]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix per-SSID scan (scan_ssid=1)
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
6f78f2fb 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
6fc6879b
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19#include "includes.h"
20
21#include "common.h"
22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
3ec97afe 24#include "eap_server/eap_methods.h"
6fc6879b
JM		 25#include "wpa.h"
26#include "eloop.h"
6fc6879b
JM		 27#include "config.h"
28#include "l2_packet/l2_packet.h"
29#include "wpa_supplicant_i.h"
2d5b792d 30#include "driver_i.h"
6fc6879b 31#include "ctrl_iface.h"
6fc6879b
JM		 32#include "pcsc_funcs.h"
33#include "version.h"
34#include "preauth.h"
35#include "pmksa_cache.h"
36#include "wpa_ctrl.h"
37#include "mlme.h"
38#include "ieee802_11_defs.h"
39#include "blacklist.h"
40#include "wpas_glue.h"
116654ce 41#include "wps_supplicant.h"
11ef8d35 42#include "ibss_rsn.h"
c2a04078 43#include "sme.h"
1f1b62a0 44#include "ap.h"
8bac466b 45#include "notify.h"
60b94c98 46#include "bgscan.h"
6fc6879b
JM		 47
48const char *wpa_supplicant_version =
49"wpa_supplicant v" VERSION_STR "\n"
6f78f2fb 50"Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 51
52const char *wpa_supplicant_license =
53"This program is free software. You can distribute it and/or modify it\n"
54"under the terms of the GNU General Public License version 2.\n"
55"\n"
56"Alternatively, this software may be distributed under the terms of the\n"
57"BSD license. See README and COPYING for more details.\n"
58#ifdef EAP_TLS_OPENSSL
59"\nThis product includes software developed by the OpenSSL Project\n"
60"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
61#endif /* EAP_TLS_OPENSSL */
62;
63
64#ifndef CONFIG_NO_STDOUT_DEBUG
65/* Long text divided into parts in order to fit in C89 strings size limits. */
66const char *wpa_supplicant_full_license1 =
67"This program is free software; you can redistribute it and/or modify\n"
68"it under the terms of the GNU General Public License version 2 as\n"
69"published by the Free Software Foundation.\n"
70"\n"
71"This program is distributed in the hope that it will be useful,\n"
72"but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
73"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
74"GNU General Public License for more details.\n"
75"\n";
76const char *wpa_supplicant_full_license2 =
77"You should have received a copy of the GNU General Public License\n"
78"along with this program; if not, write to the Free Software\n"
79"Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
80"\n"
81"Alternatively, this software may be distributed under the terms of the\n"
82"BSD license.\n"
83"\n"
84"Redistribution and use in source and binary forms, with or without\n"
85"modification, are permitted provided that the following conditions are\n"
86"met:\n"
87"\n";
88const char *wpa_supplicant_full_license3 =
89"1. Redistributions of source code must retain the above copyright\n"
90" notice, this list of conditions and the following disclaimer.\n"
91"\n"
92"2. Redistributions in binary form must reproduce the above copyright\n"
93" notice, this list of conditions and the following disclaimer in the\n"
94" documentation and/or other materials provided with the distribution.\n"
95"\n";
96const char *wpa_supplicant_full_license4 =
97"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
98" names of its contributors may be used to endorse or promote products\n"
99" derived from this software without specific prior written permission.\n"
100"\n"
101"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
102"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
103"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
104"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
105const char *wpa_supplicant_full_license5 =
106"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
107"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
108"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
109"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
110"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
111"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
112"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
113"\n";
114#endif /* CONFIG_NO_STDOUT_DEBUG */
115
6fc6879b
JM		 116extern int wpa_debug_level;
117extern int wpa_debug_show_keys;
118extern int wpa_debug_timestamp;
c5121837 119extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 120
121/* Configure default/group WEP keys for static WEP */
0194fedb 122int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 123{
124 int i, set = 0;
125
126 for (i = 0; i < NUM_WEP_KEYS; i++) {
127 if (ssid->wep_key_len[i] == 0)
128 continue;
129
130 set = 1;
131 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
132 (u8 *) "\xff\xff\xff\xff\xff\xff",
133 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
134 ssid->wep_key[i], ssid->wep_key_len[i]);
135 }
136
137 return set;
138}
139
140
141static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
142 struct wpa_ssid *ssid)
143{
144 u8 key[32];
145 size_t keylen;
146 wpa_alg alg;
147 u8 seq[6] = { 0 };
148
149 /* IBSS/WPA-None uses only one key (Group) for both receiving and
150 * sending unicast and multicast packets. */
151
152 if (ssid->mode != IEEE80211_MODE_IBSS) {
153 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
154 "for WPA-None", ssid->mode);
155 return -1;
156 }
157
158 if (!ssid->psk_set) {
159 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
160 return -1;
161 }
162
163 switch (wpa_s->group_cipher) {
164 case WPA_CIPHER_CCMP:
165 os_memcpy(key, ssid->psk, 16);
166 keylen = 16;
167 alg = WPA_ALG_CCMP;
168 break;
169 case WPA_CIPHER_TKIP:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key, ssid->psk, 16 + 8);
172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 keylen = 32;
174 alg = WPA_ALG_TKIP;
175 break;
176 default:
177 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s->group_cipher);
179 return -1;
180 }
181
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
184
185 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
186 0, 1, seq, 6, key, keylen);
187}
188
189
190static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
191{
192 struct wpa_supplicant *wpa_s = eloop_ctx;
193 const u8 *bssid = wpa_s->bssid;
a8e16edc 194 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 195 bssid = wpa_s->pending_bssid;
196 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
197 MAC2STR(bssid));
198 wpa_blacklist_add(wpa_s, bssid);
199 wpa_sm_notify_disassoc(wpa_s->wpa);
200 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
201 wpa_s->reassociate = 1;
202 wpa_supplicant_req_scan(wpa_s, 0, 0);
203}
204
205
206/**
207 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
208 * @wpa_s: Pointer to wpa_supplicant data
209 * @sec: Number of seconds after which to time out authentication
210 * @usec: Number of microseconds after which to time out authentication
211 *
212 * This function is used to schedule a timeout for the current authentication
213 * attempt.
214 */
215void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
216 int sec, int usec)
217{
c2a04078
JM		 218 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
219 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 220 return;
221
222 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
223 "%d usec", sec, usec);
224 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
225 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
226}
227
228
229/**
230 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
231 * @wpa_s: Pointer to wpa_supplicant data
232 *
233 * This function is used to cancel authentication timeout scheduled with
234 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
235 * been completed.
236 */
237void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
238{
239 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
240 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
241 wpa_blacklist_del(wpa_s, wpa_s->bssid);
242}
243
244
245/**
246 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
247 * @wpa_s: Pointer to wpa_supplicant data
248 *
249 * This function is used to configure EAPOL state machine based on the selected
250 * authentication mode.
251 */
252void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
253{
254#ifdef IEEE8021X_EAPOL
255 struct eapol_config eapol_conf;
256 struct wpa_ssid *ssid = wpa_s->current_ssid;
257
53895c3b
JM		 258#ifdef CONFIG_IBSS_RSN
259 if (ssid->mode == IEEE80211_MODE_IBSS &&
260 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
261 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
262 /*
263 * RSN IBSS authentication is per-STA and we can disable the
264 * per-BSSID EAPOL authentication.
265 */
266 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
267 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
268 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
269 return;
270 }
271#endif /* CONFIG_IBSS_RSN */
272
0a40ec6a
JM		 273 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
274 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
275
6fc6879b
JM		 276 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
277 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
278 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
279 else
280 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
281
282 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
283 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
284 eapol_conf.accept_802_1x_keys = 1;
285 eapol_conf.required_keys = 0;
286 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
287 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
288 }
289 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
290 eapol_conf.required_keys |=
291 EAPOL_REQUIRE_KEY_BROADCAST;
292 }
293
c2a04078 294 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 295 eapol_conf.required_keys = 0;
6fc6879b
JM		 296 }
297 if (wpa_s->conf)
298 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
299 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 300 eapol_conf.eap_disabled =
301 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 302 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 304 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
305#endif /* IEEE8021X_EAPOL */
306}
307
308
309/**
310 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
311 * @wpa_s: Pointer to wpa_supplicant data
312 * @ssid: Configuration data for the network
313 *
314 * This function is used to configure WPA state machine and related parameters
315 * to a mode where WPA is not enabled. This is called as part of the
316 * authentication configuration when the selected network does not use WPA.
317 */
318void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
319 struct wpa_ssid *ssid)
320{
321 int i;
322
ad08c363
JM		 323 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
325 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 326 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
327 else
328 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
329 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
331 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
333 wpa_s->group_cipher = WPA_CIPHER_NONE;
334 wpa_s->mgmt_group_cipher = 0;
335
336 for (i = 0; i < NUM_WEP_KEYS; i++) {
337 if (ssid->wep_key_len[i] > 5) {
338 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
339 wpa_s->group_cipher = WPA_CIPHER_WEP104;
340 break;
341 } else if (ssid->wep_key_len[i] > 0) {
342 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
343 wpa_s->group_cipher = WPA_CIPHER_WEP40;
344 break;
345 }
346 }
347
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
351 wpa_s->pairwise_cipher);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
353#ifdef CONFIG_IEEE80211W
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
355 wpa_s->mgmt_group_cipher);
356#endif /* CONFIG_IEEE80211W */
357
358 pmksa_cache_clear_current(wpa_s->wpa);
359}
360
361
362static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
363{
60b94c98 364 bgscan_deinit(wpa_s);
6fc6879b
JM		 365 scard_deinit(wpa_s->scard);
366 wpa_s->scard = NULL;
367 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
368 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
369 l2_packet_deinit(wpa_s->l2);
370 wpa_s->l2 = NULL;
371 if (wpa_s->l2_br) {
372 l2_packet_deinit(wpa_s->l2_br);
373 wpa_s->l2_br = NULL;
374 }
375
376 if (wpa_s->ctrl_iface) {
377 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
378 wpa_s->ctrl_iface = NULL;
379 }
380 if (wpa_s->conf != NULL) {
381 wpa_config_free(wpa_s->conf);
382 wpa_s->conf = NULL;
383 }
384
385 os_free(wpa_s->confname);
386 wpa_s->confname = NULL;
387
388 wpa_sm_set_eapol(wpa_s->wpa, NULL);
389 eapol_sm_deinit(wpa_s->eapol);
390 wpa_s->eapol = NULL;
391
392 rsn_preauth_deinit(wpa_s->wpa);
393
394 pmksa_candidate_free(wpa_s->wpa);
395 wpa_sm_deinit(wpa_s->wpa);
396 wpa_s->wpa = NULL;
397 wpa_blacklist_clear(wpa_s);
398
399 wpa_scan_results_free(wpa_s->scan_res);
400 wpa_s->scan_res = NULL;
401
402 wpa_supplicant_cancel_scan(wpa_s);
403 wpa_supplicant_cancel_auth_timeout(wpa_s);
404
405 ieee80211_sta_deinit(wpa_s);
116654ce
JM		 406
407 wpas_wps_deinit(wpa_s);
11ef8d35 408
1ff73338
JM		 409 wpabuf_free(wpa_s->pending_eapol_rx);
410 wpa_s->pending_eapol_rx = NULL;
411
11ef8d35
JM		 412#ifdef CONFIG_IBSS_RSN
413 ibss_rsn_deinit(wpa_s->ibss_rsn);
414 wpa_s->ibss_rsn = NULL;
415#endif /* CONFIG_IBSS_RSN */
c2a04078
JM		 416
417#ifdef CONFIG_SME
418 os_free(wpa_s->sme.ft_ies);
419 wpa_s->sme.ft_ies = NULL;
420 wpa_s->sme.ft_ies_len = 0;
421#endif /* CONFIG_SME */
2d5b792d
JM		 422
423#ifdef CONFIG_AP
424 wpa_supplicant_ap_deinit(wpa_s);
425#endif /* CONFIG_AP */
6fc6879b
JM		 426}
427
428
429/**
430 * wpa_clear_keys - Clear keys configured for the driver
431 * @wpa_s: Pointer to wpa_supplicant data
432 * @addr: Previously used BSSID or %NULL if not available
433 *
434 * This function clears the encryption keys that has been previously configured
435 * for the driver.
436 */
437void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
438{
439 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
440
441 if (wpa_s->keys_cleared) {
442 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
443 * timing issues with keys being cleared just before new keys
444 * are set or just after association or something similar. This
445 * shows up in group key handshake failing often because of the
446 * client not receiving the first encrypted packets correctly.
447 * Skipping some of the extra key clearing steps seems to help
448 * in completing group key handshake more reliably. */
449 wpa_printf(MSG_DEBUG, "No keys have been configured - "
450 "skip key clearing");
451 return;
452 }
453
454 /* MLME-DELETEKEYS.request */
455 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
456 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
457 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
458 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
0e27f655
MH		 459#ifdef CONFIG_IEEE80211W
460 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
461 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
462#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 463 if (addr) {
464 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
465 0);
466 /* MLME-SETPROTECTION.request(None) */
467 wpa_drv_mlme_setprotection(
468 wpa_s, addr,
469 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
470 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
471 }
472 wpa_s->keys_cleared = 1;
473}
474
475
476/**
477 * wpa_supplicant_state_txt - Get the connection state name as a text string
478 * @state: State (wpa_state; WPA_*)
479 * Returns: The state name as a printable text string
480 */
481const char * wpa_supplicant_state_txt(int state)
482{
483 switch (state) {
484 case WPA_DISCONNECTED:
485 return "DISCONNECTED";
486 case WPA_INACTIVE:
487 return "INACTIVE";
488 case WPA_SCANNING:
489 return "SCANNING";
c2a04078
JM		 490 case WPA_AUTHENTICATING:
491 return "AUTHENTICATING";
6fc6879b
JM		 492 case WPA_ASSOCIATING:
493 return "ASSOCIATING";
494 case WPA_ASSOCIATED:
495 return "ASSOCIATED";
496 case WPA_4WAY_HANDSHAKE:
497 return "4WAY_HANDSHAKE";
498 case WPA_GROUP_HANDSHAKE:
499 return "GROUP_HANDSHAKE";
500 case WPA_COMPLETED:
501 return "COMPLETED";
502 default:
503 return "UNKNOWN";
504 }
505}
506
507
508/**
509 * wpa_supplicant_set_state - Set current connection state
510 * @wpa_s: Pointer to wpa_supplicant data
511 * @state: The new connection state
512 *
513 * This function is called whenever the connection state changes, e.g.,
514 * association is completed for WPA/WPA2 4-Way Handshake is started.
515 */
516void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
517{
518 wpa_printf(MSG_DEBUG, "State: %s -> %s",
519 wpa_supplicant_state_txt(wpa_s->wpa_state),
520 wpa_supplicant_state_txt(state));
521
cb8564b1
DW		 522 if (state != WPA_SCANNING)
523 wpa_supplicant_notify_scanning(wpa_s, 0);
524
8bac466b 525 wpas_notify_state_changed(wpa_s, state, wpa_s->wpa_state);
6fc6879b
JM		 526
527 if (state == WPA_COMPLETED && wpa_s->new_connection) {
528#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
529 struct wpa_ssid *ssid = wpa_s->current_ssid;
530 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
531 MACSTR " completed %s [id=%d id_str=%s]",
532 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
533 "(reauth)" : "(auth)",
534 ssid ? ssid->id : -1,
535 ssid && ssid->id_str ? ssid->id_str : "");
536#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
537 wpa_s->new_connection = 0;
538 wpa_s->reassociated_connection = 1;
539 wpa_drv_set_operstate(wpa_s, 1);
540 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
541 state == WPA_ASSOCIATED) {
542 wpa_s->new_connection = 1;
543 wpa_drv_set_operstate(wpa_s, 0);
544 }
545 wpa_s->wpa_state = state;
546}
547
548
549static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
550 void *signal_ctx)
551{
552 struct wpa_global *global = eloop_ctx;
553 struct wpa_supplicant *wpa_s;
554 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
555 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
556 "received", sig);
557 }
558 eloop_terminate();
559}
560
561
562static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
563{
8bac466b 564 wpa_states old_state = wpa_s->wpa_state;
6fc6879b
JM		 565 wpa_s->pairwise_cipher = 0;
566 wpa_s->group_cipher = 0;
567 wpa_s->mgmt_group_cipher = 0;
568 wpa_s->key_mgmt = 0;
569 wpa_s->wpa_state = WPA_DISCONNECTED;
8bac466b 570 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 571}
572
573
574/**
575 * wpa_supplicant_reload_configuration - Reload configuration data
576 * @wpa_s: Pointer to wpa_supplicant data
577 * Returns: 0 on success or -1 if configuration parsing failed
578 *
579 * This function can be used to request that the configuration data is reloaded
580 * (e.g., after configuration file change). This function is reloading
581 * configuration only for one interface, so this may need to be called multiple
582 * times if %wpa_supplicant is controlling multiple interfaces and all
583 * interfaces need reconfiguration.
584 */
585int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
586{
587 struct wpa_config *conf;
8bac466b 588 struct wpa_ssid *old_ssid;
6fc6879b 589 int reconf_ctrl;
8bac466b
JM		 590 int old_ap_scan;
591
6fc6879b
JM		 592 if (wpa_s->confname == NULL)
593 return -1;
594 conf = wpa_config_read(wpa_s->confname);
595 if (conf == NULL) {
596 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
597 "file '%s' - exiting", wpa_s->confname);
598 return -1;
599 }
600
601 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
602 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
603 os_strcmp(conf->ctrl_interface,
604 wpa_s->conf->ctrl_interface) != 0);
605
606 if (reconf_ctrl && wpa_s->ctrl_iface) {
607 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
608 wpa_s->ctrl_iface = NULL;
609 }
610
611 eapol_sm_invalidate_cached_session(wpa_s->eapol);
8bac466b 612 old_ssid = wpa_s->current_ssid;
6fc6879b 613 wpa_s->current_ssid = NULL;
8bac466b
JM		 614 if (old_ssid != wpa_s->current_ssid)
615 wpas_notify_network_changed(wpa_s);
616
6fc6879b
JM		 617 /*
618 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
619 * pkcs11_engine_path, pkcs11_module_path.
620 */
56586197 621 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 622 /*
623 * Clear forced success to clear EAP state for next
624 * authentication.
625 */
626 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
627 }
628 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
629 wpa_sm_set_config(wpa_s->wpa, NULL);
630 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
631 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 632
633 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 634 wpa_config_free(wpa_s->conf);
635 wpa_s->conf = conf;
8bac466b
JM		 636 if (old_ap_scan != wpa_s->conf->ap_scan)
637 wpas_notify_ap_scan_changed(wpa_s);
638
6fc6879b
JM		 639 if (reconf_ctrl)
640 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
641
642 wpa_supplicant_clear_status(wpa_s);
643 wpa_s->reassociate = 1;
644 wpa_supplicant_req_scan(wpa_s, 0, 0);
645 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
646 return 0;
647}
648
649
650static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
651 void *signal_ctx)
652{
653 struct wpa_global *global = eloop_ctx;
654 struct wpa_supplicant *wpa_s;
655 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
656 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
657 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
658 eloop_terminate();
659 }
660 }
661}
662
663
664static wpa_cipher cipher_suite2driver(int cipher)
665{
666 switch (cipher) {
667 case WPA_CIPHER_NONE:
668 return CIPHER_NONE;
669 case WPA_CIPHER_WEP40:
670 return CIPHER_WEP40;
671 case WPA_CIPHER_WEP104:
672 return CIPHER_WEP104;
673 case WPA_CIPHER_CCMP:
674 return CIPHER_CCMP;
675 case WPA_CIPHER_TKIP:
676 default:
677 return CIPHER_TKIP;
678 }
679}
680
681
682static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
683{
684 switch (key_mgmt) {
685 case WPA_KEY_MGMT_NONE:
686 return KEY_MGMT_NONE;
687 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
688 return KEY_MGMT_802_1X_NO_WPA;
689 case WPA_KEY_MGMT_IEEE8021X:
690 return KEY_MGMT_802_1X;
691 case WPA_KEY_MGMT_WPA_NONE:
692 return KEY_MGMT_WPA_NONE;
693 case WPA_KEY_MGMT_FT_IEEE8021X:
694 return KEY_MGMT_FT_802_1X;
695 case WPA_KEY_MGMT_FT_PSK:
696 return KEY_MGMT_FT_PSK;
56586197
JM		 697 case WPA_KEY_MGMT_IEEE8021X_SHA256:
698 return KEY_MGMT_802_1X_SHA256;
699 case WPA_KEY_MGMT_PSK_SHA256:
700 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 701 case WPA_KEY_MGMT_WPS:
702 return KEY_MGMT_WPS;
6fc6879b
JM		 703 case WPA_KEY_MGMT_PSK:
704 default:
705 return KEY_MGMT_PSK;
706 }
707}
708
709
710static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
711 struct wpa_ssid *ssid,
712 struct wpa_ie_data *ie)
713{
714 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
715 if (ret) {
716 if (ret == -2) {
717 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
718 "from association info");
719 }
720 return -1;
721 }
722
723 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
724 "suites");
725 if (!(ie->group_cipher & ssid->group_cipher)) {
726 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
727 "cipher 0x%x (mask 0x%x) - reject",
728 ie->group_cipher, ssid->group_cipher);
729 return -1;
730 }
731 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
732 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
733 "cipher 0x%x (mask 0x%x) - reject",
734 ie->pairwise_cipher, ssid->pairwise_cipher);
735 return -1;
736 }
737 if (!(ie->key_mgmt & ssid->key_mgmt)) {
738 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
739 "management 0x%x (mask 0x%x) - reject",
740 ie->key_mgmt, ssid->key_mgmt);
741 return -1;
742 }
743
744#ifdef CONFIG_IEEE80211W
0b60b0aa 745 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
6fc6879b
JM		 746 ssid->ieee80211w == IEEE80211W_REQUIRED) {
747 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
748 "that does not support management frame protection - "
749 "reject");
750 return -1;
751 }
752#endif /* CONFIG_IEEE80211W */
753
754 return 0;
755}
756
757
758/**
759 * wpa_supplicant_set_suites - Set authentication and encryption parameters
760 * @wpa_s: Pointer to wpa_supplicant data
761 * @bss: Scan results for the selected BSS, or %NULL if not available
762 * @ssid: Configuration data for the selected network
763 * @wpa_ie: Buffer for the WPA/RSN IE
764 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
765 * used buffer length in case the functions returns success.
766 * Returns: 0 on success or -1 on failure
767 *
768 * This function is used to configure authentication and encryption parameters
769 * based on the network configuration and scan result for the selected BSS (if
770 * available).
771 */
772int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
773 struct wpa_scan_res *bss,
774 struct wpa_ssid *ssid,
775 u8 *wpa_ie, size_t *wpa_ie_len)
776{
777 struct wpa_ie_data ie;
778 int sel, proto;
779 const u8 *bss_wpa, *bss_rsn;
780
781 if (bss) {
782 bss_wpa = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
783 bss_rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
784 } else
785 bss_wpa = bss_rsn = NULL;
786
787 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
788 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
789 (ie.group_cipher & ssid->group_cipher) &&
790 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
791 (ie.key_mgmt & ssid->key_mgmt)) {
792 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
793 proto = WPA_PROTO_RSN;
794 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
795 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
796 (ie.group_cipher & ssid->group_cipher) &&
797 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
798 (ie.key_mgmt & ssid->key_mgmt)) {
799 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
800 proto = WPA_PROTO_WPA;
801 } else if (bss) {
802 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
803 return -1;
804 } else {
805 if (ssid->proto & WPA_PROTO_RSN)
806 proto = WPA_PROTO_RSN;
807 else
808 proto = WPA_PROTO_WPA;
809 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
810 os_memset(&ie, 0, sizeof(ie));
811 ie.group_cipher = ssid->group_cipher;
812 ie.pairwise_cipher = ssid->pairwise_cipher;
813 ie.key_mgmt = ssid->key_mgmt;
814#ifdef CONFIG_IEEE80211W
815 ie.mgmt_group_cipher =
816 ssid->ieee80211w != NO_IEEE80211W ?
817 WPA_CIPHER_AES_128_CMAC : 0;
818#endif /* CONFIG_IEEE80211W */
819 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
820 "on configuration");
821 } else
822 proto = ie.proto;
823 }
824
825 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
826 "pairwise %d key_mgmt %d proto %d",
827 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
828#ifdef CONFIG_IEEE80211W
829 if (ssid->ieee80211w) {
830 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
831 ie.mgmt_group_cipher);
832 }
833#endif /* CONFIG_IEEE80211W */
834
835 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
836 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
837 !!(ssid->proto & WPA_PROTO_RSN));
838
839 if (bss || !wpa_s->ap_ies_from_associnfo) {
840 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
841 bss_wpa ? 2 + bss_wpa[1] : 0) ||
842 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
843 bss_rsn ? 2 + bss_rsn[1] : 0))
844 return -1;
845 }
846
847 sel = ie.group_cipher & ssid->group_cipher;
848 if (sel & WPA_CIPHER_CCMP) {
849 wpa_s->group_cipher = WPA_CIPHER_CCMP;
850 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
851 } else if (sel & WPA_CIPHER_TKIP) {
852 wpa_s->group_cipher = WPA_CIPHER_TKIP;
853 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
854 } else if (sel & WPA_CIPHER_WEP104) {
855 wpa_s->group_cipher = WPA_CIPHER_WEP104;
856 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
857 } else if (sel & WPA_CIPHER_WEP40) {
858 wpa_s->group_cipher = WPA_CIPHER_WEP40;
859 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
860 } else {
861 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
862 return -1;
863 }
864
865 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
866 if (sel & WPA_CIPHER_CCMP) {
867 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
868 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
869 } else if (sel & WPA_CIPHER_TKIP) {
870 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
871 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
872 } else if (sel & WPA_CIPHER_NONE) {
873 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
874 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
875 } else {
876 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
877 "cipher.");
878 return -1;
879 }
880
881 sel = ie.key_mgmt & ssid->key_mgmt;
882 if (0) {
883#ifdef CONFIG_IEEE80211R
884 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
885 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
886 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
887 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
888 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
889 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
890#endif /* CONFIG_IEEE80211R */
56586197
JM		 891#ifdef CONFIG_IEEE80211W
892 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
893 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
894 wpa_msg(wpa_s, MSG_DEBUG,
895 "WPA: using KEY_MGMT 802.1X with SHA256");
896 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
897 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
898 wpa_msg(wpa_s, MSG_DEBUG,
899 "WPA: using KEY_MGMT PSK with SHA256");
900#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 901 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
902 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
903 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
904 } else if (sel & WPA_KEY_MGMT_PSK) {
905 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
906 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
907 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
908 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
909 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
910 } else {
911 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
912 "key management type.");
913 return -1;
914 }
915
916 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
917 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
918 wpa_s->pairwise_cipher);
919 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
920
921#ifdef CONFIG_IEEE80211W
922 sel = ie.mgmt_group_cipher;
923 if (ssid->ieee80211w == NO_IEEE80211W ||
0b60b0aa 924 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 925 sel = 0;
926 if (sel & WPA_CIPHER_AES_128_CMAC) {
927 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
928 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
929 "AES-128-CMAC");
930 } else {
931 wpa_s->mgmt_group_cipher = 0;
932 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
933 }
934 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
935 wpa_s->mgmt_group_cipher);
936#endif /* CONFIG_IEEE80211W */
937
938 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
939 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
940 return -1;
941 }
942
56586197
JM		 943 if (ssid->key_mgmt &
944 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
6fc6879b
JM		 945 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
946 else
947 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
948
949 return 0;
950}
951
952
953/**
954 * wpa_supplicant_associate - Request association
955 * @wpa_s: Pointer to wpa_supplicant data
956 * @bss: Scan results for the selected BSS, or %NULL if not available
957 * @ssid: Configuration data for the selected network
958 *
959 * This function is used to request %wpa_supplicant to associate with a BSS.
960 */
961void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
962 struct wpa_scan_res *bss, struct wpa_ssid *ssid)
963{
964 u8 wpa_ie[80];
965 size_t wpa_ie_len;
8bac466b 966 int use_crypt, ret, i, bssid_changed;
6fc6879b
JM		 967 int algs = AUTH_ALG_OPEN_SYSTEM;
968 wpa_cipher cipher_pairwise, cipher_group;
969 struct wpa_driver_associate_params params;
970 int wep_keys_set = 0;
971 struct wpa_driver_capa capa;
972 int assoc_failed = 0;
8bac466b 973 struct wpa_ssid *old_ssid;
6fc6879b 974
1581b38b
JM		 975 if (ssid->mode == 2) {
976#ifdef CONFIG_AP
977 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
978 wpa_printf(MSG_INFO, "Driver does not support AP "
979 "mode");
980 return;
981 }
982 wpa_supplicant_create_ap(wpa_s, ssid);
983#else /* CONFIG_AP */
984 wpa_printf(MSG_ERROR, "AP mode support not included in the "
985 "build");
986#endif /* CONFIG_AP */
987 return;
988 }
989
c2a04078
JM		 990 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) {
991 sme_authenticate(wpa_s, bss, ssid);
992 return;
993 }
994
6fc6879b
JM		 995 wpa_s->reassociate = 0;
996 if (bss) {
997#ifdef CONFIG_IEEE80211R
998 const u8 *md = NULL;
999#endif /* CONFIG_IEEE80211R */
1000 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
1001 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1002 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1003 ie ? wpa_ssid_txt(ie + 2, ie[1]) : "", bss->freq);
8bac466b 1004 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1005 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1006 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1007 if (bssid_changed)
1008 wpas_notify_bssid_changed(wpa_s);
6fc6879b
JM		 1009#ifdef CONFIG_IEEE80211R
1010 ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1011 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1012 md = ie + 2;
1013 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
91a05482
JM		 1014 if (md) {
1015 /* Prepare for the next transition */
1016 wpa_ft_prepare_auth_request(wpa_s->wpa);
1017 }
6fc6879b 1018#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1019#ifdef CONFIG_WPS
1020 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1021 wpa_s->conf->ap_scan == 2 &&
1022 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1023 /* Use ap_scan==1 style network selection to find the network
1024 */
1025 wpa_s->scan_req = 2;
1026 wpa_s->reassociate = 1;
1027 wpa_supplicant_req_scan(wpa_s, 0, 0);
1028 return;
1029#endif /* CONFIG_WPS */
6fc6879b
JM		 1030 } else {
1031 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1032 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1033 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1034 }
1035 wpa_supplicant_cancel_scan(wpa_s);
1036
1037 /* Starting new association, so clear the possibly used WPA IE from the
1038 * previous association. */
1039 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1040
ec5f180a
DW		 1041 if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
1042 wpa_printf(MSG_WARNING, "Failed to set operating mode");
1043 assoc_failed = 1;
1044 }
1045
6fc6879b
JM		 1046#ifdef IEEE8021X_EAPOL
1047 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1048 if (ssid->leap) {
1049 if (ssid->non_leap == 0)
1050 algs = AUTH_ALG_LEAP;
1051 else
1052 algs |= AUTH_ALG_LEAP;
1053 }
1054 }
1055#endif /* IEEE8021X_EAPOL */
1056 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1057 if (ssid->auth_alg) {
1058 algs = 0;
1059 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
1060 algs |= AUTH_ALG_OPEN_SYSTEM;
1061 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
1062 algs |= AUTH_ALG_SHARED_KEY;
1063 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
1064 algs |= AUTH_ALG_LEAP;
1065 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1066 algs);
1067 }
1068 wpa_drv_set_auth_alg(wpa_s, algs);
1069
1070 if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1071 wpa_scan_get_ie(bss, WLAN_EID_RSN)) &&
1072 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1073 WPA_KEY_MGMT_FT_IEEE8021X |
56586197
JM		 1074 WPA_KEY_MGMT_FT_PSK |
1075 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1076 WPA_KEY_MGMT_PSK_SHA256))) {
6fc6879b
JM		 1077 int try_opportunistic;
1078 try_opportunistic = ssid->proactive_key_caching &&
1079 (ssid->proto & WPA_PROTO_RSN);
1080 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1081 wpa_s->current_ssid,
1082 try_opportunistic) == 0)
1083 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1084 wpa_ie_len = sizeof(wpa_ie);
1085 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1086 wpa_ie, &wpa_ie_len)) {
1087 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1088 "management and encryption suites");
1089 return;
1090 }
1091 } else if (ssid->key_mgmt &
1092 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1093 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
56586197
JM		 1094 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1095 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
6fc6879b
JM		 1096 wpa_ie_len = sizeof(wpa_ie);
1097 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1098 wpa_ie, &wpa_ie_len)) {
1099 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1100 "management and encryption suites (no scan "
1101 "results)");
1102 return;
1103 }
ad08c363
JM		 1104#ifdef CONFIG_WPS
1105 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1106 struct wpabuf *wps_ie;
1107 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1108 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1109 wpa_ie_len = wpabuf_len(wps_ie);
1110 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1111 } else
1112 wpa_ie_len = 0;
ad08c363
JM		 1113 wpabuf_free(wps_ie);
1114 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1115#endif /* CONFIG_WPS */
6fc6879b
JM		 1116 } else {
1117 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1118 wpa_ie_len = 0;
1119 }
1120
1121 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1122 use_crypt = 1;
1123 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1124 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1125 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1126 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1127 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1128 use_crypt = 0;
1129 if (wpa_set_wep_keys(wpa_s, ssid)) {
1130 use_crypt = 1;
1131 wep_keys_set = 1;
1132 }
1133 }
ad08c363
JM		 1134 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1135 use_crypt = 0;
6fc6879b
JM		 1136
1137#ifdef IEEE8021X_EAPOL
1138 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1139 if ((ssid->eapol_flags &
1140 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1141 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1142 !wep_keys_set) {
1143 use_crypt = 0;
1144 } else {
1145 /* Assume that dynamic WEP-104 keys will be used and
1146 * set cipher suites in order for drivers to expect
1147 * encryption. */
1148 cipher_pairwise = cipher_group = CIPHER_WEP104;
1149 }
1150 }
1151#endif /* IEEE8021X_EAPOL */
1152
1153 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1154 /* Set the key before (and later after) association */
1155 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1156 }
1157
1158 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
1159 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1160 os_memset(&params, 0, sizeof(params));
1161 if (bss) {
1162 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
1163 params.bssid = bss->bssid;
1164 params.ssid = ie ? ie + 2 : (u8 *) "";
1165 params.ssid_len = ie ? ie[1] : 0;
1166 params.freq = bss->freq;
1167 } else {
1168 params.ssid = ssid->ssid;
1169 params.ssid_len = ssid->ssid_len;
1170 }
1171 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0)
1172 params.freq = ssid->frequency; /* Initial channel for IBSS */
1173 params.wpa_ie = wpa_ie;
1174 params.wpa_ie_len = wpa_ie_len;
1175 params.pairwise_suite = cipher_pairwise;
1176 params.group_suite = cipher_group;
1177 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1178 params.auth_alg = algs;
1179 params.mode = ssid->mode;
1180 for (i = 0; i < NUM_WEP_KEYS; i++) {
1181 if (ssid->wep_key_len[i])
1182 params.wep_key[i] = ssid->wep_key[i];
1183 params.wep_key_len[i] = ssid->wep_key_len[i];
1184 }
1185 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1186
c2a04078 1187 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1188 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1189 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1190 params.passphrase = ssid->passphrase;
1191 if (ssid->psk_set)
1192 params.psk = ssid->psk;
1193 }
1194
36b15723
JM		 1195 params.drop_unencrypted = use_crypt;
1196
6fc6879b
JM		 1197#ifdef CONFIG_IEEE80211W
1198 switch (ssid->ieee80211w) {
1199 case NO_IEEE80211W:
1200 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
1201 break;
1202 case IEEE80211W_OPTIONAL:
1203 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
1204 break;
1205 case IEEE80211W_REQUIRED:
1206 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
1207 break;
1208 }
97d3497e
JM		 1209 if (ssid->ieee80211w != NO_IEEE80211W && bss) {
1210 const u8 *rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
1211 struct wpa_ie_data ie;
1212 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1213 ie.capabilities &
1214 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1215 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1216 "require MFP");
1217 params.mgmt_frame_protection =
1218 MGMT_FRAME_PROTECTION_REQUIRED;
1219 }
1220 }
6fc6879b
JM		 1221#endif /* CONFIG_IEEE80211W */
1222
c2a04078 1223 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1224 ret = ieee80211_sta_associate(wpa_s, &params);
1225 else
1226 ret = wpa_drv_associate(wpa_s, &params);
1227 if (ret < 0) {
1228 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1229 "failed");
1230 /* try to continue anyway; new association will be tried again
1231 * after timeout */
1232 assoc_failed = 1;
1233 }
1234
1235 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1236 /* Set the key after the association just in case association
1237 * cleared the previously configured key. */
1238 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1239 /* No need to timeout authentication since there is no key
1240 * management. */
1241 wpa_supplicant_cancel_auth_timeout(wpa_s);
1242 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b
JM		 1243#ifdef CONFIG_IBSS_RSN
1244 } else if (ssid->mode == IEEE80211_MODE_IBSS &&
1245 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1246 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
b9a2e577 1247 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
53895c3b
JM		 1248 /*
1249 * RSN IBSS authentication is per-STA and we can disable the
1250 * per-BSSID authentication.
1251 */
1252 wpa_supplicant_cancel_auth_timeout(wpa_s);
1253 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1254#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1255 } else {
1256 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1257 int timeout = 60;
1258
1259 if (assoc_failed) {
1260 /* give IBSS a bit more time */
1261 timeout = ssid->mode ? 10 : 5;
1262 } else if (wpa_s->conf->ap_scan == 1) {
1263 /* give IBSS a bit more time */
1264 timeout = ssid->mode ? 20 : 10;
1265 }
6fc6879b
JM		 1266 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1267 }
1268
1269 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1270 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1271 /* Set static WEP keys again */
1272 wpa_set_wep_keys(wpa_s, ssid);
1273 }
1274
1275 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1276 /*
1277 * Do not allow EAP session resumption between different
1278 * network configurations.
1279 */
1280 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1281 }
8bac466b 1282 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 1283 wpa_s->current_ssid = ssid;
1284 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1285 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1286 if (old_ssid != wpa_s->current_ssid)
1287 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1288}
1289
1290
1291/**
1292 * wpa_supplicant_disassociate - Disassociate the current connection
1293 * @wpa_s: Pointer to wpa_supplicant data
1294 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1295 *
1296 * This function is used to request %wpa_supplicant to disassociate with the
1297 * current AP.
1298 */
1299void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1300 int reason_code)
1301{
8bac466b 1302 struct wpa_ssid *old_ssid;
6fc6879b 1303 u8 *addr = NULL;
8bac466b 1304
a8e16edc 1305 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1306 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1307 ieee80211_sta_disassociate(wpa_s, reason_code);
1308 else
1309 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1310 addr = wpa_s->bssid;
1311 }
1312 wpa_clear_keys(wpa_s, addr);
1313 wpa_supplicant_mark_disassoc(wpa_s);
8bac466b 1314 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 1315 wpa_s->current_ssid = NULL;
1316 wpa_sm_set_config(wpa_s->wpa, NULL);
1317 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
8bac466b
JM		 1318 if (old_ssid != wpa_s->current_ssid)
1319 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1320}
1321
1322
1323/**
1324 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1325 * @wpa_s: Pointer to wpa_supplicant data
1326 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1327 *
073ab58f 1328 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1329 * current AP.
1330 */
1331void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1332 int reason_code)
1333{
8bac466b 1334 struct wpa_ssid *old_ssid;
6fc6879b 1335 u8 *addr = NULL;
8bac466b 1336
a8e16edc 1337 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1338 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1339 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1340 else
1341 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1342 reason_code);
1343 addr = wpa_s->bssid;
1344 }
1345 wpa_clear_keys(wpa_s, addr);
c3dc92e8 1346 wpa_supplicant_mark_disassoc(wpa_s);
8bac466b 1347 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 1348 wpa_s->current_ssid = NULL;
1349 wpa_sm_set_config(wpa_s->wpa, NULL);
1350 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
8bac466b
JM		 1351 if (old_ssid != wpa_s->current_ssid)
1352 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1353}
1354
1355
86b89452
WS		 1356/**
1357 * wpa_supplicant_enable_network - Mark a configured network as enabled
1358 * @wpa_s: wpa_supplicant structure for a network interface
1359 * @ssid: wpa_ssid structure for a configured network or %NULL
1360 *
1361 * Enables the specified network or all networks if no network specified.
1362 */
1363void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1364 struct wpa_ssid *ssid)
1365{
1366 struct wpa_ssid *other_ssid;
1367 int was_disabled;
1368
1369 if (ssid == NULL) {
1370 other_ssid = wpa_s->conf->ssid;
1371 while (other_ssid) {
1372 if (other_ssid == wpa_s->current_ssid &&
1373 other_ssid->disabled)
1374 wpa_s->reassociate = 1;
1375
1376 was_disabled = other_ssid->disabled;
1377
1378 other_ssid->disabled = 0;
1379
1380 if (was_disabled != other_ssid->disabled)
1381 wpas_notify_network_enabled_changed(
1382 wpa_s, other_ssid);
1383
1384 other_ssid = other_ssid->next;
1385 }
1386 if (wpa_s->reassociate)
1387 wpa_supplicant_req_scan(wpa_s, 0, 0);
1388 } else if (wpa_s->current_ssid == NULL && ssid->disabled) {
1389 /*
1390 * Try to reassociate since there is no current configuration
1391 * and a new network was made available.
1392 */
1393 wpa_s->reassociate = 1;
1394 wpa_supplicant_req_scan(wpa_s, 0, 0);
1395
1396 was_disabled = ssid->disabled;
1397
1398 ssid->disabled = 0;
1399
1400 if (was_disabled != ssid->disabled)
1401 wpas_notify_network_enabled_changed(wpa_s, ssid);
1402 }
1403}
1404
1405
1406/**
1407 * wpa_supplicant_disable_network - Mark a configured network as disabled
1408 * @wpa_s: wpa_supplicant structure for a network interface
1409 * @ssid: wpa_ssid structure for a configured network or %NULL
1410 *
1411 * Disables the specified network or all networks if no network specified.
1412 */
1413void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1414 struct wpa_ssid *ssid)
1415{
1416 struct wpa_ssid *other_ssid;
1417 int was_disabled;
1418
1419 if (ssid == NULL) {
1420 other_ssid = wpa_s->conf->ssid;
1421 while (other_ssid) {
1422 was_disabled = other_ssid->disabled;
1423
1424 other_ssid->disabled = 1;
1425
1426 if (was_disabled != other_ssid->disabled)
1427 wpas_notify_network_enabled_changed(
1428 wpa_s, other_ssid);
1429
1430 other_ssid = other_ssid->next;
1431 }
1432 if (wpa_s->current_ssid)
1433 wpa_supplicant_disassociate(
1434 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1435 } else {
1436 if (ssid == wpa_s->current_ssid)
1437 wpa_supplicant_disassociate(
1438 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1439
1440 was_disabled = ssid->disabled;
1441
1442 ssid->disabled = 1;
1443
1444 if (was_disabled != ssid->disabled)
1445 wpas_notify_network_enabled_changed(wpa_s, ssid);
1446 }
1447}
1448
1449
1450/**
1451 * wpa_supplicant_select_network - Attempt association with a network
1452 * @wpa_s: wpa_supplicant structure for a network interface
1453 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1454 */
1455void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1456 struct wpa_ssid *ssid)
1457{
1458
1459 struct wpa_ssid *other_ssid;
1460
1461 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1462 wpa_supplicant_disassociate(
1463 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1464
1465 /*
1466 * Mark all other networks disabled or mark all networks enabled if no
1467 * network specified.
1468 */
1469 other_ssid = wpa_s->conf->ssid;
1470 while (other_ssid) {
1471 int was_disabled = other_ssid->disabled;
1472
1473 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1474
1475 if (was_disabled != other_ssid->disabled)
1476 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1477
1478 other_ssid = other_ssid->next;
1479 }
1480 wpa_s->disconnected = 0;
1481 wpa_s->reassociate = 1;
1482 wpa_supplicant_req_scan(wpa_s, 0, 0);
1483
1484 wpas_notify_network_selected(wpa_s, ssid);
1485}
1486
1487
1488/**
1489 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1490 * @wpa_s: wpa_supplicant structure for a network interface
1491 * @ap_scan: AP scan mode
1492 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1493 *
1494 */
1495int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1496{
1497
1498 int old_ap_scan;
1499
1500 if (ap_scan < 0 || ap_scan > 2)
1501 return -1;
1502
1503 old_ap_scan = wpa_s->conf->ap_scan;
1504 wpa_s->conf->ap_scan = ap_scan;
1505
1506 if (old_ap_scan != wpa_s->conf->ap_scan)
1507 wpas_notify_ap_scan_changed(wpa_s);
1508
1509 return 0;
1510}
1511
1512
1513/**
1514 * wpa_supplicant_set_debug_params - Set global debug params
1515 * @global: wpa_global structure
1516 * @debug_level: debug level
1517 * @debug_timestamp: determines if show timestamp in debug data
1518 * @debug_show_keys: determines if show keys in debug data
1519 * Returns: 0 if succeed or -1 if debug_level has wrong value
1520 */
1521int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1522 int debug_timestamp, int debug_show_keys)
1523{
1524
1525 int old_level, old_timestamp, old_show_keys;
1526
1527 /* check for allowed debuglevels */
1528 if (debug_level != MSG_MSGDUMP &&
1529 debug_level != MSG_DEBUG &&
1530 debug_level != MSG_INFO &&
1531 debug_level != MSG_WARNING &&
1532 debug_level != MSG_ERROR)
1533 return -1;
1534
1535 old_level = wpa_debug_level;
1536 old_timestamp = wpa_debug_timestamp;
1537 old_show_keys = wpa_debug_show_keys;
1538
1539 wpa_debug_level = debug_level;
1540 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1541 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1542
1543 if (wpa_debug_level != old_level ||
1544 wpa_debug_timestamp != old_timestamp ||
1545 wpa_debug_show_keys != old_show_keys)
1546 wpas_notify_debug_params_changed(global);
1547
1548 return 0;
1549}
1550
1551
3e53b314
WS		 1552static struct wpa_scan_results * wpa_supplicant_get_scan_results_old(
1553 struct wpa_supplicant *wpa_s)
6fc6879b
JM		 1554{
1555#define SCAN_AP_LIMIT 128
1556 struct wpa_scan_result *results;
1557 int num, i;
1558 struct wpa_scan_results *res;
1559
1560 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
1561 if (results == NULL) {
1562 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
1563 "results");
3e53b314 1564 return NULL;
6fc6879b
JM		 1565 }
1566
1567 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
1568 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
1569 if (num < 0) {
1570 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1571 os_free(results);
3e53b314 1572 return NULL;
6fc6879b
JM		 1573 }
1574 if (num > SCAN_AP_LIMIT) {
1575 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
1576 num, SCAN_AP_LIMIT);
1577 num = SCAN_AP_LIMIT;
1578 }
1579
6fc6879b
JM		 1580 /* Convert old scan result data structure to the new one */
1581 res = os_zalloc(sizeof(*res));
1582 if (res == NULL) {
1583 os_free(results);
3e53b314 1584 return NULL;
6fc6879b
JM		 1585 }
1586 res->res = os_zalloc(num * sizeof(struct wpa_scan_res *));
1587 if (res->res == NULL) {
1588 os_free(results);
1589 os_free(res);
3e53b314 1590 return NULL;
6fc6879b
JM		 1591 }
1592
1593 for (i = 0; i < num; i++) {
1594 struct wpa_scan_result *bss = &results[i];
1595 struct wpa_scan_res *r;
1596 size_t ie_len;
1597 u8 *pos;
1598
1599 ie_len = 2 + bss->ssid_len + bss->rsn_ie_len + bss->wpa_ie_len;
1600 if (bss->maxrate)
1601 ie_len += 3;
1602 if (bss->mdie_present)
1603 ie_len += 5;
1604
1605 r = os_zalloc(sizeof(*r) + ie_len);
1606 if (r == NULL)
1607 break;
1608
1609 os_memcpy(r->bssid, bss->bssid, ETH_ALEN);
1610 r->freq = bss->freq;
1611 r->caps = bss->caps;
1612 r->qual = bss->qual;
1613 r->noise = bss->noise;
1614 r->level = bss->level;
1615 r->tsf = bss->tsf;
1616 r->ie_len = ie_len;
1617
1618 pos = (u8 *) (r + 1);
1619
1620 /* SSID IE */
1621 *pos++ = WLAN_EID_SSID;
1622 *pos++ = bss->ssid_len;
1623 os_memcpy(pos, bss->ssid, bss->ssid_len);
1624 pos += bss->ssid_len;
1625
1626 if (bss->maxrate) {
1627 /* Fake Supported Rate IE to include max rate */
1628 *pos++ = WLAN_EID_SUPP_RATES;
1629 *pos++ = 1;
1630 *pos++ = bss->maxrate;
1631 }
1632
1633 if (bss->rsn_ie_len) {
1634 os_memcpy(pos, bss->rsn_ie, bss->rsn_ie_len);
1635 pos += bss->rsn_ie_len;
1636 }
1637
1638 if (bss->mdie_present) {
1639 os_memcpy(pos, bss->mdie, 5);
1640 pos += 5;
1641 }
1642
1643 if (bss->wpa_ie_len) {
1644 os_memcpy(pos, bss->wpa_ie, bss->wpa_ie_len);
1645 pos += bss->wpa_ie_len;
1646 }
1647
1648 res->res[res->num++] = r;
1649 }
1650
1651 os_free(results);
6fc6879b 1652
3e53b314 1653 return res;
6fc6879b
JM		 1654}
1655
1656
1657/**
1658 * wpa_supplicant_get_scan_results - Get scan results
1659 * @wpa_s: Pointer to wpa_supplicant data
1660 * Returns: 0 on success, -1 on failure
1661 *
1662 * This function is request the current scan results from the driver and stores
1663 * a local copy of the results in wpa_s->scan_res.
1664 */
1665int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
1666{
1667 int ret;
1668
3e53b314
WS		 1669 wpa_scan_results_free(wpa_s->scan_res);
1670 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b 1671 wpa_s->scan_res = ieee80211_sta_get_scan_results(wpa_s);
3e53b314
WS		 1672 else if (wpa_s->driver->get_scan_results2 == NULL)
1673 wpa_s->scan_res = wpa_supplicant_get_scan_results_old(wpa_s);
1674 else
6fc6879b 1675 wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
3e53b314
WS		 1676 if (wpa_s->scan_res == NULL) {
1677 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1678 ret = -1;
1679 } else {
1680 ret = 0;
6fc6879b 1681 wpa_scan_sort_results(wpa_s->scan_res);
3e53b314 1682 }
6fc6879b
JM		 1683
1684 return ret;
1685}
1686
1687
1688/**
1689 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1690 * @wpa_s: Pointer to wpa_supplicant data
1691 * Returns: A pointer to the current network structure or %NULL on failure
1692 */
1693struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1694{
1695 struct wpa_ssid *entry;
1696 u8 ssid[MAX_SSID_LEN];
1697 int res;
1698 size_t ssid_len;
1699 u8 bssid[ETH_ALEN];
1700 int wired;
1701
c2a04078 1702 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 1703 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1704 wpa_printf(MSG_WARNING, "Could not read SSID from "
1705 "MLME.");
1706 return NULL;
1707 }
1708 } else {
1709 res = wpa_drv_get_ssid(wpa_s, ssid);
1710 if (res < 0) {
1711 wpa_printf(MSG_WARNING, "Could not read SSID from "
1712 "driver.");
1713 return NULL;
1714 }
1715 ssid_len = res;
1716 }
1717
c2a04078 1718 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1719 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1720 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1721 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1722 return NULL;
1723 }
1724
c2a04078
JM		 1725 wired = wpa_s->conf->ap_scan == 0 &&
1726 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 1727
1728 entry = wpa_s->conf->ssid;
1729 while (entry) {
1730 if (!entry->disabled &&
1731 ((ssid_len == entry->ssid_len &&
1732 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1733 (!entry->bssid_set ||
1734 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1735 return entry;
24c23d1b
JM		 1736#ifdef CONFIG_WPS
1737 if (!entry->disabled &&
1738 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1739 (entry->ssid == NULL || entry->ssid_len == 0) &&
1740 (!entry->bssid_set ||
1741 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1742 return entry;
1743#endif /* CONFIG_WPS */
6fc6879b
JM		 1744 entry = entry->next;
1745 }
1746
1747 return NULL;
1748}
1749
1750
1751static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1752 const char *name)
1753{
1754 int i;
362f781e
JM		 1755 size_t len;
1756 const char *pos;
6fc6879b
JM		 1757
1758 if (wpa_s == NULL)
1759 return -1;
1760
c5121837 1761 if (wpa_drivers[0] == NULL) {
6fc6879b
JM		 1762 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1763 "wpa_supplicant.");
1764 return -1;
1765 }
1766
1767 if (name == NULL) {
1768 /* default to first driver in the list */
c5121837 1769 wpa_s->driver = wpa_drivers[0];
6fc6879b
JM		 1770 return 0;
1771 }
1772
362f781e
JM		 1773 pos = os_strchr(name, ',');
1774 if (pos)
1775 len = pos - name;
1776 else
1777 len = os_strlen(name);
c5121837
JM		 1778 for (i = 0; wpa_drivers[i]; i++) {
1779 if (os_strlen(wpa_drivers[i]->name) == len &&
1780 os_strncmp(name, wpa_drivers[i]->name, len) ==
362f781e 1781 0) {
c5121837 1782 wpa_s->driver = wpa_drivers[i];
6fc6879b
JM		 1783 return 0;
1784 }
1785 }
1786
362f781e 1787 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.", name);
6fc6879b
JM		 1788 return -1;
1789}
1790
1791
1792void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1793 const u8 *buf, size_t len)
1794{
1795 struct wpa_supplicant *wpa_s = ctx;
1796
1797 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1798 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1799
1ff73338
JM		 1800 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1801 /*
1802 * There is possible race condition between receiving the
1803 * association event and the EAPOL frame since they are coming
1804 * through different paths from the driver. In order to avoid
1805 * issues in trying to process the EAPOL frame before receiving
1806 * association information, lets queue it for processing until
1807 * the association event is received.
1808 */
1809 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of "
1810 "received EAPOL frame");
1811 wpabuf_free(wpa_s->pending_eapol_rx);
1812 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1813 if (wpa_s->pending_eapol_rx) {
1814 os_get_time(&wpa_s->pending_eapol_rx_time);
1815 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1816 ETH_ALEN);
1817 }
1818 return;
1819 }
1820
db149ac9
JM		 1821#ifdef CONFIG_AP
1822 if (wpa_s->ap_iface) {
1823 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1824 return;
1825 }
1826#endif /* CONFIG_AP */
1827
6fc6879b
JM		 1828 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1829 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1830 "no key management is configured");
1831 return;
1832 }
1833
1834 if (wpa_s->eapol_received == 0 &&
c2a04078 1835 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 1836 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
6fc6879b
JM		 1837 wpa_s->wpa_state != WPA_COMPLETED)) {
1838 /* Timeout for completing IEEE 802.1X and WPA authentication */
1839 wpa_supplicant_req_auth_timeout(
1840 wpa_s,
56586197 1841 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 1842 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1843 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 1844 70 : 10, 0);
1845 }
1846 wpa_s->eapol_received++;
1847
1848 if (wpa_s->countermeasures) {
1849 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1850 "packet");
1851 return;
1852 }
1853
8be18440
JM		 1854#ifdef CONFIG_IBSS_RSN
1855 if (wpa_s->current_ssid &&
1856 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS) {
1857 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1858 return;
1859 }
1860#endif /* CONFIG_IBSS_RSN */
1861
6fc6879b
JM		 1862 /* Source address of the incoming EAPOL frame could be compared to the
1863 * current BSSID. However, it is possible that a centralized
1864 * Authenticator could be using another MAC address than the BSSID of
1865 * an AP, so just allow any address to be used for now. The replies are
1866 * still sent to the current BSSID (if available), though. */
1867
1868 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 1869 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 1870 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1871 return;
1872 wpa_drv_poll(wpa_s);
c2a04078 1873 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 1874 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 1875 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 1876 /*
1877 * Set portValid = TRUE here since we are going to skip 4-way
1878 * handshake processing which would normally set portValid. We
1879 * need this to allow the EAPOL state machines to be completed
1880 * without going through EAPOL-Key handshake.
1881 */
1882 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1883 }
1884}
1885
1886
6fc6879b
JM		 1887void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len,
1888 struct ieee80211_rx_status *rx_status)
1889{
1890 struct wpa_supplicant *wpa_s = ctx;
1891 ieee80211_sta_rx(wpa_s, buf, len, rx_status);
1892}
1893
1894
1895/**
1896 * wpa_supplicant_driver_init - Initialize driver interface parameters
1897 * @wpa_s: Pointer to wpa_supplicant data
1898 * Returns: 0 on success, -1 on failure
1899 *
1900 * This function is called to initialize driver interface parameters.
1901 * wpa_drv_init() must have been called before this function to initialize the
1902 * driver interface.
1903 */
1904int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1905{
1906 static int interface_count = 0;
1907
1908 if (wpa_s->driver->send_eapol) {
1909 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1910 if (addr)
1911 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1912 } else {
1913 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1914 wpa_drv_get_mac_addr(wpa_s),
1915 ETH_P_EAPOL,
1916 wpa_supplicant_rx_eapol, wpa_s, 0);
1917 if (wpa_s->l2 == NULL)
1918 return -1;
1919 }
1920
1921 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1922 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1923 return -1;
1924 }
1925
1926 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1927 MAC2STR(wpa_s->own_addr));
1928
1929 if (wpa_s->bridge_ifname[0]) {
1930 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1931 " '%s'", wpa_s->bridge_ifname);
1932 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1933 wpa_s->own_addr,
1934 ETH_P_EAPOL,
1935 wpa_supplicant_rx_eapol, wpa_s,
1936 0);
1937 if (wpa_s->l2_br == NULL) {
1938 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1939 "connection for the bridge interface '%s'",
1940 wpa_s->bridge_ifname);
1941 return -1;
1942 }
1943 }
1944
1945 /* Backwards compatibility call to set_wpa() handler. This is called
1946 * only just after init and just before deinit, so these handler can be
1947 * used to implement same functionality. */
1948 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
1949 struct wpa_driver_capa capa;
1950 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
1951 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1952 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
1953 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
1954 /* Continue to allow non-WPA modes to be used. */
1955 } else {
1956 wpa_printf(MSG_ERROR, "Failed to enable WPA in the "
1957 "driver.");
1958 return -1;
1959 }
1960 }
1961
1962 wpa_clear_keys(wpa_s, NULL);
1963
1964 /* Make sure that TKIP countermeasures are not left enabled (could
1965 * happen if wpa_supplicant is killed during countermeasures. */
1966 wpa_drv_set_countermeasures(wpa_s, 0);
1967
1968 wpa_drv_set_drop_unencrypted(wpa_s, 1);
1969
1970 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1971 wpa_drv_flush_pmkid(wpa_s);
1972
ba2a573c 1973 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
6fc6879b
JM		 1974 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1975 interface_count++;
1976
1977 return 0;
1978}
1979
1980
1981static int wpa_supplicant_daemon(const char *pid_file)
1982{
1983 wpa_printf(MSG_DEBUG, "Daemonize..");
1984 return os_daemonize(pid_file);
1985}
1986
1987
1988static struct wpa_supplicant * wpa_supplicant_alloc(void)
1989{
1990 struct wpa_supplicant *wpa_s;
1991
1992 wpa_s = os_zalloc(sizeof(*wpa_s));
1993 if (wpa_s == NULL)
1994 return NULL;
1995 wpa_s->scan_req = 1;
1996
1997 return wpa_s;
1998}
1999
2000
2001static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2002 struct wpa_interface *iface)
2003{
362f781e
JM		 2004 const char *ifname, *driver;
2005 struct wpa_driver_capa capa;
2006
6fc6879b
JM		 2007 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2008 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2009 iface->confname ? iface->confname : "N/A",
2010 iface->driver ? iface->driver : "default",
2011 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2012 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2013
6fc6879b
JM		 2014 if (iface->confname) {
2015#ifdef CONFIG_BACKEND_FILE
2016 wpa_s->confname = os_rel2abs_path(iface->confname);
2017 if (wpa_s->confname == NULL) {
2018 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2019 "for configuration file '%s'.",
2020 iface->confname);
2021 return -1;
2022 }
2023 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2024 iface->confname, wpa_s->confname);
2025#else /* CONFIG_BACKEND_FILE */
2026 wpa_s->confname = os_strdup(iface->confname);
2027#endif /* CONFIG_BACKEND_FILE */
2028 wpa_s->conf = wpa_config_read(wpa_s->confname);
2029 if (wpa_s->conf == NULL) {
2030 wpa_printf(MSG_ERROR, "Failed to read or parse "
2031 "configuration '%s'.", wpa_s->confname);
2032 return -1;
2033 }
2034
2035 /*
2036 * Override ctrl_interface and driver_param if set on command
2037 * line.
2038 */
2039 if (iface->ctrl_interface) {
2040 os_free(wpa_s->conf->ctrl_interface);
2041 wpa_s->conf->ctrl_interface =
2042 os_strdup(iface->ctrl_interface);
2043 }
2044
2045 if (iface->driver_param) {
2046 os_free(wpa_s->conf->driver_param);
2047 wpa_s->conf->driver_param =
2048 os_strdup(iface->driver_param);
2049 }
2050 } else
2051 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2052 iface->driver_param);
2053
2054 if (wpa_s->conf == NULL) {
2055 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2056 return -1;
2057 }
2058
2059 if (iface->ifname == NULL) {
2060 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2061 return -1;
2062 }
2063 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2064 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2065 iface->ifname);
2066 return -1;
2067 }
2068 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2069
2070 if (iface->bridge_ifname) {
2071 if (os_strlen(iface->bridge_ifname) >=
2072 sizeof(wpa_s->bridge_ifname)) {
2073 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2074 "name '%s'.", iface->bridge_ifname);
2075 return -1;
2076 }
2077 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2078 sizeof(wpa_s->bridge_ifname));
2079 }
2080
6fc6879b
JM		 2081 /* RSNA Supplicant Key Management - INITIALIZE */
2082 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2083 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2084
2085 /* Initialize driver interface and register driver event handler before
2086 * L2 receive handler so that association events are processed before
2087 * EAPOL-Key packets if both become available for the same select()
2088 * call. */
362f781e
JM		 2089 driver = iface->driver;
2090next_driver:
2091 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2092 return -1;
2093
6fc6879b
JM		 2094 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2095 if (wpa_s->drv_priv == NULL) {
362f781e
JM		 2096 const char *pos;
2097 pos = os_strchr(driver, ',');
2098 if (pos) {
2099 wpa_printf(MSG_DEBUG, "Failed to initialize driver "
2100 "interface - try next driver wrapper");
2101 driver = pos + 1;
2102 goto next_driver;
2103 }
6fc6879b
JM		 2104 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
2105 return -1;
2106 }
2107 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2108 wpa_printf(MSG_ERROR, "Driver interface rejected "
2109 "driver_param '%s'", wpa_s->conf->driver_param);
2110 return -1;
2111 }
2112
2113 ifname = wpa_drv_get_ifname(wpa_s);
2114 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2115 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
2116 "name with '%s'", ifname);
2117 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2118 }
2119
2120 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2121 return -1;
2122
2123 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2124 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2125 NULL);
2126 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2127
2128 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2129 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2130 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2131 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2132 "dot11RSNAConfigPMKLifetime");
2133 return -1;
2134 }
2135
2136 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2137 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2138 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2139 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2140 "dot11RSNAConfigPMKReauthThreshold");
2141 return -1;
2142 }
2143
2144 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2145 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2146 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2147 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2148 "dot11RSNAConfigSATimeout");
2149 return -1;
2150 }
2151
2152 if (wpa_supplicant_driver_init(wpa_s) < 0)
2153 return -1;
2154
315ce40a
JM		 2155 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2156 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6d158490
LR		 2157 wpa_printf(MSG_DEBUG, "Failed to set country");
2158 return -1;
2159 }
2160
6fc6879b
JM		 2161 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2162
116654ce
JM		 2163 if (wpas_wps_init(wpa_s))
2164 return -1;
2165
6fc6879b
JM		 2166 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2167 return -1;
2168 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2169
2170 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2171 if (wpa_s->ctrl_iface == NULL) {
2172 wpa_printf(MSG_ERROR,
2173 "Failed to initialize control interface '%s'.\n"
2174 "You may have another wpa_supplicant process "
2175 "already running or the file was\n"
2176 "left by an unclean termination of wpa_supplicant "
2177 "in which case you will need\n"
2178 "to manually remove this file before starting "
2179 "wpa_supplicant again.\n",
2180 wpa_s->conf->ctrl_interface);
2181 return -1;
2182 }
2183
2184 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c2a04078 2185 wpa_s->drv_flags = capa.flags;
6fc6879b 2186 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 2187 if (ieee80211_sta_init(wpa_s))
2188 return -1;
2189 }
80bc75f1 2190 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6fc6879b
JM		 2191 }
2192
11ef8d35
JM		 2193#ifdef CONFIG_IBSS_RSN
2194 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2195 if (!wpa_s->ibss_rsn) {
2196 wpa_printf(MSG_DEBUG, "Failed to init IBSS RSN");
2197 return -1;
2198 }
2199#endif /* CONFIG_IBSS_RSN */
2200
6fc6879b
JM		 2201 return 0;
2202}
2203
2204
2205static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
2206{
2207 if (wpa_s->drv_priv) {
2208 wpa_supplicant_deauthenticate(wpa_s,
2209 WLAN_REASON_DEAUTH_LEAVING);
2210
2211 /* Backwards compatibility call to set_wpa() handler. This is
2212 * called only just after init and just before deinit, so these
2213 * handler can be used to implement same functionality. */
2214 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
2215 wpa_printf(MSG_ERROR, "Failed to disable WPA in the "
2216 "driver.");
2217 }
2218
2219 wpa_drv_set_drop_unencrypted(wpa_s, 0);
2220 wpa_drv_set_countermeasures(wpa_s, 0);
2221 wpa_clear_keys(wpa_s, NULL);
2222 }
2223
dc461de4 2224 wpas_notify_iface_removed(wpa_s);
6fc6879b
JM		 2225
2226 wpa_supplicant_cleanup(wpa_s);
2227
2228 if (wpa_s->drv_priv)
2229 wpa_drv_deinit(wpa_s);
2230}
2231
2232
2233/**
2234 * wpa_supplicant_add_iface - Add a new network interface
2235 * @global: Pointer to global data from wpa_supplicant_init()
2236 * @iface: Interface configuration options
2237 * Returns: Pointer to the created interface or %NULL on failure
2238 *
2239 * This function is used to add new network interfaces for %wpa_supplicant.
2240 * This can be called before wpa_supplicant_run() to add interfaces before the
2241 * main event loop has been started. In addition, new interfaces can be added
2242 * dynamically while %wpa_supplicant is already running. This could happen,
2243 * e.g., when a hotplug network adapter is inserted.
2244 */
2245struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2246 struct wpa_interface *iface)
2247{
2248 struct wpa_supplicant *wpa_s;
d27df100 2249 struct wpa_interface t_iface;
6fc6879b
JM		 2250
2251 if (global == NULL || iface == NULL)
2252 return NULL;
2253
2254 wpa_s = wpa_supplicant_alloc();
2255 if (wpa_s == NULL)
2256 return NULL;
2257
d27df100
JM		 2258 t_iface = *iface;
2259 if (global->params.override_driver) {
2260 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2261 "('%s' -> '%s')",
2262 iface->driver, global->params.override_driver);
2263 t_iface.driver = global->params.override_driver;
2264 }
2265 if (global->params.override_ctrl_interface) {
2266 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2267 "ctrl_interface ('%s' -> '%s')",
2268 iface->ctrl_interface,
2269 global->params.override_ctrl_interface);
2270 t_iface.ctrl_interface =
2271 global->params.override_ctrl_interface;
2272 }
2273 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 2274 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2275 iface->ifname);
2276 wpa_supplicant_deinit_iface(wpa_s);
2277 os_free(wpa_s);
2278 return NULL;
2279 }
2280
2281 wpa_s->global = global;
2282
dc461de4
WS		 2283 /* Notify the control interfaces about new iface */
2284 if (wpas_notify_iface_added(wpa_s)) {
6fc6879b
JM		 2285 wpa_supplicant_deinit_iface(wpa_s);
2286 os_free(wpa_s);
2287 return NULL;
2288 }
1bd3f426 2289
6fc6879b
JM		 2290 wpa_s->next = global->ifaces;
2291 global->ifaces = wpa_s;
2292
2293 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2294
2295 return wpa_s;
2296}
2297
2298
2299/**
2300 * wpa_supplicant_remove_iface - Remove a network interface
2301 * @global: Pointer to global data from wpa_supplicant_init()
2302 * @wpa_s: Pointer to the network interface to be removed
2303 * Returns: 0 if interface was removed, -1 if interface was not found
2304 *
2305 * This function can be used to dynamically remove network interfaces from
2306 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2307 * addition, this function is used to remove all remaining interfaces when
2308 * %wpa_supplicant is terminated.
2309 */
2310int wpa_supplicant_remove_iface(struct wpa_global *global,
2311 struct wpa_supplicant *wpa_s)
2312{
2313 struct wpa_supplicant *prev;
2314
2315 /* Remove interface from the global list of interfaces */
2316 prev = global->ifaces;
2317 if (prev == wpa_s) {
2318 global->ifaces = wpa_s->next;
2319 } else {
2320 while (prev && prev->next != wpa_s)
2321 prev = prev->next;
2322 if (prev == NULL)
2323 return -1;
2324 prev->next = wpa_s->next;
2325 }
2326
2327 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2328
2329 wpa_supplicant_deinit_iface(wpa_s);
2330 os_free(wpa_s);
2331
2332 return 0;
2333}
2334
2335
2336/**
2337 * wpa_supplicant_get_iface - Get a new network interface
2338 * @global: Pointer to global data from wpa_supplicant_init()
2339 * @ifname: Interface name
2340 * Returns: Pointer to the interface or %NULL if not found
2341 */
2342struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2343 const char *ifname)
2344{
2345 struct wpa_supplicant *wpa_s;
2346
2347 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2348 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2349 return wpa_s;
2350 }
2351 return NULL;
2352}
2353
2354
2355/**
2356 * wpa_supplicant_init - Initialize %wpa_supplicant
2357 * @params: Parameters for %wpa_supplicant
2358 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2359 *
2360 * This function is used to initialize %wpa_supplicant. After successful
2361 * initialization, the returned data pointer can be used to add and remove
2362 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2363 */
2364struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2365{
2366 struct wpa_global *global;
ac305589 2367 int ret, i;
6fc6879b
JM		 2368
2369 if (params == NULL)
2370 return NULL;
2371
2372 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 2373 if (params->wpa_debug_syslog)
2374 wpa_debug_open_syslog();
6fc6879b
JM		 2375
2376 ret = eap_peer_register_methods();
2377 if (ret) {
2378 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2379 if (ret == -2)
2380 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2381 "the same EAP type.");
2382 return NULL;
2383 }
2384
3ec97afe
JM		 2385#ifdef CONFIG_AP
2386 ret = eap_server_register_methods();
2387 if (ret) {
2388 wpa_printf(MSG_ERROR, "Failed to register EAP server methods");
2389 if (ret == -2)
2390 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2391 "the same EAP type.");
2392 return NULL;
2393 }
2394#endif /* CONFIG_AP */
2395
6fc6879b
JM		 2396 global = os_zalloc(sizeof(*global));
2397 if (global == NULL)
2398 return NULL;
2399 global->params.daemonize = params->daemonize;
2400 global->params.wait_for_monitor = params->wait_for_monitor;
2401 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2402 if (params->pid_file)
2403 global->params.pid_file = os_strdup(params->pid_file);
2404 if (params->ctrl_interface)
2405 global->params.ctrl_interface =
2406 os_strdup(params->ctrl_interface);
d27df100
JM		 2407 if (params->override_driver)
2408 global->params.override_driver =
2409 os_strdup(params->override_driver);
2410 if (params->override_ctrl_interface)
2411 global->params.override_ctrl_interface =
2412 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 2413 wpa_debug_level = global->params.wpa_debug_level =
2414 params->wpa_debug_level;
2415 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2416 params->wpa_debug_show_keys;
2417 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2418 params->wpa_debug_timestamp;
2419
2420 if (eloop_init(global)) {
2421 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2422 wpa_supplicant_deinit(global);
2423 return NULL;
2424 }
2425
2426 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2427 if (global->ctrl_iface == NULL) {
2428 wpa_supplicant_deinit(global);
2429 return NULL;
2430 }
2431
dc461de4
WS		 2432 if (wpas_notify_supplicant_initialized(global)) {
2433 wpa_supplicant_deinit(global);
2434 return NULL;
6fc6879b
JM		 2435 }
2436
c5121837 2437 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 2438 global->drv_count++;
2439 if (global->drv_count == 0) {
2440 wpa_printf(MSG_ERROR, "No drivers enabled");
2441 wpa_supplicant_deinit(global);
2442 return NULL;
2443 }
2444 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2445 if (global->drv_priv == NULL) {
2446 wpa_supplicant_deinit(global);
2447 return NULL;
2448 }
c5121837
JM		 2449 for (i = 0; wpa_drivers[i]; i++) {
2450 if (!wpa_drivers[i]->global_init)
ac305589 2451 continue;
c5121837 2452 global->drv_priv[i] = wpa_drivers[i]->global_init();
ac305589
JM		 2453 if (global->drv_priv[i] == NULL) {
2454 wpa_printf(MSG_ERROR, "Failed to initialize driver "
c5121837 2455 "'%s'", wpa_drivers[i]->name);
ac305589
JM		 2456 wpa_supplicant_deinit(global);
2457 return NULL;
2458 }
2459 }
2460
6fc6879b
JM		 2461 return global;
2462}
2463
2464
2465/**
2466 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2467 * @global: Pointer to global data from wpa_supplicant_init()
2468 * Returns: 0 after successful event loop run, -1 on failure
2469 *
2470 * This function starts the main event loop and continues running as long as
2471 * there are any remaining events. In most cases, this function is running as
2472 * long as the %wpa_supplicant process in still in use.
2473 */
2474int wpa_supplicant_run(struct wpa_global *global)
2475{
2476 struct wpa_supplicant *wpa_s;
2477
2478 if (global->params.daemonize &&
2479 wpa_supplicant_daemon(global->params.pid_file))
2480 return -1;
2481
2482 if (global->params.wait_for_monitor) {
2483 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2484 if (wpa_s->ctrl_iface)
2485 wpa_supplicant_ctrl_iface_wait(
2486 wpa_s->ctrl_iface);
2487 }
2488
2489 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL);
2490 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL);
2491
2492 eloop_run();
2493
2494 return 0;
2495}
2496
2497
2498/**
2499 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2500 * @global: Pointer to global data from wpa_supplicant_init()
2501 *
2502 * This function is called to deinitialize %wpa_supplicant and to free all
2503 * allocated resources. Remaining network interfaces will also be removed.
2504 */
2505void wpa_supplicant_deinit(struct wpa_global *global)
2506{
ac305589
JM		 2507 int i;
2508
6fc6879b
JM		 2509 if (global == NULL)
2510 return;
2511
2512 while (global->ifaces)
2513 wpa_supplicant_remove_iface(global, global->ifaces);
2514
2515 if (global->ctrl_iface)
2516 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 2517
2518 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 2519
2520 eap_peer_unregister_methods();
3ec97afe
JM		 2521#ifdef CONFIG_AP
2522 eap_server_unregister_methods();
2523#endif /* CONFIG_AP */
6fc6879b 2524
c5121837 2525 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 2526 if (!global->drv_priv[i])
2527 continue;
c5121837 2528 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 2529 }
2530 os_free(global->drv_priv);
2531
6fc6879b
JM		 2532 eloop_destroy();
2533
2534 if (global->params.pid_file) {
2535 os_daemonize_terminate(global->params.pid_file);
2536 os_free(global->params.pid_file);
2537 }
2538 os_free(global->params.ctrl_interface);
d27df100
JM		 2539 os_free(global->params.override_driver);
2540 os_free(global->params.override_ctrl_interface);
6fc6879b
JM		 2541
2542 os_free(global);
daa70d49 2543 wpa_debug_close_syslog();
6fc6879b
JM		 2544 wpa_debug_close_file();
2545}
Unnamed repository; edit this file 'description' to name the repository.