */
f049052b
BG		 1319 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1320 "the build");
1581b38b
JM		 1321#endif /* CONFIG_AP */
1322 return;
1323 }
1324
52c9e6f3 1325#ifdef CONFIG_TDLS
95cb2d88
JM		 1326 if (bss)
1327 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1328 bss->ie_len);
52c9e6f3
JM		 1329#endif /* CONFIG_TDLS */
1330
5cc4d64b
JM		 1331 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1332 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1333 sme_authenticate(wpa_s, bss, ssid);
1334 return;
1335 }
1336
0c80427d 1337 os_memset(&params, 0, sizeof(params));
6fc6879b 1338 wpa_s->reassociate = 0;
22628eca 1339 if (bss && !wpas_driver_bss_selection(wpa_s)) {
6fc6879b 1340#ifdef CONFIG_IEEE80211R
6fa81a3b 1341 const u8 *ie, *md = NULL;
6fc6879b 1342#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1343 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1344 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1345 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1346 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1347 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1348 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1349 if (bssid_changed)
1350 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1351#ifdef CONFIG_IEEE80211R
6fa81a3b 1352 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1353 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1354 md = ie + 2;
e7846b68 1355 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
91a05482
JM		 1356 if (md) {
1357 /* Prepare for the next transition */
76b7981d 1358 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
91a05482 1359 }
6fc6879b 1360#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1361#ifdef CONFIG_WPS
1362 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1363 wpa_s->conf->ap_scan == 2 &&
1364 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1365 /* Use ap_scan==1 style network selection to find the network
1366 */
4115303b 1367 wpa_s->scan_req = MANUAL_SCAN_REQ;
24c23d1b
JM		 1368 wpa_s->reassociate = 1;
1369 wpa_supplicant_req_scan(wpa_s, 0, 0);
1370 return;
1371#endif /* CONFIG_WPS */
6fc6879b
JM		 1372 } else {
1373 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1374 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1375 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1376 }
a4cba8f1 1377 wpa_supplicant_cancel_sched_scan(wpa_s);
6fc6879b
JM		 1378 wpa_supplicant_cancel_scan(wpa_s);
1379
1380 /* Starting new association, so clear the possibly used WPA IE from the
1381 * previous association. */
1382 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1383
1384#ifdef IEEE8021X_EAPOL
1385 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1386 if (ssid->leap) {
1387 if (ssid->non_leap == 0)
abd9fafa 1388 algs = WPA_AUTH_ALG_LEAP;
6fc6879b 1389 else
abd9fafa 1390 algs |= WPA_AUTH_ALG_LEAP;
6fc6879b
JM		 1391 }
1392 }
1393#endif /* IEEE8021X_EAPOL */
f049052b 1394 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
6fc6879b 1395 if (ssid->auth_alg) {
abd9fafa 1396 algs = ssid->auth_alg;
f049052b
BG		 1397 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1398 "0x%x", algs);
6fc6879b 1399 }
6fc6879b 1400
6fa81a3b
JM		 1401 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1402 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 1403 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 1404 int try_opportunistic;
6e202021
JM		 1405 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1406 wpa_s->conf->okc :
1407 ssid->proactive_key_caching) &&
6fc6879b
JM		 1408 (ssid->proto & WPA_PROTO_RSN);
1409 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
b2a12c4f 1410 ssid, try_opportunistic) == 0)
6fc6879b
JM		 1411 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1412 wpa_ie_len = sizeof(wpa_ie);
1413 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1414 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1415 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1416 "key management and encryption suites");
6fc6879b
JM		 1417 return;
1418 }
a3f7e518
JM		 1419 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1420 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1421 /*
1422 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1423 * use non-WPA since the scan results did not indicate that the
1424 * AP is using WPA or WPA2.
1425 */
1426 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1427 wpa_ie_len = 0;
1428 wpa_s->wpa_proto = 0;
0bf927a0 1429 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
6fc6879b
JM		 1430 wpa_ie_len = sizeof(wpa_ie);
1431 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1432 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1433 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1434 "key management and encryption suites (no "
1435 "scan results)");
6fc6879b
JM		 1436 return;
1437 }
ad08c363
JM		 1438#ifdef CONFIG_WPS
1439 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1440 struct wpabuf *wps_ie;
1441 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1442 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1443 wpa_ie_len = wpabuf_len(wps_ie);
1444 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1445 } else
1446 wpa_ie_len = 0;
ad08c363
JM		 1447 wpabuf_free(wps_ie);
1448 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d
JM		 1449 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1450 params.wps = WPS_MODE_PRIVACY;
1451 else
1452 params.wps = WPS_MODE_OPEN;
cf546f1a 1453 wpa_s->wpa_proto = 0;
ad08c363 1454#endif /* CONFIG_WPS */
6fc6879b
JM		 1455 } else {
1456 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1457 wpa_ie_len = 0;
cf546f1a 1458 wpa_s->wpa_proto = 0;
6fc6879b
JM		 1459 }
1460
5f3a6aa0
JM		 1461#ifdef CONFIG_P2P
1462 if (wpa_s->global->p2p) {
1463 u8 *pos;
1464 size_t len;
1465 int res;
5f3a6aa0
JM		 1466 pos = wpa_ie + wpa_ie_len;
1467 len = sizeof(wpa_ie) - wpa_ie_len;
b8a8d677
JM		 1468 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1469 ssid->p2p_group);
5f3a6aa0
JM		 1470 if (res >= 0)
1471 wpa_ie_len += res;
1472 }
72044390
JM		 1473
1474 wpa_s->cross_connect_disallowed = 0;
1475 if (bss) {
1476 struct wpabuf *p2p;
1477 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1478 if (p2p) {
1479 wpa_s->cross_connect_disallowed =
1480 p2p_get_cross_connect_disallowed(p2p);
1481 wpabuf_free(p2p);
f049052b
BG		 1482 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1483 "connection",
1484 wpa_s->cross_connect_disallowed ?
1485 "disallows" : "allows");
72044390
JM		 1486 }
1487 }
5f3a6aa0
JM		 1488#endif /* CONFIG_P2P */
1489
cb418324 1490#ifdef CONFIG_HS20
55a2df43 1491 if (is_hs20_network(wpa_s, ssid, bss)) {
cb418324
JM		 1492 struct wpabuf *hs20;
1493 hs20 = wpabuf_alloc(20);
1494 if (hs20) {
1495 wpas_hs20_add_indication(hs20);
1496 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1497 wpabuf_len(hs20));
1498 wpa_ie_len += wpabuf_len(hs20);
1499 wpabuf_free(hs20);
1500 }
1501 }
1502#endif /* CONFIG_HS20 */
1503
8b3b803a
AH		 1504 /*
1505 * Workaround: Add Extended Capabilities element only if the AP
1506 * included this element in Beacon/Probe Response frames. Some older
1507 * APs seem to have interoperability issues if this element is
1508 * included, so while the standard may require us to include the
1509 * element in all cases, it is justifiable to skip it to avoid
1510 * interoperability issues.
1511 */
1512 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1513 u8 ext_capab[10];
1514 int ext_capab_len;
1515 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1516 if (ext_capab_len > 0) {
1517 u8 *pos = wpa_ie;
1518 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1519 pos += 2 + pos[1];
1520 os_memmove(pos + ext_capab_len, pos,
1521 wpa_ie_len - (pos - wpa_ie));
1522 wpa_ie_len += ext_capab_len;
1523 os_memcpy(pos, ext_capab, ext_capab_len);
1524 }
92cbcf91 1525 }
92cbcf91 1526
6fc6879b
JM		 1527 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1528 use_crypt = 1;
62769a88
JM		 1529 cipher_pairwise = wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
1530 cipher_group = wpa_cipher_to_suite_driver(wpa_s->group_cipher);
6fc6879b
JM		 1531 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1532 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1533 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1534 use_crypt = 0;
1535 if (wpa_set_wep_keys(wpa_s, ssid)) {
1536 use_crypt = 1;
1537 wep_keys_set = 1;
1538 }
1539 }
ad08c363
JM		 1540 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1541 use_crypt = 0;
6fc6879b
JM		 1542
1543#ifdef IEEE8021X_EAPOL
1544 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1545 if ((ssid->eapol_flags &
1546 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1547 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1548 !wep_keys_set) {
1549 use_crypt = 0;
1550 } else {
1551 /* Assume that dynamic WEP-104 keys will be used and
1552 * set cipher suites in order for drivers to expect
1553 * encryption. */
1554 cipher_pairwise = cipher_group = CIPHER_WEP104;
1555 }
1556 }
1557#endif /* IEEE8021X_EAPOL */
1558
1559 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1560 /* Set the key before (and later after) association */
1561 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1562 }
1563
6fc6879b 1564 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 1565 if (bss) {
6fa81a3b
JM		 1566 params.ssid = bss->ssid;
1567 params.ssid_len = bss->ssid_len;
f15854d1
JM		 1568 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1569 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1570 MACSTR " freq=%u MHz based on scan results "
1571 "(bssid_set=%d)",
1572 MAC2STR(bss->bssid), bss->freq,
1573 ssid->bssid_set);
22628eca
JM		 1574 params.bssid = bss->bssid;
1575 params.freq = bss->freq;
1576 }
6fc6879b
JM		 1577 } else {
1578 params.ssid = ssid->ssid;
1579 params.ssid_len = ssid->ssid_len;
1580 }
9e2af29f
NC		 1581
1582 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1583 wpa_s->conf->ap_scan == 2) {
1584 params.bssid = ssid->bssid;
1585 params.fixed_bssid = 1;
1586 }
1587
d7dcba70
JM		 1588 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1589 params.freq == 0)
6fc6879b
JM		 1590 params.freq = ssid->frequency; /* Initial channel for IBSS */
1591 params.wpa_ie = wpa_ie;
1592 params.wpa_ie_len = wpa_ie_len;
1593 params.pairwise_suite = cipher_pairwise;
1594 params.group_suite = cipher_group;
1595 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
64fa840a 1596 params.wpa_proto = wpa_s->wpa_proto;
6fc6879b
JM		 1597 params.auth_alg = algs;
1598 params.mode = ssid->mode;
1f6c0ab8 1599 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 1600 for (i = 0; i < NUM_WEP_KEYS; i++) {
1601 if (ssid->wep_key_len[i])
1602 params.wep_key[i] = ssid->wep_key[i];
1603 params.wep_key_len[i] = ssid->wep_key_len[i];
1604 }
1605 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1606
c2a04078 1607 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1608 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1609 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1610 params.passphrase = ssid->passphrase;
1611 if (ssid->psk_set)
1612 params.psk = ssid->psk;
1613 }
1614
36b15723
JM		 1615 params.drop_unencrypted = use_crypt;
1616
6fc6879b 1617#ifdef CONFIG_IEEE80211W
62d49803
JM		 1618 params.mgmt_frame_protection =
1619 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1620 wpa_s->conf->pmf : ssid->ieee80211w;
1621 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1622 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1623 struct wpa_ie_data ie;
1624 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1625 ie.capabilities &
1626 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 1627 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1628 "MFP: require MFP");
97d3497e
JM		 1629 params.mgmt_frame_protection =
1630 MGMT_FRAME_PROTECTION_REQUIRED;
1631 }
1632 }
6fc6879b
JM		 1633#endif /* CONFIG_IEEE80211W */
1634
ffad8858 1635 params.p2p = ssid->p2p_group;
6e3f4b89 1636
eea2fd9e
JM		 1637 if (wpa_s->parent->set_sta_uapsd)
1638 params.uapsd = wpa_s->parent->sta_uapsd;
1639 else
1640 params.uapsd = -1;
1641
80e8a5ee
BG		 1642#ifdef CONFIG_HT_OVERRIDES
1643 os_memset(&htcaps, 0, sizeof(htcaps));
1644 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1645 params.htcaps = (u8 *) &htcaps;
1646 params.htcaps_mask = (u8 *) &htcaps_mask;
1647 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1648#endif /* CONFIG_HT_OVERRIDES */
1649
17fbb751 1650 ret = wpa_drv_associate(wpa_s, &params);
6fc6879b
JM		 1651 if (ret < 0) {
1652 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1653 "failed");
871f4dd0
JM		 1654 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1655 /*
1656 * The driver is known to mean what is saying, so we
1657 * can stop right here; the association will not
1658 * succeed.
1659 */
1660 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 1661 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 1662 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1663 return;
1664 }
6fc6879b
JM		 1665 /* try to continue anyway; new association will be tried again
1666 * after timeout */
1667 assoc_failed = 1;
1668 }
1669
1670 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1671 /* Set the key after the association just in case association
1672 * cleared the previously configured key. */
1673 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1674 /* No need to timeout authentication since there is no key
1675 * management. */
1676 wpa_supplicant_cancel_auth_timeout(wpa_s);
1677 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1678#ifdef CONFIG_IBSS_RSN
d7dcba70 1679 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1680 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1681 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1682 /*
1683 * RSN IBSS authentication is per-STA and we can disable the
1684 * per-BSSID authentication.
1685 */
1686 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1687#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1688 } else {
1689 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1690 int timeout = 60;
1691
1692 if (assoc_failed) {
1693 /* give IBSS a bit more time */
d7dcba70 1694 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1695 } else if (wpa_s->conf->ap_scan == 1) {
1696 /* give IBSS a bit more time */
d7dcba70 1697 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1698 }
6fc6879b
JM		 1699 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1700 }
1701
66562e9c
JM		 1702 if (wep_keys_set &&
1703 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 1704 /* Set static WEP keys again */
1705 wpa_set_wep_keys(wpa_s, ssid);
1706 }
1707
1708 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1709 /*
1710 * Do not allow EAP session resumption between different
1711 * network configurations.
1712 */
1713 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1714 }
8bac466b 1715 old_ssid = wpa_s->current_ssid;
6fc6879b 1716 wpa_s->current_ssid = ssid;
8f770587 1717 wpa_s->current_bss = bss;
6fc6879b
JM		 1718 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1719 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1720 if (old_ssid != wpa_s->current_ssid)
1721 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1722}
1723
1724
09f58c09
JM		 1725static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1726 const u8 *addr)
1727{
1728 struct wpa_ssid *old_ssid;
1729
1730 wpa_clear_keys(wpa_s, addr);
09f58c09 1731 old_ssid = wpa_s->current_ssid;
0d30cc24 1732 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 1733 wpa_sm_set_config(wpa_s->wpa, NULL);
1734 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1735 if (old_ssid != wpa_s->current_ssid)
1736 wpas_notify_network_changed(wpa_s);
1737 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1738}
1739
1740
6fc6879b
JM		 1741/**
1742 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1743 * @wpa_s: Pointer to wpa_supplicant data
1744 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1745 *
073ab58f 1746 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1747 * current AP.
1748 */
1749void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1750 int reason_code)
1751{
1752 u8 *addr = NULL;
ef48ff94 1753 union wpa_event_data event;
42d23547 1754 int zero_addr = 0;
8bac466b 1755
42d23547
JM		 1756 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1757 " pending_bssid=" MACSTR " reason=%d state=%s",
1758 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1759 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1760
1761 if (!is_zero_ether_addr(wpa_s->bssid))
1762 addr = wpa_s->bssid;
1763 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1764 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1765 wpa_s->wpa_state == WPA_ASSOCIATING))
1766 addr = wpa_s->pending_bssid;
1767 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1768 /*
1769 * When using driver-based BSS selection, we may not know the
1770 * BSSID with which we are currently trying to associate. We
1771 * need to notify the driver of this disconnection even in such
1772 * a case, so use the all zeros address here.
1773 */
6fc6879b 1774 addr = wpa_s->bssid;
42d23547
JM		 1775 zero_addr = 1;
1776 }
1777
7b44ff2c
SD		 1778#ifdef CONFIG_TDLS
1779 wpa_tdls_teardown_peers(wpa_s->wpa);
1780#endif /* CONFIG_TDLS */
1781
42d23547
JM		 1782 if (addr) {
1783 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 1784 os_memset(&event, 0, sizeof(event));
1785 event.deauth_info.reason_code = (u16) reason_code;
1786 event.deauth_info.locally_generated = 1;
1787 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 1788 if (zero_addr)
1789 addr = NULL;
6fc6879b 1790 }
09f58c09
JM		 1791
1792 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1793}
1794
dca1a511
DS		 1795static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1796 struct wpa_ssid *ssid)
1797{
1798 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1799 return;
1800
1801 ssid->disabled = 0;
1802 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1803 wpas_notify_network_enabled_changed(wpa_s, ssid);
1804
1805 /*
1806 * Try to reassociate since there is no current configuration and a new
1807 * network was made available.
1808 */
d2592497 1809 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 1810 wpa_s->reassociate = 1;
1811}
1812
6fc6879b 1813
86b89452
WS		 1814/**
1815 * wpa_supplicant_enable_network - Mark a configured network as enabled
1816 * @wpa_s: wpa_supplicant structure for a network interface
1817 * @ssid: wpa_ssid structure for a configured network or %NULL
1818 *
1819 * Enables the specified network or all networks if no network specified.
1820 */
1821void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1822 struct wpa_ssid *ssid)
1823{
86b89452 1824 if (ssid == NULL) {
14f79078
JM		 1825 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1826 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 1827 } else
1828 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 1829
d2592497 1830 if (wpa_s->reassociate && !wpa_s->disconnected) {
dca1a511
DS		 1831 if (wpa_s->sched_scanning) {
1832 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1833 "new network to scan filters");
1834 wpa_supplicant_cancel_sched_scan(wpa_s);
1835 }
86b89452 1836
dad153d1
JM		 1837 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1838 wpa_supplicant_req_scan(wpa_s, 0, 0);
86b89452
WS		 1839 }
1840}
1841
1842
1843/**
1844 * wpa_supplicant_disable_network - Mark a configured network as disabled
1845 * @wpa_s: wpa_supplicant structure for a network interface
1846 * @ssid: wpa_ssid structure for a configured network or %NULL
1847 *
1848 * Disables the specified network or all networks if no network specified.
1849 */
1850void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1851 struct wpa_ssid *ssid)
1852{
1853 struct wpa_ssid *other_ssid;
1854 int was_disabled;
1855
1856 if (ssid == NULL) {
725fc39e
DS		 1857 if (wpa_s->sched_scanning)
1858 wpa_supplicant_cancel_sched_scan(wpa_s);
1859
4dac0245
JM		 1860 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1861 other_ssid = other_ssid->next) {
86b89452 1862 was_disabled = other_ssid->disabled;
4dac0245
JM		 1863 if (was_disabled == 2)
1864 continue; /* do not change persistent P2P group
1865 * data */
86b89452
WS		 1866
1867 other_ssid->disabled = 1;
1868
1869 if (was_disabled != other_ssid->disabled)
1870 wpas_notify_network_enabled_changed(
1871 wpa_s, other_ssid);
86b89452
WS		 1872 }
1873 if (wpa_s->current_ssid)
07783eaa 1874 wpa_supplicant_deauthenticate(
86b89452 1875 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4dac0245 1876 } else if (ssid->disabled != 2) {
86b89452 1877 if (ssid == wpa_s->current_ssid)
07783eaa 1878 wpa_supplicant_deauthenticate(
86b89452
WS		 1879 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1880
1881 was_disabled = ssid->disabled;
1882
1883 ssid->disabled = 1;
1884
725fc39e 1885 if (was_disabled != ssid->disabled) {
86b89452 1886 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 1887 if (wpa_s->sched_scanning) {
1888 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1889 "to remove network from filters");
1890 wpa_supplicant_cancel_sched_scan(wpa_s);
1891 wpa_supplicant_req_scan(wpa_s, 0, 0);
1892 }
1893 }
86b89452
WS		 1894 }
1895}
1896
1897
1898/**
1899 * wpa_supplicant_select_network - Attempt association with a network
1900 * @wpa_s: wpa_supplicant structure for a network interface
1901 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1902 */
1903void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1904 struct wpa_ssid *ssid)
1905{
1906
1907 struct wpa_ssid *other_ssid;
d93dfbd5 1908 int disconnected = 0;
86b89452 1909
d93dfbd5 1910 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
07783eaa 1911 wpa_supplicant_deauthenticate(
86b89452 1912 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 1913 disconnected = 1;
1914 }
86b89452 1915
00e5e3d5
JM		 1916 if (ssid)
1917 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1918
86b89452
WS		 1919 /*
1920 * Mark all other networks disabled or mark all networks enabled if no
1921 * network specified.
1922 */
4dac0245
JM		 1923 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1924 other_ssid = other_ssid->next) {
86b89452 1925 int was_disabled = other_ssid->disabled;
4dac0245
JM		 1926 if (was_disabled == 2)
1927 continue; /* do not change persistent P2P group data */
86b89452
WS		 1928
1929 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 1930 if (was_disabled && !other_ssid->disabled)
1931 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 1932
1933 if (was_disabled != other_ssid->disabled)
1934 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 1935 }
2a6f78fb
JJ		 1936
1937 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1938 /* We are already associated with the selected network */
1939 wpa_printf(MSG_DEBUG, "Already associated with the "
1940 "selected network - do nothing");
1941 return;
1942 }
1943
25a8f9e3 1944 if (ssid) {
96efeeb6 1945 wpa_s->current_ssid = ssid;
25a8f9e3
JM		 1946 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1947 }
7dcdcfd6 1948 wpa_s->connect_without_scan = NULL;
86b89452
WS		 1949 wpa_s->disconnected = 0;
1950 wpa_s->reassociate = 1;
cecdddc1
PS		 1951
1952 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1953 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
86b89452 1954
a1641d26
JM		 1955 if (ssid)
1956 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 1957}
1958
1959
1960/**
1961 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1962 * @wpa_s: wpa_supplicant structure for a network interface
1963 * @ap_scan: AP scan mode
1964 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1965 *
1966 */
1967int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1968{
1969
1970 int old_ap_scan;
1971
1972 if (ap_scan < 0 || ap_scan > 2)
1973 return -1;
1974
48f8e036
DS		 1975#ifdef ANDROID
1976 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1977 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1978 wpa_s->wpa_state < WPA_COMPLETED) {
1979 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1980 "associating", wpa_s->conf->ap_scan, ap_scan);
1981 return 0;
1982 }
1983#endif /* ANDROID */
1984
86b89452
WS		 1985 old_ap_scan = wpa_s->conf->ap_scan;
1986 wpa_s->conf->ap_scan = ap_scan;
1987
1988 if (old_ap_scan != wpa_s->conf->ap_scan)
1989 wpas_notify_ap_scan_changed(wpa_s);
1990
1991 return 0;
1992}
1993
1994
78633c37
SL		 1995/**
1996 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1997 * @wpa_s: wpa_supplicant structure for a network interface
1998 * @expire_age: Expiration age in seconds
1999 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2000 *
2001 */
2002int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2003 unsigned int bss_expire_age)
2004{
2005 if (bss_expire_age < 10) {
2006 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2007 bss_expire_age);
2008 return -1;
2009 }
2010 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2011 bss_expire_age);
2012 wpa_s->conf->bss_expiration_age = bss_expire_age;
2013
2014 return 0;
2015}
2016
2017
2018/**
2019 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2020 * @wpa_s: wpa_supplicant structure for a network interface
2021 * @expire_count: number of scans after which an unseen BSS is reclaimed
2022 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2023 *
2024 */
2025int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2026 unsigned int bss_expire_count)
2027{
2028 if (bss_expire_count < 1) {
2029 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2030 bss_expire_count);
2031 return -1;
2032 }
2033 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2034 bss_expire_count);
2035 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2036
2037 return 0;
2038}
2039
2040
c6e86b63
MA		 2041/**
2042 * wpa_supplicant_set_scan_interval - Set scan interval
2043 * @wpa_s: wpa_supplicant structure for a network interface
2044 * @scan_interval: scan interval in seconds
2045 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2046 *
2047 */
2048int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2049 int scan_interval)
2050{
2051 if (scan_interval < 0) {
2052 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2053 scan_interval);
2054 return -1;
2055 }
2056 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2057 scan_interval);
9e737f08 2058 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 2059
2060 return 0;
2061}
2062
2063
86b89452
WS		 2064/**
2065 * wpa_supplicant_set_debug_params - Set global debug params
2066 * @global: wpa_global structure
2067 * @debug_level: debug level
2068 * @debug_timestamp: determines if show timestamp in debug data
2069 * @debug_show_keys: determines if show keys in debug data
2070 * Returns: 0 if succeed or -1 if debug_level has wrong value
2071 */
2072int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2073 int debug_timestamp, int debug_show_keys)
2074{
2075
2076 int old_level, old_timestamp, old_show_keys;
2077
2078 /* check for allowed debuglevels */
14dc0011
PS		 2079 if (debug_level != MSG_EXCESSIVE &&
2080 debug_level != MSG_MSGDUMP &&
86b89452
WS		 2081 debug_level != MSG_DEBUG &&
2082 debug_level != MSG_INFO &&
2083 debug_level != MSG_WARNING &&
2084 debug_level != MSG_ERROR)
2085 return -1;
2086
2087 old_level = wpa_debug_level;
2088 old_timestamp = wpa_debug_timestamp;
2089 old_show_keys = wpa_debug_show_keys;
2090
2091 wpa_debug_level = debug_level;
2092 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2093 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2094
db9133ac
WS		 2095 if (wpa_debug_level != old_level)
2096 wpas_notify_debug_level_changed(global);
2097 if (wpa_debug_timestamp != old_timestamp)
2098 wpas_notify_debug_timestamp_changed(global);
2099 if (wpa_debug_show_keys != old_show_keys)
2100 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 2101
2102 return 0;
2103}
2104
2105
6fc6879b
JM		 2106/**
2107 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2108 * @wpa_s: Pointer to wpa_supplicant data
2109 * Returns: A pointer to the current network structure or %NULL on failure
2110 */
2111struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2112{
2113 struct wpa_ssid *entry;
2114 u8 ssid[MAX_SSID_LEN];
2115 int res;
2116 size_t ssid_len;
2117 u8 bssid[ETH_ALEN];
2118 int wired;
2119
17fbb751
JM		 2120 res = wpa_drv_get_ssid(wpa_s, ssid);
2121 if (res < 0) {
2122 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2123 "driver");
2124 return NULL;
6fc6879b 2125 }
17fbb751 2126 ssid_len = res;
6fc6879b 2127
17fbb751 2128 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 2129 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2130 "driver");
6fc6879b
JM		 2131 return NULL;
2132 }
2133
c2a04078
JM		 2134 wired = wpa_s->conf->ap_scan == 0 &&
2135 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 2136
2137 entry = wpa_s->conf->ssid;
2138 while (entry) {
349493bd 2139 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 2140 ((ssid_len == entry->ssid_len &&
2141 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2142 (!entry->bssid_set ||
2143 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2144 return entry;
24c23d1b 2145#ifdef CONFIG_WPS
349493bd 2146 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 2147 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2148 (entry->ssid == NULL || entry->ssid_len == 0) &&
2149 (!entry->bssid_set ||
2150 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2151 return entry;
2152#endif /* CONFIG_WPS */
7d232e23 2153
349493bd 2154 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 2155 entry->ssid_len == 0 &&
2156 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2157 return entry;
2158
6fc6879b
JM		 2159 entry = entry->next;
2160 }
2161
2162 return NULL;
2163}
2164
2165
7756114f
JM		 2166static int select_driver(struct wpa_supplicant *wpa_s, int i)
2167{
2168 struct wpa_global *global = wpa_s->global;
2169
2170 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2171 global->drv_priv[i] = wpa_drivers[i]->global_init();
2172 if (global->drv_priv[i] == NULL) {
2173 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2174 "'%s'", wpa_drivers[i]->name);
2175 return -1;
2176 }
2177 }
2178
2179 wpa_s->driver = wpa_drivers[i];
2180 wpa_s->global_drv_priv = global->drv_priv[i];
2181
2182 return 0;
2183}
2184
2185
6fc6879b
JM		 2186static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2187 const char *name)
2188{
2189 int i;
362f781e 2190 size_t len;
74b1c84a 2191 const char *pos, *driver = name;
6fc6879b
JM		 2192
2193 if (wpa_s == NULL)
2194 return -1;
2195
c5121837 2196 if (wpa_drivers[0] == NULL) {
f049052b
BG		 2197 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2198 "wpa_supplicant");
6fc6879b
JM		 2199 return -1;
2200 }
2201
2202 if (name == NULL) {
2203 /* default to first driver in the list */
7756114f 2204 return select_driver(wpa_s, 0);
6fc6879b
JM		 2205 }
2206
74b1c84a
SO		 2207 do {
2208 pos = os_strchr(driver, ',');
2209 if (pos)
2210 len = pos - driver;
2211 else
2212 len = os_strlen(driver);
2213
2214 for (i = 0; wpa_drivers[i]; i++) {
2215 if (os_strlen(wpa_drivers[i]->name) == len &&
2216 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 2217 0) {
2218 /* First driver that succeeds wins */
2219 if (select_driver(wpa_s, i) == 0)
2220 return 0;
2221 }
6fc6879b 2222 }
74b1c84a
SO		 2223
2224 driver = pos + 1;
2225 } while (pos);
6fc6879b 2226
f049052b 2227 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 2228 return -1;
2229}
2230
2231
a8e0505b
JM		 2232/**
2233 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2234 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2235 * with struct wpa_driver_ops::init()
2236 * @src_addr: Source address of the EAPOL frame
2237 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2238 * @len: Length of the EAPOL data
2239 *
2240 * This function is called for each received EAPOL frame. Most driver
2241 * interfaces rely on more generic OS mechanism for receiving frames through
2242 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2243 * take care of received EAPOL frames and deliver them to the core supplicant
2244 * code by calling this function.
2245 */
6fc6879b
JM		 2246void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2247 const u8 *buf, size_t len)
2248{
2249 struct wpa_supplicant *wpa_s = ctx;
2250
f049052b 2251 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 2252 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2253
3ab35a66
JM		 2254 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2255 (wpa_s->last_eapol_matches_bssid &&
2256#ifdef CONFIG_AP
2257 !wpa_s->ap_iface &&
2258#endif /* CONFIG_AP */
2259 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 2260 /*
2261 * There is possible race condition between receiving the
2262 * association event and the EAPOL frame since they are coming
2263 * through different paths from the driver. In order to avoid
2264 * issues in trying to process the EAPOL frame before receiving
2265 * association information, lets queue it for processing until
3ab35a66
JM		 2266 * the association event is received. This may also be needed in
2267 * driver-based roaming case, so also use src_addr != BSSID as a
2268 * trigger if we have previously confirmed that the
2269 * Authenticator uses BSSID as the src_addr (which is not the
2270 * case with wired IEEE 802.1X).
1ff73338 2271 */
f049052b 2272 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 2273 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2274 wpa_supplicant_state_txt(wpa_s->wpa_state),
2275 MAC2STR(wpa_s->bssid));
1ff73338
JM		 2276 wpabuf_free(wpa_s->pending_eapol_rx);
2277 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2278 if (wpa_s->pending_eapol_rx) {
2279 os_get_time(&wpa_s->pending_eapol_rx_time);
2280 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2281 ETH_ALEN);
2282 }
2283 return;
2284 }
2285
3ab35a66
JM		 2286 wpa_s->last_eapol_matches_bssid =
2287 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2288
db149ac9
JM		 2289#ifdef CONFIG_AP
2290 if (wpa_s->ap_iface) {
2291 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2292 return;
2293 }
2294#endif /* CONFIG_AP */
2295
6fc6879b 2296 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 2297 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2298 "no key management is configured");
6fc6879b
JM		 2299 return;
2300 }
2301
2302 if (wpa_s->eapol_received == 0 &&
c2a04078 2303 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 2304 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 2305 wpa_s->wpa_state != WPA_COMPLETED) &&
2306 (wpa_s->current_ssid == NULL ||
2307 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 2308 /* Timeout for completing IEEE 802.1X and WPA authentication */
2309 wpa_supplicant_req_auth_timeout(
2310 wpa_s,
56586197 2311 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 2312 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2313 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 2314 70 : 10, 0);
2315 }
2316 wpa_s->eapol_received++;
2317
2318 if (wpa_s->countermeasures) {
f049052b
BG		 2319 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2320 "EAPOL packet");
6fc6879b
JM		 2321 return;
2322 }
2323
8be18440
JM		 2324#ifdef CONFIG_IBSS_RSN
2325 if (wpa_s->current_ssid &&
d7dcba70 2326 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 2327 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2328 return;
2329 }
2330#endif /* CONFIG_IBSS_RSN */
2331
6fc6879b
JM		 2332 /* Source address of the incoming EAPOL frame could be compared to the
2333 * current BSSID. However, it is possible that a centralized
2334 * Authenticator could be using another MAC address than the BSSID of
2335 * an AP, so just allow any address to be used for now. The replies are
2336 * still sent to the current BSSID (if available), though. */
2337
2338 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 2339 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 2340 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2341 return;
2342 wpa_drv_poll(wpa_s);
c2a04078 2343 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 2344 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 2345 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 2346 /*
2347 * Set portValid = TRUE here since we are going to skip 4-way
2348 * handshake processing which would normally set portValid. We
2349 * need this to allow the EAPOL state machines to be completed
2350 * without going through EAPOL-Key handshake.
2351 */
2352 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2353 }
2354}
2355
2356
bfba8deb 2357int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 2358{
6fc6879b
JM		 2359 if (wpa_s->driver->send_eapol) {
2360 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2361 if (addr)
2362 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1c42b42f
JM		 2363 } else if ((!wpa_s->p2p_mgmt ||
2364 !(wpa_s->drv_flags &
2365 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
c68f6200 2366 !(wpa_s->drv_flags &
fdadd5fe 2367 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 2368 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 2369 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2370 wpa_drv_get_mac_addr(wpa_s),
2371 ETH_P_EAPOL,
2372 wpa_supplicant_rx_eapol, wpa_s, 0);
2373 if (wpa_s->l2 == NULL)
2374 return -1;
fdadd5fe
JM		 2375 } else {
2376 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2377 if (addr)
2378 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 2379 }
2380
2381 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 2382 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 2383 return -1;
2384 }
2385
bfba8deb
JM		 2386 return 0;
2387}
2388
2389
25f839c6
JM		 2390static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2391 const u8 *buf, size_t len)
2392{
2393 struct wpa_supplicant *wpa_s = ctx;
2394 const struct l2_ethhdr *eth;
2395
2396 if (len < sizeof(*eth))
2397 return;
2398 eth = (const struct l2_ethhdr *) buf;
2399
2400 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2401 !(eth->h_dest[0] & 0x01)) {
2402 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2403 " (bridge - not for this interface - ignore)",
2404 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2405 return;
2406 }
2407
2408 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2409 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2410 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2411 len - sizeof(*eth));
2412}
2413
2414
bfba8deb
JM		 2415/**
2416 * wpa_supplicant_driver_init - Initialize driver interface parameters
2417 * @wpa_s: Pointer to wpa_supplicant data
2418 * Returns: 0 on success, -1 on failure
2419 *
2420 * This function is called to initialize driver interface parameters.
2421 * wpa_drv_init() must have been called before this function to initialize the
2422 * driver interface.
2423 */
2424int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2425{
2426 static int interface_count = 0;
2427
2428 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2429 return -1;
2430
c68f6200
AS		 2431 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2432 MAC2STR(wpa_s->own_addr));
2433 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2434
6fc6879b 2435 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 2436 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2437 "interface '%s'", wpa_s->bridge_ifname);
6fc6879b
JM		 2438 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2439 wpa_s->own_addr,
2440 ETH_P_EAPOL,
25f839c6
JM		 2441 wpa_supplicant_rx_eapol_bridge,
2442 wpa_s, 1);
6fc6879b 2443 if (wpa_s->l2_br == NULL) {
f049052b
BG		 2444 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2445 "connection for the bridge interface '%s'",
2446 wpa_s->bridge_ifname);
6fc6879b
JM		 2447 return -1;
2448 }
2449 }
2450
6fc6879b
JM		 2451 wpa_clear_keys(wpa_s, NULL);
2452
2453 /* Make sure that TKIP countermeasures are not left enabled (could
2454 * happen if wpa_supplicant is killed during countermeasures. */
2455 wpa_drv_set_countermeasures(wpa_s, 0);
2456
f049052b 2457 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 2458 wpa_drv_flush_pmkid(wpa_s);
2459
ba2a573c 2460 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 2461 wpa_s->prev_scan_wildcard = 0;
2462
349493bd 2463 if (wpa_supplicant_enabled_networks(wpa_s)) {
6a90053c
LC		 2464 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2465 100000))
a4cba8f1
LC		 2466 wpa_supplicant_req_scan(wpa_s, interface_count,
2467 100000);
74e259ec
JM		 2468 interface_count++;
2469 } else
2470 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 2471
2472 return 0;
2473}
2474
2475
2476static int wpa_supplicant_daemon(const char *pid_file)
2477{
2478 wpa_printf(MSG_DEBUG, "Daemonize..");
2479 return os_daemonize(pid_file);
2480}
2481
2482
2483static struct wpa_supplicant * wpa_supplicant_alloc(void)
2484{
2485 struct wpa_supplicant *wpa_s;
2486
2487 wpa_s = os_zalloc(sizeof(*wpa_s));
2488 if (wpa_s == NULL)
2489 return NULL;
4115303b 2490 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 2491 wpa_s->scan_interval = 5;
c302f207 2492 wpa_s->new_connection = 1;
b22128ef 2493 wpa_s->parent = wpa_s;
cbdf3507 2494 wpa_s->sched_scanning = 0;
6fc6879b
JM		 2495
2496 return wpa_s;
2497}
2498
2499
80e8a5ee
BG		 2500#ifdef CONFIG_HT_OVERRIDES
2501
2502static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2503 struct ieee80211_ht_capabilities *htcaps,
2504 struct ieee80211_ht_capabilities *htcaps_mask,
2505 const char *ht_mcs)
2506{
2507 /* parse ht_mcs into hex array */
2508 int i;
2509 const char *tmp = ht_mcs;
2510 char *end = NULL;
2511
2512 /* If ht_mcs is null, do not set anything */
2513 if (!ht_mcs)
2514 return 0;
2515
2516 /* This is what we are setting in the kernel */
2517 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2518
2519 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2520
2521 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2522 errno = 0;
2523 long v = strtol(tmp, &end, 16);
2524 if (errno == 0) {
2525 wpa_msg(wpa_s, MSG_DEBUG,
2526 "htcap value[%i]: %ld end: %p tmp: %p",
2527 i, v, end, tmp);
2528 if (end == tmp)
2529 break;
2530
2531 htcaps->supported_mcs_set[i] = v;
2532 tmp = end;
2533 } else {
2534 wpa_msg(wpa_s, MSG_ERROR,
2535 "Failed to parse ht-mcs: %s, error: %s\n",
2536 ht_mcs, strerror(errno));
2537 return -1;
2538 }
2539 }
2540
2541 /*
2542 * If we were able to parse any values, then set mask for the MCS set.
2543 */
2544 if (i) {
2545 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2546 IEEE80211_HT_MCS_MASK_LEN - 1);
2547 /* skip the 3 reserved bits */
2548 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2549 0x1f;
2550 }
2551
2552 return 0;
2553}
2554
2555
2556static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2557 struct ieee80211_ht_capabilities *htcaps,
2558 struct ieee80211_ht_capabilities *htcaps_mask,
2559 int disabled)
2560{
2561 u16 msk;
2562
2563 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2564
2565 if (disabled == -1)
2566 return 0;
2567
2568 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2569 htcaps_mask->ht_capabilities_info |= msk;
2570 if (disabled)
2571 htcaps->ht_capabilities_info &= msk;
2572 else
2573 htcaps->ht_capabilities_info |= msk;
2574
2575 return 0;
2576}
2577
2578
2579static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2580 struct ieee80211_ht_capabilities *htcaps,
2581 struct ieee80211_ht_capabilities *htcaps_mask,
2582 int factor)
2583{
2584 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2585
2586 if (factor == -1)
2587 return 0;
2588
2589 if (factor < 0 || factor > 3) {
2590 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2591 "Must be 0-3 or -1", factor);
2592 return -EINVAL;
2593 }
2594
2595 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2596 htcaps->a_mpdu_params &= ~0x3;
2597 htcaps->a_mpdu_params |= factor & 0x3;
2598
2599 return 0;
2600}
2601
2602
2603static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2604 struct ieee80211_ht_capabilities *htcaps,
2605 struct ieee80211_ht_capabilities *htcaps_mask,
2606 int density)
2607{
2608 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2609
2610 if (density == -1)
2611 return 0;
2612
2613 if (density < 0 || density > 7) {
2614 wpa_msg(wpa_s, MSG_ERROR,
2615 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2616 density);
2617 return -EINVAL;
2618 }
2619
2620 htcaps_mask->a_mpdu_params |= 0x1C;
2621 htcaps->a_mpdu_params &= ~(0x1C);
2622 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2623
2624 return 0;
2625}
2626
2627
2628static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2629 struct ieee80211_ht_capabilities *htcaps,
2630 struct ieee80211_ht_capabilities *htcaps_mask,
2631 int disabled)
2632{
2633 /* Masking these out disables HT40 */
2634 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2635 HT_CAP_INFO_SHORT_GI40MHZ);
2636
2637 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2638
2639 if (disabled)
2640 htcaps->ht_capabilities_info &= ~msk;
2641 else
2642 htcaps->ht_capabilities_info |= msk;
2643
2644 htcaps_mask->ht_capabilities_info |= msk;
2645
2646 return 0;
2647}
2648
2649
a90497f8
BG		 2650static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2651 struct ieee80211_ht_capabilities *htcaps,
2652 struct ieee80211_ht_capabilities *htcaps_mask,
2653 int disabled)
2654{
2655 /* Masking these out disables SGI */
2656 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2657 HT_CAP_INFO_SHORT_GI40MHZ);
2658
2659 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2660
2661 if (disabled)
2662 htcaps->ht_capabilities_info &= ~msk;
2663 else
2664 htcaps->ht_capabilities_info |= msk;
2665
2666 htcaps_mask->ht_capabilities_info |= msk;
2667
2668 return 0;
2669}
2670
2671
80e8a5ee
BG		 2672void wpa_supplicant_apply_ht_overrides(
2673 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2674 struct wpa_driver_associate_params *params)
2675{
2676 struct ieee80211_ht_capabilities *htcaps;
2677 struct ieee80211_ht_capabilities *htcaps_mask;
2678
2679 if (!ssid)
2680 return;
2681
2682 params->disable_ht = ssid->disable_ht;
2683 if (!params->htcaps || !params->htcaps_mask)
2684 return;
2685
2686 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2687 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2688 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2689 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2690 ssid->disable_max_amsdu);
2691 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2692 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2693 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 2694 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
80e8a5ee
BG		 2695}
2696
2697#endif /* CONFIG_HT_OVERRIDES */
2698
2699
e9ee8dc3
JB		 2700#ifdef CONFIG_VHT_OVERRIDES
2701void wpa_supplicant_apply_vht_overrides(
2702 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2703 struct wpa_driver_associate_params *params)
2704{
2705 struct ieee80211_vht_capabilities *vhtcaps;
2706 struct ieee80211_vht_capabilities *vhtcaps_mask;
2707
2708 if (!ssid)
2709 return;
2710
2711 params->disable_vht = ssid->disable_vht;
2712
2713 vhtcaps = (void *) params->vhtcaps;
2714 vhtcaps_mask = (void *) params->vhtcaps_mask;
2715
2716 if (!vhtcaps || !vhtcaps_mask)
2717 return;
2718
2719 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2720 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2721
2722#define OVERRIDE_MCS(i) \
2723 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2724 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2725 3 << 2 * (i - 1); \
2726 vhtcaps->vht_supported_mcs_set.tx_map |= \
2727 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2728 } \
2729 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2730 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2731 3 << 2 * (i - 1); \
2732 vhtcaps->vht_supported_mcs_set.rx_map |= \
2733 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2734 }
2735
2736 OVERRIDE_MCS(1);
2737 OVERRIDE_MCS(2);
2738 OVERRIDE_MCS(3);
2739 OVERRIDE_MCS(4);
2740 OVERRIDE_MCS(5);
2741 OVERRIDE_MCS(6);
2742 OVERRIDE_MCS(7);
2743 OVERRIDE_MCS(8);
2744}
2745#endif /* CONFIG_VHT_OVERRIDES */
2746
2747
f64adcd7
JM		 2748static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2749{
2750#ifdef PCSC_FUNCS
2751 size_t len;
2752
2753 if (!wpa_s->conf->pcsc_reader)
2754 return 0;
2755
2756 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2757 if (!wpa_s->scard)
2758 return 1;
2759
2760 if (wpa_s->conf->pcsc_pin &&
2761 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2762 scard_deinit(wpa_s->scard);
2763 wpa_s->scard = NULL;
2764 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2765 return -1;
2766 }
2767
2768 len = sizeof(wpa_s->imsi) - 1;
2769 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2770 scard_deinit(wpa_s->scard);
2771 wpa_s->scard = NULL;
2772 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2773 return -1;
2774 }
2775 wpa_s->imsi[len] = '\0';
2776
2777 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2778
2779 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2780 wpa_s->imsi, wpa_s->mnc_len);
2781
2782 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2783 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2784#endif /* PCSC_FUNCS */
2785
2786 return 0;
2787}
2788
2789
306ae225
JM		 2790int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2791{
2792 char *val, *pos;
2793
2794 ext_password_deinit(wpa_s->ext_pw);
2795 wpa_s->ext_pw = NULL;
2796 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2797
2798 if (!wpa_s->conf->ext_password_backend)
2799 return 0;
2800
2801 val = os_strdup(wpa_s->conf->ext_password_backend);
2802 if (val == NULL)
2803 return -1;
2804 pos = os_strchr(val, ':');
2805 if (pos)
2806 *pos++ = '\0';
2807
2808 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2809
2810 wpa_s->ext_pw = ext_password_init(val, pos);
2811 os_free(val);
2812 if (wpa_s->ext_pw == NULL) {
2813 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2814 return -1;
2815 }
2816 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2817
2818 return 0;
2819}
2820
2821
6fc6879b
JM		 2822static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2823 struct wpa_interface *iface)
2824{
362f781e
JM		 2825 const char *ifname, *driver;
2826 struct wpa_driver_capa capa;
2827
6fc6879b
JM		 2828 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2829 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2830 iface->confname ? iface->confname : "N/A",
2831 iface->driver ? iface->driver : "default",
2832 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2833 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2834
6fc6879b
JM		 2835 if (iface->confname) {
2836#ifdef CONFIG_BACKEND_FILE
2837 wpa_s->confname = os_rel2abs_path(iface->confname);
2838 if (wpa_s->confname == NULL) {
2839 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2840 "for configuration file '%s'.",
2841 iface->confname);
2842 return -1;
2843 }
2844 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2845 iface->confname, wpa_s->confname);
2846#else /* CONFIG_BACKEND_FILE */
2847 wpa_s->confname = os_strdup(iface->confname);
2848#endif /* CONFIG_BACKEND_FILE */
e6304cad 2849 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 2850 if (wpa_s->conf == NULL) {
2851 wpa_printf(MSG_ERROR, "Failed to read or parse "
2852 "configuration '%s'.", wpa_s->confname);
2853 return -1;
2854 }
e6304cad
DS		 2855 wpa_s->confanother = os_rel2abs_path(iface->confanother);
2856 wpa_config_read(wpa_s->confanother, wpa_s->conf);
6fc6879b
JM		 2857
2858 /*
2859 * Override ctrl_interface and driver_param if set on command
2860 * line.
2861 */
2862 if (iface->ctrl_interface) {
2863 os_free(wpa_s->conf->ctrl_interface);
2864 wpa_s->conf->ctrl_interface =
2865 os_strdup(iface->ctrl_interface);
2866 }
2867
2868 if (iface->driver_param) {
2869 os_free(wpa_s->conf->driver_param);
2870 wpa_s->conf->driver_param =
2871 os_strdup(iface->driver_param);
2872 }
78f79fe5
JM		 2873
2874 if (iface->p2p_mgmt && !iface->ctrl_interface) {
2875 os_free(wpa_s->conf->ctrl_interface);
2876 wpa_s->conf->ctrl_interface = NULL;
2877 }
6fc6879b
JM		 2878 } else
2879 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2880 iface->driver_param);
2881
2882 if (wpa_s->conf == NULL) {
2883 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2884 return -1;
2885 }
2886
2887 if (iface->ifname == NULL) {
2888 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2889 return -1;
2890 }
2891 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2892 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2893 iface->ifname);
2894 return -1;
2895 }
2896 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2897
2898 if (iface->bridge_ifname) {
2899 if (os_strlen(iface->bridge_ifname) >=
2900 sizeof(wpa_s->bridge_ifname)) {
2901 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2902 "name '%s'.", iface->bridge_ifname);
2903 return -1;
2904 }
2905 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2906 sizeof(wpa_s->bridge_ifname));
2907 }
2908
6fc6879b
JM		 2909 /* RSNA Supplicant Key Management - INITIALIZE */
2910 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2911 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2912
2913 /* Initialize driver interface and register driver event handler before
2914 * L2 receive handler so that association events are processed before
2915 * EAPOL-Key packets if both become available for the same select()
2916 * call. */
362f781e
JM		 2917 driver = iface->driver;
2918next_driver:
2919 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2920 return -1;
2921
6fc6879b
JM		 2922 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2923 if (wpa_s->drv_priv == NULL) {
362f781e 2924 const char *pos;
a5b9337f 2925 pos = driver ? os_strchr(driver, ',') : NULL;
362f781e 2926 if (pos) {
f049052b
BG		 2927 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2928 "driver interface - try next driver wrapper");
362f781e
JM		 2929 driver = pos + 1;
2930 goto next_driver;
2931 }
f049052b
BG		 2932 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2933 "interface");
6fc6879b
JM		 2934 return -1;
2935 }
2936 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
f049052b
BG		 2937 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2938 "driver_param '%s'", wpa_s->conf->driver_param);
6fc6879b
JM		 2939 return -1;
2940 }
2941
2942 ifname = wpa_drv_get_ifname(wpa_s);
2943 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
f049052b
BG		 2944 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2945 "interface name with '%s'", ifname);
6fc6879b
JM		 2946 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2947 }
2948
2949 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2950 return -1;
2951
2952 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2953 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2954 NULL);
2955 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2956
2957 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2958 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2959 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 2960 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2961 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 2962 return -1;
2963 }
2964
2965 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2966 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2967 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 2968 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 2969 "dot11RSNAConfigPMKReauthThreshold");
2970 return -1;
2971 }
2972
2973 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2974 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2975 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 2976 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2977 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 2978 return -1;
2979 }
2980
6bf731e8
CL		 2981 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2982 &wpa_s->hw.num_modes,
2983 &wpa_s->hw.flags);
2984
814782b9 2985 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c58ab8f2 2986 wpa_s->drv_capa_known = 1;
814782b9 2987 wpa_s->drv_flags = capa.flags;
349493bd 2988 wpa_s->drv_enc = capa.enc;
4f73d88a 2989 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 2990 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507
LC		 2991 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2992 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 2993 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 2994 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 2995 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 2996 wpa_s->extended_capa = capa.extended_capa;
2997 wpa_s->extended_capa_mask = capa.extended_capa_mask;
2998 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 2999 wpa_s->num_multichan_concurrent =
3000 capa.num_multichan_concurrent;
814782b9
JM		 3001 }
3002 if (wpa_s->max_remain_on_chan == 0)
3003 wpa_s->max_remain_on_chan = 1000;
3004
c68f6200
AS		 3005 /*
3006 * Only take p2p_mgmt parameters when P2P Device is supported.
3007 * Doing it here as it determines whether l2_packet_init() will be done
3008 * during wpa_supplicant_driver_init().
3009 */
3010 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3011 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3012 else
3013 iface->p2p_mgmt = 1;
3014
4752147d
IP		 3015 if (wpa_s->num_multichan_concurrent == 0)
3016 wpa_s->num_multichan_concurrent = 1;
3017
6fc6879b
JM		 3018 if (wpa_supplicant_driver_init(wpa_s) < 0)
3019 return -1;
3020
281ff0aa 3021#ifdef CONFIG_TDLS
1c42b42f
JM		 3022 if ((!iface->p2p_mgmt ||
3023 !(wpa_s->drv_flags &
3024 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3025 wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 3026 return -1;
3027#endif /* CONFIG_TDLS */
3028
315ce40a
JM		 3029 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3030 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 3031 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 3032 return -1;
3033 }
3034
116654ce
JM		 3035 if (wpas_wps_init(wpa_s))
3036 return -1;
3037
6fc6879b
JM		 3038 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3039 return -1;
3040 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3041
3042 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3043 if (wpa_s->ctrl_iface == NULL) {
3044 wpa_printf(MSG_ERROR,
3045 "Failed to initialize control interface '%s'.\n"
3046 "You may have another wpa_supplicant process "
3047 "already running or the file was\n"
3048 "left by an unclean termination of wpa_supplicant "
3049 "in which case you will need\n"
3050 "to manually remove this file before starting "
3051 "wpa_supplicant again.\n",
3052 wpa_s->conf->ctrl_interface);
3053 return -1;
3054 }
3055
04ea7b79
JM		 3056 wpa_s->gas = gas_query_init(wpa_s);
3057 if (wpa_s->gas == NULL) {
3058 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3059 return -1;
3060 }
3061
b22128ef 3062#ifdef CONFIG_P2P
c68f6200 3063 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 3064 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 3065 return -1;
3066 }
3067#endif /* CONFIG_P2P */
3068
83922c2d
JM		 3069 if (wpa_bss_init(wpa_s) < 0)
3070 return -1;
83922c2d 3071
ec7b97ab
JM		 3072#ifdef CONFIG_EAP_PROXY
3073{
3074 size_t len;
07041c6f
NJ		 3075 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3076 &len);
ec7b97ab
JM		 3077 if (wpa_s->mnc_len > 0) {
3078 wpa_s->imsi[len] = '\0';
3079 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3080 wpa_s->imsi, wpa_s->mnc_len);
3081 } else {
3082 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3083 }
3084}
3085#endif /* CONFIG_EAP_PROXY */
3086
f64adcd7
JM		 3087 if (pcsc_reader_init(wpa_s) < 0)
3088 return -1;
3089
306ae225
JM		 3090 if (wpas_init_ext_pw(wpa_s) < 0)
3091 return -1;
3092
6fc6879b
JM		 3093 return 0;
3094}
3095
3096
2ee055b3 3097static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 3098 int notify, int terminate)
6fc6879b 3099{
e679f140 3100 wpa_s->disconnected = 1;
6fc6879b
JM		 3101 if (wpa_s->drv_priv) {
3102 wpa_supplicant_deauthenticate(wpa_s,
3103 WLAN_REASON_DEAUTH_LEAVING);
3104
6fc6879b
JM		 3105 wpa_drv_set_countermeasures(wpa_s, 0);
3106 wpa_clear_keys(wpa_s, NULL);
3107 }
3108
8e56d189
JM		 3109 wpa_supplicant_cleanup(wpa_s);
3110
ab28911d
JM		 3111#ifdef CONFIG_P2P
3112 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3113 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3114 "the management interface is being removed");
3115 wpas_p2p_deinit_global(wpa_s->global);
3116 }
3117#endif /* CONFIG_P2P */
3118
6fc6879b
JM		 3119 if (wpa_s->drv_priv)
3120 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 3121
3122 if (notify)
3123 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 3124
3125 if (terminate)
3126 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3127
3128 if (wpa_s->ctrl_iface) {
3129 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3130 wpa_s->ctrl_iface = NULL;
3131 }
3132
3133 if (wpa_s->conf != NULL) {
3134 wpa_config_free(wpa_s->conf);
3135 wpa_s->conf = NULL;
3136 }
18e00b5e
JM		 3137
3138 os_free(wpa_s);
6fc6879b
JM		 3139}
3140
3141
3142/**
3143 * wpa_supplicant_add_iface - Add a new network interface
3144 * @global: Pointer to global data from wpa_supplicant_init()
3145 * @iface: Interface configuration options
3146 * Returns: Pointer to the created interface or %NULL on failure
3147 *
3148 * This function is used to add new network interfaces for %wpa_supplicant.
3149 * This can be called before wpa_supplicant_run() to add interfaces before the
3150 * main event loop has been started. In addition, new interfaces can be added
3151 * dynamically while %wpa_supplicant is already running. This could happen,
3152 * e.g., when a hotplug network adapter is inserted.
3153 */
3154struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3155 struct wpa_interface *iface)
3156{
3157 struct wpa_supplicant *wpa_s;
d27df100 3158 struct wpa_interface t_iface;
8e56d189 3159 struct wpa_ssid *ssid;
6fc6879b
JM		 3160
3161 if (global == NULL || iface == NULL)
3162 return NULL;
3163
3164 wpa_s = wpa_supplicant_alloc();
3165 if (wpa_s == NULL)
3166 return NULL;
3167
d8222ae3
JM		 3168 wpa_s->global = global;
3169
d27df100
JM		 3170 t_iface = *iface;
3171 if (global->params.override_driver) {
3172 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3173 "('%s' -> '%s')",
3174 iface->driver, global->params.override_driver);
3175 t_iface.driver = global->params.override_driver;
3176 }
3177 if (global->params.override_ctrl_interface) {
3178 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3179 "ctrl_interface ('%s' -> '%s')",
3180 iface->ctrl_interface,
3181 global->params.override_ctrl_interface);
3182 t_iface.ctrl_interface =
3183 global->params.override_ctrl_interface;
3184 }
3185 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 3186 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3187 iface->ifname);
df509539 3188 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 3189 return NULL;
3190 }
3191
dc461de4
WS		 3192 /* Notify the control interfaces about new iface */
3193 if (wpas_notify_iface_added(wpa_s)) {
df509539 3194 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6fc6879b
JM		 3195 return NULL;
3196 }
1bd3f426 3197
8e56d189
JM		 3198 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3199 wpas_notify_network_added(wpa_s, ssid);
3200
6fc6879b
JM		 3201 wpa_s->next = global->ifaces;
3202 global->ifaces = wpa_s;
3203
f049052b 3204 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 3205 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b
JM		 3206
3207 return wpa_s;
3208}
3209
3210
3211/**
3212 * wpa_supplicant_remove_iface - Remove a network interface
3213 * @global: Pointer to global data from wpa_supplicant_init()
3214 * @wpa_s: Pointer to the network interface to be removed
3215 * Returns: 0 if interface was removed, -1 if interface was not found
3216 *
3217 * This function can be used to dynamically remove network interfaces from
3218 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3219 * addition, this function is used to remove all remaining interfaces when
3220 * %wpa_supplicant is terminated.
3221 */
3222int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 3223 struct wpa_supplicant *wpa_s,
3224 int terminate)
6fc6879b
JM		 3225{
3226 struct wpa_supplicant *prev;
3227
3228 /* Remove interface from the global list of interfaces */
3229 prev = global->ifaces;
3230 if (prev == wpa_s) {
3231 global->ifaces = wpa_s->next;
3232 } else {
3233 while (prev && prev->next != wpa_s)
3234 prev = prev->next;
3235 if (prev == NULL)
3236 return -1;
3237 prev->next = wpa_s->next;
3238 }
3239
f049052b 3240 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 3241
b22128ef
JM		 3242 if (global->p2p_group_formation == wpa_s)
3243 global->p2p_group_formation = NULL;
dbca75f8
JM		 3244 if (global->p2p_invite_group == wpa_s)
3245 global->p2p_invite_group = NULL;
df509539 3246 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b
JM		 3247
3248 return 0;
3249}
3250
3251
cf83fb0b
PS		 3252/**
3253 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3254 * @wpa_s: Pointer to the network interface
3255 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3256 */
3257const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3258{
3259 const char *eapol_method;
3260
3261 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3262 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3263 return "NO-EAP";
3264 }
3265
3266 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3267 if (eapol_method == NULL)
3268 return "UNKNOWN-EAP";
3269
3270 return eapol_method;
3271}
3272
3273
6fc6879b
JM		 3274/**
3275 * wpa_supplicant_get_iface - Get a new network interface
3276 * @global: Pointer to global data from wpa_supplicant_init()
3277 * @ifname: Interface name
3278 * Returns: Pointer to the interface or %NULL if not found
3279 */
3280struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3281 const char *ifname)
3282{
3283 struct wpa_supplicant *wpa_s;
3284
3285 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3286 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3287 return wpa_s;
3288 }
3289 return NULL;
3290}
3291
3292
50b16da1 3293#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 3294static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3295{
3296 struct wpa_supplicant *wpa_s = ctx;
3297 if (wpa_s == NULL)
3298 return NULL;
3299 return wpa_s->ifname;
3300}
50b16da1 3301#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 3302
3303
6fc6879b
JM		 3304/**
3305 * wpa_supplicant_init - Initialize %wpa_supplicant
3306 * @params: Parameters for %wpa_supplicant
3307 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3308 *
3309 * This function is used to initialize %wpa_supplicant. After successful
3310 * initialization, the returned data pointer can be used to add and remove
3311 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3312 */
3313struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3314{
3315 struct wpa_global *global;
ac305589 3316 int ret, i;
6fc6879b
JM		 3317
3318 if (params == NULL)
3319 return NULL;
3320
39e7d718
JM		 3321#ifdef CONFIG_DRIVER_NDIS
3322 {
3323 void driver_ndis_init_ops(void);
3324 driver_ndis_init_ops();
3325 }
3326#endif /* CONFIG_DRIVER_NDIS */
3327
50b16da1 3328#ifndef CONFIG_NO_WPA_MSG
4f1495ae 3329 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 3330#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 3331
6fc6879b 3332 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 3333 if (params->wpa_debug_syslog)
3334 wpa_debug_open_syslog();
4f68895e
JB		 3335 if (params->wpa_debug_tracing) {
3336 ret = wpa_debug_open_linux_tracing();
3337 if (ret) {
3338 wpa_printf(MSG_ERROR,
3339 "Failed to enable trace logging");
3340 return NULL;
3341 }
3342 }
6fc6879b 3343
12760815 3344 ret = eap_register_methods();
6fc6879b
JM		 3345 if (ret) {
3346 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3347 if (ret == -2)
3348 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3349 "the same EAP type.");
3350 return NULL;
3351 }
3352
3353 global = os_zalloc(sizeof(*global));
3354 if (global == NULL)
3355 return NULL;
b22128ef
JM		 3356 dl_list_init(&global->p2p_srv_bonjour);
3357 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 3358 global->params.daemonize = params->daemonize;
3359 global->params.wait_for_monitor = params->wait_for_monitor;
3360 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3361 if (params->pid_file)
3362 global->params.pid_file = os_strdup(params->pid_file);
3363 if (params->ctrl_interface)
3364 global->params.ctrl_interface =
3365 os_strdup(params->ctrl_interface);
29257565
JM		 3366 if (params->ctrl_interface_group)
3367 global->params.ctrl_interface_group =
3368 os_strdup(params->ctrl_interface_group);
d27df100
JM		 3369 if (params->override_driver)
3370 global->params.override_driver =
3371 os_strdup(params->override_driver);
3372 if (params->override_ctrl_interface)
3373 global->params.override_ctrl_interface =
3374 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 3375 wpa_debug_level = global->params.wpa_debug_level =
3376 params->wpa_debug_level;
3377 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3378 params->wpa_debug_show_keys;
3379 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3380 params->wpa_debug_timestamp;
3381
f19858f5
JM		 3382 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3383
0456ea16 3384 if (eloop_init()) {
6fc6879b
JM		 3385 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3386 wpa_supplicant_deinit(global);
3387 return NULL;
3388 }
3389
38e24575 3390 random_init(params->entropy_file);
d47fa330 3391
6fc6879b
JM		 3392 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3393 if (global->ctrl_iface == NULL) {
3394 wpa_supplicant_deinit(global);
3395 return NULL;
3396 }
3397
dc461de4
WS		 3398 if (wpas_notify_supplicant_initialized(global)) {
3399 wpa_supplicant_deinit(global);
3400 return NULL;
6fc6879b
JM		 3401 }
3402
c5121837 3403 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 3404 global->drv_count++;
3405 if (global->drv_count == 0) {
3406 wpa_printf(MSG_ERROR, "No drivers enabled");
3407 wpa_supplicant_deinit(global);
3408 return NULL;
3409 }
3410 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3411 if (global->drv_priv == NULL) {
3412 wpa_supplicant_deinit(global);
3413 return NULL;
3414 }
ac305589 3415
9675ce35
JM		 3416#ifdef CONFIG_WIFI_DISPLAY
3417 if (wifi_display_init(global) < 0) {
3418 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3419 wpa_supplicant_deinit(global);
3420 return NULL;
3421 }
3422#endif /* CONFIG_WIFI_DISPLAY */
3423
6fc6879b
JM		 3424 return global;
3425}
3426
3427
3428/**
3429 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3430 * @global: Pointer to global data from wpa_supplicant_init()
3431 * Returns: 0 after successful event loop run, -1 on failure
3432 *
3433 * This function starts the main event loop and continues running as long as
3434 * there are any remaining events. In most cases, this function is running as
3435 * long as the %wpa_supplicant process in still in use.
3436 */
3437int wpa_supplicant_run(struct wpa_global *global)
3438{
3439 struct wpa_supplicant *wpa_s;
3440
3441 if (global->params.daemonize &&
3442 wpa_supplicant_daemon(global->params.pid_file))
3443 return -1;
3444
3445 if (global->params.wait_for_monitor) {
3446 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3447 if (wpa_s->ctrl_iface)
3448 wpa_supplicant_ctrl_iface_wait(
3449 wpa_s->ctrl_iface);
3450 }
3451
0456ea16
JM		 3452 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3453 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 3454
3455 eloop_run();
3456
3457 return 0;
3458}
3459
3460
3461/**
3462 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3463 * @global: Pointer to global data from wpa_supplicant_init()
3464 *
3465 * This function is called to deinitialize %wpa_supplicant and to free all
3466 * allocated resources. Remaining network interfaces will also be removed.
3467 */
3468void wpa_supplicant_deinit(struct wpa_global *global)
3469{
ac305589
JM		 3470 int i;
3471
6fc6879b
JM		 3472 if (global == NULL)
3473 return;
3474
9675ce35
JM		 3475#ifdef CONFIG_WIFI_DISPLAY
3476 wifi_display_deinit(global);
3477#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 3478
6fc6879b 3479 while (global->ifaces)
df509539 3480 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 3481
3482 if (global->ctrl_iface)
3483 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 3484
3485 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 3486
3487 eap_peer_unregister_methods();
3ec97afe
JM		 3488#ifdef CONFIG_AP
3489 eap_server_unregister_methods();
3490#endif /* CONFIG_AP */
6fc6879b 3491
c5121837 3492 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 3493 if (!global->drv_priv[i])
3494 continue;
c5121837 3495 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 3496 }
3497 os_free(global->drv_priv);
3498
d47fa330
JM		 3499 random_deinit();
3500
6fc6879b
JM		 3501 eloop_destroy();
3502
3503 if (global->params.pid_file) {
3504 os_daemonize_terminate(global->params.pid_file);
3505 os_free(global->params.pid_file);
3506 }
3507 os_free(global->params.ctrl_interface);
29257565 3508 os_free(global->params.ctrl_interface_group);
d27df100
JM		 3509 os_free(global->params.override_driver);
3510 os_free(global->params.override_ctrl_interface);
6fc6879b 3511
af8a827b 3512 os_free(global->p2p_disallow_freq.range);
01a57fe4 3513 os_free(global->add_psk);
6f3bc72b 3514
6fc6879b 3515 os_free(global);
daa70d49 3516 wpa_debug_close_syslog();
6fc6879b 3517 wpa_debug_close_file();
4f68895e 3518 wpa_debug_close_linux_tracing();
6fc6879b 3519}
611aea7d
JM		 3520
3521
3522void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3523{
849b5dc7
JM		 3524 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3525 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3526 char country[3];
3527 country[0] = wpa_s->conf->country[0];
3528 country[1] = wpa_s->conf->country[1];
3529 country[2] = '\0';
3530 if (wpa_drv_set_country(wpa_s, country) < 0) {
3531 wpa_printf(MSG_ERROR, "Failed to set country code "
3532 "'%s'", country);
3533 }
3534 }
3535
306ae225
JM		 3536 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3537 wpas_init_ext_pw(wpa_s);
3538
611aea7d
JM		 3539#ifdef CONFIG_WPS
3540 wpas_wps_update_config(wpa_s);
3541#endif /* CONFIG_WPS */
3542
b22128ef
JM		 3543#ifdef CONFIG_P2P
3544 wpas_p2p_update_config(wpa_s);
3545#endif /* CONFIG_P2P */
3546
611aea7d
JM		 3547 wpa_s->conf->changed_parameters = 0;
3548}
2f9c6aa6
JM		 3549
3550
0fb337c1
JM		 3551static void add_freq(int *freqs, int *num_freqs, int freq)
3552{
3553 int i;
3554
3555 for (i = 0; i < *num_freqs; i++) {
3556 if (freqs[i] == freq)
3557 return;
3558 }
3559
3560 freqs[*num_freqs] = freq;
3561 (*num_freqs)++;
3562}
3563
3564
3565static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3566{
3567 struct wpa_bss *bss, *cbss;
3568 const int max_freqs = 10;
3569 int *freqs;
3570 int num_freqs = 0;
3571
3572 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3573 if (freqs == NULL)
3574 return NULL;
3575
3576 cbss = wpa_s->current_bss;
3577
3578 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3579 if (bss == cbss)
3580 continue;
3581 if (bss->ssid_len == cbss->ssid_len &&
3582 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3583 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3584 add_freq(freqs, &num_freqs, bss->freq);
3585 if (num_freqs == max_freqs)
3586 break;
3587 }
3588 }
3589
3590 if (num_freqs == 0) {
3591 os_free(freqs);
3592 freqs = NULL;
3593 }
3594
3595 return freqs;
3596}
3597
3598
3599void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3600{
3601 int timeout;
3602 int count;
3603 int *freqs = NULL;
3604
5fd9fb27
JM		 3605 /*
3606 * Remove possible authentication timeout since the connection failed.
3607 */
3608 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3609
0cdb93fe
JM		 3610 if (wpa_s->disconnected) {
3611 /*
3612 * There is no point in blacklisting the AP if this event is
3613 * generated based on local request to disconnect.
3614 */
3615 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
3616 "indication since interface has been put into "
3617 "disconnected state");
3618 return;
3619 }
3620
0fb337c1
JM		 3621 /*
3622 * Add the failed BSSID into the blacklist and speed up next scan
3623 * attempt if there could be other APs that could accept association.
3624 * The current blacklist count indicates how many times we have tried
3625 * connecting to this AP and multiple attempts mean that other APs are
3626 * either not available or has already been tried, so that we can start
3627 * increasing the delay here to avoid constant scanning.
3628 */
3629 count = wpa_blacklist_add(wpa_s, bssid);
3630 if (count == 1 && wpa_s->current_bss) {
3631 /*
3632 * This BSS was not in the blacklist before. If there is
3633 * another BSS available for the same ESS, we should try that
3634 * next. Otherwise, we may as well try this one once more
3635 * before allowing other, likely worse, ESSes to be considered.
3636 */
3637 freqs = get_bss_freqs_in_ess(wpa_s);
3638 if (freqs) {
f049052b
BG		 3639 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3640 "has been seen; try it next");
0fb337c1
JM		 3641 wpa_blacklist_add(wpa_s, bssid);
3642 /*
3643 * On the next scan, go through only the known channels
3644 * used in this ESS based on previous scans to speed up
3645 * common load balancing use case.
3646 */
3647 os_free(wpa_s->next_scan_freqs);
3648 wpa_s->next_scan_freqs = freqs;
3649 }
3650 }
3651
f1a52633
JM		 3652 /*
3653 * Add previous failure count in case the temporary blacklist was
3654 * cleared due to no other BSSes being available.
3655 */
3656 count += wpa_s->extra_blacklist_count;
3657
dd579704
JM		 3658 if (count > 3 && wpa_s->current_ssid) {
3659 wpa_printf(MSG_DEBUG, "Continuous association failures - "
3660 "consider temporary network disabling");
3661 wpas_auth_failed(wpa_s);
3662 }
3663
0fb337c1
JM		 3664 switch (count) {
3665 case 1:
3666 timeout = 100;
3667 break;
3668 case 2:
3669 timeout = 500;
3670 break;
3671 case 3:
3672 timeout = 1000;
3673 break;
f1a52633 3674 case 4:
0fb337c1 3675 timeout = 5000;
f1a52633
JM		 3676 break;
3677 default:
3678 timeout = 10000;
3679 break;
0fb337c1
JM		 3680 }
3681
f1a52633
JM		 3682 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
3683 "ms", count, timeout);
3684
0fb337c1
JM		 3685 /*
3686 * TODO: if more than one possible AP is available in scan results,
3687 * could try the other ones before requesting a new scan.
3688 */
3689 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3690 1000 * (timeout % 1000));
99fcd404 3691
f85f545e 3692 wpas_p2p_continue_after_scan(wpa_s);
0fb337c1 3693}
22628eca
JM		 3694
3695
3696int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3697{
3698 return wpa_s->conf->ap_scan == 2 ||
3699 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3700}
d2118814
JM		 3701
3702
3703#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3704int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3705 struct wpa_ssid *ssid,
3706 const char *field,
3707 const char *value)
3708{
3709#ifdef IEEE8021X_EAPOL
3710 struct eap_peer_config *eap = &ssid->eap;
3711
3712 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3713 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3714 (const u8 *) value, os_strlen(value));
3715
3716 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3717 case WPA_CTRL_REQ_EAP_IDENTITY:
3718 os_free(eap->identity);
3719 eap->identity = (u8 *) os_strdup(value);
3720 eap->identity_len = os_strlen(value);
3721 eap->pending_req_identity = 0;
3722 if (ssid == wpa_s->current_ssid)
3723 wpa_s->reassociate = 1;
3724 break;
3725 case WPA_CTRL_REQ_EAP_PASSWORD:
3726 os_free(eap->password);
3727 eap->password = (u8 *) os_strdup(value);
3728 eap->password_len = os_strlen(value);
3729 eap->pending_req_password = 0;
3730 if (ssid == wpa_s->current_ssid)
3731 wpa_s->reassociate = 1;
3732 break;
3733 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3734 os_free(eap->new_password);
3735 eap->new_password = (u8 *) os_strdup(value);
3736 eap->new_password_len = os_strlen(value);
3737 eap->pending_req_new_password = 0;
3738 if (ssid == wpa_s->current_ssid)
3739 wpa_s->reassociate = 1;
3740 break;
3741 case WPA_CTRL_REQ_EAP_PIN:
3742 os_free(eap->pin);
3743 eap->pin = os_strdup(value);
3744 eap->pending_req_pin = 0;
3745 if (ssid == wpa_s->current_ssid)
3746 wpa_s->reassociate = 1;
3747 break;
3748 case WPA_CTRL_REQ_EAP_OTP:
3749 os_free(eap->otp);
3750 eap->otp = (u8 *) os_strdup(value);
3751 eap->otp_len = os_strlen(value);
3752 os_free(eap->pending_req_otp);
3753 eap->pending_req_otp = NULL;
3754 eap->pending_req_otp_len = 0;
3755 break;
3756 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3757 os_free(eap->private_key_passwd);
3758 eap->private_key_passwd = (u8 *) os_strdup(value);
3759 eap->pending_req_passphrase = 0;
3760 if (ssid == wpa_s->current_ssid)
3761 wpa_s->reassociate = 1;
3762 break;
a5d44ac0
JM		 3763 case WPA_CTRL_REQ_SIM:
3764 os_free(eap->external_sim_resp);
3765 eap->external_sim_resp = os_strdup(value);
3766 break;
d2118814
JM		 3767 default:
3768 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3769 return -1;
3770 }
3771
3772 return 0;
3773#else /* IEEE8021X_EAPOL */
3774 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3775 return -1;
3776#endif /* IEEE8021X_EAPOL */
3777}
3778#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 3779
3780
3781int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3782{
3783 int i;
3784 unsigned int drv_enc;
3785
3786 if (ssid == NULL)
3787 return 1;
3788
3789 if (ssid->disabled)
3790 return 1;
3791
3792 if (wpa_s && wpa_s->drv_capa_known)
3793 drv_enc = wpa_s->drv_enc;
3794 else
3795 drv_enc = (unsigned int) -1;
3796
3797 for (i = 0; i < NUM_WEP_KEYS; i++) {
3798 size_t len = ssid->wep_key_len[i];
3799 if (len == 0)
3800 continue;
3801 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3802 continue;
3803 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3804 continue;
3805 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3806 continue;
3807 return 1; /* invalid WEP key */
3808 }
3809
9173b16f
JM		 3810 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3811 !ssid->ext_psk)
2518aad3
JM		 3812 return 1;
3813
349493bd
JM		 3814 return 0;
3815}
b9cfc09a
JJ		 3816
3817
3818int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3819{
3820 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3821 return 1;
3822 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3823 return 0;
3824 return -1;
3825}
00e5e3d5
JM		 3826
3827
3828void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3829{
3830 struct wpa_ssid *ssid = wpa_s->current_ssid;
3831 int dur;
3832 struct os_time now;
3833
3834 if (ssid == NULL) {
3835 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3836 "SSID block");
3837 return;
3838 }
3839
3840 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3841 return;
3842
3843 ssid->auth_failures++;
cbf41ca7
SL		 3844
3845#ifdef CONFIG_P2P
3846 if (ssid->p2p_group &&
3847 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
3848 /*
3849 * Skip the wait time since there is a short timeout on the
3850 * connection to a P2P group.
3851 */
3852 return;
3853 }
3854#endif /* CONFIG_P2P */
3855
00e5e3d5
JM		 3856 if (ssid->auth_failures > 50)
3857 dur = 300;
3858 else if (ssid->auth_failures > 20)
3859 dur = 120;
3860 else if (ssid->auth_failures > 10)
3861 dur = 60;
3862 else if (ssid->auth_failures > 5)
3863 dur = 30;
3864 else if (ssid->auth_failures > 1)
3865 dur = 20;
3866 else
3867 dur = 10;
3868
3869 os_get_time(&now);
3870 if (now.sec + dur <= ssid->disabled_until.sec)
3871 return;
3872
3873 ssid->disabled_until.sec = now.sec + dur;
3874
3875 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3876 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3877 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3878 ssid->auth_failures, dur);
3879}
3880
3881
3882void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3883 struct wpa_ssid *ssid, int clear_failures)
3884{
3885 if (ssid == NULL)
3886 return;
3887
3888 if (ssid->disabled_until.sec) {
3889 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3890 "id=%d ssid=\"%s\"",
3891 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3892 }
3893 ssid->disabled_until.sec = 0;
3894 ssid->disabled_until.usec = 0;
3895 if (clear_failures)
3896 ssid->auth_failures = 0;
3897}
6407f413
JM		 3898
3899
3900int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
3901{
3902 size_t i;
3903
3904 if (wpa_s->disallow_aps_bssid == NULL)
3905 return 0;
3906
3907 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
3908 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
3909 bssid, ETH_ALEN) == 0)
3910 return 1;
3911 }
3912
3913 return 0;
3914}
3915
3916
3917int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
3918 size_t ssid_len)
3919{
3920 size_t i;
3921
3922 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
3923 return 0;
3924
3925 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
3926 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
3927 if (ssid_len == s->ssid_len &&
3928 os_memcmp(ssid, s->ssid, ssid_len) == 0)
3929 return 1;
3930 }
3931
3932 return 0;
3933}
9796a86c
JM		 3934
3935
3936/**
3937 * wpas_request_connection - Request a new connection
3938 * @wpa_s: Pointer to the network interface
3939 *
3940 * This function is used to request a new connection to be found. It will mark
3941 * the interface to allow reassociation and request a new scan to find a
3942 * suitable network to connect to.
3943 */
3944void wpas_request_connection(struct wpa_supplicant *wpa_s)
3945{
3946 wpa_s->normal_scans = 0;
3947 wpa_supplicant_reinit_autoscan(wpa_s);
3948 wpa_s->extra_blacklist_count = 0;
3949 wpa_s->disconnected = 0;
3950 wpa_s->reassociate = 1;
5e24beae
MH		 3951
3952 if (wpa_supplicant_fast_associate(wpa_s) != 1)
3953 wpa_supplicant_req_scan(wpa_s, 0, 0);
9796a86c 3954}
36b9883d
DG		 3955
3956
c3775143
KP		 3957static int wpas_conn_in_progress(struct wpa_supplicant *wpa_s)
3958{
3959 return wpa_s->wpa_state >= WPA_AUTHENTICATING &&
3960 wpa_s->wpa_state != WPA_COMPLETED;
3961}
3962
3963
36b9883d
DG		 3964/**
3965 * wpas_wpa_is_in_progress - Check whether a connection is in progress
3966 * @wpa_s: Pointer to wpa_supplicant data
c3775143 3967 * @include_current: Whether to consider specified interface
36b9883d
DG		 3968 *
3969 * This function is to check if the wpa state is in beginning of the connection
3970 * during 4-way handshake or group key handshake with WPA on any shared
3971 * interface.
3972 */
c3775143 3973int wpas_wpa_is_in_progress(struct wpa_supplicant *wpa_s, int include_current)
36b9883d
DG		 3974{
3975 const char *rn, *rn2;
3976 struct wpa_supplicant *ifs;
3977
c3775143
KP		 3978 if (!wpa_s->driver->get_radio_name) {
3979 if (include_current && wpas_conn_in_progress(wpa_s)) {
3980 wpa_dbg(wpa_s, MSG_DEBUG, "Connection is in progress on interface %s - defer",
3981 wpa_s->ifname);
3982 return 1;
3983 }
3984
36b9883d 3985 return 0;
c3775143 3986 }
36b9883d
DG		 3987
3988 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3989 if (rn == NULL || rn[0] == '\0')
3990 return 0;
3991
3992 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) {
c3775143
KP		 3993 if (!include_current && ifs == wpa_s)
3994 continue;
3995 if (!ifs->driver->get_radio_name)
36b9883d
DG		 3996 continue;
3997
3998 rn2 = ifs->driver->get_radio_name(ifs->drv_priv);
3999 if (!rn2 || os_strcmp(rn, rn2) != 0)
4000 continue;
c3775143 4001 if (wpas_conn_in_progress(ifs)) {
36b9883d 4002 wpa_dbg(wpa_s, MSG_DEBUG, "Connection is in progress "
c3775143 4003 "on interface %s - defer", ifs->ifname);
36b9883d
DG		 4004 return 1;
4005 }
4006 }
4007
4008 return 0;
4009}
53c5dfc2
IP		 4010
4011
4012/*
4013 * Find the operating frequencies of any of the virtual interfaces that
4014 * are using the same radio as the current interface.
4015 */
4016int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4017 int *freq_array, unsigned int len)
4018{
4019 const char *rn, *rn2;
4020 struct wpa_supplicant *ifs;
4021 u8 bssid[ETH_ALEN];
4022 int freq;
4023 unsigned int idx = 0, i;
4024
4025 os_memset(freq_array, 0, sizeof(int) * len);
4026
4027 /* First add the frequency of the local interface */
4028 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4029 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4030 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4031 freq_array[idx++] = wpa_s->current_ssid->frequency;
4032 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4033 freq_array[idx++] = wpa_s->assoc_freq;
4034 }
4035
4036 /* If get_radio_name is not supported, use only the local freq */
a21816a9
JM		 4037 if (!wpa_s->driver->get_radio_name) {
4038 freq = wpa_drv_shared_freq(wpa_s);
4039 if (freq > 0 && idx < len &&
4040 (idx == 0 || freq_array[0] != freq))
4041 freq_array[idx++] = freq;
53c5dfc2 4042 return idx;
a21816a9 4043 }
53c5dfc2
IP		 4044
4045 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
4046 if (rn == NULL || rn[0] == '\0')
4047 return idx;
4048
4049 for (ifs = wpa_s->global->ifaces, idx = 0; ifs && idx < len;
4050 ifs = ifs->next) {
4051 if (wpa_s == ifs || !ifs->driver->get_radio_name)
4052 continue;
4053
4054 rn2 = ifs->driver->get_radio_name(ifs->drv_priv);
4055 if (!rn2 || os_strcmp(rn, rn2) != 0)
4056 continue;
4057
4058 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4059 continue;
4060
4061 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4062 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4063 freq = ifs->current_ssid->frequency;
4064 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4065 freq = ifs->assoc_freq;
4066 else
4067 continue;
4068
4069 /* Hold only distinct freqs */
4070 for (i = 0; i < idx; i++)
4071 if (freq_array[i] == freq)
4072 break;
4073
4074 if (i == idx)
4075 freq_array[idx++] = freq;
4076 }
4077 return idx;
4078}
Unnamed repository; edit this file 'description' to name the repository.