]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tests: roaming_consortium_selection
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
6774c6a9 3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
90973fb2 39#include "common/ieee802_11_defs.h"
6b8b0774 40#include "common/hw_features_common.h"
461d39af 41#include "common/gas_server.h"
72044390 42#include "p2p/p2p.h"
b36a3a65 43#include "fst/fst.h"
6fc6879b
JM		 44#include "blacklist.h"
45#include "wpas_glue.h"
116654ce 46#include "wps_supplicant.h"
11ef8d35 47#include "ibss_rsn.h"
c2a04078 48#include "sme.h"
04ea7b79 49#include "gas_query.h"
1f1b62a0 50#include "ap.h"
b22128ef 51#include "p2p_supplicant.h"
9675ce35 52#include "wifi_display.h"
8bac466b 53#include "notify.h"
60b94c98 54#include "bgscan.h"
7c865c68 55#include "autoscan.h"
83922c2d 56#include "bss.h"
9ba9fa07 57#include "scan.h"
24f6497c 58#include "offchannel.h"
cb418324 59#include "hs20_supplicant.h"
e27d20bb 60#include "wnm_sta.h"
dd10abcc 61#include "wpas_kay.h"
603a3f34 62#include "mesh.h"
be27e185 63#include "dpp_supplicant.h"
a39b040b
SB		 64#ifdef CONFIG_MESH
65#include "ap/ap_config.h"
66#include "ap/hostapd.h"
67#endif /* CONFIG_MESH */
6fc6879b 68
8b423edb 69const char *const wpa_supplicant_version =
6fc6879b 70"wpa_supplicant v" VERSION_STR "\n"
6774c6a9 71"Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 72
8b423edb 73const char *const wpa_supplicant_license =
331f89ff
JM		 74"This software may be distributed under the terms of the BSD license.\n"
75"See README for more details.\n"
6fc6879b
JM		 76#ifdef EAP_TLS_OPENSSL
77"\nThis product includes software developed by the OpenSSL Project\n"
78"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79#endif /* EAP_TLS_OPENSSL */
80;
81
82#ifndef CONFIG_NO_STDOUT_DEBUG
83/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 84const char *const wpa_supplicant_full_license1 =
331f89ff 85"";
8b423edb 86const char *const wpa_supplicant_full_license2 =
331f89ff 87"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 88"\n"
89"Redistribution and use in source and binary forms, with or without\n"
90"modification, are permitted provided that the following conditions are\n"
91"met:\n"
92"\n";
8b423edb 93const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 94"1. Redistributions of source code must retain the above copyright\n"
95" notice, this list of conditions and the following disclaimer.\n"
96"\n"
97"2. Redistributions in binary form must reproduce the above copyright\n"
98" notice, this list of conditions and the following disclaimer in the\n"
99" documentation and/or other materials provided with the distribution.\n"
100"\n";
8b423edb 101const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 102"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103" names of its contributors may be used to endorse or promote products\n"
104" derived from this software without specific prior written permission.\n"
105"\n"
106"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 110const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 111"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118"\n";
119#endif /* CONFIG_NO_STDOUT_DEBUG */
120
b04854ce
AP		 121
122static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 123#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
125#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
b04854ce
AP		 126
127
6fc6879b 128/* Configure default/group WEP keys for static WEP */
0194fedb 129int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 130{
131 int i, set = 0;
132
133 for (i = 0; i < NUM_WEP_KEYS; i++) {
134 if (ssid->wep_key_len[i] == 0)
135 continue;
136
137 set = 1;
0382097e 138 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 139 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 140 ssid->wep_key[i], ssid->wep_key_len[i]);
141 }
142
143 return set;
144}
145
146
6ea1f413
JM		 147int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
148 struct wpa_ssid *ssid)
6fc6879b
JM		 149{
150 u8 key[32];
151 size_t keylen;
71934751 152 enum wpa_alg alg;
6fc6879b 153 u8 seq[6] = { 0 };
658da804 154 int ret;
6fc6879b
JM		 155
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
158
d7dcba70 159 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 160 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 162 return -1;
163 }
164
165 if (!ssid->psk_set) {
f049052b
BG		 166 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
167 "WPA-None");
6fc6879b
JM		 168 return -1;
169 }
170
171 switch (wpa_s->group_cipher) {
172 case WPA_CIPHER_CCMP:
173 os_memcpy(key, ssid->psk, 16);
174 keylen = 16;
175 alg = WPA_ALG_CCMP;
176 break;
eb7719ff
JM		 177 case WPA_CIPHER_GCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_GCMP;
181 break;
6fc6879b
JM		 182 case WPA_CIPHER_TKIP:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key, ssid->psk, 16 + 8);
185 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
186 keylen = 32;
187 alg = WPA_ALG_TKIP;
188 break;
189 default:
f049052b
BG		 190 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 192 return -1;
193 }
194
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
197
658da804
JM		 198 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
199 os_memset(key, 0, sizeof(key));
200 return ret;
6fc6879b
JM		 201}
202
203
204static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
205{
206 struct wpa_supplicant *wpa_s = eloop_ctx;
207 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 208 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
209 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
210 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 211 bssid = wpa_s->pending_bssid;
212 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
213 MAC2STR(bssid));
214 wpa_blacklist_add(wpa_s, bssid);
215 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 216 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 217 wpa_s->reassociate = 1;
48b84f18
BG		 218
219 /*
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
222 */
223 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 224}
225
226
227/**
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
232 *
233 * This function is used to schedule a timeout for the current authentication
234 * attempt.
235 */
236void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
237 int sec, int usec)
238{
a2a535f8 239 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 240 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 241 return;
242
f049052b 243 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 244 "%d usec", sec, usec);
245 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 246 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 247 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
248}
249
250
37547ad6
DL		 251/*
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
255 */
256void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
257{
258 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
259
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
261 wpa_dbg(wpa_s, MSG_DEBUG,
262 "Authentication timeout restart: %d sec", new_sec);
263 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
264 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
265 wpa_s, NULL);
266 }
267}
268
269
6fc6879b
JM		 270/**
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
273 *
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
276 * been completed.
277 */
278void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
279{
f049052b 280 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 281 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
282 wpa_blacklist_del(wpa_s, wpa_s->bssid);
283}
284
285
286/**
287 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
288 * @wpa_s: Pointer to wpa_supplicant data
289 *
290 * This function is used to configure EAPOL state machine based on the selected
291 * authentication mode.
292 */
293void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
294{
295#ifdef IEEE8021X_EAPOL
296 struct eapol_config eapol_conf;
297 struct wpa_ssid *ssid = wpa_s->current_ssid;
298
53895c3b 299#ifdef CONFIG_IBSS_RSN
d7dcba70 300 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 301 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
302 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
303 /*
304 * RSN IBSS authentication is per-STA and we can disable the
305 * per-BSSID EAPOL authentication.
306 */
307 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
308 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
309 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
310 return;
311 }
312#endif /* CONFIG_IBSS_RSN */
313
0a40ec6a
JM		 314 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
315 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
316
6fc6879b
JM		 317 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
318 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 else
321 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
322
323 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
324 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
325 eapol_conf.accept_802_1x_keys = 1;
326 eapol_conf.required_keys = 0;
327 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
328 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
329 }
330 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
331 eapol_conf.required_keys |=
332 EAPOL_REQUIRE_KEY_BROADCAST;
333 }
334
a2a535f8 335 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 336 eapol_conf.required_keys = 0;
6fc6879b 337 }
a2a535f8 338 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 339 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 340 eapol_conf.eap_disabled =
341 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 342 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
343 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 344 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 345
346#ifdef CONFIG_WPS
347 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
348 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
349 if (wpa_s->current_bss) {
350 struct wpabuf *ie;
351 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
352 WPS_IE_VENDOR_TYPE);
353 if (ie) {
354 if (wps_is_20(ie))
355 eapol_conf.wps |=
356 EAPOL_PEER_IS_WPS20_AP;
357 wpabuf_free(ie);
358 }
359 }
360 }
361#endif /* CONFIG_WPS */
362
6fc6879b 363 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 364
ad51731a
SD		 365#ifdef CONFIG_MACSEC
366 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
367 ieee802_1x_create_preshared_mka(wpa_s, ssid);
368 else
369 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
370#endif /* CONFIG_MACSEC */
cd3153a9 371#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 372}
373
374
375/**
376 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
377 * @wpa_s: Pointer to wpa_supplicant data
378 * @ssid: Configuration data for the network
379 *
380 * This function is used to configure WPA state machine and related parameters
381 * to a mode where WPA is not enabled. This is called as part of the
382 * authentication configuration when the selected network does not use WPA.
383 */
384void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
385 struct wpa_ssid *ssid)
386{
387 int i;
388
ad08c363
JM		 389 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
390 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
391 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 392 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
393 else
394 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
395 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
396 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
397 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
398 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
399 wpa_s->group_cipher = WPA_CIPHER_NONE;
400 wpa_s->mgmt_group_cipher = 0;
401
402 for (i = 0; i < NUM_WEP_KEYS; i++) {
403 if (ssid->wep_key_len[i] > 5) {
404 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
405 wpa_s->group_cipher = WPA_CIPHER_WEP104;
406 break;
407 } else if (ssid->wep_key_len[i] > 0) {
408 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
409 wpa_s->group_cipher = WPA_CIPHER_WEP40;
410 break;
411 }
412 }
413
414 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
415 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
416 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
417 wpa_s->pairwise_cipher);
418 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
419#ifdef CONFIG_IEEE80211W
420 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
421 wpa_s->mgmt_group_cipher);
422#endif /* CONFIG_IEEE80211W */
423
424 pmksa_cache_clear_current(wpa_s->wpa);
425}
426
427
6979582c 428void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 429{
430 int i;
431 if (wpa_s->hw.modes == NULL)
432 return;
433
434 for (i = 0; i < wpa_s->hw.num_modes; i++) {
435 os_free(wpa_s->hw.modes[i].channels);
436 os_free(wpa_s->hw.modes[i].rates);
437 }
438
439 os_free(wpa_s->hw.modes);
440 wpa_s->hw.modes = NULL;
441}
442
443
dd599908
AS		 444static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
445{
446 struct wpa_bss_tmp_disallowed *bss, *prev;
447
448 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
449 struct wpa_bss_tmp_disallowed, list) {
b04854ce 450 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 451 dl_list_del(&bss->list);
452 os_free(bss);
453 }
454}
455
456
5732b770
JM		 457void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
458{
459 struct fils_hlp_req *req;
460
461 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
462 list)) != NULL) {
463 dl_list_del(&req->list);
464 wpabuf_free(req->pkt);
465 os_free(req);
466 }
467}
468
469
6fc6879b
JM		 470static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
471{
86bd36f0
JM		 472 int i;
473
60b94c98 474 bgscan_deinit(wpa_s);
7c865c68 475 autoscan_deinit(wpa_s);
6fc6879b
JM		 476 scard_deinit(wpa_s->scard);
477 wpa_s->scard = NULL;
478 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
479 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
480 l2_packet_deinit(wpa_s->l2);
481 wpa_s->l2 = NULL;
482 if (wpa_s->l2_br) {
483 l2_packet_deinit(wpa_s->l2_br);
484 wpa_s->l2_br = NULL;
485 }
4a6cc862
JM		 486#ifdef CONFIG_TESTING_OPTIONS
487 l2_packet_deinit(wpa_s->l2_test);
488 wpa_s->l2_test = NULL;
c06fca04
JM		 489 os_free(wpa_s->get_pref_freq_list_override);
490 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 491 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
492 wpa_s->last_assoc_req_wpa_ie = NULL;
4a6cc862 493#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 494
6fc6879b 495 if (wpa_s->conf != NULL) {
8e56d189
JM		 496 struct wpa_ssid *ssid;
497 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
498 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 499 }
500
501 os_free(wpa_s->confname);
502 wpa_s->confname = NULL;
503
e6304cad
DS		 504 os_free(wpa_s->confanother);
505 wpa_s->confanother = NULL;
506
6fc6879b
JM		 507 wpa_sm_set_eapol(wpa_s->wpa, NULL);
508 eapol_sm_deinit(wpa_s->eapol);
509 wpa_s->eapol = NULL;
510
511 rsn_preauth_deinit(wpa_s->wpa);
512
281ff0aa
GP		 513#ifdef CONFIG_TDLS
514 wpa_tdls_deinit(wpa_s->wpa);
515#endif /* CONFIG_TDLS */
516
8c42b369 517 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 518 pmksa_candidate_free(wpa_s->wpa);
519 wpa_sm_deinit(wpa_s->wpa);
520 wpa_s->wpa = NULL;
521 wpa_blacklist_clear(wpa_s);
522
83922c2d 523 wpa_bss_deinit(wpa_s);
6fc6879b 524
831770bf 525 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 526 wpa_supplicant_cancel_scan(wpa_s);
527 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 528 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
529#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
530 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
531 wpa_s, NULL);
532#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 533
9bd566a3
AS		 534 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
535
116654ce 536 wpas_wps_deinit(wpa_s);
11ef8d35 537
1ff73338
JM		 538 wpabuf_free(wpa_s->pending_eapol_rx);
539 wpa_s->pending_eapol_rx = NULL;
540
11ef8d35
JM		 541#ifdef CONFIG_IBSS_RSN
542 ibss_rsn_deinit(wpa_s->ibss_rsn);
543 wpa_s->ibss_rsn = NULL;
544#endif /* CONFIG_IBSS_RSN */
c2a04078 545
e29853bb 546 sme_deinit(wpa_s);
2d5b792d
JM		 547
548#ifdef CONFIG_AP
549 wpa_supplicant_ap_deinit(wpa_s);
550#endif /* CONFIG_AP */
b22128ef 551
b22128ef 552 wpas_p2p_deinit(wpa_s);
f47d639d 553
24f6497c
JM		 554#ifdef CONFIG_OFFCHANNEL
555 offchannel_deinit(wpa_s);
556#endif /* CONFIG_OFFCHANNEL */
557
a4cba8f1
LC		 558 wpa_supplicant_cancel_sched_scan(wpa_s);
559
f47d639d
JM		 560 os_free(wpa_s->next_scan_freqs);
561 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 562
563 os_free(wpa_s->manual_scan_freqs);
564 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 565 os_free(wpa_s->select_network_scan_freqs);
566 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 567
d3c9c35f
DS		 568 os_free(wpa_s->manual_sched_scan_freqs);
569 wpa_s->manual_sched_scan_freqs = NULL;
570
56c76fa5
IP		 571 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
572
57e832de
IP		 573 /*
574 * Need to remove any pending gas-query radio work before the
575 * gas_query_deinit() call because gas_query::work has not yet been set
576 * for works that have not been started. gas_query_free() will be unable
577 * to cancel such pending radio works and once the pending gas-query
578 * radio work eventually gets removed, the deinit notification call to
579 * gas_query_start_cb() would result in dereferencing freed memory.
580 */
581 if (wpa_s->radio)
582 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 583 gas_query_deinit(wpa_s->gas);
584 wpa_s->gas = NULL;
461d39af
JM		 585 gas_server_deinit(wpa_s->gas_server);
586 wpa_s->gas_server = NULL;
6bf731e8
CL		 587
588 free_hw_features(wpa_s);
d445a5cd 589
dd10abcc
HW		 590 ieee802_1x_dealloc_kay_sm(wpa_s);
591
d445a5cd
JM		 592 os_free(wpa_s->bssid_filter);
593 wpa_s->bssid_filter = NULL;
b6668734 594
6407f413
JM		 595 os_free(wpa_s->disallow_aps_bssid);
596 wpa_s->disallow_aps_bssid = NULL;
597 os_free(wpa_s->disallow_aps_ssid);
598 wpa_s->disallow_aps_ssid = NULL;
599
b6668734 600 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 601#ifdef CONFIG_WNM
602 wnm_deallocate_memory(wpa_s);
603#endif /* CONFIG_WNM */
306ae225
JM		 604
605 ext_password_deinit(wpa_s->ext_pw);
606 wpa_s->ext_pw = NULL;
b1f12296
JM		 607
608 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 609 wpa_s->last_gas_resp = NULL;
610 wpabuf_free(wpa_s->prev_gas_resp);
611 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 612
613 os_free(wpa_s->last_scan_res);
614 wpa_s->last_scan_res = NULL;
b572df86
JM		 615
616#ifdef CONFIG_HS20
ece4ac5f
MG		 617 if (wpa_s->drv_priv)
618 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 619 hs20_deinit(wpa_s);
b572df86 620#endif /* CONFIG_HS20 */
86bd36f0
JM		 621
622 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
623 wpabuf_free(wpa_s->vendor_elem[i]);
624 wpa_s->vendor_elem[i] = NULL;
625 }
3882a708
JM		 626
627 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 628
629 wpa_s->sched_scan_plans_num = 0;
630 os_free(wpa_s->sched_scan_plans);
631 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 632
633#ifdef CONFIG_MBO
634 wpa_s->non_pref_chan_num = 0;
635 os_free(wpa_s->non_pref_chan);
636 wpa_s->non_pref_chan = NULL;
637#endif /* CONFIG_MBO */
dd599908
AS		 638
639 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 640
641 wpabuf_free(wpa_s->lci);
642 wpa_s->lci = NULL;
76196ddb 643 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 644
645#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
646#ifdef CONFIG_MESH
647 {
648 struct external_pmksa_cache *entry;
649
650 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
651 struct external_pmksa_cache,
652 list)) != NULL) {
653 dl_list_del(&entry->list);
654 os_free(entry->pmksa_cache);
655 os_free(entry);
656 }
657 }
658#endif /* CONFIG_MESH */
659#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 660
661 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 662
663 wpabuf_free(wpa_s->ric_ies);
664 wpa_s->ric_ies = NULL;
be27e185
JM		 665
666#ifdef CONFIG_DPP
667 wpas_dpp_deinit(wpa_s);
668#endif /* CONFIG_DPP */
6fc6879b
JM		 669}
670
671
672/**
673 * wpa_clear_keys - Clear keys configured for the driver
674 * @wpa_s: Pointer to wpa_supplicant data
675 * @addr: Previously used BSSID or %NULL if not available
676 *
677 * This function clears the encryption keys that has been previously configured
678 * for the driver.
679 */
680void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
681{
2f30cac3 682 int i, max;
6fc6879b 683
0e27f655 684#ifdef CONFIG_IEEE80211W
2f30cac3
JM		 685 max = 6;
686#else /* CONFIG_IEEE80211W */
687 max = 4;
0e27f655 688#endif /* CONFIG_IEEE80211W */
2f30cac3
JM		 689
690 /* MLME-DELETEKEYS.request */
691 for (i = 0; i < max; i++) {
692 if (wpa_s->keys_cleared & BIT(i))
693 continue;
694 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
695 NULL, 0);
696 }
697 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
698 !is_zero_ether_addr(addr)) {
6fc6879b
JM		 699 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
700 0);
701 /* MLME-SETPROTECTION.request(None) */
702 wpa_drv_mlme_setprotection(
703 wpa_s, addr,
704 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
705 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
706 }
2f30cac3 707 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 708}
709
710
711/**
712 * wpa_supplicant_state_txt - Get the connection state name as a text string
713 * @state: State (wpa_state; WPA_*)
714 * Returns: The state name as a printable text string
715 */
71934751 716const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 717{
718 switch (state) {
719 case WPA_DISCONNECTED:
720 return "DISCONNECTED";
721 case WPA_INACTIVE:
722 return "INACTIVE";
8401a6b0
JM		 723 case WPA_INTERFACE_DISABLED:
724 return "INTERFACE_DISABLED";
6fc6879b
JM		 725 case WPA_SCANNING:
726 return "SCANNING";
c2a04078
JM		 727 case WPA_AUTHENTICATING:
728 return "AUTHENTICATING";
6fc6879b
JM		 729 case WPA_ASSOCIATING:
730 return "ASSOCIATING";
731 case WPA_ASSOCIATED:
732 return "ASSOCIATED";
733 case WPA_4WAY_HANDSHAKE:
734 return "4WAY_HANDSHAKE";
735 case WPA_GROUP_HANDSHAKE:
736 return "GROUP_HANDSHAKE";
737 case WPA_COMPLETED:
738 return "COMPLETED";
739 default:
740 return "UNKNOWN";
741 }
742}
743
744
cfe53c9a
PS		 745#ifdef CONFIG_BGSCAN
746
747static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
748{
31392709
HD		 749 const char *name;
750
751 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
752 name = wpa_s->current_ssid->bgscan;
753 else
754 name = wpa_s->conf->bgscan;
268043d5 755 if (name == NULL || name[0] == '\0')
31392709 756 return;
0096c427
JM		 757 if (wpas_driver_bss_selection(wpa_s))
758 return;
cfe53c9a
PS		 759 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
760 return;
aa109830
DS		 761#ifdef CONFIG_P2P
762 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
763 return;
764#endif /* CONFIG_P2P */
cfe53c9a
PS		 765
766 bgscan_deinit(wpa_s);
31392709
HD		 767 if (wpa_s->current_ssid) {
768 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 769 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
770 "bgscan");
771 /*
772 * Live without bgscan; it is only used as a roaming
773 * optimization, so the initial connection is not
774 * affected.
775 */
6409b7a7
YD		 776 } else {
777 struct wpa_scan_results *scan_res;
cfe53c9a 778 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 779 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
780 0);
781 if (scan_res) {
782 bgscan_notify_scan(wpa_s, scan_res);
783 wpa_scan_results_free(scan_res);
784 }
785 }
cfe53c9a
PS		 786 } else
787 wpa_s->bgscan_ssid = NULL;
788}
789
790
791static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
792{
793 if (wpa_s->bgscan_ssid != NULL) {
794 bgscan_deinit(wpa_s);
795 wpa_s->bgscan_ssid = NULL;
796 }
797}
798
799#endif /* CONFIG_BGSCAN */
800
801
7c865c68
TB		 802static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
803{
99218999 804 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 805 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
806}
807
808
809static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
810{
811 autoscan_deinit(wpa_s);
812}
813
814
c3d12238
JM		 815void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
816{
817 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
818 wpa_s->wpa_state == WPA_SCANNING) {
819 autoscan_deinit(wpa_s);
820 wpa_supplicant_start_autoscan(wpa_s);
821 }
822}
823
824
6fc6879b
JM		 825/**
826 * wpa_supplicant_set_state - Set current connection state
827 * @wpa_s: Pointer to wpa_supplicant data
828 * @state: The new connection state
829 *
830 * This function is called whenever the connection state changes, e.g.,
831 * association is completed for WPA/WPA2 4-Way Handshake is started.
832 */
71934751
JM		 833void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
834 enum wpa_states state)
6fc6879b 835{
27f43d8d
MH		 836 enum wpa_states old_state = wpa_s->wpa_state;
837
f049052b
BG		 838 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
839 wpa_supplicant_state_txt(wpa_s->wpa_state),
840 wpa_supplicant_state_txt(state));
6fc6879b 841
5ddd07cb
AS		 842 if (state == WPA_INTERFACE_DISABLED) {
843 /* Assure normal scan when interface is restored */
844 wpa_s->normal_scans = 0;
845 }
846
0cf24fda 847 if (state == WPA_COMPLETED) {
6ac4b15e 848 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 849 /* Reinitialize normal_scan counter */
850 wpa_s->normal_scans = 0;
851 }
6ac4b15e 852
07c1e987
MS		 853#ifdef CONFIG_P2P
854 /*
855 * P2PS client has to reply to Probe Request frames received on the
856 * group operating channel. Enable Probe Request frame reporting for
857 * P2P connected client in case p2p_cli_probe configuration property is
858 * set to 1.
859 */
860 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
861 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
862 wpa_s->current_ssid->p2p_group) {
863 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
864 wpa_dbg(wpa_s, MSG_DEBUG,
865 "P2P: Enable CLI Probe Request RX reporting");
866 wpa_s->p2p_cli_probe =
867 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
868 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
869 wpa_dbg(wpa_s, MSG_DEBUG,
870 "P2P: Disable CLI Probe Request RX reporting");
871 wpa_s->p2p_cli_probe = 0;
872 wpa_drv_probe_req_report(wpa_s, 0);
873 }
874 }
875#endif /* CONFIG_P2P */
876
cb8564b1
DW		 877 if (state != WPA_SCANNING)
878 wpa_supplicant_notify_scanning(wpa_s, 0);
879
6fc6879b 880 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 881 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 882 int fils_hlp_sent = 0;
883
884#ifdef CONFIG_SME
885 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
886 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
887 fils_hlp_sent = 1;
888#endif /* CONFIG_SME */
889 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
890 wpa_auth_alg_fils(wpa_s->auth_alg))
891 fils_hlp_sent = 1;
892
7d37a357 893#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 894 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 895 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 896 MAC2STR(wpa_s->bssid),
6fc6879b 897 ssid ? ssid->id : -1,
da6a28ba
VK		 898 ssid && ssid->id_str ? ssid->id_str : "",
899 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 900#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 901 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 902 wpa_blacklist_clear(wpa_s);
f1a52633 903 wpa_s->extra_blacklist_count = 0;
6fc6879b 904 wpa_s->new_connection = 0;
6fc6879b 905 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 906#ifndef IEEE8021X_EAPOL
907 wpa_drv_set_supp_port(wpa_s, 1);
908#endif /* IEEE8021X_EAPOL */
17a4734d 909 wpa_s->after_wps = 0;
4d9fb08d 910 wpa_s->known_wps_freq = 0;
b22128ef 911 wpas_p2p_completed(wpa_s);
c3701c66
RM		 912
913 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 914
915#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
916 if (!fils_hlp_sent && ssid && ssid->eap.erp)
917 wpas_update_fils_connect_params(wpa_s);
918#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 919 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
920 state == WPA_ASSOCIATED) {
921 wpa_s->new_connection = 1;
922 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 923#ifndef IEEE8021X_EAPOL
924 wpa_drv_set_supp_port(wpa_s, 0);
925#endif /* IEEE8021X_EAPOL */
c3701c66 926 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 927 }
928 wpa_s->wpa_state = state;
27f43d8d 929
cfe53c9a
PS		 930#ifdef CONFIG_BGSCAN
931 if (state == WPA_COMPLETED)
932 wpa_supplicant_start_bgscan(wpa_s);
37271232 933 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 934 wpa_supplicant_stop_bgscan(wpa_s);
935#endif /* CONFIG_BGSCAN */
936
7c865c68
TB		 937 if (state == WPA_AUTHENTICATING)
938 wpa_supplicant_stop_autoscan(wpa_s);
939
940 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
941 wpa_supplicant_start_autoscan(wpa_s);
942
fecc2bb5
EP		 943 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
944 wmm_ac_notify_disassoc(wpa_s);
945
5bbf9f10 946 if (wpa_s->wpa_state != old_state) {
27f43d8d 947 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 948
e3bd6e9d
IP		 949 /*
950 * Notify the P2P Device interface about a state change in one
951 * of the interfaces.
952 */
953 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 954
5bbf9f10
PS		 955 if (wpa_s->wpa_state == WPA_COMPLETED ||
956 old_state == WPA_COMPLETED)
957 wpas_notify_auth_changed(wpa_s);
958 }
6fc6879b
JM		 959}
960
961
1a1bf008
JM		 962void wpa_supplicant_terminate_proc(struct wpa_global *global)
963{
964 int pending = 0;
965#ifdef CONFIG_WPS
966 struct wpa_supplicant *wpa_s = global->ifaces;
967 while (wpa_s) {
ab41595f 968 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 969 if (wpas_wps_terminate_pending(wpa_s) == 1)
970 pending = 1;
20625e97
JM		 971#ifdef CONFIG_P2P
972 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
973 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
974 wpas_p2p_disconnect(wpa_s);
975#endif /* CONFIG_P2P */
ab41595f 976 wpa_s = next;
1a1bf008
JM		 977 }
978#endif /* CONFIG_WPS */
979 if (pending)
980 return;
981 eloop_terminate();
982}
983
984
0456ea16 985static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 986{
0456ea16 987 struct wpa_global *global = signal_ctx;
1a1bf008 988 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 989}
990
991
b22128ef 992void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 993{
71934751 994 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 995
6fc6879b
JM		 996 wpa_s->pairwise_cipher = 0;
997 wpa_s->group_cipher = 0;
998 wpa_s->mgmt_group_cipher = 0;
999 wpa_s->key_mgmt = 0;
8401a6b0 1000 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1001 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1002
1003 if (wpa_s->wpa_state != old_state)
1004 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1005}
1006
1007
1008/**
1009 * wpa_supplicant_reload_configuration - Reload configuration data
1010 * @wpa_s: Pointer to wpa_supplicant data
1011 * Returns: 0 on success or -1 if configuration parsing failed
1012 *
1013 * This function can be used to request that the configuration data is reloaded
1014 * (e.g., after configuration file change). This function is reloading
1015 * configuration only for one interface, so this may need to be called multiple
1016 * times if %wpa_supplicant is controlling multiple interfaces and all
1017 * interfaces need reconfiguration.
1018 */
1019int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1020{
1021 struct wpa_config *conf;
1022 int reconf_ctrl;
8bac466b
JM		 1023 int old_ap_scan;
1024
6fc6879b
JM		 1025 if (wpa_s->confname == NULL)
1026 return -1;
e6304cad 1027 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1028 if (conf == NULL) {
1029 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1030 "file '%s' - exiting", wpa_s->confname);
1031 return -1;
1032 }
3bd35b68
JM		 1033 if (wpa_s->confanother &&
1034 !wpa_config_read(wpa_s->confanother, conf)) {
1035 wpa_msg(wpa_s, MSG_ERROR,
1036 "Failed to parse the configuration file '%s' - exiting",
1037 wpa_s->confanother);
1038 return -1;
1039 }
e6304cad 1040
611aea7d 1041 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1042
1043 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1044 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1045 os_strcmp(conf->ctrl_interface,
1046 wpa_s->conf->ctrl_interface) != 0);
1047
1048 if (reconf_ctrl && wpa_s->ctrl_iface) {
1049 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1050 wpa_s->ctrl_iface = NULL;
1051 }
1052
1053 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1054 if (wpa_s->current_ssid) {
e66bcedd
JM		 1055 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1056 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1057 wpa_supplicant_deauthenticate(wpa_s,
1058 WLAN_REASON_DEAUTH_LEAVING);
1059 }
8bac466b 1060
6fc6879b
JM		 1061 /*
1062 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1063 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1064 */
a1ea1b45 1065 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1066 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1067 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1068 /*
1069 * Clear forced success to clear EAP state for next
1070 * authentication.
1071 */
1072 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1073 }
1074 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1075 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1076 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1077 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1078 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1079
1080 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1081 wpa_config_free(wpa_s->conf);
1082 wpa_s->conf = conf;
8bac466b
JM		 1083 if (old_ap_scan != wpa_s->conf->ap_scan)
1084 wpas_notify_ap_scan_changed(wpa_s);
1085
6fc6879b
JM		 1086 if (reconf_ctrl)
1087 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1088
611aea7d
JM		 1089 wpa_supplicant_update_config(wpa_s);
1090
6fc6879b 1091 wpa_supplicant_clear_status(wpa_s);
349493bd 1092 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1093 wpa_s->reassociate = 1;
1094 wpa_supplicant_req_scan(wpa_s, 0, 0);
1095 }
f049052b 1096 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1097 return 0;
1098}
1099
1100
0456ea16 1101static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1102{
0456ea16 1103 struct wpa_global *global = signal_ctx;
6fc6879b 1104 struct wpa_supplicant *wpa_s;
6fc6879b 1105 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1106 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1107 sig);
6fc6879b 1108 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1109 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1110 }
1111 }
1248e584
LR		 1112
1113 if (wpa_debug_reopen_file() < 0) {
1114 /* Ignore errors since we cannot really do much to fix this */
1115 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1116 }
6fc6879b
JM		 1117}
1118
1119
6fc6879b
JM		 1120static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1121 struct wpa_ssid *ssid,
1122 struct wpa_ie_data *ie)
1123{
1124 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1125 if (ret) {
1126 if (ret == -2) {
1127 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1128 "from association info");
1129 }
1130 return -1;
1131 }
1132
f049052b
BG		 1133 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1134 "cipher suites");
6fc6879b
JM		 1135 if (!(ie->group_cipher & ssid->group_cipher)) {
1136 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1137 "cipher 0x%x (mask 0x%x) - reject",
1138 ie->group_cipher, ssid->group_cipher);
1139 return -1;
1140 }
1141 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1142 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1143 "cipher 0x%x (mask 0x%x) - reject",
1144 ie->pairwise_cipher, ssid->pairwise_cipher);
1145 return -1;
1146 }
1147 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1148 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1149 "management 0x%x (mask 0x%x) - reject",
1150 ie->key_mgmt, ssid->key_mgmt);
1151 return -1;
1152 }
1153
1154#ifdef CONFIG_IEEE80211W
0b60b0aa 1155 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1156 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1157 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1158 "that does not support management frame protection - "
1159 "reject");
1160 return -1;
1161 }
1162#endif /* CONFIG_IEEE80211W */
1163
1164 return 0;
1165}
1166
1167
1168/**
1169 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1170 * @wpa_s: Pointer to wpa_supplicant data
1171 * @bss: Scan results for the selected BSS, or %NULL if not available
1172 * @ssid: Configuration data for the selected network
1173 * @wpa_ie: Buffer for the WPA/RSN IE
1174 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1175 * used buffer length in case the functions returns success.
1176 * Returns: 0 on success or -1 on failure
1177 *
1178 * This function is used to configure authentication and encryption parameters
1179 * based on the network configuration and scan result for the selected BSS (if
1180 * available).
1181 */
1182int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1183 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1184 u8 *wpa_ie, size_t *wpa_ie_len)
1185{
1186 struct wpa_ie_data ie;
1187 int sel, proto;
df0f01d9 1188 const u8 *bss_wpa, *bss_rsn, *bss_osen;
6fc6879b
JM		 1189
1190 if (bss) {
6fa81a3b
JM		 1191 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1192 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
df0f01d9 1193 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
6fc6879b 1194 } else
df0f01d9 1195 bss_wpa = bss_rsn = bss_osen = NULL;
6fc6879b
JM		 1196
1197 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1198 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1199 (ie.group_cipher & ssid->group_cipher) &&
1200 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1201 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1202 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1203 proto = WPA_PROTO_RSN;
1204 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1205 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1206 (ie.group_cipher & ssid->group_cipher) &&
1207 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1208 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1209 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1210 proto = WPA_PROTO_WPA;
df0f01d9
JM		 1211#ifdef CONFIG_HS20
1212 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1213 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1214 /* TODO: parse OSEN element */
137ff332 1215 os_memset(&ie, 0, sizeof(ie));
df0f01d9
JM		 1216 ie.group_cipher = WPA_CIPHER_CCMP;
1217 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1218 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1219 proto = WPA_PROTO_OSEN;
1220#endif /* CONFIG_HS20 */
6fc6879b
JM		 1221 } else if (bss) {
1222 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1223 wpa_dbg(wpa_s, MSG_DEBUG,
1224 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1225 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1226 ssid->key_mgmt);
1227 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1228 MAC2STR(bss->bssid),
1229 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1230 bss_wpa ? " WPA" : "",
1231 bss_rsn ? " RSN" : "",
1232 bss_osen ? " OSEN" : "");
1233 if (bss_rsn) {
1234 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1235 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1236 wpa_dbg(wpa_s, MSG_DEBUG,
1237 "Could not parse RSN element");
1238 } else {
1239 wpa_dbg(wpa_s, MSG_DEBUG,
1240 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1241 ie.pairwise_cipher, ie.group_cipher,
1242 ie.key_mgmt);
1243 }
1244 }
1245 if (bss_wpa) {
1246 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1247 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1248 wpa_dbg(wpa_s, MSG_DEBUG,
1249 "Could not parse WPA element");
1250 } else {
1251 wpa_dbg(wpa_s, MSG_DEBUG,
1252 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1253 ie.pairwise_cipher, ie.group_cipher,
1254 ie.key_mgmt);
1255 }
1256 }
6fc6879b
JM		 1257 return -1;
1258 } else {
df0f01d9
JM		 1259 if (ssid->proto & WPA_PROTO_OSEN)
1260 proto = WPA_PROTO_OSEN;
1261 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1262 proto = WPA_PROTO_RSN;
1263 else
1264 proto = WPA_PROTO_WPA;
1265 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1266 os_memset(&ie, 0, sizeof(ie));
1267 ie.group_cipher = ssid->group_cipher;
1268 ie.pairwise_cipher = ssid->pairwise_cipher;
1269 ie.key_mgmt = ssid->key_mgmt;
1270#ifdef CONFIG_IEEE80211W
61a56c14
JM		 1271 ie.mgmt_group_cipher = 0;
1272 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1273 if (ssid->group_mgmt_cipher &
1274 WPA_CIPHER_BIP_GMAC_256)
1275 ie.mgmt_group_cipher =
1276 WPA_CIPHER_BIP_GMAC_256;
1277 else if (ssid->group_mgmt_cipher &
1278 WPA_CIPHER_BIP_CMAC_256)
1279 ie.mgmt_group_cipher =
1280 WPA_CIPHER_BIP_CMAC_256;
1281 else if (ssid->group_mgmt_cipher &
1282 WPA_CIPHER_BIP_GMAC_128)
1283 ie.mgmt_group_cipher =
1284 WPA_CIPHER_BIP_GMAC_128;
1285 else
1286 ie.mgmt_group_cipher =
1287 WPA_CIPHER_AES_128_CMAC;
1288 }
6fc6879b 1289#endif /* CONFIG_IEEE80211W */
c1790a5f
JM		 1290#ifdef CONFIG_OWE
1291 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1292 !ssid->owe_only &&
1293 !bss_wpa && !bss_rsn && !bss_osen) {
1294 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1295 wpa_s->wpa_proto = 0;
9f8d459d 1296 *wpa_ie_len = 0;
c1790a5f
JM		 1297 return 0;
1298 }
1299#endif /* CONFIG_OWE */
f049052b
BG		 1300 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1301 "based on configuration");
6fc6879b
JM		 1302 } else
1303 proto = ie.proto;
1304 }
1305
f049052b
BG		 1306 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1307 "pairwise %d key_mgmt %d proto %d",
1308 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1309#ifdef CONFIG_IEEE80211W
1310 if (ssid->ieee80211w) {
f049052b
BG		 1311 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1312 ie.mgmt_group_cipher);
6fc6879b
JM		 1313 }
1314#endif /* CONFIG_IEEE80211W */
1315
64fa840a 1316 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1317 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1318 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1319 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1320
1321 if (bss || !wpa_s->ap_ies_from_associnfo) {
1322 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1323 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1324 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1325 bss_rsn ? 2 + bss_rsn[1] : 0))
1326 return -1;
1327 }
1328
9e68742e
JM		 1329#ifdef CONFIG_NO_WPA
1330 wpa_s->group_cipher = WPA_CIPHER_NONE;
1331 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1332#else /* CONFIG_NO_WPA */
6fc6879b 1333 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1334 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1335 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1336 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1337 "cipher");
6fc6879b
JM		 1338 return -1;
1339 }
edbd2a19
JM		 1340 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1341 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1342
1343 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1344 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1345 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1346 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1347 "cipher");
6fc6879b
JM		 1348 return -1;
1349 }
edbd2a19
JM		 1350 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1351 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1352#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1353
1354 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1355#ifdef CONFIG_SAE
1356 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1357 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1358#endif /* CONFIG_SAE */
6fc6879b 1359 if (0) {
5e3b5197
JM		 1360#ifdef CONFIG_SUITEB192
1361 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1362 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1363 wpa_dbg(wpa_s, MSG_DEBUG,
1364 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1365#endif /* CONFIG_SUITEB192 */
1366#ifdef CONFIG_SUITEB
666497c8
JM		 1367 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1368 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1369 wpa_dbg(wpa_s, MSG_DEBUG,
1370 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1371#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1372#ifdef CONFIG_FILS
1373#ifdef CONFIG_IEEE80211R
1374 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1375 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1376 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1377 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1378 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1379 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1380#endif /* CONFIG_IEEE80211R */
1381 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1382 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1383 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1384 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1385 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1386 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1387#endif /* CONFIG_FILS */
6fc6879b
JM		 1388#ifdef CONFIG_IEEE80211R
1389 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1390 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1391 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
6fc6879b
JM		 1392 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1393 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1394 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1395#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1396#ifdef CONFIG_SAE
1397 } else if (sel & WPA_KEY_MGMT_SAE) {
1398 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1399 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1400 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1401 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1402 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1403#endif /* CONFIG_SAE */
56586197
JM		 1404#ifdef CONFIG_IEEE80211W
1405 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1406 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1407 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1408 "WPA: using KEY_MGMT 802.1X with SHA256");
1409 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1410 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1411 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1412 "WPA: using KEY_MGMT PSK with SHA256");
1413#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1414 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1415 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1416 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1417 } else if (sel & WPA_KEY_MGMT_PSK) {
1418 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1419 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1420 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1421 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1422 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1423#ifdef CONFIG_HS20
1424 } else if (sel & WPA_KEY_MGMT_OSEN) {
1425 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1426 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1427#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1428#ifdef CONFIG_OWE
1429 } else if (sel & WPA_KEY_MGMT_OWE) {
1430 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1431 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1432#endif /* CONFIG_OWE */
567da5bb
JM		 1433#ifdef CONFIG_DPP
1434 } else if (sel & WPA_KEY_MGMT_DPP) {
1435 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1436 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1437#endif /* CONFIG_DPP */
6fc6879b 1438 } else {
f049052b
BG		 1439 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1440 "authenticated key management type");
6fc6879b
JM		 1441 return -1;
1442 }
1443
1444 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1445 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1446 wpa_s->pairwise_cipher);
1447 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1448
1449#ifdef CONFIG_IEEE80211W
1450 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1451 if (ssid->group_mgmt_cipher)
1452 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1453 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1454 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1455 sel = 0;
1456 if (sel & WPA_CIPHER_AES_128_CMAC) {
1457 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1458 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1459 "AES-128-CMAC");
8dd9f9cd
JM		 1460 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1461 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1462 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1463 "BIP-GMAC-128");
1464 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1465 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1466 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1467 "BIP-GMAC-256");
1468 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1469 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1470 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1471 "BIP-CMAC-256");
6fc6879b
JM		 1472 } else {
1473 wpa_s->mgmt_group_cipher = 0;
f049052b 1474 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1475 }
1476 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1477 wpa_s->mgmt_group_cipher);
62d49803 1478 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1479 wpas_get_ssid_pmf(wpa_s, ssid));
6fc6879b
JM		 1480#endif /* CONFIG_IEEE80211W */
1481
1482 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1483 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1484 return -1;
1485 }
1486
0bf927a0 1487 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1488 int psk_set = 0;
06b1a104 1489 int sae_only;
a52410c2 1490
06b1a104
JM		 1491 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1492 WPA_KEY_MGMT_FT_PSK |
1493 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1494
1495 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1496 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1497 ssid->psk, PMK_LEN);
70c93963
MH		 1498 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1499 NULL);
a52410c2
JM		 1500 psk_set = 1;
1501 }
a34ca59e 1502
06b1a104
JM		 1503 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1504 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1505 psk_set = 1;
1506
7d232e23
ZC		 1507#ifndef CONFIG_NO_PBKDF2
1508 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1509 ssid->passphrase && !sae_only) {
7d232e23 1510 u8 psk[PMK_LEN];
986de33d
JM		 1511 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1512 4096, psk, PMK_LEN);
7d232e23
ZC		 1513 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1514 psk, PMK_LEN);
70c93963 1515 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1516 psk_set = 1;
e886c88e 1517 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1518 }
1519#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1520#ifdef CONFIG_EXT_PASSWORD
06b1a104 1521 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1522 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1523 ssid->ext_psk);
1524 char pw_str[64 + 1];
1525 u8 psk[PMK_LEN];
1526
1527 if (pw == NULL) {
1528 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1529 "found from external storage");
1530 return -1;
1531 }
1532
1533 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1534 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1535 "PSK length %d in external storage",
1536 (int) wpabuf_len(pw));
1537 ext_password_free(pw);
1538 return -1;
1539 }
1540
1541 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1542 pw_str[wpabuf_len(pw)] = '\0';
1543
1544#ifndef CONFIG_NO_PBKDF2
1545 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1546 {
986de33d
JM		 1547 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1548 4096, psk, PMK_LEN);
9173b16f
JM		 1549 os_memset(pw_str, 0, sizeof(pw_str));
1550 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1551 "external passphrase)",
1552 psk, PMK_LEN);
70c93963
MH		 1553 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1554 NULL);
a52410c2 1555 psk_set = 1;
e886c88e 1556 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1557 } else
1558#endif /* CONFIG_NO_PBKDF2 */
1559 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1560 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1561 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1562 "Invalid PSK hex string");
1563 os_memset(pw_str, 0, sizeof(pw_str));
1564 ext_password_free(pw);
1565 return -1;
1566 }
66dbc8d9
JM		 1567 wpa_hexdump_key(MSG_MSGDUMP,
1568 "PSK (from external PSK)",
1569 psk, PMK_LEN);
70c93963
MH		 1570 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1571 NULL);
a52410c2 1572 psk_set = 1;
e886c88e 1573 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1574 } else {
1575 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1576 "PSK available");
1577 os_memset(pw_str, 0, sizeof(pw_str));
1578 ext_password_free(pw);
1579 return -1;
1580 }
1581
1582 os_memset(pw_str, 0, sizeof(pw_str));
1583 ext_password_free(pw);
1584 }
1585#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1586
1587 if (!psk_set) {
1588 wpa_msg(wpa_s, MSG_INFO,
1589 "No PSK available for association");
06b1a104 1590 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1591 return -1;
1592 }
675112df
JM		 1593#ifdef CONFIG_OWE
1594 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1595 /* OWE Diffie-Hellman exchange in (Re)Association
1596 * Request/Response frames set the PMK, so do not override it
1597 * here. */
1598#endif /* CONFIG_OWE */
7d232e23 1599 } else
6fc6879b
JM		 1600 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1601
1602 return 0;
1603}
1604
1605
8cd6b7bc 1606static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1607{
8cd6b7bc 1608 *pos = 0x00;
03e47c9c 1609
8cd6b7bc
JB		 1610 switch (idx) {
1611 case 0: /* Bits 0-7 */
1612 break;
1613 case 1: /* Bits 8-15 */
1614 break;
1615 case 2: /* Bits 16-23 */
1616#ifdef CONFIG_WNM
1617 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1618 *pos |= 0x08; /* Bit 19 - BSS Transition */
1619#endif /* CONFIG_WNM */
1620 break;
1621 case 3: /* Bits 24-31 */
1622#ifdef CONFIG_WNM
1623 *pos |= 0x02; /* Bit 25 - SSID List */
1624#endif /* CONFIG_WNM */
03e47c9c 1625#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1626 if (wpa_s->conf->interworking)
1627 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1628#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1629 break;
1630 case 4: /* Bits 32-39 */
56f5af48 1631#ifdef CONFIG_INTERWORKING
429dd9af
JM		 1632 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1633 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1634#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1635 break;
1636 case 5: /* Bits 40-47 */
95a3ea94
JM		 1637#ifdef CONFIG_HS20
1638 if (wpa_s->conf->hs20)
1639 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1640#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1641#ifdef CONFIG_MBO
1642 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1643#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1644 break;
1645 case 6: /* Bits 48-55 */
1646 break;
d1723c55
LD		 1647 case 7: /* Bits 56-63 */
1648 break;
1649 case 8: /* Bits 64-71 */
1650 if (wpa_s->conf->ftm_responder)
1651 *pos |= 0x40; /* Bit 70 - FTM responder */
1652 if (wpa_s->conf->ftm_initiator)
1653 *pos |= 0x80; /* Bit 71 - FTM initiator */
1654 break;
e4d2ce1b
JM		 1655 case 9: /* Bits 72-79 */
1656#ifdef CONFIG_FILS
d98038bb 1657 if (!wpa_s->disable_fils)
1658 *pos |= 0x01;
e4d2ce1b
JM		 1659#endif /* CONFIG_FILS */
1660 break;
8cd6b7bc
JB		 1661 }
1662}
03e47c9c 1663
03e47c9c 1664
0bbaa9b9 1665int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1666{
1667 u8 *pos = buf;
e4d2ce1b 1668 u8 len = 10, i;
8cd6b7bc
JB		 1669
1670 if (len < wpa_s->extended_capa_len)
1671 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1672 if (buflen < (size_t) len + 2) {
1673 wpa_printf(MSG_INFO,
1674 "Not enough room for building extended capabilities element");
1675 return -1;
1676 }
03e47c9c
JM		 1677
1678 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1679 *pos++ = len;
1680 for (i = 0; i < len; i++, pos++) {
1681 wpas_ext_capab_byte(wpa_s, pos, i);
1682
1683 if (i < wpa_s->extended_capa_len) {
1684 *pos &= ~wpa_s->extended_capa_mask[i];
1685 *pos |= wpa_s->extended_capa[i];
1686 }
1687 }
03e47c9c 1688
3db5439a
JM		 1689 while (len > 0 && buf[1 + len] == 0) {
1690 len--;
1691 buf[1] = len;
1692 }
1693 if (len == 0)
1694 return 0;
1695
1696 return 2 + len;
03e47c9c
JM		 1697}
1698
1699
6ac4b15e
JM		 1700static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1701 struct wpa_bss *test_bss)
1702{
1703 struct wpa_bss *bss;
1704
1705 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1706 if (bss == test_bss)
1707 return 1;
1708 }
1709
1710 return 0;
1711}
1712
1713
1714static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1715 struct wpa_ssid *test_ssid)
1716{
1717 struct wpa_ssid *ssid;
1718
1719 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1720 if (ssid == test_ssid)
1721 return 1;
1722 }
1723
1724 return 0;
1725}
1726
1727
1728int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1729 struct wpa_ssid *test_ssid)
1730{
1731 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1732 return 0;
1733
1734 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1735}
1736
1737
1738void wpas_connect_work_free(struct wpa_connect_work *cwork)
1739{
1740 if (cwork == NULL)
1741 return;
1742 os_free(cwork);
1743}
1744
1745
1746void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1747{
1748 struct wpa_connect_work *cwork;
1749 struct wpa_radio_work *work = wpa_s->connect_work;
1750
1751 if (!work)
1752 return;
1753
1754 wpa_s->connect_work = NULL;
1755 cwork = work->ctx;
1756 work->ctx = NULL;
1757 wpas_connect_work_free(cwork);
1758 radio_work_done(work);
1759}
1760
1761
a313d17d 1762int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1763{
1764 struct os_reltime now;
1765 u8 addr[ETH_ALEN];
1766
1767 os_get_reltime(&now);
a313d17d
JM		 1768 if (wpa_s->last_mac_addr_style == style &&
1769 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1770 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1771 wpa_s->conf->rand_addr_lifetime)) {
1772 wpa_msg(wpa_s, MSG_DEBUG,
1773 "Previously selected random MAC address has not yet expired");
1774 return 0;
1775 }
1776
a313d17d
JM		 1777 switch (style) {
1778 case 1:
1779 if (random_mac_addr(addr) < 0)
1780 return -1;
1781 break;
1782 case 2:
1783 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1784 if (random_mac_addr_keep_oui(addr) < 0)
1785 return -1;
1786 break;
1787 default:
c267753b 1788 return -1;
a313d17d 1789 }
c267753b
JM		 1790
1791 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1792 wpa_msg(wpa_s, MSG_INFO,
1793 "Failed to set random MAC address");
1794 return -1;
1795 }
1796
1797 os_get_reltime(&wpa_s->last_mac_addr_change);
1798 wpa_s->mac_addr_changed = 1;
a313d17d 1799 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1800
1801 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1802 wpa_msg(wpa_s, MSG_INFO,
1803 "Could not update MAC address information");
1804 return -1;
1805 }
1806
1807 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1808 MAC2STR(addr));
1809
1810 return 0;
1811}
1812
1813
1814int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1815{
1816 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1817 !wpa_s->conf->preassoc_mac_addr)
1818 return 0;
1819
a313d17d 1820 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1821}
1822
1823
6ac4b15e
JM		 1824static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1825
6fc6879b
JM		 1826/**
1827 * wpa_supplicant_associate - Request association
1828 * @wpa_s: Pointer to wpa_supplicant data
1829 * @bss: Scan results for the selected BSS, or %NULL if not available
1830 * @ssid: Configuration data for the selected network
1831 *
1832 * This function is used to request %wpa_supplicant to associate with a BSS.
1833 */
1834void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1835 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1836{
6ac4b15e 1837 struct wpa_connect_work *cwork;
a313d17d
JM		 1838 int rand_style;
1839
a8412ec9
JM		 1840 wpa_s->own_disconnect_req = 0;
1841
e7160bd8
JM		 1842 /*
1843 * If we are starting a new connection, any previously pending EAPOL
1844 * RX cannot be valid anymore.
1845 */
1846 wpabuf_free(wpa_s->pending_eapol_rx);
1847 wpa_s->pending_eapol_rx = NULL;
1848
a313d17d
JM		 1849 if (ssid->mac_addr == -1)
1850 rand_style = wpa_s->conf->mac_addr;
1851 else
1852 rand_style = ssid->mac_addr;
6fc6879b 1853
8c42b369
EP		 1854 wmm_ac_clear_saved_tspecs(wpa_s);
1855 wpa_s->reassoc_same_bss = 0;
6a5ee810 1856 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 1857#ifdef CONFIG_TESTING_OPTIONS
1858 wpa_s->testing_resend_assoc = 0;
1859#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 1860
c267753b
JM		 1861 if (wpa_s->last_ssid == ssid) {
1862 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 1863 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 1864 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1865 wmm_ac_save_tspecs(wpa_s);
1866 wpa_s->reassoc_same_bss = 1;
1867 }
5d30f927
BR		 1868 }
1869
1870 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 1871 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 1872 return;
1873 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 1874 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 1875 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1876 wpa_msg(wpa_s, MSG_INFO,
1877 "Could not restore permanent MAC address");
1878 return;
1879 }
1880 wpa_s->mac_addr_changed = 0;
1881 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1882 wpa_msg(wpa_s, MSG_INFO,
1883 "Could not update MAC address information");
1884 return;
1885 }
1886 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1887 }
1888 wpa_s->last_ssid = ssid;
1889
78177a00
JM		 1890#ifdef CONFIG_IBSS_RSN
1891 ibss_rsn_deinit(wpa_s->ibss_rsn);
1892 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 1893#else /* CONFIG_IBSS_RSN */
1894 if (ssid->mode == WPAS_MODE_IBSS &&
1895 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1896 wpa_msg(wpa_s, MSG_INFO,
1897 "IBSS RSN not supported in the build");
1898 return;
1899 }
78177a00
JM		 1900#endif /* CONFIG_IBSS_RSN */
1901
2c5d725c
JM		 1902 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1903 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1904#ifdef CONFIG_AP
1905 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1906 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1907 "mode");
1581b38b
JM		 1908 return;
1909 }
8c981d17
DW		 1910 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1911 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 1912 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1913 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 1914 return;
1915 }
8f770587 1916 wpa_s->current_bss = bss;
1581b38b 1917#else /* CONFIG_AP */
f049052b
BG		 1918 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1919 "the build");
1581b38b
JM		 1920#endif /* CONFIG_AP */
1921 return;
1922 }
1923
603a3f34
JL		 1924 if (ssid->mode == WPAS_MODE_MESH) {
1925#ifdef CONFIG_MESH
1926 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1927 wpa_msg(wpa_s, MSG_INFO,
1928 "Driver does not support mesh mode");
1929 return;
1930 }
1931 if (bss)
1932 ssid->frequency = bss->freq;
1933 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1934 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1935 return;
1936 }
1937 wpa_s->current_bss = bss;
6174de66
JM		 1938 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1939 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1940 ssid->id);
89e9cd25 1941 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 1942#else /* CONFIG_MESH */
1943 wpa_msg(wpa_s, MSG_ERROR,
1944 "mesh mode support not included in the build");
1945#endif /* CONFIG_MESH */
1946 return;
1947 }
1948
2efc6720
JM		 1949 /*
1950 * Set WPA state machine configuration to match the selected network now
1951 * so that the information is available before wpas_start_assoc_cb()
1952 * gets called. This is needed at least for RSN pre-authentication where
1953 * candidate APs are added to a list based on scan result processing
1954 * before completion of the first association.
1955 */
1956 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
1957
a0d5c56f
JM		 1958#ifdef CONFIG_DPP
1959 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
1960 return;
1961#endif /* CONFIG_DPP */
1962
52c9e6f3 1963#ifdef CONFIG_TDLS
95cb2d88
JM		 1964 if (bss)
1965 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1966 bss->ie_len);
52c9e6f3
JM		 1967#endif /* CONFIG_TDLS */
1968
5cc4d64b
JM		 1969 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1970 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1971 sme_authenticate(wpa_s, bss, ssid);
1972 return;
1973 }
1974
6ac4b15e
JM		 1975 if (wpa_s->connect_work) {
1976 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1977 return;
1978 }
1979
f0e30c84
JM		 1980 if (radio_work_pending(wpa_s, "connect")) {
1981 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1982 return;
1983 }
1984
a1836de6
JM		 1985#ifdef CONFIG_SME
1986 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
1987 /* Clear possibly set auth_alg, if any, from last attempt. */
1988 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
1989 }
1990#endif /* CONFIG_SME */
1991
4ead7cfd
KV		 1992 wpas_abort_ongoing_scan(wpa_s);
1993
6ac4b15e
JM		 1994 cwork = os_zalloc(sizeof(*cwork));
1995 if (cwork == NULL)
1996 return;
1997
1998 cwork->bss = bss;
1999 cwork->ssid = ssid;
2000
2001 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2002 wpas_start_assoc_cb, cwork) < 0) {
2003 os_free(cwork);
2004 }
2005}
2006
2007
98479dc9
JD		 2008static int bss_is_ibss(struct wpa_bss *bss)
2009{
2010 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2011 IEEE80211_CAP_IBSS;
2012}
2013
2014
a65efbfb
PO		 2015static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2016 const struct wpa_ssid *ssid)
2017{
2018 enum hostapd_hw_mode hw_mode;
2019 struct hostapd_hw_modes *mode = NULL;
2020 u8 channel;
2021 int i;
2022
a65efbfb
PO		 2023 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2024 if (hw_mode == NUM_HOSTAPD_MODES)
2025 return 0;
2026 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2027 if (wpa_s->hw.modes[i].mode == hw_mode) {
2028 mode = &wpa_s->hw.modes[i];
2029 break;
2030 }
2031 }
2032
2033 if (!mode)
2034 return 0;
2035
2036 return mode->vht_capab != 0;
2037}
2038
2039
54fe48b9
JM		 2040void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2041 const struct wpa_ssid *ssid,
2042 struct hostapd_freq_params *freq)
1830817e
JD		 2043{
2044 enum hostapd_hw_mode hw_mode;
2045 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2046 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2047 184, 192 };
563ee183 2048 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2049 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2050 u8 channel;
98479dc9 2051 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2052 unsigned int j, k;
563ee183 2053 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2054 int chwidth, seg0, seg1;
2055 u32 vht_caps = 0;
1830817e
JD		 2056
2057 freq->freq = ssid->frequency;
2058
98479dc9
JD		 2059 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2060 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2061
2062 if (ssid->mode != WPAS_MODE_IBSS)
2063 break;
2064
2065 /* Don't adjust control freq in case of fixed_freq */
2066 if (ssid->fixed_freq)
2067 break;
2068
2069 if (!bss_is_ibss(bss))
2070 continue;
2071
2072 if (ssid->ssid_len == bss->ssid_len &&
2073 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2074 wpa_printf(MSG_DEBUG,
2075 "IBSS already found in scan results, adjust control freq: %d",
2076 bss->freq);
2077 freq->freq = bss->freq;
2078 obss_scan = 0;
2079 break;
2080 }
2081 }
2082
1830817e
JD		 2083 /* For IBSS check HT_IBSS flag */
2084 if (ssid->mode == WPAS_MODE_IBSS &&
2085 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2086 return;
2087
d9a9bc04
JD		 2088 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2089 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2090 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2091 wpa_printf(MSG_DEBUG,
2092 "IBSS: WEP/TKIP detected, do not try to enable HT");
2093 return;
2094 }
2095
98479dc9 2096 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2097 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2098 if (wpa_s->hw.modes[i].mode == hw_mode) {
2099 mode = &wpa_s->hw.modes[i];
2100 break;
2101 }
2102 }
2103
2104 if (!mode)
2105 return;
2106
3388e7b9
MH		 2107#ifdef CONFIG_HT_OVERRIDES
2108 if (ssid->disable_ht) {
2109 freq->ht_enabled = 0;
2110 return;
2111 }
2112#endif /* CONFIG_HT_OVERRIDES */
2113
1830817e 2114 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2115 if (!freq->ht_enabled)
2116 return;
2117
2118 /* Setup higher BW only for 5 GHz */
2119 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2120 return;
2121
2122 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2123 pri_chan = &mode->channels[chan_idx];
2124 if (pri_chan->chan == channel)
2125 break;
2126 pri_chan = NULL;
2127 }
2128 if (!pri_chan)
2129 return;
2130
2131 /* Check primary channel flags */
2132 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2133 return;
2134
05aed438
MH		 2135#ifdef CONFIG_HT_OVERRIDES
2136 if (ssid->disable_ht40)
2137 return;
2138#endif /* CONFIG_HT_OVERRIDES */
2139
6b8b0774
JD		 2140 /* Check/setup HT40+/HT40- */
2141 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2142 if (ht40plus[j] == channel) {
2143 ht40 = 1;
2144 break;
2145 }
2146 }
2147
2148 /* Find secondary channel */
2149 for (i = 0; i < mode->num_channels; i++) {
2150 sec_chan = &mode->channels[i];
2151 if (sec_chan->chan == channel + ht40 * 4)
2152 break;
2153 sec_chan = NULL;
2154 }
2155 if (!sec_chan)
2156 return;
2157
2158 /* Check secondary channel flags */
2159 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2160 return;
2161
2162 freq->channel = pri_chan->chan;
2163
ecba4509 2164 if (ht40 == -1) {
6b8b0774
JD		 2165 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2166 return;
ecba4509 2167 } else {
6b8b0774
JD		 2168 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2169 return;
6b8b0774 2170 }
ecba4509 2171 freq->sec_channel_offset = ht40;
6b8b0774 2172
ecba4509 2173 if (obss_scan) {
6b8b0774
JD		 2174 struct wpa_scan_results *scan_res;
2175
2176 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2177 if (scan_res == NULL) {
2178 /* Back to HT20 */
2179 freq->sec_channel_offset = 0;
2180 return;
2181 }
2182
2183 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2184 sec_chan->chan);
2185 switch (res) {
2186 case 0:
2187 /* Back to HT20 */
2188 freq->sec_channel_offset = 0;
2189 break;
2190 case 1:
2191 /* Configuration allowed */
2192 break;
2193 case 2:
2194 /* Switch pri/sec channels */
2195 freq->freq = hw_get_freq(mode, sec_chan->chan);
2196 freq->sec_channel_offset = -freq->sec_channel_offset;
2197 freq->channel = sec_chan->chan;
2198 break;
2199 default:
2200 freq->sec_channel_offset = 0;
2201 break;
2202 }
2203
2204 wpa_scan_results_free(scan_res);
2205 }
2206
2207 wpa_printf(MSG_DEBUG,
2208 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2209 freq->channel, freq->sec_channel_offset);
563ee183 2210
a65efbfb 2211 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2212 return;
2213
2214 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2215 if (ssid->mode == WPAS_MODE_IBSS &&
2216 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2217 return;
2218
2219 vht_freq = *freq;
2220
b301f54e
JM		 2221#ifdef CONFIG_VHT_OVERRIDES
2222 if (ssid->disable_vht) {
2223 freq->vht_enabled = 0;
2224 return;
2225 }
2226#endif /* CONFIG_VHT_OVERRIDES */
2227
563ee183
JD		 2228 vht_freq.vht_enabled = vht_supported(mode);
2229 if (!vht_freq.vht_enabled)
2230 return;
2231
2232 /* setup center_freq1, bandwidth */
2233 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2234 if (freq->channel >= vht80[j] &&
2235 freq->channel < vht80[j] + 16)
2236 break;
2237 }
2238
2239 if (j == ARRAY_SIZE(vht80))
2240 return;
2241
2242 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2243 struct hostapd_channel_data *chan;
2244
2245 chan = hw_get_channel_chan(mode, i, NULL);
2246 if (!chan)
2247 return;
2248
2249 /* Back to HT configuration if channel not usable */
2250 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2251 return;
2252 }
2253
0f29bc68
AK		 2254 chwidth = VHT_CHANWIDTH_80MHZ;
2255 seg0 = vht80[j] + 6;
2256 seg1 = 0;
2257
2258 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2259 /* setup center_freq2, bandwidth */
2260 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2261 /* Only accept 80 MHz segments separated by a gap */
2262 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2263 continue;
2264 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2265 struct hostapd_channel_data *chan;
2266
2267 chan = hw_get_channel_chan(mode, i, NULL);
2268 if (!chan)
2269 continue;
2270
2271 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2272 HOSTAPD_CHAN_NO_IR |
2273 HOSTAPD_CHAN_RADAR))
2274 continue;
2275
2276 /* Found a suitable second segment for 80+80 */
2277 chwidth = VHT_CHANWIDTH_80P80MHZ;
2278 vht_caps |=
2279 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2280 seg1 = vht80[k] + 6;
2281 }
2282
2283 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2284 break;
2285 }
331f0774
JM		 2286 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2287 if (freq->freq == 5180) {
2288 chwidth = VHT_CHANWIDTH_160MHZ;
2289 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2290 seg0 = 50;
2291 } else if (freq->freq == 5520) {
2292 chwidth = VHT_CHANWIDTH_160MHZ;
2293 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2294 seg0 = 114;
2295 }
0f29bc68
AK		 2296 }
2297
563ee183
JD		 2298 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2299 freq->channel, freq->ht_enabled,
2300 vht_freq.vht_enabled,
2301 freq->sec_channel_offset,
0f29bc68 2302 chwidth, seg0, seg1, vht_caps) != 0)
563ee183
JD		 2303 return;
2304
2305 *freq = vht_freq;
2306
2307 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2308 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2309}
2310
2311
a38090b1
VK		 2312#ifdef CONFIG_FILS
2313static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2314 size_t ie_buf_len)
2315{
2316 struct fils_hlp_req *req;
2317 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2318 const u8 *pos;
2319 u8 *buf = ie_buf;
2320
2321 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2322 list) {
2323 rem_len = ie_buf_len - ie_len;
2324 pos = wpabuf_head(req->pkt);
2325 hdr_len = 1 + 2 * ETH_ALEN + 6;
2326 hlp_len = wpabuf_len(req->pkt);
2327
2328 if (rem_len < 2 + hdr_len + hlp_len) {
2329 wpa_printf(MSG_ERROR,
2330 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2331 (unsigned long) rem_len,
2332 (unsigned long) (2 + hdr_len + hlp_len));
2333 break;
2334 }
2335
2336 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2337 /* Element ID */
2338 *buf++ = WLAN_EID_EXTENSION;
2339 /* Length */
2340 *buf++ = len;
2341 /* Element ID Extension */
2342 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2343 /* Destination MAC address */
2344 os_memcpy(buf, req->dst, ETH_ALEN);
2345 buf += ETH_ALEN;
2346 /* Source MAC address */
2347 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2348 buf += ETH_ALEN;
2349 /* LLC/SNAP Header */
2350 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2351 buf += 6;
2352 /* HLP Packet */
2353 os_memcpy(buf, pos, len - hdr_len);
2354 buf += len - hdr_len;
2355 pos += len - hdr_len;
2356
2357 hlp_len -= len - hdr_len;
2358 ie_len += 2 + len;
2359 rem_len -= 2 + len;
2360
2361 while (hlp_len) {
2362 len = (hlp_len > 255) ? 255 : hlp_len;
2363 if (rem_len < 2 + len)
2364 break;
2365 *buf++ = WLAN_EID_FRAGMENT;
2366 *buf++ = len;
2367 os_memcpy(buf, pos, len);
2368 buf += len;
2369 pos += len;
2370
2371 hlp_len -= len;
2372 ie_len += 2 + len;
2373 rem_len -= 2 + len;
2374 }
2375 }
2376
2377 return ie_len;
2378}
e4802127
MH		 2379
2380
2381int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2382{
2383 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2384 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2385 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2386 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2387}
2388
2389
2390int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2391{
2392#ifdef CONFIG_FILS_SK_PFS
2393 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2394 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2395#else /* CONFIG_FILS_SK_PFS */
2396 return 0;
2397#endif /* CONFIG_FILS_SK_PFS */
2398}
2399
a38090b1
VK		 2400#endif /* CONFIG_FILS */
2401
2402
d2ba0d71
VK		 2403static u8 * wpas_populate_assoc_ies(
2404 struct wpa_supplicant *wpa_s,
2405 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2406 struct wpa_driver_associate_params *params,
2407 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2408{
1e6780bd 2409 u8 *wpa_ie;
10970465 2410 size_t max_wpa_ie_len = 500;
6ac4b15e 2411 size_t wpa_ie_len;
6ac4b15e 2412 int algs = WPA_AUTH_ALG_OPEN;
8b0a6dba
VK		 2413#ifdef CONFIG_FILS
2414 const u8 *realm, *username, *rrk;
2415 size_t realm_len, username_len, rrk_len;
2416 u16 next_seq_num;
b377ec25 2417 struct fils_hlp_req *req;
6fc6879b 2418
b377ec25
VK		 2419 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2420 list) {
2421 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2422 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2423 }
2424#endif /* CONFIG_FILS */
8b0a6dba 2425
1e6780bd
VK		 2426 wpa_ie = os_malloc(max_wpa_ie_len);
2427 if (!wpa_ie) {
2428 wpa_printf(MSG_ERROR,
2429 "Failed to allocate connect IE buffer for %lu bytes",
2430 (unsigned long) max_wpa_ie_len);
d2ba0d71 2431 return NULL;
1e6780bd
VK		 2432 }
2433
6fa81a3b
JM		 2434 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2435 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2436 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2437 int try_opportunistic;
79f3121b
VK		 2438 const u8 *cache_id = NULL;
2439
6e202021
JM		 2440 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2441 wpa_s->conf->okc :
2442 ssid->proactive_key_caching) &&
6fc6879b 2443 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2444#ifdef CONFIG_FILS
2445 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2446 cache_id = wpa_bss_get_fils_cache_id(bss);
2447#endif /* CONFIG_FILS */
6fc6879b 2448 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2449 ssid, try_opportunistic,
852b2f27 2450 cache_id, 0) == 0)
ba422613 2451 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
1e6780bd 2452 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2453 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2454 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2455 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2456 "key management and encryption suites");
1e6780bd 2457 os_free(wpa_ie);
d2ba0d71 2458 return NULL;
6fc6879b 2459 }
a3f7e518
JM		 2460 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2461 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2462 /*
2463 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2464 * use non-WPA since the scan results did not indicate that the
2465 * AP is using WPA or WPA2.
2466 */
2467 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2468 wpa_ie_len = 0;
2469 wpa_s->wpa_proto = 0;
0bf927a0 2470 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2471 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2472 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2473 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2474 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2475 "key management and encryption suites (no "
2476 "scan results)");
1e6780bd 2477 os_free(wpa_ie);
d2ba0d71 2478 return NULL;
6fc6879b 2479 }
ad08c363
JM		 2480#ifdef CONFIG_WPS
2481 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2482 struct wpabuf *wps_ie;
2483 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2484 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2485 wpa_ie_len = wpabuf_len(wps_ie);
2486 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2487 } else
2488 wpa_ie_len = 0;
ad08c363
JM		 2489 wpabuf_free(wps_ie);
2490 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2491 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2492 params->wps = WPS_MODE_PRIVACY;
0c80427d 2493 else
d2ba0d71 2494 params->wps = WPS_MODE_OPEN;
cf546f1a 2495 wpa_s->wpa_proto = 0;
ad08c363 2496#endif /* CONFIG_WPS */
6fc6879b
JM		 2497 } else {
2498 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2499 wpa_ie_len = 0;
cf546f1a 2500 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2501 }
2502
b377ec25
VK		 2503#ifdef IEEE8021X_EAPOL
2504 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2505 if (ssid->leap) {
2506 if (ssid->non_leap == 0)
2507 algs = WPA_AUTH_ALG_LEAP;
2508 else
2509 algs |= WPA_AUTH_ALG_LEAP;
2510 }
2511 }
2512
2513#ifdef CONFIG_FILS
2514 /* Clear FILS association */
2515 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2516
2517 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2518 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2519 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2520 &username_len, &realm, &realm_len,
2521 &next_seq_num, &rrk, &rrk_len) == 0) {
2522 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2523 params->fils_erp_username = username;
2524 params->fils_erp_username_len = username_len;
2525 params->fils_erp_realm = realm;
2526 params->fils_erp_realm_len = realm_len;
2527 params->fils_erp_next_seq_num = next_seq_num;
2528 params->fils_erp_rrk = rrk;
2529 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2530
2531 if (mask)
2532 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2533 }
2534#endif /* CONFIG_FILS */
2535#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2536#ifdef CONFIG_SAE
2537 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2538 algs = WPA_AUTH_ALG_SAE;
2539#endif /* CONFIG_SAE */
b377ec25
VK		 2540
2541 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2542 if (ssid->auth_alg) {
2543 algs = ssid->auth_alg;
2544 wpa_dbg(wpa_s, MSG_DEBUG,
2545 "Overriding auth_alg selection: 0x%x", algs);
2546 }
2547
5f3a6aa0
JM		 2548#ifdef CONFIG_P2P
2549 if (wpa_s->global->p2p) {
2550 u8 *pos;
2551 size_t len;
2552 int res;
5f3a6aa0 2553 pos = wpa_ie + wpa_ie_len;
1e6780bd 2554 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2555 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2556 ssid->p2p_group);
5f3a6aa0
JM		 2557 if (res >= 0)
2558 wpa_ie_len += res;
2559 }
72044390
JM		 2560
2561 wpa_s->cross_connect_disallowed = 0;
2562 if (bss) {
2563 struct wpabuf *p2p;
2564 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2565 if (p2p) {
2566 wpa_s->cross_connect_disallowed =
2567 p2p_get_cross_connect_disallowed(p2p);
2568 wpabuf_free(p2p);
f049052b
BG		 2569 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2570 "connection",
2571 wpa_s->cross_connect_disallowed ?
2572 "disallows" : "allows");
72044390
JM		 2573 }
2574 }
25ef8529
JM		 2575
2576 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2577#endif /* CONFIG_P2P */
2578
5e57ba25 2579 if (bss) {
065c029a 2580 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2581 wpa_ie + wpa_ie_len,
1e6780bd 2582 max_wpa_ie_len -
065c029a 2583 wpa_ie_len);
5e57ba25 2584 }
5e57ba25 2585
8b3b803a
AH		 2586 /*
2587 * Workaround: Add Extended Capabilities element only if the AP
2588 * included this element in Beacon/Probe Response frames. Some older
2589 * APs seem to have interoperability issues if this element is
2590 * included, so while the standard may require us to include the
2591 * element in all cases, it is justifiable to skip it to avoid
2592 * interoperability issues.
2593 */
cc9a2575
KV		 2594 if (ssid->p2p_group)
2595 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2596 else
2597 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2598
8b3b803a 2599 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2600 u8 ext_capab[18];
8b3b803a 2601 int ext_capab_len;
0bbaa9b9
JM		 2602 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2603 sizeof(ext_capab));
2c66c7d1
AA		 2604 if (ext_capab_len > 0 &&
2605 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2606 u8 *pos = wpa_ie;
2607 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2608 pos += 2 + pos[1];
2609 os_memmove(pos + ext_capab_len, pos,
2610 wpa_ie_len - (pos - wpa_ie));
2611 wpa_ie_len += ext_capab_len;
2612 os_memcpy(pos, ext_capab, ext_capab_len);
2613 }
92cbcf91 2614 }
92cbcf91 2615
c484b198
AS		 2616#ifdef CONFIG_HS20
2617 if (is_hs20_network(wpa_s, ssid, bss)) {
2618 struct wpabuf *hs20;
2619
2620 hs20 = wpabuf_alloc(20);
2621 if (hs20) {
2622 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2623 size_t len;
2624
2625 wpas_hs20_add_indication(hs20, pps_mo_id);
1e6780bd 2626 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2627 if (wpabuf_len(hs20) <= len) {
2628 os_memcpy(wpa_ie + wpa_ie_len,
2629 wpabuf_head(hs20), wpabuf_len(hs20));
2630 wpa_ie_len += wpabuf_len(hs20);
2631 }
2632 wpabuf_free(hs20);
ece4ac5f
MG		 2633
2634 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2635 }
2636 }
2637#endif /* CONFIG_HS20 */
2638
d29fa3a7
JM		 2639 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2640 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2641 size_t len;
2642
1e6780bd 2643 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2644 if (wpabuf_len(buf) <= len) {
2645 os_memcpy(wpa_ie + wpa_ie_len,
2646 wpabuf_head(buf), wpabuf_len(buf));
2647 wpa_ie_len += wpabuf_len(buf);
2648 }
2649 }
2650
b36a3a65
AN		 2651#ifdef CONFIG_FST
2652 if (wpa_s->fst_ies) {
2653 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2654
1e6780bd 2655 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2656 os_memcpy(wpa_ie + wpa_ie_len,
2657 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2658 wpa_ie_len += fst_ies_len;
2659 }
2660 }
2661#endif /* CONFIG_FST */
2662
92c6e2e3 2663#ifdef CONFIG_MBO
065c029a 2664 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
5e57ba25 2665 int len;
92c6e2e3 2666
5e57ba25 2667 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
1e6780bd 2668 max_wpa_ie_len - wpa_ie_len);
5e57ba25
AS		 2669 if (len >= 0)
2670 wpa_ie_len += len;
92c6e2e3
DS		 2671 }
2672#endif /* CONFIG_MBO */
2673
a38090b1
VK		 2674#ifdef CONFIG_FILS
2675 if (algs == WPA_AUTH_ALG_FILS) {
2676 size_t len;
2677
2678 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2679 max_wpa_ie_len - wpa_ie_len);
2680 wpa_ie_len += len;
2681 }
2682#endif /* CONFIG_FILS */
2683
10970465 2684#ifdef CONFIG_OWE
5f30b69c
JM		 2685#ifdef CONFIG_TESTING_OPTIONS
2686 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2687 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2688 } else
2689#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2690 if (algs == WPA_AUTH_ALG_OPEN &&
2691 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2692 struct wpabuf *owe_ie;
2cb40e9f 2693 u16 group;
10970465 2694
2cb40e9f 2695 if (ssid->owe_group) {
10970465 2696 group = ssid->owe_group;
2cb40e9f
JM		 2697 } else {
2698 if (wpa_s->last_owe_group == 19)
2699 group = 20;
2700 else if (wpa_s->last_owe_group == 20)
2701 group = 21;
2702 else
2703 group = OWE_DH_GROUP;
2704 }
2705 wpa_s->last_owe_group = group;
2706 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 2707 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2708 if (owe_ie &&
2709 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2710 os_memcpy(wpa_ie + wpa_ie_len,
2711 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2712 wpa_ie_len += wpabuf_len(owe_ie);
2713 wpabuf_free(owe_ie);
2714 }
2715 }
2716#endif /* CONFIG_OWE */
2717
d2ba0d71
VK		 2718 params->wpa_ie = wpa_ie;
2719 params->wpa_ie_len = wpa_ie_len;
2720 params->auth_alg = algs;
6338c99e
VK		 2721 if (mask)
2722 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 2723
2724 return wpa_ie;
2725}
2726
2727
6338c99e
VK		 2728#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2729static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
2730{
2731 struct wpa_driver_associate_params params;
2732 enum wpa_drv_update_connect_params_mask mask = 0;
2733 u8 *wpa_ie;
2734
2735 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
2736 return; /* nothing to do */
2737
2738 os_memset(&params, 0, sizeof(params));
2739 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
2740 wpa_s->current_ssid, &params, &mask);
2741 if (!wpa_ie)
2742 return;
2743
2744 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
2745 os_free(wpa_ie);
2746 return;
2747 }
2748
2749 wpa_s->auth_alg = params.auth_alg;
2750 wpa_drv_update_connect_params(wpa_s, &params, mask);
2751 os_free(wpa_ie);
2752}
2753#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2754
2755
d2ba0d71
VK		 2756static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2757{
2758 struct wpa_connect_work *cwork = work->ctx;
2759 struct wpa_bss *bss = cwork->bss;
2760 struct wpa_ssid *ssid = cwork->ssid;
2761 struct wpa_supplicant *wpa_s = work->wpa_s;
2762 u8 *wpa_ie;
2763 int use_crypt, ret, i, bssid_changed;
2764 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
2765 struct wpa_driver_associate_params params;
2766 int wep_keys_set = 0;
2767 int assoc_failed = 0;
2768 struct wpa_ssid *old_ssid;
2769 u8 prev_bssid[ETH_ALEN];
2770#ifdef CONFIG_HT_OVERRIDES
2771 struct ieee80211_ht_capabilities htcaps;
2772 struct ieee80211_ht_capabilities htcaps_mask;
2773#endif /* CONFIG_HT_OVERRIDES */
2774#ifdef CONFIG_VHT_OVERRIDES
2775 struct ieee80211_vht_capabilities vhtcaps;
2776 struct ieee80211_vht_capabilities vhtcaps_mask;
2777#endif /* CONFIG_VHT_OVERRIDES */
2778
2779 if (deinit) {
2780 if (work->started) {
2781 wpa_s->connect_work = NULL;
2782
2783 /* cancel possible auth. timeout */
2784 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2785 NULL);
2786 }
2787 wpas_connect_work_free(cwork);
2788 return;
2789 }
2790
2791 wpa_s->connect_work = work;
2792
2793 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2794 wpas_network_disabled(wpa_s, ssid)) {
2795 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2796 wpas_connect_work_done(wpa_s);
2797 return;
2798 }
2799
2800 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2801 os_memset(&params, 0, sizeof(params));
2802 wpa_s->reassociate = 0;
2803 wpa_s->eap_expected_failure = 0;
2804 if (bss &&
2805 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2806#ifdef CONFIG_IEEE80211R
2807 const u8 *ie, *md = NULL;
2808#endif /* CONFIG_IEEE80211R */
2809 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2810 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2811 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2812 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2813 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2814 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2815 if (bssid_changed)
2816 wpas_notify_bssid_changed(wpa_s);
2817#ifdef CONFIG_IEEE80211R
2818 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2819 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2820 md = ie + 2;
2821 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2822 if (md) {
2823 /* Prepare for the next transition */
2824 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2825 }
2826#endif /* CONFIG_IEEE80211R */
2827#ifdef CONFIG_WPS
2828 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2829 wpa_s->conf->ap_scan == 2 &&
2830 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2831 /* Use ap_scan==1 style network selection to find the network
2832 */
2833 wpas_connect_work_done(wpa_s);
2834 wpa_s->scan_req = MANUAL_SCAN_REQ;
2835 wpa_s->reassociate = 1;
2836 wpa_supplicant_req_scan(wpa_s, 0, 0);
2837 return;
2838#endif /* CONFIG_WPS */
2839 } else {
2840 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2841 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2842 if (bss)
2843 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2844 else
2845 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2846 }
2847 if (!wpa_s->pno)
2848 wpa_supplicant_cancel_sched_scan(wpa_s);
2849
2850 wpa_supplicant_cancel_scan(wpa_s);
2851
2852 /* Starting new association, so clear the possibly used WPA IE from the
2853 * previous association. */
2854 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2855
6338c99e 2856 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 2857 if (!wpa_ie) {
2858 wpas_connect_work_done(wpa_s);
2859 return;
2860 }
2861
6fc6879b
JM		 2862 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2863 use_crypt = 1;
4848a38d
JM		 2864 cipher_pairwise = wpa_s->pairwise_cipher;
2865 cipher_group = wpa_s->group_cipher;
61a56c14 2866 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 2867 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2868 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2869 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2870 use_crypt = 0;
2871 if (wpa_set_wep_keys(wpa_s, ssid)) {
2872 use_crypt = 1;
2873 wep_keys_set = 1;
2874 }
2875 }
ad08c363
JM		 2876 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2877 use_crypt = 0;
6fc6879b
JM		 2878
2879#ifdef IEEE8021X_EAPOL
2880 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2881 if ((ssid->eapol_flags &
2882 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2883 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2884 !wep_keys_set) {
2885 use_crypt = 0;
2886 } else {
2887 /* Assume that dynamic WEP-104 keys will be used and
2888 * set cipher suites in order for drivers to expect
2889 * encryption. */
4848a38d 2890 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 2891 }
2892 }
2893#endif /* IEEE8021X_EAPOL */
2894
2895 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2896 /* Set the key before (and later after) association */
2897 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2898 }
2899
6fc6879b 2900 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 2901 if (bss) {
6fa81a3b
JM		 2902 params.ssid = bss->ssid;
2903 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 2904 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2905 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 2906 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2907 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 2908 "(bssid_set=%d wps=%d)",
f15854d1 2909 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 2910 ssid->bssid_set,
2911 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 2912 params.bssid = bss->bssid;
4ec68377 2913 params.freq.freq = bss->freq;
22628eca 2914 }
7ac7fd43
DS		 2915 params.bssid_hint = bss->bssid;
2916 params.freq_hint = bss->freq;
b9074912 2917 params.pbss = bss_is_pbss(bss);
6fc6879b 2918 } else {
43a356b2
PK		 2919 if (ssid->bssid_hint_set)
2920 params.bssid_hint = ssid->bssid_hint;
2921
6fc6879b
JM		 2922 params.ssid = ssid->ssid;
2923 params.ssid_len = ssid->ssid_len;
90f14962 2924 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 2925 }
9e2af29f
NC		 2926
2927 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2928 wpa_s->conf->ap_scan == 2) {
2929 params.bssid = ssid->bssid;
2930 params.fixed_bssid = 1;
2931 }
2932
603a3f34
JL		 2933 /* Initial frequency for IBSS/mesh */
2934 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 2935 ssid->frequency > 0 && params.freq.freq == 0)
2936 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 2937
8f05577d 2938 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 2939 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 2940 if (ssid->beacon_int)
2941 params.beacon_int = ssid->beacon_int;
2942 else
2943 params.beacon_int = wpa_s->conf->beacon_int;
2944 }
2945
6fc6879b
JM		 2946 params.pairwise_suite = cipher_pairwise;
2947 params.group_suite = cipher_group;
61a56c14 2948 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 2949 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 2950 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 2951 wpa_s->auth_alg = params.auth_alg;
6fc6879b 2952 params.mode = ssid->mode;
1f6c0ab8 2953 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 2954 for (i = 0; i < NUM_WEP_KEYS; i++) {
2955 if (ssid->wep_key_len[i])
2956 params.wep_key[i] = ssid->wep_key[i];
2957 params.wep_key_len[i] = ssid->wep_key_len[i];
2958 }
2959 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2960
c2a04078 2961 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
4848a38d
JM		 2962 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2963 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 2964 params.passphrase = ssid->passphrase;
2965 if (ssid->psk_set)
2966 params.psk = ssid->psk;
b41f2684
CL		 2967 }
2968
2969 if (wpa_s->conf->key_mgmt_offload) {
2970 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 2971 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 2972 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2973 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 2974 params.req_key_mgmt_offload =
2975 ssid->proactive_key_caching < 0 ?
2976 wpa_s->conf->okc : ssid->proactive_key_caching;
2977 else
2978 params.req_key_mgmt_offload = 1;
2979
2980 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2981 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2982 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2983 ssid->psk_set)
2984 params.psk = ssid->psk;
6fc6879b
JM		 2985 }
2986
36b15723
JM		 2987 params.drop_unencrypted = use_crypt;
2988
6fc6879b 2989#ifdef CONFIG_IEEE80211W
3f56a2b7 2990 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 2991 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 2992 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 2993 struct wpa_ie_data ie;
2994 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2995 ie.capabilities &
2996 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 2997 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2998 "MFP: require MFP");
97d3497e
JM		 2999 params.mgmt_frame_protection =
3000 MGMT_FRAME_PROTECTION_REQUIRED;
3001 }
3002 }
6fc6879b
JM		 3003#endif /* CONFIG_IEEE80211W */
3004
ffad8858 3005 params.p2p = ssid->p2p_group;
6e3f4b89 3006
ba307f85
LD		 3007 if (wpa_s->p2pdev->set_sta_uapsd)
3008 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3009 else
3010 params.uapsd = -1;
3011
80e8a5ee
BG		 3012#ifdef CONFIG_HT_OVERRIDES
3013 os_memset(&htcaps, 0, sizeof(htcaps));
3014 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3015 params.htcaps = (u8 *) &htcaps;
3016 params.htcaps_mask = (u8 *) &htcaps_mask;
3017 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3018#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3019#ifdef CONFIG_VHT_OVERRIDES
3020 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3021 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3022 params.vhtcaps = &vhtcaps;
3023 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3024 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3025#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3026
8567866d
JJ		 3027#ifdef CONFIG_P2P
3028 /*
3029 * If multi-channel concurrency is not supported, check for any
3030 * frequency conflict. In case of any frequency conflict, remove the
3031 * least prioritized connection.
3032 */
3033 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3034 int freq, num;
3035 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3036 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3037 wpa_printf(MSG_DEBUG,
3038 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3039 freq, params.freq.freq);
3040 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3041 wpa_s, params.freq.freq, ssid) < 0) {
3042 wpas_connect_work_done(wpa_s);
1e6780bd 3043 os_free(wpa_ie);
8567866d 3044 return;
74656400 3045 }
8567866d
JJ		 3046 }
3047 }
3048#endif /* CONFIG_P2P */
3049
6a5ee810
JM		 3050 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3051 wpa_s->current_ssid)
3052 params.prev_bssid = prev_bssid;
3053
17fbb751 3054 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3055 os_free(wpa_ie);
6fc6879b
JM		 3056 if (ret < 0) {
3057 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3058 "failed");
871f4dd0
JM		 3059 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3060 /*
3061 * The driver is known to mean what is saying, so we
3062 * can stop right here; the association will not
3063 * succeed.
3064 */
3065 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3066 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3067 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3068 return;
3069 }
6fc6879b
JM		 3070 /* try to continue anyway; new association will be tried again
3071 * after timeout */
3072 assoc_failed = 1;
3073 }
3074
3075 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3076 /* Set the key after the association just in case association
3077 * cleared the previously configured key. */
3078 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3079 /* No need to timeout authentication since there is no key
3080 * management. */
3081 wpa_supplicant_cancel_auth_timeout(wpa_s);
3082 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3083#ifdef CONFIG_IBSS_RSN
d7dcba70 3084 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3085 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3086 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3087 /*
3088 * RSN IBSS authentication is per-STA and we can disable the
3089 * per-BSSID authentication.
3090 */
3091 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3092#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3093 } else {
3094 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3095 int timeout = 60;
3096
3097 if (assoc_failed) {
3098 /* give IBSS a bit more time */
d7dcba70 3099 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3100 } else if (wpa_s->conf->ap_scan == 1) {
3101 /* give IBSS a bit more time */
d7dcba70 3102 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3103 }
6fc6879b
JM		 3104 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3105 }
3106
66562e9c
JM		 3107 if (wep_keys_set &&
3108 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3109 /* Set static WEP keys again */
3110 wpa_set_wep_keys(wpa_s, ssid);
3111 }
3112
3113 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3114 /*
3115 * Do not allow EAP session resumption between different
3116 * network configurations.
3117 */
3118 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3119 }
8bac466b 3120 old_ssid = wpa_s->current_ssid;
6fc6879b 3121 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3122
3123 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3124 wpa_s->current_bss = bss;
ece4ac5f
MG		 3125#ifdef CONFIG_HS20
3126 hs20_configure_frame_filters(wpa_s);
3127#endif /* CONFIG_HS20 */
3128 }
3129
6fc6879b
JM		 3130 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3131 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3132 if (old_ssid != wpa_s->current_ssid)
3133 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3134}
3135
3136
09f58c09
JM		 3137static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3138 const u8 *addr)
3139{
3140 struct wpa_ssid *old_ssid;
3141
c155305f 3142 wpas_connect_work_done(wpa_s);
09f58c09 3143 wpa_clear_keys(wpa_s, addr);
09f58c09 3144 old_ssid = wpa_s->current_ssid;
0d30cc24 3145 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3146 wpa_sm_set_config(wpa_s->wpa, NULL);
3147 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3148 if (old_ssid != wpa_s->current_ssid)
3149 wpas_notify_network_changed(wpa_s);
3150 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3151}
3152
3153
6fc6879b
JM		 3154/**
3155 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3156 * @wpa_s: Pointer to wpa_supplicant data
3157 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3158 *
073ab58f 3159 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3160 * current AP.
3161 */
3162void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3163 int reason_code)
3164{
3165 u8 *addr = NULL;
ef48ff94 3166 union wpa_event_data event;
42d23547 3167 int zero_addr = 0;
8bac466b 3168
42d23547
JM		 3169 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3170 " pending_bssid=" MACSTR " reason=%d state=%s",
3171 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3172 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
3173
04e3d815
MK		 3174 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3175 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3176 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3177 addr = wpa_s->pending_bssid;
04e3d815
MK		 3178 else if (!is_zero_ether_addr(wpa_s->bssid))
3179 addr = wpa_s->bssid;
42d23547
JM		 3180 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3181 /*
3182 * When using driver-based BSS selection, we may not know the
3183 * BSSID with which we are currently trying to associate. We
3184 * need to notify the driver of this disconnection even in such
3185 * a case, so use the all zeros address here.
3186 */
6fc6879b 3187 addr = wpa_s->bssid;
42d23547
JM		 3188 zero_addr = 1;
3189 }
3190
7b44ff2c
SD		 3191#ifdef CONFIG_TDLS
3192 wpa_tdls_teardown_peers(wpa_s->wpa);
3193#endif /* CONFIG_TDLS */
3194
603a3f34
JL		 3195#ifdef CONFIG_MESH
3196 if (wpa_s->ifmsh) {
a39b040b
SB		 3197 struct mesh_conf *mconf;
3198
3199 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3200 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3201 wpa_s->ifname);
a39b040b
SB		 3202 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3203 mconf->meshid_len, reason_code);
603a3f34
JL		 3204 wpa_supplicant_leave_mesh(wpa_s);
3205 }
3206#endif /* CONFIG_MESH */
3207
42d23547
JM		 3208 if (addr) {
3209 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 3210 os_memset(&event, 0, sizeof(event));
3211 event.deauth_info.reason_code = (u16) reason_code;
3212 event.deauth_info.locally_generated = 1;
3213 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3214 if (zero_addr)
3215 addr = NULL;
6fc6879b 3216 }
09f58c09
JM		 3217
3218 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3219}
3220
dca1a511
DS		 3221static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3222 struct wpa_ssid *ssid)
3223{
3224 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3225 return;
3226
3227 ssid->disabled = 0;
3228 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3229 wpas_notify_network_enabled_changed(wpa_s, ssid);
3230
3231 /*
3232 * Try to reassociate since there is no current configuration and a new
3233 * network was made available.
3234 */
d2592497 3235 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3236 wpa_s->reassociate = 1;
3237}
3238
6fc6879b 3239
d015bb05
RP		 3240/**
3241 * wpa_supplicant_add_network - Add a new network
3242 * @wpa_s: wpa_supplicant structure for a network interface
3243 * Returns: The new network configuration or %NULL if operation failed
3244 *
3245 * This function performs the following operations:
3246 * 1. Adds a new network.
3247 * 2. Send network addition notification.
3248 * 3. Marks the network disabled.
3249 * 4. Set network default parameters.
3250 */
3251struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3252{
3253 struct wpa_ssid *ssid;
3254
3255 ssid = wpa_config_add_network(wpa_s->conf);
3256 if (!ssid)
3257 return NULL;
3258 wpas_notify_network_added(wpa_s, ssid);
3259 ssid->disabled = 1;
3260 wpa_config_set_network_defaults(ssid);
3261
3262 return ssid;
3263}
3264
3265
3266/**
3267 * wpa_supplicant_remove_network - Remove a configured network based on id
3268 * @wpa_s: wpa_supplicant structure for a network interface
3269 * @id: Unique network id to search for
3270 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3271 * could not be removed
3272 *
3273 * This function performs the following operations:
3274 * 1. Removes the network.
3275 * 2. Send network removal notification.
3276 * 3. Update internal state machines.
3277 * 4. Stop any running sched scans.
3278 */
3279int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3280{
3281 struct wpa_ssid *ssid;
3282 int was_disabled;
3283
3284 ssid = wpa_config_get_network(wpa_s->conf, id);
3285 if (!ssid)
3286 return -1;
3287 wpas_notify_network_removed(wpa_s, ssid);
3288
3289 if (wpa_s->last_ssid == ssid)
3290 wpa_s->last_ssid = NULL;
3291
3292 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3293#ifdef CONFIG_SME
3294 wpa_s->sme.prev_bssid_set = 0;
3295#endif /* CONFIG_SME */
3296 /*
3297 * Invalidate the EAP session cache if the current or
3298 * previously used network is removed.
3299 */
3300 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3301 }
3302
3303 if (ssid == wpa_s->current_ssid) {
3304 wpa_sm_set_config(wpa_s->wpa, NULL);
3305 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3306
3307 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3308 wpa_s->own_disconnect_req = 1;
3309 wpa_supplicant_deauthenticate(wpa_s,
3310 WLAN_REASON_DEAUTH_LEAVING);
3311 }
3312
3313 was_disabled = ssid->disabled;
3314
3315 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3316 return -2;
3317
3318 if (!was_disabled && wpa_s->sched_scanning) {
3319 wpa_printf(MSG_DEBUG,
3320 "Stop ongoing sched_scan to remove network from filters");
3321 wpa_supplicant_cancel_sched_scan(wpa_s);
3322 wpa_supplicant_req_scan(wpa_s, 0, 0);
3323 }
3324
3325 return 0;
3326}
3327
3328
86b89452
WS		 3329/**
3330 * wpa_supplicant_enable_network - Mark a configured network as enabled
3331 * @wpa_s: wpa_supplicant structure for a network interface
3332 * @ssid: wpa_ssid structure for a configured network or %NULL
3333 *
3334 * Enables the specified network or all networks if no network specified.
3335 */
3336void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3337 struct wpa_ssid *ssid)
3338{
86b89452 3339 if (ssid == NULL) {
14f79078
JM		 3340 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3341 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3342 } else
3343 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3344
5a1d9d1a
JM		 3345 if (wpa_s->reassociate && !wpa_s->disconnected &&
3346 (!wpa_s->current_ssid ||
3347 wpa_s->wpa_state == WPA_DISCONNECTED ||
3348 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3349 if (wpa_s->sched_scanning) {
3350 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3351 "new network to scan filters");
3352 wpa_supplicant_cancel_sched_scan(wpa_s);
3353 }
86b89452 3354
35d40309
JM		 3355 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3356 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3357 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3358 }
86b89452
WS		 3359 }
3360}
3361
3362
3363/**
3364 * wpa_supplicant_disable_network - Mark a configured network as disabled
3365 * @wpa_s: wpa_supplicant structure for a network interface
3366 * @ssid: wpa_ssid structure for a configured network or %NULL
3367 *
3368 * Disables the specified network or all networks if no network specified.
3369 */
3370void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3371 struct wpa_ssid *ssid)
3372{
3373 struct wpa_ssid *other_ssid;
3374 int was_disabled;
3375
3376 if (ssid == NULL) {
725fc39e
DS		 3377 if (wpa_s->sched_scanning)
3378 wpa_supplicant_cancel_sched_scan(wpa_s);
3379
4dac0245
JM		 3380 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3381 other_ssid = other_ssid->next) {
86b89452 3382 was_disabled = other_ssid->disabled;
4dac0245
JM		 3383 if (was_disabled == 2)
3384 continue; /* do not change persistent P2P group
3385 * data */
86b89452
WS		 3386
3387 other_ssid->disabled = 1;
3388
3389 if (was_disabled != other_ssid->disabled)
3390 wpas_notify_network_enabled_changed(
3391 wpa_s, other_ssid);
86b89452 3392 }
0661163e
SD		 3393 if (wpa_s->current_ssid) {
3394 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3395 wpa_s->own_disconnect_req = 1;
07783eaa 3396 wpa_supplicant_deauthenticate(
86b89452 3397 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3398 }
4dac0245 3399 } else if (ssid->disabled != 2) {
0661163e
SD		 3400 if (ssid == wpa_s->current_ssid) {
3401 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3402 wpa_s->own_disconnect_req = 1;
07783eaa 3403 wpa_supplicant_deauthenticate(
86b89452 3404 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3405 }
86b89452
WS		 3406
3407 was_disabled = ssid->disabled;
3408
3409 ssid->disabled = 1;
3410
725fc39e 3411 if (was_disabled != ssid->disabled) {
86b89452 3412 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 3413 if (wpa_s->sched_scanning) {
3414 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3415 "to remove network from filters");
3416 wpa_supplicant_cancel_sched_scan(wpa_s);
3417 wpa_supplicant_req_scan(wpa_s, 0, 0);
3418 }
3419 }
86b89452
WS		 3420 }
3421}
3422
3423
3424/**
3425 * wpa_supplicant_select_network - Attempt association with a network
3426 * @wpa_s: wpa_supplicant structure for a network interface
3427 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3428 */
3429void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3430 struct wpa_ssid *ssid)
3431{
3432
3433 struct wpa_ssid *other_ssid;
d93dfbd5 3434 int disconnected = 0;
86b89452 3435
d93dfbd5 3436 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 3437 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3438 wpa_s->own_disconnect_req = 1;
07783eaa 3439 wpa_supplicant_deauthenticate(
86b89452 3440 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 3441 disconnected = 1;
3442 }
86b89452 3443
00e5e3d5
JM		 3444 if (ssid)
3445 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3446
86b89452
WS		 3447 /*
3448 * Mark all other networks disabled or mark all networks enabled if no
3449 * network specified.
3450 */
4dac0245
JM		 3451 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3452 other_ssid = other_ssid->next) {
86b89452 3453 int was_disabled = other_ssid->disabled;
4dac0245
JM		 3454 if (was_disabled == 2)
3455 continue; /* do not change persistent P2P group data */
86b89452
WS		 3456
3457 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 3458 if (was_disabled && !other_ssid->disabled)
3459 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 3460
3461 if (was_disabled != other_ssid->disabled)
3462 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 3463 }
2a6f78fb 3464
d38c7be0
JM		 3465 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3466 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 3467 /* We are already associated with the selected network */
3468 wpa_printf(MSG_DEBUG, "Already associated with the "
3469 "selected network - do nothing");
3470 return;
3471 }
3472
25a8f9e3 3473 if (ssid) {
96efeeb6 3474 wpa_s->current_ssid = ssid;
25a8f9e3 3475 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 3476 wpa_s->connect_without_scan =
3477 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 3478
3479 /*
3480 * Don't optimize next scan freqs since a new ESS has been
3481 * selected.
3482 */
3483 os_free(wpa_s->next_scan_freqs);
3484 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 3485 } else {
3486 wpa_s->connect_without_scan = NULL;
25a8f9e3 3487 }
603a3f34 3488
86b89452
WS		 3489 wpa_s->disconnected = 0;
3490 wpa_s->reassociate = 1;
2cb40e9f 3491 wpa_s->last_owe_group = 0;
cecdddc1 3492
e4a35f07 3493 if (wpa_s->connect_without_scan ||
35d40309
JM		 3494 wpa_supplicant_fast_associate(wpa_s) != 1) {
3495 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 3496 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 3497 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 3498 }
86b89452 3499
a1641d26
JM		 3500 if (ssid)
3501 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 3502}
3503
3504
bdec7ee5
MS		 3505/**
3506 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3507 * @wpa_s: wpa_supplicant structure for a network interface
3508 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3509 * @pkcs11_module_path: PKCS #11 module path or NULL
3510 * Returns: 0 on success; -1 on failure
3511 *
3512 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3513 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3514 * module path fails the paths will be reset to the default value (NULL).
3515 */
3516int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3517 const char *pkcs11_engine_path,
3518 const char *pkcs11_module_path)
3519{
3520 char *pkcs11_engine_path_copy = NULL;
3521 char *pkcs11_module_path_copy = NULL;
3522
3523 if (pkcs11_engine_path != NULL) {
3524 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3525 if (pkcs11_engine_path_copy == NULL)
3526 return -1;
3527 }
3528 if (pkcs11_module_path != NULL) {
3529 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 3530 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 3531 os_free(pkcs11_engine_path_copy);
3532 return -1;
3533 }
3534 }
3535
3536 os_free(wpa_s->conf->pkcs11_engine_path);
3537 os_free(wpa_s->conf->pkcs11_module_path);
3538 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3539 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3540
3541 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3542 eapol_sm_deinit(wpa_s->eapol);
3543 wpa_s->eapol = NULL;
3544 if (wpa_supplicant_init_eapol(wpa_s)) {
3545 /* Error -> Reset paths to the default value (NULL) once. */
3546 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3547 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3548 NULL);
3549
3550 return -1;
3551 }
3552 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3553
3554 return 0;
3555}
3556
3557
86b89452
WS		 3558/**
3559 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3560 * @wpa_s: wpa_supplicant structure for a network interface
3561 * @ap_scan: AP scan mode
3562 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3563 *
3564 */
3565int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3566{
3567
3568 int old_ap_scan;
3569
3570 if (ap_scan < 0 || ap_scan > 2)
3571 return -1;
3572
8406cd35
JM		 3573 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3574 wpa_printf(MSG_INFO,
3575 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3576 }
3577
48f8e036
DS		 3578#ifdef ANDROID
3579 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3580 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3581 wpa_s->wpa_state < WPA_COMPLETED) {
3582 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3583 "associating", wpa_s->conf->ap_scan, ap_scan);
3584 return 0;
3585 }
3586#endif /* ANDROID */
3587
86b89452
WS		 3588 old_ap_scan = wpa_s->conf->ap_scan;
3589 wpa_s->conf->ap_scan = ap_scan;
3590
3591 if (old_ap_scan != wpa_s->conf->ap_scan)
3592 wpas_notify_ap_scan_changed(wpa_s);
3593
3594 return 0;
3595}
3596
3597
78633c37
SL		 3598/**
3599 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3600 * @wpa_s: wpa_supplicant structure for a network interface
3601 * @expire_age: Expiration age in seconds
3602 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3603 *
3604 */
3605int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3606 unsigned int bss_expire_age)
3607{
3608 if (bss_expire_age < 10) {
3609 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3610 bss_expire_age);
3611 return -1;
3612 }
3613 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3614 bss_expire_age);
3615 wpa_s->conf->bss_expiration_age = bss_expire_age;
3616
3617 return 0;
3618}
3619
3620
3621/**
3622 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3623 * @wpa_s: wpa_supplicant structure for a network interface
3624 * @expire_count: number of scans after which an unseen BSS is reclaimed
3625 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3626 *
3627 */
3628int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3629 unsigned int bss_expire_count)
3630{
3631 if (bss_expire_count < 1) {
3632 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3633 bss_expire_count);
3634 return -1;
3635 }
3636 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3637 bss_expire_count);
3638 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3639
3640 return 0;
3641}
3642
3643
c6e86b63
MA		 3644/**
3645 * wpa_supplicant_set_scan_interval - Set scan interval
3646 * @wpa_s: wpa_supplicant structure for a network interface
3647 * @scan_interval: scan interval in seconds
3648 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3649 *
3650 */
3651int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3652 int scan_interval)
3653{
3654 if (scan_interval < 0) {
3655 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3656 scan_interval);
3657 return -1;
3658 }
3659 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3660 scan_interval);
9e737f08 3661 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 3662
3663 return 0;
3664}
3665
3666
86b89452
WS		 3667/**
3668 * wpa_supplicant_set_debug_params - Set global debug params
3669 * @global: wpa_global structure
3670 * @debug_level: debug level
3671 * @debug_timestamp: determines if show timestamp in debug data
3672 * @debug_show_keys: determines if show keys in debug data
3673 * Returns: 0 if succeed or -1 if debug_level has wrong value
3674 */
3675int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3676 int debug_timestamp, int debug_show_keys)
3677{
3678
3679 int old_level, old_timestamp, old_show_keys;
3680
3681 /* check for allowed debuglevels */
14dc0011
PS		 3682 if (debug_level != MSG_EXCESSIVE &&
3683 debug_level != MSG_MSGDUMP &&
86b89452
WS		 3684 debug_level != MSG_DEBUG &&
3685 debug_level != MSG_INFO &&
3686 debug_level != MSG_WARNING &&
3687 debug_level != MSG_ERROR)
3688 return -1;
3689
3690 old_level = wpa_debug_level;
3691 old_timestamp = wpa_debug_timestamp;
3692 old_show_keys = wpa_debug_show_keys;
3693
3694 wpa_debug_level = debug_level;
3695 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3696 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3697
db9133ac
WS		 3698 if (wpa_debug_level != old_level)
3699 wpas_notify_debug_level_changed(global);
3700 if (wpa_debug_timestamp != old_timestamp)
3701 wpas_notify_debug_timestamp_changed(global);
3702 if (wpa_debug_show_keys != old_show_keys)
3703 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 3704
3705 return 0;
3706}
3707
3708
e8b96490
JM		 3709#ifdef CONFIG_OWE
3710static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
3711 const u8 *entry_ssid, size_t entry_ssid_len)
3712{
3713 const u8 *owe, *pos, *end;
3714 u8 ssid_len;
3715 struct wpa_bss *bss;
3716
3717 /* Check network profile SSID aganst the SSID in the
3718 * OWE Transition Mode element. */
3719
3720 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
3721 if (!bss)
3722 return 0;
3723
3724 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
3725 if (!owe)
3726 return 0;
3727
3728 pos = owe + 6;
3729 end = owe + 2 + owe[1];
3730
3731 if (end - pos < ETH_ALEN + 1)
3732 return 0;
3733 pos += ETH_ALEN;
3734 ssid_len = *pos++;
3735 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
3736 return 0;
3737
3738 return entry_ssid_len == ssid_len &&
3739 os_memcmp(pos, entry_ssid, ssid_len) == 0;
3740}
3741#endif /* CONFIG_OWE */
3742
3743
6fc6879b
JM		 3744/**
3745 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3746 * @wpa_s: Pointer to wpa_supplicant data
3747 * Returns: A pointer to the current network structure or %NULL on failure
3748 */
3749struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3750{
3751 struct wpa_ssid *entry;
eaa8eefe 3752 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 3753 int res;
3754 size_t ssid_len;
3755 u8 bssid[ETH_ALEN];
3756 int wired;
3757
17fbb751
JM		 3758 res = wpa_drv_get_ssid(wpa_s, ssid);
3759 if (res < 0) {
3760 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3761 "driver");
3762 return NULL;
6fc6879b 3763 }
17fbb751 3764 ssid_len = res;
6fc6879b 3765
17fbb751 3766 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 3767 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3768 "driver");
6fc6879b
JM		 3769 return NULL;
3770 }
3771
c2a04078
JM		 3772 wired = wpa_s->conf->ap_scan == 0 &&
3773 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 3774
3775 entry = wpa_s->conf->ssid;
3776 while (entry) {
349493bd 3777 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 3778 ((ssid_len == entry->ssid_len &&
3779 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3780 (!entry->bssid_set ||
3781 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3782 return entry;
24c23d1b 3783#ifdef CONFIG_WPS
349493bd 3784 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 3785 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3786 (entry->ssid == NULL || entry->ssid_len == 0) &&
3787 (!entry->bssid_set ||
3788 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3789 return entry;
3790#endif /* CONFIG_WPS */
7d232e23 3791
e8b96490
JM		 3792#ifdef CONFIG_OWE
3793 if (!wpas_network_disabled(wpa_s, entry) &&
3794 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
3795 entry->ssid_len) &&
3796 (!entry->bssid_set ||
3797 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3798 return entry;
3799#endif /* CONFIG_OWE */
3800
349493bd 3801 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 3802 entry->ssid_len == 0 &&
3803 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3804 return entry;
3805
6fc6879b
JM		 3806 entry = entry->next;
3807 }
3808
3809 return NULL;
3810}
3811
3812
7756114f
JM		 3813static int select_driver(struct wpa_supplicant *wpa_s, int i)
3814{
3815 struct wpa_global *global = wpa_s->global;
3816
3817 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 3818 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 3819 if (global->drv_priv[i] == NULL) {
3820 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3821 "'%s'", wpa_drivers[i]->name);
3822 return -1;
3823 }
3824 }
3825
3826 wpa_s->driver = wpa_drivers[i];
3827 wpa_s->global_drv_priv = global->drv_priv[i];
3828
3829 return 0;
3830}
3831
3832
6fc6879b
JM		 3833static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3834 const char *name)
3835{
3836 int i;
362f781e 3837 size_t len;
74b1c84a 3838 const char *pos, *driver = name;
6fc6879b
JM		 3839
3840 if (wpa_s == NULL)
3841 return -1;
3842
c5121837 3843 if (wpa_drivers[0] == NULL) {
f049052b
BG		 3844 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3845 "wpa_supplicant");
6fc6879b
JM		 3846 return -1;
3847 }
3848
3849 if (name == NULL) {
3850 /* default to first driver in the list */
7756114f 3851 return select_driver(wpa_s, 0);
6fc6879b
JM		 3852 }
3853
74b1c84a
SO		 3854 do {
3855 pos = os_strchr(driver, ',');
3856 if (pos)
3857 len = pos - driver;
3858 else
3859 len = os_strlen(driver);
3860
3861 for (i = 0; wpa_drivers[i]; i++) {
3862 if (os_strlen(wpa_drivers[i]->name) == len &&
3863 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 3864 0) {
3865 /* First driver that succeeds wins */
3866 if (select_driver(wpa_s, i) == 0)
3867 return 0;
3868 }
6fc6879b 3869 }
74b1c84a
SO		 3870
3871 driver = pos + 1;
3872 } while (pos);
6fc6879b 3873
f049052b 3874 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 3875 return -1;
3876}
3877
3878
a8e0505b
JM		 3879/**
3880 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3881 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3882 * with struct wpa_driver_ops::init()
3883 * @src_addr: Source address of the EAPOL frame
3884 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3885 * @len: Length of the EAPOL data
3886 *
3887 * This function is called for each received EAPOL frame. Most driver
3888 * interfaces rely on more generic OS mechanism for receiving frames through
3889 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3890 * take care of received EAPOL frames and deliver them to the core supplicant
3891 * code by calling this function.
3892 */
6fc6879b
JM		 3893void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3894 const u8 *buf, size_t len)
3895{
3896 struct wpa_supplicant *wpa_s = ctx;
3897
f049052b 3898 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 3899 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3900
02adead5
MK		 3901#ifdef CONFIG_TESTING_OPTIONS
3902 if (wpa_s->ignore_auth_resp) {
3903 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3904 return;
3905 }
3906#endif /* CONFIG_TESTING_OPTIONS */
3907
3ab35a66
JM		 3908 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3909 (wpa_s->last_eapol_matches_bssid &&
3910#ifdef CONFIG_AP
3911 !wpa_s->ap_iface &&
3912#endif /* CONFIG_AP */
3913 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 3914 /*
3915 * There is possible race condition between receiving the
3916 * association event and the EAPOL frame since they are coming
3917 * through different paths from the driver. In order to avoid
3918 * issues in trying to process the EAPOL frame before receiving
3919 * association information, lets queue it for processing until
3ab35a66
JM		 3920 * the association event is received. This may also be needed in
3921 * driver-based roaming case, so also use src_addr != BSSID as a
3922 * trigger if we have previously confirmed that the
3923 * Authenticator uses BSSID as the src_addr (which is not the
3924 * case with wired IEEE 802.1X).
1ff73338 3925 */
f049052b 3926 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 3927 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3928 wpa_supplicant_state_txt(wpa_s->wpa_state),
3929 MAC2STR(wpa_s->bssid));
1ff73338
JM		 3930 wpabuf_free(wpa_s->pending_eapol_rx);
3931 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3932 if (wpa_s->pending_eapol_rx) {
c2be937c 3933 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 3934 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3935 ETH_ALEN);
3936 }
3937 return;
3938 }
3939
3ab35a66
JM		 3940 wpa_s->last_eapol_matches_bssid =
3941 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3942
db149ac9
JM		 3943#ifdef CONFIG_AP
3944 if (wpa_s->ap_iface) {
3945 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3946 return;
3947 }
3948#endif /* CONFIG_AP */
3949
6fc6879b 3950 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 3951 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3952 "no key management is configured");
6fc6879b
JM		 3953 return;
3954 }
3955
3956 if (wpa_s->eapol_received == 0 &&
c2a04078 3957 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 3958 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 3959 wpa_s->wpa_state != WPA_COMPLETED) &&
3960 (wpa_s->current_ssid == NULL ||
3961 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b 3962 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 3963 int timeout = 10;
3964
3965 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3966 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3967 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3968 /* Use longer timeout for IEEE 802.1X/EAP */
3969 timeout = 70;
3970 }
3971
c7dafdf9 3972#ifdef CONFIG_WPS
5add4101
JM		 3973 if (wpa_s->current_ssid && wpa_s->current_bss &&
3974 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3975 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3976 /*
3977 * Use shorter timeout if going through WPS AP iteration
3978 * for PIN config method with an AP that does not
3979 * advertise Selected Registrar.
3980 */
3981 struct wpabuf *wps_ie;
3982
3983 wps_ie = wpa_bss_get_vendor_ie_multi(
3984 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 3985 if (wps_ie &&
3986 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 3987 timeout = 10;
3988 wpabuf_free(wps_ie);
3989 }
c7dafdf9 3990#endif /* CONFIG_WPS */
5add4101
JM		 3991
3992 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 3993 }
3994 wpa_s->eapol_received++;
3995
3996 if (wpa_s->countermeasures) {
f049052b
BG		 3997 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3998 "EAPOL packet");
6fc6879b
JM		 3999 return;
4000 }
4001
8be18440
JM		 4002#ifdef CONFIG_IBSS_RSN
4003 if (wpa_s->current_ssid &&
d7dcba70 4004 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4005 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4006 return;
4007 }
4008#endif /* CONFIG_IBSS_RSN */
4009
6fc6879b
JM		 4010 /* Source address of the incoming EAPOL frame could be compared to the
4011 * current BSSID. However, it is possible that a centralized
4012 * Authenticator could be using another MAC address than the BSSID of
4013 * an AP, so just allow any address to be used for now. The replies are
4014 * still sent to the current BSSID (if available), though. */
4015
4016 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4017 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4018 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4019 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4020 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4021 return;
4022 wpa_drv_poll(wpa_s);
c2a04078 4023 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 4024 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4025 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4026 /*
4027 * Set portValid = TRUE here since we are going to skip 4-way
4028 * handshake processing which would normally set portValid. We
4029 * need this to allow the EAPOL state machines to be completed
4030 * without going through EAPOL-Key handshake.
4031 */
4032 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4033 }
4034}
4035
4036
bfba8deb 4037int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4038{
2961bfa8
JM		 4039 if ((!wpa_s->p2p_mgmt ||
4040 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4041 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4042 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4043 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4044 wpa_drv_get_mac_addr(wpa_s),
4045 ETH_P_EAPOL,
4046 wpa_supplicant_rx_eapol, wpa_s, 0);
4047 if (wpa_s->l2 == NULL)
4048 return -1;
d89edb61
DC		 4049
4050 if (l2_packet_set_packet_filter(wpa_s->l2,
4051 L2_PACKET_FILTER_PKTTYPE))
4052 wpa_dbg(wpa_s, MSG_DEBUG,
4053 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4054 } else {
4055 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4056 if (addr)
4057 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4058 }
4059
4060 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4061 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4062 return -1;
4063 }
4064
c267753b
JM		 4065 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4066
bfba8deb
JM		 4067 return 0;
4068}
4069
4070
25f839c6
JM		 4071static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4072 const u8 *buf, size_t len)
4073{
4074 struct wpa_supplicant *wpa_s = ctx;
4075 const struct l2_ethhdr *eth;
4076
4077 if (len < sizeof(*eth))
4078 return;
4079 eth = (const struct l2_ethhdr *) buf;
4080
4081 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4082 !(eth->h_dest[0] & 0x01)) {
4083 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4084 " (bridge - not for this interface - ignore)",
4085 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4086 return;
4087 }
4088
4089 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4090 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4091 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4092 len - sizeof(*eth));
4093}
4094
4095
bfba8deb
JM		 4096/**
4097 * wpa_supplicant_driver_init - Initialize driver interface parameters
4098 * @wpa_s: Pointer to wpa_supplicant data
4099 * Returns: 0 on success, -1 on failure
4100 *
4101 * This function is called to initialize driver interface parameters.
4102 * wpa_drv_init() must have been called before this function to initialize the
4103 * driver interface.
4104 */
4105int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4106{
4107 static int interface_count = 0;
4108
4109 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4110 return -1;
4111
c68f6200
AS		 4112 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4113 MAC2STR(wpa_s->own_addr));
a313d17d 4114 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4115 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4116
6fc6879b 4117 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4118 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4119 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4120 wpa_s->l2_br = l2_packet_init_bridge(
4121 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4122 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4123 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4124 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4125 "connection for the bridge interface '%s'",
4126 wpa_s->bridge_ifname);
6fc6879b
JM		 4127 return -1;
4128 }
4129 }
4130
8406cd35
JM		 4131 if (wpa_s->conf->ap_scan == 2 &&
4132 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4133 wpa_printf(MSG_INFO,
4134 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4135 }
4136
6fc6879b
JM		 4137 wpa_clear_keys(wpa_s, NULL);
4138
4139 /* Make sure that TKIP countermeasures are not left enabled (could
4140 * happen if wpa_supplicant is killed during countermeasures. */
4141 wpa_drv_set_countermeasures(wpa_s, 0);
4142
f049052b 4143 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4144 wpa_drv_flush_pmkid(wpa_s);
4145
ba2a573c 4146 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4147 wpa_s->prev_scan_wildcard = 0;
4148
349493bd 4149 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4150 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4151 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4152 interface_count = 0;
4153 }
ee82e33d 4154#ifndef ANDROID
3a94adbf 4155 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4156 wpa_supplicant_delayed_sched_scan(wpa_s,
4157 interface_count % 3,
6a90053c 4158 100000))
5d0d72a3 4159 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4160 100000);
ee82e33d 4161#endif /* ANDROID */
74e259ec
JM		 4162 interface_count++;
4163 } else
4164 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4165
4166 return 0;
4167}
4168
4169
4170static int wpa_supplicant_daemon(const char *pid_file)
4171{
4172 wpa_printf(MSG_DEBUG, "Daemonize..");
4173 return os_daemonize(pid_file);
4174}
4175
4176
1772d348
JM		 4177static struct wpa_supplicant *
4178wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4179{
4180 struct wpa_supplicant *wpa_s;
4181
4182 wpa_s = os_zalloc(sizeof(*wpa_s));
4183 if (wpa_s == NULL)
4184 return NULL;
4115303b 4185 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4186 wpa_s->scan_interval = 5;
c302f207 4187 wpa_s->new_connection = 1;
1772d348 4188 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4189 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4190 wpa_s->sched_scanning = 0;
6fc6879b 4191
dd599908 4192 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4193 dl_list_init(&wpa_s->fils_hlp_req);
dd599908 4194
6fc6879b
JM		 4195 return wpa_s;
4196}
4197
4198
80e8a5ee
BG		 4199#ifdef CONFIG_HT_OVERRIDES
4200
4201static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4202 struct ieee80211_ht_capabilities *htcaps,
4203 struct ieee80211_ht_capabilities *htcaps_mask,
4204 const char *ht_mcs)
4205{
4206 /* parse ht_mcs into hex array */
4207 int i;
4208 const char *tmp = ht_mcs;
4209 char *end = NULL;
4210
4211 /* If ht_mcs is null, do not set anything */
4212 if (!ht_mcs)
4213 return 0;
4214
4215 /* This is what we are setting in the kernel */
4216 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4217
4218 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4219
4220 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4221 long v;
4222
80e8a5ee 4223 errno = 0;
30eddf35
JB		 4224 v = strtol(tmp, &end, 16);
4225
80e8a5ee
BG		 4226 if (errno == 0) {
4227 wpa_msg(wpa_s, MSG_DEBUG,
4228 "htcap value[%i]: %ld end: %p tmp: %p",
4229 i, v, end, tmp);
4230 if (end == tmp)
4231 break;
4232
4233 htcaps->supported_mcs_set[i] = v;
4234 tmp = end;
4235 } else {
4236 wpa_msg(wpa_s, MSG_ERROR,
4237 "Failed to parse ht-mcs: %s, error: %s\n",
4238 ht_mcs, strerror(errno));
4239 return -1;
4240 }
4241 }
4242
4243 /*
4244 * If we were able to parse any values, then set mask for the MCS set.
4245 */
4246 if (i) {
4247 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4248 IEEE80211_HT_MCS_MASK_LEN - 1);
4249 /* skip the 3 reserved bits */
4250 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4251 0x1f;
4252 }
4253
4254 return 0;
4255}
4256
4257
4258static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4259 struct ieee80211_ht_capabilities *htcaps,
4260 struct ieee80211_ht_capabilities *htcaps_mask,
4261 int disabled)
4262{
5bc28571 4263 le16 msk;
80e8a5ee
BG		 4264
4265 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4266
4267 if (disabled == -1)
4268 return 0;
4269
4270 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4271 htcaps_mask->ht_capabilities_info |= msk;
4272 if (disabled)
4273 htcaps->ht_capabilities_info &= msk;
4274 else
4275 htcaps->ht_capabilities_info |= msk;
4276
4277 return 0;
4278}
4279
4280
4281static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4282 struct ieee80211_ht_capabilities *htcaps,
4283 struct ieee80211_ht_capabilities *htcaps_mask,
4284 int factor)
4285{
4286 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4287
4288 if (factor == -1)
4289 return 0;
4290
4291 if (factor < 0 || factor > 3) {
4292 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4293 "Must be 0-3 or -1", factor);
4294 return -EINVAL;
4295 }
4296
4297 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4298 htcaps->a_mpdu_params &= ~0x3;
4299 htcaps->a_mpdu_params |= factor & 0x3;
4300
4301 return 0;
4302}
4303
4304
4305static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4306 struct ieee80211_ht_capabilities *htcaps,
4307 struct ieee80211_ht_capabilities *htcaps_mask,
4308 int density)
4309{
4310 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4311
4312 if (density == -1)
4313 return 0;
4314
4315 if (density < 0 || density > 7) {
4316 wpa_msg(wpa_s, MSG_ERROR,
4317 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4318 density);
4319 return -EINVAL;
4320 }
4321
4322 htcaps_mask->a_mpdu_params |= 0x1C;
4323 htcaps->a_mpdu_params &= ~(0x1C);
4324 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4325
4326 return 0;
4327}
4328
4329
4330static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4331 struct ieee80211_ht_capabilities *htcaps,
4332 struct ieee80211_ht_capabilities *htcaps_mask,
4333 int disabled)
4334{
80e8a5ee
BG		 4335 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4336
9eb5757a
MH		 4337 set_disable_ht40(htcaps, disabled);
4338 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4339
4340 return 0;
4341}
4342
4343
a90497f8
BG		 4344static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4345 struct ieee80211_ht_capabilities *htcaps,
4346 struct ieee80211_ht_capabilities *htcaps_mask,
4347 int disabled)
4348{
4349 /* Masking these out disables SGI */
5bc28571
JM		 4350 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4351 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8
BG		 4352
4353 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4354
4355 if (disabled)
4356 htcaps->ht_capabilities_info &= ~msk;
4357 else
4358 htcaps->ht_capabilities_info |= msk;
4359
4360 htcaps_mask->ht_capabilities_info |= msk;
4361
4362 return 0;
4363}
4364
4365
39a5800f
PK		 4366static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4367 struct ieee80211_ht_capabilities *htcaps,
4368 struct ieee80211_ht_capabilities *htcaps_mask,
4369 int disabled)
4370{
4371 /* Masking these out disables LDPC */
5bc28571 4372 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f
PK		 4373
4374 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
4375
4376 if (disabled)
4377 htcaps->ht_capabilities_info &= ~msk;
4378 else
4379 htcaps->ht_capabilities_info |= msk;
4380
4381 htcaps_mask->ht_capabilities_info |= msk;
4382
4383 return 0;
4384}
4385
4386
80e8a5ee
BG		 4387void wpa_supplicant_apply_ht_overrides(
4388 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4389 struct wpa_driver_associate_params *params)
4390{
4391 struct ieee80211_ht_capabilities *htcaps;
4392 struct ieee80211_ht_capabilities *htcaps_mask;
4393
4394 if (!ssid)
4395 return;
4396
4397 params->disable_ht = ssid->disable_ht;
4398 if (!params->htcaps || !params->htcaps_mask)
4399 return;
4400
4401 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4402 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4403 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4404 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4405 ssid->disable_max_amsdu);
4406 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4407 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4408 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 4409 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 4410 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
d41cc8cc
JM		 4411
4412 if (ssid->ht40_intolerant) {
5bc28571 4413 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 4414 htcaps->ht_capabilities_info |= bit;
4415 htcaps_mask->ht_capabilities_info |= bit;
4416 }
80e8a5ee
BG		 4417}
4418
4419#endif /* CONFIG_HT_OVERRIDES */
4420
4421
e9ee8dc3
JB		 4422#ifdef CONFIG_VHT_OVERRIDES
4423void wpa_supplicant_apply_vht_overrides(
4424 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4425 struct wpa_driver_associate_params *params)
4426{
4427 struct ieee80211_vht_capabilities *vhtcaps;
4428 struct ieee80211_vht_capabilities *vhtcaps_mask;
4429
4430 if (!ssid)
4431 return;
4432
4433 params->disable_vht = ssid->disable_vht;
4434
4435 vhtcaps = (void *) params->vhtcaps;
4436 vhtcaps_mask = (void *) params->vhtcaps_mask;
4437
4438 if (!vhtcaps || !vhtcaps_mask)
4439 return;
4440
4d8d710f
JM		 4441 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4442 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 4443
4f560cde
EP		 4444#ifdef CONFIG_HT_OVERRIDES
4445 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 4446 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4447 int max_ampdu;
4448
4449 max_ampdu = (ssid->vht_capa &
4450 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4451 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 4452
4453 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4454 wpa_set_ampdu_factor(wpa_s,
4455 (void *) params->htcaps,
4456 (void *) params->htcaps_mask,
4457 max_ampdu);
4458 }
4459#endif /* CONFIG_HT_OVERRIDES */
4460
e9ee8dc3
JB		 4461#define OVERRIDE_MCS(i) \
4462 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4463 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 4464 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4465 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 4466 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4467 2 * (i - 1)); \
e9ee8dc3
JB		 4468 } \
4469 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4470 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 4471 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4472 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 4473 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4474 2 * (i - 1)); \
e9ee8dc3
JB		 4475 }
4476
4477 OVERRIDE_MCS(1);
4478 OVERRIDE_MCS(2);
4479 OVERRIDE_MCS(3);
4480 OVERRIDE_MCS(4);
4481 OVERRIDE_MCS(5);
4482 OVERRIDE_MCS(6);
4483 OVERRIDE_MCS(7);
4484 OVERRIDE_MCS(8);
4485}
4486#endif /* CONFIG_VHT_OVERRIDES */
4487
4488
f64adcd7
JM		 4489static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4490{
4491#ifdef PCSC_FUNCS
4492 size_t len;
4493
4494 if (!wpa_s->conf->pcsc_reader)
4495 return 0;
4496
22cf7d73 4497 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 4498 if (!wpa_s->scard)
4499 return 1;
4500
4501 if (wpa_s->conf->pcsc_pin &&
4502 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4503 scard_deinit(wpa_s->scard);
4504 wpa_s->scard = NULL;
4505 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4506 return -1;
4507 }
4508
4509 len = sizeof(wpa_s->imsi) - 1;
4510 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4511 scard_deinit(wpa_s->scard);
4512 wpa_s->scard = NULL;
4513 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4514 return -1;
4515 }
4516 wpa_s->imsi[len] = '\0';
4517
4518 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4519
4520 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4521 wpa_s->imsi, wpa_s->mnc_len);
4522
4523 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4524 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4525#endif /* PCSC_FUNCS */
4526
4527 return 0;
4528}
4529
4530
306ae225
JM		 4531int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4532{
4533 char *val, *pos;
4534
4535 ext_password_deinit(wpa_s->ext_pw);
4536 wpa_s->ext_pw = NULL;
4537 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4538
4539 if (!wpa_s->conf->ext_password_backend)
4540 return 0;
4541
4542 val = os_strdup(wpa_s->conf->ext_password_backend);
4543 if (val == NULL)
4544 return -1;
4545 pos = os_strchr(val, ':');
4546 if (pos)
4547 *pos++ = '\0';
4548
4549 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4550
4551 wpa_s->ext_pw = ext_password_init(val, pos);
4552 os_free(val);
4553 if (wpa_s->ext_pw == NULL) {
4554 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4555 return -1;
4556 }
4557 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4558
4559 return 0;
4560}
4561
4562
b36a3a65
AN		 4563#ifdef CONFIG_FST
4564
4565static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4566{
4567 struct wpa_supplicant *wpa_s = ctx;
4568
4569 return (is_zero_ether_addr(wpa_s->bssid) ||
4570 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4571}
4572
4573
4574static void wpas_fst_get_channel_info_cb(void *ctx,
4575 enum hostapd_hw_mode *hw_mode,
4576 u8 *channel)
4577{
4578 struct wpa_supplicant *wpa_s = ctx;
4579
4580 if (wpa_s->current_bss) {
4581 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4582 channel);
4583 } else if (wpa_s->hw.num_modes) {
4584 *hw_mode = wpa_s->hw.modes[0].mode;
4585 } else {
4586 WPA_ASSERT(0);
4587 *hw_mode = 0;
4588 }
4589}
4590
4591
4592static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4593{
4594 struct wpa_supplicant *wpa_s = ctx;
4595
4596 *modes = wpa_s->hw.modes;
4597 return wpa_s->hw.num_modes;
4598}
4599
4600
84bcb4e7 4601static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 4602{
4603 struct wpa_supplicant *wpa_s = ctx;
4604
b7a07937 4605 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 4606 wpa_s->fst_ies = fst_ies;
4607}
4608
4609
4610static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4611{
4612 struct wpa_supplicant *wpa_s = ctx;
4613
0da35523
JM		 4614 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4615 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4616 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4617 return -1;
4618 }
b36a3a65 4619 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 4620 wpa_s->own_addr, wpa_s->bssid,
4621 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 4622 0);
4623}
4624
4625
a0f04da5 4626static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 4627{
4628 struct wpa_supplicant *wpa_s = ctx;
4629
4630 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4631 return wpa_s->received_mb_ies;
4632}
4633
4634
4635static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4636 const u8 *buf, size_t size)
4637{
4638 struct wpa_supplicant *wpa_s = ctx;
4639 struct mb_ies_info info;
4640
4641 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4642
4643 if (!mb_ies_info_by_ies(&info, buf, size)) {
4644 wpabuf_free(wpa_s->received_mb_ies);
4645 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4646 }
4647}
4648
4649
39cdd3a0
JM		 4650static const u8 * wpas_fst_get_peer_first(void *ctx,
4651 struct fst_get_peer_ctx **get_ctx,
4652 Boolean mb_only)
b36a3a65
AN		 4653{
4654 struct wpa_supplicant *wpa_s = ctx;
4655
4656 *get_ctx = NULL;
4657 if (!is_zero_ether_addr(wpa_s->bssid))
4658 return (wpa_s->received_mb_ies || !mb_only) ?
4659 wpa_s->bssid : NULL;
4660 return NULL;
4661}
4662
4663
39cdd3a0
JM		 4664static const u8 * wpas_fst_get_peer_next(void *ctx,
4665 struct fst_get_peer_ctx **get_ctx,
4666 Boolean mb_only)
b36a3a65
AN		 4667{
4668 return NULL;
4669}
4670
4671void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4672 struct fst_wpa_obj *iface_obj)
4673{
4674 iface_obj->ctx = wpa_s;
4675 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4676 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4677 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4678 iface_obj->set_ies = wpas_fst_set_ies_cb;
4679 iface_obj->send_action = wpas_fst_send_action_cb;
4680 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4681 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4682 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4683 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4684}
4685#endif /* CONFIG_FST */
4686
a520bf4a 4687static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 4688 const struct wpa_driver_capa *capa)
e4fa8b12 4689{
88cb27c7
DS		 4690 struct wowlan_triggers *triggers;
4691 int ret = 0;
e4fa8b12
EP		 4692
4693 if (!wpa_s->conf->wowlan_triggers)
4694 return 0;
4695
88cb27c7
DS		 4696 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4697 if (triggers) {
4698 ret = wpa_drv_wowlan(wpa_s, triggers);
4699 os_free(triggers);
e4fa8b12 4700 }
e4fa8b12
EP		 4701 return ret;
4702}
4703
4704
2b6e9f91 4705enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 4706{
4707 if (freq < 3000)
4708 return BAND_2_4_GHZ;
4709 if (freq > 50000)
4710 return BAND_60_GHZ;
4711 return BAND_5_GHZ;
4712}
4713
4714
2b6e9f91 4715unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 4716{
4717 int i;
4718 unsigned int band = 0;
4719
4720 if (freqs) {
4721 /* freqs are specified for the radio work */
4722 for (i = 0; freqs[i]; i++)
4723 band |= wpas_freq_to_band(freqs[i]);
4724 } else {
4725 /*
4726 * freqs are not specified, implies all
4727 * the supported freqs by HW
4728 */
4729 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4730 if (wpa_s->hw.modes[i].num_channels != 0) {
4731 if (wpa_s->hw.modes[i].mode ==
4732 HOSTAPD_MODE_IEEE80211B ||
4733 wpa_s->hw.modes[i].mode ==
4734 HOSTAPD_MODE_IEEE80211G)
4735 band |= BAND_2_4_GHZ;
4736 else if (wpa_s->hw.modes[i].mode ==
4737 HOSTAPD_MODE_IEEE80211A)
4738 band |= BAND_5_GHZ;
4739 else if (wpa_s->hw.modes[i].mode ==
4740 HOSTAPD_MODE_IEEE80211AD)
4741 band |= BAND_60_GHZ;
4742 else if (wpa_s->hw.modes[i].mode ==
4743 HOSTAPD_MODE_IEEE80211ANY)
4744 band = BAND_2_4_GHZ | BAND_5_GHZ |
4745 BAND_60_GHZ;
4746 }
4747 }
4748 }
4749
4750 return band;
4751}
4752
4753
202dec2a
JM		 4754static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4755 const char *rn)
4756{
4757 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4758 struct wpa_radio *radio;
4759
4760 while (rn && iface) {
4761 radio = iface->radio;
4762 if (radio && os_strcmp(rn, radio->name) == 0) {
4763 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4764 wpa_s->ifname, rn);
4765 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4766 return radio;
4767 }
b154a24e
TB		 4768
4769 iface = iface->next;
202dec2a
JM		 4770 }
4771
4772 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4773 wpa_s->ifname, rn ? rn : "N/A");
4774 radio = os_zalloc(sizeof(*radio));
4775 if (radio == NULL)
4776 return NULL;
4777
4778 if (rn)
4779 os_strlcpy(radio->name, rn, sizeof(radio->name));
4780 dl_list_init(&radio->ifaces);
b1ae396f 4781 dl_list_init(&radio->work);
202dec2a
JM		 4782 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4783
4784 return radio;
4785}
4786
4787
b1ae396f
JM		 4788static void radio_work_free(struct wpa_radio_work *work)
4789{
d12a51b5
JM		 4790 if (work->wpa_s->scan_work == work) {
4791 /* This should not really happen. */
4792 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4793 work->type, work, work->started);
4794 work->wpa_s->scan_work = NULL;
4795 }
4796
1b5d4714
JM		 4797#ifdef CONFIG_P2P
4798 if (work->wpa_s->p2p_scan_work == work) {
4799 /* This should not really happen. */
4800 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4801 work->type, work, work->started);
4802 work->wpa_s->p2p_scan_work = NULL;
4803 }
4804#endif /* CONFIG_P2P */
4805
e903d32d
KV		 4806 if (work->started) {
4807 work->wpa_s->radio->num_active_works--;
4808 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 4809 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 4810 work->type, work,
4811 work->wpa_s->radio->num_active_works);
4812 }
4813
b1ae396f
JM		 4814 dl_list_del(&work->list);
4815 os_free(work);
4816}
4817
4818
4c6f450c
JM		 4819static int radio_work_is_connect(struct wpa_radio_work *work)
4820{
4821 return os_strcmp(work->type, "sme-connect") == 0 ||
4822 os_strcmp(work->type, "connect") == 0;
4823}
4824
4825
85b6b6b6
SD		 4826static int radio_work_is_scan(struct wpa_radio_work *work)
4827{
4828 return os_strcmp(work->type, "scan") == 0 ||
4829 os_strcmp(work->type, "p2p-scan") == 0;
4830}
4831
4832
e903d32d
KV		 4833static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4834{
4835 struct wpa_radio_work *active_work = NULL;
4836 struct wpa_radio_work *tmp;
4837
4838 /* Get the active work to know the type and band. */
4839 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4840 if (tmp->started) {
4841 active_work = tmp;
4842 break;
4843 }
4844 }
4845
4846 if (!active_work) {
4847 /* No active work, start one */
4848 radio->num_active_works = 0;
4849 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4850 list) {
4851 if (os_strcmp(tmp->type, "scan") == 0 &&
4852 radio->external_scan_running &&
4853 (((struct wpa_driver_scan_params *)
4854 tmp->ctx)->only_new_results ||
4855 tmp->wpa_s->clear_driver_scan_cache))
4856 continue;
4857 return tmp;
4858 }
4859 return NULL;
4860 }
4861
4c6f450c 4862 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 4863 /*
4864 * If the active work is either connect or sme-connect,
4865 * do not parallelize them with other radio works.
4866 */
4867 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4868 "Do not parallelize radio work with %s",
4869 active_work->type);
4870 return NULL;
4871 }
4872
4873 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4874 if (tmp->started)
4875 continue;
4876
4877 /*
4878 * If connect or sme-connect are enqueued, parallelize only
4879 * those operations ahead of them in the queue.
4880 */
4c6f450c 4881 if (radio_work_is_connect(tmp))
e903d32d
KV		 4882 break;
4883
85b6b6b6
SD		 4884 /* Serialize parallel scan and p2p_scan operations on the same
4885 * interface since the driver_nl80211 mechanism for tracking
4886 * scan cookies does not yet have support for this. */
4887 if (active_work->wpa_s == tmp->wpa_s &&
4888 radio_work_is_scan(active_work) &&
4889 radio_work_is_scan(tmp)) {
4890 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4891 "Do not start work '%s' when another work '%s' is already scheduled",
4892 tmp->type, active_work->type);
4893 continue;
4894 }
e903d32d
KV		 4895 /*
4896 * Check that the radio works are distinct and
4897 * on different bands.
4898 */
4899 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4900 (active_work->bands != tmp->bands)) {
4901 /*
4902 * If a scan has to be scheduled through nl80211 scan
4903 * interface and if an external scan is already running,
4904 * do not schedule the scan since it is likely to get
4905 * rejected by kernel.
4906 */
4907 if (os_strcmp(tmp->type, "scan") == 0 &&
4908 radio->external_scan_running &&
4909 (((struct wpa_driver_scan_params *)
4910 tmp->ctx)->only_new_results ||
4911 tmp->wpa_s->clear_driver_scan_cache))
4912 continue;
4913
4914 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4915 "active_work:%s new_work:%s",
4916 active_work->type, tmp->type);
4917 return tmp;
4918 }
4919 }
4920
4921 /* Did not find a radio work to schedule in parallel. */
4922 return NULL;
4923}
4924
4925
b1ae396f
JM		 4926static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4927{
4928 struct wpa_radio *radio = eloop_ctx;
4929 struct wpa_radio_work *work;
4930 struct os_reltime now, diff;
6428d0a7 4931 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 4932
4933 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 4934 if (work == NULL) {
4935 radio->num_active_works = 0;
b1ae396f 4936 return;
e903d32d 4937 }
b1ae396f 4938
6428d0a7
JM		 4939 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4940 radio_list);
e903d32d
KV		 4941
4942 if (!(wpa_s &&
4943 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4944 if (work->started)
4945 return; /* already started and still in progress */
4946
4947 if (wpa_s && wpa_s->radio->external_scan_running) {
4948 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4949 return;
4950 }
4951 } else {
4952 work = NULL;
4953 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4954 /* get the work to schedule next */
4955 work = radio_work_get_next_work(radio);
4956 }
4957 if (!work)
4958 return;
6428d0a7
JM		 4959 }
4960
e903d32d 4961 wpa_s = work->wpa_s;
b1ae396f
JM		 4962 os_get_reltime(&now);
4963 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 4964 wpa_dbg(wpa_s, MSG_DEBUG,
4965 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 4966 work->type, work, diff.sec, diff.usec);
4967 work->started = 1;
4968 work->time = now;
e903d32d
KV		 4969 radio->num_active_works++;
4970
b1ae396f 4971 work->cb(work, 0);
e903d32d
KV		 4972
4973 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4974 radio->num_active_works < MAX_ACTIVE_WORKS)
4975 radio_work_check_next(wpa_s);
b1ae396f
JM		 4976}
4977
4978
b3253ebb
AO		 4979/*
4980 * This function removes both started and pending radio works running on
4981 * the provided interface's radio.
4982 * Prior to the removal of the radio work, its callback (cb) is called with
4983 * deinit set to be 1. Each work's callback is responsible for clearing its
4984 * internal data and restoring to a correct state.
4985 * @wpa_s: wpa_supplicant data
4986 * @type: type of works to be removed
4987 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4988 * this interface's works.
4989 */
4990void radio_remove_works(struct wpa_supplicant *wpa_s,
4991 const char *type, int remove_all)
b1ae396f
JM		 4992{
4993 struct wpa_radio_work *work, *tmp;
4994 struct wpa_radio *radio = wpa_s->radio;
4995
4996 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4997 list) {
b3253ebb 4998 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 4999 continue;
b3253ebb
AO		 5000
5001 /* skip other ifaces' works */
5002 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5003 continue;
b3253ebb
AO		 5004
5005 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5006 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5007 work->cb(work, 1);
5008 radio_work_free(work);
5009 }
b3253ebb
AO		 5010
5011 /* in case we removed the started work */
5012 radio_work_check_next(wpa_s);
b1ae396f
JM		 5013}
5014
5015
6a252ece
JM		 5016void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5017{
5018 struct wpa_radio_work *work;
5019 struct wpa_radio *radio = wpa_s->radio;
5020
5021 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5022 if (work->ctx != ctx)
5023 continue;
5024 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5025 work->type, work, work->started ? " (started)" : "");
5026 radio_work_free(work);
5027 break;
5028 }
5029}
5030
5031
202dec2a
JM		 5032static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5033{
5034 struct wpa_radio *radio = wpa_s->radio;
5035
5036 if (!radio)
5037 return;
5038
5039 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5040 wpa_s->ifname, radio->name);
5041 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5042 radio_remove_works(wpa_s, NULL, 0);
5043 wpa_s->radio = NULL;
5044 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5045 return; /* Interfaces remain for this radio */
5046
5047 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5048 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5049 os_free(radio);
5050}
5051
5052
6428d0a7 5053void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5054{
5055 struct wpa_radio *radio = wpa_s->radio;
5056
5057 if (dl_list_empty(&radio->work))
5058 return;
e3745228
JM		 5059 if (wpa_s->ext_work_in_progress) {
5060 wpa_printf(MSG_DEBUG,
5061 "External radio work in progress - delay start of pending item");
5062 return;
5063 }
b1ae396f
JM		 5064 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5065 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5066}
5067
5068
5069/**
5070 * radio_add_work - Add a radio work item
5071 * @wpa_s: Pointer to wpa_supplicant data
5072 * @freq: Frequency of the offchannel operation in MHz or 0
5073 * @type: Unique identifier for each type of work
5074 * @next: Force as the next work to be executed
5075 * @cb: Callback function for indicating when radio is available
5076 * @ctx: Context pointer for the work (work->ctx in cb())
5077 * Returns: 0 on success, -1 on failure
5078 *
5079 * This function is used to request time for an operation that requires
5080 * exclusive radio control. Once the radio is available, the registered callback
5081 * function will be called. radio_work_done() must be called once the exclusive
5082 * radio operation has been completed, so that the radio is freed for other
5083 * operations. The special case of deinit=1 is used to free the context data
5084 * during interface removal. That does not allow the callback function to start
5085 * the radio operation, i.e., it must free any resources allocated for the radio
5086 * work and return.
5087 *
5088 * The @freq parameter can be used to indicate a single channel on which the
5089 * offchannel operation will occur. This may allow multiple radio work
5090 * operations to be performed in parallel if they apply for the same channel.
5091 * Setting this to 0 indicates that the work item may use multiple channels or
5092 * requires exclusive control of the radio.
5093 */
5094int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5095 const char *type, int next,
5096 void (*cb)(struct wpa_radio_work *work, int deinit),
5097 void *ctx)
5098{
e903d32d 5099 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5100 struct wpa_radio_work *work;
5101 int was_empty;
5102
5103 work = os_zalloc(sizeof(*work));
5104 if (work == NULL)
5105 return -1;
5106 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5107 os_get_reltime(&work->time);
5108 work->freq = freq;
5109 work->type = type;
5110 work->wpa_s = wpa_s;
5111 work->cb = cb;
5112 work->ctx = ctx;
5113
e903d32d
KV		 5114 if (freq)
5115 work->bands = wpas_freq_to_band(freq);
5116 else if (os_strcmp(type, "scan") == 0 ||
5117 os_strcmp(type, "p2p-scan") == 0)
5118 work->bands = wpas_get_bands(wpa_s,
5119 ((struct wpa_driver_scan_params *)
5120 ctx)->freqs);
5121 else
5122 work->bands = wpas_get_bands(wpa_s, NULL);
5123
b1ae396f
JM		 5124 was_empty = dl_list_empty(&wpa_s->radio->work);
5125 if (next)
5126 dl_list_add(&wpa_s->radio->work, &work->list);
5127 else
5128 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5129 if (was_empty) {
5130 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5131 radio_work_check_next(wpa_s);
e903d32d
KV		 5132 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5133 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5134 wpa_dbg(wpa_s, MSG_DEBUG,
5135 "Try to schedule a radio work (num_active_works=%u)",
5136 radio->num_active_works);
5137 radio_work_check_next(wpa_s);
b1ae396f
JM		 5138 }
5139
5140 return 0;
5141}
5142
5143
5144/**
5145 * radio_work_done - Indicate that a radio work item has been completed
5146 * @work: Completed work
5147 *
5148 * This function is called once the callback function registered with
5149 * radio_add_work() has completed its work.
5150 */
5151void radio_work_done(struct wpa_radio_work *work)
5152{
5153 struct wpa_supplicant *wpa_s = work->wpa_s;
5154 struct os_reltime now, diff;
1f965e62 5155 unsigned int started = work->started;
b1ae396f
JM		 5156
5157 os_get_reltime(&now);
5158 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5159 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5160 work->type, work, started ? "done" : "canceled",
5161 diff.sec, diff.usec);
b1ae396f 5162 radio_work_free(work);
1f965e62
JM		 5163 if (started)
5164 radio_work_check_next(wpa_s);
b1ae396f
JM		 5165}
5166
5167
a7f5271d
JM		 5168struct wpa_radio_work *
5169radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5170{
5171 struct wpa_radio_work *work;
5172 struct wpa_radio *radio = wpa_s->radio;
5173
5174 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5175 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5176 return work;
f0e30c84
JM		 5177 }
5178
a7f5271d 5179 return NULL;
f0e30c84
JM		 5180}
5181
5182
73c00fd7 5183static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5184 const struct wpa_interface *iface)
73c00fd7 5185{
202dec2a 5186 const char *ifname, *driver, *rn;
73c00fd7
JM		 5187
5188 driver = iface->driver;
5189next_driver:
5190 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5191 return -1;
5192
5193 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5194 if (wpa_s->drv_priv == NULL) {
5195 const char *pos;
5196 pos = driver ? os_strchr(driver, ',') : NULL;
5197 if (pos) {
5198 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5199 "driver interface - try next driver wrapper");
5200 driver = pos + 1;
5201 goto next_driver;
5202 }
5203 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5204 "interface");
5205 return -1;
5206 }
5207 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5208 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5209 "driver_param '%s'", wpa_s->conf->driver_param);
5210 return -1;
5211 }
5212
5213 ifname = wpa_drv_get_ifname(wpa_s);
5214 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5215 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5216 "interface name with '%s'", ifname);
5217 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5218 }
5219
95bf699f 5220 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5221 if (rn && rn[0] == '\0')
5222 rn = NULL;
5223
5224 wpa_s->radio = radio_add_interface(wpa_s, rn);
5225 if (wpa_s->radio == NULL)
5226 return -1;
5227
73c00fd7
JM		 5228 return 0;
5229}
5230
5231
461d39af
JM		 5232#ifdef CONFIG_GAS_SERVER
5233
5234static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5235 unsigned int freq, const u8 *dst,
5236 const u8 *src, const u8 *bssid,
5237 const u8 *data, size_t data_len,
5238 enum offchannel_send_action_result result)
5239{
5240 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5241 " result=%s",
5242 freq, MAC2STR(dst),
5243 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5244 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5245 "FAILED"));
5246 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5247 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5248}
5249
5250
5251static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5252 struct wpabuf *buf, unsigned int wait_time)
5253{
5254 struct wpa_supplicant *wpa_s = ctx;
5255 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5256
5257 if (wait_time > wpa_s->max_remain_on_chan)
5258 wait_time = wpa_s->max_remain_on_chan;
5259
5260 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5261 wpabuf_head(buf), wpabuf_len(buf),
5262 wait_time, wpas_gas_server_tx_status, 0);
5263}
5264
5265#endif /* CONFIG_GAS_SERVER */
5266
6fc6879b 5267static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5268 const struct wpa_interface *iface)
6fc6879b 5269{
362f781e 5270 struct wpa_driver_capa capa;
6cbdb0c5 5271 int capa_res;
aa56e36d 5272 u8 dfs_domain;
362f781e 5273
6fc6879b
JM		 5274 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5275 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5276 iface->confname ? iface->confname : "N/A",
5277 iface->driver ? iface->driver : "default",
5278 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5279 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5280
6fc6879b
JM		 5281 if (iface->confname) {
5282#ifdef CONFIG_BACKEND_FILE
5283 wpa_s->confname = os_rel2abs_path(iface->confname);
5284 if (wpa_s->confname == NULL) {
5285 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5286 "for configuration file '%s'.",
5287 iface->confname);
5288 return -1;
5289 }
5290 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5291 iface->confname, wpa_s->confname);
5292#else /* CONFIG_BACKEND_FILE */
5293 wpa_s->confname = os_strdup(iface->confname);
5294#endif /* CONFIG_BACKEND_FILE */
e6304cad 5295 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 5296 if (wpa_s->conf == NULL) {
5297 wpa_printf(MSG_ERROR, "Failed to read or parse "
5298 "configuration '%s'.", wpa_s->confname);
5299 return -1;
5300 }
e6304cad 5301 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 5302 if (wpa_s->confanother &&
5303 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5304 wpa_printf(MSG_ERROR,
5305 "Failed to read or parse configuration '%s'.",
5306 wpa_s->confanother);
5307 return -1;
5308 }
6fc6879b
JM		 5309
5310 /*
5311 * Override ctrl_interface and driver_param if set on command
5312 * line.
5313 */
5314 if (iface->ctrl_interface) {
5315 os_free(wpa_s->conf->ctrl_interface);
5316 wpa_s->conf->ctrl_interface =
5317 os_strdup(iface->ctrl_interface);
5318 }
5319
5320 if (iface->driver_param) {
5321 os_free(wpa_s->conf->driver_param);
5322 wpa_s->conf->driver_param =
5323 os_strdup(iface->driver_param);
5324 }
78f79fe5
JM		 5325
5326 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5327 os_free(wpa_s->conf->ctrl_interface);
5328 wpa_s->conf->ctrl_interface = NULL;
5329 }
6fc6879b
JM		 5330 } else
5331 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5332 iface->driver_param);
5333
5334 if (wpa_s->conf == NULL) {
5335 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5336 return -1;
5337 }
5338
5339 if (iface->ifname == NULL) {
5340 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5341 return -1;
5342 }
5343 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5344 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5345 iface->ifname);
5346 return -1;
5347 }
5348 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5349
5350 if (iface->bridge_ifname) {
5351 if (os_strlen(iface->bridge_ifname) >=
5352 sizeof(wpa_s->bridge_ifname)) {
5353 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5354 "name '%s'.", iface->bridge_ifname);
5355 return -1;
5356 }
5357 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5358 sizeof(wpa_s->bridge_ifname));
5359 }
5360
6fc6879b
JM		 5361 /* RSNA Supplicant Key Management - INITIALIZE */
5362 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5363 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5364
5365 /* Initialize driver interface and register driver event handler before
5366 * L2 receive handler so that association events are processed before
5367 * EAPOL-Key packets if both become available for the same select()
5368 * call. */
73c00fd7 5369 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 5370 return -1;
5371
6fc6879b
JM		 5372 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5373 return -1;
5374
5375 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5376 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5377 NULL);
5378 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5379
5380 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5381 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5382 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 5383 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5384 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 5385 return -1;
5386 }
5387
5388 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5389 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5390 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 5391 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 5392 "dot11RSNAConfigPMKReauthThreshold");
5393 return -1;
5394 }
5395
5396 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5397 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5398 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 5399 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5400 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 5401 return -1;
5402 }
5403
6bf731e8
CL		 5404 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5405 &wpa_s->hw.num_modes,
aa56e36d
VT		 5406 &wpa_s->hw.flags,
5407 &dfs_domain);
a1b790eb
JM		 5408 if (wpa_s->hw.modes) {
5409 u16 i;
5410
5411 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5412 if (wpa_s->hw.modes[i].vht_capab) {
5413 wpa_s->hw_capab = CAPAB_VHT;
5414 break;
5415 }
5416
5417 if (wpa_s->hw.modes[i].ht_capab &
5418 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5419 wpa_s->hw_capab = CAPAB_HT40;
5420 else if (wpa_s->hw.modes[i].ht_capab &&
5421 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5422 wpa_s->hw_capab = CAPAB_HT;
5423 }
5424 }
6bf731e8 5425
6cbdb0c5
JM		 5426 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5427 if (capa_res == 0) {
c58ab8f2 5428 wpa_s->drv_capa_known = 1;
814782b9 5429 wpa_s->drv_flags = capa.flags;
349493bd 5430 wpa_s->drv_enc = capa.enc;
04ee647d 5431 wpa_s->drv_smps_modes = capa.smps_modes;
f936b73c 5432 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 5433 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 5434 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 5435 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 5436 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5437 wpa_s->max_sched_scan_plan_interval =
5438 capa.max_sched_scan_plan_interval;
5439 wpa_s->max_sched_scan_plan_iterations =
5440 capa.max_sched_scan_plan_iterations;
cbdf3507 5441 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 5442 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 5443 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 5444 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 5445 wpa_s->extended_capa = capa.extended_capa;
5446 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5447 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 5448 wpa_s->num_multichan_concurrent =
5449 capa.num_multichan_concurrent;
471cd6e1 5450 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 5451
5452 if (capa.mac_addr_rand_scan_supported)
5453 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5454 if (wpa_s->sched_scan_supported &&
5455 capa.mac_addr_rand_sched_scan_supported)
5456 wpa_s->mac_addr_rand_supported |=
5457 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
814782b9
JM		 5458 }
5459 if (wpa_s->max_remain_on_chan == 0)
5460 wpa_s->max_remain_on_chan = 1000;
5461
c68f6200
AS		 5462 /*
5463 * Only take p2p_mgmt parameters when P2P Device is supported.
5464 * Doing it here as it determines whether l2_packet_init() will be done
5465 * during wpa_supplicant_driver_init().
5466 */
5467 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5468 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 5469
4752147d
IP		 5470 if (wpa_s->num_multichan_concurrent == 0)
5471 wpa_s->num_multichan_concurrent = 1;
5472
6fc6879b
JM		 5473 if (wpa_supplicant_driver_init(wpa_s) < 0)
5474 return -1;
5475
281ff0aa 5476#ifdef CONFIG_TDLS
8fb2b357 5477 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 5478 return -1;
5479#endif /* CONFIG_TDLS */
5480
315ce40a
JM		 5481 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5482 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 5483 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 5484 return -1;
5485 }
5486
b36a3a65
AN		 5487#ifdef CONFIG_FST
5488 if (wpa_s->conf->fst_group_id) {
5489 struct fst_iface_cfg cfg;
5490 struct fst_wpa_obj iface_obj;
5491
5492 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5493 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5494 sizeof(cfg.group_id));
5495 cfg.priority = wpa_s->conf->fst_priority;
5496 cfg.llt = wpa_s->conf->fst_llt;
5497
5498 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5499 &iface_obj, &cfg);
5500 if (!wpa_s->fst) {
5501 wpa_msg(wpa_s, MSG_ERROR,
5502 "FST: Cannot attach iface %s to group %s",
5503 wpa_s->ifname, cfg.group_id);
5504 return -1;
5505 }
5506 }
5507#endif /* CONFIG_FST */
5508
116654ce
JM		 5509 if (wpas_wps_init(wpa_s))
5510 return -1;
5511
461d39af
JM		 5512#ifdef CONFIG_GAS_SERVER
5513 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5514 if (!wpa_s->gas_server) {
5515 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5516 return -1;
5517 }
5518#endif /* CONFIG_GAS_SERVER */
5519
be27e185
JM		 5520#ifdef CONFIG_DPP
5521 if (wpas_dpp_init(wpa_s) < 0)
5522 return -1;
5523#endif /* CONFIG_DPP */
5524
6fc6879b
JM		 5525 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5526 return -1;
5527 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5528
5529 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5530 if (wpa_s->ctrl_iface == NULL) {
5531 wpa_printf(MSG_ERROR,
5532 "Failed to initialize control interface '%s'.\n"
5533 "You may have another wpa_supplicant process "
5534 "already running or the file was\n"
5535 "left by an unclean termination of wpa_supplicant "
5536 "in which case you will need\n"
5537 "to manually remove this file before starting "
5538 "wpa_supplicant again.\n",
5539 wpa_s->conf->ctrl_interface);
5540 return -1;
5541 }
5542
04ea7b79
JM		 5543 wpa_s->gas = gas_query_init(wpa_s);
5544 if (wpa_s->gas == NULL) {
5545 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5546 return -1;
5547 }
5548
8fb2b357
VV		 5549 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
5550 wpa_s->p2p_mgmt) &&
5551 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 5552 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 5553 return -1;
5554 }
b22128ef 5555
83922c2d
JM		 5556 if (wpa_bss_init(wpa_s) < 0)
5557 return -1;
83922c2d 5558
4d77d80e
MH		 5559#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5560#ifdef CONFIG_MESH
5561 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5562#endif /* CONFIG_MESH */
5563#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5564
e4fa8b12
EP		 5565 /*
5566 * Set Wake-on-WLAN triggers, if configured.
5567 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5568 * have effect anyway when the interface is down).
5569 */
6cbdb0c5 5570 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 5571 return -1;
5572
ec7b97ab
JM		 5573#ifdef CONFIG_EAP_PROXY
5574{
5575 size_t len;
b5db6e5d
VK		 5576 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5577 wpa_s->imsi, &len);
ec7b97ab
JM		 5578 if (wpa_s->mnc_len > 0) {
5579 wpa_s->imsi[len] = '\0';
5580 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5581 wpa_s->imsi, wpa_s->mnc_len);
5582 } else {
5583 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5584 }
5585}
5586#endif /* CONFIG_EAP_PROXY */
5587
f64adcd7
JM		 5588 if (pcsc_reader_init(wpa_s) < 0)
5589 return -1;
5590
306ae225
JM		 5591 if (wpas_init_ext_pw(wpa_s) < 0)
5592 return -1;
5593
b361d580
AK		 5594 wpas_rrm_reset(wpa_s);
5595
32c02261
AS		 5596 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5597
ca9968a0
JM		 5598#ifdef CONFIG_HS20
5599 hs20_init(wpa_s);
5600#endif /* CONFIG_HS20 */
92c6e2e3 5601#ifdef CONFIG_MBO
332aadb8
AP		 5602 if (wpa_s->conf->oce) {
5603 if ((wpa_s->conf->oce & OCE_STA) &&
5604 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5605 wpa_s->enable_oce = OCE_STA;
5606 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5607 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5608 /* TODO: Need to add STA-CFON support */
5609 wpa_printf(MSG_ERROR,
5610 "OCE STA-CFON feature is not yet supported");
5611 }
5612 }
92c6e2e3
DS		 5613 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5614#endif /* CONFIG_MBO */
ca9968a0 5615
cc9985d1 5616 wpa_supplicant_set_default_scan_ies(wpa_s);
5617
6fc6879b
JM		 5618 return 0;
5619}
5620
5621
2ee055b3 5622static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 5623 int notify, int terminate)
6fc6879b 5624{
26fc96e8
JM		 5625 struct wpa_global *global = wpa_s->global;
5626 struct wpa_supplicant *iface, *prev;
5627
5628 if (wpa_s == wpa_s->parent)
5629 wpas_p2p_group_remove(wpa_s, "*");
5630
5631 iface = global->ifaces;
5632 while (iface) {
96a26ab7
LD		 5633 if (iface->p2pdev == wpa_s)
5634 iface->p2pdev = iface->parent;
26fc96e8
JM		 5635 if (iface == wpa_s || iface->parent != wpa_s) {
5636 iface = iface->next;
5637 continue;
5638 }
5639 wpa_printf(MSG_DEBUG,
5640 "Remove remaining child interface %s from parent %s",
5641 iface->ifname, wpa_s->ifname);
5642 prev = iface;
5643 iface = iface->next;
5644 wpa_supplicant_remove_iface(global, prev, terminate);
5645 }
5646
e679f140 5647 wpa_s->disconnected = 1;
6fc6879b
JM		 5648 if (wpa_s->drv_priv) {
5649 wpa_supplicant_deauthenticate(wpa_s,
5650 WLAN_REASON_DEAUTH_LEAVING);
5651
6fc6879b
JM		 5652 wpa_drv_set_countermeasures(wpa_s, 0);
5653 wpa_clear_keys(wpa_s, NULL);
5654 }
5655
8e56d189 5656 wpa_supplicant_cleanup(wpa_s);
bd10d938 5657 wpas_p2p_deinit_iface(wpa_s);
ab28911d 5658
1f965e62 5659 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 5660 radio_remove_interface(wpa_s);
5661
b36a3a65
AN		 5662#ifdef CONFIG_FST
5663 if (wpa_s->fst) {
5664 fst_detach(wpa_s->fst);
5665 wpa_s->fst = NULL;
5666 }
5667 if (wpa_s->received_mb_ies) {
5668 wpabuf_free(wpa_s->received_mb_ies);
5669 wpa_s->received_mb_ies = NULL;
5670 }
5671#endif /* CONFIG_FST */
5672
6fc6879b
JM		 5673 if (wpa_s->drv_priv)
5674 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 5675
5676 if (notify)
5677 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 5678
5679 if (terminate)
5680 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5681
5682 if (wpa_s->ctrl_iface) {
5683 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5684 wpa_s->ctrl_iface = NULL;
5685 }
5686
603a3f34
JL		 5687#ifdef CONFIG_MESH
5688 if (wpa_s->ifmsh) {
5689 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5690 wpa_s->ifmsh = NULL;
5691 }
5692#endif /* CONFIG_MESH */
5693
f0811516
DS		 5694 if (wpa_s->conf != NULL) {
5695 wpa_config_free(wpa_s->conf);
5696 wpa_s->conf = NULL;
5697 }
18e00b5e 5698
a80651d0
KV		 5699 os_free(wpa_s->ssids_from_scan_req);
5700
18e00b5e 5701 os_free(wpa_s);
6fc6879b
JM		 5702}
5703
5704
2e997eec
RM		 5705#ifdef CONFIG_MATCH_IFACE
5706
5707/**
5708 * wpa_supplicant_match_iface - Match an interface description to a name
5709 * @global: Pointer to global data from wpa_supplicant_init()
5710 * @ifname: Name of the interface to match
5711 * Returns: Pointer to the created interface description or %NULL on failure
5712 */
5713struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5714 const char *ifname)
5715{
5716 int i;
5717 struct wpa_interface *iface, *miface;
5718
5719 for (i = 0; i < global->params.match_iface_count; i++) {
5720 miface = &global->params.match_ifaces[i];
5721 if (!miface->ifname ||
5722 fnmatch(miface->ifname, ifname, 0) == 0) {
5723 iface = os_zalloc(sizeof(*iface));
5724 if (!iface)
5725 return NULL;
5726 *iface = *miface;
5727 iface->ifname = ifname;
5728 return iface;
5729 }
5730 }
5731
5732 return NULL;
5733}
5734
5735
5736/**
5737 * wpa_supplicant_match_existing - Match existing interfaces
5738 * @global: Pointer to global data from wpa_supplicant_init()
5739 * Returns: 0 on success, -1 on failure
5740 */
5741static int wpa_supplicant_match_existing(struct wpa_global *global)
5742{
5743 struct if_nameindex *ifi, *ifp;
5744 struct wpa_supplicant *wpa_s;
5745 struct wpa_interface *iface;
5746
5747 ifp = if_nameindex();
5748 if (!ifp) {
5749 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5750 return -1;
5751 }
5752
5753 for (ifi = ifp; ifi->if_name; ifi++) {
5754 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5755 if (wpa_s)
5756 continue;
5757 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5758 if (iface) {
5759 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5760 os_free(iface);
5761 if (wpa_s)
5762 wpa_s->matched = 1;
5763 }
5764 }
5765
5766 if_freenameindex(ifp);
5767 return 0;
5768}
5769
5770#endif /* CONFIG_MATCH_IFACE */
5771
5772
6fc6879b
JM		 5773/**
5774 * wpa_supplicant_add_iface - Add a new network interface
5775 * @global: Pointer to global data from wpa_supplicant_init()
5776 * @iface: Interface configuration options
1772d348 5777 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 5778 * Returns: Pointer to the created interface or %NULL on failure
5779 *
5780 * This function is used to add new network interfaces for %wpa_supplicant.
5781 * This can be called before wpa_supplicant_run() to add interfaces before the
5782 * main event loop has been started. In addition, new interfaces can be added
5783 * dynamically while %wpa_supplicant is already running. This could happen,
5784 * e.g., when a hotplug network adapter is inserted.
5785 */
5786struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 5787 struct wpa_interface *iface,
5788 struct wpa_supplicant *parent)
6fc6879b
JM		 5789{
5790 struct wpa_supplicant *wpa_s;
d27df100 5791 struct wpa_interface t_iface;
8e56d189 5792 struct wpa_ssid *ssid;
6fc6879b
JM		 5793
5794 if (global == NULL || iface == NULL)
5795 return NULL;
5796
1772d348 5797 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 5798 if (wpa_s == NULL)
5799 return NULL;
5800
d8222ae3
JM		 5801 wpa_s->global = global;
5802
d27df100
JM		 5803 t_iface = *iface;
5804 if (global->params.override_driver) {
5805 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5806 "('%s' -> '%s')",
5807 iface->driver, global->params.override_driver);
5808 t_iface.driver = global->params.override_driver;
5809 }
5810 if (global->params.override_ctrl_interface) {
5811 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5812 "ctrl_interface ('%s' -> '%s')",
5813 iface->ctrl_interface,
5814 global->params.override_ctrl_interface);
5815 t_iface.ctrl_interface =
5816 global->params.override_ctrl_interface;
5817 }
5818 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 5819 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5820 iface->ifname);
df509539 5821 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 5822 return NULL;
5823 }
5824
21efc940
TB		 5825 if (iface->p2p_mgmt == 0) {
5826 /* Notify the control interfaces about new iface */
5827 if (wpas_notify_iface_added(wpa_s)) {
5828 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5829 return NULL;
5830 }
1bd3f426 5831
21efc940
TB		 5832 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5833 wpas_notify_network_added(wpa_s, ssid);
5834 }
8e56d189 5835
6fc6879b
JM		 5836 wpa_s->next = global->ifaces;
5837 global->ifaces = wpa_s;
5838
f049052b 5839 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 5840 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 5841
c3c4b3ed
JM		 5842#ifdef CONFIG_P2P
5843 if (wpa_s->global->p2p == NULL &&
74802c09 5844 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 5845 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 5846 wpas_p2p_add_p2pdev_interface(
5847 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 5848 wpa_printf(MSG_INFO,
5849 "P2P: Failed to enable P2P Device interface");
5850 /* Try to continue without. P2P will be disabled. */
5851 }
5852#endif /* CONFIG_P2P */
5853
6fc6879b
JM		 5854 return wpa_s;
5855}
5856
5857
5858/**
5859 * wpa_supplicant_remove_iface - Remove a network interface
5860 * @global: Pointer to global data from wpa_supplicant_init()
5861 * @wpa_s: Pointer to the network interface to be removed
5862 * Returns: 0 if interface was removed, -1 if interface was not found
5863 *
5864 * This function can be used to dynamically remove network interfaces from
5865 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5866 * addition, this function is used to remove all remaining interfaces when
5867 * %wpa_supplicant is terminated.
5868 */
5869int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 5870 struct wpa_supplicant *wpa_s,
5871 int terminate)
6fc6879b
JM		 5872{
5873 struct wpa_supplicant *prev;
5b78493f
MH		 5874#ifdef CONFIG_MESH
5875 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5876 char *ifname = NULL;
9b170991 5877 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 5878#endif /* CONFIG_MESH */
6fc6879b
JM		 5879
5880 /* Remove interface from the global list of interfaces */
5881 prev = global->ifaces;
5882 if (prev == wpa_s) {
5883 global->ifaces = wpa_s->next;
5884 } else {
5885 while (prev && prev->next != wpa_s)
5886 prev = prev->next;
5887 if (prev == NULL)
5888 return -1;
5889 prev->next = wpa_s->next;
5890 }
5891
f049052b 5892 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 5893
5b78493f
MH		 5894#ifdef CONFIG_MESH
5895 if (mesh_if_created) {
5896 ifname = os_strdup(wpa_s->ifname);
5897 if (ifname == NULL) {
5898 wpa_dbg(wpa_s, MSG_ERROR,
5899 "mesh: Failed to malloc ifname");
5900 return -1;
5901 }
5902 }
5903#endif /* CONFIG_MESH */
5904
b22128ef
JM		 5905 if (global->p2p_group_formation == wpa_s)
5906 global->p2p_group_formation = NULL;
dbca75f8
JM		 5907 if (global->p2p_invite_group == wpa_s)
5908 global->p2p_invite_group = NULL;
df509539 5909 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 5910
5b78493f
MH		 5911#ifdef CONFIG_MESH
5912 if (mesh_if_created) {
9b170991 5913 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 5914 os_free(ifname);
5915 }
5916#endif /* CONFIG_MESH */
5917
6fc6879b
JM		 5918 return 0;
5919}
5920
5921
cf83fb0b
PS		 5922/**
5923 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5924 * @wpa_s: Pointer to the network interface
5925 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5926 */
5927const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5928{
5929 const char *eapol_method;
5930
5931 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5932 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5933 return "NO-EAP";
5934 }
5935
5936 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5937 if (eapol_method == NULL)
5938 return "UNKNOWN-EAP";
5939
5940 return eapol_method;
5941}
5942
5943
6fc6879b
JM		 5944/**
5945 * wpa_supplicant_get_iface - Get a new network interface
5946 * @global: Pointer to global data from wpa_supplicant_init()
5947 * @ifname: Interface name
5948 * Returns: Pointer to the interface or %NULL if not found
5949 */
5950struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5951 const char *ifname)
5952{
5953 struct wpa_supplicant *wpa_s;
5954
5955 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5956 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5957 return wpa_s;
5958 }
5959 return NULL;
5960}
5961
5962
50b16da1 5963#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 5964static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5965{
5966 struct wpa_supplicant *wpa_s = ctx;
5967 if (wpa_s == NULL)
5968 return NULL;
5969 return wpa_s->ifname;
5970}
50b16da1 5971#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 5972
5973
8c0d0ff2
JM		 5974#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5975#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5976#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5977
5978/* Periodic cleanup tasks */
5979static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5980{
5981 struct wpa_global *global = eloop_ctx;
5982 struct wpa_supplicant *wpa_s;
5983
5984 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5985 wpas_periodic, global, NULL);
5986
5987#ifdef CONFIG_P2P
5988 if (global->p2p)
5989 p2p_expire_peers(global->p2p);
5990#endif /* CONFIG_P2P */
5991
3188aaba 5992 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 5993 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 5994#ifdef CONFIG_AP
5995 ap_periodic(wpa_s);
5996#endif /* CONFIG_AP */
5997 }
8c0d0ff2
JM		 5998}
5999
6000
6fc6879b
JM		 6001/**
6002 * wpa_supplicant_init - Initialize %wpa_supplicant
6003 * @params: Parameters for %wpa_supplicant
6004 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6005 *
6006 * This function is used to initialize %wpa_supplicant. After successful
6007 * initialization, the returned data pointer can be used to add and remove
6008 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6009 */
6010struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6011{
6012 struct wpa_global *global;
ac305589 6013 int ret, i;
6fc6879b
JM		 6014
6015 if (params == NULL)
6016 return NULL;
6017
39e7d718
JM		 6018#ifdef CONFIG_DRIVER_NDIS
6019 {
6020 void driver_ndis_init_ops(void);
6021 driver_ndis_init_ops();
6022 }
6023#endif /* CONFIG_DRIVER_NDIS */
6024
50b16da1 6025#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6026 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6027#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6028
f4637fe0
JM		 6029 if (params->wpa_debug_file_path)
6030 wpa_debug_open_file(params->wpa_debug_file_path);
6031 else
6032 wpa_debug_setup_stdout();
daa70d49
SL		 6033 if (params->wpa_debug_syslog)
6034 wpa_debug_open_syslog();
4f68895e
JB		 6035 if (params->wpa_debug_tracing) {
6036 ret = wpa_debug_open_linux_tracing();
6037 if (ret) {
6038 wpa_printf(MSG_ERROR,
6039 "Failed to enable trace logging");
6040 return NULL;
6041 }
6042 }
6fc6879b 6043
12760815 6044 ret = eap_register_methods();
6fc6879b
JM		 6045 if (ret) {
6046 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6047 if (ret == -2)
6048 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6049 "the same EAP type.");
6050 return NULL;
6051 }
6052
6053 global = os_zalloc(sizeof(*global));
6054 if (global == NULL)
6055 return NULL;
b22128ef
JM		 6056 dl_list_init(&global->p2p_srv_bonjour);
6057 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6058 global->params.daemonize = params->daemonize;
6059 global->params.wait_for_monitor = params->wait_for_monitor;
6060 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6061 if (params->pid_file)
6062 global->params.pid_file = os_strdup(params->pid_file);
6063 if (params->ctrl_interface)
6064 global->params.ctrl_interface =
6065 os_strdup(params->ctrl_interface);
29257565
JM		 6066 if (params->ctrl_interface_group)
6067 global->params.ctrl_interface_group =
6068 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6069 if (params->override_driver)
6070 global->params.override_driver =
6071 os_strdup(params->override_driver);
6072 if (params->override_ctrl_interface)
6073 global->params.override_ctrl_interface =
6074 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6075#ifdef CONFIG_MATCH_IFACE
6076 global->params.match_iface_count = params->match_iface_count;
6077 if (params->match_iface_count) {
6078 global->params.match_ifaces =
6079 os_calloc(params->match_iface_count,
6080 sizeof(struct wpa_interface));
6081 os_memcpy(global->params.match_ifaces,
6082 params->match_ifaces,
6083 params->match_iface_count *
6084 sizeof(struct wpa_interface));
6085 }
6086#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6087#ifdef CONFIG_P2P
6088 if (params->conf_p2p_dev)
6089 global->params.conf_p2p_dev =
6090 os_strdup(params->conf_p2p_dev);
6091#endif /* CONFIG_P2P */
6fc6879b
JM		 6092 wpa_debug_level = global->params.wpa_debug_level =
6093 params->wpa_debug_level;
6094 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6095 params->wpa_debug_show_keys;
6096 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6097 params->wpa_debug_timestamp;
6098
f19858f5
JM		 6099 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6100
0456ea16 6101 if (eloop_init()) {
6fc6879b
JM		 6102 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6103 wpa_supplicant_deinit(global);
6104 return NULL;
6105 }
6106
38e24575 6107 random_init(params->entropy_file);
d47fa330 6108
6fc6879b
JM		 6109 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6110 if (global->ctrl_iface == NULL) {
6111 wpa_supplicant_deinit(global);
6112 return NULL;
6113 }
6114
dc461de4
WS		 6115 if (wpas_notify_supplicant_initialized(global)) {
6116 wpa_supplicant_deinit(global);
6117 return NULL;
6fc6879b
JM		 6118 }
6119
c5121837 6120 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6121 global->drv_count++;
6122 if (global->drv_count == 0) {
6123 wpa_printf(MSG_ERROR, "No drivers enabled");
6124 wpa_supplicant_deinit(global);
6125 return NULL;
6126 }
faebdeaa 6127 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6128 if (global->drv_priv == NULL) {
6129 wpa_supplicant_deinit(global);
6130 return NULL;
6131 }
ac305589 6132
9675ce35
JM		 6133#ifdef CONFIG_WIFI_DISPLAY
6134 if (wifi_display_init(global) < 0) {
6135 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6136 wpa_supplicant_deinit(global);
6137 return NULL;
6138 }
6139#endif /* CONFIG_WIFI_DISPLAY */
6140
8c0d0ff2
JM		 6141 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6142 wpas_periodic, global, NULL);
6143
6fc6879b
JM		 6144 return global;
6145}
6146
6147
6148/**
6149 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6150 * @global: Pointer to global data from wpa_supplicant_init()
6151 * Returns: 0 after successful event loop run, -1 on failure
6152 *
6153 * This function starts the main event loop and continues running as long as
6154 * there are any remaining events. In most cases, this function is running as
6155 * long as the %wpa_supplicant process in still in use.
6156 */
6157int wpa_supplicant_run(struct wpa_global *global)
6158{
6159 struct wpa_supplicant *wpa_s;
6160
6161 if (global->params.daemonize &&
2e69bdd1
RM		 6162 (wpa_supplicant_daemon(global->params.pid_file) ||
6163 eloop_sock_requeue()))
6fc6879b
JM		 6164 return -1;
6165
2e997eec
RM		 6166#ifdef CONFIG_MATCH_IFACE
6167 if (wpa_supplicant_match_existing(global))
6168 return -1;
6169#endif
6170
6fc6879b
JM		 6171 if (global->params.wait_for_monitor) {
6172 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6173 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6174 wpa_supplicant_ctrl_iface_wait(
6175 wpa_s->ctrl_iface);
6176 }
6177
0456ea16
JM		 6178 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6179 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6180
6181 eloop_run();
6182
6183 return 0;
6184}
6185
6186
6187/**
6188 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6189 * @global: Pointer to global data from wpa_supplicant_init()
6190 *
6191 * This function is called to deinitialize %wpa_supplicant and to free all
6192 * allocated resources. Remaining network interfaces will also be removed.
6193 */
6194void wpa_supplicant_deinit(struct wpa_global *global)
6195{
ac305589
JM		 6196 int i;
6197
6fc6879b
JM		 6198 if (global == NULL)
6199 return;
6200
8c0d0ff2
JM		 6201 eloop_cancel_timeout(wpas_periodic, global, NULL);
6202
9675ce35
JM		 6203#ifdef CONFIG_WIFI_DISPLAY
6204 wifi_display_deinit(global);
6205#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6206
6fc6879b 6207 while (global->ifaces)
df509539 6208 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6209
6210 if (global->ctrl_iface)
6211 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6212
6213 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6214
6215 eap_peer_unregister_methods();
3ec97afe
JM		 6216#ifdef CONFIG_AP
6217 eap_server_unregister_methods();
6218#endif /* CONFIG_AP */
6fc6879b 6219
c5121837 6220 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6221 if (!global->drv_priv[i])
6222 continue;
c5121837 6223 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6224 }
6225 os_free(global->drv_priv);
6226
d47fa330
JM		 6227 random_deinit();
6228
6fc6879b
JM		 6229 eloop_destroy();
6230
6231 if (global->params.pid_file) {
6232 os_daemonize_terminate(global->params.pid_file);
6233 os_free(global->params.pid_file);
6234 }
6235 os_free(global->params.ctrl_interface);
29257565 6236 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6237 os_free(global->params.override_driver);
6238 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6239#ifdef CONFIG_MATCH_IFACE
6240 os_free(global->params.match_ifaces);
6241#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6242#ifdef CONFIG_P2P
6243 os_free(global->params.conf_p2p_dev);
6244#endif /* CONFIG_P2P */
6fc6879b 6245
af8a827b 6246 os_free(global->p2p_disallow_freq.range);
253f2e37 6247 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6248 os_free(global->add_psk);
6f3bc72b 6249
6fc6879b 6250 os_free(global);
daa70d49 6251 wpa_debug_close_syslog();
6fc6879b 6252 wpa_debug_close_file();
4f68895e 6253 wpa_debug_close_linux_tracing();
6fc6879b 6254}
611aea7d
JM		 6255
6256
6257void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6258{
849b5dc7
JM		 6259 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6260 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6261 char country[3];
6262 country[0] = wpa_s->conf->country[0];
6263 country[1] = wpa_s->conf->country[1];
6264 country[2] = '\0';
6265 if (wpa_drv_set_country(wpa_s, country) < 0) {
6266 wpa_printf(MSG_ERROR, "Failed to set country code "
6267 "'%s'", country);
6268 }
6269 }
6270
306ae225
JM		 6271 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6272 wpas_init_ext_pw(wpa_s);
6273
bea48f77
JM		 6274 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6275 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6276
3c7863f8
LD		 6277 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6278 struct wpa_driver_capa capa;
6279 int res = wpa_drv_get_capa(wpa_s, &capa);
6280
6281 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6282 wpa_printf(MSG_ERROR,
6283 "Failed to update wowlan_triggers to '%s'",
6284 wpa_s->conf->wowlan_triggers);
6285 }
6286
611aea7d
JM		 6287#ifdef CONFIG_WPS
6288 wpas_wps_update_config(wpa_s);
6289#endif /* CONFIG_WPS */
b22128ef 6290 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 6291 wpa_s->conf->changed_parameters = 0;
6292}
2f9c6aa6
JM		 6293
6294
e1117c1c 6295void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 6296{
6297 int i;
6298
6299 for (i = 0; i < *num_freqs; i++) {
6300 if (freqs[i] == freq)
6301 return;
6302 }
6303
6304 freqs[*num_freqs] = freq;
6305 (*num_freqs)++;
6306}
6307
6308
6309static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6310{
6311 struct wpa_bss *bss, *cbss;
6312 const int max_freqs = 10;
6313 int *freqs;
6314 int num_freqs = 0;
6315
faebdeaa 6316 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 6317 if (freqs == NULL)
6318 return NULL;
6319
6320 cbss = wpa_s->current_bss;
6321
6322 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6323 if (bss == cbss)
6324 continue;
6325 if (bss->ssid_len == cbss->ssid_len &&
6326 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6327 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6328 add_freq(freqs, &num_freqs, bss->freq);
6329 if (num_freqs == max_freqs)
6330 break;
6331 }
6332 }
6333
6334 if (num_freqs == 0) {
6335 os_free(freqs);
6336 freqs = NULL;
6337 }
6338
6339 return freqs;
6340}
6341
6342
6343void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6344{
6345 int timeout;
6346 int count;
6347 int *freqs = NULL;
6348
6ac4b15e
JM		 6349 wpas_connect_work_done(wpa_s);
6350
5fd9fb27
JM		 6351 /*
6352 * Remove possible authentication timeout since the connection failed.
6353 */
6354 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6355
c2805909
JM		 6356 /*
6357 * There is no point in blacklisting the AP if this event is
6358 * generated based on local request to disconnect.
6359 */
6360 if (wpa_s->own_disconnect_req) {
6361 wpa_s->own_disconnect_req = 0;
6362 wpa_dbg(wpa_s, MSG_DEBUG,
6363 "Ignore connection failure due to local request to disconnect");
6364 return;
6365 }
0cdb93fe 6366 if (wpa_s->disconnected) {
0cdb93fe
JM		 6367 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6368 "indication since interface has been put into "
6369 "disconnected state");
6370 return;
6371 }
6372
0fb337c1
JM		 6373 /*
6374 * Add the failed BSSID into the blacklist and speed up next scan
6375 * attempt if there could be other APs that could accept association.
6376 * The current blacklist count indicates how many times we have tried
6377 * connecting to this AP and multiple attempts mean that other APs are
6378 * either not available or has already been tried, so that we can start
6379 * increasing the delay here to avoid constant scanning.
6380 */
6381 count = wpa_blacklist_add(wpa_s, bssid);
6382 if (count == 1 && wpa_s->current_bss) {
6383 /*
6384 * This BSS was not in the blacklist before. If there is
6385 * another BSS available for the same ESS, we should try that
6386 * next. Otherwise, we may as well try this one once more
6387 * before allowing other, likely worse, ESSes to be considered.
6388 */
6389 freqs = get_bss_freqs_in_ess(wpa_s);
6390 if (freqs) {
f049052b
BG		 6391 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6392 "has been seen; try it next");
0fb337c1
JM		 6393 wpa_blacklist_add(wpa_s, bssid);
6394 /*
6395 * On the next scan, go through only the known channels
6396 * used in this ESS based on previous scans to speed up
6397 * common load balancing use case.
6398 */
6399 os_free(wpa_s->next_scan_freqs);
6400 wpa_s->next_scan_freqs = freqs;
6401 }
6402 }
6403
f1a52633
JM		 6404 /*
6405 * Add previous failure count in case the temporary blacklist was
6406 * cleared due to no other BSSes being available.
6407 */
6408 count += wpa_s->extra_blacklist_count;
6409
dd579704
JM		 6410 if (count > 3 && wpa_s->current_ssid) {
6411 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6412 "consider temporary network disabling");
b19c098e 6413 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 6414 }
6415
0fb337c1
JM		 6416 switch (count) {
6417 case 1:
6418 timeout = 100;
6419 break;
6420 case 2:
6421 timeout = 500;
6422 break;
6423 case 3:
6424 timeout = 1000;
6425 break;
f1a52633 6426 case 4:
0fb337c1 6427 timeout = 5000;
f1a52633
JM		 6428 break;
6429 default:
6430 timeout = 10000;
6431 break;
0fb337c1
JM		 6432 }
6433
f1a52633
JM		 6434 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6435 "ms", count, timeout);
6436
0fb337c1
JM		 6437 /*
6438 * TODO: if more than one possible AP is available in scan results,
6439 * could try the other ones before requesting a new scan.
6440 */
6441 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6442 1000 * (timeout % 1000));
6443}
22628eca
JM		 6444
6445
6446int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6447{
6448 return wpa_s->conf->ap_scan == 2 ||
6449 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6450}
d2118814
JM		 6451
6452
6453#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6454int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6455 struct wpa_ssid *ssid,
6456 const char *field,
6457 const char *value)
6458{
6459#ifdef IEEE8021X_EAPOL
6460 struct eap_peer_config *eap = &ssid->eap;
6461
6462 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6463 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6464 (const u8 *) value, os_strlen(value));
6465
6466 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6467 case WPA_CTRL_REQ_EAP_IDENTITY:
6468 os_free(eap->identity);
6469 eap->identity = (u8 *) os_strdup(value);
6470 eap->identity_len = os_strlen(value);
6471 eap->pending_req_identity = 0;
6472 if (ssid == wpa_s->current_ssid)
6473 wpa_s->reassociate = 1;
6474 break;
6475 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 6476 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 6477 eap->password = (u8 *) os_strdup(value);
6478 eap->password_len = os_strlen(value);
6479 eap->pending_req_password = 0;
6480 if (ssid == wpa_s->current_ssid)
6481 wpa_s->reassociate = 1;
6482 break;
6483 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 6484 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 6485 eap->new_password = (u8 *) os_strdup(value);
6486 eap->new_password_len = os_strlen(value);
6487 eap->pending_req_new_password = 0;
6488 if (ssid == wpa_s->current_ssid)
6489 wpa_s->reassociate = 1;
6490 break;
6491 case WPA_CTRL_REQ_EAP_PIN:
19c48da0 6492 str_clear_free(eap->pin);
d2118814
JM		 6493 eap->pin = os_strdup(value);
6494 eap->pending_req_pin = 0;
6495 if (ssid == wpa_s->current_ssid)
6496 wpa_s->reassociate = 1;
6497 break;
6498 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 6499 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 6500 eap->otp = (u8 *) os_strdup(value);
6501 eap->otp_len = os_strlen(value);
6502 os_free(eap->pending_req_otp);
6503 eap->pending_req_otp = NULL;
6504 eap->pending_req_otp_len = 0;
6505 break;
6506 case WPA_CTRL_REQ_EAP_PASSPHRASE:
19c48da0
JM		 6507 str_clear_free(eap->private_key_passwd);
6508 eap->private_key_passwd = os_strdup(value);
d2118814
JM		 6509 eap->pending_req_passphrase = 0;
6510 if (ssid == wpa_s->current_ssid)
6511 wpa_s->reassociate = 1;
6512 break;
a5d44ac0 6513 case WPA_CTRL_REQ_SIM:
19c48da0 6514 str_clear_free(eap->external_sim_resp);
a5d44ac0 6515 eap->external_sim_resp = os_strdup(value);
ed9b1c16 6516 eap->pending_req_sim = 0;
a5d44ac0 6517 break;
a52410c2
JM		 6518 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6519 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6520 return -1;
6521 ssid->mem_only_psk = 1;
6522 if (ssid->passphrase)
6523 wpa_config_update_psk(ssid);
6524 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6525 wpa_supplicant_req_scan(wpa_s, 0, 0);
6526 break;
3c108b75
JM		 6527 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6528 if (eap->pending_ext_cert_check != PENDING_CHECK)
6529 return -1;
6530 if (os_strcmp(value, "good") == 0)
6531 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6532 else if (os_strcmp(value, "bad") == 0)
6533 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6534 else
6535 return -1;
6536 break;
d2118814
JM		 6537 default:
6538 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6539 return -1;
6540 }
6541
6542 return 0;
6543#else /* IEEE8021X_EAPOL */
6544 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6545 return -1;
6546#endif /* IEEE8021X_EAPOL */
6547}
6548#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 6549
6550
6551int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6552{
6553 int i;
6554 unsigned int drv_enc;
6555
44b9ea5b
JM		 6556 if (wpa_s->p2p_mgmt)
6557 return 1; /* no normal network profiles on p2p_mgmt interface */
6558
349493bd
JM		 6559 if (ssid == NULL)
6560 return 1;
6561
6562 if (ssid->disabled)
6563 return 1;
6564
9feadba1 6565 if (wpa_s->drv_capa_known)
349493bd
JM		 6566 drv_enc = wpa_s->drv_enc;
6567 else
6568 drv_enc = (unsigned int) -1;
6569
6570 for (i = 0; i < NUM_WEP_KEYS; i++) {
6571 size_t len = ssid->wep_key_len[i];
6572 if (len == 0)
6573 continue;
6574 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6575 continue;
6576 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6577 continue;
6578 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6579 continue;
6580 return 1; /* invalid WEP key */
6581 }
6582
9173b16f 6583 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 6584 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 6585 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 6586 !ssid->mem_only_psk)
2518aad3
JM		 6587 return 1;
6588
349493bd
JM		 6589 return 0;
6590}
b9cfc09a
JJ		 6591
6592
3f56a2b7
JM		 6593int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6594{
6595#ifdef CONFIG_IEEE80211W
6596 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6597 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6598 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6599 /*
6600 * Driver does not support BIP -- ignore pmf=1 default
6601 * since the connection with PMF would fail and the
6602 * configuration does not require PMF to be enabled.
6603 */
6604 return NO_MGMT_FRAME_PROTECTION;
6605 }
6606
22950049
JM		 6607 if (ssid &&
6608 (ssid->key_mgmt &
6609 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6610 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6611 /*
6612 * Do not use the default PMF value for non-RSN networks
6613 * since PMF is available only with RSN and pmf=2
6614 * configuration would otherwise prevent connections to
6615 * all open networks.
6616 */
6617 return NO_MGMT_FRAME_PROTECTION;
6618 }
6619
3f56a2b7
JM		 6620 return wpa_s->conf->pmf;
6621 }
6622
6623 return ssid->ieee80211w;
6624#else /* CONFIG_IEEE80211W */
6625 return NO_MGMT_FRAME_PROTECTION;
6626#endif /* CONFIG_IEEE80211W */
6627}
6628
6629
b9cfc09a
JJ		 6630int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6631{
6632 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6633 return 1;
6634 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6635 return 0;
6636 return -1;
6637}
00e5e3d5
JM		 6638
6639
b19c098e 6640void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 6641{
6642 struct wpa_ssid *ssid = wpa_s->current_ssid;
6643 int dur;
4e1eae1d 6644 struct os_reltime now;
00e5e3d5
JM		 6645
6646 if (ssid == NULL) {
6647 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6648 "SSID block");
6649 return;
6650 }
6651
6652 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6653 return;
6654
6655 ssid->auth_failures++;
cbf41ca7
SL		 6656
6657#ifdef CONFIG_P2P
6658 if (ssid->p2p_group &&
6659 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6660 /*
6661 * Skip the wait time since there is a short timeout on the
6662 * connection to a P2P group.
6663 */
6664 return;
6665 }
6666#endif /* CONFIG_P2P */
6667
00e5e3d5
JM		 6668 if (ssid->auth_failures > 50)
6669 dur = 300;
00e5e3d5 6670 else if (ssid->auth_failures > 10)
8a77f1be 6671 dur = 120;
00e5e3d5 6672 else if (ssid->auth_failures > 5)
8a77f1be
JM		 6673 dur = 90;
6674 else if (ssid->auth_failures > 3)
6675 dur = 60;
6676 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 6677 dur = 30;
6678 else if (ssid->auth_failures > 1)
6679 dur = 20;
6680 else
6681 dur = 10;
6682
8a77f1be
JM		 6683 if (ssid->auth_failures > 1 &&
6684 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6685 dur += os_random() % (ssid->auth_failures * 10);
6686
4e1eae1d 6687 os_get_reltime(&now);
00e5e3d5
JM		 6688 if (now.sec + dur <= ssid->disabled_until.sec)
6689 return;
6690
6691 ssid->disabled_until.sec = now.sec + dur;
6692
6693 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 6694 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 6695 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 6696 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 6697}
6698
6699
6700void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6701 struct wpa_ssid *ssid, int clear_failures)
6702{
6703 if (ssid == NULL)
6704 return;
6705
6706 if (ssid->disabled_until.sec) {
6707 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6708 "id=%d ssid=\"%s\"",
6709 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6710 }
6711 ssid->disabled_until.sec = 0;
6712 ssid->disabled_until.usec = 0;
6713 if (clear_failures)
6714 ssid->auth_failures = 0;
6715}
6407f413
JM		 6716
6717
6718int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6719{
6720 size_t i;
6721
6722 if (wpa_s->disallow_aps_bssid == NULL)
6723 return 0;
6724
6725 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6726 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6727 bssid, ETH_ALEN) == 0)
6728 return 1;
6729 }
6730
6731 return 0;
6732}
6733
6734
6735int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6736 size_t ssid_len)
6737{
6738 size_t i;
6739
6740 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6741 return 0;
6742
6743 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6744 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6745 if (ssid_len == s->ssid_len &&
6746 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6747 return 1;
6748 }
6749
6750 return 0;
6751}
9796a86c
JM		 6752
6753
6754/**
6755 * wpas_request_connection - Request a new connection
6756 * @wpa_s: Pointer to the network interface
6757 *
6758 * This function is used to request a new connection to be found. It will mark
6759 * the interface to allow reassociation and request a new scan to find a
6760 * suitable network to connect to.
6761 */
6762void wpas_request_connection(struct wpa_supplicant *wpa_s)
6763{
6764 wpa_s->normal_scans = 0;
5214f4fa 6765 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 6766 wpa_supplicant_reinit_autoscan(wpa_s);
6767 wpa_s->extra_blacklist_count = 0;
6768 wpa_s->disconnected = 0;
6769 wpa_s->reassociate = 1;
2cb40e9f 6770 wpa_s->last_owe_group = 0;
5e24beae
MH		 6771
6772 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6773 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 6774 else
6775 wpa_s->reattach = 0;
9796a86c 6776}
36b9883d
DG		 6777
6778
5f040be4
RP		 6779/**
6780 * wpas_request_disconnection - Request disconnection
6781 * @wpa_s: Pointer to the network interface
6782 *
6783 * This function is used to request disconnection from the currently connected
6784 * network. This will stop any ongoing scans and initiate deauthentication.
6785 */
6786void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6787{
6788#ifdef CONFIG_SME
6789 wpa_s->sme.prev_bssid_set = 0;
6790#endif /* CONFIG_SME */
6791 wpa_s->reassociate = 0;
6792 wpa_s->disconnected = 1;
6793 wpa_supplicant_cancel_sched_scan(wpa_s);
6794 wpa_supplicant_cancel_scan(wpa_s);
6795 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6796 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6797}
6798
6799
a0c90bb0
IP		 6800void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6801 struct wpa_used_freq_data *freqs_data,
6802 unsigned int len)
6803{
6804 unsigned int i;
6805
6806 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6807 len, title);
6808 for (i = 0; i < len; i++) {
6809 struct wpa_used_freq_data *cur = &freqs_data[i];
6810 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6811 i, cur->freq, cur->flags);
6812 }
6813}
6814
6815
53c5dfc2
IP		 6816/*
6817 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 6818 * are using the same radio as the current interface, and in addition, get
6819 * information about the interface types that are using the frequency.
53c5dfc2 6820 */
a0c90bb0
IP		 6821int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6822 struct wpa_used_freq_data *freqs_data,
6823 unsigned int len)
53c5dfc2 6824{
53c5dfc2
IP		 6825 struct wpa_supplicant *ifs;
6826 u8 bssid[ETH_ALEN];
6827 int freq;
6828 unsigned int idx = 0, i;
6829
217cf499
JM		 6830 wpa_dbg(wpa_s, MSG_DEBUG,
6831 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 6832 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 6833
0ad3b9c4
JM		 6834 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6835 radio_list) {
a0c90bb0
IP		 6836 if (idx == len)
6837 break;
6838
53c5dfc2
IP		 6839 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6840 continue;
6841
6842 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 6843 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6844 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 6845 freq = ifs->current_ssid->frequency;
6846 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6847 freq = ifs->assoc_freq;
6848 else
6849 continue;
6850
6851 /* Hold only distinct freqs */
6852 for (i = 0; i < idx; i++)
a0c90bb0 6853 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 6854 break;
6855
6856 if (i == idx)
a0c90bb0
IP		 6857 freqs_data[idx++].freq = freq;
6858
6859 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 6860 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 6861 WPA_FREQ_USED_BY_P2P_CLIENT :
6862 WPA_FREQ_USED_BY_INFRA_STATION;
6863 }
53c5dfc2 6864 }
217cf499 6865
a0c90bb0 6866 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 6867 return idx;
6868}
a0c90bb0
IP		 6869
6870
6871/*
6872 * Find the operating frequencies of any of the virtual interfaces that
6873 * are using the same radio as the current interface.
6874 */
6875int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6876 int *freq_array, unsigned int len)
6877{
6878 struct wpa_used_freq_data *freqs_data;
6879 int num, i;
6880
6881 os_memset(freq_array, 0, sizeof(int) * len);
6882
6883 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6884 if (!freqs_data)
6885 return -1;
6886
6887 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6888 for (i = 0; i < num; i++)
6889 freq_array[i] = freqs_data[i].freq;
6890
6891 os_free(freqs_data);
6892
6893 return num;
6894}
b361d580
AK		 6895
6896
af041f99
AA		 6897struct wpa_supplicant *
6898wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6899{
6900 switch (frame) {
6901#ifdef CONFIG_P2P
6902 case VENDOR_ELEM_PROBE_REQ_P2P:
6903 case VENDOR_ELEM_PROBE_RESP_P2P:
6904 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6905 case VENDOR_ELEM_BEACON_P2P_GO:
6906 case VENDOR_ELEM_P2P_PD_REQ:
6907 case VENDOR_ELEM_P2P_PD_RESP:
6908 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6909 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6910 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6911 case VENDOR_ELEM_P2P_INV_REQ:
6912 case VENDOR_ELEM_P2P_INV_RESP:
6913 case VENDOR_ELEM_P2P_ASSOC_REQ:
6914 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 6915 return wpa_s->p2pdev;
af041f99
AA		 6916#endif /* CONFIG_P2P */
6917 default:
6918 return wpa_s;
6919 }
6920}
6921
6922
6923void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6924{
6925 unsigned int i;
6926 char buf[30];
6927
6928 wpa_printf(MSG_DEBUG, "Update vendor elements");
6929
6930 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6931 if (wpa_s->vendor_elem[i]) {
6932 int res;
6933
6934 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6935 if (!os_snprintf_error(sizeof(buf), res)) {
6936 wpa_hexdump_buf(MSG_DEBUG, buf,
6937 wpa_s->vendor_elem[i]);
6938 }
6939 }
6940 }
6941
6942#ifdef CONFIG_P2P
6943 if (wpa_s->parent == wpa_s &&
6944 wpa_s->global->p2p &&
6945 !wpa_s->global->p2p_disabled)
6946 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6947#endif /* CONFIG_P2P */
6948}
6949
6950
6951int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6952 const u8 *elem, size_t len)
6953{
6954 u8 *ie, *end;
6955
6956 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6957 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6958
6959 for (; ie + 1 < end; ie += 2 + ie[1]) {
6960 if (ie + len > end)
6961 break;
6962 if (os_memcmp(ie, elem, len) != 0)
6963 continue;
6964
6965 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6966 wpabuf_free(wpa_s->vendor_elem[frame]);
6967 wpa_s->vendor_elem[frame] = NULL;
6968 } else {
6969 os_memmove(ie, ie + len, end - (ie + len));
6970 wpa_s->vendor_elem[frame]->used -= len;
6971 }
6972 wpas_vendor_elem_update(wpa_s);
6973 return 0;
6974 }
6975
6976 return -1;
6977}
ea69d973
AS		 6978
6979
6980struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6981 u16 num_modes, enum hostapd_hw_mode mode)
6982{
6983 u16 i;
6984
6985 for (i = 0; i < num_modes; i++) {
6986 if (modes[i].mode == mode)
6987 return &modes[i];
6988 }
6989
6990 return NULL;
6991}
dd599908
AS		 6992
6993
6994static struct
6995wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6996 const u8 *bssid)
6997{
6998 struct wpa_bss_tmp_disallowed *bss;
6999
7000 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7001 struct wpa_bss_tmp_disallowed, list) {
7002 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7003 return bss;
7004 }
7005
7006 return NULL;
7007}
7008
7009
b04854ce
AP		 7010static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7011{
7012 struct wpa_bss_tmp_disallowed *tmp;
7013 unsigned int num_bssid = 0;
7014 u8 *bssids;
7015 int ret;
7016
7017 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7018 if (!bssids)
7019 return -1;
7020 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7021 struct wpa_bss_tmp_disallowed, list) {
7022 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7023 ETH_ALEN);
7024 num_bssid++;
7025 }
7026 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7027 os_free(bssids);
7028 return ret;
7029}
7030
7031
7032static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7033{
7034 struct wpa_supplicant *wpa_s = eloop_ctx;
7035 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7036
7037 /* Make sure the bss is not already freed */
7038 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7039 struct wpa_bss_tmp_disallowed, list) {
7040 if (bss == tmp) {
7041 dl_list_del(&tmp->list);
7042 os_free(tmp);
7043 wpa_set_driver_tmp_disallow_list(wpa_s);
7044 break;
7045 }
7046 }
7047}
7048
7049
dd599908
AS		 7050void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7051 unsigned int sec)
7052{
7053 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7054
7055 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7056 if (bss) {
b04854ce
AP		 7057 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7058 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7059 wpa_s, bss);
dd599908
AS		 7060 return;
7061 }
7062
7063 bss = os_malloc(sizeof(*bss));
7064 if (!bss) {
7065 wpa_printf(MSG_DEBUG,
7066 "Failed to allocate memory for temp disallow BSS");
7067 return;
7068 }
7069
dd599908
AS		 7070 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7071 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce
AP		 7072 wpa_set_driver_tmp_disallow_list(wpa_s);
7073 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7074 wpa_s, bss);
dd599908
AS		 7075}
7076
7077
7078int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7079{
d010048c 7080 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
dd599908 7081
d010048c
JM		 7082 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7083 struct wpa_bss_tmp_disallowed, list) {
d010048c
JM		 7084 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
7085 bss = tmp;
7086 break;
7087 }
7088 }
dd599908
AS		 7089 if (!bss)
7090 return 0;
7091
d010048c 7092 return 1;
dd599908 7093}
Unnamed repository; edit this file 'description' to name the repository.