]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Allow management group cipher to be configured
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
b1ae396f 3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
14
15#include "common.h"
d47fa330 16#include "crypto/random.h"
7d232e23 17#include "crypto/sha1.h"
6fc6879b
JM		 18#include "eapol_supp/eapol_supp_sm.h"
19#include "eap_peer/eap.h"
ec7b97ab 20#include "eap_peer/eap_proxy.h"
3ec97afe 21#include "eap_server/eap_methods.h"
3acb5005 22#include "rsn_supp/wpa.h"
6fc6879b 23#include "eloop.h"
6fc6879b 24#include "config.h"
306ae225 25#include "utils/ext_password.h"
6fc6879b
JM		 26#include "l2_packet/l2_packet.h"
27#include "wpa_supplicant_i.h"
2d5b792d 28#include "driver_i.h"
6fc6879b 29#include "ctrl_iface.h"
6fc6879b 30#include "pcsc_funcs.h"
90973fb2 31#include "common/version.h"
3acb5005
JM		 32#include "rsn_supp/preauth.h"
33#include "rsn_supp/pmksa_cache.h"
90973fb2 34#include "common/wpa_ctrl.h"
90973fb2 35#include "common/ieee802_11_defs.h"
72044390 36#include "p2p/p2p.h"
6fc6879b
JM		 37#include "blacklist.h"
38#include "wpas_glue.h"
116654ce 39#include "wps_supplicant.h"
11ef8d35 40#include "ibss_rsn.h"
c2a04078 41#include "sme.h"
04ea7b79 42#include "gas_query.h"
1f1b62a0 43#include "ap.h"
b22128ef 44#include "p2p_supplicant.h"
9675ce35 45#include "wifi_display.h"
8bac466b 46#include "notify.h"
60b94c98 47#include "bgscan.h"
7c865c68 48#include "autoscan.h"
83922c2d 49#include "bss.h"
9ba9fa07 50#include "scan.h"
24f6497c 51#include "offchannel.h"
cb418324 52#include "hs20_supplicant.h"
e27d20bb 53#include "wnm_sta.h"
6fc6879b
JM		 54
55const char *wpa_supplicant_version =
56"wpa_supplicant v" VERSION_STR "\n"
b1ae396f 57"Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 58
59const char *wpa_supplicant_license =
331f89ff
JM		 60"This software may be distributed under the terms of the BSD license.\n"
61"See README for more details.\n"
6fc6879b
JM		 62#ifdef EAP_TLS_OPENSSL
63"\nThis product includes software developed by the OpenSSL Project\n"
64"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65#endif /* EAP_TLS_OPENSSL */
66;
67
68#ifndef CONFIG_NO_STDOUT_DEBUG
69/* Long text divided into parts in order to fit in C89 strings size limits. */
70const char *wpa_supplicant_full_license1 =
331f89ff 71"";
6fc6879b 72const char *wpa_supplicant_full_license2 =
331f89ff 73"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 74"\n"
75"Redistribution and use in source and binary forms, with or without\n"
76"modification, are permitted provided that the following conditions are\n"
77"met:\n"
78"\n";
79const char *wpa_supplicant_full_license3 =
80"1. Redistributions of source code must retain the above copyright\n"
81" notice, this list of conditions and the following disclaimer.\n"
82"\n"
83"2. Redistributions in binary form must reproduce the above copyright\n"
84" notice, this list of conditions and the following disclaimer in the\n"
85" documentation and/or other materials provided with the distribution.\n"
86"\n";
87const char *wpa_supplicant_full_license4 =
88"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89" names of its contributors may be used to endorse or promote products\n"
90" derived from this software without specific prior written permission.\n"
91"\n"
92"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96const char *wpa_supplicant_full_license5 =
97"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
104"\n";
105#endif /* CONFIG_NO_STDOUT_DEBUG */
106
6fc6879b 107/* Configure default/group WEP keys for static WEP */
0194fedb 108int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 109{
110 int i, set = 0;
111
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
114 continue;
115
116 set = 1;
0382097e 117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 118 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 119 ssid->wep_key[i], ssid->wep_key_len[i]);
120 }
121
122 return set;
123}
124
125
6ea1f413
JM		 126int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
6fc6879b
JM		 128{
129 u8 key[32];
130 size_t keylen;
71934751 131 enum wpa_alg alg;
6fc6879b
JM		 132 u8 seq[6] = { 0 };
133
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
136
d7dcba70 137 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 140 return -1;
141 }
142
143 if (!ssid->psk_set) {
f049052b
BG		 144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
145 "WPA-None");
6fc6879b
JM		 146 return -1;
147 }
148
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
152 keylen = 16;
153 alg = WPA_ALG_CCMP;
154 break;
eb7719ff
JM		 155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
157 keylen = 16;
158 alg = WPA_ALG_GCMP;
159 break;
6fc6879b
JM		 160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
164 keylen = 32;
165 alg = WPA_ALG_TKIP;
166 break;
167 default:
f049052b
BG		 168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 170 return -1;
171 }
172
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
175
0382097e 176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
6fc6879b
JM		 177}
178
179
180static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
181{
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
a8e16edc 184 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
187 MAC2STR(bssid));
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 191 wpa_s->reassociate = 1;
48b84f18
BG		 192
193 /*
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
196 */
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 198}
199
200
201/**
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
206 *
207 * This function is used to schedule a timeout for the current authentication
208 * attempt.
209 */
210void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
211 int sec, int usec)
212{
a2a535f8 213 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 215 return;
216
f049052b 217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
221}
222
223
224/**
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
227 *
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
230 * been completed.
231 */
232void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
233{
f049052b 234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
237}
238
239
240/**
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
243 *
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
246 */
247void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
248{
249#ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
252
53895c3b 253#ifdef CONFIG_IBSS_RSN
d7dcba70 254 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
257 /*
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
260 */
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
264 return;
265 }
266#endif /* CONFIG_IBSS_RSN */
267
0a40ec6a
JM		 268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
270
6fc6879b
JM		 271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
274 else
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
276
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
283 }
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
287 }
288
a2a535f8 289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 290 eapol_conf.required_keys = 0;
6fc6879b 291 }
a2a535f8 292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 293 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 298 eapol_conf.external_sim = wpa_s->conf->external_sim;
6fc6879b
JM		 299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300#endif /* IEEE8021X_EAPOL */
301}
302
303
304/**
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
308 *
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
312 */
313void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
315{
316 int i;
317
ad08c363
JM		 318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
322 else
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
330
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
335 break;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
339 break;
340 }
341 }
342
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348#ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351#endif /* CONFIG_IEEE80211W */
352
353 pmksa_cache_clear_current(wpa_s->wpa);
354}
355
356
6979582c 357void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 358{
359 int i;
360 if (wpa_s->hw.modes == NULL)
361 return;
362
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
366 }
367
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
370}
371
372
6fc6879b
JM		 373static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
374{
60b94c98 375 bgscan_deinit(wpa_s);
7c865c68 376 autoscan_deinit(wpa_s);
6fc6879b
JM		 377 scard_deinit(wpa_s->scard);
378 wpa_s->scard = NULL;
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
382 wpa_s->l2 = NULL;
383 if (wpa_s->l2_br) {
384 l2_packet_deinit(wpa_s->l2_br);
385 wpa_s->l2_br = NULL;
386 }
387
6fc6879b 388 if (wpa_s->conf != NULL) {
8e56d189
JM		 389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 392 }
393
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
396
e6304cad
DS		 397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
399
c16a7590
IP		 400#ifdef CONFIG_P2P
401 os_free(wpa_s->conf_p2p_dev);
402 wpa_s->conf_p2p_dev = NULL;
403#endif /* CONFIG_P2P */
404
6fc6879b
JM		 405 wpa_sm_set_eapol(wpa_s->wpa, NULL);
406 eapol_sm_deinit(wpa_s->eapol);
407 wpa_s->eapol = NULL;
408
409 rsn_preauth_deinit(wpa_s->wpa);
410
281ff0aa
GP		 411#ifdef CONFIG_TDLS
412 wpa_tdls_deinit(wpa_s->wpa);
413#endif /* CONFIG_TDLS */
414
6fc6879b
JM		 415 pmksa_candidate_free(wpa_s->wpa);
416 wpa_sm_deinit(wpa_s->wpa);
417 wpa_s->wpa = NULL;
418 wpa_blacklist_clear(wpa_s);
419
83922c2d 420 wpa_bss_deinit(wpa_s);
6fc6879b 421
831770bf 422 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 423 wpa_supplicant_cancel_scan(wpa_s);
424 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 425 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
426#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
427 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
428 wpa_s, NULL);
429#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 430
116654ce 431 wpas_wps_deinit(wpa_s);
11ef8d35 432
1ff73338
JM		 433 wpabuf_free(wpa_s->pending_eapol_rx);
434 wpa_s->pending_eapol_rx = NULL;
435
11ef8d35
JM		 436#ifdef CONFIG_IBSS_RSN
437 ibss_rsn_deinit(wpa_s->ibss_rsn);
438 wpa_s->ibss_rsn = NULL;
439#endif /* CONFIG_IBSS_RSN */
c2a04078 440
e29853bb 441 sme_deinit(wpa_s);
2d5b792d
JM		 442
443#ifdef CONFIG_AP
444 wpa_supplicant_ap_deinit(wpa_s);
445#endif /* CONFIG_AP */
b22128ef
JM		 446
447#ifdef CONFIG_P2P
448 wpas_p2p_deinit(wpa_s);
449#endif /* CONFIG_P2P */
f47d639d 450
24f6497c
JM		 451#ifdef CONFIG_OFFCHANNEL
452 offchannel_deinit(wpa_s);
453#endif /* CONFIG_OFFCHANNEL */
454
a4cba8f1
LC		 455 wpa_supplicant_cancel_sched_scan(wpa_s);
456
f47d639d
JM		 457 os_free(wpa_s->next_scan_freqs);
458 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 459
460 os_free(wpa_s->manual_scan_freqs);
461 wpa_s->manual_scan_freqs = NULL;
04ea7b79
JM		 462
463 gas_query_deinit(wpa_s->gas);
464 wpa_s->gas = NULL;
6bf731e8
CL		 465
466 free_hw_features(wpa_s);
d445a5cd
JM		 467
468 os_free(wpa_s->bssid_filter);
469 wpa_s->bssid_filter = NULL;
b6668734 470
6407f413
JM		 471 os_free(wpa_s->disallow_aps_bssid);
472 wpa_s->disallow_aps_bssid = NULL;
473 os_free(wpa_s->disallow_aps_ssid);
474 wpa_s->disallow_aps_ssid = NULL;
475
b6668734 476 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 477#ifdef CONFIG_WNM
478 wnm_deallocate_memory(wpa_s);
479#endif /* CONFIG_WNM */
306ae225
JM		 480
481 ext_password_deinit(wpa_s->ext_pw);
482 wpa_s->ext_pw = NULL;
b1f12296
JM		 483
484 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 485 wpa_s->last_gas_resp = NULL;
486 wpabuf_free(wpa_s->prev_gas_resp);
487 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 488
489 os_free(wpa_s->last_scan_res);
490 wpa_s->last_scan_res = NULL;
b572df86
JM		 491
492#ifdef CONFIG_HS20
493 hs20_free_osu_prov(wpa_s);
494#endif /* CONFIG_HS20 */
6fc6879b
JM		 495}
496
497
498/**
499 * wpa_clear_keys - Clear keys configured for the driver
500 * @wpa_s: Pointer to wpa_supplicant data
501 * @addr: Previously used BSSID or %NULL if not available
502 *
503 * This function clears the encryption keys that has been previously configured
504 * for the driver.
505 */
506void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
507{
2f30cac3 508 int i, max;
6fc6879b 509
0e27f655 510#ifdef CONFIG_IEEE80211W
2f30cac3
JM		 511 max = 6;
512#else /* CONFIG_IEEE80211W */
513 max = 4;
0e27f655 514#endif /* CONFIG_IEEE80211W */
2f30cac3
JM		 515
516 /* MLME-DELETEKEYS.request */
517 for (i = 0; i < max; i++) {
518 if (wpa_s->keys_cleared & BIT(i))
519 continue;
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
521 NULL, 0);
522 }
523 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
524 !is_zero_ether_addr(addr)) {
6fc6879b
JM		 525 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
526 0);
527 /* MLME-SETPROTECTION.request(None) */
528 wpa_drv_mlme_setprotection(
529 wpa_s, addr,
530 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
531 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
532 }
2f30cac3 533 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 534}
535
536
537/**
538 * wpa_supplicant_state_txt - Get the connection state name as a text string
539 * @state: State (wpa_state; WPA_*)
540 * Returns: The state name as a printable text string
541 */
71934751 542const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 543{
544 switch (state) {
545 case WPA_DISCONNECTED:
546 return "DISCONNECTED";
547 case WPA_INACTIVE:
548 return "INACTIVE";
8401a6b0
JM		 549 case WPA_INTERFACE_DISABLED:
550 return "INTERFACE_DISABLED";
6fc6879b
JM		 551 case WPA_SCANNING:
552 return "SCANNING";
c2a04078
JM		 553 case WPA_AUTHENTICATING:
554 return "AUTHENTICATING";
6fc6879b
JM		 555 case WPA_ASSOCIATING:
556 return "ASSOCIATING";
557 case WPA_ASSOCIATED:
558 return "ASSOCIATED";
559 case WPA_4WAY_HANDSHAKE:
560 return "4WAY_HANDSHAKE";
561 case WPA_GROUP_HANDSHAKE:
562 return "GROUP_HANDSHAKE";
563 case WPA_COMPLETED:
564 return "COMPLETED";
565 default:
566 return "UNKNOWN";
567 }
568}
569
570
cfe53c9a
PS		 571#ifdef CONFIG_BGSCAN
572
573static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
574{
31392709
HD		 575 const char *name;
576
577 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
578 name = wpa_s->current_ssid->bgscan;
579 else
580 name = wpa_s->conf->bgscan;
268043d5 581 if (name == NULL || name[0] == '\0')
31392709 582 return;
0096c427
JM		 583 if (wpas_driver_bss_selection(wpa_s))
584 return;
cfe53c9a
PS		 585 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
586 return;
aa109830
DS		 587#ifdef CONFIG_P2P
588 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
589 return;
590#endif /* CONFIG_P2P */
cfe53c9a
PS		 591
592 bgscan_deinit(wpa_s);
31392709
HD		 593 if (wpa_s->current_ssid) {
594 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 595 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
596 "bgscan");
597 /*
598 * Live without bgscan; it is only used as a roaming
599 * optimization, so the initial connection is not
600 * affected.
601 */
6409b7a7
YD		 602 } else {
603 struct wpa_scan_results *scan_res;
cfe53c9a 604 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 605 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
606 0);
607 if (scan_res) {
608 bgscan_notify_scan(wpa_s, scan_res);
609 wpa_scan_results_free(scan_res);
610 }
611 }
cfe53c9a
PS		 612 } else
613 wpa_s->bgscan_ssid = NULL;
614}
615
616
617static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
618{
619 if (wpa_s->bgscan_ssid != NULL) {
620 bgscan_deinit(wpa_s);
621 wpa_s->bgscan_ssid = NULL;
622 }
623}
624
625#endif /* CONFIG_BGSCAN */
626
627
7c865c68
TB		 628static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
629{
99218999 630 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 631 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
632}
633
634
635static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
636{
637 autoscan_deinit(wpa_s);
638}
639
640
c3d12238
JM		 641void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
642{
643 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
644 wpa_s->wpa_state == WPA_SCANNING) {
645 autoscan_deinit(wpa_s);
646 wpa_supplicant_start_autoscan(wpa_s);
647 }
648}
649
650
6fc6879b
JM		 651/**
652 * wpa_supplicant_set_state - Set current connection state
653 * @wpa_s: Pointer to wpa_supplicant data
654 * @state: The new connection state
655 *
656 * This function is called whenever the connection state changes, e.g.,
657 * association is completed for WPA/WPA2 4-Way Handshake is started.
658 */
71934751
JM		 659void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
660 enum wpa_states state)
6fc6879b 661{
27f43d8d
MH		 662 enum wpa_states old_state = wpa_s->wpa_state;
663
f049052b
BG		 664 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
665 wpa_supplicant_state_txt(wpa_s->wpa_state),
666 wpa_supplicant_state_txt(state));
6fc6879b 667
5ddd07cb
AS		 668 if (state == WPA_INTERFACE_DISABLED) {
669 /* Assure normal scan when interface is restored */
670 wpa_s->normal_scans = 0;
671 }
672
6ac4b15e
JM		 673 if (state == WPA_COMPLETED)
674 wpas_connect_work_done(wpa_s);
675
cb8564b1
DW		 676 if (state != WPA_SCANNING)
677 wpa_supplicant_notify_scanning(wpa_s, 0);
678
6fc6879b 679 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 680 struct wpa_ssid *ssid = wpa_s->current_ssid;
7d37a357 681#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 682 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1cfc6787
JM		 683 MACSTR " completed [id=%d id_str=%s]",
684 MAC2STR(wpa_s->bssid),
6fc6879b
JM		 685 ssid ? ssid->id : -1,
686 ssid && ssid->id_str ? ssid->id_str : "");
687#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 688 wpas_clear_temp_disabled(wpa_s, ssid, 1);
f1a52633 689 wpa_s->extra_blacklist_count = 0;
6fc6879b 690 wpa_s->new_connection = 0;
6fc6879b 691 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 692#ifndef IEEE8021X_EAPOL
693 wpa_drv_set_supp_port(wpa_s, 1);
694#endif /* IEEE8021X_EAPOL */
17a4734d 695 wpa_s->after_wps = 0;
4d9fb08d 696 wpa_s->known_wps_freq = 0;
b22128ef
JM		 697#ifdef CONFIG_P2P
698 wpas_p2p_completed(wpa_s);
699#endif /* CONFIG_P2P */
c3701c66
RM		 700
701 sme_sched_obss_scan(wpa_s, 1);
6fc6879b
JM		 702 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
703 state == WPA_ASSOCIATED) {
704 wpa_s->new_connection = 1;
705 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 706#ifndef IEEE8021X_EAPOL
707 wpa_drv_set_supp_port(wpa_s, 0);
708#endif /* IEEE8021X_EAPOL */
c3701c66 709 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 710 }
711 wpa_s->wpa_state = state;
27f43d8d 712
cfe53c9a
PS		 713#ifdef CONFIG_BGSCAN
714 if (state == WPA_COMPLETED)
715 wpa_supplicant_start_bgscan(wpa_s);
37271232 716 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 717 wpa_supplicant_stop_bgscan(wpa_s);
718#endif /* CONFIG_BGSCAN */
719
7c865c68
TB		 720 if (state == WPA_AUTHENTICATING)
721 wpa_supplicant_stop_autoscan(wpa_s);
722
723 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
724 wpa_supplicant_start_autoscan(wpa_s);
725
5bbf9f10 726 if (wpa_s->wpa_state != old_state) {
27f43d8d 727 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10
PS		 728
729 if (wpa_s->wpa_state == WPA_COMPLETED ||
730 old_state == WPA_COMPLETED)
731 wpas_notify_auth_changed(wpa_s);
732 }
6fc6879b
JM		 733}
734
735
1a1bf008
JM		 736void wpa_supplicant_terminate_proc(struct wpa_global *global)
737{
738 int pending = 0;
739#ifdef CONFIG_WPS
740 struct wpa_supplicant *wpa_s = global->ifaces;
741 while (wpa_s) {
ab41595f 742 struct wpa_supplicant *next = wpa_s->next;
20625e97
JM		 743#ifdef CONFIG_P2P
744 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
745 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
746 wpas_p2p_disconnect(wpa_s);
747#endif /* CONFIG_P2P */
1a1bf008
JM		 748 if (wpas_wps_terminate_pending(wpa_s) == 1)
749 pending = 1;
ab41595f 750 wpa_s = next;
1a1bf008
JM		 751 }
752#endif /* CONFIG_WPS */
753 if (pending)
754 return;
755 eloop_terminate();
756}
757
758
0456ea16 759static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 760{
0456ea16 761 struct wpa_global *global = signal_ctx;
1a1bf008 762 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 763}
764
765
b22128ef 766void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 767{
71934751 768 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 769
6fc6879b
JM		 770 wpa_s->pairwise_cipher = 0;
771 wpa_s->group_cipher = 0;
772 wpa_s->mgmt_group_cipher = 0;
773 wpa_s->key_mgmt = 0;
8401a6b0 774 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 775 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 776
777 if (wpa_s->wpa_state != old_state)
778 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 779}
780
781
782/**
783 * wpa_supplicant_reload_configuration - Reload configuration data
784 * @wpa_s: Pointer to wpa_supplicant data
785 * Returns: 0 on success or -1 if configuration parsing failed
786 *
787 * This function can be used to request that the configuration data is reloaded
788 * (e.g., after configuration file change). This function is reloading
789 * configuration only for one interface, so this may need to be called multiple
790 * times if %wpa_supplicant is controlling multiple interfaces and all
791 * interfaces need reconfiguration.
792 */
793int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
794{
795 struct wpa_config *conf;
796 int reconf_ctrl;
8bac466b
JM		 797 int old_ap_scan;
798
6fc6879b
JM		 799 if (wpa_s->confname == NULL)
800 return -1;
e6304cad 801 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 802 if (conf == NULL) {
803 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
804 "file '%s' - exiting", wpa_s->confname);
805 return -1;
806 }
e6304cad
DS		 807 wpa_config_read(wpa_s->confanother, conf);
808
611aea7d 809 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 810
811 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
812 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
813 os_strcmp(conf->ctrl_interface,
814 wpa_s->conf->ctrl_interface) != 0);
815
816 if (reconf_ctrl && wpa_s->ctrl_iface) {
817 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
818 wpa_s->ctrl_iface = NULL;
819 }
820
821 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa
JM		 822 if (wpa_s->current_ssid) {
823 wpa_supplicant_deauthenticate(wpa_s,
824 WLAN_REASON_DEAUTH_LEAVING);
825 }
8bac466b 826
6fc6879b
JM		 827 /*
828 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
829 * pkcs11_engine_path, pkcs11_module_path.
830 */
56586197 831 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 832 /*
833 * Clear forced success to clear EAP state for next
834 * authentication.
835 */
836 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
837 }
838 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
839 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 840 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 841 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
842 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 843
844 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 845 wpa_config_free(wpa_s->conf);
846 wpa_s->conf = conf;
8bac466b
JM		 847 if (old_ap_scan != wpa_s->conf->ap_scan)
848 wpas_notify_ap_scan_changed(wpa_s);
849
6fc6879b
JM		 850 if (reconf_ctrl)
851 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
852
611aea7d
JM		 853 wpa_supplicant_update_config(wpa_s);
854
6fc6879b 855 wpa_supplicant_clear_status(wpa_s);
349493bd 856 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 857 wpa_s->reassociate = 1;
858 wpa_supplicant_req_scan(wpa_s, 0, 0);
859 }
f049052b 860 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 861 return 0;
862}
863
864
0456ea16 865static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 866{
0456ea16 867 struct wpa_global *global = signal_ctx;
6fc6879b 868 struct wpa_supplicant *wpa_s;
6fc6879b 869 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 870 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
871 sig);
6fc6879b 872 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 873 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 874 }
875 }
876}
877
878
6fc6879b
JM		 879static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
880 struct wpa_ssid *ssid,
881 struct wpa_ie_data *ie)
882{
883 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
884 if (ret) {
885 if (ret == -2) {
886 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
887 "from association info");
888 }
889 return -1;
890 }
891
f049052b
BG		 892 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
893 "cipher suites");
6fc6879b
JM		 894 if (!(ie->group_cipher & ssid->group_cipher)) {
895 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
896 "cipher 0x%x (mask 0x%x) - reject",
897 ie->group_cipher, ssid->group_cipher);
898 return -1;
899 }
900 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
901 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
902 "cipher 0x%x (mask 0x%x) - reject",
903 ie->pairwise_cipher, ssid->pairwise_cipher);
904 return -1;
905 }
906 if (!(ie->key_mgmt & ssid->key_mgmt)) {
907 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
908 "management 0x%x (mask 0x%x) - reject",
909 ie->key_mgmt, ssid->key_mgmt);
910 return -1;
911 }
912
913#ifdef CONFIG_IEEE80211W
0b60b0aa 914 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
62d49803
JM		 915 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
916 wpa_s->conf->pmf : ssid->ieee80211w) ==
917 MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 918 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
919 "that does not support management frame protection - "
920 "reject");
921 return -1;
922 }
923#endif /* CONFIG_IEEE80211W */
924
925 return 0;
926}
927
928
929/**
930 * wpa_supplicant_set_suites - Set authentication and encryption parameters
931 * @wpa_s: Pointer to wpa_supplicant data
932 * @bss: Scan results for the selected BSS, or %NULL if not available
933 * @ssid: Configuration data for the selected network
934 * @wpa_ie: Buffer for the WPA/RSN IE
935 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
936 * used buffer length in case the functions returns success.
937 * Returns: 0 on success or -1 on failure
938 *
939 * This function is used to configure authentication and encryption parameters
940 * based on the network configuration and scan result for the selected BSS (if
941 * available).
942 */
943int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 944 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 945 u8 *wpa_ie, size_t *wpa_ie_len)
946{
947 struct wpa_ie_data ie;
948 int sel, proto;
df0f01d9 949 const u8 *bss_wpa, *bss_rsn, *bss_osen;
6fc6879b
JM		 950
951 if (bss) {
6fa81a3b
JM		 952 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
953 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
df0f01d9 954 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
6fc6879b 955 } else
df0f01d9 956 bss_wpa = bss_rsn = bss_osen = NULL;
6fc6879b
JM		 957
958 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
959 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
960 (ie.group_cipher & ssid->group_cipher) &&
961 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
962 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 963 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 964 proto = WPA_PROTO_RSN;
965 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
966 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
967 (ie.group_cipher & ssid->group_cipher) &&
968 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
969 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 970 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 971 proto = WPA_PROTO_WPA;
df0f01d9
JM		 972#ifdef CONFIG_HS20
973 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
974 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
975 /* TODO: parse OSEN element */
976 ie.group_cipher = WPA_CIPHER_CCMP;
977 ie.pairwise_cipher = WPA_CIPHER_CCMP;
978 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
979 proto = WPA_PROTO_OSEN;
980#endif /* CONFIG_HS20 */
6fc6879b
JM		 981 } else if (bss) {
982 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
983 return -1;
984 } else {
df0f01d9
JM		 985 if (ssid->proto & WPA_PROTO_OSEN)
986 proto = WPA_PROTO_OSEN;
987 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 988 proto = WPA_PROTO_RSN;
989 else
990 proto = WPA_PROTO_WPA;
991 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
992 os_memset(&ie, 0, sizeof(ie));
993 ie.group_cipher = ssid->group_cipher;
994 ie.pairwise_cipher = ssid->pairwise_cipher;
995 ie.key_mgmt = ssid->key_mgmt;
996#ifdef CONFIG_IEEE80211W
997 ie.mgmt_group_cipher =
70f8cc8e 998 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 999 WPA_CIPHER_AES_128_CMAC : 0;
1000#endif /* CONFIG_IEEE80211W */
f049052b
BG		 1001 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1002 "based on configuration");
6fc6879b
JM		 1003 } else
1004 proto = ie.proto;
1005 }
1006
f049052b
BG		 1007 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1008 "pairwise %d key_mgmt %d proto %d",
1009 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1010#ifdef CONFIG_IEEE80211W
1011 if (ssid->ieee80211w) {
f049052b
BG		 1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1013 ie.mgmt_group_cipher);
6fc6879b
JM		 1014 }
1015#endif /* CONFIG_IEEE80211W */
1016
64fa840a 1017 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1018 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1019 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1020 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1021
1022 if (bss || !wpa_s->ap_ies_from_associnfo) {
1023 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1024 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1025 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1026 bss_rsn ? 2 + bss_rsn[1] : 0))
1027 return -1;
1028 }
1029
1030 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1031 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1032 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1033 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1034 "cipher");
6fc6879b
JM		 1035 return -1;
1036 }
edbd2a19
JM		 1037 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1038 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1039
1040 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1041 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1042 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1043 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1044 "cipher");
6fc6879b
JM		 1045 return -1;
1046 }
edbd2a19
JM		 1047 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1048 wpa_cipher_txt(wpa_s->pairwise_cipher));
6fc6879b
JM		 1049
1050 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1051#ifdef CONFIG_SAE
1052 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1053 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1054#endif /* CONFIG_SAE */
6fc6879b
JM		 1055 if (0) {
1056#ifdef CONFIG_IEEE80211R
1057 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1058 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
6fc6879b
JM		 1060 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1061 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1063#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1064#ifdef CONFIG_SAE
1065 } else if (sel & WPA_KEY_MGMT_SAE) {
1066 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1067 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1068 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1070 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1071#endif /* CONFIG_SAE */
56586197
JM		 1072#ifdef CONFIG_IEEE80211W
1073 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1074 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1075 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1076 "WPA: using KEY_MGMT 802.1X with SHA256");
1077 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1078 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1079 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1080 "WPA: using KEY_MGMT PSK with SHA256");
1081#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1082 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1083 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1084 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1085 } else if (sel & WPA_KEY_MGMT_PSK) {
1086 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1087 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1088 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1089 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1090 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1091#ifdef CONFIG_HS20
1092 } else if (sel & WPA_KEY_MGMT_OSEN) {
1093 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1094 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1095#endif /* CONFIG_HS20 */
6fc6879b 1096 } else {
f049052b
BG		 1097 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1098 "authenticated key management type");
6fc6879b
JM		 1099 return -1;
1100 }
1101
1102 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1103 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1104 wpa_s->pairwise_cipher);
1105 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1106
1107#ifdef CONFIG_IEEE80211W
1108 sel = ie.mgmt_group_cipher;
62d49803
JM		 1109 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1110 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1111 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1112 sel = 0;
1113 if (sel & WPA_CIPHER_AES_128_CMAC) {
1114 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1115 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1116 "AES-128-CMAC");
8dd9f9cd
JM		 1117 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1118 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1119 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1120 "BIP-GMAC-128");
1121 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1122 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1123 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1124 "BIP-GMAC-256");
1125 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1126 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1127 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1128 "BIP-CMAC-256");
6fc6879b
JM		 1129 } else {
1130 wpa_s->mgmt_group_cipher = 0;
f049052b 1131 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1132 }
1133 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1134 wpa_s->mgmt_group_cipher);
62d49803
JM		 1135 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1136 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1137 wpa_s->conf->pmf : ssid->ieee80211w));
6fc6879b
JM		 1138#endif /* CONFIG_IEEE80211W */
1139
1140 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1141 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1142 return -1;
1143 }
1144
0bf927a0 1145 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
6fc6879b 1146 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
7d232e23
ZC		 1147#ifndef CONFIG_NO_PBKDF2
1148 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1149 ssid->passphrase) {
1150 u8 psk[PMK_LEN];
986de33d
JM		 1151 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1152 4096, psk, PMK_LEN);
7d232e23
ZC		 1153 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1154 psk, PMK_LEN);
1155 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1156 }
1157#endif /* CONFIG_NO_PBKDF2 */
9173b16f
JM		 1158#ifdef CONFIG_EXT_PASSWORD
1159 if (ssid->ext_psk) {
1160 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1161 ssid->ext_psk);
1162 char pw_str[64 + 1];
1163 u8 psk[PMK_LEN];
1164
1165 if (pw == NULL) {
1166 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1167 "found from external storage");
1168 return -1;
1169 }
1170
1171 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1172 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1173 "PSK length %d in external storage",
1174 (int) wpabuf_len(pw));
1175 ext_password_free(pw);
1176 return -1;
1177 }
1178
1179 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1180 pw_str[wpabuf_len(pw)] = '\0';
1181
1182#ifndef CONFIG_NO_PBKDF2
1183 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1184 {
986de33d
JM		 1185 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1186 4096, psk, PMK_LEN);
9173b16f
JM		 1187 os_memset(pw_str, 0, sizeof(pw_str));
1188 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1189 "external passphrase)",
1190 psk, PMK_LEN);
1191 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1192 } else
1193#endif /* CONFIG_NO_PBKDF2 */
1194 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1195 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1196 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1197 "Invalid PSK hex string");
1198 os_memset(pw_str, 0, sizeof(pw_str));
1199 ext_password_free(pw);
1200 return -1;
1201 }
1202 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1203 } else {
1204 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1205 "PSK available");
1206 os_memset(pw_str, 0, sizeof(pw_str));
1207 ext_password_free(pw);
1208 return -1;
1209 }
1210
1211 os_memset(pw_str, 0, sizeof(pw_str));
1212 ext_password_free(pw);
1213 }
1214#endif /* CONFIG_EXT_PASSWORD */
7d232e23 1215 } else
6fc6879b
JM		 1216 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1217
1218 return 0;
1219}
1220
1221
8cd6b7bc 1222static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1223{
8cd6b7bc 1224 *pos = 0x00;
03e47c9c 1225
8cd6b7bc
JB		 1226 switch (idx) {
1227 case 0: /* Bits 0-7 */
1228 break;
1229 case 1: /* Bits 8-15 */
1230 break;
1231 case 2: /* Bits 16-23 */
1232#ifdef CONFIG_WNM
1233 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1234 *pos |= 0x08; /* Bit 19 - BSS Transition */
1235#endif /* CONFIG_WNM */
1236 break;
1237 case 3: /* Bits 24-31 */
1238#ifdef CONFIG_WNM
1239 *pos |= 0x02; /* Bit 25 - SSID List */
1240#endif /* CONFIG_WNM */
03e47c9c 1241#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1242 if (wpa_s->conf->interworking)
1243 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1244#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1245 break;
1246 case 4: /* Bits 32-39 */
56f5af48 1247#ifdef CONFIG_INTERWORKING
429dd9af
JM		 1248 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1249 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1250#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1251 break;
1252 case 5: /* Bits 40-47 */
95a3ea94
JM		 1253#ifdef CONFIG_HS20
1254 if (wpa_s->conf->hs20)
1255 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1256#endif /* CONFIG_HS20 */
8cd6b7bc
JB		 1257 break;
1258 case 6: /* Bits 48-55 */
1259 break;
1260 }
1261}
03e47c9c 1262
03e47c9c 1263
8cd6b7bc
JB		 1264int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1265{
1266 u8 *pos = buf;
95a3ea94 1267 u8 len = 6, i;
8cd6b7bc
JB		 1268
1269 if (len < wpa_s->extended_capa_len)
1270 len = wpa_s->extended_capa_len;
03e47c9c
JM		 1271
1272 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1273 *pos++ = len;
1274 for (i = 0; i < len; i++, pos++) {
1275 wpas_ext_capab_byte(wpa_s, pos, i);
1276
1277 if (i < wpa_s->extended_capa_len) {
1278 *pos &= ~wpa_s->extended_capa_mask[i];
1279 *pos |= wpa_s->extended_capa[i];
1280 }
1281 }
03e47c9c 1282
3db5439a
JM		 1283 while (len > 0 && buf[1 + len] == 0) {
1284 len--;
1285 buf[1] = len;
1286 }
1287 if (len == 0)
1288 return 0;
1289
1290 return 2 + len;
03e47c9c
JM		 1291}
1292
1293
6ac4b15e
JM		 1294static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1295 struct wpa_bss *test_bss)
1296{
1297 struct wpa_bss *bss;
1298
1299 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1300 if (bss == test_bss)
1301 return 1;
1302 }
1303
1304 return 0;
1305}
1306
1307
1308static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1309 struct wpa_ssid *test_ssid)
1310{
1311 struct wpa_ssid *ssid;
1312
1313 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1314 if (ssid == test_ssid)
1315 return 1;
1316 }
1317
1318 return 0;
1319}
1320
1321
1322int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1323 struct wpa_ssid *test_ssid)
1324{
1325 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1326 return 0;
1327
1328 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1329}
1330
1331
1332void wpas_connect_work_free(struct wpa_connect_work *cwork)
1333{
1334 if (cwork == NULL)
1335 return;
1336 os_free(cwork);
1337}
1338
1339
1340void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1341{
1342 struct wpa_connect_work *cwork;
1343 struct wpa_radio_work *work = wpa_s->connect_work;
1344
1345 if (!work)
1346 return;
1347
1348 wpa_s->connect_work = NULL;
1349 cwork = work->ctx;
1350 work->ctx = NULL;
1351 wpas_connect_work_free(cwork);
1352 radio_work_done(work);
1353}
1354
1355
1356static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1357
6fc6879b
JM		 1358/**
1359 * wpa_supplicant_associate - Request association
1360 * @wpa_s: Pointer to wpa_supplicant data
1361 * @bss: Scan results for the selected BSS, or %NULL if not available
1362 * @ssid: Configuration data for the selected network
1363 *
1364 * This function is used to request %wpa_supplicant to associate with a BSS.
1365 */
1366void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1367 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1368{
6ac4b15e 1369 struct wpa_connect_work *cwork;
6fc6879b 1370
78177a00
JM		 1371#ifdef CONFIG_IBSS_RSN
1372 ibss_rsn_deinit(wpa_s->ibss_rsn);
1373 wpa_s->ibss_rsn = NULL;
1374#endif /* CONFIG_IBSS_RSN */
1375
2c5d725c
JM		 1376 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1377 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1378#ifdef CONFIG_AP
1379 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1380 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1381 "mode");
1581b38b
JM		 1382 return;
1383 }
8c981d17
DW		 1384 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1385 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 1386 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1387 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 1388 return;
1389 }
8f770587 1390 wpa_s->current_bss = bss;
1581b38b 1391#else /* CONFIG_AP */
f049052b
BG		 1392 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1393 "the build");
1581b38b
JM		 1394#endif /* CONFIG_AP */
1395 return;
1396 }
1397
52c9e6f3 1398#ifdef CONFIG_TDLS
95cb2d88
JM		 1399 if (bss)
1400 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1401 bss->ie_len);
52c9e6f3
JM		 1402#endif /* CONFIG_TDLS */
1403
5cc4d64b
JM		 1404 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1405 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1406 sme_authenticate(wpa_s, bss, ssid);
1407 return;
1408 }
1409
6ac4b15e
JM		 1410 if (wpa_s->connect_work) {
1411 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1412 return;
1413 }
1414
f0e30c84
JM		 1415 if (radio_work_pending(wpa_s, "connect")) {
1416 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1417 return;
1418 }
1419
6ac4b15e
JM		 1420 cwork = os_zalloc(sizeof(*cwork));
1421 if (cwork == NULL)
1422 return;
1423
1424 cwork->bss = bss;
1425 cwork->ssid = ssid;
1426
1427 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1428 wpas_start_assoc_cb, cwork) < 0) {
1429 os_free(cwork);
1430 }
1431}
1432
1433
1434static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1435{
1436 struct wpa_connect_work *cwork = work->ctx;
1437 struct wpa_bss *bss = cwork->bss;
1438 struct wpa_ssid *ssid = cwork->ssid;
1439 struct wpa_supplicant *wpa_s = work->wpa_s;
1440 u8 wpa_ie[200];
1441 size_t wpa_ie_len;
1442 int use_crypt, ret, i, bssid_changed;
1443 int algs = WPA_AUTH_ALG_OPEN;
1444 unsigned int cipher_pairwise, cipher_group;
1445 struct wpa_driver_associate_params params;
1446 int wep_keys_set = 0;
1447 int assoc_failed = 0;
1448 struct wpa_ssid *old_ssid;
1449#ifdef CONFIG_HT_OVERRIDES
1450 struct ieee80211_ht_capabilities htcaps;
1451 struct ieee80211_ht_capabilities htcaps_mask;
1452#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 1453#ifdef CONFIG_VHT_OVERRIDES
1454 struct ieee80211_vht_capabilities vhtcaps;
1455 struct ieee80211_vht_capabilities vhtcaps_mask;
1456#endif /* CONFIG_VHT_OVERRIDES */
6ac4b15e
JM		 1457
1458 if (deinit) {
b3253ebb
AO		 1459 if (work->started) {
1460 wpa_s->connect_work = NULL;
1461
1462 /* cancel possible auth. timeout */
1463 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1464 NULL);
1465 }
6ac4b15e
JM		 1466 wpas_connect_work_free(cwork);
1467 return;
1468 }
1469
1470 wpa_s->connect_work = work;
1471
1472 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1473 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1474 wpas_connect_work_done(wpa_s);
1475 return;
1476 }
1477
0c80427d 1478 os_memset(&params, 0, sizeof(params));
6fc6879b 1479 wpa_s->reassociate = 0;
c60ba9f7 1480 wpa_s->eap_expected_failure = 0;
22628eca 1481 if (bss && !wpas_driver_bss_selection(wpa_s)) {
6fc6879b 1482#ifdef CONFIG_IEEE80211R
6fa81a3b 1483 const u8 *ie, *md = NULL;
6fc6879b 1484#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1485 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1486 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1487 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1488 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1489 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1490 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1491 if (bssid_changed)
1492 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1493#ifdef CONFIG_IEEE80211R
6fa81a3b 1494 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1495 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1496 md = ie + 2;
e7846b68 1497 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
91a05482
JM		 1498 if (md) {
1499 /* Prepare for the next transition */
76b7981d 1500 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
91a05482 1501 }
6fc6879b 1502#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1503#ifdef CONFIG_WPS
1504 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1505 wpa_s->conf->ap_scan == 2 &&
1506 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1507 /* Use ap_scan==1 style network selection to find the network
1508 */
4115303b 1509 wpa_s->scan_req = MANUAL_SCAN_REQ;
24c23d1b
JM		 1510 wpa_s->reassociate = 1;
1511 wpa_supplicant_req_scan(wpa_s, 0, 0);
1512 return;
1513#endif /* CONFIG_WPS */
6fc6879b
JM		 1514 } else {
1515 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1516 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1517 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1518 }
a4cba8f1 1519 wpa_supplicant_cancel_sched_scan(wpa_s);
6fc6879b
JM		 1520 wpa_supplicant_cancel_scan(wpa_s);
1521
1522 /* Starting new association, so clear the possibly used WPA IE from the
1523 * previous association. */
1524 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1525
1526#ifdef IEEE8021X_EAPOL
1527 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1528 if (ssid->leap) {
1529 if (ssid->non_leap == 0)
abd9fafa 1530 algs = WPA_AUTH_ALG_LEAP;
6fc6879b 1531 else
abd9fafa 1532 algs |= WPA_AUTH_ALG_LEAP;
6fc6879b
JM		 1533 }
1534 }
1535#endif /* IEEE8021X_EAPOL */
f049052b 1536 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
6fc6879b 1537 if (ssid->auth_alg) {
abd9fafa 1538 algs = ssid->auth_alg;
f049052b
BG		 1539 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1540 "0x%x", algs);
6fc6879b 1541 }
6fc6879b 1542
6fa81a3b
JM		 1543 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1544 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 1545 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 1546 int try_opportunistic;
6e202021
JM		 1547 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1548 wpa_s->conf->okc :
1549 ssid->proactive_key_caching) &&
6fc6879b
JM		 1550 (ssid->proto & WPA_PROTO_RSN);
1551 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
b2a12c4f 1552 ssid, try_opportunistic) == 0)
6fc6879b
JM		 1553 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1554 wpa_ie_len = sizeof(wpa_ie);
1555 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1556 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1557 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1558 "key management and encryption suites");
6fc6879b
JM		 1559 return;
1560 }
a3f7e518
JM		 1561 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1562 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1563 /*
1564 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1565 * use non-WPA since the scan results did not indicate that the
1566 * AP is using WPA or WPA2.
1567 */
1568 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1569 wpa_ie_len = 0;
1570 wpa_s->wpa_proto = 0;
0bf927a0 1571 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
6fc6879b
JM		 1572 wpa_ie_len = sizeof(wpa_ie);
1573 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1574 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 1575 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1576 "key management and encryption suites (no "
1577 "scan results)");
6fc6879b
JM		 1578 return;
1579 }
ad08c363
JM		 1580#ifdef CONFIG_WPS
1581 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1582 struct wpabuf *wps_ie;
1583 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1584 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1585 wpa_ie_len = wpabuf_len(wps_ie);
1586 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1587 } else
1588 wpa_ie_len = 0;
ad08c363
JM		 1589 wpabuf_free(wps_ie);
1590 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d
JM		 1591 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1592 params.wps = WPS_MODE_PRIVACY;
1593 else
1594 params.wps = WPS_MODE_OPEN;
cf546f1a 1595 wpa_s->wpa_proto = 0;
ad08c363 1596#endif /* CONFIG_WPS */
6fc6879b
JM		 1597 } else {
1598 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1599 wpa_ie_len = 0;
cf546f1a 1600 wpa_s->wpa_proto = 0;
6fc6879b
JM		 1601 }
1602
5f3a6aa0
JM		 1603#ifdef CONFIG_P2P
1604 if (wpa_s->global->p2p) {
1605 u8 *pos;
1606 size_t len;
1607 int res;
5f3a6aa0
JM		 1608 pos = wpa_ie + wpa_ie_len;
1609 len = sizeof(wpa_ie) - wpa_ie_len;
b8a8d677
JM		 1610 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1611 ssid->p2p_group);
5f3a6aa0
JM		 1612 if (res >= 0)
1613 wpa_ie_len += res;
1614 }
72044390
JM		 1615
1616 wpa_s->cross_connect_disallowed = 0;
1617 if (bss) {
1618 struct wpabuf *p2p;
1619 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1620 if (p2p) {
1621 wpa_s->cross_connect_disallowed =
1622 p2p_get_cross_connect_disallowed(p2p);
1623 wpabuf_free(p2p);
f049052b
BG		 1624 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1625 "connection",
1626 wpa_s->cross_connect_disallowed ?
1627 "disallows" : "allows");
72044390
JM		 1628 }
1629 }
25ef8529
JM		 1630
1631 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 1632#endif /* CONFIG_P2P */
1633
cb418324 1634#ifdef CONFIG_HS20
55a2df43 1635 if (is_hs20_network(wpa_s, ssid, bss)) {
cb418324
JM		 1636 struct wpabuf *hs20;
1637 hs20 = wpabuf_alloc(20);
1638 if (hs20) {
f9cd147d
JM		 1639 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1640 wpas_hs20_add_indication(hs20, pps_mo_id);
cb418324
JM		 1641 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1642 wpabuf_len(hs20));
1643 wpa_ie_len += wpabuf_len(hs20);
1644 wpabuf_free(hs20);
1645 }
1646 }
1647#endif /* CONFIG_HS20 */
1648
8b3b803a
AH		 1649 /*
1650 * Workaround: Add Extended Capabilities element only if the AP
1651 * included this element in Beacon/Probe Response frames. Some older
1652 * APs seem to have interoperability issues if this element is
1653 * included, so while the standard may require us to include the
1654 * element in all cases, it is justifiable to skip it to avoid
1655 * interoperability issues.
1656 */
1657 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1658 u8 ext_capab[10];
1659 int ext_capab_len;
1660 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1661 if (ext_capab_len > 0) {
1662 u8 *pos = wpa_ie;
1663 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1664 pos += 2 + pos[1];
1665 os_memmove(pos + ext_capab_len, pos,
1666 wpa_ie_len - (pos - wpa_ie));
1667 wpa_ie_len += ext_capab_len;
1668 os_memcpy(pos, ext_capab, ext_capab_len);
1669 }
92cbcf91 1670 }
92cbcf91 1671
6fc6879b
JM		 1672 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1673 use_crypt = 1;
4848a38d
JM		 1674 cipher_pairwise = wpa_s->pairwise_cipher;
1675 cipher_group = wpa_s->group_cipher;
6fc6879b
JM		 1676 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1677 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1678 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1679 use_crypt = 0;
1680 if (wpa_set_wep_keys(wpa_s, ssid)) {
1681 use_crypt = 1;
1682 wep_keys_set = 1;
1683 }
1684 }
ad08c363
JM		 1685 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1686 use_crypt = 0;
6fc6879b
JM		 1687
1688#ifdef IEEE8021X_EAPOL
1689 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1690 if ((ssid->eapol_flags &
1691 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1692 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1693 !wep_keys_set) {
1694 use_crypt = 0;
1695 } else {
1696 /* Assume that dynamic WEP-104 keys will be used and
1697 * set cipher suites in order for drivers to expect
1698 * encryption. */
4848a38d 1699 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 1700 }
1701 }
1702#endif /* IEEE8021X_EAPOL */
1703
1704 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1705 /* Set the key before (and later after) association */
1706 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1707 }
1708
6fc6879b 1709 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 1710 if (bss) {
6fa81a3b
JM		 1711 params.ssid = bss->ssid;
1712 params.ssid_len = bss->ssid_len;
f15854d1
JM		 1713 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1714 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1715 MACSTR " freq=%u MHz based on scan results "
1716 "(bssid_set=%d)",
1717 MAC2STR(bss->bssid), bss->freq,
1718 ssid->bssid_set);
22628eca
JM		 1719 params.bssid = bss->bssid;
1720 params.freq = bss->freq;
1721 }
7ac7fd43
DS		 1722 params.bssid_hint = bss->bssid;
1723 params.freq_hint = bss->freq;
6fc6879b
JM		 1724 } else {
1725 params.ssid = ssid->ssid;
1726 params.ssid_len = ssid->ssid_len;
1727 }
9e2af29f
NC		 1728
1729 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1730 wpa_s->conf->ap_scan == 2) {
1731 params.bssid = ssid->bssid;
1732 params.fixed_bssid = 1;
1733 }
1734
d7dcba70
JM		 1735 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1736 params.freq == 0)
6fc6879b 1737 params.freq = ssid->frequency; /* Initial channel for IBSS */
8f05577d
JM		 1738
1739 if (ssid->mode == WPAS_MODE_IBSS) {
1740 if (ssid->beacon_int)
1741 params.beacon_int = ssid->beacon_int;
1742 else
1743 params.beacon_int = wpa_s->conf->beacon_int;
1744 }
1745
6fc6879b
JM		 1746 params.wpa_ie = wpa_ie;
1747 params.wpa_ie_len = wpa_ie_len;
1748 params.pairwise_suite = cipher_pairwise;
1749 params.group_suite = cipher_group;
4848a38d 1750 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 1751 params.wpa_proto = wpa_s->wpa_proto;
6fc6879b
JM		 1752 params.auth_alg = algs;
1753 params.mode = ssid->mode;
1f6c0ab8 1754 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 1755 for (i = 0; i < NUM_WEP_KEYS; i++) {
1756 if (ssid->wep_key_len[i])
1757 params.wep_key[i] = ssid->wep_key[i];
1758 params.wep_key_len[i] = ssid->wep_key_len[i];
1759 }
1760 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1761
c2a04078 1762 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
4848a38d
JM		 1763 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1764 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 1765 params.passphrase = ssid->passphrase;
1766 if (ssid->psk_set)
1767 params.psk = ssid->psk;
1768 }
1769
36b15723
JM		 1770 params.drop_unencrypted = use_crypt;
1771
6fc6879b 1772#ifdef CONFIG_IEEE80211W
62d49803
JM		 1773 params.mgmt_frame_protection =
1774 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1775 wpa_s->conf->pmf : ssid->ieee80211w;
1776 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1777 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1778 struct wpa_ie_data ie;
1779 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1780 ie.capabilities &
1781 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 1782 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1783 "MFP: require MFP");
97d3497e
JM		 1784 params.mgmt_frame_protection =
1785 MGMT_FRAME_PROTECTION_REQUIRED;
1786 }
1787 }
6fc6879b
JM		 1788#endif /* CONFIG_IEEE80211W */
1789
ffad8858 1790 params.p2p = ssid->p2p_group;
6e3f4b89 1791
eea2fd9e
JM		 1792 if (wpa_s->parent->set_sta_uapsd)
1793 params.uapsd = wpa_s->parent->sta_uapsd;
1794 else
1795 params.uapsd = -1;
1796
80e8a5ee
BG		 1797#ifdef CONFIG_HT_OVERRIDES
1798 os_memset(&htcaps, 0, sizeof(htcaps));
1799 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1800 params.htcaps = (u8 *) &htcaps;
1801 params.htcaps_mask = (u8 *) &htcaps_mask;
1802 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1803#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 1804#ifdef CONFIG_VHT_OVERRIDES
1805 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
1806 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
1807 params.vhtcaps = &vhtcaps;
1808 params.vhtcaps_mask = &vhtcaps_mask;
1809 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, &params);
1810#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 1811
8567866d
JJ		 1812#ifdef CONFIG_P2P
1813 /*
1814 * If multi-channel concurrency is not supported, check for any
1815 * frequency conflict. In case of any frequency conflict, remove the
1816 * least prioritized connection.
1817 */
1818 if (wpa_s->num_multichan_concurrent < 2) {
1819 int freq = wpa_drv_shared_freq(wpa_s);
1820 if (freq > 0 && freq != params.freq) {
1821 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1822 freq, params.freq);
1823 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1824 params.freq,
1825 ssid) < 0)
1826 return;
1827 }
1828 }
1829#endif /* CONFIG_P2P */
1830
17fbb751 1831 ret = wpa_drv_associate(wpa_s, &params);
6fc6879b
JM		 1832 if (ret < 0) {
1833 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1834 "failed");
871f4dd0
JM		 1835 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1836 /*
1837 * The driver is known to mean what is saying, so we
1838 * can stop right here; the association will not
1839 * succeed.
1840 */
1841 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 1842 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 1843 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1844 return;
1845 }
6fc6879b
JM		 1846 /* try to continue anyway; new association will be tried again
1847 * after timeout */
1848 assoc_failed = 1;
1849 }
1850
1851 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1852 /* Set the key after the association just in case association
1853 * cleared the previously configured key. */
1854 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1855 /* No need to timeout authentication since there is no key
1856 * management. */
1857 wpa_supplicant_cancel_auth_timeout(wpa_s);
1858 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1859#ifdef CONFIG_IBSS_RSN
d7dcba70 1860 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1861 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1862 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1863 /*
1864 * RSN IBSS authentication is per-STA and we can disable the
1865 * per-BSSID authentication.
1866 */
1867 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1868#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1869 } else {
1870 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1871 int timeout = 60;
1872
1873 if (assoc_failed) {
1874 /* give IBSS a bit more time */
d7dcba70 1875 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1876 } else if (wpa_s->conf->ap_scan == 1) {
1877 /* give IBSS a bit more time */
d7dcba70 1878 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1879 }
6fc6879b
JM		 1880 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1881 }
1882
66562e9c
JM		 1883 if (wep_keys_set &&
1884 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 1885 /* Set static WEP keys again */
1886 wpa_set_wep_keys(wpa_s, ssid);
1887 }
1888
1889 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1890 /*
1891 * Do not allow EAP session resumption between different
1892 * network configurations.
1893 */
1894 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1895 }
8bac466b 1896 old_ssid = wpa_s->current_ssid;
6fc6879b 1897 wpa_s->current_ssid = ssid;
8f770587 1898 wpa_s->current_bss = bss;
6fc6879b
JM		 1899 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1900 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1901 if (old_ssid != wpa_s->current_ssid)
1902 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1903}
1904
1905
09f58c09
JM		 1906static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1907 const u8 *addr)
1908{
1909 struct wpa_ssid *old_ssid;
1910
1911 wpa_clear_keys(wpa_s, addr);
09f58c09 1912 old_ssid = wpa_s->current_ssid;
0d30cc24 1913 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 1914 wpa_sm_set_config(wpa_s->wpa, NULL);
1915 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1916 if (old_ssid != wpa_s->current_ssid)
1917 wpas_notify_network_changed(wpa_s);
1918 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1919}
1920
1921
6fc6879b
JM		 1922/**
1923 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1924 * @wpa_s: Pointer to wpa_supplicant data
1925 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1926 *
073ab58f 1927 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1928 * current AP.
1929 */
1930void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1931 int reason_code)
1932{
1933 u8 *addr = NULL;
ef48ff94 1934 union wpa_event_data event;
42d23547 1935 int zero_addr = 0;
8bac466b 1936
42d23547
JM		 1937 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1938 " pending_bssid=" MACSTR " reason=%d state=%s",
1939 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1940 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1941
1942 if (!is_zero_ether_addr(wpa_s->bssid))
1943 addr = wpa_s->bssid;
1944 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1945 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1946 wpa_s->wpa_state == WPA_ASSOCIATING))
1947 addr = wpa_s->pending_bssid;
1948 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1949 /*
1950 * When using driver-based BSS selection, we may not know the
1951 * BSSID with which we are currently trying to associate. We
1952 * need to notify the driver of this disconnection even in such
1953 * a case, so use the all zeros address here.
1954 */
6fc6879b 1955 addr = wpa_s->bssid;
42d23547
JM		 1956 zero_addr = 1;
1957 }
1958
7b44ff2c
SD		 1959#ifdef CONFIG_TDLS
1960 wpa_tdls_teardown_peers(wpa_s->wpa);
1961#endif /* CONFIG_TDLS */
1962
42d23547
JM		 1963 if (addr) {
1964 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 1965 os_memset(&event, 0, sizeof(event));
1966 event.deauth_info.reason_code = (u16) reason_code;
1967 event.deauth_info.locally_generated = 1;
1968 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 1969 if (zero_addr)
1970 addr = NULL;
6fc6879b 1971 }
09f58c09
JM		 1972
1973 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 1974}
1975
dca1a511
DS		 1976static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1977 struct wpa_ssid *ssid)
1978{
1979 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1980 return;
1981
1982 ssid->disabled = 0;
1983 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1984 wpas_notify_network_enabled_changed(wpa_s, ssid);
1985
1986 /*
1987 * Try to reassociate since there is no current configuration and a new
1988 * network was made available.
1989 */
d2592497 1990 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 1991 wpa_s->reassociate = 1;
1992}
1993
6fc6879b 1994
86b89452
WS		 1995/**
1996 * wpa_supplicant_enable_network - Mark a configured network as enabled
1997 * @wpa_s: wpa_supplicant structure for a network interface
1998 * @ssid: wpa_ssid structure for a configured network or %NULL
1999 *
2000 * Enables the specified network or all networks if no network specified.
2001 */
2002void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2003 struct wpa_ssid *ssid)
2004{
86b89452 2005 if (ssid == NULL) {
14f79078
JM		 2006 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2007 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 2008 } else
2009 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 2010
d2592497 2011 if (wpa_s->reassociate && !wpa_s->disconnected) {
dca1a511
DS		 2012 if (wpa_s->sched_scanning) {
2013 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2014 "new network to scan filters");
2015 wpa_supplicant_cancel_sched_scan(wpa_s);
2016 }
86b89452 2017
dad153d1
JM		 2018 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2019 wpa_supplicant_req_scan(wpa_s, 0, 0);
86b89452
WS		 2020 }
2021}
2022
2023
2024/**
2025 * wpa_supplicant_disable_network - Mark a configured network as disabled
2026 * @wpa_s: wpa_supplicant structure for a network interface
2027 * @ssid: wpa_ssid structure for a configured network or %NULL
2028 *
2029 * Disables the specified network or all networks if no network specified.
2030 */
2031void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2032 struct wpa_ssid *ssid)
2033{
2034 struct wpa_ssid *other_ssid;
2035 int was_disabled;
2036
2037 if (ssid == NULL) {
725fc39e
DS		 2038 if (wpa_s->sched_scanning)
2039 wpa_supplicant_cancel_sched_scan(wpa_s);
2040
4dac0245
JM		 2041 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2042 other_ssid = other_ssid->next) {
86b89452 2043 was_disabled = other_ssid->disabled;
4dac0245
JM		 2044 if (was_disabled == 2)
2045 continue; /* do not change persistent P2P group
2046 * data */
86b89452
WS		 2047
2048 other_ssid->disabled = 1;
2049
2050 if (was_disabled != other_ssid->disabled)
2051 wpas_notify_network_enabled_changed(
2052 wpa_s, other_ssid);
86b89452
WS		 2053 }
2054 if (wpa_s->current_ssid)
07783eaa 2055 wpa_supplicant_deauthenticate(
86b89452 2056 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4dac0245 2057 } else if (ssid->disabled != 2) {
86b89452 2058 if (ssid == wpa_s->current_ssid)
07783eaa 2059 wpa_supplicant_deauthenticate(
86b89452
WS		 2060 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2061
2062 was_disabled = ssid->disabled;
2063
2064 ssid->disabled = 1;
2065
725fc39e 2066 if (was_disabled != ssid->disabled) {
86b89452 2067 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 2068 if (wpa_s->sched_scanning) {
2069 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2070 "to remove network from filters");
2071 wpa_supplicant_cancel_sched_scan(wpa_s);
2072 wpa_supplicant_req_scan(wpa_s, 0, 0);
2073 }
2074 }
86b89452
WS		 2075 }
2076}
2077
2078
2079/**
2080 * wpa_supplicant_select_network - Attempt association with a network
2081 * @wpa_s: wpa_supplicant structure for a network interface
2082 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2083 */
2084void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2085 struct wpa_ssid *ssid)
2086{
2087
2088 struct wpa_ssid *other_ssid;
d93dfbd5 2089 int disconnected = 0;
86b89452 2090
d93dfbd5 2091 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
07783eaa 2092 wpa_supplicant_deauthenticate(
86b89452 2093 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 2094 disconnected = 1;
2095 }
86b89452 2096
00e5e3d5
JM		 2097 if (ssid)
2098 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2099
86b89452
WS		 2100 /*
2101 * Mark all other networks disabled or mark all networks enabled if no
2102 * network specified.
2103 */
4dac0245
JM		 2104 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2105 other_ssid = other_ssid->next) {
86b89452 2106 int was_disabled = other_ssid->disabled;
4dac0245
JM		 2107 if (was_disabled == 2)
2108 continue; /* do not change persistent P2P group data */
86b89452
WS		 2109
2110 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 2111 if (was_disabled && !other_ssid->disabled)
2112 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 2113
2114 if (was_disabled != other_ssid->disabled)
2115 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 2116 }
2a6f78fb
JJ		 2117
2118 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2119 /* We are already associated with the selected network */
2120 wpa_printf(MSG_DEBUG, "Already associated with the "
2121 "selected network - do nothing");
2122 return;
2123 }
2124
25a8f9e3 2125 if (ssid) {
96efeeb6 2126 wpa_s->current_ssid = ssid;
25a8f9e3
JM		 2127 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2128 }
7dcdcfd6 2129 wpa_s->connect_without_scan = NULL;
86b89452
WS		 2130 wpa_s->disconnected = 0;
2131 wpa_s->reassociate = 1;
cecdddc1
PS		 2132
2133 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2134 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
86b89452 2135
a1641d26
JM		 2136 if (ssid)
2137 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 2138}
2139
2140
bdec7ee5
MS		 2141/**
2142 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2143 * @wpa_s: wpa_supplicant structure for a network interface
2144 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2145 * @pkcs11_module_path: PKCS #11 module path or NULL
2146 * Returns: 0 on success; -1 on failure
2147 *
2148 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2149 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2150 * module path fails the paths will be reset to the default value (NULL).
2151 */
2152int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2153 const char *pkcs11_engine_path,
2154 const char *pkcs11_module_path)
2155{
2156 char *pkcs11_engine_path_copy = NULL;
2157 char *pkcs11_module_path_copy = NULL;
2158
2159 if (pkcs11_engine_path != NULL) {
2160 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2161 if (pkcs11_engine_path_copy == NULL)
2162 return -1;
2163 }
2164 if (pkcs11_module_path != NULL) {
2165 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 2166 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 2167 os_free(pkcs11_engine_path_copy);
2168 return -1;
2169 }
2170 }
2171
2172 os_free(wpa_s->conf->pkcs11_engine_path);
2173 os_free(wpa_s->conf->pkcs11_module_path);
2174 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2175 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2176
2177 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2178 eapol_sm_deinit(wpa_s->eapol);
2179 wpa_s->eapol = NULL;
2180 if (wpa_supplicant_init_eapol(wpa_s)) {
2181 /* Error -> Reset paths to the default value (NULL) once. */
2182 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2183 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2184 NULL);
2185
2186 return -1;
2187 }
2188 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2189
2190 return 0;
2191}
2192
2193
86b89452
WS		 2194/**
2195 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2196 * @wpa_s: wpa_supplicant structure for a network interface
2197 * @ap_scan: AP scan mode
2198 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2199 *
2200 */
2201int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2202{
2203
2204 int old_ap_scan;
2205
2206 if (ap_scan < 0 || ap_scan > 2)
2207 return -1;
2208
48f8e036
DS		 2209#ifdef ANDROID
2210 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2211 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2212 wpa_s->wpa_state < WPA_COMPLETED) {
2213 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2214 "associating", wpa_s->conf->ap_scan, ap_scan);
2215 return 0;
2216 }
2217#endif /* ANDROID */
2218
86b89452
WS		 2219 old_ap_scan = wpa_s->conf->ap_scan;
2220 wpa_s->conf->ap_scan = ap_scan;
2221
2222 if (old_ap_scan != wpa_s->conf->ap_scan)
2223 wpas_notify_ap_scan_changed(wpa_s);
2224
2225 return 0;
2226}
2227
2228
78633c37
SL		 2229/**
2230 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2231 * @wpa_s: wpa_supplicant structure for a network interface
2232 * @expire_age: Expiration age in seconds
2233 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2234 *
2235 */
2236int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2237 unsigned int bss_expire_age)
2238{
2239 if (bss_expire_age < 10) {
2240 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2241 bss_expire_age);
2242 return -1;
2243 }
2244 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2245 bss_expire_age);
2246 wpa_s->conf->bss_expiration_age = bss_expire_age;
2247
2248 return 0;
2249}
2250
2251
2252/**
2253 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2254 * @wpa_s: wpa_supplicant structure for a network interface
2255 * @expire_count: number of scans after which an unseen BSS is reclaimed
2256 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2257 *
2258 */
2259int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2260 unsigned int bss_expire_count)
2261{
2262 if (bss_expire_count < 1) {
2263 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2264 bss_expire_count);
2265 return -1;
2266 }
2267 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2268 bss_expire_count);
2269 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2270
2271 return 0;
2272}
2273
2274
c6e86b63
MA		 2275/**
2276 * wpa_supplicant_set_scan_interval - Set scan interval
2277 * @wpa_s: wpa_supplicant structure for a network interface
2278 * @scan_interval: scan interval in seconds
2279 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2280 *
2281 */
2282int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2283 int scan_interval)
2284{
2285 if (scan_interval < 0) {
2286 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2287 scan_interval);
2288 return -1;
2289 }
2290 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2291 scan_interval);
9e737f08 2292 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 2293
2294 return 0;
2295}
2296
2297
86b89452
WS		 2298/**
2299 * wpa_supplicant_set_debug_params - Set global debug params
2300 * @global: wpa_global structure
2301 * @debug_level: debug level
2302 * @debug_timestamp: determines if show timestamp in debug data
2303 * @debug_show_keys: determines if show keys in debug data
2304 * Returns: 0 if succeed or -1 if debug_level has wrong value
2305 */
2306int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2307 int debug_timestamp, int debug_show_keys)
2308{
2309
2310 int old_level, old_timestamp, old_show_keys;
2311
2312 /* check for allowed debuglevels */
14dc0011
PS		 2313 if (debug_level != MSG_EXCESSIVE &&
2314 debug_level != MSG_MSGDUMP &&
86b89452
WS		 2315 debug_level != MSG_DEBUG &&
2316 debug_level != MSG_INFO &&
2317 debug_level != MSG_WARNING &&
2318 debug_level != MSG_ERROR)
2319 return -1;
2320
2321 old_level = wpa_debug_level;
2322 old_timestamp = wpa_debug_timestamp;
2323 old_show_keys = wpa_debug_show_keys;
2324
2325 wpa_debug_level = debug_level;
2326 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2327 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2328
db9133ac
WS		 2329 if (wpa_debug_level != old_level)
2330 wpas_notify_debug_level_changed(global);
2331 if (wpa_debug_timestamp != old_timestamp)
2332 wpas_notify_debug_timestamp_changed(global);
2333 if (wpa_debug_show_keys != old_show_keys)
2334 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 2335
2336 return 0;
2337}
2338
2339
6fc6879b
JM		 2340/**
2341 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2342 * @wpa_s: Pointer to wpa_supplicant data
2343 * Returns: A pointer to the current network structure or %NULL on failure
2344 */
2345struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2346{
2347 struct wpa_ssid *entry;
2348 u8 ssid[MAX_SSID_LEN];
2349 int res;
2350 size_t ssid_len;
2351 u8 bssid[ETH_ALEN];
2352 int wired;
2353
17fbb751
JM		 2354 res = wpa_drv_get_ssid(wpa_s, ssid);
2355 if (res < 0) {
2356 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2357 "driver");
2358 return NULL;
6fc6879b 2359 }
17fbb751 2360 ssid_len = res;
6fc6879b 2361
17fbb751 2362 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 2363 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2364 "driver");
6fc6879b
JM		 2365 return NULL;
2366 }
2367
c2a04078
JM		 2368 wired = wpa_s->conf->ap_scan == 0 &&
2369 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 2370
2371 entry = wpa_s->conf->ssid;
2372 while (entry) {
349493bd 2373 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 2374 ((ssid_len == entry->ssid_len &&
2375 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2376 (!entry->bssid_set ||
2377 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2378 return entry;
24c23d1b 2379#ifdef CONFIG_WPS
349493bd 2380 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 2381 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2382 (entry->ssid == NULL || entry->ssid_len == 0) &&
2383 (!entry->bssid_set ||
2384 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2385 return entry;
2386#endif /* CONFIG_WPS */
7d232e23 2387
349493bd 2388 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 2389 entry->ssid_len == 0 &&
2390 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2391 return entry;
2392
6fc6879b
JM		 2393 entry = entry->next;
2394 }
2395
2396 return NULL;
2397}
2398
2399
7756114f
JM		 2400static int select_driver(struct wpa_supplicant *wpa_s, int i)
2401{
2402 struct wpa_global *global = wpa_s->global;
2403
2404 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2405 global->drv_priv[i] = wpa_drivers[i]->global_init();
2406 if (global->drv_priv[i] == NULL) {
2407 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2408 "'%s'", wpa_drivers[i]->name);
2409 return -1;
2410 }
2411 }
2412
2413 wpa_s->driver = wpa_drivers[i];
2414 wpa_s->global_drv_priv = global->drv_priv[i];
2415
2416 return 0;
2417}
2418
2419
6fc6879b
JM		 2420static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2421 const char *name)
2422{
2423 int i;
362f781e 2424 size_t len;
74b1c84a 2425 const char *pos, *driver = name;
6fc6879b
JM		 2426
2427 if (wpa_s == NULL)
2428 return -1;
2429
c5121837 2430 if (wpa_drivers[0] == NULL) {
f049052b
BG		 2431 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2432 "wpa_supplicant");
6fc6879b
JM		 2433 return -1;
2434 }
2435
2436 if (name == NULL) {
2437 /* default to first driver in the list */
7756114f 2438 return select_driver(wpa_s, 0);
6fc6879b
JM		 2439 }
2440
74b1c84a
SO		 2441 do {
2442 pos = os_strchr(driver, ',');
2443 if (pos)
2444 len = pos - driver;
2445 else
2446 len = os_strlen(driver);
2447
2448 for (i = 0; wpa_drivers[i]; i++) {
2449 if (os_strlen(wpa_drivers[i]->name) == len &&
2450 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 2451 0) {
2452 /* First driver that succeeds wins */
2453 if (select_driver(wpa_s, i) == 0)
2454 return 0;
2455 }
6fc6879b 2456 }
74b1c84a
SO		 2457
2458 driver = pos + 1;
2459 } while (pos);
6fc6879b 2460
f049052b 2461 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 2462 return -1;
2463}
2464
2465
a8e0505b
JM		 2466/**
2467 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2468 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2469 * with struct wpa_driver_ops::init()
2470 * @src_addr: Source address of the EAPOL frame
2471 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2472 * @len: Length of the EAPOL data
2473 *
2474 * This function is called for each received EAPOL frame. Most driver
2475 * interfaces rely on more generic OS mechanism for receiving frames through
2476 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2477 * take care of received EAPOL frames and deliver them to the core supplicant
2478 * code by calling this function.
2479 */
6fc6879b
JM		 2480void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2481 const u8 *buf, size_t len)
2482{
2483 struct wpa_supplicant *wpa_s = ctx;
2484
f049052b 2485 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 2486 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2487
db76aa64
JM		 2488#ifdef CONFIG_PEERKEY
2489 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2490 wpa_s->current_ssid->peerkey &&
2491 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2492 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2493 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2494 return;
2495 }
2496#endif /* CONFIG_PEERKEY */
2497
3ab35a66
JM		 2498 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2499 (wpa_s->last_eapol_matches_bssid &&
2500#ifdef CONFIG_AP
2501 !wpa_s->ap_iface &&
2502#endif /* CONFIG_AP */
2503 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 2504 /*
2505 * There is possible race condition between receiving the
2506 * association event and the EAPOL frame since they are coming
2507 * through different paths from the driver. In order to avoid
2508 * issues in trying to process the EAPOL frame before receiving
2509 * association information, lets queue it for processing until
3ab35a66
JM		 2510 * the association event is received. This may also be needed in
2511 * driver-based roaming case, so also use src_addr != BSSID as a
2512 * trigger if we have previously confirmed that the
2513 * Authenticator uses BSSID as the src_addr (which is not the
2514 * case with wired IEEE 802.1X).
1ff73338 2515 */
f049052b 2516 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 2517 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2518 wpa_supplicant_state_txt(wpa_s->wpa_state),
2519 MAC2STR(wpa_s->bssid));
1ff73338
JM		 2520 wpabuf_free(wpa_s->pending_eapol_rx);
2521 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2522 if (wpa_s->pending_eapol_rx) {
c2be937c 2523 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 2524 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2525 ETH_ALEN);
2526 }
2527 return;
2528 }
2529
3ab35a66
JM		 2530 wpa_s->last_eapol_matches_bssid =
2531 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2532
db149ac9
JM		 2533#ifdef CONFIG_AP
2534 if (wpa_s->ap_iface) {
2535 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2536 return;
2537 }
2538#endif /* CONFIG_AP */
2539
6fc6879b 2540 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 2541 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2542 "no key management is configured");
6fc6879b
JM		 2543 return;
2544 }
2545
2546 if (wpa_s->eapol_received == 0 &&
c2a04078 2547 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 2548 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 2549 wpa_s->wpa_state != WPA_COMPLETED) &&
2550 (wpa_s->current_ssid == NULL ||
2551 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 2552 /* Timeout for completing IEEE 802.1X and WPA authentication */
2553 wpa_supplicant_req_auth_timeout(
2554 wpa_s,
56586197 2555 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 2556 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2557 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 2558 70 : 10, 0);
2559 }
2560 wpa_s->eapol_received++;
2561
2562 if (wpa_s->countermeasures) {
f049052b
BG		 2563 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2564 "EAPOL packet");
6fc6879b
JM		 2565 return;
2566 }
2567
8be18440
JM		 2568#ifdef CONFIG_IBSS_RSN
2569 if (wpa_s->current_ssid &&
d7dcba70 2570 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 2571 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2572 return;
2573 }
2574#endif /* CONFIG_IBSS_RSN */
2575
6fc6879b
JM		 2576 /* Source address of the incoming EAPOL frame could be compared to the
2577 * current BSSID. However, it is possible that a centralized
2578 * Authenticator could be using another MAC address than the BSSID of
2579 * an AP, so just allow any address to be used for now. The replies are
2580 * still sent to the current BSSID (if available), though. */
2581
2582 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 2583 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 2584 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2585 return;
2586 wpa_drv_poll(wpa_s);
c2a04078 2587 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 2588 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 2589 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 2590 /*
2591 * Set portValid = TRUE here since we are going to skip 4-way
2592 * handshake processing which would normally set portValid. We
2593 * need this to allow the EAPOL state machines to be completed
2594 * without going through EAPOL-Key handshake.
2595 */
2596 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2597 }
2598}
2599
2600
bfba8deb 2601int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 2602{
6fc6879b
JM		 2603 if (wpa_s->driver->send_eapol) {
2604 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2605 if (addr)
2606 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1c42b42f
JM		 2607 } else if ((!wpa_s->p2p_mgmt ||
2608 !(wpa_s->drv_flags &
2609 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
c68f6200 2610 !(wpa_s->drv_flags &
fdadd5fe 2611 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 2612 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 2613 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2614 wpa_drv_get_mac_addr(wpa_s),
2615 ETH_P_EAPOL,
2616 wpa_supplicant_rx_eapol, wpa_s, 0);
2617 if (wpa_s->l2 == NULL)
2618 return -1;
fdadd5fe
JM		 2619 } else {
2620 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2621 if (addr)
2622 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 2623 }
2624
2625 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 2626 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 2627 return -1;
2628 }
2629
bfba8deb
JM		 2630 return 0;
2631}
2632
2633
25f839c6
JM		 2634static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2635 const u8 *buf, size_t len)
2636{
2637 struct wpa_supplicant *wpa_s = ctx;
2638 const struct l2_ethhdr *eth;
2639
2640 if (len < sizeof(*eth))
2641 return;
2642 eth = (const struct l2_ethhdr *) buf;
2643
2644 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2645 !(eth->h_dest[0] & 0x01)) {
2646 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2647 " (bridge - not for this interface - ignore)",
2648 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2649 return;
2650 }
2651
2652 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2653 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2654 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2655 len - sizeof(*eth));
2656}
2657
2658
bfba8deb
JM		 2659/**
2660 * wpa_supplicant_driver_init - Initialize driver interface parameters
2661 * @wpa_s: Pointer to wpa_supplicant data
2662 * Returns: 0 on success, -1 on failure
2663 *
2664 * This function is called to initialize driver interface parameters.
2665 * wpa_drv_init() must have been called before this function to initialize the
2666 * driver interface.
2667 */
2668int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2669{
2670 static int interface_count = 0;
2671
2672 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2673 return -1;
2674
c68f6200
AS		 2675 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2676 MAC2STR(wpa_s->own_addr));
2677 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2678
6fc6879b 2679 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 2680 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2681 "interface '%s'", wpa_s->bridge_ifname);
6fc6879b
JM		 2682 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2683 wpa_s->own_addr,
2684 ETH_P_EAPOL,
25f839c6
JM		 2685 wpa_supplicant_rx_eapol_bridge,
2686 wpa_s, 1);
6fc6879b 2687 if (wpa_s->l2_br == NULL) {
f049052b
BG		 2688 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2689 "connection for the bridge interface '%s'",
2690 wpa_s->bridge_ifname);
6fc6879b
JM		 2691 return -1;
2692 }
2693 }
2694
6fc6879b
JM		 2695 wpa_clear_keys(wpa_s, NULL);
2696
2697 /* Make sure that TKIP countermeasures are not left enabled (could
2698 * happen if wpa_supplicant is killed during countermeasures. */
2699 wpa_drv_set_countermeasures(wpa_s, 0);
2700
f049052b 2701 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 2702 wpa_drv_flush_pmkid(wpa_s);
2703
ba2a573c 2704 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 2705 wpa_s->prev_scan_wildcard = 0;
2706
349493bd 2707 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 2708 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2709 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2710 interface_count = 0;
2711 }
3a94adbf 2712 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 2713 wpa_supplicant_delayed_sched_scan(wpa_s,
2714 interface_count % 3,
6a90053c 2715 100000))
5d0d72a3 2716 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 2717 100000);
74e259ec
JM		 2718 interface_count++;
2719 } else
2720 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 2721
2722 return 0;
2723}
2724
2725
2726static int wpa_supplicant_daemon(const char *pid_file)
2727{
2728 wpa_printf(MSG_DEBUG, "Daemonize..");
2729 return os_daemonize(pid_file);
2730}
2731
2732
2733static struct wpa_supplicant * wpa_supplicant_alloc(void)
2734{
2735 struct wpa_supplicant *wpa_s;
2736
2737 wpa_s = os_zalloc(sizeof(*wpa_s));
2738 if (wpa_s == NULL)
2739 return NULL;
4115303b 2740 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 2741 wpa_s->scan_interval = 5;
c302f207 2742 wpa_s->new_connection = 1;
b22128ef 2743 wpa_s->parent = wpa_s;
cbdf3507 2744 wpa_s->sched_scanning = 0;
6fc6879b
JM		 2745
2746 return wpa_s;
2747}
2748
2749
80e8a5ee
BG		 2750#ifdef CONFIG_HT_OVERRIDES
2751
2752static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2753 struct ieee80211_ht_capabilities *htcaps,
2754 struct ieee80211_ht_capabilities *htcaps_mask,
2755 const char *ht_mcs)
2756{
2757 /* parse ht_mcs into hex array */
2758 int i;
2759 const char *tmp = ht_mcs;
2760 char *end = NULL;
2761
2762 /* If ht_mcs is null, do not set anything */
2763 if (!ht_mcs)
2764 return 0;
2765
2766 /* This is what we are setting in the kernel */
2767 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2768
2769 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2770
2771 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2772 errno = 0;
2773 long v = strtol(tmp, &end, 16);
2774 if (errno == 0) {
2775 wpa_msg(wpa_s, MSG_DEBUG,
2776 "htcap value[%i]: %ld end: %p tmp: %p",
2777 i, v, end, tmp);
2778 if (end == tmp)
2779 break;
2780
2781 htcaps->supported_mcs_set[i] = v;
2782 tmp = end;
2783 } else {
2784 wpa_msg(wpa_s, MSG_ERROR,
2785 "Failed to parse ht-mcs: %s, error: %s\n",
2786 ht_mcs, strerror(errno));
2787 return -1;
2788 }
2789 }
2790
2791 /*
2792 * If we were able to parse any values, then set mask for the MCS set.
2793 */
2794 if (i) {
2795 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2796 IEEE80211_HT_MCS_MASK_LEN - 1);
2797 /* skip the 3 reserved bits */
2798 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2799 0x1f;
2800 }
2801
2802 return 0;
2803}
2804
2805
2806static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2807 struct ieee80211_ht_capabilities *htcaps,
2808 struct ieee80211_ht_capabilities *htcaps_mask,
2809 int disabled)
2810{
2811 u16 msk;
2812
2813 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2814
2815 if (disabled == -1)
2816 return 0;
2817
2818 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2819 htcaps_mask->ht_capabilities_info |= msk;
2820 if (disabled)
2821 htcaps->ht_capabilities_info &= msk;
2822 else
2823 htcaps->ht_capabilities_info |= msk;
2824
2825 return 0;
2826}
2827
2828
2829static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2830 struct ieee80211_ht_capabilities *htcaps,
2831 struct ieee80211_ht_capabilities *htcaps_mask,
2832 int factor)
2833{
2834 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2835
2836 if (factor == -1)
2837 return 0;
2838
2839 if (factor < 0 || factor > 3) {
2840 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2841 "Must be 0-3 or -1", factor);
2842 return -EINVAL;
2843 }
2844
2845 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2846 htcaps->a_mpdu_params &= ~0x3;
2847 htcaps->a_mpdu_params |= factor & 0x3;
2848
2849 return 0;
2850}
2851
2852
2853static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2854 struct ieee80211_ht_capabilities *htcaps,
2855 struct ieee80211_ht_capabilities *htcaps_mask,
2856 int density)
2857{
2858 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2859
2860 if (density == -1)
2861 return 0;
2862
2863 if (density < 0 || density > 7) {
2864 wpa_msg(wpa_s, MSG_ERROR,
2865 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2866 density);
2867 return -EINVAL;
2868 }
2869
2870 htcaps_mask->a_mpdu_params |= 0x1C;
2871 htcaps->a_mpdu_params &= ~(0x1C);
2872 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2873
2874 return 0;
2875}
2876
2877
2878static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2879 struct ieee80211_ht_capabilities *htcaps,
2880 struct ieee80211_ht_capabilities *htcaps_mask,
2881 int disabled)
2882{
2883 /* Masking these out disables HT40 */
2884 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2885 HT_CAP_INFO_SHORT_GI40MHZ);
2886
2887 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2888
2889 if (disabled)
2890 htcaps->ht_capabilities_info &= ~msk;
2891 else
2892 htcaps->ht_capabilities_info |= msk;
2893
2894 htcaps_mask->ht_capabilities_info |= msk;
2895
2896 return 0;
2897}
2898
2899
a90497f8
BG		 2900static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2901 struct ieee80211_ht_capabilities *htcaps,
2902 struct ieee80211_ht_capabilities *htcaps_mask,
2903 int disabled)
2904{
2905 /* Masking these out disables SGI */
2906 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2907 HT_CAP_INFO_SHORT_GI40MHZ);
2908
2909 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2910
2911 if (disabled)
2912 htcaps->ht_capabilities_info &= ~msk;
2913 else
2914 htcaps->ht_capabilities_info |= msk;
2915
2916 htcaps_mask->ht_capabilities_info |= msk;
2917
2918 return 0;
2919}
2920
2921
80e8a5ee
BG		 2922void wpa_supplicant_apply_ht_overrides(
2923 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2924 struct wpa_driver_associate_params *params)
2925{
2926 struct ieee80211_ht_capabilities *htcaps;
2927 struct ieee80211_ht_capabilities *htcaps_mask;
2928
2929 if (!ssid)
2930 return;
2931
2932 params->disable_ht = ssid->disable_ht;
2933 if (!params->htcaps || !params->htcaps_mask)
2934 return;
2935
2936 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2937 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2938 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2939 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2940 ssid->disable_max_amsdu);
2941 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2942 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2943 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 2944 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
80e8a5ee
BG		 2945}
2946
2947#endif /* CONFIG_HT_OVERRIDES */
2948
2949
e9ee8dc3
JB		 2950#ifdef CONFIG_VHT_OVERRIDES
2951void wpa_supplicant_apply_vht_overrides(
2952 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2953 struct wpa_driver_associate_params *params)
2954{
2955 struct ieee80211_vht_capabilities *vhtcaps;
2956 struct ieee80211_vht_capabilities *vhtcaps_mask;
2957
2958 if (!ssid)
2959 return;
2960
2961 params->disable_vht = ssid->disable_vht;
2962
2963 vhtcaps = (void *) params->vhtcaps;
2964 vhtcaps_mask = (void *) params->vhtcaps_mask;
2965
2966 if (!vhtcaps || !vhtcaps_mask)
2967 return;
2968
2969 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2970 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2971
2972#define OVERRIDE_MCS(i) \
2973 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2974 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2975 3 << 2 * (i - 1); \
2976 vhtcaps->vht_supported_mcs_set.tx_map |= \
2977 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2978 } \
2979 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2980 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2981 3 << 2 * (i - 1); \
2982 vhtcaps->vht_supported_mcs_set.rx_map |= \
2983 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2984 }
2985
2986 OVERRIDE_MCS(1);
2987 OVERRIDE_MCS(2);
2988 OVERRIDE_MCS(3);
2989 OVERRIDE_MCS(4);
2990 OVERRIDE_MCS(5);
2991 OVERRIDE_MCS(6);
2992 OVERRIDE_MCS(7);
2993 OVERRIDE_MCS(8);
2994}
2995#endif /* CONFIG_VHT_OVERRIDES */
2996
2997
f64adcd7
JM		 2998static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2999{
3000#ifdef PCSC_FUNCS
3001 size_t len;
3002
3003 if (!wpa_s->conf->pcsc_reader)
3004 return 0;
3005
22cf7d73 3006 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 3007 if (!wpa_s->scard)
3008 return 1;
3009
3010 if (wpa_s->conf->pcsc_pin &&
3011 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3012 scard_deinit(wpa_s->scard);
3013 wpa_s->scard = NULL;
3014 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3015 return -1;
3016 }
3017
3018 len = sizeof(wpa_s->imsi) - 1;
3019 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3020 scard_deinit(wpa_s->scard);
3021 wpa_s->scard = NULL;
3022 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3023 return -1;
3024 }
3025 wpa_s->imsi[len] = '\0';
3026
3027 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3028
3029 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3030 wpa_s->imsi, wpa_s->mnc_len);
3031
3032 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3033 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3034#endif /* PCSC_FUNCS */
3035
3036 return 0;
3037}
3038
3039
306ae225
JM		 3040int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3041{
3042 char *val, *pos;
3043
3044 ext_password_deinit(wpa_s->ext_pw);
3045 wpa_s->ext_pw = NULL;
3046 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3047
3048 if (!wpa_s->conf->ext_password_backend)
3049 return 0;
3050
3051 val = os_strdup(wpa_s->conf->ext_password_backend);
3052 if (val == NULL)
3053 return -1;
3054 pos = os_strchr(val, ':');
3055 if (pos)
3056 *pos++ = '\0';
3057
3058 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3059
3060 wpa_s->ext_pw = ext_password_init(val, pos);
3061 os_free(val);
3062 if (wpa_s->ext_pw == NULL) {
3063 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3064 return -1;
3065 }
3066 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3067
3068 return 0;
3069}
3070
3071
202dec2a
JM		 3072static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3073 const char *rn)
3074{
3075 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3076 struct wpa_radio *radio;
3077
3078 while (rn && iface) {
3079 radio = iface->radio;
3080 if (radio && os_strcmp(rn, radio->name) == 0) {
3081 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3082 wpa_s->ifname, rn);
3083 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3084 return radio;
3085 }
b154a24e
TB		 3086
3087 iface = iface->next;
202dec2a
JM		 3088 }
3089
3090 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3091 wpa_s->ifname, rn ? rn : "N/A");
3092 radio = os_zalloc(sizeof(*radio));
3093 if (radio == NULL)
3094 return NULL;
3095
3096 if (rn)
3097 os_strlcpy(radio->name, rn, sizeof(radio->name));
3098 dl_list_init(&radio->ifaces);
b1ae396f 3099 dl_list_init(&radio->work);
202dec2a
JM		 3100 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3101
3102 return radio;
3103}
3104
3105
b1ae396f
JM		 3106static void radio_work_free(struct wpa_radio_work *work)
3107{
d12a51b5
JM		 3108 if (work->wpa_s->scan_work == work) {
3109 /* This should not really happen. */
3110 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3111 work->type, work, work->started);
3112 work->wpa_s->scan_work = NULL;
3113 }
3114
1b5d4714
JM		 3115#ifdef CONFIG_P2P
3116 if (work->wpa_s->p2p_scan_work == work) {
3117 /* This should not really happen. */
3118 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3119 work->type, work, work->started);
3120 work->wpa_s->p2p_scan_work = NULL;
3121 }
3122#endif /* CONFIG_P2P */
3123
b1ae396f
JM		 3124 dl_list_del(&work->list);
3125 os_free(work);
3126}
3127
3128
3129static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3130{
3131 struct wpa_radio *radio = eloop_ctx;
3132 struct wpa_radio_work *work;
3133 struct os_reltime now, diff;
6428d0a7 3134 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 3135
3136 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3137 if (work == NULL)
3138 return;
3139
3140 if (work->started)
3141 return; /* already started and still in progress */
3142
6428d0a7
JM		 3143 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3144 radio_list);
3145 if (wpa_s && wpa_s->external_scan_running) {
3146 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3147 return;
3148 }
3149
b1ae396f
JM		 3150 os_get_reltime(&now);
3151 os_reltime_sub(&now, &work->time, &diff);
3152 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3153 work->type, work, diff.sec, diff.usec);
3154 work->started = 1;
3155 work->time = now;
3156 work->cb(work, 0);
3157}
3158
3159
b3253ebb
AO		 3160/*
3161 * This function removes both started and pending radio works running on
3162 * the provided interface's radio.
3163 * Prior to the removal of the radio work, its callback (cb) is called with
3164 * deinit set to be 1. Each work's callback is responsible for clearing its
3165 * internal data and restoring to a correct state.
3166 * @wpa_s: wpa_supplicant data
3167 * @type: type of works to be removed
3168 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3169 * this interface's works.
3170 */
3171void radio_remove_works(struct wpa_supplicant *wpa_s,
3172 const char *type, int remove_all)
b1ae396f
JM		 3173{
3174 struct wpa_radio_work *work, *tmp;
3175 struct wpa_radio *radio = wpa_s->radio;
3176
3177 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3178 list) {
b3253ebb 3179 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 3180 continue;
b3253ebb
AO		 3181
3182 /* skip other ifaces' works */
3183 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 3184 continue;
b3253ebb
AO		 3185
3186 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3187 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 3188 work->cb(work, 1);
3189 radio_work_free(work);
3190 }
b3253ebb
AO		 3191
3192 /* in case we removed the started work */
3193 radio_work_check_next(wpa_s);
b1ae396f
JM		 3194}
3195
3196
202dec2a
JM		 3197static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3198{
3199 struct wpa_radio *radio = wpa_s->radio;
3200
3201 if (!radio)
3202 return;
3203
3204 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3205 wpa_s->ifname, radio->name);
3206 dl_list_del(&wpa_s->radio_list);
b1ae396f
JM		 3207 if (!dl_list_empty(&radio->ifaces)) {
3208 wpa_s->radio = NULL;
202dec2a 3209 return; /* Interfaces remain for this radio */
b1ae396f 3210 }
202dec2a
JM		 3211
3212 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b3253ebb 3213 radio_remove_works(wpa_s, NULL, 0);
b1ae396f
JM		 3214 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3215 wpa_s->radio = NULL;
202dec2a
JM		 3216 os_free(radio);
3217}
3218
3219
6428d0a7 3220void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 3221{
3222 struct wpa_radio *radio = wpa_s->radio;
3223
3224 if (dl_list_empty(&radio->work))
3225 return;
3226 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3227 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3228}
3229
3230
3231/**
3232 * radio_add_work - Add a radio work item
3233 * @wpa_s: Pointer to wpa_supplicant data
3234 * @freq: Frequency of the offchannel operation in MHz or 0
3235 * @type: Unique identifier for each type of work
3236 * @next: Force as the next work to be executed
3237 * @cb: Callback function for indicating when radio is available
3238 * @ctx: Context pointer for the work (work->ctx in cb())
3239 * Returns: 0 on success, -1 on failure
3240 *
3241 * This function is used to request time for an operation that requires
3242 * exclusive radio control. Once the radio is available, the registered callback
3243 * function will be called. radio_work_done() must be called once the exclusive
3244 * radio operation has been completed, so that the radio is freed for other
3245 * operations. The special case of deinit=1 is used to free the context data
3246 * during interface removal. That does not allow the callback function to start
3247 * the radio operation, i.e., it must free any resources allocated for the radio
3248 * work and return.
3249 *
3250 * The @freq parameter can be used to indicate a single channel on which the
3251 * offchannel operation will occur. This may allow multiple radio work
3252 * operations to be performed in parallel if they apply for the same channel.
3253 * Setting this to 0 indicates that the work item may use multiple channels or
3254 * requires exclusive control of the radio.
3255 */
3256int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3257 const char *type, int next,
3258 void (*cb)(struct wpa_radio_work *work, int deinit),
3259 void *ctx)
3260{
3261 struct wpa_radio_work *work;
3262 int was_empty;
3263
3264 work = os_zalloc(sizeof(*work));
3265 if (work == NULL)
3266 return -1;
3267 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3268 os_get_reltime(&work->time);
3269 work->freq = freq;
3270 work->type = type;
3271 work->wpa_s = wpa_s;
3272 work->cb = cb;
3273 work->ctx = ctx;
3274
3275 was_empty = dl_list_empty(&wpa_s->radio->work);
3276 if (next)
3277 dl_list_add(&wpa_s->radio->work, &work->list);
3278 else
3279 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3280 if (was_empty) {
3281 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3282 radio_work_check_next(wpa_s);
3283 }
3284
3285 return 0;
3286}
3287
3288
3289/**
3290 * radio_work_done - Indicate that a radio work item has been completed
3291 * @work: Completed work
3292 *
3293 * This function is called once the callback function registered with
3294 * radio_add_work() has completed its work.
3295 */
3296void radio_work_done(struct wpa_radio_work *work)
3297{
3298 struct wpa_supplicant *wpa_s = work->wpa_s;
3299 struct os_reltime now, diff;
1f965e62 3300 unsigned int started = work->started;
b1ae396f
JM		 3301
3302 os_get_reltime(&now);
3303 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 3304 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3305 work->type, work, started ? "done" : "canceled",
3306 diff.sec, diff.usec);
b1ae396f 3307 radio_work_free(work);
1f965e62
JM		 3308 if (started)
3309 radio_work_check_next(wpa_s);
b1ae396f
JM		 3310}
3311
3312
f0e30c84
JM		 3313int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3314{
3315 struct wpa_radio_work *work;
3316 struct wpa_radio *radio = wpa_s->radio;
3317
3318 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3319 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3320 return 1;
3321 }
3322
3323 return 0;
3324}
3325
3326
73c00fd7
JM		 3327static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3328 struct wpa_interface *iface)
3329{
202dec2a 3330 const char *ifname, *driver, *rn;
73c00fd7
JM		 3331
3332 driver = iface->driver;
3333next_driver:
3334 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3335 return -1;
3336
3337 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3338 if (wpa_s->drv_priv == NULL) {
3339 const char *pos;
3340 pos = driver ? os_strchr(driver, ',') : NULL;
3341 if (pos) {
3342 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3343 "driver interface - try next driver wrapper");
3344 driver = pos + 1;
3345 goto next_driver;
3346 }
3347 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3348 "interface");
3349 return -1;
3350 }
3351 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3352 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3353 "driver_param '%s'", wpa_s->conf->driver_param);
3354 return -1;
3355 }
3356
3357 ifname = wpa_drv_get_ifname(wpa_s);
3358 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3359 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3360 "interface name with '%s'", ifname);
3361 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3362 }
3363
202dec2a
JM		 3364 if (wpa_s->driver->get_radio_name)
3365 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3366 else
3367 rn = NULL;
3368 if (rn && rn[0] == '\0')
3369 rn = NULL;
3370
3371 wpa_s->radio = radio_add_interface(wpa_s, rn);
3372 if (wpa_s->radio == NULL)
3373 return -1;
3374
73c00fd7
JM		 3375 return 0;
3376}
3377
3378
6fc6879b
JM		 3379static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3380 struct wpa_interface *iface)
3381{
362f781e
JM		 3382 struct wpa_driver_capa capa;
3383
6fc6879b
JM		 3384 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3385 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3386 iface->confname ? iface->confname : "N/A",
3387 iface->driver ? iface->driver : "default",
3388 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3389 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3390
6fc6879b
JM		 3391 if (iface->confname) {
3392#ifdef CONFIG_BACKEND_FILE
3393 wpa_s->confname = os_rel2abs_path(iface->confname);
3394 if (wpa_s->confname == NULL) {
3395 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3396 "for configuration file '%s'.",
3397 iface->confname);
3398 return -1;
3399 }
3400 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3401 iface->confname, wpa_s->confname);
3402#else /* CONFIG_BACKEND_FILE */
3403 wpa_s->confname = os_strdup(iface->confname);
3404#endif /* CONFIG_BACKEND_FILE */
e6304cad 3405 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 3406 if (wpa_s->conf == NULL) {
3407 wpa_printf(MSG_ERROR, "Failed to read or parse "
3408 "configuration '%s'.", wpa_s->confname);
3409 return -1;
3410 }
e6304cad
DS		 3411 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3412 wpa_config_read(wpa_s->confanother, wpa_s->conf);
6fc6879b 3413
c16a7590
IP		 3414#ifdef CONFIG_P2P
3415 wpa_s->conf_p2p_dev = os_rel2abs_path(iface->conf_p2p_dev);
3416 wpa_config_read(wpa_s->conf_p2p_dev, wpa_s->conf);
3417#endif /* CONFIG_P2P */
3418
6fc6879b
JM		 3419 /*
3420 * Override ctrl_interface and driver_param if set on command
3421 * line.
3422 */
3423 if (iface->ctrl_interface) {
3424 os_free(wpa_s->conf->ctrl_interface);
3425 wpa_s->conf->ctrl_interface =
3426 os_strdup(iface->ctrl_interface);
3427 }
3428
3429 if (iface->driver_param) {
3430 os_free(wpa_s->conf->driver_param);
3431 wpa_s->conf->driver_param =
3432 os_strdup(iface->driver_param);
3433 }
78f79fe5
JM		 3434
3435 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3436 os_free(wpa_s->conf->ctrl_interface);
3437 wpa_s->conf->ctrl_interface = NULL;
3438 }
6fc6879b
JM		 3439 } else
3440 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3441 iface->driver_param);
3442
3443 if (wpa_s->conf == NULL) {
3444 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3445 return -1;
3446 }
3447
3448 if (iface->ifname == NULL) {
3449 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3450 return -1;
3451 }
3452 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3453 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3454 iface->ifname);
3455 return -1;
3456 }
3457 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3458
3459 if (iface->bridge_ifname) {
3460 if (os_strlen(iface->bridge_ifname) >=
3461 sizeof(wpa_s->bridge_ifname)) {
3462 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3463 "name '%s'.", iface->bridge_ifname);
3464 return -1;
3465 }
3466 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3467 sizeof(wpa_s->bridge_ifname));
3468 }
3469
6fc6879b
JM		 3470 /* RSNA Supplicant Key Management - INITIALIZE */
3471 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3472 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3473
3474 /* Initialize driver interface and register driver event handler before
3475 * L2 receive handler so that association events are processed before
3476 * EAPOL-Key packets if both become available for the same select()
3477 * call. */
73c00fd7 3478 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 3479 return -1;
3480
6fc6879b
JM		 3481 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3482 return -1;
3483
3484 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3485 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3486 NULL);
3487 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3488
3489 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3490 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3491 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 3492 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3493 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 3494 return -1;
3495 }
3496
3497 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3498 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3499 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 3500 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 3501 "dot11RSNAConfigPMKReauthThreshold");
3502 return -1;
3503 }
3504
3505 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3506 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3507 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 3508 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3509 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 3510 return -1;
3511 }
3512
6bf731e8
CL		 3513 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3514 &wpa_s->hw.num_modes,
3515 &wpa_s->hw.flags);
3516
814782b9 3517 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c58ab8f2 3518 wpa_s->drv_capa_known = 1;
814782b9 3519 wpa_s->drv_flags = capa.flags;
349493bd 3520 wpa_s->drv_enc = capa.enc;
4f73d88a 3521 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 3522 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507
LC		 3523 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3524 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 3525 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 3526 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 3527 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 3528 wpa_s->extended_capa = capa.extended_capa;
3529 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3530 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 3531 wpa_s->num_multichan_concurrent =
3532 capa.num_multichan_concurrent;
814782b9
JM		 3533 }
3534 if (wpa_s->max_remain_on_chan == 0)
3535 wpa_s->max_remain_on_chan = 1000;
3536
c68f6200
AS		 3537 /*
3538 * Only take p2p_mgmt parameters when P2P Device is supported.
3539 * Doing it here as it determines whether l2_packet_init() will be done
3540 * during wpa_supplicant_driver_init().
3541 */
3542 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3543 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3544 else
3545 iface->p2p_mgmt = 1;
3546
4752147d
IP		 3547 if (wpa_s->num_multichan_concurrent == 0)
3548 wpa_s->num_multichan_concurrent = 1;
3549
6fc6879b
JM		 3550 if (wpa_supplicant_driver_init(wpa_s) < 0)
3551 return -1;
3552
281ff0aa 3553#ifdef CONFIG_TDLS
1c42b42f
JM		 3554 if ((!iface->p2p_mgmt ||
3555 !(wpa_s->drv_flags &
3556 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3557 wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 3558 return -1;
3559#endif /* CONFIG_TDLS */
3560
315ce40a
JM		 3561 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3562 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 3563 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 3564 return -1;
3565 }
3566
116654ce
JM		 3567 if (wpas_wps_init(wpa_s))
3568 return -1;
3569
6fc6879b
JM		 3570 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3571 return -1;
3572 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3573
3574 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3575 if (wpa_s->ctrl_iface == NULL) {
3576 wpa_printf(MSG_ERROR,
3577 "Failed to initialize control interface '%s'.\n"
3578 "You may have another wpa_supplicant process "
3579 "already running or the file was\n"
3580 "left by an unclean termination of wpa_supplicant "
3581 "in which case you will need\n"
3582 "to manually remove this file before starting "
3583 "wpa_supplicant again.\n",
3584 wpa_s->conf->ctrl_interface);
3585 return -1;
3586 }
3587
04ea7b79
JM		 3588 wpa_s->gas = gas_query_init(wpa_s);
3589 if (wpa_s->gas == NULL) {
3590 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3591 return -1;
3592 }
3593
b22128ef 3594#ifdef CONFIG_P2P
c68f6200 3595 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 3596 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 3597 return -1;
3598 }
3599#endif /* CONFIG_P2P */
3600
83922c2d
JM		 3601 if (wpa_bss_init(wpa_s) < 0)
3602 return -1;
83922c2d 3603
ec7b97ab
JM		 3604#ifdef CONFIG_EAP_PROXY
3605{
3606 size_t len;
07041c6f
NJ		 3607 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3608 &len);
ec7b97ab
JM		 3609 if (wpa_s->mnc_len > 0) {
3610 wpa_s->imsi[len] = '\0';
3611 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3612 wpa_s->imsi, wpa_s->mnc_len);
3613 } else {
3614 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3615 }
3616}
3617#endif /* CONFIG_EAP_PROXY */
3618
f64adcd7
JM		 3619 if (pcsc_reader_init(wpa_s) < 0)
3620 return -1;
3621
306ae225
JM		 3622 if (wpas_init_ext_pw(wpa_s) < 0)
3623 return -1;
3624
6fc6879b
JM		 3625 return 0;
3626}
3627
3628
2ee055b3 3629static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 3630 int notify, int terminate)
6fc6879b 3631{
e679f140 3632 wpa_s->disconnected = 1;
6fc6879b
JM		 3633 if (wpa_s->drv_priv) {
3634 wpa_supplicant_deauthenticate(wpa_s,
3635 WLAN_REASON_DEAUTH_LEAVING);
3636
6fc6879b
JM		 3637 wpa_drv_set_countermeasures(wpa_s, 0);
3638 wpa_clear_keys(wpa_s, NULL);
3639 }
3640
8e56d189
JM		 3641 wpa_supplicant_cleanup(wpa_s);
3642
ab28911d
JM		 3643#ifdef CONFIG_P2P
3644 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3645 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3646 "the management interface is being removed");
3647 wpas_p2p_deinit_global(wpa_s->global);
3648 }
3649#endif /* CONFIG_P2P */
3650
1f965e62 3651 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 3652 radio_remove_interface(wpa_s);
3653
6fc6879b
JM		 3654 if (wpa_s->drv_priv)
3655 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 3656
3657 if (notify)
3658 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 3659
3660 if (terminate)
3661 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3662
3663 if (wpa_s->ctrl_iface) {
3664 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3665 wpa_s->ctrl_iface = NULL;
3666 }
3667
3668 if (wpa_s->conf != NULL) {
3669 wpa_config_free(wpa_s->conf);
3670 wpa_s->conf = NULL;
3671 }
18e00b5e
JM		 3672
3673 os_free(wpa_s);
6fc6879b
JM		 3674}
3675
3676
3677/**
3678 * wpa_supplicant_add_iface - Add a new network interface
3679 * @global: Pointer to global data from wpa_supplicant_init()
3680 * @iface: Interface configuration options
3681 * Returns: Pointer to the created interface or %NULL on failure
3682 *
3683 * This function is used to add new network interfaces for %wpa_supplicant.
3684 * This can be called before wpa_supplicant_run() to add interfaces before the
3685 * main event loop has been started. In addition, new interfaces can be added
3686 * dynamically while %wpa_supplicant is already running. This could happen,
3687 * e.g., when a hotplug network adapter is inserted.
3688 */
3689struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3690 struct wpa_interface *iface)
3691{
3692 struct wpa_supplicant *wpa_s;
d27df100 3693 struct wpa_interface t_iface;
8e56d189 3694 struct wpa_ssid *ssid;
6fc6879b
JM		 3695
3696 if (global == NULL || iface == NULL)
3697 return NULL;
3698
3699 wpa_s = wpa_supplicant_alloc();
3700 if (wpa_s == NULL)
3701 return NULL;
3702
d8222ae3
JM		 3703 wpa_s->global = global;
3704
d27df100
JM		 3705 t_iface = *iface;
3706 if (global->params.override_driver) {
3707 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3708 "('%s' -> '%s')",
3709 iface->driver, global->params.override_driver);
3710 t_iface.driver = global->params.override_driver;
3711 }
3712 if (global->params.override_ctrl_interface) {
3713 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3714 "ctrl_interface ('%s' -> '%s')",
3715 iface->ctrl_interface,
3716 global->params.override_ctrl_interface);
3717 t_iface.ctrl_interface =
3718 global->params.override_ctrl_interface;
3719 }
3720 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 3721 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3722 iface->ifname);
df509539 3723 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 3724 return NULL;
3725 }
3726
dc461de4
WS		 3727 /* Notify the control interfaces about new iface */
3728 if (wpas_notify_iface_added(wpa_s)) {
df509539 3729 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6fc6879b
JM		 3730 return NULL;
3731 }
1bd3f426 3732
8e56d189
JM		 3733 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3734 wpas_notify_network_added(wpa_s, ssid);
3735
6fc6879b
JM		 3736 wpa_s->next = global->ifaces;
3737 global->ifaces = wpa_s;
3738
f049052b 3739 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 3740 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b
JM		 3741
3742 return wpa_s;
3743}
3744
3745
3746/**
3747 * wpa_supplicant_remove_iface - Remove a network interface
3748 * @global: Pointer to global data from wpa_supplicant_init()
3749 * @wpa_s: Pointer to the network interface to be removed
3750 * Returns: 0 if interface was removed, -1 if interface was not found
3751 *
3752 * This function can be used to dynamically remove network interfaces from
3753 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3754 * addition, this function is used to remove all remaining interfaces when
3755 * %wpa_supplicant is terminated.
3756 */
3757int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 3758 struct wpa_supplicant *wpa_s,
3759 int terminate)
6fc6879b
JM		 3760{
3761 struct wpa_supplicant *prev;
3762
3763 /* Remove interface from the global list of interfaces */
3764 prev = global->ifaces;
3765 if (prev == wpa_s) {
3766 global->ifaces = wpa_s->next;
3767 } else {
3768 while (prev && prev->next != wpa_s)
3769 prev = prev->next;
3770 if (prev == NULL)
3771 return -1;
3772 prev->next = wpa_s->next;
3773 }
3774
f049052b 3775 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 3776
b22128ef
JM		 3777 if (global->p2p_group_formation == wpa_s)
3778 global->p2p_group_formation = NULL;
dbca75f8
JM		 3779 if (global->p2p_invite_group == wpa_s)
3780 global->p2p_invite_group = NULL;
df509539 3781 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b
JM		 3782
3783 return 0;
3784}
3785
3786
cf83fb0b
PS		 3787/**
3788 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3789 * @wpa_s: Pointer to the network interface
3790 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3791 */
3792const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3793{
3794 const char *eapol_method;
3795
3796 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3797 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3798 return "NO-EAP";
3799 }
3800
3801 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3802 if (eapol_method == NULL)
3803 return "UNKNOWN-EAP";
3804
3805 return eapol_method;
3806}
3807
3808
6fc6879b
JM		 3809/**
3810 * wpa_supplicant_get_iface - Get a new network interface
3811 * @global: Pointer to global data from wpa_supplicant_init()
3812 * @ifname: Interface name
3813 * Returns: Pointer to the interface or %NULL if not found
3814 */
3815struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3816 const char *ifname)
3817{
3818 struct wpa_supplicant *wpa_s;
3819
3820 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3821 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3822 return wpa_s;
3823 }
3824 return NULL;
3825}
3826
3827
50b16da1 3828#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 3829static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3830{
3831 struct wpa_supplicant *wpa_s = ctx;
3832 if (wpa_s == NULL)
3833 return NULL;
3834 return wpa_s->ifname;
3835}
50b16da1 3836#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 3837
3838
6fc6879b
JM		 3839/**
3840 * wpa_supplicant_init - Initialize %wpa_supplicant
3841 * @params: Parameters for %wpa_supplicant
3842 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3843 *
3844 * This function is used to initialize %wpa_supplicant. After successful
3845 * initialization, the returned data pointer can be used to add and remove
3846 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3847 */
3848struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3849{
3850 struct wpa_global *global;
ac305589 3851 int ret, i;
6fc6879b
JM		 3852
3853 if (params == NULL)
3854 return NULL;
3855
39e7d718
JM		 3856#ifdef CONFIG_DRIVER_NDIS
3857 {
3858 void driver_ndis_init_ops(void);
3859 driver_ndis_init_ops();
3860 }
3861#endif /* CONFIG_DRIVER_NDIS */
3862
50b16da1 3863#ifndef CONFIG_NO_WPA_MSG
4f1495ae 3864 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 3865#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 3866
6fc6879b 3867 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 3868 if (params->wpa_debug_syslog)
3869 wpa_debug_open_syslog();
4f68895e
JB		 3870 if (params->wpa_debug_tracing) {
3871 ret = wpa_debug_open_linux_tracing();
3872 if (ret) {
3873 wpa_printf(MSG_ERROR,
3874 "Failed to enable trace logging");
3875 return NULL;
3876 }
3877 }
6fc6879b 3878
12760815 3879 ret = eap_register_methods();
6fc6879b
JM		 3880 if (ret) {
3881 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3882 if (ret == -2)
3883 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3884 "the same EAP type.");
3885 return NULL;
3886 }
3887
3888 global = os_zalloc(sizeof(*global));
3889 if (global == NULL)
3890 return NULL;
b22128ef
JM		 3891 dl_list_init(&global->p2p_srv_bonjour);
3892 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 3893 global->params.daemonize = params->daemonize;
3894 global->params.wait_for_monitor = params->wait_for_monitor;
3895 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3896 if (params->pid_file)
3897 global->params.pid_file = os_strdup(params->pid_file);
3898 if (params->ctrl_interface)
3899 global->params.ctrl_interface =
3900 os_strdup(params->ctrl_interface);
29257565
JM		 3901 if (params->ctrl_interface_group)
3902 global->params.ctrl_interface_group =
3903 os_strdup(params->ctrl_interface_group);
d27df100
JM		 3904 if (params->override_driver)
3905 global->params.override_driver =
3906 os_strdup(params->override_driver);
3907 if (params->override_ctrl_interface)
3908 global->params.override_ctrl_interface =
3909 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 3910 wpa_debug_level = global->params.wpa_debug_level =
3911 params->wpa_debug_level;
3912 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3913 params->wpa_debug_show_keys;
3914 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3915 params->wpa_debug_timestamp;
3916
f19858f5
JM		 3917 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3918
0456ea16 3919 if (eloop_init()) {
6fc6879b
JM		 3920 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3921 wpa_supplicant_deinit(global);
3922 return NULL;
3923 }
3924
38e24575 3925 random_init(params->entropy_file);
d47fa330 3926
6fc6879b
JM		 3927 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3928 if (global->ctrl_iface == NULL) {
3929 wpa_supplicant_deinit(global);
3930 return NULL;
3931 }
3932
dc461de4
WS		 3933 if (wpas_notify_supplicant_initialized(global)) {
3934 wpa_supplicant_deinit(global);
3935 return NULL;
6fc6879b
JM		 3936 }
3937
c5121837 3938 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 3939 global->drv_count++;
3940 if (global->drv_count == 0) {
3941 wpa_printf(MSG_ERROR, "No drivers enabled");
3942 wpa_supplicant_deinit(global);
3943 return NULL;
3944 }
3945 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3946 if (global->drv_priv == NULL) {
3947 wpa_supplicant_deinit(global);
3948 return NULL;
3949 }
ac305589 3950
9675ce35
JM		 3951#ifdef CONFIG_WIFI_DISPLAY
3952 if (wifi_display_init(global) < 0) {
3953 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3954 wpa_supplicant_deinit(global);
3955 return NULL;
3956 }
3957#endif /* CONFIG_WIFI_DISPLAY */
3958
6fc6879b
JM		 3959 return global;
3960}
3961
3962
3963/**
3964 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3965 * @global: Pointer to global data from wpa_supplicant_init()
3966 * Returns: 0 after successful event loop run, -1 on failure
3967 *
3968 * This function starts the main event loop and continues running as long as
3969 * there are any remaining events. In most cases, this function is running as
3970 * long as the %wpa_supplicant process in still in use.
3971 */
3972int wpa_supplicant_run(struct wpa_global *global)
3973{
3974 struct wpa_supplicant *wpa_s;
3975
3976 if (global->params.daemonize &&
3977 wpa_supplicant_daemon(global->params.pid_file))
3978 return -1;
3979
3980 if (global->params.wait_for_monitor) {
3981 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3982 if (wpa_s->ctrl_iface)
3983 wpa_supplicant_ctrl_iface_wait(
3984 wpa_s->ctrl_iface);
3985 }
3986
0456ea16
JM		 3987 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3988 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 3989
3990 eloop_run();
3991
3992 return 0;
3993}
3994
3995
3996/**
3997 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3998 * @global: Pointer to global data from wpa_supplicant_init()
3999 *
4000 * This function is called to deinitialize %wpa_supplicant and to free all
4001 * allocated resources. Remaining network interfaces will also be removed.
4002 */
4003void wpa_supplicant_deinit(struct wpa_global *global)
4004{
ac305589
JM		 4005 int i;
4006
6fc6879b
JM		 4007 if (global == NULL)
4008 return;
4009
9675ce35
JM		 4010#ifdef CONFIG_WIFI_DISPLAY
4011 wifi_display_deinit(global);
4012#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 4013
6fc6879b 4014 while (global->ifaces)
df509539 4015 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 4016
4017 if (global->ctrl_iface)
4018 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 4019
4020 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 4021
4022 eap_peer_unregister_methods();
3ec97afe
JM		 4023#ifdef CONFIG_AP
4024 eap_server_unregister_methods();
4025#endif /* CONFIG_AP */
6fc6879b 4026
c5121837 4027 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 4028 if (!global->drv_priv[i])
4029 continue;
c5121837 4030 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 4031 }
4032 os_free(global->drv_priv);
4033
d47fa330
JM		 4034 random_deinit();
4035
6fc6879b
JM		 4036 eloop_destroy();
4037
4038 if (global->params.pid_file) {
4039 os_daemonize_terminate(global->params.pid_file);
4040 os_free(global->params.pid_file);
4041 }
4042 os_free(global->params.ctrl_interface);
29257565 4043 os_free(global->params.ctrl_interface_group);
d27df100
JM		 4044 os_free(global->params.override_driver);
4045 os_free(global->params.override_ctrl_interface);
6fc6879b 4046
af8a827b 4047 os_free(global->p2p_disallow_freq.range);
253f2e37 4048 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 4049 os_free(global->add_psk);
6f3bc72b 4050
6fc6879b 4051 os_free(global);
daa70d49 4052 wpa_debug_close_syslog();
6fc6879b 4053 wpa_debug_close_file();
4f68895e 4054 wpa_debug_close_linux_tracing();
6fc6879b 4055}
611aea7d
JM		 4056
4057
4058void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4059{
849b5dc7
JM		 4060 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4061 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4062 char country[3];
4063 country[0] = wpa_s->conf->country[0];
4064 country[1] = wpa_s->conf->country[1];
4065 country[2] = '\0';
4066 if (wpa_drv_set_country(wpa_s, country) < 0) {
4067 wpa_printf(MSG_ERROR, "Failed to set country code "
4068 "'%s'", country);
4069 }
4070 }
4071
306ae225
JM		 4072 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4073 wpas_init_ext_pw(wpa_s);
4074
611aea7d
JM		 4075#ifdef CONFIG_WPS
4076 wpas_wps_update_config(wpa_s);
4077#endif /* CONFIG_WPS */
4078
b22128ef
JM		 4079#ifdef CONFIG_P2P
4080 wpas_p2p_update_config(wpa_s);
4081#endif /* CONFIG_P2P */
4082
611aea7d
JM		 4083 wpa_s->conf->changed_parameters = 0;
4084}
2f9c6aa6
JM		 4085
4086
0fb337c1
JM		 4087static void add_freq(int *freqs, int *num_freqs, int freq)
4088{
4089 int i;
4090
4091 for (i = 0; i < *num_freqs; i++) {
4092 if (freqs[i] == freq)
4093 return;
4094 }
4095
4096 freqs[*num_freqs] = freq;
4097 (*num_freqs)++;
4098}
4099
4100
4101static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4102{
4103 struct wpa_bss *bss, *cbss;
4104 const int max_freqs = 10;
4105 int *freqs;
4106 int num_freqs = 0;
4107
4108 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4109 if (freqs == NULL)
4110 return NULL;
4111
4112 cbss = wpa_s->current_bss;
4113
4114 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4115 if (bss == cbss)
4116 continue;
4117 if (bss->ssid_len == cbss->ssid_len &&
4118 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4119 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4120 add_freq(freqs, &num_freqs, bss->freq);
4121 if (num_freqs == max_freqs)
4122 break;
4123 }
4124 }
4125
4126 if (num_freqs == 0) {
4127 os_free(freqs);
4128 freqs = NULL;
4129 }
4130
4131 return freqs;
4132}
4133
4134
4135void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4136{
4137 int timeout;
4138 int count;
4139 int *freqs = NULL;
4140
6ac4b15e
JM		 4141 wpas_connect_work_done(wpa_s);
4142
5fd9fb27
JM		 4143 /*
4144 * Remove possible authentication timeout since the connection failed.
4145 */
4146 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4147
0cdb93fe
JM		 4148 if (wpa_s->disconnected) {
4149 /*
4150 * There is no point in blacklisting the AP if this event is
4151 * generated based on local request to disconnect.
4152 */
4153 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4154 "indication since interface has been put into "
4155 "disconnected state");
4156 return;
4157 }
4158
0fb337c1
JM		 4159 /*
4160 * Add the failed BSSID into the blacklist and speed up next scan
4161 * attempt if there could be other APs that could accept association.
4162 * The current blacklist count indicates how many times we have tried
4163 * connecting to this AP and multiple attempts mean that other APs are
4164 * either not available or has already been tried, so that we can start
4165 * increasing the delay here to avoid constant scanning.
4166 */
4167 count = wpa_blacklist_add(wpa_s, bssid);
4168 if (count == 1 && wpa_s->current_bss) {
4169 /*
4170 * This BSS was not in the blacklist before. If there is
4171 * another BSS available for the same ESS, we should try that
4172 * next. Otherwise, we may as well try this one once more
4173 * before allowing other, likely worse, ESSes to be considered.
4174 */
4175 freqs = get_bss_freqs_in_ess(wpa_s);
4176 if (freqs) {
f049052b
BG		 4177 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4178 "has been seen; try it next");
0fb337c1
JM		 4179 wpa_blacklist_add(wpa_s, bssid);
4180 /*
4181 * On the next scan, go through only the known channels
4182 * used in this ESS based on previous scans to speed up
4183 * common load balancing use case.
4184 */
4185 os_free(wpa_s->next_scan_freqs);
4186 wpa_s->next_scan_freqs = freqs;
4187 }
4188 }
4189
f1a52633
JM		 4190 /*
4191 * Add previous failure count in case the temporary blacklist was
4192 * cleared due to no other BSSes being available.
4193 */
4194 count += wpa_s->extra_blacklist_count;
4195
dd579704
JM		 4196 if (count > 3 && wpa_s->current_ssid) {
4197 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4198 "consider temporary network disabling");
4199 wpas_auth_failed(wpa_s);
4200 }
4201
0fb337c1
JM		 4202 switch (count) {
4203 case 1:
4204 timeout = 100;
4205 break;
4206 case 2:
4207 timeout = 500;
4208 break;
4209 case 3:
4210 timeout = 1000;
4211 break;
f1a52633 4212 case 4:
0fb337c1 4213 timeout = 5000;
f1a52633
JM		 4214 break;
4215 default:
4216 timeout = 10000;
4217 break;
0fb337c1
JM		 4218 }
4219
f1a52633
JM		 4220 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4221 "ms", count, timeout);
4222
0fb337c1
JM		 4223 /*
4224 * TODO: if more than one possible AP is available in scan results,
4225 * could try the other ones before requesting a new scan.
4226 */
4227 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4228 1000 * (timeout % 1000));
4229}
22628eca
JM		 4230
4231
4232int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4233{
4234 return wpa_s->conf->ap_scan == 2 ||
4235 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4236}
d2118814
JM		 4237
4238
4239#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4240int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4241 struct wpa_ssid *ssid,
4242 const char *field,
4243 const char *value)
4244{
4245#ifdef IEEE8021X_EAPOL
4246 struct eap_peer_config *eap = &ssid->eap;
4247
4248 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4249 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4250 (const u8 *) value, os_strlen(value));
4251
4252 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4253 case WPA_CTRL_REQ_EAP_IDENTITY:
4254 os_free(eap->identity);
4255 eap->identity = (u8 *) os_strdup(value);
4256 eap->identity_len = os_strlen(value);
4257 eap->pending_req_identity = 0;
4258 if (ssid == wpa_s->current_ssid)
4259 wpa_s->reassociate = 1;
4260 break;
4261 case WPA_CTRL_REQ_EAP_PASSWORD:
4262 os_free(eap->password);
4263 eap->password = (u8 *) os_strdup(value);
4264 eap->password_len = os_strlen(value);
4265 eap->pending_req_password = 0;
4266 if (ssid == wpa_s->current_ssid)
4267 wpa_s->reassociate = 1;
4268 break;
4269 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4270 os_free(eap->new_password);
4271 eap->new_password = (u8 *) os_strdup(value);
4272 eap->new_password_len = os_strlen(value);
4273 eap->pending_req_new_password = 0;
4274 if (ssid == wpa_s->current_ssid)
4275 wpa_s->reassociate = 1;
4276 break;
4277 case WPA_CTRL_REQ_EAP_PIN:
4278 os_free(eap->pin);
4279 eap->pin = os_strdup(value);
4280 eap->pending_req_pin = 0;
4281 if (ssid == wpa_s->current_ssid)
4282 wpa_s->reassociate = 1;
4283 break;
4284 case WPA_CTRL_REQ_EAP_OTP:
4285 os_free(eap->otp);
4286 eap->otp = (u8 *) os_strdup(value);
4287 eap->otp_len = os_strlen(value);
4288 os_free(eap->pending_req_otp);
4289 eap->pending_req_otp = NULL;
4290 eap->pending_req_otp_len = 0;
4291 break;
4292 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4293 os_free(eap->private_key_passwd);
4294 eap->private_key_passwd = (u8 *) os_strdup(value);
4295 eap->pending_req_passphrase = 0;
4296 if (ssid == wpa_s->current_ssid)
4297 wpa_s->reassociate = 1;
4298 break;
a5d44ac0
JM		 4299 case WPA_CTRL_REQ_SIM:
4300 os_free(eap->external_sim_resp);
4301 eap->external_sim_resp = os_strdup(value);
4302 break;
d2118814
JM		 4303 default:
4304 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4305 return -1;
4306 }
4307
4308 return 0;
4309#else /* IEEE8021X_EAPOL */
4310 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4311 return -1;
4312#endif /* IEEE8021X_EAPOL */
4313}
4314#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 4315
4316
4317int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4318{
4319 int i;
4320 unsigned int drv_enc;
4321
4322 if (ssid == NULL)
4323 return 1;
4324
4325 if (ssid->disabled)
4326 return 1;
4327
4328 if (wpa_s && wpa_s->drv_capa_known)
4329 drv_enc = wpa_s->drv_enc;
4330 else
4331 drv_enc = (unsigned int) -1;
4332
4333 for (i = 0; i < NUM_WEP_KEYS; i++) {
4334 size_t len = ssid->wep_key_len[i];
4335 if (len == 0)
4336 continue;
4337 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4338 continue;
4339 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4340 continue;
4341 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4342 continue;
4343 return 1; /* invalid WEP key */
4344 }
4345
9173b16f
JM		 4346 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4347 !ssid->ext_psk)
2518aad3
JM		 4348 return 1;
4349
349493bd
JM		 4350 return 0;
4351}
b9cfc09a
JJ		 4352
4353
4354int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4355{
4356 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4357 return 1;
4358 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4359 return 0;
4360 return -1;
4361}
00e5e3d5
JM		 4362
4363
4364void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4365{
4366 struct wpa_ssid *ssid = wpa_s->current_ssid;
4367 int dur;
4e1eae1d 4368 struct os_reltime now;
00e5e3d5
JM		 4369
4370 if (ssid == NULL) {
4371 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4372 "SSID block");
4373 return;
4374 }
4375
4376 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4377 return;
4378
4379 ssid->auth_failures++;
cbf41ca7
SL		 4380
4381#ifdef CONFIG_P2P
4382 if (ssid->p2p_group &&
4383 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4384 /*
4385 * Skip the wait time since there is a short timeout on the
4386 * connection to a P2P group.
4387 */
4388 return;
4389 }
4390#endif /* CONFIG_P2P */
4391
00e5e3d5
JM		 4392 if (ssid->auth_failures > 50)
4393 dur = 300;
00e5e3d5 4394 else if (ssid->auth_failures > 10)
8a77f1be 4395 dur = 120;
00e5e3d5 4396 else if (ssid->auth_failures > 5)
8a77f1be
JM		 4397 dur = 90;
4398 else if (ssid->auth_failures > 3)
4399 dur = 60;
4400 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 4401 dur = 30;
4402 else if (ssid->auth_failures > 1)
4403 dur = 20;
4404 else
4405 dur = 10;
4406
8a77f1be
JM		 4407 if (ssid->auth_failures > 1 &&
4408 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4409 dur += os_random() % (ssid->auth_failures * 10);
4410
4e1eae1d 4411 os_get_reltime(&now);
00e5e3d5
JM		 4412 if (now.sec + dur <= ssid->disabled_until.sec)
4413 return;
4414
4415 ssid->disabled_until.sec = now.sec + dur;
4416
4417 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4418 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4419 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4420 ssid->auth_failures, dur);
4421}
4422
4423
4424void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4425 struct wpa_ssid *ssid, int clear_failures)
4426{
4427 if (ssid == NULL)
4428 return;
4429
4430 if (ssid->disabled_until.sec) {
4431 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4432 "id=%d ssid=\"%s\"",
4433 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4434 }
4435 ssid->disabled_until.sec = 0;
4436 ssid->disabled_until.usec = 0;
4437 if (clear_failures)
4438 ssid->auth_failures = 0;
4439}
6407f413
JM		 4440
4441
4442int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4443{
4444 size_t i;
4445
4446 if (wpa_s->disallow_aps_bssid == NULL)
4447 return 0;
4448
4449 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4450 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4451 bssid, ETH_ALEN) == 0)
4452 return 1;
4453 }
4454
4455 return 0;
4456}
4457
4458
4459int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4460 size_t ssid_len)
4461{
4462 size_t i;
4463
4464 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4465 return 0;
4466
4467 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4468 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4469 if (ssid_len == s->ssid_len &&
4470 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4471 return 1;
4472 }
4473
4474 return 0;
4475}
9796a86c
JM		 4476
4477
4478/**
4479 * wpas_request_connection - Request a new connection
4480 * @wpa_s: Pointer to the network interface
4481 *
4482 * This function is used to request a new connection to be found. It will mark
4483 * the interface to allow reassociation and request a new scan to find a
4484 * suitable network to connect to.
4485 */
4486void wpas_request_connection(struct wpa_supplicant *wpa_s)
4487{
4488 wpa_s->normal_scans = 0;
4489 wpa_supplicant_reinit_autoscan(wpa_s);
4490 wpa_s->extra_blacklist_count = 0;
4491 wpa_s->disconnected = 0;
4492 wpa_s->reassociate = 1;
5e24beae
MH		 4493
4494 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4495 wpa_supplicant_req_scan(wpa_s, 0, 0);
9796a86c 4496}
36b9883d
DG		 4497
4498
217cf499
JM		 4499void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4500 int *freq_array, unsigned int len)
4501{
4502 unsigned int i;
4503
4504 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4505 len, title);
4506 for (i = 0; i < len; i++)
4507 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4508}
4509
4510
53c5dfc2
IP		 4511/*
4512 * Find the operating frequencies of any of the virtual interfaces that
4513 * are using the same radio as the current interface.
4514 */
4515int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4516 int *freq_array, unsigned int len)
4517{
53c5dfc2
IP		 4518 struct wpa_supplicant *ifs;
4519 u8 bssid[ETH_ALEN];
4520 int freq;
4521 unsigned int idx = 0, i;
4522
217cf499
JM		 4523 wpa_dbg(wpa_s, MSG_DEBUG,
4524 "Determining shared radio frequencies (max len %u)", len);
53c5dfc2
IP		 4525 os_memset(freq_array, 0, sizeof(int) * len);
4526
4527 /* First add the frequency of the local interface */
4528 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4529 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4530 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4531 freq_array[idx++] = wpa_s->current_ssid->frequency;
4532 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4533 freq_array[idx++] = wpa_s->assoc_freq;
4534 }
4535
4536 /* If get_radio_name is not supported, use only the local freq */
a21816a9
JM		 4537 if (!wpa_s->driver->get_radio_name) {
4538 freq = wpa_drv_shared_freq(wpa_s);
4539 if (freq > 0 && idx < len &&
4540 (idx == 0 || freq_array[0] != freq))
4541 freq_array[idx++] = freq;
217cf499 4542 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
53c5dfc2 4543 return idx;
a21816a9 4544 }
53c5dfc2 4545
0ad3b9c4
JM		 4546 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4547 radio_list) {
4548 if (wpa_s == ifs)
53c5dfc2
IP		 4549 continue;
4550
4551 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4552 continue;
4553
4554 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4555 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4556 freq = ifs->current_ssid->frequency;
4557 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4558 freq = ifs->assoc_freq;
4559 else
4560 continue;
4561
4562 /* Hold only distinct freqs */
4563 for (i = 0; i < idx; i++)
4564 if (freq_array[i] == freq)
4565 break;
4566
4567 if (i == idx)
4568 freq_array[idx++] = freq;
4569 }
217cf499
JM		 4570
4571 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);
53c5dfc2
IP		 4572 return idx;
4573}
Unnamed repository; edit this file 'description' to name the repository.