]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
FT: PMK-R0 derivation using SHA384-based AKM
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
6774c6a9 3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
90973fb2 39#include "common/ieee802_11_defs.h"
6b8b0774 40#include "common/hw_features_common.h"
461d39af 41#include "common/gas_server.h"
72044390 42#include "p2p/p2p.h"
b36a3a65 43#include "fst/fst.h"
6fc6879b
JM		 44#include "blacklist.h"
45#include "wpas_glue.h"
116654ce 46#include "wps_supplicant.h"
11ef8d35 47#include "ibss_rsn.h"
c2a04078 48#include "sme.h"
04ea7b79 49#include "gas_query.h"
1f1b62a0 50#include "ap.h"
b22128ef 51#include "p2p_supplicant.h"
9675ce35 52#include "wifi_display.h"
8bac466b 53#include "notify.h"
60b94c98 54#include "bgscan.h"
7c865c68 55#include "autoscan.h"
83922c2d 56#include "bss.h"
9ba9fa07 57#include "scan.h"
24f6497c 58#include "offchannel.h"
cb418324 59#include "hs20_supplicant.h"
e27d20bb 60#include "wnm_sta.h"
dd10abcc 61#include "wpas_kay.h"
603a3f34 62#include "mesh.h"
be27e185 63#include "dpp_supplicant.h"
a39b040b
SB		 64#ifdef CONFIG_MESH
65#include "ap/ap_config.h"
66#include "ap/hostapd.h"
67#endif /* CONFIG_MESH */
6fc6879b 68
8b423edb 69const char *const wpa_supplicant_version =
6fc6879b 70"wpa_supplicant v" VERSION_STR "\n"
6774c6a9 71"Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 72
8b423edb 73const char *const wpa_supplicant_license =
331f89ff
JM		 74"This software may be distributed under the terms of the BSD license.\n"
75"See README for more details.\n"
6fc6879b
JM		 76#ifdef EAP_TLS_OPENSSL
77"\nThis product includes software developed by the OpenSSL Project\n"
78"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79#endif /* EAP_TLS_OPENSSL */
80;
81
82#ifndef CONFIG_NO_STDOUT_DEBUG
83/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 84const char *const wpa_supplicant_full_license1 =
331f89ff 85"";
8b423edb 86const char *const wpa_supplicant_full_license2 =
331f89ff 87"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 88"\n"
89"Redistribution and use in source and binary forms, with or without\n"
90"modification, are permitted provided that the following conditions are\n"
91"met:\n"
92"\n";
8b423edb 93const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 94"1. Redistributions of source code must retain the above copyright\n"
95" notice, this list of conditions and the following disclaimer.\n"
96"\n"
97"2. Redistributions in binary form must reproduce the above copyright\n"
98" notice, this list of conditions and the following disclaimer in the\n"
99" documentation and/or other materials provided with the distribution.\n"
100"\n";
8b423edb 101const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 102"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103" names of its contributors may be used to endorse or promote products\n"
104" derived from this software without specific prior written permission.\n"
105"\n"
106"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 110const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 111"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118"\n";
119#endif /* CONFIG_NO_STDOUT_DEBUG */
120
b04854ce
AP		 121
122static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 123#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
125#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
b04854ce
AP		 126
127
6fc6879b 128/* Configure default/group WEP keys for static WEP */
0194fedb 129int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 130{
131 int i, set = 0;
132
133 for (i = 0; i < NUM_WEP_KEYS; i++) {
134 if (ssid->wep_key_len[i] == 0)
135 continue;
136
137 set = 1;
0382097e 138 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 139 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 140 ssid->wep_key[i], ssid->wep_key_len[i]);
141 }
142
143 return set;
144}
145
146
6ea1f413
JM		 147int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
148 struct wpa_ssid *ssid)
6fc6879b
JM		 149{
150 u8 key[32];
151 size_t keylen;
71934751 152 enum wpa_alg alg;
6fc6879b 153 u8 seq[6] = { 0 };
658da804 154 int ret;
6fc6879b
JM		 155
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
158
d7dcba70 159 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 160 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 162 return -1;
163 }
164
165 if (!ssid->psk_set) {
f049052b
BG		 166 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
167 "WPA-None");
6fc6879b
JM		 168 return -1;
169 }
170
171 switch (wpa_s->group_cipher) {
172 case WPA_CIPHER_CCMP:
173 os_memcpy(key, ssid->psk, 16);
174 keylen = 16;
175 alg = WPA_ALG_CCMP;
176 break;
eb7719ff
JM		 177 case WPA_CIPHER_GCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_GCMP;
181 break;
6fc6879b
JM		 182 case WPA_CIPHER_TKIP:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key, ssid->psk, 16 + 8);
185 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
186 keylen = 32;
187 alg = WPA_ALG_TKIP;
188 break;
189 default:
f049052b
BG		 190 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 192 return -1;
193 }
194
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
197
658da804
JM		 198 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
199 os_memset(key, 0, sizeof(key));
200 return ret;
6fc6879b
JM		 201}
202
203
204static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
205{
206 struct wpa_supplicant *wpa_s = eloop_ctx;
207 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 208 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
209 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
210 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 211 bssid = wpa_s->pending_bssid;
212 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
213 MAC2STR(bssid));
214 wpa_blacklist_add(wpa_s, bssid);
215 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 216 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 217 wpa_s->reassociate = 1;
48b84f18
BG		 218
219 /*
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
222 */
223 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 224}
225
226
227/**
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
232 *
233 * This function is used to schedule a timeout for the current authentication
234 * attempt.
235 */
236void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
237 int sec, int usec)
238{
a2a535f8 239 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 240 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 241 return;
242
f049052b 243 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 244 "%d usec", sec, usec);
245 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 246 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 247 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
248}
249
250
37547ad6
DL		 251/*
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
255 */
256void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
257{
258 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
259
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
261 wpa_dbg(wpa_s, MSG_DEBUG,
262 "Authentication timeout restart: %d sec", new_sec);
263 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
264 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
265 wpa_s, NULL);
266 }
267}
268
269
6fc6879b
JM		 270/**
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
273 *
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
276 * been completed.
277 */
278void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
279{
f049052b 280 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 281 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
282 wpa_blacklist_del(wpa_s, wpa_s->bssid);
283}
284
285
286/**
287 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
288 * @wpa_s: Pointer to wpa_supplicant data
289 *
290 * This function is used to configure EAPOL state machine based on the selected
291 * authentication mode.
292 */
293void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
294{
295#ifdef IEEE8021X_EAPOL
296 struct eapol_config eapol_conf;
297 struct wpa_ssid *ssid = wpa_s->current_ssid;
298
53895c3b 299#ifdef CONFIG_IBSS_RSN
d7dcba70 300 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 301 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
302 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
303 /*
304 * RSN IBSS authentication is per-STA and we can disable the
305 * per-BSSID EAPOL authentication.
306 */
307 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
308 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
309 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
310 return;
311 }
312#endif /* CONFIG_IBSS_RSN */
313
0a40ec6a
JM		 314 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
315 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
316
6fc6879b
JM		 317 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
318 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 else
321 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
322
323 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
324 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
325 eapol_conf.accept_802_1x_keys = 1;
326 eapol_conf.required_keys = 0;
327 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
328 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
329 }
330 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
331 eapol_conf.required_keys |=
332 EAPOL_REQUIRE_KEY_BROADCAST;
333 }
334
a2a535f8 335 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 336 eapol_conf.required_keys = 0;
6fc6879b 337 }
a2a535f8 338 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 339 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 340 eapol_conf.eap_disabled =
341 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 342 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
343 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 344 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 345
346#ifdef CONFIG_WPS
347 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
348 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
349 if (wpa_s->current_bss) {
350 struct wpabuf *ie;
351 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
352 WPS_IE_VENDOR_TYPE);
353 if (ie) {
354 if (wps_is_20(ie))
355 eapol_conf.wps |=
356 EAPOL_PEER_IS_WPS20_AP;
357 wpabuf_free(ie);
358 }
359 }
360 }
361#endif /* CONFIG_WPS */
362
6fc6879b 363 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 364
ad51731a
SD		 365#ifdef CONFIG_MACSEC
366 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
367 ieee802_1x_create_preshared_mka(wpa_s, ssid);
368 else
369 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
370#endif /* CONFIG_MACSEC */
cd3153a9 371#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 372}
373
374
375/**
376 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
377 * @wpa_s: Pointer to wpa_supplicant data
378 * @ssid: Configuration data for the network
379 *
380 * This function is used to configure WPA state machine and related parameters
381 * to a mode where WPA is not enabled. This is called as part of the
382 * authentication configuration when the selected network does not use WPA.
383 */
384void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
385 struct wpa_ssid *ssid)
386{
387 int i;
388
ad08c363
JM		 389 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
390 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
391 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 392 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
393 else
394 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
395 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
396 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
397 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
398 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
399 wpa_s->group_cipher = WPA_CIPHER_NONE;
400 wpa_s->mgmt_group_cipher = 0;
401
402 for (i = 0; i < NUM_WEP_KEYS; i++) {
403 if (ssid->wep_key_len[i] > 5) {
404 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
405 wpa_s->group_cipher = WPA_CIPHER_WEP104;
406 break;
407 } else if (ssid->wep_key_len[i] > 0) {
408 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
409 wpa_s->group_cipher = WPA_CIPHER_WEP40;
410 break;
411 }
412 }
413
414 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
415 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
416 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
417 wpa_s->pairwise_cipher);
418 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
419#ifdef CONFIG_IEEE80211W
420 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
421 wpa_s->mgmt_group_cipher);
422#endif /* CONFIG_IEEE80211W */
423
424 pmksa_cache_clear_current(wpa_s->wpa);
425}
426
427
6979582c 428void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 429{
430 int i;
431 if (wpa_s->hw.modes == NULL)
432 return;
433
434 for (i = 0; i < wpa_s->hw.num_modes; i++) {
435 os_free(wpa_s->hw.modes[i].channels);
436 os_free(wpa_s->hw.modes[i].rates);
437 }
438
439 os_free(wpa_s->hw.modes);
440 wpa_s->hw.modes = NULL;
441}
442
443
dd599908
AS		 444static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
445{
446 struct wpa_bss_tmp_disallowed *bss, *prev;
447
448 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
449 struct wpa_bss_tmp_disallowed, list) {
b04854ce 450 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 451 dl_list_del(&bss->list);
452 os_free(bss);
453 }
454}
455
456
5732b770
JM		 457void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
458{
459 struct fils_hlp_req *req;
460
461 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
462 list)) != NULL) {
463 dl_list_del(&req->list);
464 wpabuf_free(req->pkt);
465 os_free(req);
466 }
467}
468
469
6fc6879b
JM		 470static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
471{
86bd36f0
JM		 472 int i;
473
60b94c98 474 bgscan_deinit(wpa_s);
7c865c68 475 autoscan_deinit(wpa_s);
6fc6879b
JM		 476 scard_deinit(wpa_s->scard);
477 wpa_s->scard = NULL;
478 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
479 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
480 l2_packet_deinit(wpa_s->l2);
481 wpa_s->l2 = NULL;
482 if (wpa_s->l2_br) {
483 l2_packet_deinit(wpa_s->l2_br);
484 wpa_s->l2_br = NULL;
485 }
4a6cc862
JM		 486#ifdef CONFIG_TESTING_OPTIONS
487 l2_packet_deinit(wpa_s->l2_test);
488 wpa_s->l2_test = NULL;
c06fca04
JM		 489 os_free(wpa_s->get_pref_freq_list_override);
490 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 491 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
492 wpa_s->last_assoc_req_wpa_ie = NULL;
4a6cc862 493#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 494
6fc6879b 495 if (wpa_s->conf != NULL) {
8e56d189
JM		 496 struct wpa_ssid *ssid;
497 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
498 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 499 }
500
501 os_free(wpa_s->confname);
502 wpa_s->confname = NULL;
503
e6304cad
DS		 504 os_free(wpa_s->confanother);
505 wpa_s->confanother = NULL;
506
6fc6879b
JM		 507 wpa_sm_set_eapol(wpa_s->wpa, NULL);
508 eapol_sm_deinit(wpa_s->eapol);
509 wpa_s->eapol = NULL;
510
511 rsn_preauth_deinit(wpa_s->wpa);
512
281ff0aa
GP		 513#ifdef CONFIG_TDLS
514 wpa_tdls_deinit(wpa_s->wpa);
515#endif /* CONFIG_TDLS */
516
8c42b369 517 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 518 pmksa_candidate_free(wpa_s->wpa);
519 wpa_sm_deinit(wpa_s->wpa);
520 wpa_s->wpa = NULL;
521 wpa_blacklist_clear(wpa_s);
522
83922c2d 523 wpa_bss_deinit(wpa_s);
6fc6879b 524
831770bf 525 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 526 wpa_supplicant_cancel_scan(wpa_s);
527 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 528 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
529#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
530 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
531 wpa_s, NULL);
532#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 533
9bd566a3
AS		 534 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
535
116654ce 536 wpas_wps_deinit(wpa_s);
11ef8d35 537
1ff73338
JM		 538 wpabuf_free(wpa_s->pending_eapol_rx);
539 wpa_s->pending_eapol_rx = NULL;
540
11ef8d35
JM		 541#ifdef CONFIG_IBSS_RSN
542 ibss_rsn_deinit(wpa_s->ibss_rsn);
543 wpa_s->ibss_rsn = NULL;
544#endif /* CONFIG_IBSS_RSN */
c2a04078 545
e29853bb 546 sme_deinit(wpa_s);
2d5b792d
JM		 547
548#ifdef CONFIG_AP
549 wpa_supplicant_ap_deinit(wpa_s);
550#endif /* CONFIG_AP */
b22128ef 551
b22128ef 552 wpas_p2p_deinit(wpa_s);
f47d639d 553
24f6497c
JM		 554#ifdef CONFIG_OFFCHANNEL
555 offchannel_deinit(wpa_s);
556#endif /* CONFIG_OFFCHANNEL */
557
a4cba8f1
LC		 558 wpa_supplicant_cancel_sched_scan(wpa_s);
559
f47d639d
JM		 560 os_free(wpa_s->next_scan_freqs);
561 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 562
563 os_free(wpa_s->manual_scan_freqs);
564 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 565 os_free(wpa_s->select_network_scan_freqs);
566 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 567
d3c9c35f
DS		 568 os_free(wpa_s->manual_sched_scan_freqs);
569 wpa_s->manual_sched_scan_freqs = NULL;
570
56c76fa5
IP		 571 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
572
57e832de
IP		 573 /*
574 * Need to remove any pending gas-query radio work before the
575 * gas_query_deinit() call because gas_query::work has not yet been set
576 * for works that have not been started. gas_query_free() will be unable
577 * to cancel such pending radio works and once the pending gas-query
578 * radio work eventually gets removed, the deinit notification call to
579 * gas_query_start_cb() would result in dereferencing freed memory.
580 */
581 if (wpa_s->radio)
582 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 583 gas_query_deinit(wpa_s->gas);
584 wpa_s->gas = NULL;
461d39af
JM		 585 gas_server_deinit(wpa_s->gas_server);
586 wpa_s->gas_server = NULL;
6bf731e8
CL		 587
588 free_hw_features(wpa_s);
d445a5cd 589
dd10abcc
HW		 590 ieee802_1x_dealloc_kay_sm(wpa_s);
591
d445a5cd
JM		 592 os_free(wpa_s->bssid_filter);
593 wpa_s->bssid_filter = NULL;
b6668734 594
6407f413
JM		 595 os_free(wpa_s->disallow_aps_bssid);
596 wpa_s->disallow_aps_bssid = NULL;
597 os_free(wpa_s->disallow_aps_ssid);
598 wpa_s->disallow_aps_ssid = NULL;
599
b6668734 600 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 601#ifdef CONFIG_WNM
602 wnm_deallocate_memory(wpa_s);
603#endif /* CONFIG_WNM */
306ae225
JM		 604
605 ext_password_deinit(wpa_s->ext_pw);
606 wpa_s->ext_pw = NULL;
b1f12296
JM		 607
608 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 609 wpa_s->last_gas_resp = NULL;
610 wpabuf_free(wpa_s->prev_gas_resp);
611 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 612
613 os_free(wpa_s->last_scan_res);
614 wpa_s->last_scan_res = NULL;
b572df86
JM		 615
616#ifdef CONFIG_HS20
ece4ac5f
MG		 617 if (wpa_s->drv_priv)
618 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 619 hs20_deinit(wpa_s);
b572df86 620#endif /* CONFIG_HS20 */
86bd36f0
JM		 621
622 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
623 wpabuf_free(wpa_s->vendor_elem[i]);
624 wpa_s->vendor_elem[i] = NULL;
625 }
3882a708
JM		 626
627 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 628
629 wpa_s->sched_scan_plans_num = 0;
630 os_free(wpa_s->sched_scan_plans);
631 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 632
633#ifdef CONFIG_MBO
634 wpa_s->non_pref_chan_num = 0;
635 os_free(wpa_s->non_pref_chan);
636 wpa_s->non_pref_chan = NULL;
637#endif /* CONFIG_MBO */
dd599908
AS		 638
639 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 640
641 wpabuf_free(wpa_s->lci);
642 wpa_s->lci = NULL;
76196ddb 643 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 644
645#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
646#ifdef CONFIG_MESH
647 {
648 struct external_pmksa_cache *entry;
649
650 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
651 struct external_pmksa_cache,
652 list)) != NULL) {
653 dl_list_del(&entry->list);
654 os_free(entry->pmksa_cache);
655 os_free(entry);
656 }
657 }
658#endif /* CONFIG_MESH */
659#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 660
661 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 662
663 wpabuf_free(wpa_s->ric_ies);
664 wpa_s->ric_ies = NULL;
be27e185
JM		 665
666#ifdef CONFIG_DPP
667 wpas_dpp_deinit(wpa_s);
668#endif /* CONFIG_DPP */
6fc6879b
JM		 669}
670
671
672/**
673 * wpa_clear_keys - Clear keys configured for the driver
674 * @wpa_s: Pointer to wpa_supplicant data
675 * @addr: Previously used BSSID or %NULL if not available
676 *
677 * This function clears the encryption keys that has been previously configured
678 * for the driver.
679 */
680void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
681{
2f30cac3 682 int i, max;
6fc6879b 683
0e27f655 684#ifdef CONFIG_IEEE80211W
2f30cac3
JM		 685 max = 6;
686#else /* CONFIG_IEEE80211W */
687 max = 4;
0e27f655 688#endif /* CONFIG_IEEE80211W */
2f30cac3
JM		 689
690 /* MLME-DELETEKEYS.request */
691 for (i = 0; i < max; i++) {
692 if (wpa_s->keys_cleared & BIT(i))
693 continue;
694 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
695 NULL, 0);
696 }
697 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
698 !is_zero_ether_addr(addr)) {
6fc6879b
JM		 699 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
700 0);
701 /* MLME-SETPROTECTION.request(None) */
702 wpa_drv_mlme_setprotection(
703 wpa_s, addr,
704 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
705 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
706 }
2f30cac3 707 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 708}
709
710
711/**
712 * wpa_supplicant_state_txt - Get the connection state name as a text string
713 * @state: State (wpa_state; WPA_*)
714 * Returns: The state name as a printable text string
715 */
71934751 716const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 717{
718 switch (state) {
719 case WPA_DISCONNECTED:
720 return "DISCONNECTED";
721 case WPA_INACTIVE:
722 return "INACTIVE";
8401a6b0
JM		 723 case WPA_INTERFACE_DISABLED:
724 return "INTERFACE_DISABLED";
6fc6879b
JM		 725 case WPA_SCANNING:
726 return "SCANNING";
c2a04078
JM		 727 case WPA_AUTHENTICATING:
728 return "AUTHENTICATING";
6fc6879b
JM		 729 case WPA_ASSOCIATING:
730 return "ASSOCIATING";
731 case WPA_ASSOCIATED:
732 return "ASSOCIATED";
733 case WPA_4WAY_HANDSHAKE:
734 return "4WAY_HANDSHAKE";
735 case WPA_GROUP_HANDSHAKE:
736 return "GROUP_HANDSHAKE";
737 case WPA_COMPLETED:
738 return "COMPLETED";
739 default:
740 return "UNKNOWN";
741 }
742}
743
744
cfe53c9a
PS		 745#ifdef CONFIG_BGSCAN
746
747static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
748{
31392709
HD		 749 const char *name;
750
751 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
752 name = wpa_s->current_ssid->bgscan;
753 else
754 name = wpa_s->conf->bgscan;
268043d5 755 if (name == NULL || name[0] == '\0')
31392709 756 return;
0096c427
JM		 757 if (wpas_driver_bss_selection(wpa_s))
758 return;
cfe53c9a
PS		 759 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
760 return;
aa109830
DS		 761#ifdef CONFIG_P2P
762 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
763 return;
764#endif /* CONFIG_P2P */
cfe53c9a
PS		 765
766 bgscan_deinit(wpa_s);
31392709
HD		 767 if (wpa_s->current_ssid) {
768 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 769 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
770 "bgscan");
771 /*
772 * Live without bgscan; it is only used as a roaming
773 * optimization, so the initial connection is not
774 * affected.
775 */
6409b7a7
YD		 776 } else {
777 struct wpa_scan_results *scan_res;
cfe53c9a 778 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 779 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
780 0);
781 if (scan_res) {
782 bgscan_notify_scan(wpa_s, scan_res);
783 wpa_scan_results_free(scan_res);
784 }
785 }
cfe53c9a
PS		 786 } else
787 wpa_s->bgscan_ssid = NULL;
788}
789
790
791static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
792{
793 if (wpa_s->bgscan_ssid != NULL) {
794 bgscan_deinit(wpa_s);
795 wpa_s->bgscan_ssid = NULL;
796 }
797}
798
799#endif /* CONFIG_BGSCAN */
800
801
7c865c68
TB		 802static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
803{
99218999 804 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 805 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
806}
807
808
809static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
810{
811 autoscan_deinit(wpa_s);
812}
813
814
c3d12238
JM		 815void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
816{
817 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
818 wpa_s->wpa_state == WPA_SCANNING) {
819 autoscan_deinit(wpa_s);
820 wpa_supplicant_start_autoscan(wpa_s);
821 }
822}
823
824
6fc6879b
JM		 825/**
826 * wpa_supplicant_set_state - Set current connection state
827 * @wpa_s: Pointer to wpa_supplicant data
828 * @state: The new connection state
829 *
830 * This function is called whenever the connection state changes, e.g.,
831 * association is completed for WPA/WPA2 4-Way Handshake is started.
832 */
71934751
JM		 833void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
834 enum wpa_states state)
6fc6879b 835{
27f43d8d
MH		 836 enum wpa_states old_state = wpa_s->wpa_state;
837
f049052b
BG		 838 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
839 wpa_supplicant_state_txt(wpa_s->wpa_state),
840 wpa_supplicant_state_txt(state));
6fc6879b 841
5ddd07cb
AS		 842 if (state == WPA_INTERFACE_DISABLED) {
843 /* Assure normal scan when interface is restored */
844 wpa_s->normal_scans = 0;
845 }
846
0cf24fda 847 if (state == WPA_COMPLETED) {
6ac4b15e 848 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 849 /* Reinitialize normal_scan counter */
850 wpa_s->normal_scans = 0;
851 }
6ac4b15e 852
07c1e987
MS		 853#ifdef CONFIG_P2P
854 /*
855 * P2PS client has to reply to Probe Request frames received on the
856 * group operating channel. Enable Probe Request frame reporting for
857 * P2P connected client in case p2p_cli_probe configuration property is
858 * set to 1.
859 */
860 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
861 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
862 wpa_s->current_ssid->p2p_group) {
863 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
864 wpa_dbg(wpa_s, MSG_DEBUG,
865 "P2P: Enable CLI Probe Request RX reporting");
866 wpa_s->p2p_cli_probe =
867 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
868 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
869 wpa_dbg(wpa_s, MSG_DEBUG,
870 "P2P: Disable CLI Probe Request RX reporting");
871 wpa_s->p2p_cli_probe = 0;
872 wpa_drv_probe_req_report(wpa_s, 0);
873 }
874 }
875#endif /* CONFIG_P2P */
876
cb8564b1
DW		 877 if (state != WPA_SCANNING)
878 wpa_supplicant_notify_scanning(wpa_s, 0);
879
6fc6879b 880 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 881 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 882 int fils_hlp_sent = 0;
883
884#ifdef CONFIG_SME
885 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
886 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
887 fils_hlp_sent = 1;
888#endif /* CONFIG_SME */
889 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
890 wpa_auth_alg_fils(wpa_s->auth_alg))
891 fils_hlp_sent = 1;
892
7d37a357 893#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 894 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 895 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 896 MAC2STR(wpa_s->bssid),
6fc6879b 897 ssid ? ssid->id : -1,
da6a28ba
VK		 898 ssid && ssid->id_str ? ssid->id_str : "",
899 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 900#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 901 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 902 wpa_blacklist_clear(wpa_s);
f1a52633 903 wpa_s->extra_blacklist_count = 0;
6fc6879b 904 wpa_s->new_connection = 0;
6fc6879b 905 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 906#ifndef IEEE8021X_EAPOL
907 wpa_drv_set_supp_port(wpa_s, 1);
908#endif /* IEEE8021X_EAPOL */
17a4734d 909 wpa_s->after_wps = 0;
4d9fb08d 910 wpa_s->known_wps_freq = 0;
b22128ef 911 wpas_p2p_completed(wpa_s);
c3701c66
RM		 912
913 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 914
915#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
916 if (!fils_hlp_sent && ssid && ssid->eap.erp)
917 wpas_update_fils_connect_params(wpa_s);
918#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 919 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
920 state == WPA_ASSOCIATED) {
921 wpa_s->new_connection = 1;
922 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 923#ifndef IEEE8021X_EAPOL
924 wpa_drv_set_supp_port(wpa_s, 0);
925#endif /* IEEE8021X_EAPOL */
c3701c66 926 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 927 }
928 wpa_s->wpa_state = state;
27f43d8d 929
cfe53c9a
PS		 930#ifdef CONFIG_BGSCAN
931 if (state == WPA_COMPLETED)
932 wpa_supplicant_start_bgscan(wpa_s);
37271232 933 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 934 wpa_supplicant_stop_bgscan(wpa_s);
935#endif /* CONFIG_BGSCAN */
936
7c865c68
TB		 937 if (state == WPA_AUTHENTICATING)
938 wpa_supplicant_stop_autoscan(wpa_s);
939
940 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
941 wpa_supplicant_start_autoscan(wpa_s);
942
fecc2bb5
EP		 943 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
944 wmm_ac_notify_disassoc(wpa_s);
945
5bbf9f10 946 if (wpa_s->wpa_state != old_state) {
27f43d8d 947 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 948
e3bd6e9d
IP		 949 /*
950 * Notify the P2P Device interface about a state change in one
951 * of the interfaces.
952 */
953 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 954
5bbf9f10
PS		 955 if (wpa_s->wpa_state == WPA_COMPLETED ||
956 old_state == WPA_COMPLETED)
957 wpas_notify_auth_changed(wpa_s);
958 }
6fc6879b
JM		 959}
960
961
1a1bf008
JM		 962void wpa_supplicant_terminate_proc(struct wpa_global *global)
963{
964 int pending = 0;
965#ifdef CONFIG_WPS
966 struct wpa_supplicant *wpa_s = global->ifaces;
967 while (wpa_s) {
ab41595f 968 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 969 if (wpas_wps_terminate_pending(wpa_s) == 1)
970 pending = 1;
20625e97
JM		 971#ifdef CONFIG_P2P
972 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
973 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
974 wpas_p2p_disconnect(wpa_s);
975#endif /* CONFIG_P2P */
ab41595f 976 wpa_s = next;
1a1bf008
JM		 977 }
978#endif /* CONFIG_WPS */
979 if (pending)
980 return;
981 eloop_terminate();
982}
983
984
0456ea16 985static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 986{
0456ea16 987 struct wpa_global *global = signal_ctx;
1a1bf008 988 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 989}
990
991
b22128ef 992void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 993{
71934751 994 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 995
6fc6879b
JM		 996 wpa_s->pairwise_cipher = 0;
997 wpa_s->group_cipher = 0;
998 wpa_s->mgmt_group_cipher = 0;
999 wpa_s->key_mgmt = 0;
8401a6b0 1000 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1001 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1002
1003 if (wpa_s->wpa_state != old_state)
1004 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1005}
1006
1007
1008/**
1009 * wpa_supplicant_reload_configuration - Reload configuration data
1010 * @wpa_s: Pointer to wpa_supplicant data
1011 * Returns: 0 on success or -1 if configuration parsing failed
1012 *
1013 * This function can be used to request that the configuration data is reloaded
1014 * (e.g., after configuration file change). This function is reloading
1015 * configuration only for one interface, so this may need to be called multiple
1016 * times if %wpa_supplicant is controlling multiple interfaces and all
1017 * interfaces need reconfiguration.
1018 */
1019int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1020{
1021 struct wpa_config *conf;
1022 int reconf_ctrl;
8bac466b
JM		 1023 int old_ap_scan;
1024
6fc6879b
JM		 1025 if (wpa_s->confname == NULL)
1026 return -1;
e6304cad 1027 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1028 if (conf == NULL) {
1029 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1030 "file '%s' - exiting", wpa_s->confname);
1031 return -1;
1032 }
3bd35b68
JM		 1033 if (wpa_s->confanother &&
1034 !wpa_config_read(wpa_s->confanother, conf)) {
1035 wpa_msg(wpa_s, MSG_ERROR,
1036 "Failed to parse the configuration file '%s' - exiting",
1037 wpa_s->confanother);
1038 return -1;
1039 }
e6304cad 1040
611aea7d 1041 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1042
1043 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1044 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1045 os_strcmp(conf->ctrl_interface,
1046 wpa_s->conf->ctrl_interface) != 0);
1047
1048 if (reconf_ctrl && wpa_s->ctrl_iface) {
1049 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1050 wpa_s->ctrl_iface = NULL;
1051 }
1052
1053 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1054 if (wpa_s->current_ssid) {
e66bcedd
JM		 1055 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1056 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1057 wpa_supplicant_deauthenticate(wpa_s,
1058 WLAN_REASON_DEAUTH_LEAVING);
1059 }
8bac466b 1060
6fc6879b
JM		 1061 /*
1062 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1063 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1064 */
a1ea1b45 1065 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1066 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1067 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1068 /*
1069 * Clear forced success to clear EAP state for next
1070 * authentication.
1071 */
1072 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1073 }
1074 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1075 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1076 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1077 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1078 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1079
1080 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1081 wpa_config_free(wpa_s->conf);
1082 wpa_s->conf = conf;
8bac466b
JM		 1083 if (old_ap_scan != wpa_s->conf->ap_scan)
1084 wpas_notify_ap_scan_changed(wpa_s);
1085
6fc6879b
JM		 1086 if (reconf_ctrl)
1087 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1088
611aea7d
JM		 1089 wpa_supplicant_update_config(wpa_s);
1090
6fc6879b 1091 wpa_supplicant_clear_status(wpa_s);
349493bd 1092 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1093 wpa_s->reassociate = 1;
1094 wpa_supplicant_req_scan(wpa_s, 0, 0);
1095 }
f049052b 1096 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1097 return 0;
1098}
1099
1100
0456ea16 1101static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1102{
0456ea16 1103 struct wpa_global *global = signal_ctx;
6fc6879b 1104 struct wpa_supplicant *wpa_s;
6fc6879b 1105 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1106 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1107 sig);
6fc6879b 1108 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1109 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1110 }
1111 }
1248e584
LR		 1112
1113 if (wpa_debug_reopen_file() < 0) {
1114 /* Ignore errors since we cannot really do much to fix this */
1115 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1116 }
6fc6879b
JM		 1117}
1118
1119
6fc6879b
JM		 1120static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1121 struct wpa_ssid *ssid,
1122 struct wpa_ie_data *ie)
1123{
1124 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1125 if (ret) {
1126 if (ret == -2) {
1127 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1128 "from association info");
1129 }
1130 return -1;
1131 }
1132
f049052b
BG		 1133 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1134 "cipher suites");
6fc6879b
JM		 1135 if (!(ie->group_cipher & ssid->group_cipher)) {
1136 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1137 "cipher 0x%x (mask 0x%x) - reject",
1138 ie->group_cipher, ssid->group_cipher);
1139 return -1;
1140 }
1141 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1142 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1143 "cipher 0x%x (mask 0x%x) - reject",
1144 ie->pairwise_cipher, ssid->pairwise_cipher);
1145 return -1;
1146 }
1147 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1148 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1149 "management 0x%x (mask 0x%x) - reject",
1150 ie->key_mgmt, ssid->key_mgmt);
1151 return -1;
1152 }
1153
1154#ifdef CONFIG_IEEE80211W
0b60b0aa 1155 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1156 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1157 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1158 "that does not support management frame protection - "
1159 "reject");
1160 return -1;
1161 }
1162#endif /* CONFIG_IEEE80211W */
1163
1164 return 0;
1165}
1166
1167
1168/**
1169 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1170 * @wpa_s: Pointer to wpa_supplicant data
1171 * @bss: Scan results for the selected BSS, or %NULL if not available
1172 * @ssid: Configuration data for the selected network
1173 * @wpa_ie: Buffer for the WPA/RSN IE
1174 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1175 * used buffer length in case the functions returns success.
1176 * Returns: 0 on success or -1 on failure
1177 *
1178 * This function is used to configure authentication and encryption parameters
1179 * based on the network configuration and scan result for the selected BSS (if
1180 * available).
1181 */
1182int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1183 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1184 u8 *wpa_ie, size_t *wpa_ie_len)
1185{
1186 struct wpa_ie_data ie;
1187 int sel, proto;
df0f01d9 1188 const u8 *bss_wpa, *bss_rsn, *bss_osen;
6fc6879b
JM		 1189
1190 if (bss) {
6fa81a3b
JM		 1191 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1192 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
df0f01d9 1193 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
6fc6879b 1194 } else
df0f01d9 1195 bss_wpa = bss_rsn = bss_osen = NULL;
6fc6879b
JM		 1196
1197 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1198 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1199 (ie.group_cipher & ssid->group_cipher) &&
1200 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1201 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1202 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1203 proto = WPA_PROTO_RSN;
1204 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1205 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1206 (ie.group_cipher & ssid->group_cipher) &&
1207 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1208 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1209 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1210 proto = WPA_PROTO_WPA;
df0f01d9
JM		 1211#ifdef CONFIG_HS20
1212 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1213 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1214 /* TODO: parse OSEN element */
137ff332 1215 os_memset(&ie, 0, sizeof(ie));
df0f01d9
JM		 1216 ie.group_cipher = WPA_CIPHER_CCMP;
1217 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1218 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1219 proto = WPA_PROTO_OSEN;
f5a60216
JM		 1220 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1221 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1222 (ie.group_cipher & ssid->group_cipher) &&
1223 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1224 (ie.key_mgmt & ssid->key_mgmt)) {
1225 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1226 proto = WPA_PROTO_RSN;
df0f01d9 1227#endif /* CONFIG_HS20 */
6fc6879b
JM		 1228 } else if (bss) {
1229 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1230 wpa_dbg(wpa_s, MSG_DEBUG,
1231 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1232 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1233 ssid->key_mgmt);
1234 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1235 MAC2STR(bss->bssid),
1236 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1237 bss_wpa ? " WPA" : "",
1238 bss_rsn ? " RSN" : "",
1239 bss_osen ? " OSEN" : "");
1240 if (bss_rsn) {
1241 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1242 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1243 wpa_dbg(wpa_s, MSG_DEBUG,
1244 "Could not parse RSN element");
1245 } else {
1246 wpa_dbg(wpa_s, MSG_DEBUG,
1247 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1248 ie.pairwise_cipher, ie.group_cipher,
1249 ie.key_mgmt);
1250 }
1251 }
1252 if (bss_wpa) {
1253 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1254 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1255 wpa_dbg(wpa_s, MSG_DEBUG,
1256 "Could not parse WPA element");
1257 } else {
1258 wpa_dbg(wpa_s, MSG_DEBUG,
1259 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1260 ie.pairwise_cipher, ie.group_cipher,
1261 ie.key_mgmt);
1262 }
1263 }
6fc6879b
JM		 1264 return -1;
1265 } else {
df0f01d9
JM		 1266 if (ssid->proto & WPA_PROTO_OSEN)
1267 proto = WPA_PROTO_OSEN;
1268 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1269 proto = WPA_PROTO_RSN;
1270 else
1271 proto = WPA_PROTO_WPA;
1272 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1273 os_memset(&ie, 0, sizeof(ie));
1274 ie.group_cipher = ssid->group_cipher;
1275 ie.pairwise_cipher = ssid->pairwise_cipher;
1276 ie.key_mgmt = ssid->key_mgmt;
1277#ifdef CONFIG_IEEE80211W
61a56c14
JM		 1278 ie.mgmt_group_cipher = 0;
1279 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1280 if (ssid->group_mgmt_cipher &
1281 WPA_CIPHER_BIP_GMAC_256)
1282 ie.mgmt_group_cipher =
1283 WPA_CIPHER_BIP_GMAC_256;
1284 else if (ssid->group_mgmt_cipher &
1285 WPA_CIPHER_BIP_CMAC_256)
1286 ie.mgmt_group_cipher =
1287 WPA_CIPHER_BIP_CMAC_256;
1288 else if (ssid->group_mgmt_cipher &
1289 WPA_CIPHER_BIP_GMAC_128)
1290 ie.mgmt_group_cipher =
1291 WPA_CIPHER_BIP_GMAC_128;
1292 else
1293 ie.mgmt_group_cipher =
1294 WPA_CIPHER_AES_128_CMAC;
1295 }
6fc6879b 1296#endif /* CONFIG_IEEE80211W */
c1790a5f
JM		 1297#ifdef CONFIG_OWE
1298 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1299 !ssid->owe_only &&
1300 !bss_wpa && !bss_rsn && !bss_osen) {
1301 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1302 wpa_s->wpa_proto = 0;
9f8d459d 1303 *wpa_ie_len = 0;
c1790a5f
JM		 1304 return 0;
1305 }
1306#endif /* CONFIG_OWE */
f049052b
BG		 1307 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1308 "based on configuration");
6fc6879b
JM		 1309 } else
1310 proto = ie.proto;
1311 }
1312
f049052b
BG		 1313 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1314 "pairwise %d key_mgmt %d proto %d",
1315 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1316#ifdef CONFIG_IEEE80211W
1317 if (ssid->ieee80211w) {
f049052b
BG		 1318 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1319 ie.mgmt_group_cipher);
6fc6879b
JM		 1320 }
1321#endif /* CONFIG_IEEE80211W */
1322
64fa840a 1323 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1324 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1325 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1326 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1327
1328 if (bss || !wpa_s->ap_ies_from_associnfo) {
1329 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1330 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1331 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1332 bss_rsn ? 2 + bss_rsn[1] : 0))
1333 return -1;
1334 }
1335
9e68742e
JM		 1336#ifdef CONFIG_NO_WPA
1337 wpa_s->group_cipher = WPA_CIPHER_NONE;
1338 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1339#else /* CONFIG_NO_WPA */
6fc6879b 1340 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1341 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1342 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1343 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1344 "cipher");
6fc6879b
JM		 1345 return -1;
1346 }
edbd2a19
JM		 1347 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1348 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1349
1350 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1351 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1352 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1353 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1354 "cipher");
6fc6879b
JM		 1355 return -1;
1356 }
edbd2a19
JM		 1357 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1358 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1359#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1360
1361 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1362#ifdef CONFIG_SAE
1363 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1364 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1365#endif /* CONFIG_SAE */
6fc6879b 1366 if (0) {
5e3b5197
JM		 1367#ifdef CONFIG_SUITEB192
1368 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1369 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1370 wpa_dbg(wpa_s, MSG_DEBUG,
1371 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1372#endif /* CONFIG_SUITEB192 */
1373#ifdef CONFIG_SUITEB
666497c8
JM		 1374 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1375 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1376 wpa_dbg(wpa_s, MSG_DEBUG,
1377 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1378#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1379#ifdef CONFIG_FILS
1380#ifdef CONFIG_IEEE80211R
1381 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1382 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1383 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1384 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1385 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1386 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1387#endif /* CONFIG_IEEE80211R */
1388 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1389 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1390 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1391 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1392 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1393 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1394#endif /* CONFIG_FILS */
6fc6879b
JM		 1395#ifdef CONFIG_IEEE80211R
1396 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1397 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1398 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
833bb2ab
JM		 1399 if (pmksa_cache_get_current(wpa_s->wpa)) {
1400 /* PMKSA caching with FT is not fully functional, so
1401 * disable the case for now. */
1402 wpa_dbg(wpa_s, MSG_DEBUG,
1403 "WPA: Disable PMKSA caching for FT/802.1X connection");
1404 pmksa_cache_clear_current(wpa_s->wpa);
1405 }
6fc6879b
JM		 1406 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1407 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1408 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1409#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1410#ifdef CONFIG_SAE
1411 } else if (sel & WPA_KEY_MGMT_SAE) {
1412 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1413 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1414 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1415 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1416 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1417#endif /* CONFIG_SAE */
56586197
JM		 1418#ifdef CONFIG_IEEE80211W
1419 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1420 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1421 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1422 "WPA: using KEY_MGMT 802.1X with SHA256");
1423 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1424 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1425 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1426 "WPA: using KEY_MGMT PSK with SHA256");
1427#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1428 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1429 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1430 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1431 } else if (sel & WPA_KEY_MGMT_PSK) {
1432 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1433 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1434 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1435 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1436 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1437#ifdef CONFIG_HS20
1438 } else if (sel & WPA_KEY_MGMT_OSEN) {
1439 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1440 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1441#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1442#ifdef CONFIG_OWE
1443 } else if (sel & WPA_KEY_MGMT_OWE) {
1444 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1445 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1446#endif /* CONFIG_OWE */
567da5bb
JM		 1447#ifdef CONFIG_DPP
1448 } else if (sel & WPA_KEY_MGMT_DPP) {
1449 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1450 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1451#endif /* CONFIG_DPP */
6fc6879b 1452 } else {
f049052b
BG		 1453 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1454 "authenticated key management type");
6fc6879b
JM		 1455 return -1;
1456 }
1457
1458 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1459 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1460 wpa_s->pairwise_cipher);
1461 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1462
1463#ifdef CONFIG_IEEE80211W
1464 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1465 if (ssid->group_mgmt_cipher)
1466 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1467 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1468 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1469 sel = 0;
1470 if (sel & WPA_CIPHER_AES_128_CMAC) {
1471 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1472 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1473 "AES-128-CMAC");
8dd9f9cd
JM		 1474 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1475 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1476 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1477 "BIP-GMAC-128");
1478 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1479 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1480 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1481 "BIP-GMAC-256");
1482 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1483 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1484 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1485 "BIP-CMAC-256");
6fc6879b
JM		 1486 } else {
1487 wpa_s->mgmt_group_cipher = 0;
f049052b 1488 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1489 }
1490 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1491 wpa_s->mgmt_group_cipher);
62d49803 1492 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1493 wpas_get_ssid_pmf(wpa_s, ssid));
6fc6879b
JM		 1494#endif /* CONFIG_IEEE80211W */
1495
1496 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1497 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1498 return -1;
1499 }
1500
0bf927a0 1501 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1502 int psk_set = 0;
06b1a104 1503 int sae_only;
a52410c2 1504
06b1a104
JM		 1505 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1506 WPA_KEY_MGMT_FT_PSK |
1507 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1508
1509 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1510 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1511 ssid->psk, PMK_LEN);
70c93963
MH		 1512 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1513 NULL);
a52410c2
JM		 1514 psk_set = 1;
1515 }
a34ca59e 1516
06b1a104
JM		 1517 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1518 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1519 psk_set = 1;
1520
7d232e23
ZC		 1521#ifndef CONFIG_NO_PBKDF2
1522 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1523 ssid->passphrase && !sae_only) {
7d232e23 1524 u8 psk[PMK_LEN];
986de33d
JM		 1525 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1526 4096, psk, PMK_LEN);
7d232e23
ZC		 1527 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1528 psk, PMK_LEN);
70c93963 1529 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1530 psk_set = 1;
e886c88e 1531 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1532 }
1533#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1534#ifdef CONFIG_EXT_PASSWORD
06b1a104 1535 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1536 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1537 ssid->ext_psk);
1538 char pw_str[64 + 1];
1539 u8 psk[PMK_LEN];
1540
1541 if (pw == NULL) {
1542 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1543 "found from external storage");
1544 return -1;
1545 }
1546
1547 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1548 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1549 "PSK length %d in external storage",
1550 (int) wpabuf_len(pw));
1551 ext_password_free(pw);
1552 return -1;
1553 }
1554
1555 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1556 pw_str[wpabuf_len(pw)] = '\0';
1557
1558#ifndef CONFIG_NO_PBKDF2
1559 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1560 {
986de33d
JM		 1561 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1562 4096, psk, PMK_LEN);
9173b16f
JM		 1563 os_memset(pw_str, 0, sizeof(pw_str));
1564 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1565 "external passphrase)",
1566 psk, PMK_LEN);
70c93963
MH		 1567 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1568 NULL);
a52410c2 1569 psk_set = 1;
e886c88e 1570 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1571 } else
1572#endif /* CONFIG_NO_PBKDF2 */
1573 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1574 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1575 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1576 "Invalid PSK hex string");
1577 os_memset(pw_str, 0, sizeof(pw_str));
1578 ext_password_free(pw);
1579 return -1;
1580 }
66dbc8d9
JM		 1581 wpa_hexdump_key(MSG_MSGDUMP,
1582 "PSK (from external PSK)",
1583 psk, PMK_LEN);
70c93963
MH		 1584 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1585 NULL);
a52410c2 1586 psk_set = 1;
e886c88e 1587 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1588 } else {
1589 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1590 "PSK available");
1591 os_memset(pw_str, 0, sizeof(pw_str));
1592 ext_password_free(pw);
1593 return -1;
1594 }
1595
1596 os_memset(pw_str, 0, sizeof(pw_str));
1597 ext_password_free(pw);
1598 }
1599#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1600
1601 if (!psk_set) {
1602 wpa_msg(wpa_s, MSG_INFO,
1603 "No PSK available for association");
06b1a104 1604 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1605 return -1;
1606 }
675112df
JM		 1607#ifdef CONFIG_OWE
1608 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1609 /* OWE Diffie-Hellman exchange in (Re)Association
1610 * Request/Response frames set the PMK, so do not override it
1611 * here. */
1612#endif /* CONFIG_OWE */
7d232e23 1613 } else
6fc6879b
JM		 1614 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1615
1616 return 0;
1617}
1618
1619
8cd6b7bc 1620static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1621{
8cd6b7bc 1622 *pos = 0x00;
03e47c9c 1623
8cd6b7bc
JB		 1624 switch (idx) {
1625 case 0: /* Bits 0-7 */
1626 break;
1627 case 1: /* Bits 8-15 */
1628 break;
1629 case 2: /* Bits 16-23 */
1630#ifdef CONFIG_WNM
1631 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1632 *pos |= 0x08; /* Bit 19 - BSS Transition */
1633#endif /* CONFIG_WNM */
1634 break;
1635 case 3: /* Bits 24-31 */
1636#ifdef CONFIG_WNM
1637 *pos |= 0x02; /* Bit 25 - SSID List */
1638#endif /* CONFIG_WNM */
03e47c9c 1639#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1640 if (wpa_s->conf->interworking)
1641 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1642#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1643 break;
1644 case 4: /* Bits 32-39 */
56f5af48 1645#ifdef CONFIG_INTERWORKING
429dd9af
JM		 1646 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1647 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1648#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1649 break;
1650 case 5: /* Bits 40-47 */
95a3ea94
JM		 1651#ifdef CONFIG_HS20
1652 if (wpa_s->conf->hs20)
1653 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1654#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1655#ifdef CONFIG_MBO
1656 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1657#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1658 break;
1659 case 6: /* Bits 48-55 */
1660 break;
d1723c55
LD		 1661 case 7: /* Bits 56-63 */
1662 break;
1663 case 8: /* Bits 64-71 */
1664 if (wpa_s->conf->ftm_responder)
1665 *pos |= 0x40; /* Bit 70 - FTM responder */
1666 if (wpa_s->conf->ftm_initiator)
1667 *pos |= 0x80; /* Bit 71 - FTM initiator */
1668 break;
e4d2ce1b
JM		 1669 case 9: /* Bits 72-79 */
1670#ifdef CONFIG_FILS
d98038bb 1671 if (!wpa_s->disable_fils)
1672 *pos |= 0x01;
e4d2ce1b
JM		 1673#endif /* CONFIG_FILS */
1674 break;
8cd6b7bc
JB		 1675 }
1676}
03e47c9c 1677
03e47c9c 1678
0bbaa9b9 1679int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1680{
1681 u8 *pos = buf;
e4d2ce1b 1682 u8 len = 10, i;
8cd6b7bc
JB		 1683
1684 if (len < wpa_s->extended_capa_len)
1685 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1686 if (buflen < (size_t) len + 2) {
1687 wpa_printf(MSG_INFO,
1688 "Not enough room for building extended capabilities element");
1689 return -1;
1690 }
03e47c9c
JM		 1691
1692 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1693 *pos++ = len;
1694 for (i = 0; i < len; i++, pos++) {
1695 wpas_ext_capab_byte(wpa_s, pos, i);
1696
1697 if (i < wpa_s->extended_capa_len) {
1698 *pos &= ~wpa_s->extended_capa_mask[i];
1699 *pos |= wpa_s->extended_capa[i];
1700 }
1701 }
03e47c9c 1702
3db5439a
JM		 1703 while (len > 0 && buf[1 + len] == 0) {
1704 len--;
1705 buf[1] = len;
1706 }
1707 if (len == 0)
1708 return 0;
1709
1710 return 2 + len;
03e47c9c
JM		 1711}
1712
1713
6ac4b15e
JM		 1714static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1715 struct wpa_bss *test_bss)
1716{
1717 struct wpa_bss *bss;
1718
1719 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1720 if (bss == test_bss)
1721 return 1;
1722 }
1723
1724 return 0;
1725}
1726
1727
1728static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1729 struct wpa_ssid *test_ssid)
1730{
1731 struct wpa_ssid *ssid;
1732
1733 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1734 if (ssid == test_ssid)
1735 return 1;
1736 }
1737
1738 return 0;
1739}
1740
1741
1742int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1743 struct wpa_ssid *test_ssid)
1744{
1745 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1746 return 0;
1747
1748 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1749}
1750
1751
1752void wpas_connect_work_free(struct wpa_connect_work *cwork)
1753{
1754 if (cwork == NULL)
1755 return;
1756 os_free(cwork);
1757}
1758
1759
1760void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1761{
1762 struct wpa_connect_work *cwork;
1763 struct wpa_radio_work *work = wpa_s->connect_work;
1764
1765 if (!work)
1766 return;
1767
1768 wpa_s->connect_work = NULL;
1769 cwork = work->ctx;
1770 work->ctx = NULL;
1771 wpas_connect_work_free(cwork);
1772 radio_work_done(work);
1773}
1774
1775
a313d17d 1776int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1777{
1778 struct os_reltime now;
1779 u8 addr[ETH_ALEN];
1780
1781 os_get_reltime(&now);
a313d17d
JM		 1782 if (wpa_s->last_mac_addr_style == style &&
1783 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1784 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1785 wpa_s->conf->rand_addr_lifetime)) {
1786 wpa_msg(wpa_s, MSG_DEBUG,
1787 "Previously selected random MAC address has not yet expired");
1788 return 0;
1789 }
1790
a313d17d
JM		 1791 switch (style) {
1792 case 1:
1793 if (random_mac_addr(addr) < 0)
1794 return -1;
1795 break;
1796 case 2:
1797 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1798 if (random_mac_addr_keep_oui(addr) < 0)
1799 return -1;
1800 break;
1801 default:
c267753b 1802 return -1;
a313d17d 1803 }
c267753b
JM		 1804
1805 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1806 wpa_msg(wpa_s, MSG_INFO,
1807 "Failed to set random MAC address");
1808 return -1;
1809 }
1810
1811 os_get_reltime(&wpa_s->last_mac_addr_change);
1812 wpa_s->mac_addr_changed = 1;
a313d17d 1813 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1814
1815 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1816 wpa_msg(wpa_s, MSG_INFO,
1817 "Could not update MAC address information");
1818 return -1;
1819 }
1820
1821 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1822 MAC2STR(addr));
1823
1824 return 0;
1825}
1826
1827
1828int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1829{
1830 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1831 !wpa_s->conf->preassoc_mac_addr)
1832 return 0;
1833
a313d17d 1834 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1835}
1836
1837
6ac4b15e
JM		 1838static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1839
6fc6879b
JM		 1840/**
1841 * wpa_supplicant_associate - Request association
1842 * @wpa_s: Pointer to wpa_supplicant data
1843 * @bss: Scan results for the selected BSS, or %NULL if not available
1844 * @ssid: Configuration data for the selected network
1845 *
1846 * This function is used to request %wpa_supplicant to associate with a BSS.
1847 */
1848void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1849 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1850{
6ac4b15e 1851 struct wpa_connect_work *cwork;
a313d17d
JM		 1852 int rand_style;
1853
a8412ec9
JM		 1854 wpa_s->own_disconnect_req = 0;
1855
e7160bd8
JM		 1856 /*
1857 * If we are starting a new connection, any previously pending EAPOL
1858 * RX cannot be valid anymore.
1859 */
1860 wpabuf_free(wpa_s->pending_eapol_rx);
1861 wpa_s->pending_eapol_rx = NULL;
1862
a313d17d
JM		 1863 if (ssid->mac_addr == -1)
1864 rand_style = wpa_s->conf->mac_addr;
1865 else
1866 rand_style = ssid->mac_addr;
6fc6879b 1867
8c42b369
EP		 1868 wmm_ac_clear_saved_tspecs(wpa_s);
1869 wpa_s->reassoc_same_bss = 0;
6a5ee810 1870 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 1871#ifdef CONFIG_TESTING_OPTIONS
1872 wpa_s->testing_resend_assoc = 0;
1873#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 1874
c267753b
JM		 1875 if (wpa_s->last_ssid == ssid) {
1876 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 1877 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 1878 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1879 wmm_ac_save_tspecs(wpa_s);
1880 wpa_s->reassoc_same_bss = 1;
1881 }
5d30f927
BR		 1882 }
1883
1884 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 1885 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 1886 return;
1887 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 1888 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 1889 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1890 wpa_msg(wpa_s, MSG_INFO,
1891 "Could not restore permanent MAC address");
1892 return;
1893 }
1894 wpa_s->mac_addr_changed = 0;
1895 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1896 wpa_msg(wpa_s, MSG_INFO,
1897 "Could not update MAC address information");
1898 return;
1899 }
1900 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1901 }
1902 wpa_s->last_ssid = ssid;
1903
78177a00
JM		 1904#ifdef CONFIG_IBSS_RSN
1905 ibss_rsn_deinit(wpa_s->ibss_rsn);
1906 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 1907#else /* CONFIG_IBSS_RSN */
1908 if (ssid->mode == WPAS_MODE_IBSS &&
1909 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1910 wpa_msg(wpa_s, MSG_INFO,
1911 "IBSS RSN not supported in the build");
1912 return;
1913 }
78177a00
JM		 1914#endif /* CONFIG_IBSS_RSN */
1915
2c5d725c
JM		 1916 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1917 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1918#ifdef CONFIG_AP
1919 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1920 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1921 "mode");
1581b38b
JM		 1922 return;
1923 }
8c981d17
DW		 1924 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1925 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 1926 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1927 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 1928 return;
1929 }
8f770587 1930 wpa_s->current_bss = bss;
1581b38b 1931#else /* CONFIG_AP */
f049052b
BG		 1932 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1933 "the build");
1581b38b
JM		 1934#endif /* CONFIG_AP */
1935 return;
1936 }
1937
603a3f34
JL		 1938 if (ssid->mode == WPAS_MODE_MESH) {
1939#ifdef CONFIG_MESH
1940 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1941 wpa_msg(wpa_s, MSG_INFO,
1942 "Driver does not support mesh mode");
1943 return;
1944 }
1945 if (bss)
1946 ssid->frequency = bss->freq;
1947 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1948 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1949 return;
1950 }
1951 wpa_s->current_bss = bss;
6174de66
JM		 1952 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1953 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1954 ssid->id);
89e9cd25 1955 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 1956#else /* CONFIG_MESH */
1957 wpa_msg(wpa_s, MSG_ERROR,
1958 "mesh mode support not included in the build");
1959#endif /* CONFIG_MESH */
1960 return;
1961 }
1962
2efc6720
JM		 1963 /*
1964 * Set WPA state machine configuration to match the selected network now
1965 * so that the information is available before wpas_start_assoc_cb()
1966 * gets called. This is needed at least for RSN pre-authentication where
1967 * candidate APs are added to a list based on scan result processing
1968 * before completion of the first association.
1969 */
1970 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
1971
a0d5c56f
JM		 1972#ifdef CONFIG_DPP
1973 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
1974 return;
1975#endif /* CONFIG_DPP */
1976
52c9e6f3 1977#ifdef CONFIG_TDLS
95cb2d88
JM		 1978 if (bss)
1979 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1980 bss->ie_len);
52c9e6f3
JM		 1981#endif /* CONFIG_TDLS */
1982
5cc4d64b
JM		 1983 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1984 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1985 sme_authenticate(wpa_s, bss, ssid);
1986 return;
1987 }
1988
6ac4b15e
JM		 1989 if (wpa_s->connect_work) {
1990 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1991 return;
1992 }
1993
f0e30c84
JM		 1994 if (radio_work_pending(wpa_s, "connect")) {
1995 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1996 return;
1997 }
1998
a1836de6
JM		 1999#ifdef CONFIG_SME
2000 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2001 /* Clear possibly set auth_alg, if any, from last attempt. */
2002 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2003 }
2004#endif /* CONFIG_SME */
2005
4ead7cfd
KV		 2006 wpas_abort_ongoing_scan(wpa_s);
2007
6ac4b15e
JM		 2008 cwork = os_zalloc(sizeof(*cwork));
2009 if (cwork == NULL)
2010 return;
2011
2012 cwork->bss = bss;
2013 cwork->ssid = ssid;
2014
2015 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2016 wpas_start_assoc_cb, cwork) < 0) {
2017 os_free(cwork);
2018 }
2019}
2020
2021
98479dc9
JD		 2022static int bss_is_ibss(struct wpa_bss *bss)
2023{
2024 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2025 IEEE80211_CAP_IBSS;
2026}
2027
2028
a65efbfb
PO		 2029static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2030 const struct wpa_ssid *ssid)
2031{
2032 enum hostapd_hw_mode hw_mode;
2033 struct hostapd_hw_modes *mode = NULL;
2034 u8 channel;
2035 int i;
2036
a65efbfb
PO		 2037 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2038 if (hw_mode == NUM_HOSTAPD_MODES)
2039 return 0;
2040 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2041 if (wpa_s->hw.modes[i].mode == hw_mode) {
2042 mode = &wpa_s->hw.modes[i];
2043 break;
2044 }
2045 }
2046
2047 if (!mode)
2048 return 0;
2049
2050 return mode->vht_capab != 0;
2051}
2052
2053
54fe48b9
JM		 2054void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2055 const struct wpa_ssid *ssid,
2056 struct hostapd_freq_params *freq)
1830817e
JD		 2057{
2058 enum hostapd_hw_mode hw_mode;
2059 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2060 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2061 184, 192 };
563ee183 2062 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2063 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2064 u8 channel;
98479dc9 2065 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2066 unsigned int j, k;
563ee183 2067 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2068 int chwidth, seg0, seg1;
2069 u32 vht_caps = 0;
1830817e
JD		 2070
2071 freq->freq = ssid->frequency;
2072
98479dc9
JD		 2073 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2074 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2075
2076 if (ssid->mode != WPAS_MODE_IBSS)
2077 break;
2078
2079 /* Don't adjust control freq in case of fixed_freq */
2080 if (ssid->fixed_freq)
2081 break;
2082
2083 if (!bss_is_ibss(bss))
2084 continue;
2085
2086 if (ssid->ssid_len == bss->ssid_len &&
2087 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2088 wpa_printf(MSG_DEBUG,
2089 "IBSS already found in scan results, adjust control freq: %d",
2090 bss->freq);
2091 freq->freq = bss->freq;
2092 obss_scan = 0;
2093 break;
2094 }
2095 }
2096
1830817e
JD		 2097 /* For IBSS check HT_IBSS flag */
2098 if (ssid->mode == WPAS_MODE_IBSS &&
2099 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2100 return;
2101
d9a9bc04
JD		 2102 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2103 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2104 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2105 wpa_printf(MSG_DEBUG,
2106 "IBSS: WEP/TKIP detected, do not try to enable HT");
2107 return;
2108 }
2109
98479dc9 2110 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2111 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2112 if (wpa_s->hw.modes[i].mode == hw_mode) {
2113 mode = &wpa_s->hw.modes[i];
2114 break;
2115 }
2116 }
2117
2118 if (!mode)
2119 return;
2120
3388e7b9
MH		 2121#ifdef CONFIG_HT_OVERRIDES
2122 if (ssid->disable_ht) {
2123 freq->ht_enabled = 0;
2124 return;
2125 }
2126#endif /* CONFIG_HT_OVERRIDES */
2127
1830817e 2128 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2129 if (!freq->ht_enabled)
2130 return;
2131
2132 /* Setup higher BW only for 5 GHz */
2133 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2134 return;
2135
2136 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2137 pri_chan = &mode->channels[chan_idx];
2138 if (pri_chan->chan == channel)
2139 break;
2140 pri_chan = NULL;
2141 }
2142 if (!pri_chan)
2143 return;
2144
2145 /* Check primary channel flags */
2146 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2147 return;
2148
05aed438
MH		 2149#ifdef CONFIG_HT_OVERRIDES
2150 if (ssid->disable_ht40)
2151 return;
2152#endif /* CONFIG_HT_OVERRIDES */
2153
6b8b0774
JD		 2154 /* Check/setup HT40+/HT40- */
2155 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2156 if (ht40plus[j] == channel) {
2157 ht40 = 1;
2158 break;
2159 }
2160 }
2161
2162 /* Find secondary channel */
2163 for (i = 0; i < mode->num_channels; i++) {
2164 sec_chan = &mode->channels[i];
2165 if (sec_chan->chan == channel + ht40 * 4)
2166 break;
2167 sec_chan = NULL;
2168 }
2169 if (!sec_chan)
2170 return;
2171
2172 /* Check secondary channel flags */
2173 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2174 return;
2175
2176 freq->channel = pri_chan->chan;
2177
ecba4509 2178 if (ht40 == -1) {
6b8b0774
JD		 2179 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2180 return;
ecba4509 2181 } else {
6b8b0774
JD		 2182 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2183 return;
6b8b0774 2184 }
ecba4509 2185 freq->sec_channel_offset = ht40;
6b8b0774 2186
ecba4509 2187 if (obss_scan) {
6b8b0774
JD		 2188 struct wpa_scan_results *scan_res;
2189
2190 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2191 if (scan_res == NULL) {
2192 /* Back to HT20 */
2193 freq->sec_channel_offset = 0;
2194 return;
2195 }
2196
2197 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2198 sec_chan->chan);
2199 switch (res) {
2200 case 0:
2201 /* Back to HT20 */
2202 freq->sec_channel_offset = 0;
2203 break;
2204 case 1:
2205 /* Configuration allowed */
2206 break;
2207 case 2:
2208 /* Switch pri/sec channels */
2209 freq->freq = hw_get_freq(mode, sec_chan->chan);
2210 freq->sec_channel_offset = -freq->sec_channel_offset;
2211 freq->channel = sec_chan->chan;
2212 break;
2213 default:
2214 freq->sec_channel_offset = 0;
2215 break;
2216 }
2217
2218 wpa_scan_results_free(scan_res);
2219 }
2220
2221 wpa_printf(MSG_DEBUG,
2222 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2223 freq->channel, freq->sec_channel_offset);
563ee183 2224
a65efbfb 2225 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2226 return;
2227
2228 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2229 if (ssid->mode == WPAS_MODE_IBSS &&
2230 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2231 return;
2232
2233 vht_freq = *freq;
2234
b301f54e
JM		 2235#ifdef CONFIG_VHT_OVERRIDES
2236 if (ssid->disable_vht) {
2237 freq->vht_enabled = 0;
2238 return;
2239 }
2240#endif /* CONFIG_VHT_OVERRIDES */
2241
563ee183
JD		 2242 vht_freq.vht_enabled = vht_supported(mode);
2243 if (!vht_freq.vht_enabled)
2244 return;
2245
2246 /* setup center_freq1, bandwidth */
2247 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2248 if (freq->channel >= vht80[j] &&
2249 freq->channel < vht80[j] + 16)
2250 break;
2251 }
2252
2253 if (j == ARRAY_SIZE(vht80))
2254 return;
2255
2256 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2257 struct hostapd_channel_data *chan;
2258
2259 chan = hw_get_channel_chan(mode, i, NULL);
2260 if (!chan)
2261 return;
2262
2263 /* Back to HT configuration if channel not usable */
2264 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2265 return;
2266 }
2267
0f29bc68
AK		 2268 chwidth = VHT_CHANWIDTH_80MHZ;
2269 seg0 = vht80[j] + 6;
2270 seg1 = 0;
2271
2272 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2273 /* setup center_freq2, bandwidth */
2274 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2275 /* Only accept 80 MHz segments separated by a gap */
2276 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2277 continue;
2278 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2279 struct hostapd_channel_data *chan;
2280
2281 chan = hw_get_channel_chan(mode, i, NULL);
2282 if (!chan)
2283 continue;
2284
2285 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2286 HOSTAPD_CHAN_NO_IR |
2287 HOSTAPD_CHAN_RADAR))
2288 continue;
2289
2290 /* Found a suitable second segment for 80+80 */
2291 chwidth = VHT_CHANWIDTH_80P80MHZ;
2292 vht_caps |=
2293 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2294 seg1 = vht80[k] + 6;
2295 }
2296
2297 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2298 break;
2299 }
331f0774
JM		 2300 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2301 if (freq->freq == 5180) {
2302 chwidth = VHT_CHANWIDTH_160MHZ;
2303 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2304 seg0 = 50;
2305 } else if (freq->freq == 5520) {
2306 chwidth = VHT_CHANWIDTH_160MHZ;
2307 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2308 seg0 = 114;
2309 }
0f29bc68
AK		 2310 }
2311
563ee183
JD		 2312 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2313 freq->channel, freq->ht_enabled,
2314 vht_freq.vht_enabled,
2315 freq->sec_channel_offset,
0f29bc68 2316 chwidth, seg0, seg1, vht_caps) != 0)
563ee183
JD		 2317 return;
2318
2319 *freq = vht_freq;
2320
2321 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2322 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2323}
2324
2325
a38090b1
VK		 2326#ifdef CONFIG_FILS
2327static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2328 size_t ie_buf_len)
2329{
2330 struct fils_hlp_req *req;
2331 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2332 const u8 *pos;
2333 u8 *buf = ie_buf;
2334
2335 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2336 list) {
2337 rem_len = ie_buf_len - ie_len;
2338 pos = wpabuf_head(req->pkt);
2339 hdr_len = 1 + 2 * ETH_ALEN + 6;
2340 hlp_len = wpabuf_len(req->pkt);
2341
2342 if (rem_len < 2 + hdr_len + hlp_len) {
2343 wpa_printf(MSG_ERROR,
2344 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2345 (unsigned long) rem_len,
2346 (unsigned long) (2 + hdr_len + hlp_len));
2347 break;
2348 }
2349
2350 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2351 /* Element ID */
2352 *buf++ = WLAN_EID_EXTENSION;
2353 /* Length */
2354 *buf++ = len;
2355 /* Element ID Extension */
2356 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2357 /* Destination MAC address */
2358 os_memcpy(buf, req->dst, ETH_ALEN);
2359 buf += ETH_ALEN;
2360 /* Source MAC address */
2361 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2362 buf += ETH_ALEN;
2363 /* LLC/SNAP Header */
2364 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2365 buf += 6;
2366 /* HLP Packet */
2367 os_memcpy(buf, pos, len - hdr_len);
2368 buf += len - hdr_len;
2369 pos += len - hdr_len;
2370
2371 hlp_len -= len - hdr_len;
2372 ie_len += 2 + len;
2373 rem_len -= 2 + len;
2374
2375 while (hlp_len) {
2376 len = (hlp_len > 255) ? 255 : hlp_len;
2377 if (rem_len < 2 + len)
2378 break;
2379 *buf++ = WLAN_EID_FRAGMENT;
2380 *buf++ = len;
2381 os_memcpy(buf, pos, len);
2382 buf += len;
2383 pos += len;
2384
2385 hlp_len -= len;
2386 ie_len += 2 + len;
2387 rem_len -= 2 + len;
2388 }
2389 }
2390
2391 return ie_len;
2392}
e4802127
MH		 2393
2394
2395int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2396{
2397 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2398 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2399 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2400 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2401}
2402
2403
2404int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2405{
2406#ifdef CONFIG_FILS_SK_PFS
2407 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2408 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2409#else /* CONFIG_FILS_SK_PFS */
2410 return 0;
2411#endif /* CONFIG_FILS_SK_PFS */
2412}
2413
a38090b1
VK		 2414#endif /* CONFIG_FILS */
2415
2416
d2ba0d71
VK		 2417static u8 * wpas_populate_assoc_ies(
2418 struct wpa_supplicant *wpa_s,
2419 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2420 struct wpa_driver_associate_params *params,
2421 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2422{
1e6780bd 2423 u8 *wpa_ie;
10970465 2424 size_t max_wpa_ie_len = 500;
6ac4b15e 2425 size_t wpa_ie_len;
6ac4b15e 2426 int algs = WPA_AUTH_ALG_OPEN;
8b0a6dba
VK		 2427#ifdef CONFIG_FILS
2428 const u8 *realm, *username, *rrk;
2429 size_t realm_len, username_len, rrk_len;
2430 u16 next_seq_num;
b377ec25 2431 struct fils_hlp_req *req;
6fc6879b 2432
b377ec25
VK		 2433 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2434 list) {
2435 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2436 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2437 }
2438#endif /* CONFIG_FILS */
8b0a6dba 2439
1e6780bd
VK		 2440 wpa_ie = os_malloc(max_wpa_ie_len);
2441 if (!wpa_ie) {
2442 wpa_printf(MSG_ERROR,
2443 "Failed to allocate connect IE buffer for %lu bytes",
2444 (unsigned long) max_wpa_ie_len);
d2ba0d71 2445 return NULL;
1e6780bd
VK		 2446 }
2447
6fa81a3b
JM		 2448 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2449 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2450 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2451 int try_opportunistic;
79f3121b
VK		 2452 const u8 *cache_id = NULL;
2453
6e202021
JM		 2454 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2455 wpa_s->conf->okc :
2456 ssid->proactive_key_caching) &&
6fc6879b 2457 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2458#ifdef CONFIG_FILS
2459 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2460 cache_id = wpa_bss_get_fils_cache_id(bss);
2461#endif /* CONFIG_FILS */
6fc6879b 2462 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2463 ssid, try_opportunistic,
852b2f27 2464 cache_id, 0) == 0)
ba422613 2465 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
1e6780bd 2466 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2467 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2468 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2469 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2470 "key management and encryption suites");
1e6780bd 2471 os_free(wpa_ie);
d2ba0d71 2472 return NULL;
6fc6879b 2473 }
a3f7e518
JM		 2474 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2475 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2476 /*
2477 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2478 * use non-WPA since the scan results did not indicate that the
2479 * AP is using WPA or WPA2.
2480 */
2481 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2482 wpa_ie_len = 0;
2483 wpa_s->wpa_proto = 0;
0bf927a0 2484 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2485 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2486 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2487 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2488 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2489 "key management and encryption suites (no "
2490 "scan results)");
1e6780bd 2491 os_free(wpa_ie);
d2ba0d71 2492 return NULL;
6fc6879b 2493 }
ad08c363
JM		 2494#ifdef CONFIG_WPS
2495 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2496 struct wpabuf *wps_ie;
2497 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2498 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2499 wpa_ie_len = wpabuf_len(wps_ie);
2500 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2501 } else
2502 wpa_ie_len = 0;
ad08c363
JM		 2503 wpabuf_free(wps_ie);
2504 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2505 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2506 params->wps = WPS_MODE_PRIVACY;
0c80427d 2507 else
d2ba0d71 2508 params->wps = WPS_MODE_OPEN;
cf546f1a 2509 wpa_s->wpa_proto = 0;
ad08c363 2510#endif /* CONFIG_WPS */
6fc6879b
JM		 2511 } else {
2512 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2513 wpa_ie_len = 0;
cf546f1a 2514 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2515 }
2516
b377ec25
VK		 2517#ifdef IEEE8021X_EAPOL
2518 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2519 if (ssid->leap) {
2520 if (ssid->non_leap == 0)
2521 algs = WPA_AUTH_ALG_LEAP;
2522 else
2523 algs |= WPA_AUTH_ALG_LEAP;
2524 }
2525 }
2526
2527#ifdef CONFIG_FILS
2528 /* Clear FILS association */
2529 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2530
2531 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2532 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2533 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2534 &username_len, &realm, &realm_len,
2535 &next_seq_num, &rrk, &rrk_len) == 0) {
2536 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2537 params->fils_erp_username = username;
2538 params->fils_erp_username_len = username_len;
2539 params->fils_erp_realm = realm;
2540 params->fils_erp_realm_len = realm_len;
2541 params->fils_erp_next_seq_num = next_seq_num;
2542 params->fils_erp_rrk = rrk;
2543 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2544
2545 if (mask)
2546 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2547 }
2548#endif /* CONFIG_FILS */
2549#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2550#ifdef CONFIG_SAE
2551 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2552 algs = WPA_AUTH_ALG_SAE;
2553#endif /* CONFIG_SAE */
b377ec25
VK		 2554
2555 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2556 if (ssid->auth_alg) {
2557 algs = ssid->auth_alg;
2558 wpa_dbg(wpa_s, MSG_DEBUG,
2559 "Overriding auth_alg selection: 0x%x", algs);
2560 }
2561
5f3a6aa0
JM		 2562#ifdef CONFIG_P2P
2563 if (wpa_s->global->p2p) {
2564 u8 *pos;
2565 size_t len;
2566 int res;
5f3a6aa0 2567 pos = wpa_ie + wpa_ie_len;
1e6780bd 2568 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2569 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2570 ssid->p2p_group);
5f3a6aa0
JM		 2571 if (res >= 0)
2572 wpa_ie_len += res;
2573 }
72044390
JM		 2574
2575 wpa_s->cross_connect_disallowed = 0;
2576 if (bss) {
2577 struct wpabuf *p2p;
2578 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2579 if (p2p) {
2580 wpa_s->cross_connect_disallowed =
2581 p2p_get_cross_connect_disallowed(p2p);
2582 wpabuf_free(p2p);
f049052b
BG		 2583 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2584 "connection",
2585 wpa_s->cross_connect_disallowed ?
2586 "disallows" : "allows");
72044390
JM		 2587 }
2588 }
25ef8529
JM		 2589
2590 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2591#endif /* CONFIG_P2P */
2592
5e57ba25 2593 if (bss) {
065c029a 2594 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2595 wpa_ie + wpa_ie_len,
1e6780bd 2596 max_wpa_ie_len -
065c029a 2597 wpa_ie_len);
5e57ba25 2598 }
5e57ba25 2599
8b3b803a
AH		 2600 /*
2601 * Workaround: Add Extended Capabilities element only if the AP
2602 * included this element in Beacon/Probe Response frames. Some older
2603 * APs seem to have interoperability issues if this element is
2604 * included, so while the standard may require us to include the
2605 * element in all cases, it is justifiable to skip it to avoid
2606 * interoperability issues.
2607 */
cc9a2575
KV		 2608 if (ssid->p2p_group)
2609 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2610 else
2611 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2612
8b3b803a 2613 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2614 u8 ext_capab[18];
8b3b803a 2615 int ext_capab_len;
0bbaa9b9
JM		 2616 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2617 sizeof(ext_capab));
2c66c7d1
AA		 2618 if (ext_capab_len > 0 &&
2619 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2620 u8 *pos = wpa_ie;
2621 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2622 pos += 2 + pos[1];
2623 os_memmove(pos + ext_capab_len, pos,
2624 wpa_ie_len - (pos - wpa_ie));
2625 wpa_ie_len += ext_capab_len;
2626 os_memcpy(pos, ext_capab, ext_capab_len);
2627 }
92cbcf91 2628 }
92cbcf91 2629
c484b198
AS		 2630#ifdef CONFIG_HS20
2631 if (is_hs20_network(wpa_s, ssid, bss)) {
2632 struct wpabuf *hs20;
2633
4204669c 2634 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2635 if (hs20) {
2636 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2637 size_t len;
2638
2639 wpas_hs20_add_indication(hs20, pps_mo_id);
4204669c 2640 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2641 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2642 if (wpabuf_len(hs20) <= len) {
2643 os_memcpy(wpa_ie + wpa_ie_len,
2644 wpabuf_head(hs20), wpabuf_len(hs20));
2645 wpa_ie_len += wpabuf_len(hs20);
2646 }
2647 wpabuf_free(hs20);
ece4ac5f
MG		 2648
2649 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2650 }
2651 }
2652#endif /* CONFIG_HS20 */
2653
d29fa3a7
JM		 2654 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2655 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2656 size_t len;
2657
1e6780bd 2658 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2659 if (wpabuf_len(buf) <= len) {
2660 os_memcpy(wpa_ie + wpa_ie_len,
2661 wpabuf_head(buf), wpabuf_len(buf));
2662 wpa_ie_len += wpabuf_len(buf);
2663 }
2664 }
2665
b36a3a65
AN		 2666#ifdef CONFIG_FST
2667 if (wpa_s->fst_ies) {
2668 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2669
1e6780bd 2670 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2671 os_memcpy(wpa_ie + wpa_ie_len,
2672 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2673 wpa_ie_len += fst_ies_len;
2674 }
2675 }
2676#endif /* CONFIG_FST */
2677
92c6e2e3 2678#ifdef CONFIG_MBO
065c029a 2679 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
5e57ba25 2680 int len;
92c6e2e3 2681
5e57ba25 2682 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
1e6780bd 2683 max_wpa_ie_len - wpa_ie_len);
5e57ba25
AS		 2684 if (len >= 0)
2685 wpa_ie_len += len;
92c6e2e3
DS		 2686 }
2687#endif /* CONFIG_MBO */
2688
a38090b1
VK		 2689#ifdef CONFIG_FILS
2690 if (algs == WPA_AUTH_ALG_FILS) {
2691 size_t len;
2692
2693 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2694 max_wpa_ie_len - wpa_ie_len);
2695 wpa_ie_len += len;
2696 }
2697#endif /* CONFIG_FILS */
2698
10970465 2699#ifdef CONFIG_OWE
5f30b69c
JM		 2700#ifdef CONFIG_TESTING_OPTIONS
2701 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2702 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2703 } else
2704#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2705 if (algs == WPA_AUTH_ALG_OPEN &&
2706 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2707 struct wpabuf *owe_ie;
2cb40e9f 2708 u16 group;
10970465 2709
2cb40e9f 2710 if (ssid->owe_group) {
10970465 2711 group = ssid->owe_group;
2cb40e9f
JM		 2712 } else {
2713 if (wpa_s->last_owe_group == 19)
2714 group = 20;
2715 else if (wpa_s->last_owe_group == 20)
2716 group = 21;
2717 else
2718 group = OWE_DH_GROUP;
2719 }
2720 wpa_s->last_owe_group = group;
2721 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 2722 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2723 if (owe_ie &&
2724 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2725 os_memcpy(wpa_ie + wpa_ie_len,
2726 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2727 wpa_ie_len += wpabuf_len(owe_ie);
2728 wpabuf_free(owe_ie);
2729 }
2730 }
2731#endif /* CONFIG_OWE */
2732
3dc3afe2
AM		 2733#ifdef CONFIG_IEEE80211R
2734 /*
2735 * Add MDIE under these conditions: the network profile allows FT,
2736 * the AP supports FT, and the mobility domain ID matches.
2737 */
2738 if (wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
2739 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2740
2741 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 2742 size_t len = 0;
3dc3afe2
AM		 2743 const u8 *md = mdie + 2;
2744 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
2745
2746 if (os_memcmp(md, wpa_md,
2747 MOBILITY_DOMAIN_ID_LEN) == 0) {
2748 /* Add mobility domain IE */
86c998d3 2749 len = wpa_ft_add_mdie(
3dc3afe2
AM		 2750 wpa_s->wpa, wpa_ie + wpa_ie_len,
2751 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 2752 wpa_ie_len += len;
3dc3afe2 2753 }
86c998d3
AM		 2754#ifdef CONFIG_SME
2755 if (len > 0 && wpa_s->sme.ft_used &&
2756 wpa_sm_has_ptk(wpa_s->wpa)) {
2757 wpa_dbg(wpa_s, MSG_DEBUG,
2758 "SME: Trying to use FT over-the-air");
2759 algs |= WPA_AUTH_ALG_FT;
2760 }
2761#endif /* CONFIG_SME */
3dc3afe2
AM		 2762 }
2763 }
2764#endif /* CONFIG_IEEE80211R */
2765
d2ba0d71
VK		 2766 params->wpa_ie = wpa_ie;
2767 params->wpa_ie_len = wpa_ie_len;
2768 params->auth_alg = algs;
6338c99e
VK		 2769 if (mask)
2770 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 2771
2772 return wpa_ie;
2773}
2774
2775
6338c99e
VK		 2776#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2777static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
2778{
2779 struct wpa_driver_associate_params params;
2780 enum wpa_drv_update_connect_params_mask mask = 0;
2781 u8 *wpa_ie;
2782
2783 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
2784 return; /* nothing to do */
2785
2786 os_memset(&params, 0, sizeof(params));
2787 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
2788 wpa_s->current_ssid, &params, &mask);
2789 if (!wpa_ie)
2790 return;
2791
2792 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
2793 os_free(wpa_ie);
2794 return;
2795 }
2796
2797 wpa_s->auth_alg = params.auth_alg;
2798 wpa_drv_update_connect_params(wpa_s, &params, mask);
2799 os_free(wpa_ie);
2800}
2801#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2802
2803
d2ba0d71
VK		 2804static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2805{
2806 struct wpa_connect_work *cwork = work->ctx;
2807 struct wpa_bss *bss = cwork->bss;
2808 struct wpa_ssid *ssid = cwork->ssid;
2809 struct wpa_supplicant *wpa_s = work->wpa_s;
2810 u8 *wpa_ie;
2811 int use_crypt, ret, i, bssid_changed;
2812 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
2813 struct wpa_driver_associate_params params;
2814 int wep_keys_set = 0;
2815 int assoc_failed = 0;
2816 struct wpa_ssid *old_ssid;
2817 u8 prev_bssid[ETH_ALEN];
2818#ifdef CONFIG_HT_OVERRIDES
2819 struct ieee80211_ht_capabilities htcaps;
2820 struct ieee80211_ht_capabilities htcaps_mask;
2821#endif /* CONFIG_HT_OVERRIDES */
2822#ifdef CONFIG_VHT_OVERRIDES
2823 struct ieee80211_vht_capabilities vhtcaps;
2824 struct ieee80211_vht_capabilities vhtcaps_mask;
2825#endif /* CONFIG_VHT_OVERRIDES */
2826
2827 if (deinit) {
2828 if (work->started) {
2829 wpa_s->connect_work = NULL;
2830
2831 /* cancel possible auth. timeout */
2832 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2833 NULL);
2834 }
2835 wpas_connect_work_free(cwork);
2836 return;
2837 }
2838
2839 wpa_s->connect_work = work;
2840
2841 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2842 wpas_network_disabled(wpa_s, ssid)) {
2843 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2844 wpas_connect_work_done(wpa_s);
2845 return;
2846 }
2847
2848 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2849 os_memset(&params, 0, sizeof(params));
2850 wpa_s->reassociate = 0;
2851 wpa_s->eap_expected_failure = 0;
2852 if (bss &&
2853 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2854#ifdef CONFIG_IEEE80211R
2855 const u8 *ie, *md = NULL;
2856#endif /* CONFIG_IEEE80211R */
2857 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2858 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2859 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2860 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2861 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2862 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2863 if (bssid_changed)
2864 wpas_notify_bssid_changed(wpa_s);
2865#ifdef CONFIG_IEEE80211R
2866 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2867 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2868 md = ie + 2;
2869 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2870 if (md) {
2871 /* Prepare for the next transition */
2872 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2873 }
2874#endif /* CONFIG_IEEE80211R */
2875#ifdef CONFIG_WPS
2876 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2877 wpa_s->conf->ap_scan == 2 &&
2878 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2879 /* Use ap_scan==1 style network selection to find the network
2880 */
2881 wpas_connect_work_done(wpa_s);
2882 wpa_s->scan_req = MANUAL_SCAN_REQ;
2883 wpa_s->reassociate = 1;
2884 wpa_supplicant_req_scan(wpa_s, 0, 0);
2885 return;
2886#endif /* CONFIG_WPS */
2887 } else {
2888 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2889 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2890 if (bss)
2891 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2892 else
2893 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2894 }
2895 if (!wpa_s->pno)
2896 wpa_supplicant_cancel_sched_scan(wpa_s);
2897
2898 wpa_supplicant_cancel_scan(wpa_s);
2899
2900 /* Starting new association, so clear the possibly used WPA IE from the
2901 * previous association. */
2902 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2903
6338c99e 2904 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 2905 if (!wpa_ie) {
2906 wpas_connect_work_done(wpa_s);
2907 return;
2908 }
2909
6fc6879b
JM		 2910 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2911 use_crypt = 1;
4848a38d
JM		 2912 cipher_pairwise = wpa_s->pairwise_cipher;
2913 cipher_group = wpa_s->group_cipher;
61a56c14 2914 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 2915 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2916 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2917 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2918 use_crypt = 0;
2919 if (wpa_set_wep_keys(wpa_s, ssid)) {
2920 use_crypt = 1;
2921 wep_keys_set = 1;
2922 }
2923 }
ad08c363
JM		 2924 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2925 use_crypt = 0;
6fc6879b
JM		 2926
2927#ifdef IEEE8021X_EAPOL
2928 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2929 if ((ssid->eapol_flags &
2930 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2931 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2932 !wep_keys_set) {
2933 use_crypt = 0;
2934 } else {
2935 /* Assume that dynamic WEP-104 keys will be used and
2936 * set cipher suites in order for drivers to expect
2937 * encryption. */
4848a38d 2938 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 2939 }
2940 }
2941#endif /* IEEE8021X_EAPOL */
2942
2943 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2944 /* Set the key before (and later after) association */
2945 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2946 }
2947
6fc6879b 2948 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 2949 if (bss) {
6fa81a3b
JM		 2950 params.ssid = bss->ssid;
2951 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 2952 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2953 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 2954 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2955 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 2956 "(bssid_set=%d wps=%d)",
f15854d1 2957 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 2958 ssid->bssid_set,
2959 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 2960 params.bssid = bss->bssid;
4ec68377 2961 params.freq.freq = bss->freq;
22628eca 2962 }
7ac7fd43
DS		 2963 params.bssid_hint = bss->bssid;
2964 params.freq_hint = bss->freq;
b9074912 2965 params.pbss = bss_is_pbss(bss);
6fc6879b 2966 } else {
43a356b2
PK		 2967 if (ssid->bssid_hint_set)
2968 params.bssid_hint = ssid->bssid_hint;
2969
6fc6879b
JM		 2970 params.ssid = ssid->ssid;
2971 params.ssid_len = ssid->ssid_len;
90f14962 2972 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 2973 }
9e2af29f
NC		 2974
2975 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2976 wpa_s->conf->ap_scan == 2) {
2977 params.bssid = ssid->bssid;
2978 params.fixed_bssid = 1;
2979 }
2980
603a3f34
JL		 2981 /* Initial frequency for IBSS/mesh */
2982 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 2983 ssid->frequency > 0 && params.freq.freq == 0)
2984 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 2985
8f05577d 2986 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 2987 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 2988 if (ssid->beacon_int)
2989 params.beacon_int = ssid->beacon_int;
2990 else
2991 params.beacon_int = wpa_s->conf->beacon_int;
2992 }
2993
6fc6879b
JM		 2994 params.pairwise_suite = cipher_pairwise;
2995 params.group_suite = cipher_group;
61a56c14 2996 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 2997 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 2998 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 2999 wpa_s->auth_alg = params.auth_alg;
6fc6879b 3000 params.mode = ssid->mode;
1f6c0ab8 3001 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 3002 for (i = 0; i < NUM_WEP_KEYS; i++) {
3003 if (ssid->wep_key_len[i])
3004 params.wep_key[i] = ssid->wep_key[i];
3005 params.wep_key_len[i] = ssid->wep_key_len[i];
3006 }
3007 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3008
c2a04078 3009 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
4848a38d
JM		 3010 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3011 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3012 params.passphrase = ssid->passphrase;
3013 if (ssid->psk_set)
3014 params.psk = ssid->psk;
b41f2684
CL		 3015 }
3016
3017 if (wpa_s->conf->key_mgmt_offload) {
3018 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3019 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3020 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3021 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3022 params.req_key_mgmt_offload =
3023 ssid->proactive_key_caching < 0 ?
3024 wpa_s->conf->okc : ssid->proactive_key_caching;
3025 else
3026 params.req_key_mgmt_offload = 1;
3027
3028 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3029 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3030 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3031 ssid->psk_set)
3032 params.psk = ssid->psk;
6fc6879b
JM		 3033 }
3034
36b15723
JM		 3035 params.drop_unencrypted = use_crypt;
3036
6fc6879b 3037#ifdef CONFIG_IEEE80211W
3f56a2b7 3038 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3039 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3040 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3041 struct wpa_ie_data ie;
3042 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3043 ie.capabilities &
3044 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3045 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3046 "MFP: require MFP");
97d3497e
JM		 3047 params.mgmt_frame_protection =
3048 MGMT_FRAME_PROTECTION_REQUIRED;
3049 }
3050 }
6fc6879b
JM		 3051#endif /* CONFIG_IEEE80211W */
3052
ffad8858 3053 params.p2p = ssid->p2p_group;
6e3f4b89 3054
ba307f85
LD		 3055 if (wpa_s->p2pdev->set_sta_uapsd)
3056 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3057 else
3058 params.uapsd = -1;
3059
80e8a5ee
BG		 3060#ifdef CONFIG_HT_OVERRIDES
3061 os_memset(&htcaps, 0, sizeof(htcaps));
3062 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3063 params.htcaps = (u8 *) &htcaps;
3064 params.htcaps_mask = (u8 *) &htcaps_mask;
3065 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3066#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3067#ifdef CONFIG_VHT_OVERRIDES
3068 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3069 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3070 params.vhtcaps = &vhtcaps;
3071 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3072 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3073#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3074
8567866d
JJ		 3075#ifdef CONFIG_P2P
3076 /*
3077 * If multi-channel concurrency is not supported, check for any
3078 * frequency conflict. In case of any frequency conflict, remove the
3079 * least prioritized connection.
3080 */
3081 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3082 int freq, num;
3083 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3084 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3085 wpa_printf(MSG_DEBUG,
3086 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3087 freq, params.freq.freq);
3088 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3089 wpa_s, params.freq.freq, ssid) < 0) {
3090 wpas_connect_work_done(wpa_s);
1e6780bd 3091 os_free(wpa_ie);
8567866d 3092 return;
74656400 3093 }
8567866d
JJ		 3094 }
3095 }
3096#endif /* CONFIG_P2P */
3097
6a5ee810
JM		 3098 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3099 wpa_s->current_ssid)
3100 params.prev_bssid = prev_bssid;
3101
17fbb751 3102 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3103 os_free(wpa_ie);
6fc6879b
JM		 3104 if (ret < 0) {
3105 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3106 "failed");
871f4dd0
JM		 3107 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3108 /*
3109 * The driver is known to mean what is saying, so we
3110 * can stop right here; the association will not
3111 * succeed.
3112 */
3113 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3114 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3115 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3116 return;
3117 }
6fc6879b
JM		 3118 /* try to continue anyway; new association will be tried again
3119 * after timeout */
3120 assoc_failed = 1;
3121 }
3122
3123 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3124 /* Set the key after the association just in case association
3125 * cleared the previously configured key. */
3126 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3127 /* No need to timeout authentication since there is no key
3128 * management. */
3129 wpa_supplicant_cancel_auth_timeout(wpa_s);
3130 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3131#ifdef CONFIG_IBSS_RSN
d7dcba70 3132 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3133 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3134 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3135 /*
3136 * RSN IBSS authentication is per-STA and we can disable the
3137 * per-BSSID authentication.
3138 */
3139 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3140#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3141 } else {
3142 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3143 int timeout = 60;
3144
3145 if (assoc_failed) {
3146 /* give IBSS a bit more time */
d7dcba70 3147 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3148 } else if (wpa_s->conf->ap_scan == 1) {
3149 /* give IBSS a bit more time */
d7dcba70 3150 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3151 }
6fc6879b
JM		 3152 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3153 }
3154
66562e9c
JM		 3155 if (wep_keys_set &&
3156 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3157 /* Set static WEP keys again */
3158 wpa_set_wep_keys(wpa_s, ssid);
3159 }
3160
3161 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3162 /*
3163 * Do not allow EAP session resumption between different
3164 * network configurations.
3165 */
3166 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3167 }
8bac466b 3168 old_ssid = wpa_s->current_ssid;
6fc6879b 3169 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3170
3171 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3172 wpa_s->current_bss = bss;
ece4ac5f
MG		 3173#ifdef CONFIG_HS20
3174 hs20_configure_frame_filters(wpa_s);
3175#endif /* CONFIG_HS20 */
3176 }
3177
6fc6879b
JM		 3178 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3179 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3180 if (old_ssid != wpa_s->current_ssid)
3181 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3182}
3183
3184
09f58c09
JM		 3185static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3186 const u8 *addr)
3187{
3188 struct wpa_ssid *old_ssid;
3189
c155305f 3190 wpas_connect_work_done(wpa_s);
09f58c09 3191 wpa_clear_keys(wpa_s, addr);
09f58c09 3192 old_ssid = wpa_s->current_ssid;
0d30cc24 3193 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3194 wpa_sm_set_config(wpa_s->wpa, NULL);
3195 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3196 if (old_ssid != wpa_s->current_ssid)
3197 wpas_notify_network_changed(wpa_s);
3198 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3199}
3200
3201
6fc6879b
JM		 3202/**
3203 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3204 * @wpa_s: Pointer to wpa_supplicant data
3205 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3206 *
073ab58f 3207 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3208 * current AP.
3209 */
3210void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3211 int reason_code)
3212{
3213 u8 *addr = NULL;
ef48ff94 3214 union wpa_event_data event;
42d23547 3215 int zero_addr = 0;
8bac466b 3216
42d23547
JM		 3217 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3218 " pending_bssid=" MACSTR " reason=%d state=%s",
3219 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3220 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
3221
04e3d815
MK		 3222 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3223 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3224 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3225 addr = wpa_s->pending_bssid;
04e3d815
MK		 3226 else if (!is_zero_ether_addr(wpa_s->bssid))
3227 addr = wpa_s->bssid;
42d23547
JM		 3228 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3229 /*
3230 * When using driver-based BSS selection, we may not know the
3231 * BSSID with which we are currently trying to associate. We
3232 * need to notify the driver of this disconnection even in such
3233 * a case, so use the all zeros address here.
3234 */
6fc6879b 3235 addr = wpa_s->bssid;
42d23547
JM		 3236 zero_addr = 1;
3237 }
3238
7b44ff2c
SD		 3239#ifdef CONFIG_TDLS
3240 wpa_tdls_teardown_peers(wpa_s->wpa);
3241#endif /* CONFIG_TDLS */
3242
603a3f34
JL		 3243#ifdef CONFIG_MESH
3244 if (wpa_s->ifmsh) {
a39b040b
SB		 3245 struct mesh_conf *mconf;
3246
3247 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3248 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3249 wpa_s->ifname);
a39b040b
SB		 3250 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3251 mconf->meshid_len, reason_code);
603a3f34
JL		 3252 wpa_supplicant_leave_mesh(wpa_s);
3253 }
3254#endif /* CONFIG_MESH */
3255
42d23547
JM		 3256 if (addr) {
3257 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 3258 os_memset(&event, 0, sizeof(event));
3259 event.deauth_info.reason_code = (u16) reason_code;
3260 event.deauth_info.locally_generated = 1;
3261 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3262 if (zero_addr)
3263 addr = NULL;
6fc6879b 3264 }
09f58c09
JM		 3265
3266 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3267}
3268
dca1a511
DS		 3269static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3270 struct wpa_ssid *ssid)
3271{
3272 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3273 return;
3274
3275 ssid->disabled = 0;
3276 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3277 wpas_notify_network_enabled_changed(wpa_s, ssid);
3278
3279 /*
3280 * Try to reassociate since there is no current configuration and a new
3281 * network was made available.
3282 */
d2592497 3283 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3284 wpa_s->reassociate = 1;
3285}
3286
6fc6879b 3287
d015bb05
RP		 3288/**
3289 * wpa_supplicant_add_network - Add a new network
3290 * @wpa_s: wpa_supplicant structure for a network interface
3291 * Returns: The new network configuration or %NULL if operation failed
3292 *
3293 * This function performs the following operations:
3294 * 1. Adds a new network.
3295 * 2. Send network addition notification.
3296 * 3. Marks the network disabled.
3297 * 4. Set network default parameters.
3298 */
3299struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3300{
3301 struct wpa_ssid *ssid;
3302
3303 ssid = wpa_config_add_network(wpa_s->conf);
3304 if (!ssid)
3305 return NULL;
3306 wpas_notify_network_added(wpa_s, ssid);
3307 ssid->disabled = 1;
3308 wpa_config_set_network_defaults(ssid);
3309
3310 return ssid;
3311}
3312
3313
3314/**
3315 * wpa_supplicant_remove_network - Remove a configured network based on id
3316 * @wpa_s: wpa_supplicant structure for a network interface
3317 * @id: Unique network id to search for
3318 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3319 * could not be removed
3320 *
3321 * This function performs the following operations:
3322 * 1. Removes the network.
3323 * 2. Send network removal notification.
3324 * 3. Update internal state machines.
3325 * 4. Stop any running sched scans.
3326 */
3327int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3328{
3329 struct wpa_ssid *ssid;
3330 int was_disabled;
3331
3332 ssid = wpa_config_get_network(wpa_s->conf, id);
3333 if (!ssid)
3334 return -1;
3335 wpas_notify_network_removed(wpa_s, ssid);
3336
3337 if (wpa_s->last_ssid == ssid)
3338 wpa_s->last_ssid = NULL;
3339
3340 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3341#ifdef CONFIG_SME
3342 wpa_s->sme.prev_bssid_set = 0;
3343#endif /* CONFIG_SME */
3344 /*
3345 * Invalidate the EAP session cache if the current or
3346 * previously used network is removed.
3347 */
3348 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3349 }
3350
3351 if (ssid == wpa_s->current_ssid) {
3352 wpa_sm_set_config(wpa_s->wpa, NULL);
3353 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3354
3355 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3356 wpa_s->own_disconnect_req = 1;
3357 wpa_supplicant_deauthenticate(wpa_s,
3358 WLAN_REASON_DEAUTH_LEAVING);
3359 }
3360
3361 was_disabled = ssid->disabled;
3362
3363 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3364 return -2;
3365
3366 if (!was_disabled && wpa_s->sched_scanning) {
3367 wpa_printf(MSG_DEBUG,
3368 "Stop ongoing sched_scan to remove network from filters");
3369 wpa_supplicant_cancel_sched_scan(wpa_s);
3370 wpa_supplicant_req_scan(wpa_s, 0, 0);
3371 }
3372
3373 return 0;
3374}
3375
3376
86b89452
WS		 3377/**
3378 * wpa_supplicant_enable_network - Mark a configured network as enabled
3379 * @wpa_s: wpa_supplicant structure for a network interface
3380 * @ssid: wpa_ssid structure for a configured network or %NULL
3381 *
3382 * Enables the specified network or all networks if no network specified.
3383 */
3384void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3385 struct wpa_ssid *ssid)
3386{
86b89452 3387 if (ssid == NULL) {
14f79078
JM		 3388 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3389 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3390 } else
3391 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3392
5a1d9d1a
JM		 3393 if (wpa_s->reassociate && !wpa_s->disconnected &&
3394 (!wpa_s->current_ssid ||
3395 wpa_s->wpa_state == WPA_DISCONNECTED ||
3396 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3397 if (wpa_s->sched_scanning) {
3398 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3399 "new network to scan filters");
3400 wpa_supplicant_cancel_sched_scan(wpa_s);
3401 }
86b89452 3402
35d40309
JM		 3403 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3404 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3405 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3406 }
86b89452
WS		 3407 }
3408}
3409
3410
3411/**
3412 * wpa_supplicant_disable_network - Mark a configured network as disabled
3413 * @wpa_s: wpa_supplicant structure for a network interface
3414 * @ssid: wpa_ssid structure for a configured network or %NULL
3415 *
3416 * Disables the specified network or all networks if no network specified.
3417 */
3418void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3419 struct wpa_ssid *ssid)
3420{
3421 struct wpa_ssid *other_ssid;
3422 int was_disabled;
3423
3424 if (ssid == NULL) {
725fc39e
DS		 3425 if (wpa_s->sched_scanning)
3426 wpa_supplicant_cancel_sched_scan(wpa_s);
3427
4dac0245
JM		 3428 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3429 other_ssid = other_ssid->next) {
86b89452 3430 was_disabled = other_ssid->disabled;
4dac0245
JM		 3431 if (was_disabled == 2)
3432 continue; /* do not change persistent P2P group
3433 * data */
86b89452
WS		 3434
3435 other_ssid->disabled = 1;
3436
3437 if (was_disabled != other_ssid->disabled)
3438 wpas_notify_network_enabled_changed(
3439 wpa_s, other_ssid);
86b89452 3440 }
0661163e
SD		 3441 if (wpa_s->current_ssid) {
3442 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3443 wpa_s->own_disconnect_req = 1;
07783eaa 3444 wpa_supplicant_deauthenticate(
86b89452 3445 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3446 }
4dac0245 3447 } else if (ssid->disabled != 2) {
0661163e
SD		 3448 if (ssid == wpa_s->current_ssid) {
3449 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3450 wpa_s->own_disconnect_req = 1;
07783eaa 3451 wpa_supplicant_deauthenticate(
86b89452 3452 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3453 }
86b89452
WS		 3454
3455 was_disabled = ssid->disabled;
3456
3457 ssid->disabled = 1;
3458
725fc39e 3459 if (was_disabled != ssid->disabled) {
86b89452 3460 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 3461 if (wpa_s->sched_scanning) {
3462 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3463 "to remove network from filters");
3464 wpa_supplicant_cancel_sched_scan(wpa_s);
3465 wpa_supplicant_req_scan(wpa_s, 0, 0);
3466 }
3467 }
86b89452
WS		 3468 }
3469}
3470
3471
3472/**
3473 * wpa_supplicant_select_network - Attempt association with a network
3474 * @wpa_s: wpa_supplicant structure for a network interface
3475 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3476 */
3477void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3478 struct wpa_ssid *ssid)
3479{
3480
3481 struct wpa_ssid *other_ssid;
d93dfbd5 3482 int disconnected = 0;
86b89452 3483
d93dfbd5 3484 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 3485 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3486 wpa_s->own_disconnect_req = 1;
07783eaa 3487 wpa_supplicant_deauthenticate(
86b89452 3488 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 3489 disconnected = 1;
3490 }
86b89452 3491
00e5e3d5
JM		 3492 if (ssid)
3493 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3494
86b89452
WS		 3495 /*
3496 * Mark all other networks disabled or mark all networks enabled if no
3497 * network specified.
3498 */
4dac0245
JM		 3499 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3500 other_ssid = other_ssid->next) {
86b89452 3501 int was_disabled = other_ssid->disabled;
4dac0245
JM		 3502 if (was_disabled == 2)
3503 continue; /* do not change persistent P2P group data */
86b89452
WS		 3504
3505 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 3506 if (was_disabled && !other_ssid->disabled)
3507 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 3508
3509 if (was_disabled != other_ssid->disabled)
3510 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 3511 }
2a6f78fb 3512
d38c7be0
JM		 3513 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3514 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 3515 /* We are already associated with the selected network */
3516 wpa_printf(MSG_DEBUG, "Already associated with the "
3517 "selected network - do nothing");
3518 return;
3519 }
3520
25a8f9e3 3521 if (ssid) {
96efeeb6 3522 wpa_s->current_ssid = ssid;
25a8f9e3 3523 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 3524 wpa_s->connect_without_scan =
3525 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 3526
3527 /*
3528 * Don't optimize next scan freqs since a new ESS has been
3529 * selected.
3530 */
3531 os_free(wpa_s->next_scan_freqs);
3532 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 3533 } else {
3534 wpa_s->connect_without_scan = NULL;
25a8f9e3 3535 }
603a3f34 3536
86b89452
WS		 3537 wpa_s->disconnected = 0;
3538 wpa_s->reassociate = 1;
2cb40e9f 3539 wpa_s->last_owe_group = 0;
cecdddc1 3540
e4a35f07 3541 if (wpa_s->connect_without_scan ||
35d40309
JM		 3542 wpa_supplicant_fast_associate(wpa_s) != 1) {
3543 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 3544 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 3545 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 3546 }
86b89452 3547
a1641d26
JM		 3548 if (ssid)
3549 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 3550}
3551
3552
bdec7ee5
MS		 3553/**
3554 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3555 * @wpa_s: wpa_supplicant structure for a network interface
3556 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3557 * @pkcs11_module_path: PKCS #11 module path or NULL
3558 * Returns: 0 on success; -1 on failure
3559 *
3560 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3561 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3562 * module path fails the paths will be reset to the default value (NULL).
3563 */
3564int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3565 const char *pkcs11_engine_path,
3566 const char *pkcs11_module_path)
3567{
3568 char *pkcs11_engine_path_copy = NULL;
3569 char *pkcs11_module_path_copy = NULL;
3570
3571 if (pkcs11_engine_path != NULL) {
3572 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3573 if (pkcs11_engine_path_copy == NULL)
3574 return -1;
3575 }
3576 if (pkcs11_module_path != NULL) {
3577 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 3578 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 3579 os_free(pkcs11_engine_path_copy);
3580 return -1;
3581 }
3582 }
3583
3584 os_free(wpa_s->conf->pkcs11_engine_path);
3585 os_free(wpa_s->conf->pkcs11_module_path);
3586 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3587 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3588
3589 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3590 eapol_sm_deinit(wpa_s->eapol);
3591 wpa_s->eapol = NULL;
3592 if (wpa_supplicant_init_eapol(wpa_s)) {
3593 /* Error -> Reset paths to the default value (NULL) once. */
3594 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3595 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3596 NULL);
3597
3598 return -1;
3599 }
3600 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3601
3602 return 0;
3603}
3604
3605
86b89452
WS		 3606/**
3607 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3608 * @wpa_s: wpa_supplicant structure for a network interface
3609 * @ap_scan: AP scan mode
3610 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3611 *
3612 */
3613int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3614{
3615
3616 int old_ap_scan;
3617
3618 if (ap_scan < 0 || ap_scan > 2)
3619 return -1;
3620
8406cd35
JM		 3621 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3622 wpa_printf(MSG_INFO,
3623 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3624 }
3625
48f8e036
DS		 3626#ifdef ANDROID
3627 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3628 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3629 wpa_s->wpa_state < WPA_COMPLETED) {
3630 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3631 "associating", wpa_s->conf->ap_scan, ap_scan);
3632 return 0;
3633 }
3634#endif /* ANDROID */
3635
86b89452
WS		 3636 old_ap_scan = wpa_s->conf->ap_scan;
3637 wpa_s->conf->ap_scan = ap_scan;
3638
3639 if (old_ap_scan != wpa_s->conf->ap_scan)
3640 wpas_notify_ap_scan_changed(wpa_s);
3641
3642 return 0;
3643}
3644
3645
78633c37
SL		 3646/**
3647 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3648 * @wpa_s: wpa_supplicant structure for a network interface
3649 * @expire_age: Expiration age in seconds
3650 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3651 *
3652 */
3653int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3654 unsigned int bss_expire_age)
3655{
3656 if (bss_expire_age < 10) {
3657 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3658 bss_expire_age);
3659 return -1;
3660 }
3661 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3662 bss_expire_age);
3663 wpa_s->conf->bss_expiration_age = bss_expire_age;
3664
3665 return 0;
3666}
3667
3668
3669/**
3670 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3671 * @wpa_s: wpa_supplicant structure for a network interface
3672 * @expire_count: number of scans after which an unseen BSS is reclaimed
3673 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3674 *
3675 */
3676int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3677 unsigned int bss_expire_count)
3678{
3679 if (bss_expire_count < 1) {
3680 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3681 bss_expire_count);
3682 return -1;
3683 }
3684 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3685 bss_expire_count);
3686 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3687
3688 return 0;
3689}
3690
3691
c6e86b63
MA		 3692/**
3693 * wpa_supplicant_set_scan_interval - Set scan interval
3694 * @wpa_s: wpa_supplicant structure for a network interface
3695 * @scan_interval: scan interval in seconds
3696 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3697 *
3698 */
3699int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3700 int scan_interval)
3701{
3702 if (scan_interval < 0) {
3703 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3704 scan_interval);
3705 return -1;
3706 }
3707 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3708 scan_interval);
9e737f08 3709 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 3710
3711 return 0;
3712}
3713
3714
86b89452
WS		 3715/**
3716 * wpa_supplicant_set_debug_params - Set global debug params
3717 * @global: wpa_global structure
3718 * @debug_level: debug level
3719 * @debug_timestamp: determines if show timestamp in debug data
3720 * @debug_show_keys: determines if show keys in debug data
3721 * Returns: 0 if succeed or -1 if debug_level has wrong value
3722 */
3723int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3724 int debug_timestamp, int debug_show_keys)
3725{
3726
3727 int old_level, old_timestamp, old_show_keys;
3728
3729 /* check for allowed debuglevels */
14dc0011
PS		 3730 if (debug_level != MSG_EXCESSIVE &&
3731 debug_level != MSG_MSGDUMP &&
86b89452
WS		 3732 debug_level != MSG_DEBUG &&
3733 debug_level != MSG_INFO &&
3734 debug_level != MSG_WARNING &&
3735 debug_level != MSG_ERROR)
3736 return -1;
3737
3738 old_level = wpa_debug_level;
3739 old_timestamp = wpa_debug_timestamp;
3740 old_show_keys = wpa_debug_show_keys;
3741
3742 wpa_debug_level = debug_level;
3743 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3744 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3745
db9133ac
WS		 3746 if (wpa_debug_level != old_level)
3747 wpas_notify_debug_level_changed(global);
3748 if (wpa_debug_timestamp != old_timestamp)
3749 wpas_notify_debug_timestamp_changed(global);
3750 if (wpa_debug_show_keys != old_show_keys)
3751 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 3752
3753 return 0;
3754}
3755
3756
e8b96490
JM		 3757#ifdef CONFIG_OWE
3758static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
3759 const u8 *entry_ssid, size_t entry_ssid_len)
3760{
3761 const u8 *owe, *pos, *end;
3762 u8 ssid_len;
3763 struct wpa_bss *bss;
3764
3765 /* Check network profile SSID aganst the SSID in the
3766 * OWE Transition Mode element. */
3767
3768 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
3769 if (!bss)
3770 return 0;
3771
3772 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
3773 if (!owe)
3774 return 0;
3775
3776 pos = owe + 6;
3777 end = owe + 2 + owe[1];
3778
3779 if (end - pos < ETH_ALEN + 1)
3780 return 0;
3781 pos += ETH_ALEN;
3782 ssid_len = *pos++;
3783 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
3784 return 0;
3785
3786 return entry_ssid_len == ssid_len &&
3787 os_memcmp(pos, entry_ssid, ssid_len) == 0;
3788}
3789#endif /* CONFIG_OWE */
3790
3791
6fc6879b
JM		 3792/**
3793 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3794 * @wpa_s: Pointer to wpa_supplicant data
3795 * Returns: A pointer to the current network structure or %NULL on failure
3796 */
3797struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3798{
3799 struct wpa_ssid *entry;
eaa8eefe 3800 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 3801 int res;
3802 size_t ssid_len;
3803 u8 bssid[ETH_ALEN];
3804 int wired;
3805
17fbb751
JM		 3806 res = wpa_drv_get_ssid(wpa_s, ssid);
3807 if (res < 0) {
3808 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3809 "driver");
3810 return NULL;
6fc6879b 3811 }
17fbb751 3812 ssid_len = res;
6fc6879b 3813
17fbb751 3814 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 3815 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3816 "driver");
6fc6879b
JM		 3817 return NULL;
3818 }
3819
c2a04078
JM		 3820 wired = wpa_s->conf->ap_scan == 0 &&
3821 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 3822
3823 entry = wpa_s->conf->ssid;
3824 while (entry) {
349493bd 3825 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 3826 ((ssid_len == entry->ssid_len &&
3827 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3828 (!entry->bssid_set ||
3829 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3830 return entry;
24c23d1b 3831#ifdef CONFIG_WPS
349493bd 3832 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 3833 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3834 (entry->ssid == NULL || entry->ssid_len == 0) &&
3835 (!entry->bssid_set ||
3836 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3837 return entry;
3838#endif /* CONFIG_WPS */
7d232e23 3839
e8b96490
JM		 3840#ifdef CONFIG_OWE
3841 if (!wpas_network_disabled(wpa_s, entry) &&
3842 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
3843 entry->ssid_len) &&
3844 (!entry->bssid_set ||
3845 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3846 return entry;
3847#endif /* CONFIG_OWE */
3848
349493bd 3849 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 3850 entry->ssid_len == 0 &&
3851 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3852 return entry;
3853
6fc6879b
JM		 3854 entry = entry->next;
3855 }
3856
3857 return NULL;
3858}
3859
3860
7756114f
JM		 3861static int select_driver(struct wpa_supplicant *wpa_s, int i)
3862{
3863 struct wpa_global *global = wpa_s->global;
3864
3865 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 3866 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 3867 if (global->drv_priv[i] == NULL) {
3868 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3869 "'%s'", wpa_drivers[i]->name);
3870 return -1;
3871 }
3872 }
3873
3874 wpa_s->driver = wpa_drivers[i];
3875 wpa_s->global_drv_priv = global->drv_priv[i];
3876
3877 return 0;
3878}
3879
3880
6fc6879b
JM		 3881static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3882 const char *name)
3883{
3884 int i;
362f781e 3885 size_t len;
74b1c84a 3886 const char *pos, *driver = name;
6fc6879b
JM		 3887
3888 if (wpa_s == NULL)
3889 return -1;
3890
c5121837 3891 if (wpa_drivers[0] == NULL) {
f049052b
BG		 3892 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3893 "wpa_supplicant");
6fc6879b
JM		 3894 return -1;
3895 }
3896
3897 if (name == NULL) {
3898 /* default to first driver in the list */
7756114f 3899 return select_driver(wpa_s, 0);
6fc6879b
JM		 3900 }
3901
74b1c84a
SO		 3902 do {
3903 pos = os_strchr(driver, ',');
3904 if (pos)
3905 len = pos - driver;
3906 else
3907 len = os_strlen(driver);
3908
3909 for (i = 0; wpa_drivers[i]; i++) {
3910 if (os_strlen(wpa_drivers[i]->name) == len &&
3911 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 3912 0) {
3913 /* First driver that succeeds wins */
3914 if (select_driver(wpa_s, i) == 0)
3915 return 0;
3916 }
6fc6879b 3917 }
74b1c84a
SO		 3918
3919 driver = pos + 1;
3920 } while (pos);
6fc6879b 3921
f049052b 3922 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 3923 return -1;
3924}
3925
3926
a8e0505b
JM		 3927/**
3928 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3929 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3930 * with struct wpa_driver_ops::init()
3931 * @src_addr: Source address of the EAPOL frame
3932 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3933 * @len: Length of the EAPOL data
3934 *
3935 * This function is called for each received EAPOL frame. Most driver
3936 * interfaces rely on more generic OS mechanism for receiving frames through
3937 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3938 * take care of received EAPOL frames and deliver them to the core supplicant
3939 * code by calling this function.
3940 */
6fc6879b
JM		 3941void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3942 const u8 *buf, size_t len)
3943{
3944 struct wpa_supplicant *wpa_s = ctx;
3945
f049052b 3946 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 3947 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3948
02adead5
MK		 3949#ifdef CONFIG_TESTING_OPTIONS
3950 if (wpa_s->ignore_auth_resp) {
3951 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3952 return;
3953 }
3954#endif /* CONFIG_TESTING_OPTIONS */
3955
3ab35a66
JM		 3956 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3957 (wpa_s->last_eapol_matches_bssid &&
3958#ifdef CONFIG_AP
3959 !wpa_s->ap_iface &&
3960#endif /* CONFIG_AP */
3961 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 3962 /*
3963 * There is possible race condition between receiving the
3964 * association event and the EAPOL frame since they are coming
3965 * through different paths from the driver. In order to avoid
3966 * issues in trying to process the EAPOL frame before receiving
3967 * association information, lets queue it for processing until
3ab35a66
JM		 3968 * the association event is received. This may also be needed in
3969 * driver-based roaming case, so also use src_addr != BSSID as a
3970 * trigger if we have previously confirmed that the
3971 * Authenticator uses BSSID as the src_addr (which is not the
3972 * case with wired IEEE 802.1X).
1ff73338 3973 */
f049052b 3974 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 3975 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3976 wpa_supplicant_state_txt(wpa_s->wpa_state),
3977 MAC2STR(wpa_s->bssid));
1ff73338
JM		 3978 wpabuf_free(wpa_s->pending_eapol_rx);
3979 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3980 if (wpa_s->pending_eapol_rx) {
c2be937c 3981 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 3982 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3983 ETH_ALEN);
3984 }
3985 return;
3986 }
3987
3ab35a66
JM		 3988 wpa_s->last_eapol_matches_bssid =
3989 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3990
db149ac9
JM		 3991#ifdef CONFIG_AP
3992 if (wpa_s->ap_iface) {
3993 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3994 return;
3995 }
3996#endif /* CONFIG_AP */
3997
6fc6879b 3998 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 3999 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4000 "no key management is configured");
6fc6879b
JM		 4001 return;
4002 }
4003
4004 if (wpa_s->eapol_received == 0 &&
c2a04078 4005 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 4006 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4007 wpa_s->wpa_state != WPA_COMPLETED) &&
4008 (wpa_s->current_ssid == NULL ||
4009 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b 4010 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4011 int timeout = 10;
4012
4013 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4014 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4015 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4016 /* Use longer timeout for IEEE 802.1X/EAP */
4017 timeout = 70;
4018 }
4019
c7dafdf9 4020#ifdef CONFIG_WPS
5add4101
JM		 4021 if (wpa_s->current_ssid && wpa_s->current_bss &&
4022 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4023 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4024 /*
4025 * Use shorter timeout if going through WPS AP iteration
4026 * for PIN config method with an AP that does not
4027 * advertise Selected Registrar.
4028 */
4029 struct wpabuf *wps_ie;
4030
4031 wps_ie = wpa_bss_get_vendor_ie_multi(
4032 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4033 if (wps_ie &&
4034 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4035 timeout = 10;
4036 wpabuf_free(wps_ie);
4037 }
c7dafdf9 4038#endif /* CONFIG_WPS */
5add4101
JM		 4039
4040 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4041 }
4042 wpa_s->eapol_received++;
4043
4044 if (wpa_s->countermeasures) {
f049052b
BG		 4045 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4046 "EAPOL packet");
6fc6879b
JM		 4047 return;
4048 }
4049
8be18440
JM		 4050#ifdef CONFIG_IBSS_RSN
4051 if (wpa_s->current_ssid &&
d7dcba70 4052 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4053 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4054 return;
4055 }
4056#endif /* CONFIG_IBSS_RSN */
4057
6fc6879b
JM		 4058 /* Source address of the incoming EAPOL frame could be compared to the
4059 * current BSSID. However, it is possible that a centralized
4060 * Authenticator could be using another MAC address than the BSSID of
4061 * an AP, so just allow any address to be used for now. The replies are
4062 * still sent to the current BSSID (if available), though. */
4063
4064 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4065 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4066 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4067 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4068 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4069 return;
4070 wpa_drv_poll(wpa_s);
c2a04078 4071 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 4072 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4073 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4074 /*
4075 * Set portValid = TRUE here since we are going to skip 4-way
4076 * handshake processing which would normally set portValid. We
4077 * need this to allow the EAPOL state machines to be completed
4078 * without going through EAPOL-Key handshake.
4079 */
4080 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4081 }
4082}
4083
4084
bfba8deb 4085int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4086{
2961bfa8
JM		 4087 if ((!wpa_s->p2p_mgmt ||
4088 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4089 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4090 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4091 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4092 wpa_drv_get_mac_addr(wpa_s),
4093 ETH_P_EAPOL,
4094 wpa_supplicant_rx_eapol, wpa_s, 0);
4095 if (wpa_s->l2 == NULL)
4096 return -1;
d89edb61
DC		 4097
4098 if (l2_packet_set_packet_filter(wpa_s->l2,
4099 L2_PACKET_FILTER_PKTTYPE))
4100 wpa_dbg(wpa_s, MSG_DEBUG,
4101 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4102 } else {
4103 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4104 if (addr)
4105 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4106 }
4107
4108 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4109 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4110 return -1;
4111 }
4112
c267753b
JM		 4113 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4114
bfba8deb
JM		 4115 return 0;
4116}
4117
4118
25f839c6
JM		 4119static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4120 const u8 *buf, size_t len)
4121{
4122 struct wpa_supplicant *wpa_s = ctx;
4123 const struct l2_ethhdr *eth;
4124
4125 if (len < sizeof(*eth))
4126 return;
4127 eth = (const struct l2_ethhdr *) buf;
4128
4129 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4130 !(eth->h_dest[0] & 0x01)) {
4131 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4132 " (bridge - not for this interface - ignore)",
4133 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4134 return;
4135 }
4136
4137 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4138 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4139 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4140 len - sizeof(*eth));
4141}
4142
4143
bfba8deb
JM		 4144/**
4145 * wpa_supplicant_driver_init - Initialize driver interface parameters
4146 * @wpa_s: Pointer to wpa_supplicant data
4147 * Returns: 0 on success, -1 on failure
4148 *
4149 * This function is called to initialize driver interface parameters.
4150 * wpa_drv_init() must have been called before this function to initialize the
4151 * driver interface.
4152 */
4153int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4154{
4155 static int interface_count = 0;
4156
4157 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4158 return -1;
4159
c68f6200
AS		 4160 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4161 MAC2STR(wpa_s->own_addr));
a313d17d 4162 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4163 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4164
6fc6879b 4165 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4166 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4167 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4168 wpa_s->l2_br = l2_packet_init_bridge(
4169 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4170 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4171 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4172 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4173 "connection for the bridge interface '%s'",
4174 wpa_s->bridge_ifname);
6fc6879b
JM		 4175 return -1;
4176 }
4177 }
4178
8406cd35
JM		 4179 if (wpa_s->conf->ap_scan == 2 &&
4180 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4181 wpa_printf(MSG_INFO,
4182 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4183 }
4184
6fc6879b
JM		 4185 wpa_clear_keys(wpa_s, NULL);
4186
4187 /* Make sure that TKIP countermeasures are not left enabled (could
4188 * happen if wpa_supplicant is killed during countermeasures. */
4189 wpa_drv_set_countermeasures(wpa_s, 0);
4190
f049052b 4191 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4192 wpa_drv_flush_pmkid(wpa_s);
4193
ba2a573c 4194 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4195 wpa_s->prev_scan_wildcard = 0;
4196
349493bd 4197 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4198 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4199 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4200 interface_count = 0;
4201 }
ee82e33d 4202#ifndef ANDROID
3a94adbf 4203 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4204 wpa_supplicant_delayed_sched_scan(wpa_s,
4205 interface_count % 3,
6a90053c 4206 100000))
5d0d72a3 4207 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4208 100000);
ee82e33d 4209#endif /* ANDROID */
74e259ec
JM		 4210 interface_count++;
4211 } else
4212 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4213
4214 return 0;
4215}
4216
4217
4218static int wpa_supplicant_daemon(const char *pid_file)
4219{
4220 wpa_printf(MSG_DEBUG, "Daemonize..");
4221 return os_daemonize(pid_file);
4222}
4223
4224
1772d348
JM		 4225static struct wpa_supplicant *
4226wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4227{
4228 struct wpa_supplicant *wpa_s;
4229
4230 wpa_s = os_zalloc(sizeof(*wpa_s));
4231 if (wpa_s == NULL)
4232 return NULL;
4115303b 4233 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4234 wpa_s->scan_interval = 5;
c302f207 4235 wpa_s->new_connection = 1;
1772d348 4236 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4237 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4238 wpa_s->sched_scanning = 0;
6fc6879b 4239
dd599908 4240 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4241 dl_list_init(&wpa_s->fils_hlp_req);
dd599908 4242
6fc6879b
JM		 4243 return wpa_s;
4244}
4245
4246
80e8a5ee
BG		 4247#ifdef CONFIG_HT_OVERRIDES
4248
4249static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4250 struct ieee80211_ht_capabilities *htcaps,
4251 struct ieee80211_ht_capabilities *htcaps_mask,
4252 const char *ht_mcs)
4253{
4254 /* parse ht_mcs into hex array */
4255 int i;
4256 const char *tmp = ht_mcs;
4257 char *end = NULL;
4258
4259 /* If ht_mcs is null, do not set anything */
4260 if (!ht_mcs)
4261 return 0;
4262
4263 /* This is what we are setting in the kernel */
4264 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4265
4266 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4267
4268 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4269 long v;
4270
80e8a5ee 4271 errno = 0;
30eddf35
JB		 4272 v = strtol(tmp, &end, 16);
4273
80e8a5ee
BG		 4274 if (errno == 0) {
4275 wpa_msg(wpa_s, MSG_DEBUG,
4276 "htcap value[%i]: %ld end: %p tmp: %p",
4277 i, v, end, tmp);
4278 if (end == tmp)
4279 break;
4280
4281 htcaps->supported_mcs_set[i] = v;
4282 tmp = end;
4283 } else {
4284 wpa_msg(wpa_s, MSG_ERROR,
4285 "Failed to parse ht-mcs: %s, error: %s\n",
4286 ht_mcs, strerror(errno));
4287 return -1;
4288 }
4289 }
4290
4291 /*
4292 * If we were able to parse any values, then set mask for the MCS set.
4293 */
4294 if (i) {
4295 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4296 IEEE80211_HT_MCS_MASK_LEN - 1);
4297 /* skip the 3 reserved bits */
4298 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4299 0x1f;
4300 }
4301
4302 return 0;
4303}
4304
4305
4306static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4307 struct ieee80211_ht_capabilities *htcaps,
4308 struct ieee80211_ht_capabilities *htcaps_mask,
4309 int disabled)
4310{
5bc28571 4311 le16 msk;
80e8a5ee
BG		 4312
4313 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4314
4315 if (disabled == -1)
4316 return 0;
4317
4318 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4319 htcaps_mask->ht_capabilities_info |= msk;
4320 if (disabled)
4321 htcaps->ht_capabilities_info &= msk;
4322 else
4323 htcaps->ht_capabilities_info |= msk;
4324
4325 return 0;
4326}
4327
4328
4329static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4330 struct ieee80211_ht_capabilities *htcaps,
4331 struct ieee80211_ht_capabilities *htcaps_mask,
4332 int factor)
4333{
4334 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4335
4336 if (factor == -1)
4337 return 0;
4338
4339 if (factor < 0 || factor > 3) {
4340 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4341 "Must be 0-3 or -1", factor);
4342 return -EINVAL;
4343 }
4344
4345 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4346 htcaps->a_mpdu_params &= ~0x3;
4347 htcaps->a_mpdu_params |= factor & 0x3;
4348
4349 return 0;
4350}
4351
4352
4353static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4354 struct ieee80211_ht_capabilities *htcaps,
4355 struct ieee80211_ht_capabilities *htcaps_mask,
4356 int density)
4357{
4358 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4359
4360 if (density == -1)
4361 return 0;
4362
4363 if (density < 0 || density > 7) {
4364 wpa_msg(wpa_s, MSG_ERROR,
4365 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4366 density);
4367 return -EINVAL;
4368 }
4369
4370 htcaps_mask->a_mpdu_params |= 0x1C;
4371 htcaps->a_mpdu_params &= ~(0x1C);
4372 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4373
4374 return 0;
4375}
4376
4377
4378static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4379 struct ieee80211_ht_capabilities *htcaps,
4380 struct ieee80211_ht_capabilities *htcaps_mask,
4381 int disabled)
4382{
80e8a5ee
BG		 4383 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4384
9eb5757a
MH		 4385 set_disable_ht40(htcaps, disabled);
4386 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4387
4388 return 0;
4389}
4390
4391
a90497f8
BG		 4392static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4393 struct ieee80211_ht_capabilities *htcaps,
4394 struct ieee80211_ht_capabilities *htcaps_mask,
4395 int disabled)
4396{
4397 /* Masking these out disables SGI */
5bc28571
JM		 4398 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4399 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8
BG		 4400
4401 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4402
4403 if (disabled)
4404 htcaps->ht_capabilities_info &= ~msk;
4405 else
4406 htcaps->ht_capabilities_info |= msk;
4407
4408 htcaps_mask->ht_capabilities_info |= msk;
4409
4410 return 0;
4411}
4412
4413
39a5800f
PK		 4414static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4415 struct ieee80211_ht_capabilities *htcaps,
4416 struct ieee80211_ht_capabilities *htcaps_mask,
4417 int disabled)
4418{
4419 /* Masking these out disables LDPC */
5bc28571 4420 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f
PK		 4421
4422 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
4423
4424 if (disabled)
4425 htcaps->ht_capabilities_info &= ~msk;
4426 else
4427 htcaps->ht_capabilities_info |= msk;
4428
4429 htcaps_mask->ht_capabilities_info |= msk;
4430
4431 return 0;
4432}
4433
4434
80e8a5ee
BG		 4435void wpa_supplicant_apply_ht_overrides(
4436 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4437 struct wpa_driver_associate_params *params)
4438{
4439 struct ieee80211_ht_capabilities *htcaps;
4440 struct ieee80211_ht_capabilities *htcaps_mask;
4441
4442 if (!ssid)
4443 return;
4444
4445 params->disable_ht = ssid->disable_ht;
4446 if (!params->htcaps || !params->htcaps_mask)
4447 return;
4448
4449 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4450 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4451 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4452 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4453 ssid->disable_max_amsdu);
4454 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4455 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4456 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 4457 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 4458 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
d41cc8cc
JM		 4459
4460 if (ssid->ht40_intolerant) {
5bc28571 4461 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 4462 htcaps->ht_capabilities_info |= bit;
4463 htcaps_mask->ht_capabilities_info |= bit;
4464 }
80e8a5ee
BG		 4465}
4466
4467#endif /* CONFIG_HT_OVERRIDES */
4468
4469
e9ee8dc3
JB		 4470#ifdef CONFIG_VHT_OVERRIDES
4471void wpa_supplicant_apply_vht_overrides(
4472 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4473 struct wpa_driver_associate_params *params)
4474{
4475 struct ieee80211_vht_capabilities *vhtcaps;
4476 struct ieee80211_vht_capabilities *vhtcaps_mask;
4477
4478 if (!ssid)
4479 return;
4480
4481 params->disable_vht = ssid->disable_vht;
4482
4483 vhtcaps = (void *) params->vhtcaps;
4484 vhtcaps_mask = (void *) params->vhtcaps_mask;
4485
4486 if (!vhtcaps || !vhtcaps_mask)
4487 return;
4488
4d8d710f
JM		 4489 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4490 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 4491
4f560cde
EP		 4492#ifdef CONFIG_HT_OVERRIDES
4493 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 4494 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4495 int max_ampdu;
4496
4497 max_ampdu = (ssid->vht_capa &
4498 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4499 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 4500
4501 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4502 wpa_set_ampdu_factor(wpa_s,
4503 (void *) params->htcaps,
4504 (void *) params->htcaps_mask,
4505 max_ampdu);
4506 }
4507#endif /* CONFIG_HT_OVERRIDES */
4508
e9ee8dc3
JB		 4509#define OVERRIDE_MCS(i) \
4510 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4511 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 4512 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4513 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 4514 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4515 2 * (i - 1)); \
e9ee8dc3
JB		 4516 } \
4517 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4518 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 4519 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4520 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 4521 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4522 2 * (i - 1)); \
e9ee8dc3
JB		 4523 }
4524
4525 OVERRIDE_MCS(1);
4526 OVERRIDE_MCS(2);
4527 OVERRIDE_MCS(3);
4528 OVERRIDE_MCS(4);
4529 OVERRIDE_MCS(5);
4530 OVERRIDE_MCS(6);
4531 OVERRIDE_MCS(7);
4532 OVERRIDE_MCS(8);
4533}
4534#endif /* CONFIG_VHT_OVERRIDES */
4535
4536
f64adcd7
JM		 4537static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4538{
4539#ifdef PCSC_FUNCS
4540 size_t len;
4541
4542 if (!wpa_s->conf->pcsc_reader)
4543 return 0;
4544
22cf7d73 4545 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 4546 if (!wpa_s->scard)
4547 return 1;
4548
4549 if (wpa_s->conf->pcsc_pin &&
4550 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4551 scard_deinit(wpa_s->scard);
4552 wpa_s->scard = NULL;
4553 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4554 return -1;
4555 }
4556
4557 len = sizeof(wpa_s->imsi) - 1;
4558 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4559 scard_deinit(wpa_s->scard);
4560 wpa_s->scard = NULL;
4561 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4562 return -1;
4563 }
4564 wpa_s->imsi[len] = '\0';
4565
4566 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4567
4568 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4569 wpa_s->imsi, wpa_s->mnc_len);
4570
4571 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4572 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4573#endif /* PCSC_FUNCS */
4574
4575 return 0;
4576}
4577
4578
306ae225
JM		 4579int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4580{
4581 char *val, *pos;
4582
4583 ext_password_deinit(wpa_s->ext_pw);
4584 wpa_s->ext_pw = NULL;
4585 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4586
4587 if (!wpa_s->conf->ext_password_backend)
4588 return 0;
4589
4590 val = os_strdup(wpa_s->conf->ext_password_backend);
4591 if (val == NULL)
4592 return -1;
4593 pos = os_strchr(val, ':');
4594 if (pos)
4595 *pos++ = '\0';
4596
4597 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4598
4599 wpa_s->ext_pw = ext_password_init(val, pos);
4600 os_free(val);
4601 if (wpa_s->ext_pw == NULL) {
4602 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4603 return -1;
4604 }
4605 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4606
4607 return 0;
4608}
4609
4610
b36a3a65
AN		 4611#ifdef CONFIG_FST
4612
4613static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4614{
4615 struct wpa_supplicant *wpa_s = ctx;
4616
4617 return (is_zero_ether_addr(wpa_s->bssid) ||
4618 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4619}
4620
4621
4622static void wpas_fst_get_channel_info_cb(void *ctx,
4623 enum hostapd_hw_mode *hw_mode,
4624 u8 *channel)
4625{
4626 struct wpa_supplicant *wpa_s = ctx;
4627
4628 if (wpa_s->current_bss) {
4629 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4630 channel);
4631 } else if (wpa_s->hw.num_modes) {
4632 *hw_mode = wpa_s->hw.modes[0].mode;
4633 } else {
4634 WPA_ASSERT(0);
4635 *hw_mode = 0;
4636 }
4637}
4638
4639
4640static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4641{
4642 struct wpa_supplicant *wpa_s = ctx;
4643
4644 *modes = wpa_s->hw.modes;
4645 return wpa_s->hw.num_modes;
4646}
4647
4648
84bcb4e7 4649static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 4650{
4651 struct wpa_supplicant *wpa_s = ctx;
4652
b7a07937 4653 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 4654 wpa_s->fst_ies = fst_ies;
4655}
4656
4657
4658static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4659{
4660 struct wpa_supplicant *wpa_s = ctx;
4661
0da35523
JM		 4662 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4663 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4664 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4665 return -1;
4666 }
b36a3a65 4667 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 4668 wpa_s->own_addr, wpa_s->bssid,
4669 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 4670 0);
4671}
4672
4673
a0f04da5 4674static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 4675{
4676 struct wpa_supplicant *wpa_s = ctx;
4677
4678 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4679 return wpa_s->received_mb_ies;
4680}
4681
4682
4683static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4684 const u8 *buf, size_t size)
4685{
4686 struct wpa_supplicant *wpa_s = ctx;
4687 struct mb_ies_info info;
4688
4689 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4690
4691 if (!mb_ies_info_by_ies(&info, buf, size)) {
4692 wpabuf_free(wpa_s->received_mb_ies);
4693 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4694 }
4695}
4696
4697
39cdd3a0
JM		 4698static const u8 * wpas_fst_get_peer_first(void *ctx,
4699 struct fst_get_peer_ctx **get_ctx,
4700 Boolean mb_only)
b36a3a65
AN		 4701{
4702 struct wpa_supplicant *wpa_s = ctx;
4703
4704 *get_ctx = NULL;
4705 if (!is_zero_ether_addr(wpa_s->bssid))
4706 return (wpa_s->received_mb_ies || !mb_only) ?
4707 wpa_s->bssid : NULL;
4708 return NULL;
4709}
4710
4711
39cdd3a0
JM		 4712static const u8 * wpas_fst_get_peer_next(void *ctx,
4713 struct fst_get_peer_ctx **get_ctx,
4714 Boolean mb_only)
b36a3a65
AN		 4715{
4716 return NULL;
4717}
4718
4719void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4720 struct fst_wpa_obj *iface_obj)
4721{
4722 iface_obj->ctx = wpa_s;
4723 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4724 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4725 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4726 iface_obj->set_ies = wpas_fst_set_ies_cb;
4727 iface_obj->send_action = wpas_fst_send_action_cb;
4728 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4729 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4730 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4731 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4732}
4733#endif /* CONFIG_FST */
4734
a520bf4a 4735static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 4736 const struct wpa_driver_capa *capa)
e4fa8b12 4737{
88cb27c7
DS		 4738 struct wowlan_triggers *triggers;
4739 int ret = 0;
e4fa8b12
EP		 4740
4741 if (!wpa_s->conf->wowlan_triggers)
4742 return 0;
4743
88cb27c7
DS		 4744 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4745 if (triggers) {
4746 ret = wpa_drv_wowlan(wpa_s, triggers);
4747 os_free(triggers);
e4fa8b12 4748 }
e4fa8b12
EP		 4749 return ret;
4750}
4751
4752
2b6e9f91 4753enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 4754{
4755 if (freq < 3000)
4756 return BAND_2_4_GHZ;
4757 if (freq > 50000)
4758 return BAND_60_GHZ;
4759 return BAND_5_GHZ;
4760}
4761
4762
2b6e9f91 4763unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 4764{
4765 int i;
4766 unsigned int band = 0;
4767
4768 if (freqs) {
4769 /* freqs are specified for the radio work */
4770 for (i = 0; freqs[i]; i++)
4771 band |= wpas_freq_to_band(freqs[i]);
4772 } else {
4773 /*
4774 * freqs are not specified, implies all
4775 * the supported freqs by HW
4776 */
4777 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4778 if (wpa_s->hw.modes[i].num_channels != 0) {
4779 if (wpa_s->hw.modes[i].mode ==
4780 HOSTAPD_MODE_IEEE80211B ||
4781 wpa_s->hw.modes[i].mode ==
4782 HOSTAPD_MODE_IEEE80211G)
4783 band |= BAND_2_4_GHZ;
4784 else if (wpa_s->hw.modes[i].mode ==
4785 HOSTAPD_MODE_IEEE80211A)
4786 band |= BAND_5_GHZ;
4787 else if (wpa_s->hw.modes[i].mode ==
4788 HOSTAPD_MODE_IEEE80211AD)
4789 band |= BAND_60_GHZ;
4790 else if (wpa_s->hw.modes[i].mode ==
4791 HOSTAPD_MODE_IEEE80211ANY)
4792 band = BAND_2_4_GHZ | BAND_5_GHZ |
4793 BAND_60_GHZ;
4794 }
4795 }
4796 }
4797
4798 return band;
4799}
4800
4801
202dec2a
JM		 4802static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4803 const char *rn)
4804{
4805 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4806 struct wpa_radio *radio;
4807
4808 while (rn && iface) {
4809 radio = iface->radio;
4810 if (radio && os_strcmp(rn, radio->name) == 0) {
4811 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4812 wpa_s->ifname, rn);
4813 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4814 return radio;
4815 }
b154a24e
TB		 4816
4817 iface = iface->next;
202dec2a
JM		 4818 }
4819
4820 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4821 wpa_s->ifname, rn ? rn : "N/A");
4822 radio = os_zalloc(sizeof(*radio));
4823 if (radio == NULL)
4824 return NULL;
4825
4826 if (rn)
4827 os_strlcpy(radio->name, rn, sizeof(radio->name));
4828 dl_list_init(&radio->ifaces);
b1ae396f 4829 dl_list_init(&radio->work);
202dec2a
JM		 4830 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4831
4832 return radio;
4833}
4834
4835
b1ae396f
JM		 4836static void radio_work_free(struct wpa_radio_work *work)
4837{
d12a51b5
JM		 4838 if (work->wpa_s->scan_work == work) {
4839 /* This should not really happen. */
4840 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4841 work->type, work, work->started);
4842 work->wpa_s->scan_work = NULL;
4843 }
4844
1b5d4714
JM		 4845#ifdef CONFIG_P2P
4846 if (work->wpa_s->p2p_scan_work == work) {
4847 /* This should not really happen. */
4848 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4849 work->type, work, work->started);
4850 work->wpa_s->p2p_scan_work = NULL;
4851 }
4852#endif /* CONFIG_P2P */
4853
e903d32d
KV		 4854 if (work->started) {
4855 work->wpa_s->radio->num_active_works--;
4856 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 4857 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 4858 work->type, work,
4859 work->wpa_s->radio->num_active_works);
4860 }
4861
b1ae396f
JM		 4862 dl_list_del(&work->list);
4863 os_free(work);
4864}
4865
4866
4c6f450c
JM		 4867static int radio_work_is_connect(struct wpa_radio_work *work)
4868{
4869 return os_strcmp(work->type, "sme-connect") == 0 ||
4870 os_strcmp(work->type, "connect") == 0;
4871}
4872
4873
85b6b6b6
SD		 4874static int radio_work_is_scan(struct wpa_radio_work *work)
4875{
4876 return os_strcmp(work->type, "scan") == 0 ||
4877 os_strcmp(work->type, "p2p-scan") == 0;
4878}
4879
4880
e903d32d
KV		 4881static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4882{
4883 struct wpa_radio_work *active_work = NULL;
4884 struct wpa_radio_work *tmp;
4885
4886 /* Get the active work to know the type and band. */
4887 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4888 if (tmp->started) {
4889 active_work = tmp;
4890 break;
4891 }
4892 }
4893
4894 if (!active_work) {
4895 /* No active work, start one */
4896 radio->num_active_works = 0;
4897 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4898 list) {
4899 if (os_strcmp(tmp->type, "scan") == 0 &&
4900 radio->external_scan_running &&
4901 (((struct wpa_driver_scan_params *)
4902 tmp->ctx)->only_new_results ||
4903 tmp->wpa_s->clear_driver_scan_cache))
4904 continue;
4905 return tmp;
4906 }
4907 return NULL;
4908 }
4909
4c6f450c 4910 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 4911 /*
4912 * If the active work is either connect or sme-connect,
4913 * do not parallelize them with other radio works.
4914 */
4915 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4916 "Do not parallelize radio work with %s",
4917 active_work->type);
4918 return NULL;
4919 }
4920
4921 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4922 if (tmp->started)
4923 continue;
4924
4925 /*
4926 * If connect or sme-connect are enqueued, parallelize only
4927 * those operations ahead of them in the queue.
4928 */
4c6f450c 4929 if (radio_work_is_connect(tmp))
e903d32d
KV		 4930 break;
4931
85b6b6b6
SD		 4932 /* Serialize parallel scan and p2p_scan operations on the same
4933 * interface since the driver_nl80211 mechanism for tracking
4934 * scan cookies does not yet have support for this. */
4935 if (active_work->wpa_s == tmp->wpa_s &&
4936 radio_work_is_scan(active_work) &&
4937 radio_work_is_scan(tmp)) {
4938 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4939 "Do not start work '%s' when another work '%s' is already scheduled",
4940 tmp->type, active_work->type);
4941 continue;
4942 }
e903d32d
KV		 4943 /*
4944 * Check that the radio works are distinct and
4945 * on different bands.
4946 */
4947 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4948 (active_work->bands != tmp->bands)) {
4949 /*
4950 * If a scan has to be scheduled through nl80211 scan
4951 * interface and if an external scan is already running,
4952 * do not schedule the scan since it is likely to get
4953 * rejected by kernel.
4954 */
4955 if (os_strcmp(tmp->type, "scan") == 0 &&
4956 radio->external_scan_running &&
4957 (((struct wpa_driver_scan_params *)
4958 tmp->ctx)->only_new_results ||
4959 tmp->wpa_s->clear_driver_scan_cache))
4960 continue;
4961
4962 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4963 "active_work:%s new_work:%s",
4964 active_work->type, tmp->type);
4965 return tmp;
4966 }
4967 }
4968
4969 /* Did not find a radio work to schedule in parallel. */
4970 return NULL;
4971}
4972
4973
b1ae396f
JM		 4974static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4975{
4976 struct wpa_radio *radio = eloop_ctx;
4977 struct wpa_radio_work *work;
4978 struct os_reltime now, diff;
6428d0a7 4979 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 4980
4981 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 4982 if (work == NULL) {
4983 radio->num_active_works = 0;
b1ae396f 4984 return;
e903d32d 4985 }
b1ae396f 4986
6428d0a7
JM		 4987 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4988 radio_list);
e903d32d
KV		 4989
4990 if (!(wpa_s &&
4991 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4992 if (work->started)
4993 return; /* already started and still in progress */
4994
4995 if (wpa_s && wpa_s->radio->external_scan_running) {
4996 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4997 return;
4998 }
4999 } else {
5000 work = NULL;
5001 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5002 /* get the work to schedule next */
5003 work = radio_work_get_next_work(radio);
5004 }
5005 if (!work)
5006 return;
6428d0a7
JM		 5007 }
5008
e903d32d 5009 wpa_s = work->wpa_s;
b1ae396f
JM		 5010 os_get_reltime(&now);
5011 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5012 wpa_dbg(wpa_s, MSG_DEBUG,
5013 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5014 work->type, work, diff.sec, diff.usec);
5015 work->started = 1;
5016 work->time = now;
e903d32d
KV		 5017 radio->num_active_works++;
5018
b1ae396f 5019 work->cb(work, 0);
e903d32d
KV		 5020
5021 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5022 radio->num_active_works < MAX_ACTIVE_WORKS)
5023 radio_work_check_next(wpa_s);
b1ae396f
JM		 5024}
5025
5026
b3253ebb
AO		 5027/*
5028 * This function removes both started and pending radio works running on
5029 * the provided interface's radio.
5030 * Prior to the removal of the radio work, its callback (cb) is called with
5031 * deinit set to be 1. Each work's callback is responsible for clearing its
5032 * internal data and restoring to a correct state.
5033 * @wpa_s: wpa_supplicant data
5034 * @type: type of works to be removed
5035 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5036 * this interface's works.
5037 */
5038void radio_remove_works(struct wpa_supplicant *wpa_s,
5039 const char *type, int remove_all)
b1ae396f
JM		 5040{
5041 struct wpa_radio_work *work, *tmp;
5042 struct wpa_radio *radio = wpa_s->radio;
5043
5044 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5045 list) {
b3253ebb 5046 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5047 continue;
b3253ebb
AO		 5048
5049 /* skip other ifaces' works */
5050 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5051 continue;
b3253ebb
AO		 5052
5053 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5054 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5055 work->cb(work, 1);
5056 radio_work_free(work);
5057 }
b3253ebb
AO		 5058
5059 /* in case we removed the started work */
5060 radio_work_check_next(wpa_s);
b1ae396f
JM		 5061}
5062
5063
6a252ece
JM		 5064void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5065{
5066 struct wpa_radio_work *work;
5067 struct wpa_radio *radio = wpa_s->radio;
5068
5069 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5070 if (work->ctx != ctx)
5071 continue;
5072 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5073 work->type, work, work->started ? " (started)" : "");
5074 radio_work_free(work);
5075 break;
5076 }
5077}
5078
5079
202dec2a
JM		 5080static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5081{
5082 struct wpa_radio *radio = wpa_s->radio;
5083
5084 if (!radio)
5085 return;
5086
5087 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5088 wpa_s->ifname, radio->name);
5089 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5090 radio_remove_works(wpa_s, NULL, 0);
5091 wpa_s->radio = NULL;
5092 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5093 return; /* Interfaces remain for this radio */
5094
5095 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5096 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5097 os_free(radio);
5098}
5099
5100
6428d0a7 5101void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5102{
5103 struct wpa_radio *radio = wpa_s->radio;
5104
5105 if (dl_list_empty(&radio->work))
5106 return;
e3745228
JM		 5107 if (wpa_s->ext_work_in_progress) {
5108 wpa_printf(MSG_DEBUG,
5109 "External radio work in progress - delay start of pending item");
5110 return;
5111 }
b1ae396f
JM		 5112 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5113 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5114}
5115
5116
5117/**
5118 * radio_add_work - Add a radio work item
5119 * @wpa_s: Pointer to wpa_supplicant data
5120 * @freq: Frequency of the offchannel operation in MHz or 0
5121 * @type: Unique identifier for each type of work
5122 * @next: Force as the next work to be executed
5123 * @cb: Callback function for indicating when radio is available
5124 * @ctx: Context pointer for the work (work->ctx in cb())
5125 * Returns: 0 on success, -1 on failure
5126 *
5127 * This function is used to request time for an operation that requires
5128 * exclusive radio control. Once the radio is available, the registered callback
5129 * function will be called. radio_work_done() must be called once the exclusive
5130 * radio operation has been completed, so that the radio is freed for other
5131 * operations. The special case of deinit=1 is used to free the context data
5132 * during interface removal. That does not allow the callback function to start
5133 * the radio operation, i.e., it must free any resources allocated for the radio
5134 * work and return.
5135 *
5136 * The @freq parameter can be used to indicate a single channel on which the
5137 * offchannel operation will occur. This may allow multiple radio work
5138 * operations to be performed in parallel if they apply for the same channel.
5139 * Setting this to 0 indicates that the work item may use multiple channels or
5140 * requires exclusive control of the radio.
5141 */
5142int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5143 const char *type, int next,
5144 void (*cb)(struct wpa_radio_work *work, int deinit),
5145 void *ctx)
5146{
e903d32d 5147 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5148 struct wpa_radio_work *work;
5149 int was_empty;
5150
5151 work = os_zalloc(sizeof(*work));
5152 if (work == NULL)
5153 return -1;
5154 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5155 os_get_reltime(&work->time);
5156 work->freq = freq;
5157 work->type = type;
5158 work->wpa_s = wpa_s;
5159 work->cb = cb;
5160 work->ctx = ctx;
5161
e903d32d
KV		 5162 if (freq)
5163 work->bands = wpas_freq_to_band(freq);
5164 else if (os_strcmp(type, "scan") == 0 ||
5165 os_strcmp(type, "p2p-scan") == 0)
5166 work->bands = wpas_get_bands(wpa_s,
5167 ((struct wpa_driver_scan_params *)
5168 ctx)->freqs);
5169 else
5170 work->bands = wpas_get_bands(wpa_s, NULL);
5171
b1ae396f
JM		 5172 was_empty = dl_list_empty(&wpa_s->radio->work);
5173 if (next)
5174 dl_list_add(&wpa_s->radio->work, &work->list);
5175 else
5176 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5177 if (was_empty) {
5178 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5179 radio_work_check_next(wpa_s);
e903d32d
KV		 5180 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5181 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5182 wpa_dbg(wpa_s, MSG_DEBUG,
5183 "Try to schedule a radio work (num_active_works=%u)",
5184 radio->num_active_works);
5185 radio_work_check_next(wpa_s);
b1ae396f
JM		 5186 }
5187
5188 return 0;
5189}
5190
5191
5192/**
5193 * radio_work_done - Indicate that a radio work item has been completed
5194 * @work: Completed work
5195 *
5196 * This function is called once the callback function registered with
5197 * radio_add_work() has completed its work.
5198 */
5199void radio_work_done(struct wpa_radio_work *work)
5200{
5201 struct wpa_supplicant *wpa_s = work->wpa_s;
5202 struct os_reltime now, diff;
1f965e62 5203 unsigned int started = work->started;
b1ae396f
JM		 5204
5205 os_get_reltime(&now);
5206 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5207 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5208 work->type, work, started ? "done" : "canceled",
5209 diff.sec, diff.usec);
b1ae396f 5210 radio_work_free(work);
1f965e62
JM		 5211 if (started)
5212 radio_work_check_next(wpa_s);
b1ae396f
JM		 5213}
5214
5215
a7f5271d
JM		 5216struct wpa_radio_work *
5217radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5218{
5219 struct wpa_radio_work *work;
5220 struct wpa_radio *radio = wpa_s->radio;
5221
5222 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5223 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5224 return work;
f0e30c84
JM		 5225 }
5226
a7f5271d 5227 return NULL;
f0e30c84
JM		 5228}
5229
5230
73c00fd7 5231static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5232 const struct wpa_interface *iface)
73c00fd7 5233{
202dec2a 5234 const char *ifname, *driver, *rn;
73c00fd7
JM		 5235
5236 driver = iface->driver;
5237next_driver:
5238 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5239 return -1;
5240
5241 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5242 if (wpa_s->drv_priv == NULL) {
5243 const char *pos;
5244 pos = driver ? os_strchr(driver, ',') : NULL;
5245 if (pos) {
5246 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5247 "driver interface - try next driver wrapper");
5248 driver = pos + 1;
5249 goto next_driver;
5250 }
5251 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5252 "interface");
5253 return -1;
5254 }
5255 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5256 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5257 "driver_param '%s'", wpa_s->conf->driver_param);
5258 return -1;
5259 }
5260
5261 ifname = wpa_drv_get_ifname(wpa_s);
5262 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5263 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5264 "interface name with '%s'", ifname);
5265 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5266 }
5267
95bf699f 5268 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5269 if (rn && rn[0] == '\0')
5270 rn = NULL;
5271
5272 wpa_s->radio = radio_add_interface(wpa_s, rn);
5273 if (wpa_s->radio == NULL)
5274 return -1;
5275
73c00fd7
JM		 5276 return 0;
5277}
5278
5279
461d39af
JM		 5280#ifdef CONFIG_GAS_SERVER
5281
5282static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5283 unsigned int freq, const u8 *dst,
5284 const u8 *src, const u8 *bssid,
5285 const u8 *data, size_t data_len,
5286 enum offchannel_send_action_result result)
5287{
5288 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5289 " result=%s",
5290 freq, MAC2STR(dst),
5291 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5292 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5293 "FAILED"));
5294 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5295 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5296}
5297
5298
5299static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5300 struct wpabuf *buf, unsigned int wait_time)
5301{
5302 struct wpa_supplicant *wpa_s = ctx;
5303 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5304
5305 if (wait_time > wpa_s->max_remain_on_chan)
5306 wait_time = wpa_s->max_remain_on_chan;
5307
5308 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5309 wpabuf_head(buf), wpabuf_len(buf),
5310 wait_time, wpas_gas_server_tx_status, 0);
5311}
5312
5313#endif /* CONFIG_GAS_SERVER */
5314
6fc6879b 5315static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5316 const struct wpa_interface *iface)
6fc6879b 5317{
362f781e 5318 struct wpa_driver_capa capa;
6cbdb0c5 5319 int capa_res;
aa56e36d 5320 u8 dfs_domain;
362f781e 5321
6fc6879b
JM		 5322 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5323 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5324 iface->confname ? iface->confname : "N/A",
5325 iface->driver ? iface->driver : "default",
5326 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5327 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5328
6fc6879b
JM		 5329 if (iface->confname) {
5330#ifdef CONFIG_BACKEND_FILE
5331 wpa_s->confname = os_rel2abs_path(iface->confname);
5332 if (wpa_s->confname == NULL) {
5333 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5334 "for configuration file '%s'.",
5335 iface->confname);
5336 return -1;
5337 }
5338 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5339 iface->confname, wpa_s->confname);
5340#else /* CONFIG_BACKEND_FILE */
5341 wpa_s->confname = os_strdup(iface->confname);
5342#endif /* CONFIG_BACKEND_FILE */
e6304cad 5343 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 5344 if (wpa_s->conf == NULL) {
5345 wpa_printf(MSG_ERROR, "Failed to read or parse "
5346 "configuration '%s'.", wpa_s->confname);
5347 return -1;
5348 }
e6304cad 5349 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 5350 if (wpa_s->confanother &&
5351 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5352 wpa_printf(MSG_ERROR,
5353 "Failed to read or parse configuration '%s'.",
5354 wpa_s->confanother);
5355 return -1;
5356 }
6fc6879b
JM		 5357
5358 /*
5359 * Override ctrl_interface and driver_param if set on command
5360 * line.
5361 */
5362 if (iface->ctrl_interface) {
5363 os_free(wpa_s->conf->ctrl_interface);
5364 wpa_s->conf->ctrl_interface =
5365 os_strdup(iface->ctrl_interface);
5366 }
5367
5368 if (iface->driver_param) {
5369 os_free(wpa_s->conf->driver_param);
5370 wpa_s->conf->driver_param =
5371 os_strdup(iface->driver_param);
5372 }
78f79fe5
JM		 5373
5374 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5375 os_free(wpa_s->conf->ctrl_interface);
5376 wpa_s->conf->ctrl_interface = NULL;
5377 }
6fc6879b
JM		 5378 } else
5379 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5380 iface->driver_param);
5381
5382 if (wpa_s->conf == NULL) {
5383 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5384 return -1;
5385 }
5386
5387 if (iface->ifname == NULL) {
5388 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5389 return -1;
5390 }
5391 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5392 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5393 iface->ifname);
5394 return -1;
5395 }
5396 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5397
5398 if (iface->bridge_ifname) {
5399 if (os_strlen(iface->bridge_ifname) >=
5400 sizeof(wpa_s->bridge_ifname)) {
5401 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5402 "name '%s'.", iface->bridge_ifname);
5403 return -1;
5404 }
5405 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5406 sizeof(wpa_s->bridge_ifname));
5407 }
5408
6fc6879b
JM		 5409 /* RSNA Supplicant Key Management - INITIALIZE */
5410 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5411 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5412
5413 /* Initialize driver interface and register driver event handler before
5414 * L2 receive handler so that association events are processed before
5415 * EAPOL-Key packets if both become available for the same select()
5416 * call. */
73c00fd7 5417 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 5418 return -1;
5419
6fc6879b
JM		 5420 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5421 return -1;
5422
5423 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5424 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5425 NULL);
5426 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5427
5428 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5429 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5430 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 5431 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5432 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 5433 return -1;
5434 }
5435
5436 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5437 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5438 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 5439 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 5440 "dot11RSNAConfigPMKReauthThreshold");
5441 return -1;
5442 }
5443
5444 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5445 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5446 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 5447 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5448 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 5449 return -1;
5450 }
5451
6bf731e8
CL		 5452 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5453 &wpa_s->hw.num_modes,
aa56e36d
VT		 5454 &wpa_s->hw.flags,
5455 &dfs_domain);
a1b790eb
JM		 5456 if (wpa_s->hw.modes) {
5457 u16 i;
5458
5459 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5460 if (wpa_s->hw.modes[i].vht_capab) {
5461 wpa_s->hw_capab = CAPAB_VHT;
5462 break;
5463 }
5464
5465 if (wpa_s->hw.modes[i].ht_capab &
5466 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5467 wpa_s->hw_capab = CAPAB_HT40;
5468 else if (wpa_s->hw.modes[i].ht_capab &&
5469 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5470 wpa_s->hw_capab = CAPAB_HT;
5471 }
5472 }
6bf731e8 5473
6cbdb0c5
JM		 5474 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5475 if (capa_res == 0) {
c58ab8f2 5476 wpa_s->drv_capa_known = 1;
814782b9 5477 wpa_s->drv_flags = capa.flags;
349493bd 5478 wpa_s->drv_enc = capa.enc;
04ee647d 5479 wpa_s->drv_smps_modes = capa.smps_modes;
f936b73c 5480 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 5481 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 5482 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 5483 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 5484 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5485 wpa_s->max_sched_scan_plan_interval =
5486 capa.max_sched_scan_plan_interval;
5487 wpa_s->max_sched_scan_plan_iterations =
5488 capa.max_sched_scan_plan_iterations;
cbdf3507 5489 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 5490 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 5491 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 5492 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 5493 wpa_s->extended_capa = capa.extended_capa;
5494 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5495 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 5496 wpa_s->num_multichan_concurrent =
5497 capa.num_multichan_concurrent;
471cd6e1 5498 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 5499
5500 if (capa.mac_addr_rand_scan_supported)
5501 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5502 if (wpa_s->sched_scan_supported &&
5503 capa.mac_addr_rand_sched_scan_supported)
5504 wpa_s->mac_addr_rand_supported |=
5505 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
814782b9
JM		 5506 }
5507 if (wpa_s->max_remain_on_chan == 0)
5508 wpa_s->max_remain_on_chan = 1000;
5509
c68f6200
AS		 5510 /*
5511 * Only take p2p_mgmt parameters when P2P Device is supported.
5512 * Doing it here as it determines whether l2_packet_init() will be done
5513 * during wpa_supplicant_driver_init().
5514 */
5515 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5516 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 5517
4752147d
IP		 5518 if (wpa_s->num_multichan_concurrent == 0)
5519 wpa_s->num_multichan_concurrent = 1;
5520
6fc6879b
JM		 5521 if (wpa_supplicant_driver_init(wpa_s) < 0)
5522 return -1;
5523
281ff0aa 5524#ifdef CONFIG_TDLS
8fb2b357 5525 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 5526 return -1;
5527#endif /* CONFIG_TDLS */
5528
315ce40a
JM		 5529 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5530 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 5531 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 5532 return -1;
5533 }
5534
b36a3a65
AN		 5535#ifdef CONFIG_FST
5536 if (wpa_s->conf->fst_group_id) {
5537 struct fst_iface_cfg cfg;
5538 struct fst_wpa_obj iface_obj;
5539
5540 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5541 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5542 sizeof(cfg.group_id));
5543 cfg.priority = wpa_s->conf->fst_priority;
5544 cfg.llt = wpa_s->conf->fst_llt;
5545
5546 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5547 &iface_obj, &cfg);
5548 if (!wpa_s->fst) {
5549 wpa_msg(wpa_s, MSG_ERROR,
5550 "FST: Cannot attach iface %s to group %s",
5551 wpa_s->ifname, cfg.group_id);
5552 return -1;
5553 }
5554 }
5555#endif /* CONFIG_FST */
5556
116654ce
JM		 5557 if (wpas_wps_init(wpa_s))
5558 return -1;
5559
461d39af
JM		 5560#ifdef CONFIG_GAS_SERVER
5561 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5562 if (!wpa_s->gas_server) {
5563 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5564 return -1;
5565 }
5566#endif /* CONFIG_GAS_SERVER */
5567
be27e185
JM		 5568#ifdef CONFIG_DPP
5569 if (wpas_dpp_init(wpa_s) < 0)
5570 return -1;
5571#endif /* CONFIG_DPP */
5572
6fc6879b
JM		 5573 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5574 return -1;
5575 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5576
5577 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5578 if (wpa_s->ctrl_iface == NULL) {
5579 wpa_printf(MSG_ERROR,
5580 "Failed to initialize control interface '%s'.\n"
5581 "You may have another wpa_supplicant process "
5582 "already running or the file was\n"
5583 "left by an unclean termination of wpa_supplicant "
5584 "in which case you will need\n"
5585 "to manually remove this file before starting "
5586 "wpa_supplicant again.\n",
5587 wpa_s->conf->ctrl_interface);
5588 return -1;
5589 }
5590
04ea7b79
JM		 5591 wpa_s->gas = gas_query_init(wpa_s);
5592 if (wpa_s->gas == NULL) {
5593 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5594 return -1;
5595 }
5596
8fb2b357
VV		 5597 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
5598 wpa_s->p2p_mgmt) &&
5599 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 5600 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 5601 return -1;
5602 }
b22128ef 5603
83922c2d
JM		 5604 if (wpa_bss_init(wpa_s) < 0)
5605 return -1;
83922c2d 5606
4d77d80e
MH		 5607#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5608#ifdef CONFIG_MESH
5609 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5610#endif /* CONFIG_MESH */
5611#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5612
e4fa8b12
EP		 5613 /*
5614 * Set Wake-on-WLAN triggers, if configured.
5615 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5616 * have effect anyway when the interface is down).
5617 */
6cbdb0c5 5618 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 5619 return -1;
5620
ec7b97ab
JM		 5621#ifdef CONFIG_EAP_PROXY
5622{
5623 size_t len;
b5db6e5d
VK		 5624 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5625 wpa_s->imsi, &len);
ec7b97ab
JM		 5626 if (wpa_s->mnc_len > 0) {
5627 wpa_s->imsi[len] = '\0';
5628 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5629 wpa_s->imsi, wpa_s->mnc_len);
5630 } else {
5631 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5632 }
5633}
5634#endif /* CONFIG_EAP_PROXY */
5635
f64adcd7
JM		 5636 if (pcsc_reader_init(wpa_s) < 0)
5637 return -1;
5638
306ae225
JM		 5639 if (wpas_init_ext_pw(wpa_s) < 0)
5640 return -1;
5641
b361d580
AK		 5642 wpas_rrm_reset(wpa_s);
5643
32c02261
AS		 5644 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5645
ca9968a0
JM		 5646#ifdef CONFIG_HS20
5647 hs20_init(wpa_s);
5648#endif /* CONFIG_HS20 */
92c6e2e3 5649#ifdef CONFIG_MBO
332aadb8
AP		 5650 if (wpa_s->conf->oce) {
5651 if ((wpa_s->conf->oce & OCE_STA) &&
5652 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5653 wpa_s->enable_oce = OCE_STA;
5654 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5655 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5656 /* TODO: Need to add STA-CFON support */
5657 wpa_printf(MSG_ERROR,
5658 "OCE STA-CFON feature is not yet supported");
5659 }
5660 }
92c6e2e3
DS		 5661 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5662#endif /* CONFIG_MBO */
ca9968a0 5663
cc9985d1 5664 wpa_supplicant_set_default_scan_ies(wpa_s);
5665
6fc6879b
JM		 5666 return 0;
5667}
5668
5669
2ee055b3 5670static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 5671 int notify, int terminate)
6fc6879b 5672{
26fc96e8
JM		 5673 struct wpa_global *global = wpa_s->global;
5674 struct wpa_supplicant *iface, *prev;
5675
5676 if (wpa_s == wpa_s->parent)
5677 wpas_p2p_group_remove(wpa_s, "*");
5678
5679 iface = global->ifaces;
5680 while (iface) {
96a26ab7
LD		 5681 if (iface->p2pdev == wpa_s)
5682 iface->p2pdev = iface->parent;
26fc96e8
JM		 5683 if (iface == wpa_s || iface->parent != wpa_s) {
5684 iface = iface->next;
5685 continue;
5686 }
5687 wpa_printf(MSG_DEBUG,
5688 "Remove remaining child interface %s from parent %s",
5689 iface->ifname, wpa_s->ifname);
5690 prev = iface;
5691 iface = iface->next;
5692 wpa_supplicant_remove_iface(global, prev, terminate);
5693 }
5694
e679f140 5695 wpa_s->disconnected = 1;
6fc6879b
JM		 5696 if (wpa_s->drv_priv) {
5697 wpa_supplicant_deauthenticate(wpa_s,
5698 WLAN_REASON_DEAUTH_LEAVING);
5699
6fc6879b
JM		 5700 wpa_drv_set_countermeasures(wpa_s, 0);
5701 wpa_clear_keys(wpa_s, NULL);
5702 }
5703
8e56d189 5704 wpa_supplicant_cleanup(wpa_s);
bd10d938 5705 wpas_p2p_deinit_iface(wpa_s);
ab28911d 5706
1f965e62 5707 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 5708 radio_remove_interface(wpa_s);
5709
b36a3a65
AN		 5710#ifdef CONFIG_FST
5711 if (wpa_s->fst) {
5712 fst_detach(wpa_s->fst);
5713 wpa_s->fst = NULL;
5714 }
5715 if (wpa_s->received_mb_ies) {
5716 wpabuf_free(wpa_s->received_mb_ies);
5717 wpa_s->received_mb_ies = NULL;
5718 }
5719#endif /* CONFIG_FST */
5720
6fc6879b
JM		 5721 if (wpa_s->drv_priv)
5722 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 5723
5724 if (notify)
5725 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 5726
5727 if (terminate)
5728 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5729
5730 if (wpa_s->ctrl_iface) {
5731 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5732 wpa_s->ctrl_iface = NULL;
5733 }
5734
603a3f34
JL		 5735#ifdef CONFIG_MESH
5736 if (wpa_s->ifmsh) {
5737 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5738 wpa_s->ifmsh = NULL;
5739 }
5740#endif /* CONFIG_MESH */
5741
f0811516
DS		 5742 if (wpa_s->conf != NULL) {
5743 wpa_config_free(wpa_s->conf);
5744 wpa_s->conf = NULL;
5745 }
18e00b5e 5746
a80651d0
KV		 5747 os_free(wpa_s->ssids_from_scan_req);
5748
18e00b5e 5749 os_free(wpa_s);
6fc6879b
JM		 5750}
5751
5752
2e997eec
RM		 5753#ifdef CONFIG_MATCH_IFACE
5754
5755/**
5756 * wpa_supplicant_match_iface - Match an interface description to a name
5757 * @global: Pointer to global data from wpa_supplicant_init()
5758 * @ifname: Name of the interface to match
5759 * Returns: Pointer to the created interface description or %NULL on failure
5760 */
5761struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5762 const char *ifname)
5763{
5764 int i;
5765 struct wpa_interface *iface, *miface;
5766
5767 for (i = 0; i < global->params.match_iface_count; i++) {
5768 miface = &global->params.match_ifaces[i];
5769 if (!miface->ifname ||
5770 fnmatch(miface->ifname, ifname, 0) == 0) {
5771 iface = os_zalloc(sizeof(*iface));
5772 if (!iface)
5773 return NULL;
5774 *iface = *miface;
5775 iface->ifname = ifname;
5776 return iface;
5777 }
5778 }
5779
5780 return NULL;
5781}
5782
5783
5784/**
5785 * wpa_supplicant_match_existing - Match existing interfaces
5786 * @global: Pointer to global data from wpa_supplicant_init()
5787 * Returns: 0 on success, -1 on failure
5788 */
5789static int wpa_supplicant_match_existing(struct wpa_global *global)
5790{
5791 struct if_nameindex *ifi, *ifp;
5792 struct wpa_supplicant *wpa_s;
5793 struct wpa_interface *iface;
5794
5795 ifp = if_nameindex();
5796 if (!ifp) {
5797 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5798 return -1;
5799 }
5800
5801 for (ifi = ifp; ifi->if_name; ifi++) {
5802 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5803 if (wpa_s)
5804 continue;
5805 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5806 if (iface) {
5807 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5808 os_free(iface);
5809 if (wpa_s)
5810 wpa_s->matched = 1;
5811 }
5812 }
5813
5814 if_freenameindex(ifp);
5815 return 0;
5816}
5817
5818#endif /* CONFIG_MATCH_IFACE */
5819
5820
6fc6879b
JM		 5821/**
5822 * wpa_supplicant_add_iface - Add a new network interface
5823 * @global: Pointer to global data from wpa_supplicant_init()
5824 * @iface: Interface configuration options
1772d348 5825 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 5826 * Returns: Pointer to the created interface or %NULL on failure
5827 *
5828 * This function is used to add new network interfaces for %wpa_supplicant.
5829 * This can be called before wpa_supplicant_run() to add interfaces before the
5830 * main event loop has been started. In addition, new interfaces can be added
5831 * dynamically while %wpa_supplicant is already running. This could happen,
5832 * e.g., when a hotplug network adapter is inserted.
5833 */
5834struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 5835 struct wpa_interface *iface,
5836 struct wpa_supplicant *parent)
6fc6879b
JM		 5837{
5838 struct wpa_supplicant *wpa_s;
d27df100 5839 struct wpa_interface t_iface;
8e56d189 5840 struct wpa_ssid *ssid;
6fc6879b
JM		 5841
5842 if (global == NULL || iface == NULL)
5843 return NULL;
5844
1772d348 5845 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 5846 if (wpa_s == NULL)
5847 return NULL;
5848
d8222ae3
JM		 5849 wpa_s->global = global;
5850
d27df100
JM		 5851 t_iface = *iface;
5852 if (global->params.override_driver) {
5853 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5854 "('%s' -> '%s')",
5855 iface->driver, global->params.override_driver);
5856 t_iface.driver = global->params.override_driver;
5857 }
5858 if (global->params.override_ctrl_interface) {
5859 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5860 "ctrl_interface ('%s' -> '%s')",
5861 iface->ctrl_interface,
5862 global->params.override_ctrl_interface);
5863 t_iface.ctrl_interface =
5864 global->params.override_ctrl_interface;
5865 }
5866 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 5867 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5868 iface->ifname);
df509539 5869 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 5870 return NULL;
5871 }
5872
21efc940
TB		 5873 if (iface->p2p_mgmt == 0) {
5874 /* Notify the control interfaces about new iface */
5875 if (wpas_notify_iface_added(wpa_s)) {
5876 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5877 return NULL;
5878 }
1bd3f426 5879
21efc940
TB		 5880 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5881 wpas_notify_network_added(wpa_s, ssid);
5882 }
8e56d189 5883
6fc6879b
JM		 5884 wpa_s->next = global->ifaces;
5885 global->ifaces = wpa_s;
5886
f049052b 5887 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 5888 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 5889
c3c4b3ed
JM		 5890#ifdef CONFIG_P2P
5891 if (wpa_s->global->p2p == NULL &&
74802c09 5892 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 5893 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 5894 wpas_p2p_add_p2pdev_interface(
5895 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 5896 wpa_printf(MSG_INFO,
5897 "P2P: Failed to enable P2P Device interface");
5898 /* Try to continue without. P2P will be disabled. */
5899 }
5900#endif /* CONFIG_P2P */
5901
6fc6879b
JM		 5902 return wpa_s;
5903}
5904
5905
5906/**
5907 * wpa_supplicant_remove_iface - Remove a network interface
5908 * @global: Pointer to global data from wpa_supplicant_init()
5909 * @wpa_s: Pointer to the network interface to be removed
5910 * Returns: 0 if interface was removed, -1 if interface was not found
5911 *
5912 * This function can be used to dynamically remove network interfaces from
5913 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5914 * addition, this function is used to remove all remaining interfaces when
5915 * %wpa_supplicant is terminated.
5916 */
5917int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 5918 struct wpa_supplicant *wpa_s,
5919 int terminate)
6fc6879b
JM		 5920{
5921 struct wpa_supplicant *prev;
5b78493f
MH		 5922#ifdef CONFIG_MESH
5923 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5924 char *ifname = NULL;
9b170991 5925 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 5926#endif /* CONFIG_MESH */
6fc6879b
JM		 5927
5928 /* Remove interface from the global list of interfaces */
5929 prev = global->ifaces;
5930 if (prev == wpa_s) {
5931 global->ifaces = wpa_s->next;
5932 } else {
5933 while (prev && prev->next != wpa_s)
5934 prev = prev->next;
5935 if (prev == NULL)
5936 return -1;
5937 prev->next = wpa_s->next;
5938 }
5939
f049052b 5940 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 5941
5b78493f
MH		 5942#ifdef CONFIG_MESH
5943 if (mesh_if_created) {
5944 ifname = os_strdup(wpa_s->ifname);
5945 if (ifname == NULL) {
5946 wpa_dbg(wpa_s, MSG_ERROR,
5947 "mesh: Failed to malloc ifname");
5948 return -1;
5949 }
5950 }
5951#endif /* CONFIG_MESH */
5952
b22128ef
JM		 5953 if (global->p2p_group_formation == wpa_s)
5954 global->p2p_group_formation = NULL;
dbca75f8
JM		 5955 if (global->p2p_invite_group == wpa_s)
5956 global->p2p_invite_group = NULL;
df509539 5957 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 5958
5b78493f
MH		 5959#ifdef CONFIG_MESH
5960 if (mesh_if_created) {
9b170991 5961 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 5962 os_free(ifname);
5963 }
5964#endif /* CONFIG_MESH */
5965
6fc6879b
JM		 5966 return 0;
5967}
5968
5969
cf83fb0b
PS		 5970/**
5971 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5972 * @wpa_s: Pointer to the network interface
5973 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5974 */
5975const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5976{
5977 const char *eapol_method;
5978
5979 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5980 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5981 return "NO-EAP";
5982 }
5983
5984 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5985 if (eapol_method == NULL)
5986 return "UNKNOWN-EAP";
5987
5988 return eapol_method;
5989}
5990
5991
6fc6879b
JM		 5992/**
5993 * wpa_supplicant_get_iface - Get a new network interface
5994 * @global: Pointer to global data from wpa_supplicant_init()
5995 * @ifname: Interface name
5996 * Returns: Pointer to the interface or %NULL if not found
5997 */
5998struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5999 const char *ifname)
6000{
6001 struct wpa_supplicant *wpa_s;
6002
6003 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6004 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6005 return wpa_s;
6006 }
6007 return NULL;
6008}
6009
6010
50b16da1 6011#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6012static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6013{
6014 struct wpa_supplicant *wpa_s = ctx;
6015 if (wpa_s == NULL)
6016 return NULL;
6017 return wpa_s->ifname;
6018}
50b16da1 6019#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6020
6021
8c0d0ff2
JM		 6022#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6023#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6024#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6025
6026/* Periodic cleanup tasks */
6027static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6028{
6029 struct wpa_global *global = eloop_ctx;
6030 struct wpa_supplicant *wpa_s;
6031
6032 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6033 wpas_periodic, global, NULL);
6034
6035#ifdef CONFIG_P2P
6036 if (global->p2p)
6037 p2p_expire_peers(global->p2p);
6038#endif /* CONFIG_P2P */
6039
3188aaba 6040 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6041 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6042#ifdef CONFIG_AP
6043 ap_periodic(wpa_s);
6044#endif /* CONFIG_AP */
6045 }
8c0d0ff2
JM		 6046}
6047
6048
6fc6879b
JM		 6049/**
6050 * wpa_supplicant_init - Initialize %wpa_supplicant
6051 * @params: Parameters for %wpa_supplicant
6052 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6053 *
6054 * This function is used to initialize %wpa_supplicant. After successful
6055 * initialization, the returned data pointer can be used to add and remove
6056 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6057 */
6058struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6059{
6060 struct wpa_global *global;
ac305589 6061 int ret, i;
6fc6879b
JM		 6062
6063 if (params == NULL)
6064 return NULL;
6065
39e7d718
JM		 6066#ifdef CONFIG_DRIVER_NDIS
6067 {
6068 void driver_ndis_init_ops(void);
6069 driver_ndis_init_ops();
6070 }
6071#endif /* CONFIG_DRIVER_NDIS */
6072
50b16da1 6073#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6074 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6075#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6076
f4637fe0
JM		 6077 if (params->wpa_debug_file_path)
6078 wpa_debug_open_file(params->wpa_debug_file_path);
6079 else
6080 wpa_debug_setup_stdout();
daa70d49
SL		 6081 if (params->wpa_debug_syslog)
6082 wpa_debug_open_syslog();
4f68895e
JB		 6083 if (params->wpa_debug_tracing) {
6084 ret = wpa_debug_open_linux_tracing();
6085 if (ret) {
6086 wpa_printf(MSG_ERROR,
6087 "Failed to enable trace logging");
6088 return NULL;
6089 }
6090 }
6fc6879b 6091
12760815 6092 ret = eap_register_methods();
6fc6879b
JM		 6093 if (ret) {
6094 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6095 if (ret == -2)
6096 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6097 "the same EAP type.");
6098 return NULL;
6099 }
6100
6101 global = os_zalloc(sizeof(*global));
6102 if (global == NULL)
6103 return NULL;
b22128ef
JM		 6104 dl_list_init(&global->p2p_srv_bonjour);
6105 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6106 global->params.daemonize = params->daemonize;
6107 global->params.wait_for_monitor = params->wait_for_monitor;
6108 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6109 if (params->pid_file)
6110 global->params.pid_file = os_strdup(params->pid_file);
6111 if (params->ctrl_interface)
6112 global->params.ctrl_interface =
6113 os_strdup(params->ctrl_interface);
29257565
JM		 6114 if (params->ctrl_interface_group)
6115 global->params.ctrl_interface_group =
6116 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6117 if (params->override_driver)
6118 global->params.override_driver =
6119 os_strdup(params->override_driver);
6120 if (params->override_ctrl_interface)
6121 global->params.override_ctrl_interface =
6122 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6123#ifdef CONFIG_MATCH_IFACE
6124 global->params.match_iface_count = params->match_iface_count;
6125 if (params->match_iface_count) {
6126 global->params.match_ifaces =
6127 os_calloc(params->match_iface_count,
6128 sizeof(struct wpa_interface));
6129 os_memcpy(global->params.match_ifaces,
6130 params->match_ifaces,
6131 params->match_iface_count *
6132 sizeof(struct wpa_interface));
6133 }
6134#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6135#ifdef CONFIG_P2P
6136 if (params->conf_p2p_dev)
6137 global->params.conf_p2p_dev =
6138 os_strdup(params->conf_p2p_dev);
6139#endif /* CONFIG_P2P */
6fc6879b
JM		 6140 wpa_debug_level = global->params.wpa_debug_level =
6141 params->wpa_debug_level;
6142 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6143 params->wpa_debug_show_keys;
6144 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6145 params->wpa_debug_timestamp;
6146
f19858f5
JM		 6147 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6148
0456ea16 6149 if (eloop_init()) {
6fc6879b
JM		 6150 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6151 wpa_supplicant_deinit(global);
6152 return NULL;
6153 }
6154
38e24575 6155 random_init(params->entropy_file);
d47fa330 6156
6fc6879b
JM		 6157 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6158 if (global->ctrl_iface == NULL) {
6159 wpa_supplicant_deinit(global);
6160 return NULL;
6161 }
6162
dc461de4
WS		 6163 if (wpas_notify_supplicant_initialized(global)) {
6164 wpa_supplicant_deinit(global);
6165 return NULL;
6fc6879b
JM		 6166 }
6167
c5121837 6168 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6169 global->drv_count++;
6170 if (global->drv_count == 0) {
6171 wpa_printf(MSG_ERROR, "No drivers enabled");
6172 wpa_supplicant_deinit(global);
6173 return NULL;
6174 }
faebdeaa 6175 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6176 if (global->drv_priv == NULL) {
6177 wpa_supplicant_deinit(global);
6178 return NULL;
6179 }
ac305589 6180
9675ce35
JM		 6181#ifdef CONFIG_WIFI_DISPLAY
6182 if (wifi_display_init(global) < 0) {
6183 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6184 wpa_supplicant_deinit(global);
6185 return NULL;
6186 }
6187#endif /* CONFIG_WIFI_DISPLAY */
6188
8c0d0ff2
JM		 6189 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6190 wpas_periodic, global, NULL);
6191
6fc6879b
JM		 6192 return global;
6193}
6194
6195
6196/**
6197 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6198 * @global: Pointer to global data from wpa_supplicant_init()
6199 * Returns: 0 after successful event loop run, -1 on failure
6200 *
6201 * This function starts the main event loop and continues running as long as
6202 * there are any remaining events. In most cases, this function is running as
6203 * long as the %wpa_supplicant process in still in use.
6204 */
6205int wpa_supplicant_run(struct wpa_global *global)
6206{
6207 struct wpa_supplicant *wpa_s;
6208
6209 if (global->params.daemonize &&
2e69bdd1
RM		 6210 (wpa_supplicant_daemon(global->params.pid_file) ||
6211 eloop_sock_requeue()))
6fc6879b
JM		 6212 return -1;
6213
2e997eec
RM		 6214#ifdef CONFIG_MATCH_IFACE
6215 if (wpa_supplicant_match_existing(global))
6216 return -1;
6217#endif
6218
6fc6879b
JM		 6219 if (global->params.wait_for_monitor) {
6220 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6221 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6222 wpa_supplicant_ctrl_iface_wait(
6223 wpa_s->ctrl_iface);
6224 }
6225
0456ea16
JM		 6226 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6227 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6228
6229 eloop_run();
6230
6231 return 0;
6232}
6233
6234
6235/**
6236 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6237 * @global: Pointer to global data from wpa_supplicant_init()
6238 *
6239 * This function is called to deinitialize %wpa_supplicant and to free all
6240 * allocated resources. Remaining network interfaces will also be removed.
6241 */
6242void wpa_supplicant_deinit(struct wpa_global *global)
6243{
ac305589
JM		 6244 int i;
6245
6fc6879b
JM		 6246 if (global == NULL)
6247 return;
6248
8c0d0ff2
JM		 6249 eloop_cancel_timeout(wpas_periodic, global, NULL);
6250
9675ce35
JM		 6251#ifdef CONFIG_WIFI_DISPLAY
6252 wifi_display_deinit(global);
6253#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6254
6fc6879b 6255 while (global->ifaces)
df509539 6256 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6257
6258 if (global->ctrl_iface)
6259 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6260
6261 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6262
6263 eap_peer_unregister_methods();
3ec97afe
JM		 6264#ifdef CONFIG_AP
6265 eap_server_unregister_methods();
6266#endif /* CONFIG_AP */
6fc6879b 6267
c5121837 6268 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6269 if (!global->drv_priv[i])
6270 continue;
c5121837 6271 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6272 }
6273 os_free(global->drv_priv);
6274
d47fa330
JM		 6275 random_deinit();
6276
6fc6879b
JM		 6277 eloop_destroy();
6278
6279 if (global->params.pid_file) {
6280 os_daemonize_terminate(global->params.pid_file);
6281 os_free(global->params.pid_file);
6282 }
6283 os_free(global->params.ctrl_interface);
29257565 6284 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6285 os_free(global->params.override_driver);
6286 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6287#ifdef CONFIG_MATCH_IFACE
6288 os_free(global->params.match_ifaces);
6289#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6290#ifdef CONFIG_P2P
6291 os_free(global->params.conf_p2p_dev);
6292#endif /* CONFIG_P2P */
6fc6879b 6293
af8a827b 6294 os_free(global->p2p_disallow_freq.range);
253f2e37 6295 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6296 os_free(global->add_psk);
6f3bc72b 6297
6fc6879b 6298 os_free(global);
daa70d49 6299 wpa_debug_close_syslog();
6fc6879b 6300 wpa_debug_close_file();
4f68895e 6301 wpa_debug_close_linux_tracing();
6fc6879b 6302}
611aea7d
JM		 6303
6304
6305void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6306{
849b5dc7
JM		 6307 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6308 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6309 char country[3];
6310 country[0] = wpa_s->conf->country[0];
6311 country[1] = wpa_s->conf->country[1];
6312 country[2] = '\0';
6313 if (wpa_drv_set_country(wpa_s, country) < 0) {
6314 wpa_printf(MSG_ERROR, "Failed to set country code "
6315 "'%s'", country);
6316 }
6317 }
6318
306ae225
JM		 6319 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6320 wpas_init_ext_pw(wpa_s);
6321
bea48f77
JM		 6322 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6323 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6324
3c7863f8
LD		 6325 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6326 struct wpa_driver_capa capa;
6327 int res = wpa_drv_get_capa(wpa_s, &capa);
6328
6329 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6330 wpa_printf(MSG_ERROR,
6331 "Failed to update wowlan_triggers to '%s'",
6332 wpa_s->conf->wowlan_triggers);
6333 }
6334
611aea7d
JM		 6335#ifdef CONFIG_WPS
6336 wpas_wps_update_config(wpa_s);
6337#endif /* CONFIG_WPS */
b22128ef 6338 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 6339 wpa_s->conf->changed_parameters = 0;
6340}
2f9c6aa6
JM		 6341
6342
e1117c1c 6343void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 6344{
6345 int i;
6346
6347 for (i = 0; i < *num_freqs; i++) {
6348 if (freqs[i] == freq)
6349 return;
6350 }
6351
6352 freqs[*num_freqs] = freq;
6353 (*num_freqs)++;
6354}
6355
6356
6357static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6358{
6359 struct wpa_bss *bss, *cbss;
6360 const int max_freqs = 10;
6361 int *freqs;
6362 int num_freqs = 0;
6363
faebdeaa 6364 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 6365 if (freqs == NULL)
6366 return NULL;
6367
6368 cbss = wpa_s->current_bss;
6369
6370 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6371 if (bss == cbss)
6372 continue;
6373 if (bss->ssid_len == cbss->ssid_len &&
6374 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6375 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6376 add_freq(freqs, &num_freqs, bss->freq);
6377 if (num_freqs == max_freqs)
6378 break;
6379 }
6380 }
6381
6382 if (num_freqs == 0) {
6383 os_free(freqs);
6384 freqs = NULL;
6385 }
6386
6387 return freqs;
6388}
6389
6390
6391void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6392{
6393 int timeout;
6394 int count;
6395 int *freqs = NULL;
6396
6ac4b15e
JM		 6397 wpas_connect_work_done(wpa_s);
6398
5fd9fb27
JM		 6399 /*
6400 * Remove possible authentication timeout since the connection failed.
6401 */
6402 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6403
c2805909
JM		 6404 /*
6405 * There is no point in blacklisting the AP if this event is
6406 * generated based on local request to disconnect.
6407 */
6408 if (wpa_s->own_disconnect_req) {
6409 wpa_s->own_disconnect_req = 0;
6410 wpa_dbg(wpa_s, MSG_DEBUG,
6411 "Ignore connection failure due to local request to disconnect");
6412 return;
6413 }
0cdb93fe 6414 if (wpa_s->disconnected) {
0cdb93fe
JM		 6415 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6416 "indication since interface has been put into "
6417 "disconnected state");
6418 return;
6419 }
6420
0fb337c1
JM		 6421 /*
6422 * Add the failed BSSID into the blacklist and speed up next scan
6423 * attempt if there could be other APs that could accept association.
6424 * The current blacklist count indicates how many times we have tried
6425 * connecting to this AP and multiple attempts mean that other APs are
6426 * either not available or has already been tried, so that we can start
6427 * increasing the delay here to avoid constant scanning.
6428 */
6429 count = wpa_blacklist_add(wpa_s, bssid);
6430 if (count == 1 && wpa_s->current_bss) {
6431 /*
6432 * This BSS was not in the blacklist before. If there is
6433 * another BSS available for the same ESS, we should try that
6434 * next. Otherwise, we may as well try this one once more
6435 * before allowing other, likely worse, ESSes to be considered.
6436 */
6437 freqs = get_bss_freqs_in_ess(wpa_s);
6438 if (freqs) {
f049052b
BG		 6439 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6440 "has been seen; try it next");
0fb337c1
JM		 6441 wpa_blacklist_add(wpa_s, bssid);
6442 /*
6443 * On the next scan, go through only the known channels
6444 * used in this ESS based on previous scans to speed up
6445 * common load balancing use case.
6446 */
6447 os_free(wpa_s->next_scan_freqs);
6448 wpa_s->next_scan_freqs = freqs;
6449 }
6450 }
6451
f1a52633
JM		 6452 /*
6453 * Add previous failure count in case the temporary blacklist was
6454 * cleared due to no other BSSes being available.
6455 */
6456 count += wpa_s->extra_blacklist_count;
6457
dd579704
JM		 6458 if (count > 3 && wpa_s->current_ssid) {
6459 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6460 "consider temporary network disabling");
b19c098e 6461 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 6462 }
6463
0fb337c1
JM		 6464 switch (count) {
6465 case 1:
6466 timeout = 100;
6467 break;
6468 case 2:
6469 timeout = 500;
6470 break;
6471 case 3:
6472 timeout = 1000;
6473 break;
f1a52633 6474 case 4:
0fb337c1 6475 timeout = 5000;
f1a52633
JM		 6476 break;
6477 default:
6478 timeout = 10000;
6479 break;
0fb337c1
JM		 6480 }
6481
f1a52633
JM		 6482 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6483 "ms", count, timeout);
6484
0fb337c1
JM		 6485 /*
6486 * TODO: if more than one possible AP is available in scan results,
6487 * could try the other ones before requesting a new scan.
6488 */
6489 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6490 1000 * (timeout % 1000));
6491}
22628eca
JM		 6492
6493
6494int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6495{
6496 return wpa_s->conf->ap_scan == 2 ||
6497 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6498}
d2118814
JM		 6499
6500
6501#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6502int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6503 struct wpa_ssid *ssid,
6504 const char *field,
6505 const char *value)
6506{
6507#ifdef IEEE8021X_EAPOL
6508 struct eap_peer_config *eap = &ssid->eap;
6509
6510 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6511 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6512 (const u8 *) value, os_strlen(value));
6513
6514 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6515 case WPA_CTRL_REQ_EAP_IDENTITY:
6516 os_free(eap->identity);
6517 eap->identity = (u8 *) os_strdup(value);
6518 eap->identity_len = os_strlen(value);
6519 eap->pending_req_identity = 0;
6520 if (ssid == wpa_s->current_ssid)
6521 wpa_s->reassociate = 1;
6522 break;
6523 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 6524 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 6525 eap->password = (u8 *) os_strdup(value);
6526 eap->password_len = os_strlen(value);
6527 eap->pending_req_password = 0;
6528 if (ssid == wpa_s->current_ssid)
6529 wpa_s->reassociate = 1;
6530 break;
6531 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 6532 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 6533 eap->new_password = (u8 *) os_strdup(value);
6534 eap->new_password_len = os_strlen(value);
6535 eap->pending_req_new_password = 0;
6536 if (ssid == wpa_s->current_ssid)
6537 wpa_s->reassociate = 1;
6538 break;
6539 case WPA_CTRL_REQ_EAP_PIN:
19c48da0 6540 str_clear_free(eap->pin);
d2118814
JM		 6541 eap->pin = os_strdup(value);
6542 eap->pending_req_pin = 0;
6543 if (ssid == wpa_s->current_ssid)
6544 wpa_s->reassociate = 1;
6545 break;
6546 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 6547 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 6548 eap->otp = (u8 *) os_strdup(value);
6549 eap->otp_len = os_strlen(value);
6550 os_free(eap->pending_req_otp);
6551 eap->pending_req_otp = NULL;
6552 eap->pending_req_otp_len = 0;
6553 break;
6554 case WPA_CTRL_REQ_EAP_PASSPHRASE:
19c48da0
JM		 6555 str_clear_free(eap->private_key_passwd);
6556 eap->private_key_passwd = os_strdup(value);
d2118814
JM		 6557 eap->pending_req_passphrase = 0;
6558 if (ssid == wpa_s->current_ssid)
6559 wpa_s->reassociate = 1;
6560 break;
a5d44ac0 6561 case WPA_CTRL_REQ_SIM:
19c48da0 6562 str_clear_free(eap->external_sim_resp);
a5d44ac0 6563 eap->external_sim_resp = os_strdup(value);
ed9b1c16 6564 eap->pending_req_sim = 0;
a5d44ac0 6565 break;
a52410c2
JM		 6566 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6567 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6568 return -1;
6569 ssid->mem_only_psk = 1;
6570 if (ssid->passphrase)
6571 wpa_config_update_psk(ssid);
6572 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6573 wpa_supplicant_req_scan(wpa_s, 0, 0);
6574 break;
3c108b75
JM		 6575 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6576 if (eap->pending_ext_cert_check != PENDING_CHECK)
6577 return -1;
6578 if (os_strcmp(value, "good") == 0)
6579 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6580 else if (os_strcmp(value, "bad") == 0)
6581 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6582 else
6583 return -1;
6584 break;
d2118814
JM		 6585 default:
6586 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6587 return -1;
6588 }
6589
6590 return 0;
6591#else /* IEEE8021X_EAPOL */
6592 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6593 return -1;
6594#endif /* IEEE8021X_EAPOL */
6595}
6596#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 6597
6598
6599int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6600{
6601 int i;
6602 unsigned int drv_enc;
6603
44b9ea5b
JM		 6604 if (wpa_s->p2p_mgmt)
6605 return 1; /* no normal network profiles on p2p_mgmt interface */
6606
349493bd
JM		 6607 if (ssid == NULL)
6608 return 1;
6609
6610 if (ssid->disabled)
6611 return 1;
6612
9feadba1 6613 if (wpa_s->drv_capa_known)
349493bd
JM		 6614 drv_enc = wpa_s->drv_enc;
6615 else
6616 drv_enc = (unsigned int) -1;
6617
6618 for (i = 0; i < NUM_WEP_KEYS; i++) {
6619 size_t len = ssid->wep_key_len[i];
6620 if (len == 0)
6621 continue;
6622 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6623 continue;
6624 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6625 continue;
6626 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6627 continue;
6628 return 1; /* invalid WEP key */
6629 }
6630
9173b16f 6631 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 6632 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 6633 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 6634 !ssid->mem_only_psk)
2518aad3
JM		 6635 return 1;
6636
349493bd
JM		 6637 return 0;
6638}
b9cfc09a
JJ		 6639
6640
3f56a2b7
JM		 6641int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6642{
6643#ifdef CONFIG_IEEE80211W
6644 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6645 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6646 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6647 /*
6648 * Driver does not support BIP -- ignore pmf=1 default
6649 * since the connection with PMF would fail and the
6650 * configuration does not require PMF to be enabled.
6651 */
6652 return NO_MGMT_FRAME_PROTECTION;
6653 }
6654
22950049
JM		 6655 if (ssid &&
6656 (ssid->key_mgmt &
6657 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6658 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6659 /*
6660 * Do not use the default PMF value for non-RSN networks
6661 * since PMF is available only with RSN and pmf=2
6662 * configuration would otherwise prevent connections to
6663 * all open networks.
6664 */
6665 return NO_MGMT_FRAME_PROTECTION;
6666 }
6667
3f56a2b7
JM		 6668 return wpa_s->conf->pmf;
6669 }
6670
6671 return ssid->ieee80211w;
6672#else /* CONFIG_IEEE80211W */
6673 return NO_MGMT_FRAME_PROTECTION;
6674#endif /* CONFIG_IEEE80211W */
6675}
6676
6677
b9cfc09a
JJ		 6678int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6679{
6680 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6681 return 1;
6682 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6683 return 0;
6684 return -1;
6685}
00e5e3d5
JM		 6686
6687
b19c098e 6688void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 6689{
6690 struct wpa_ssid *ssid = wpa_s->current_ssid;
6691 int dur;
4e1eae1d 6692 struct os_reltime now;
00e5e3d5
JM		 6693
6694 if (ssid == NULL) {
6695 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6696 "SSID block");
6697 return;
6698 }
6699
6700 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6701 return;
6702
6703 ssid->auth_failures++;
cbf41ca7
SL		 6704
6705#ifdef CONFIG_P2P
6706 if (ssid->p2p_group &&
6707 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6708 /*
6709 * Skip the wait time since there is a short timeout on the
6710 * connection to a P2P group.
6711 */
6712 return;
6713 }
6714#endif /* CONFIG_P2P */
6715
00e5e3d5
JM		 6716 if (ssid->auth_failures > 50)
6717 dur = 300;
00e5e3d5 6718 else if (ssid->auth_failures > 10)
8a77f1be 6719 dur = 120;
00e5e3d5 6720 else if (ssid->auth_failures > 5)
8a77f1be
JM		 6721 dur = 90;
6722 else if (ssid->auth_failures > 3)
6723 dur = 60;
6724 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 6725 dur = 30;
6726 else if (ssid->auth_failures > 1)
6727 dur = 20;
6728 else
6729 dur = 10;
6730
8a77f1be
JM		 6731 if (ssid->auth_failures > 1 &&
6732 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6733 dur += os_random() % (ssid->auth_failures * 10);
6734
4e1eae1d 6735 os_get_reltime(&now);
00e5e3d5
JM		 6736 if (now.sec + dur <= ssid->disabled_until.sec)
6737 return;
6738
6739 ssid->disabled_until.sec = now.sec + dur;
6740
6741 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 6742 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 6743 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 6744 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 6745}
6746
6747
6748void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6749 struct wpa_ssid *ssid, int clear_failures)
6750{
6751 if (ssid == NULL)
6752 return;
6753
6754 if (ssid->disabled_until.sec) {
6755 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6756 "id=%d ssid=\"%s\"",
6757 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6758 }
6759 ssid->disabled_until.sec = 0;
6760 ssid->disabled_until.usec = 0;
6761 if (clear_failures)
6762 ssid->auth_failures = 0;
6763}
6407f413
JM		 6764
6765
6766int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6767{
6768 size_t i;
6769
6770 if (wpa_s->disallow_aps_bssid == NULL)
6771 return 0;
6772
6773 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6774 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6775 bssid, ETH_ALEN) == 0)
6776 return 1;
6777 }
6778
6779 return 0;
6780}
6781
6782
6783int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6784 size_t ssid_len)
6785{
6786 size_t i;
6787
6788 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6789 return 0;
6790
6791 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6792 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6793 if (ssid_len == s->ssid_len &&
6794 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6795 return 1;
6796 }
6797
6798 return 0;
6799}
9796a86c
JM		 6800
6801
6802/**
6803 * wpas_request_connection - Request a new connection
6804 * @wpa_s: Pointer to the network interface
6805 *
6806 * This function is used to request a new connection to be found. It will mark
6807 * the interface to allow reassociation and request a new scan to find a
6808 * suitable network to connect to.
6809 */
6810void wpas_request_connection(struct wpa_supplicant *wpa_s)
6811{
6812 wpa_s->normal_scans = 0;
5214f4fa 6813 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 6814 wpa_supplicant_reinit_autoscan(wpa_s);
6815 wpa_s->extra_blacklist_count = 0;
6816 wpa_s->disconnected = 0;
6817 wpa_s->reassociate = 1;
2cb40e9f 6818 wpa_s->last_owe_group = 0;
5e24beae
MH		 6819
6820 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6821 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 6822 else
6823 wpa_s->reattach = 0;
9796a86c 6824}
36b9883d
DG		 6825
6826
5f040be4
RP		 6827/**
6828 * wpas_request_disconnection - Request disconnection
6829 * @wpa_s: Pointer to the network interface
6830 *
6831 * This function is used to request disconnection from the currently connected
6832 * network. This will stop any ongoing scans and initiate deauthentication.
6833 */
6834void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6835{
6836#ifdef CONFIG_SME
6837 wpa_s->sme.prev_bssid_set = 0;
6838#endif /* CONFIG_SME */
6839 wpa_s->reassociate = 0;
6840 wpa_s->disconnected = 1;
6841 wpa_supplicant_cancel_sched_scan(wpa_s);
6842 wpa_supplicant_cancel_scan(wpa_s);
6843 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6844 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6845}
6846
6847
a0c90bb0
IP		 6848void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6849 struct wpa_used_freq_data *freqs_data,
6850 unsigned int len)
6851{
6852 unsigned int i;
6853
6854 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6855 len, title);
6856 for (i = 0; i < len; i++) {
6857 struct wpa_used_freq_data *cur = &freqs_data[i];
6858 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6859 i, cur->freq, cur->flags);
6860 }
6861}
6862
6863
53c5dfc2
IP		 6864/*
6865 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 6866 * are using the same radio as the current interface, and in addition, get
6867 * information about the interface types that are using the frequency.
53c5dfc2 6868 */
a0c90bb0
IP		 6869int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6870 struct wpa_used_freq_data *freqs_data,
6871 unsigned int len)
53c5dfc2 6872{
53c5dfc2
IP		 6873 struct wpa_supplicant *ifs;
6874 u8 bssid[ETH_ALEN];
6875 int freq;
6876 unsigned int idx = 0, i;
6877
217cf499
JM		 6878 wpa_dbg(wpa_s, MSG_DEBUG,
6879 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 6880 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 6881
0ad3b9c4
JM		 6882 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6883 radio_list) {
a0c90bb0
IP		 6884 if (idx == len)
6885 break;
6886
53c5dfc2
IP		 6887 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6888 continue;
6889
6890 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 6891 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6892 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 6893 freq = ifs->current_ssid->frequency;
6894 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6895 freq = ifs->assoc_freq;
6896 else
6897 continue;
6898
6899 /* Hold only distinct freqs */
6900 for (i = 0; i < idx; i++)
a0c90bb0 6901 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 6902 break;
6903
6904 if (i == idx)
a0c90bb0
IP		 6905 freqs_data[idx++].freq = freq;
6906
6907 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 6908 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 6909 WPA_FREQ_USED_BY_P2P_CLIENT :
6910 WPA_FREQ_USED_BY_INFRA_STATION;
6911 }
53c5dfc2 6912 }
217cf499 6913
a0c90bb0 6914 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 6915 return idx;
6916}
a0c90bb0
IP		 6917
6918
6919/*
6920 * Find the operating frequencies of any of the virtual interfaces that
6921 * are using the same radio as the current interface.
6922 */
6923int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6924 int *freq_array, unsigned int len)
6925{
6926 struct wpa_used_freq_data *freqs_data;
6927 int num, i;
6928
6929 os_memset(freq_array, 0, sizeof(int) * len);
6930
6931 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6932 if (!freqs_data)
6933 return -1;
6934
6935 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6936 for (i = 0; i < num; i++)
6937 freq_array[i] = freqs_data[i].freq;
6938
6939 os_free(freqs_data);
6940
6941 return num;
6942}
b361d580
AK		 6943
6944
af041f99
AA		 6945struct wpa_supplicant *
6946wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6947{
6948 switch (frame) {
6949#ifdef CONFIG_P2P
6950 case VENDOR_ELEM_PROBE_REQ_P2P:
6951 case VENDOR_ELEM_PROBE_RESP_P2P:
6952 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6953 case VENDOR_ELEM_BEACON_P2P_GO:
6954 case VENDOR_ELEM_P2P_PD_REQ:
6955 case VENDOR_ELEM_P2P_PD_RESP:
6956 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6957 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6958 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6959 case VENDOR_ELEM_P2P_INV_REQ:
6960 case VENDOR_ELEM_P2P_INV_RESP:
6961 case VENDOR_ELEM_P2P_ASSOC_REQ:
6962 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 6963 return wpa_s->p2pdev;
af041f99
AA		 6964#endif /* CONFIG_P2P */
6965 default:
6966 return wpa_s;
6967 }
6968}
6969
6970
6971void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6972{
6973 unsigned int i;
6974 char buf[30];
6975
6976 wpa_printf(MSG_DEBUG, "Update vendor elements");
6977
6978 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6979 if (wpa_s->vendor_elem[i]) {
6980 int res;
6981
6982 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6983 if (!os_snprintf_error(sizeof(buf), res)) {
6984 wpa_hexdump_buf(MSG_DEBUG, buf,
6985 wpa_s->vendor_elem[i]);
6986 }
6987 }
6988 }
6989
6990#ifdef CONFIG_P2P
6991 if (wpa_s->parent == wpa_s &&
6992 wpa_s->global->p2p &&
6993 !wpa_s->global->p2p_disabled)
6994 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6995#endif /* CONFIG_P2P */
6996}
6997
6998
6999int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7000 const u8 *elem, size_t len)
7001{
7002 u8 *ie, *end;
7003
7004 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7005 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7006
7007 for (; ie + 1 < end; ie += 2 + ie[1]) {
7008 if (ie + len > end)
7009 break;
7010 if (os_memcmp(ie, elem, len) != 0)
7011 continue;
7012
7013 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7014 wpabuf_free(wpa_s->vendor_elem[frame]);
7015 wpa_s->vendor_elem[frame] = NULL;
7016 } else {
7017 os_memmove(ie, ie + len, end - (ie + len));
7018 wpa_s->vendor_elem[frame]->used -= len;
7019 }
7020 wpas_vendor_elem_update(wpa_s);
7021 return 0;
7022 }
7023
7024 return -1;
7025}
ea69d973
AS		 7026
7027
7028struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7029 u16 num_modes, enum hostapd_hw_mode mode)
7030{
7031 u16 i;
7032
7033 for (i = 0; i < num_modes; i++) {
7034 if (modes[i].mode == mode)
7035 return &modes[i];
7036 }
7037
7038 return NULL;
7039}
dd599908
AS		 7040
7041
7042static struct
7043wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7044 const u8 *bssid)
7045{
7046 struct wpa_bss_tmp_disallowed *bss;
7047
7048 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7049 struct wpa_bss_tmp_disallowed, list) {
7050 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7051 return bss;
7052 }
7053
7054 return NULL;
7055}
7056
7057
b04854ce
AP		 7058static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7059{
7060 struct wpa_bss_tmp_disallowed *tmp;
7061 unsigned int num_bssid = 0;
7062 u8 *bssids;
7063 int ret;
7064
7065 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7066 if (!bssids)
7067 return -1;
7068 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7069 struct wpa_bss_tmp_disallowed, list) {
7070 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7071 ETH_ALEN);
7072 num_bssid++;
7073 }
7074 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7075 os_free(bssids);
7076 return ret;
7077}
7078
7079
7080static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7081{
7082 struct wpa_supplicant *wpa_s = eloop_ctx;
7083 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7084
7085 /* Make sure the bss is not already freed */
7086 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7087 struct wpa_bss_tmp_disallowed, list) {
7088 if (bss == tmp) {
7089 dl_list_del(&tmp->list);
7090 os_free(tmp);
7091 wpa_set_driver_tmp_disallow_list(wpa_s);
7092 break;
7093 }
7094 }
7095}
7096
7097
dd599908
AS		 7098void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7099 unsigned int sec)
7100{
7101 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7102
7103 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7104 if (bss) {
b04854ce
AP		 7105 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7106 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7107 wpa_s, bss);
dd599908
AS		 7108 return;
7109 }
7110
7111 bss = os_malloc(sizeof(*bss));
7112 if (!bss) {
7113 wpa_printf(MSG_DEBUG,
7114 "Failed to allocate memory for temp disallow BSS");
7115 return;
7116 }
7117
dd599908
AS		 7118 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7119 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce
AP		 7120 wpa_set_driver_tmp_disallow_list(wpa_s);
7121 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7122 wpa_s, bss);
dd599908
AS		 7123}
7124
7125
7126int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7127{
d010048c 7128 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
dd599908 7129
d010048c
JM		 7130 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7131 struct wpa_bss_tmp_disallowed, list) {
d010048c
JM		 7132 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
7133 bss = tmp;
7134 break;
7135 }
7136 }
dd599908
AS		 7137 if (!bss)
7138 return 0;
7139
d010048c 7140 return 1;
dd599908 7141}
Unnamed repository; edit this file 'description' to name the repository.