]> git.ipfire.org Git - thirdparty/hostap.git/blame_incremental - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
HS 2.0: Allow OSEN connection to be enabled in an RSN BSS
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
... / ...
CommitLineData
1/*
2 * WPA Supplicant
3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
18
19#include "common.h"
20#include "crypto/random.h"
21#include "crypto/sha1.h"
22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
24#include "eap_peer/eap_proxy.h"
25#include "eap_server/eap_methods.h"
26#include "rsn_supp/wpa.h"
27#include "eloop.h"
28#include "config.h"
29#include "utils/ext_password.h"
30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
32#include "driver_i.h"
33#include "ctrl_iface.h"
34#include "pcsc_funcs.h"
35#include "common/version.h"
36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
38#include "common/wpa_ctrl.h"
39#include "common/ieee802_11_defs.h"
40#include "common/hw_features_common.h"
41#include "common/gas_server.h"
42#include "p2p/p2p.h"
43#include "fst/fst.h"
44#include "blacklist.h"
45#include "wpas_glue.h"
46#include "wps_supplicant.h"
47#include "ibss_rsn.h"
48#include "sme.h"
49#include "gas_query.h"
50#include "ap.h"
51#include "p2p_supplicant.h"
52#include "wifi_display.h"
53#include "notify.h"
54#include "bgscan.h"
55#include "autoscan.h"
56#include "bss.h"
57#include "scan.h"
58#include "offchannel.h"
59#include "hs20_supplicant.h"
60#include "wnm_sta.h"
61#include "wpas_kay.h"
62#include "mesh.h"
63#include "dpp_supplicant.h"
64#ifdef CONFIG_MESH
65#include "ap/ap_config.h"
66#include "ap/hostapd.h"
67#endif /* CONFIG_MESH */
68
69const char *const wpa_supplicant_version =
70"wpa_supplicant v" VERSION_STR "\n"
71"Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
72
73const char *const wpa_supplicant_license =
74"This software may be distributed under the terms of the BSD license.\n"
75"See README for more details.\n"
76#ifdef EAP_TLS_OPENSSL
77"\nThis product includes software developed by the OpenSSL Project\n"
78"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79#endif /* EAP_TLS_OPENSSL */
80;
81
82#ifndef CONFIG_NO_STDOUT_DEBUG
83/* Long text divided into parts in order to fit in C89 strings size limits. */
84const char *const wpa_supplicant_full_license1 =
85"";
86const char *const wpa_supplicant_full_license2 =
87"This software may be distributed under the terms of the BSD license.\n"
88"\n"
89"Redistribution and use in source and binary forms, with or without\n"
90"modification, are permitted provided that the following conditions are\n"
91"met:\n"
92"\n";
93const char *const wpa_supplicant_full_license3 =
94"1. Redistributions of source code must retain the above copyright\n"
95" notice, this list of conditions and the following disclaimer.\n"
96"\n"
97"2. Redistributions in binary form must reproduce the above copyright\n"
98" notice, this list of conditions and the following disclaimer in the\n"
99" documentation and/or other materials provided with the distribution.\n"
100"\n";
101const char *const wpa_supplicant_full_license4 =
102"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103" names of its contributors may be used to endorse or promote products\n"
104" derived from this software without specific prior written permission.\n"
105"\n"
106"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110const char *const wpa_supplicant_full_license5 =
111"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118"\n";
119#endif /* CONFIG_NO_STDOUT_DEBUG */
120
121
122static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
123#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
125#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
126
127
128/* Configure default/group WEP keys for static WEP */
129int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
130{
131 int i, set = 0;
132
133 for (i = 0; i < NUM_WEP_KEYS; i++) {
134 if (ssid->wep_key_len[i] == 0)
135 continue;
136
137 set = 1;
138 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
139 i, i == ssid->wep_tx_keyidx, NULL, 0,
140 ssid->wep_key[i], ssid->wep_key_len[i]);
141 }
142
143 return set;
144}
145
146
147int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
148 struct wpa_ssid *ssid)
149{
150 u8 key[32];
151 size_t keylen;
152 enum wpa_alg alg;
153 u8 seq[6] = { 0 };
154 int ret;
155
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
158
159 if (ssid->mode != WPAS_MODE_IBSS) {
160 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid->mode);
162 return -1;
163 }
164
165 if (!ssid->psk_set) {
166 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
167 "WPA-None");
168 return -1;
169 }
170
171 switch (wpa_s->group_cipher) {
172 case WPA_CIPHER_CCMP:
173 os_memcpy(key, ssid->psk, 16);
174 keylen = 16;
175 alg = WPA_ALG_CCMP;
176 break;
177 case WPA_CIPHER_GCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_GCMP;
181 break;
182 case WPA_CIPHER_TKIP:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key, ssid->psk, 16 + 8);
185 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
186 keylen = 32;
187 alg = WPA_ALG_TKIP;
188 break;
189 default:
190 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s->group_cipher);
192 return -1;
193 }
194
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
197
198 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
199 os_memset(key, 0, sizeof(key));
200 return ret;
201}
202
203
204static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
205{
206 struct wpa_supplicant *wpa_s = eloop_ctx;
207 const u8 *bssid = wpa_s->bssid;
208 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
209 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
210 wpa_s->wpa_state == WPA_ASSOCIATING))
211 bssid = wpa_s->pending_bssid;
212 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
213 MAC2STR(bssid));
214 wpa_blacklist_add(wpa_s, bssid);
215 wpa_sm_notify_disassoc(wpa_s->wpa);
216 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
217 wpa_s->reassociate = 1;
218
219 /*
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
222 */
223 wpa_supplicant_req_scan(wpa_s, 1, 0);
224}
225
226
227/**
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
232 *
233 * This function is used to schedule a timeout for the current authentication
234 * attempt.
235 */
236void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
237 int sec, int usec)
238{
239 if (wpa_s->conf->ap_scan == 0 &&
240 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
241 return;
242
243 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
244 "%d usec", sec, usec);
245 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
246 wpa_s->last_auth_timeout_sec = sec;
247 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
248}
249
250
251/*
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
255 */
256void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
257{
258 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
259
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
261 wpa_dbg(wpa_s, MSG_DEBUG,
262 "Authentication timeout restart: %d sec", new_sec);
263 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
264 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
265 wpa_s, NULL);
266 }
267}
268
269
270/**
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
273 *
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
276 * been completed.
277 */
278void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
279{
280 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
282 wpa_blacklist_del(wpa_s, wpa_s->bssid);
283}
284
285
286/**
287 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
288 * @wpa_s: Pointer to wpa_supplicant data
289 *
290 * This function is used to configure EAPOL state machine based on the selected
291 * authentication mode.
292 */
293void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
294{
295#ifdef IEEE8021X_EAPOL
296 struct eapol_config eapol_conf;
297 struct wpa_ssid *ssid = wpa_s->current_ssid;
298
299#ifdef CONFIG_IBSS_RSN
300 if (ssid->mode == WPAS_MODE_IBSS &&
301 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
302 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
303 /*
304 * RSN IBSS authentication is per-STA and we can disable the
305 * per-BSSID EAPOL authentication.
306 */
307 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
308 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
309 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
310 return;
311 }
312#endif /* CONFIG_IBSS_RSN */
313
314 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
315 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
316
317 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
318 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 else
321 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
322
323 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
324 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
325 eapol_conf.accept_802_1x_keys = 1;
326 eapol_conf.required_keys = 0;
327 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
328 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
329 }
330 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
331 eapol_conf.required_keys |=
332 EAPOL_REQUIRE_KEY_BROADCAST;
333 }
334
335 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
336 eapol_conf.required_keys = 0;
337 }
338 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
339 eapol_conf.workaround = ssid->eap_workaround;
340 eapol_conf.eap_disabled =
341 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
342 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
343 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
344 eapol_conf.external_sim = wpa_s->conf->external_sim;
345
346#ifdef CONFIG_WPS
347 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
348 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
349 if (wpa_s->current_bss) {
350 struct wpabuf *ie;
351 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
352 WPS_IE_VENDOR_TYPE);
353 if (ie) {
354 if (wps_is_20(ie))
355 eapol_conf.wps |=
356 EAPOL_PEER_IS_WPS20_AP;
357 wpabuf_free(ie);
358 }
359 }
360 }
361#endif /* CONFIG_WPS */
362
363 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
364
365#ifdef CONFIG_MACSEC
366 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
367 ieee802_1x_create_preshared_mka(wpa_s, ssid);
368 else
369 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
370#endif /* CONFIG_MACSEC */
371#endif /* IEEE8021X_EAPOL */
372}
373
374
375/**
376 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
377 * @wpa_s: Pointer to wpa_supplicant data
378 * @ssid: Configuration data for the network
379 *
380 * This function is used to configure WPA state machine and related parameters
381 * to a mode where WPA is not enabled. This is called as part of the
382 * authentication configuration when the selected network does not use WPA.
383 */
384void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
385 struct wpa_ssid *ssid)
386{
387 int i;
388
389 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
390 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
391 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
392 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
393 else
394 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
395 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
396 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
397 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
398 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
399 wpa_s->group_cipher = WPA_CIPHER_NONE;
400 wpa_s->mgmt_group_cipher = 0;
401
402 for (i = 0; i < NUM_WEP_KEYS; i++) {
403 if (ssid->wep_key_len[i] > 5) {
404 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
405 wpa_s->group_cipher = WPA_CIPHER_WEP104;
406 break;
407 } else if (ssid->wep_key_len[i] > 0) {
408 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
409 wpa_s->group_cipher = WPA_CIPHER_WEP40;
410 break;
411 }
412 }
413
414 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
415 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
416 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
417 wpa_s->pairwise_cipher);
418 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
419#ifdef CONFIG_IEEE80211W
420 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
421 wpa_s->mgmt_group_cipher);
422#endif /* CONFIG_IEEE80211W */
423
424 pmksa_cache_clear_current(wpa_s->wpa);
425}
426
427
428void free_hw_features(struct wpa_supplicant *wpa_s)
429{
430 int i;
431 if (wpa_s->hw.modes == NULL)
432 return;
433
434 for (i = 0; i < wpa_s->hw.num_modes; i++) {
435 os_free(wpa_s->hw.modes[i].channels);
436 os_free(wpa_s->hw.modes[i].rates);
437 }
438
439 os_free(wpa_s->hw.modes);
440 wpa_s->hw.modes = NULL;
441}
442
443
444static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
445{
446 struct wpa_bss_tmp_disallowed *bss, *prev;
447
448 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
449 struct wpa_bss_tmp_disallowed, list) {
450 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
451 dl_list_del(&bss->list);
452 os_free(bss);
453 }
454}
455
456
457void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
458{
459 struct fils_hlp_req *req;
460
461 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
462 list)) != NULL) {
463 dl_list_del(&req->list);
464 wpabuf_free(req->pkt);
465 os_free(req);
466 }
467}
468
469
470static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
471{
472 int i;
473
474 bgscan_deinit(wpa_s);
475 autoscan_deinit(wpa_s);
476 scard_deinit(wpa_s->scard);
477 wpa_s->scard = NULL;
478 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
479 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
480 l2_packet_deinit(wpa_s->l2);
481 wpa_s->l2 = NULL;
482 if (wpa_s->l2_br) {
483 l2_packet_deinit(wpa_s->l2_br);
484 wpa_s->l2_br = NULL;
485 }
486#ifdef CONFIG_TESTING_OPTIONS
487 l2_packet_deinit(wpa_s->l2_test);
488 wpa_s->l2_test = NULL;
489 os_free(wpa_s->get_pref_freq_list_override);
490 wpa_s->get_pref_freq_list_override = NULL;
491 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
492 wpa_s->last_assoc_req_wpa_ie = NULL;
493#endif /* CONFIG_TESTING_OPTIONS */
494
495 if (wpa_s->conf != NULL) {
496 struct wpa_ssid *ssid;
497 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
498 wpas_notify_network_removed(wpa_s, ssid);
499 }
500
501 os_free(wpa_s->confname);
502 wpa_s->confname = NULL;
503
504 os_free(wpa_s->confanother);
505 wpa_s->confanother = NULL;
506
507 wpa_sm_set_eapol(wpa_s->wpa, NULL);
508 eapol_sm_deinit(wpa_s->eapol);
509 wpa_s->eapol = NULL;
510
511 rsn_preauth_deinit(wpa_s->wpa);
512
513#ifdef CONFIG_TDLS
514 wpa_tdls_deinit(wpa_s->wpa);
515#endif /* CONFIG_TDLS */
516
517 wmm_ac_clear_saved_tspecs(wpa_s);
518 pmksa_candidate_free(wpa_s->wpa);
519 wpa_sm_deinit(wpa_s->wpa);
520 wpa_s->wpa = NULL;
521 wpa_blacklist_clear(wpa_s);
522
523 wpa_bss_deinit(wpa_s);
524
525 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
526 wpa_supplicant_cancel_scan(wpa_s);
527 wpa_supplicant_cancel_auth_timeout(wpa_s);
528 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
529#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
530 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
531 wpa_s, NULL);
532#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
533
534 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
535
536 wpas_wps_deinit(wpa_s);
537
538 wpabuf_free(wpa_s->pending_eapol_rx);
539 wpa_s->pending_eapol_rx = NULL;
540
541#ifdef CONFIG_IBSS_RSN
542 ibss_rsn_deinit(wpa_s->ibss_rsn);
543 wpa_s->ibss_rsn = NULL;
544#endif /* CONFIG_IBSS_RSN */
545
546 sme_deinit(wpa_s);
547
548#ifdef CONFIG_AP
549 wpa_supplicant_ap_deinit(wpa_s);
550#endif /* CONFIG_AP */
551
552 wpas_p2p_deinit(wpa_s);
553
554#ifdef CONFIG_OFFCHANNEL
555 offchannel_deinit(wpa_s);
556#endif /* CONFIG_OFFCHANNEL */
557
558 wpa_supplicant_cancel_sched_scan(wpa_s);
559
560 os_free(wpa_s->next_scan_freqs);
561 wpa_s->next_scan_freqs = NULL;
562
563 os_free(wpa_s->manual_scan_freqs);
564 wpa_s->manual_scan_freqs = NULL;
565 os_free(wpa_s->select_network_scan_freqs);
566 wpa_s->select_network_scan_freqs = NULL;
567
568 os_free(wpa_s->manual_sched_scan_freqs);
569 wpa_s->manual_sched_scan_freqs = NULL;
570
571 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
572
573 /*
574 * Need to remove any pending gas-query radio work before the
575 * gas_query_deinit() call because gas_query::work has not yet been set
576 * for works that have not been started. gas_query_free() will be unable
577 * to cancel such pending radio works and once the pending gas-query
578 * radio work eventually gets removed, the deinit notification call to
579 * gas_query_start_cb() would result in dereferencing freed memory.
580 */
581 if (wpa_s->radio)
582 radio_remove_works(wpa_s, "gas-query", 0);
583 gas_query_deinit(wpa_s->gas);
584 wpa_s->gas = NULL;
585 gas_server_deinit(wpa_s->gas_server);
586 wpa_s->gas_server = NULL;
587
588 free_hw_features(wpa_s);
589
590 ieee802_1x_dealloc_kay_sm(wpa_s);
591
592 os_free(wpa_s->bssid_filter);
593 wpa_s->bssid_filter = NULL;
594
595 os_free(wpa_s->disallow_aps_bssid);
596 wpa_s->disallow_aps_bssid = NULL;
597 os_free(wpa_s->disallow_aps_ssid);
598 wpa_s->disallow_aps_ssid = NULL;
599
600 wnm_bss_keep_alive_deinit(wpa_s);
601#ifdef CONFIG_WNM
602 wnm_deallocate_memory(wpa_s);
603#endif /* CONFIG_WNM */
604
605 ext_password_deinit(wpa_s->ext_pw);
606 wpa_s->ext_pw = NULL;
607
608 wpabuf_free(wpa_s->last_gas_resp);
609 wpa_s->last_gas_resp = NULL;
610 wpabuf_free(wpa_s->prev_gas_resp);
611 wpa_s->prev_gas_resp = NULL;
612
613 os_free(wpa_s->last_scan_res);
614 wpa_s->last_scan_res = NULL;
615
616#ifdef CONFIG_HS20
617 if (wpa_s->drv_priv)
618 wpa_drv_configure_frame_filters(wpa_s, 0);
619 hs20_deinit(wpa_s);
620#endif /* CONFIG_HS20 */
621
622 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
623 wpabuf_free(wpa_s->vendor_elem[i]);
624 wpa_s->vendor_elem[i] = NULL;
625 }
626
627 wmm_ac_notify_disassoc(wpa_s);
628
629 wpa_s->sched_scan_plans_num = 0;
630 os_free(wpa_s->sched_scan_plans);
631 wpa_s->sched_scan_plans = NULL;
632
633#ifdef CONFIG_MBO
634 wpa_s->non_pref_chan_num = 0;
635 os_free(wpa_s->non_pref_chan);
636 wpa_s->non_pref_chan = NULL;
637#endif /* CONFIG_MBO */
638
639 free_bss_tmp_disallowed(wpa_s);
640
641 wpabuf_free(wpa_s->lci);
642 wpa_s->lci = NULL;
643 wpas_clear_beacon_rep_data(wpa_s);
644
645#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
646#ifdef CONFIG_MESH
647 {
648 struct external_pmksa_cache *entry;
649
650 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
651 struct external_pmksa_cache,
652 list)) != NULL) {
653 dl_list_del(&entry->list);
654 os_free(entry->pmksa_cache);
655 os_free(entry);
656 }
657 }
658#endif /* CONFIG_MESH */
659#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
660
661 wpas_flush_fils_hlp_req(wpa_s);
662
663 wpabuf_free(wpa_s->ric_ies);
664 wpa_s->ric_ies = NULL;
665
666#ifdef CONFIG_DPP
667 wpas_dpp_deinit(wpa_s);
668#endif /* CONFIG_DPP */
669}
670
671
672/**
673 * wpa_clear_keys - Clear keys configured for the driver
674 * @wpa_s: Pointer to wpa_supplicant data
675 * @addr: Previously used BSSID or %NULL if not available
676 *
677 * This function clears the encryption keys that has been previously configured
678 * for the driver.
679 */
680void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
681{
682 int i, max;
683
684#ifdef CONFIG_IEEE80211W
685 max = 6;
686#else /* CONFIG_IEEE80211W */
687 max = 4;
688#endif /* CONFIG_IEEE80211W */
689
690 /* MLME-DELETEKEYS.request */
691 for (i = 0; i < max; i++) {
692 if (wpa_s->keys_cleared & BIT(i))
693 continue;
694 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
695 NULL, 0);
696 }
697 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
698 !is_zero_ether_addr(addr)) {
699 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
700 0);
701 /* MLME-SETPROTECTION.request(None) */
702 wpa_drv_mlme_setprotection(
703 wpa_s, addr,
704 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
705 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
706 }
707 wpa_s->keys_cleared = (u32) -1;
708}
709
710
711/**
712 * wpa_supplicant_state_txt - Get the connection state name as a text string
713 * @state: State (wpa_state; WPA_*)
714 * Returns: The state name as a printable text string
715 */
716const char * wpa_supplicant_state_txt(enum wpa_states state)
717{
718 switch (state) {
719 case WPA_DISCONNECTED:
720 return "DISCONNECTED";
721 case WPA_INACTIVE:
722 return "INACTIVE";
723 case WPA_INTERFACE_DISABLED:
724 return "INTERFACE_DISABLED";
725 case WPA_SCANNING:
726 return "SCANNING";
727 case WPA_AUTHENTICATING:
728 return "AUTHENTICATING";
729 case WPA_ASSOCIATING:
730 return "ASSOCIATING";
731 case WPA_ASSOCIATED:
732 return "ASSOCIATED";
733 case WPA_4WAY_HANDSHAKE:
734 return "4WAY_HANDSHAKE";
735 case WPA_GROUP_HANDSHAKE:
736 return "GROUP_HANDSHAKE";
737 case WPA_COMPLETED:
738 return "COMPLETED";
739 default:
740 return "UNKNOWN";
741 }
742}
743
744
745#ifdef CONFIG_BGSCAN
746
747static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
748{
749 const char *name;
750
751 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
752 name = wpa_s->current_ssid->bgscan;
753 else
754 name = wpa_s->conf->bgscan;
755 if (name == NULL || name[0] == '\0')
756 return;
757 if (wpas_driver_bss_selection(wpa_s))
758 return;
759 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
760 return;
761#ifdef CONFIG_P2P
762 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
763 return;
764#endif /* CONFIG_P2P */
765
766 bgscan_deinit(wpa_s);
767 if (wpa_s->current_ssid) {
768 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
769 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
770 "bgscan");
771 /*
772 * Live without bgscan; it is only used as a roaming
773 * optimization, so the initial connection is not
774 * affected.
775 */
776 } else {
777 struct wpa_scan_results *scan_res;
778 wpa_s->bgscan_ssid = wpa_s->current_ssid;
779 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
780 0);
781 if (scan_res) {
782 bgscan_notify_scan(wpa_s, scan_res);
783 wpa_scan_results_free(scan_res);
784 }
785 }
786 } else
787 wpa_s->bgscan_ssid = NULL;
788}
789
790
791static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
792{
793 if (wpa_s->bgscan_ssid != NULL) {
794 bgscan_deinit(wpa_s);
795 wpa_s->bgscan_ssid = NULL;
796 }
797}
798
799#endif /* CONFIG_BGSCAN */
800
801
802static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
803{
804 if (autoscan_init(wpa_s, 0))
805 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
806}
807
808
809static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
810{
811 autoscan_deinit(wpa_s);
812}
813
814
815void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
816{
817 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
818 wpa_s->wpa_state == WPA_SCANNING) {
819 autoscan_deinit(wpa_s);
820 wpa_supplicant_start_autoscan(wpa_s);
821 }
822}
823
824
825/**
826 * wpa_supplicant_set_state - Set current connection state
827 * @wpa_s: Pointer to wpa_supplicant data
828 * @state: The new connection state
829 *
830 * This function is called whenever the connection state changes, e.g.,
831 * association is completed for WPA/WPA2 4-Way Handshake is started.
832 */
833void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
834 enum wpa_states state)
835{
836 enum wpa_states old_state = wpa_s->wpa_state;
837
838 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
839 wpa_supplicant_state_txt(wpa_s->wpa_state),
840 wpa_supplicant_state_txt(state));
841
842 if (state == WPA_INTERFACE_DISABLED) {
843 /* Assure normal scan when interface is restored */
844 wpa_s->normal_scans = 0;
845 }
846
847 if (state == WPA_COMPLETED) {
848 wpas_connect_work_done(wpa_s);
849 /* Reinitialize normal_scan counter */
850 wpa_s->normal_scans = 0;
851 }
852
853#ifdef CONFIG_P2P
854 /*
855 * P2PS client has to reply to Probe Request frames received on the
856 * group operating channel. Enable Probe Request frame reporting for
857 * P2P connected client in case p2p_cli_probe configuration property is
858 * set to 1.
859 */
860 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
861 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
862 wpa_s->current_ssid->p2p_group) {
863 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
864 wpa_dbg(wpa_s, MSG_DEBUG,
865 "P2P: Enable CLI Probe Request RX reporting");
866 wpa_s->p2p_cli_probe =
867 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
868 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
869 wpa_dbg(wpa_s, MSG_DEBUG,
870 "P2P: Disable CLI Probe Request RX reporting");
871 wpa_s->p2p_cli_probe = 0;
872 wpa_drv_probe_req_report(wpa_s, 0);
873 }
874 }
875#endif /* CONFIG_P2P */
876
877 if (state != WPA_SCANNING)
878 wpa_supplicant_notify_scanning(wpa_s, 0);
879
880 if (state == WPA_COMPLETED && wpa_s->new_connection) {
881 struct wpa_ssid *ssid = wpa_s->current_ssid;
882 int fils_hlp_sent = 0;
883
884#ifdef CONFIG_SME
885 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
886 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
887 fils_hlp_sent = 1;
888#endif /* CONFIG_SME */
889 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
890 wpa_auth_alg_fils(wpa_s->auth_alg))
891 fils_hlp_sent = 1;
892
893#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
894 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
895 MACSTR " completed [id=%d id_str=%s%s]",
896 MAC2STR(wpa_s->bssid),
897 ssid ? ssid->id : -1,
898 ssid && ssid->id_str ? ssid->id_str : "",
899 fils_hlp_sent ? " FILS_HLP_SENT" : "");
900#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
901 wpas_clear_temp_disabled(wpa_s, ssid, 1);
902 wpa_blacklist_clear(wpa_s);
903 wpa_s->extra_blacklist_count = 0;
904 wpa_s->new_connection = 0;
905 wpa_drv_set_operstate(wpa_s, 1);
906#ifndef IEEE8021X_EAPOL
907 wpa_drv_set_supp_port(wpa_s, 1);
908#endif /* IEEE8021X_EAPOL */
909 wpa_s->after_wps = 0;
910 wpa_s->known_wps_freq = 0;
911 wpas_p2p_completed(wpa_s);
912
913 sme_sched_obss_scan(wpa_s, 1);
914
915#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
916 if (!fils_hlp_sent && ssid && ssid->eap.erp)
917 wpas_update_fils_connect_params(wpa_s);
918#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
919 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
920 state == WPA_ASSOCIATED) {
921 wpa_s->new_connection = 1;
922 wpa_drv_set_operstate(wpa_s, 0);
923#ifndef IEEE8021X_EAPOL
924 wpa_drv_set_supp_port(wpa_s, 0);
925#endif /* IEEE8021X_EAPOL */
926 sme_sched_obss_scan(wpa_s, 0);
927 }
928 wpa_s->wpa_state = state;
929
930#ifdef CONFIG_BGSCAN
931 if (state == WPA_COMPLETED)
932 wpa_supplicant_start_bgscan(wpa_s);
933 else if (state < WPA_ASSOCIATED)
934 wpa_supplicant_stop_bgscan(wpa_s);
935#endif /* CONFIG_BGSCAN */
936
937 if (state == WPA_AUTHENTICATING)
938 wpa_supplicant_stop_autoscan(wpa_s);
939
940 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
941 wpa_supplicant_start_autoscan(wpa_s);
942
943 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
944 wmm_ac_notify_disassoc(wpa_s);
945
946 if (wpa_s->wpa_state != old_state) {
947 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
948
949 /*
950 * Notify the P2P Device interface about a state change in one
951 * of the interfaces.
952 */
953 wpas_p2p_indicate_state_change(wpa_s);
954
955 if (wpa_s->wpa_state == WPA_COMPLETED ||
956 old_state == WPA_COMPLETED)
957 wpas_notify_auth_changed(wpa_s);
958 }
959}
960
961
962void wpa_supplicant_terminate_proc(struct wpa_global *global)
963{
964 int pending = 0;
965#ifdef CONFIG_WPS
966 struct wpa_supplicant *wpa_s = global->ifaces;
967 while (wpa_s) {
968 struct wpa_supplicant *next = wpa_s->next;
969 if (wpas_wps_terminate_pending(wpa_s) == 1)
970 pending = 1;
971#ifdef CONFIG_P2P
972 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
973 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
974 wpas_p2p_disconnect(wpa_s);
975#endif /* CONFIG_P2P */
976 wpa_s = next;
977 }
978#endif /* CONFIG_WPS */
979 if (pending)
980 return;
981 eloop_terminate();
982}
983
984
985static void wpa_supplicant_terminate(int sig, void *signal_ctx)
986{
987 struct wpa_global *global = signal_ctx;
988 wpa_supplicant_terminate_proc(global);
989}
990
991
992void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
993{
994 enum wpa_states old_state = wpa_s->wpa_state;
995
996 wpa_s->pairwise_cipher = 0;
997 wpa_s->group_cipher = 0;
998 wpa_s->mgmt_group_cipher = 0;
999 wpa_s->key_mgmt = 0;
1000 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1001 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1002
1003 if (wpa_s->wpa_state != old_state)
1004 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1005}
1006
1007
1008/**
1009 * wpa_supplicant_reload_configuration - Reload configuration data
1010 * @wpa_s: Pointer to wpa_supplicant data
1011 * Returns: 0 on success or -1 if configuration parsing failed
1012 *
1013 * This function can be used to request that the configuration data is reloaded
1014 * (e.g., after configuration file change). This function is reloading
1015 * configuration only for one interface, so this may need to be called multiple
1016 * times if %wpa_supplicant is controlling multiple interfaces and all
1017 * interfaces need reconfiguration.
1018 */
1019int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1020{
1021 struct wpa_config *conf;
1022 int reconf_ctrl;
1023 int old_ap_scan;
1024
1025 if (wpa_s->confname == NULL)
1026 return -1;
1027 conf = wpa_config_read(wpa_s->confname, NULL);
1028 if (conf == NULL) {
1029 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1030 "file '%s' - exiting", wpa_s->confname);
1031 return -1;
1032 }
1033 if (wpa_s->confanother &&
1034 !wpa_config_read(wpa_s->confanother, conf)) {
1035 wpa_msg(wpa_s, MSG_ERROR,
1036 "Failed to parse the configuration file '%s' - exiting",
1037 wpa_s->confanother);
1038 return -1;
1039 }
1040
1041 conf->changed_parameters = (unsigned int) -1;
1042
1043 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1044 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1045 os_strcmp(conf->ctrl_interface,
1046 wpa_s->conf->ctrl_interface) != 0);
1047
1048 if (reconf_ctrl && wpa_s->ctrl_iface) {
1049 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1050 wpa_s->ctrl_iface = NULL;
1051 }
1052
1053 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1054 if (wpa_s->current_ssid) {
1055 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1056 wpa_s->own_disconnect_req = 1;
1057 wpa_supplicant_deauthenticate(wpa_s,
1058 WLAN_REASON_DEAUTH_LEAVING);
1059 }
1060
1061 /*
1062 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1063 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1064 */
1065 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1066 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1067 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1068 /*
1069 * Clear forced success to clear EAP state for next
1070 * authentication.
1071 */
1072 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1073 }
1074 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1075 wpa_sm_set_config(wpa_s->wpa, NULL);
1076 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1077 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1078 rsn_preauth_deinit(wpa_s->wpa);
1079
1080 old_ap_scan = wpa_s->conf->ap_scan;
1081 wpa_config_free(wpa_s->conf);
1082 wpa_s->conf = conf;
1083 if (old_ap_scan != wpa_s->conf->ap_scan)
1084 wpas_notify_ap_scan_changed(wpa_s);
1085
1086 if (reconf_ctrl)
1087 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1088
1089 wpa_supplicant_update_config(wpa_s);
1090
1091 wpa_supplicant_clear_status(wpa_s);
1092 if (wpa_supplicant_enabled_networks(wpa_s)) {
1093 wpa_s->reassociate = 1;
1094 wpa_supplicant_req_scan(wpa_s, 0, 0);
1095 }
1096 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1097 return 0;
1098}
1099
1100
1101static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1102{
1103 struct wpa_global *global = signal_ctx;
1104 struct wpa_supplicant *wpa_s;
1105 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1106 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1107 sig);
1108 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1109 wpa_supplicant_terminate_proc(global);
1110 }
1111 }
1112
1113 if (wpa_debug_reopen_file() < 0) {
1114 /* Ignore errors since we cannot really do much to fix this */
1115 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1116 }
1117}
1118
1119
1120static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1121 struct wpa_ssid *ssid,
1122 struct wpa_ie_data *ie)
1123{
1124 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1125 if (ret) {
1126 if (ret == -2) {
1127 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1128 "from association info");
1129 }
1130 return -1;
1131 }
1132
1133 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1134 "cipher suites");
1135 if (!(ie->group_cipher & ssid->group_cipher)) {
1136 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1137 "cipher 0x%x (mask 0x%x) - reject",
1138 ie->group_cipher, ssid->group_cipher);
1139 return -1;
1140 }
1141 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1142 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1143 "cipher 0x%x (mask 0x%x) - reject",
1144 ie->pairwise_cipher, ssid->pairwise_cipher);
1145 return -1;
1146 }
1147 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1148 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1149 "management 0x%x (mask 0x%x) - reject",
1150 ie->key_mgmt, ssid->key_mgmt);
1151 return -1;
1152 }
1153
1154#ifdef CONFIG_IEEE80211W
1155 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1156 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1157 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1158 "that does not support management frame protection - "
1159 "reject");
1160 return -1;
1161 }
1162#endif /* CONFIG_IEEE80211W */
1163
1164 return 0;
1165}
1166
1167
1168/**
1169 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1170 * @wpa_s: Pointer to wpa_supplicant data
1171 * @bss: Scan results for the selected BSS, or %NULL if not available
1172 * @ssid: Configuration data for the selected network
1173 * @wpa_ie: Buffer for the WPA/RSN IE
1174 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1175 * used buffer length in case the functions returns success.
1176 * Returns: 0 on success or -1 on failure
1177 *
1178 * This function is used to configure authentication and encryption parameters
1179 * based on the network configuration and scan result for the selected BSS (if
1180 * available).
1181 */
1182int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1183 struct wpa_bss *bss, struct wpa_ssid *ssid,
1184 u8 *wpa_ie, size_t *wpa_ie_len)
1185{
1186 struct wpa_ie_data ie;
1187 int sel, proto;
1188 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1189
1190 if (bss) {
1191 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1192 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1193 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1194 } else
1195 bss_wpa = bss_rsn = bss_osen = NULL;
1196
1197 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1198 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1199 (ie.group_cipher & ssid->group_cipher) &&
1200 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1201 (ie.key_mgmt & ssid->key_mgmt)) {
1202 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1203 proto = WPA_PROTO_RSN;
1204 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1205 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1206 (ie.group_cipher & ssid->group_cipher) &&
1207 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1208 (ie.key_mgmt & ssid->key_mgmt)) {
1209 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1210 proto = WPA_PROTO_WPA;
1211#ifdef CONFIG_HS20
1212 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1213 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1214 /* TODO: parse OSEN element */
1215 os_memset(&ie, 0, sizeof(ie));
1216 ie.group_cipher = WPA_CIPHER_CCMP;
1217 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1218 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1219 proto = WPA_PROTO_OSEN;
1220#endif /* CONFIG_HS20 */
1221 } else if (bss) {
1222 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1223 wpa_dbg(wpa_s, MSG_DEBUG,
1224 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1225 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1226 ssid->key_mgmt);
1227 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1228 MAC2STR(bss->bssid),
1229 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1230 bss_wpa ? " WPA" : "",
1231 bss_rsn ? " RSN" : "",
1232 bss_osen ? " OSEN" : "");
1233 if (bss_rsn) {
1234 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1235 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1236 wpa_dbg(wpa_s, MSG_DEBUG,
1237 "Could not parse RSN element");
1238 } else {
1239 wpa_dbg(wpa_s, MSG_DEBUG,
1240 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1241 ie.pairwise_cipher, ie.group_cipher,
1242 ie.key_mgmt);
1243 }
1244 }
1245 if (bss_wpa) {
1246 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1247 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1248 wpa_dbg(wpa_s, MSG_DEBUG,
1249 "Could not parse WPA element");
1250 } else {
1251 wpa_dbg(wpa_s, MSG_DEBUG,
1252 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1253 ie.pairwise_cipher, ie.group_cipher,
1254 ie.key_mgmt);
1255 }
1256 }
1257 return -1;
1258 } else {
1259 if (ssid->proto & WPA_PROTO_OSEN)
1260 proto = WPA_PROTO_OSEN;
1261 else if (ssid->proto & WPA_PROTO_RSN)
1262 proto = WPA_PROTO_RSN;
1263 else
1264 proto = WPA_PROTO_WPA;
1265 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1266 os_memset(&ie, 0, sizeof(ie));
1267 ie.group_cipher = ssid->group_cipher;
1268 ie.pairwise_cipher = ssid->pairwise_cipher;
1269 ie.key_mgmt = ssid->key_mgmt;
1270#ifdef CONFIG_IEEE80211W
1271 ie.mgmt_group_cipher = 0;
1272 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1273 if (ssid->group_mgmt_cipher &
1274 WPA_CIPHER_BIP_GMAC_256)
1275 ie.mgmt_group_cipher =
1276 WPA_CIPHER_BIP_GMAC_256;
1277 else if (ssid->group_mgmt_cipher &
1278 WPA_CIPHER_BIP_CMAC_256)
1279 ie.mgmt_group_cipher =
1280 WPA_CIPHER_BIP_CMAC_256;
1281 else if (ssid->group_mgmt_cipher &
1282 WPA_CIPHER_BIP_GMAC_128)
1283 ie.mgmt_group_cipher =
1284 WPA_CIPHER_BIP_GMAC_128;
1285 else
1286 ie.mgmt_group_cipher =
1287 WPA_CIPHER_AES_128_CMAC;
1288 }
1289#endif /* CONFIG_IEEE80211W */
1290#ifdef CONFIG_OWE
1291 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1292 !ssid->owe_only &&
1293 !bss_wpa && !bss_rsn && !bss_osen) {
1294 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1295 wpa_s->wpa_proto = 0;
1296 *wpa_ie_len = 0;
1297 return 0;
1298 }
1299#endif /* CONFIG_OWE */
1300 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1301 "based on configuration");
1302 } else
1303 proto = ie.proto;
1304 }
1305
1306 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1307 "pairwise %d key_mgmt %d proto %d",
1308 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1309#ifdef CONFIG_IEEE80211W
1310 if (ssid->ieee80211w) {
1311 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1312 ie.mgmt_group_cipher);
1313 }
1314#endif /* CONFIG_IEEE80211W */
1315
1316 wpa_s->wpa_proto = proto;
1317 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1318 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1319 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1320
1321 if (bss || !wpa_s->ap_ies_from_associnfo) {
1322 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1323 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1324 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1325 bss_rsn ? 2 + bss_rsn[1] : 0))
1326 return -1;
1327 }
1328
1329#ifdef CONFIG_NO_WPA
1330 wpa_s->group_cipher = WPA_CIPHER_NONE;
1331 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1332#else /* CONFIG_NO_WPA */
1333 sel = ie.group_cipher & ssid->group_cipher;
1334 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1335 if (wpa_s->group_cipher < 0) {
1336 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1337 "cipher");
1338 return -1;
1339 }
1340 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1341 wpa_cipher_txt(wpa_s->group_cipher));
1342
1343 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1344 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1345 if (wpa_s->pairwise_cipher < 0) {
1346 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1347 "cipher");
1348 return -1;
1349 }
1350 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1351 wpa_cipher_txt(wpa_s->pairwise_cipher));
1352#endif /* CONFIG_NO_WPA */
1353
1354 sel = ie.key_mgmt & ssid->key_mgmt;
1355#ifdef CONFIG_SAE
1356 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1357 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1358#endif /* CONFIG_SAE */
1359 if (0) {
1360#ifdef CONFIG_SUITEB192
1361 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1362 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1363 wpa_dbg(wpa_s, MSG_DEBUG,
1364 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1365#endif /* CONFIG_SUITEB192 */
1366#ifdef CONFIG_SUITEB
1367 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1368 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1369 wpa_dbg(wpa_s, MSG_DEBUG,
1370 "WPA: using KEY_MGMT 802.1X with Suite B");
1371#endif /* CONFIG_SUITEB */
1372#ifdef CONFIG_FILS
1373#ifdef CONFIG_IEEE80211R
1374 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1375 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1376 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1377 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1378 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1379 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1380#endif /* CONFIG_IEEE80211R */
1381 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1382 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1383 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1384 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1385 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1386 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1387#endif /* CONFIG_FILS */
1388#ifdef CONFIG_IEEE80211R
1389 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1390 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1391 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1392 if (pmksa_cache_get_current(wpa_s->wpa)) {
1393 /* PMKSA caching with FT is not fully functional, so
1394 * disable the case for now. */
1395 wpa_dbg(wpa_s, MSG_DEBUG,
1396 "WPA: Disable PMKSA caching for FT/802.1X connection");
1397 pmksa_cache_clear_current(wpa_s->wpa);
1398 }
1399 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1400 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1401 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1402#endif /* CONFIG_IEEE80211R */
1403#ifdef CONFIG_SAE
1404 } else if (sel & WPA_KEY_MGMT_SAE) {
1405 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1406 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1407 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1408 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1409 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1410#endif /* CONFIG_SAE */
1411#ifdef CONFIG_IEEE80211W
1412 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1413 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1414 wpa_dbg(wpa_s, MSG_DEBUG,
1415 "WPA: using KEY_MGMT 802.1X with SHA256");
1416 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1417 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1418 wpa_dbg(wpa_s, MSG_DEBUG,
1419 "WPA: using KEY_MGMT PSK with SHA256");
1420#endif /* CONFIG_IEEE80211W */
1421 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1422 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1423 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1424 } else if (sel & WPA_KEY_MGMT_PSK) {
1425 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1426 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1427 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1428 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1429 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1430#ifdef CONFIG_HS20
1431 } else if (sel & WPA_KEY_MGMT_OSEN) {
1432 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1433 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1434#endif /* CONFIG_HS20 */
1435#ifdef CONFIG_OWE
1436 } else if (sel & WPA_KEY_MGMT_OWE) {
1437 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1438 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1439#endif /* CONFIG_OWE */
1440#ifdef CONFIG_DPP
1441 } else if (sel & WPA_KEY_MGMT_DPP) {
1442 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1443 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1444#endif /* CONFIG_DPP */
1445 } else {
1446 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1447 "authenticated key management type");
1448 return -1;
1449 }
1450
1451 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1452 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1453 wpa_s->pairwise_cipher);
1454 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1455
1456#ifdef CONFIG_IEEE80211W
1457 sel = ie.mgmt_group_cipher;
1458 if (ssid->group_mgmt_cipher)
1459 sel &= ssid->group_mgmt_cipher;
1460 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1461 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1462 sel = 0;
1463 if (sel & WPA_CIPHER_AES_128_CMAC) {
1464 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1465 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1466 "AES-128-CMAC");
1467 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1468 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1469 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1470 "BIP-GMAC-128");
1471 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1472 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1473 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1474 "BIP-GMAC-256");
1475 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1476 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1477 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1478 "BIP-CMAC-256");
1479 } else {
1480 wpa_s->mgmt_group_cipher = 0;
1481 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1482 }
1483 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1484 wpa_s->mgmt_group_cipher);
1485 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1486 wpas_get_ssid_pmf(wpa_s, ssid));
1487#endif /* CONFIG_IEEE80211W */
1488
1489 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1490 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1491 return -1;
1492 }
1493
1494 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1495 int psk_set = 0;
1496 int sae_only;
1497
1498 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1499 WPA_KEY_MGMT_FT_PSK |
1500 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1501
1502 if (ssid->psk_set && !sae_only) {
1503 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1504 ssid->psk, PMK_LEN);
1505 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1506 NULL);
1507 psk_set = 1;
1508 }
1509
1510 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1511 (ssid->sae_password || ssid->passphrase))
1512 psk_set = 1;
1513
1514#ifndef CONFIG_NO_PBKDF2
1515 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1516 ssid->passphrase && !sae_only) {
1517 u8 psk[PMK_LEN];
1518 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1519 4096, psk, PMK_LEN);
1520 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1521 psk, PMK_LEN);
1522 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1523 psk_set = 1;
1524 os_memset(psk, 0, sizeof(psk));
1525 }
1526#endif /* CONFIG_NO_PBKDF2 */
1527#ifdef CONFIG_EXT_PASSWORD
1528 if (ssid->ext_psk && !sae_only) {
1529 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1530 ssid->ext_psk);
1531 char pw_str[64 + 1];
1532 u8 psk[PMK_LEN];
1533
1534 if (pw == NULL) {
1535 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1536 "found from external storage");
1537 return -1;
1538 }
1539
1540 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1541 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1542 "PSK length %d in external storage",
1543 (int) wpabuf_len(pw));
1544 ext_password_free(pw);
1545 return -1;
1546 }
1547
1548 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1549 pw_str[wpabuf_len(pw)] = '\0';
1550
1551#ifndef CONFIG_NO_PBKDF2
1552 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1553 {
1554 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1555 4096, psk, PMK_LEN);
1556 os_memset(pw_str, 0, sizeof(pw_str));
1557 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1558 "external passphrase)",
1559 psk, PMK_LEN);
1560 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1561 NULL);
1562 psk_set = 1;
1563 os_memset(psk, 0, sizeof(psk));
1564 } else
1565#endif /* CONFIG_NO_PBKDF2 */
1566 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1567 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1568 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1569 "Invalid PSK hex string");
1570 os_memset(pw_str, 0, sizeof(pw_str));
1571 ext_password_free(pw);
1572 return -1;
1573 }
1574 wpa_hexdump_key(MSG_MSGDUMP,
1575 "PSK (from external PSK)",
1576 psk, PMK_LEN);
1577 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1578 NULL);
1579 psk_set = 1;
1580 os_memset(psk, 0, sizeof(psk));
1581 } else {
1582 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1583 "PSK available");
1584 os_memset(pw_str, 0, sizeof(pw_str));
1585 ext_password_free(pw);
1586 return -1;
1587 }
1588
1589 os_memset(pw_str, 0, sizeof(pw_str));
1590 ext_password_free(pw);
1591 }
1592#endif /* CONFIG_EXT_PASSWORD */
1593
1594 if (!psk_set) {
1595 wpa_msg(wpa_s, MSG_INFO,
1596 "No PSK available for association");
1597 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1598 return -1;
1599 }
1600#ifdef CONFIG_OWE
1601 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1602 /* OWE Diffie-Hellman exchange in (Re)Association
1603 * Request/Response frames set the PMK, so do not override it
1604 * here. */
1605#endif /* CONFIG_OWE */
1606 } else
1607 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1608
1609 return 0;
1610}
1611
1612
1613static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1614{
1615 *pos = 0x00;
1616
1617 switch (idx) {
1618 case 0: /* Bits 0-7 */
1619 break;
1620 case 1: /* Bits 8-15 */
1621 break;
1622 case 2: /* Bits 16-23 */
1623#ifdef CONFIG_WNM
1624 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1625 *pos |= 0x08; /* Bit 19 - BSS Transition */
1626#endif /* CONFIG_WNM */
1627 break;
1628 case 3: /* Bits 24-31 */
1629#ifdef CONFIG_WNM
1630 *pos |= 0x02; /* Bit 25 - SSID List */
1631#endif /* CONFIG_WNM */
1632#ifdef CONFIG_INTERWORKING
1633 if (wpa_s->conf->interworking)
1634 *pos |= 0x80; /* Bit 31 - Interworking */
1635#endif /* CONFIG_INTERWORKING */
1636 break;
1637 case 4: /* Bits 32-39 */
1638#ifdef CONFIG_INTERWORKING
1639 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1640 *pos |= 0x01; /* Bit 32 - QoS Map */
1641#endif /* CONFIG_INTERWORKING */
1642 break;
1643 case 5: /* Bits 40-47 */
1644#ifdef CONFIG_HS20
1645 if (wpa_s->conf->hs20)
1646 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1647#endif /* CONFIG_HS20 */
1648#ifdef CONFIG_MBO
1649 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1650#endif /* CONFIG_MBO */
1651 break;
1652 case 6: /* Bits 48-55 */
1653 break;
1654 case 7: /* Bits 56-63 */
1655 break;
1656 case 8: /* Bits 64-71 */
1657 if (wpa_s->conf->ftm_responder)
1658 *pos |= 0x40; /* Bit 70 - FTM responder */
1659 if (wpa_s->conf->ftm_initiator)
1660 *pos |= 0x80; /* Bit 71 - FTM initiator */
1661 break;
1662 case 9: /* Bits 72-79 */
1663#ifdef CONFIG_FILS
1664 if (!wpa_s->disable_fils)
1665 *pos |= 0x01;
1666#endif /* CONFIG_FILS */
1667 break;
1668 }
1669}
1670
1671
1672int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1673{
1674 u8 *pos = buf;
1675 u8 len = 10, i;
1676
1677 if (len < wpa_s->extended_capa_len)
1678 len = wpa_s->extended_capa_len;
1679 if (buflen < (size_t) len + 2) {
1680 wpa_printf(MSG_INFO,
1681 "Not enough room for building extended capabilities element");
1682 return -1;
1683 }
1684
1685 *pos++ = WLAN_EID_EXT_CAPAB;
1686 *pos++ = len;
1687 for (i = 0; i < len; i++, pos++) {
1688 wpas_ext_capab_byte(wpa_s, pos, i);
1689
1690 if (i < wpa_s->extended_capa_len) {
1691 *pos &= ~wpa_s->extended_capa_mask[i];
1692 *pos |= wpa_s->extended_capa[i];
1693 }
1694 }
1695
1696 while (len > 0 && buf[1 + len] == 0) {
1697 len--;
1698 buf[1] = len;
1699 }
1700 if (len == 0)
1701 return 0;
1702
1703 return 2 + len;
1704}
1705
1706
1707static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1708 struct wpa_bss *test_bss)
1709{
1710 struct wpa_bss *bss;
1711
1712 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1713 if (bss == test_bss)
1714 return 1;
1715 }
1716
1717 return 0;
1718}
1719
1720
1721static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1722 struct wpa_ssid *test_ssid)
1723{
1724 struct wpa_ssid *ssid;
1725
1726 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1727 if (ssid == test_ssid)
1728 return 1;
1729 }
1730
1731 return 0;
1732}
1733
1734
1735int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1736 struct wpa_ssid *test_ssid)
1737{
1738 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1739 return 0;
1740
1741 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1742}
1743
1744
1745void wpas_connect_work_free(struct wpa_connect_work *cwork)
1746{
1747 if (cwork == NULL)
1748 return;
1749 os_free(cwork);
1750}
1751
1752
1753void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1754{
1755 struct wpa_connect_work *cwork;
1756 struct wpa_radio_work *work = wpa_s->connect_work;
1757
1758 if (!work)
1759 return;
1760
1761 wpa_s->connect_work = NULL;
1762 cwork = work->ctx;
1763 work->ctx = NULL;
1764 wpas_connect_work_free(cwork);
1765 radio_work_done(work);
1766}
1767
1768
1769int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1770{
1771 struct os_reltime now;
1772 u8 addr[ETH_ALEN];
1773
1774 os_get_reltime(&now);
1775 if (wpa_s->last_mac_addr_style == style &&
1776 wpa_s->last_mac_addr_change.sec != 0 &&
1777 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1778 wpa_s->conf->rand_addr_lifetime)) {
1779 wpa_msg(wpa_s, MSG_DEBUG,
1780 "Previously selected random MAC address has not yet expired");
1781 return 0;
1782 }
1783
1784 switch (style) {
1785 case 1:
1786 if (random_mac_addr(addr) < 0)
1787 return -1;
1788 break;
1789 case 2:
1790 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1791 if (random_mac_addr_keep_oui(addr) < 0)
1792 return -1;
1793 break;
1794 default:
1795 return -1;
1796 }
1797
1798 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1799 wpa_msg(wpa_s, MSG_INFO,
1800 "Failed to set random MAC address");
1801 return -1;
1802 }
1803
1804 os_get_reltime(&wpa_s->last_mac_addr_change);
1805 wpa_s->mac_addr_changed = 1;
1806 wpa_s->last_mac_addr_style = style;
1807
1808 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1809 wpa_msg(wpa_s, MSG_INFO,
1810 "Could not update MAC address information");
1811 return -1;
1812 }
1813
1814 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1815 MAC2STR(addr));
1816
1817 return 0;
1818}
1819
1820
1821int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1822{
1823 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1824 !wpa_s->conf->preassoc_mac_addr)
1825 return 0;
1826
1827 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1828}
1829
1830
1831static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1832
1833/**
1834 * wpa_supplicant_associate - Request association
1835 * @wpa_s: Pointer to wpa_supplicant data
1836 * @bss: Scan results for the selected BSS, or %NULL if not available
1837 * @ssid: Configuration data for the selected network
1838 *
1839 * This function is used to request %wpa_supplicant to associate with a BSS.
1840 */
1841void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1842 struct wpa_bss *bss, struct wpa_ssid *ssid)
1843{
1844 struct wpa_connect_work *cwork;
1845 int rand_style;
1846
1847 wpa_s->own_disconnect_req = 0;
1848
1849 /*
1850 * If we are starting a new connection, any previously pending EAPOL
1851 * RX cannot be valid anymore.
1852 */
1853 wpabuf_free(wpa_s->pending_eapol_rx);
1854 wpa_s->pending_eapol_rx = NULL;
1855
1856 if (ssid->mac_addr == -1)
1857 rand_style = wpa_s->conf->mac_addr;
1858 else
1859 rand_style = ssid->mac_addr;
1860
1861 wmm_ac_clear_saved_tspecs(wpa_s);
1862 wpa_s->reassoc_same_bss = 0;
1863 wpa_s->reassoc_same_ess = 0;
1864#ifdef CONFIG_TESTING_OPTIONS
1865 wpa_s->testing_resend_assoc = 0;
1866#endif /* CONFIG_TESTING_OPTIONS */
1867
1868 if (wpa_s->last_ssid == ssid) {
1869 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1870 wpa_s->reassoc_same_ess = 1;
1871 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1872 wmm_ac_save_tspecs(wpa_s);
1873 wpa_s->reassoc_same_bss = 1;
1874 }
1875 }
1876
1877 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
1878 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1879 return;
1880 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1881 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
1882 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1883 wpa_msg(wpa_s, MSG_INFO,
1884 "Could not restore permanent MAC address");
1885 return;
1886 }
1887 wpa_s->mac_addr_changed = 0;
1888 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1889 wpa_msg(wpa_s, MSG_INFO,
1890 "Could not update MAC address information");
1891 return;
1892 }
1893 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1894 }
1895 wpa_s->last_ssid = ssid;
1896
1897#ifdef CONFIG_IBSS_RSN
1898 ibss_rsn_deinit(wpa_s->ibss_rsn);
1899 wpa_s->ibss_rsn = NULL;
1900#else /* CONFIG_IBSS_RSN */
1901 if (ssid->mode == WPAS_MODE_IBSS &&
1902 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1903 wpa_msg(wpa_s, MSG_INFO,
1904 "IBSS RSN not supported in the build");
1905 return;
1906 }
1907#endif /* CONFIG_IBSS_RSN */
1908
1909 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1910 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1911#ifdef CONFIG_AP
1912 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1913 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1914 "mode");
1915 return;
1916 }
1917 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1918 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1919 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1920 wpas_p2p_ap_setup_failed(wpa_s);
1921 return;
1922 }
1923 wpa_s->current_bss = bss;
1924#else /* CONFIG_AP */
1925 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1926 "the build");
1927#endif /* CONFIG_AP */
1928 return;
1929 }
1930
1931 if (ssid->mode == WPAS_MODE_MESH) {
1932#ifdef CONFIG_MESH
1933 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1934 wpa_msg(wpa_s, MSG_INFO,
1935 "Driver does not support mesh mode");
1936 return;
1937 }
1938 if (bss)
1939 ssid->frequency = bss->freq;
1940 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1941 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1942 return;
1943 }
1944 wpa_s->current_bss = bss;
1945 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1946 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1947 ssid->id);
1948 wpas_notify_mesh_group_started(wpa_s, ssid);
1949#else /* CONFIG_MESH */
1950 wpa_msg(wpa_s, MSG_ERROR,
1951 "mesh mode support not included in the build");
1952#endif /* CONFIG_MESH */
1953 return;
1954 }
1955
1956 /*
1957 * Set WPA state machine configuration to match the selected network now
1958 * so that the information is available before wpas_start_assoc_cb()
1959 * gets called. This is needed at least for RSN pre-authentication where
1960 * candidate APs are added to a list based on scan result processing
1961 * before completion of the first association.
1962 */
1963 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
1964
1965#ifdef CONFIG_DPP
1966 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
1967 return;
1968#endif /* CONFIG_DPP */
1969
1970#ifdef CONFIG_TDLS
1971 if (bss)
1972 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1973 bss->ie_len);
1974#endif /* CONFIG_TDLS */
1975
1976 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1977 ssid->mode == IEEE80211_MODE_INFRA) {
1978 sme_authenticate(wpa_s, bss, ssid);
1979 return;
1980 }
1981
1982 if (wpa_s->connect_work) {
1983 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1984 return;
1985 }
1986
1987 if (radio_work_pending(wpa_s, "connect")) {
1988 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1989 return;
1990 }
1991
1992#ifdef CONFIG_SME
1993 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
1994 /* Clear possibly set auth_alg, if any, from last attempt. */
1995 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
1996 }
1997#endif /* CONFIG_SME */
1998
1999 wpas_abort_ongoing_scan(wpa_s);
2000
2001 cwork = os_zalloc(sizeof(*cwork));
2002 if (cwork == NULL)
2003 return;
2004
2005 cwork->bss = bss;
2006 cwork->ssid = ssid;
2007
2008 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2009 wpas_start_assoc_cb, cwork) < 0) {
2010 os_free(cwork);
2011 }
2012}
2013
2014
2015static int bss_is_ibss(struct wpa_bss *bss)
2016{
2017 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2018 IEEE80211_CAP_IBSS;
2019}
2020
2021
2022static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2023 const struct wpa_ssid *ssid)
2024{
2025 enum hostapd_hw_mode hw_mode;
2026 struct hostapd_hw_modes *mode = NULL;
2027 u8 channel;
2028 int i;
2029
2030 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2031 if (hw_mode == NUM_HOSTAPD_MODES)
2032 return 0;
2033 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2034 if (wpa_s->hw.modes[i].mode == hw_mode) {
2035 mode = &wpa_s->hw.modes[i];
2036 break;
2037 }
2038 }
2039
2040 if (!mode)
2041 return 0;
2042
2043 return mode->vht_capab != 0;
2044}
2045
2046
2047void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2048 const struct wpa_ssid *ssid,
2049 struct hostapd_freq_params *freq)
2050{
2051 enum hostapd_hw_mode hw_mode;
2052 struct hostapd_hw_modes *mode = NULL;
2053 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2054 184, 192 };
2055 int vht80[] = { 36, 52, 100, 116, 132, 149 };
2056 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2057 u8 channel;
2058 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2059 unsigned int j, k;
2060 struct hostapd_freq_params vht_freq;
2061 int chwidth, seg0, seg1;
2062 u32 vht_caps = 0;
2063
2064 freq->freq = ssid->frequency;
2065
2066 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2067 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2068
2069 if (ssid->mode != WPAS_MODE_IBSS)
2070 break;
2071
2072 /* Don't adjust control freq in case of fixed_freq */
2073 if (ssid->fixed_freq)
2074 break;
2075
2076 if (!bss_is_ibss(bss))
2077 continue;
2078
2079 if (ssid->ssid_len == bss->ssid_len &&
2080 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2081 wpa_printf(MSG_DEBUG,
2082 "IBSS already found in scan results, adjust control freq: %d",
2083 bss->freq);
2084 freq->freq = bss->freq;
2085 obss_scan = 0;
2086 break;
2087 }
2088 }
2089
2090 /* For IBSS check HT_IBSS flag */
2091 if (ssid->mode == WPAS_MODE_IBSS &&
2092 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2093 return;
2094
2095 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2096 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2097 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2098 wpa_printf(MSG_DEBUG,
2099 "IBSS: WEP/TKIP detected, do not try to enable HT");
2100 return;
2101 }
2102
2103 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2104 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2105 if (wpa_s->hw.modes[i].mode == hw_mode) {
2106 mode = &wpa_s->hw.modes[i];
2107 break;
2108 }
2109 }
2110
2111 if (!mode)
2112 return;
2113
2114#ifdef CONFIG_HT_OVERRIDES
2115 if (ssid->disable_ht) {
2116 freq->ht_enabled = 0;
2117 return;
2118 }
2119#endif /* CONFIG_HT_OVERRIDES */
2120
2121 freq->ht_enabled = ht_supported(mode);
2122 if (!freq->ht_enabled)
2123 return;
2124
2125 /* Setup higher BW only for 5 GHz */
2126 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2127 return;
2128
2129 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2130 pri_chan = &mode->channels[chan_idx];
2131 if (pri_chan->chan == channel)
2132 break;
2133 pri_chan = NULL;
2134 }
2135 if (!pri_chan)
2136 return;
2137
2138 /* Check primary channel flags */
2139 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2140 return;
2141
2142#ifdef CONFIG_HT_OVERRIDES
2143 if (ssid->disable_ht40)
2144 return;
2145#endif /* CONFIG_HT_OVERRIDES */
2146
2147 /* Check/setup HT40+/HT40- */
2148 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2149 if (ht40plus[j] == channel) {
2150 ht40 = 1;
2151 break;
2152 }
2153 }
2154
2155 /* Find secondary channel */
2156 for (i = 0; i < mode->num_channels; i++) {
2157 sec_chan = &mode->channels[i];
2158 if (sec_chan->chan == channel + ht40 * 4)
2159 break;
2160 sec_chan = NULL;
2161 }
2162 if (!sec_chan)
2163 return;
2164
2165 /* Check secondary channel flags */
2166 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2167 return;
2168
2169 freq->channel = pri_chan->chan;
2170
2171 if (ht40 == -1) {
2172 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2173 return;
2174 } else {
2175 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2176 return;
2177 }
2178 freq->sec_channel_offset = ht40;
2179
2180 if (obss_scan) {
2181 struct wpa_scan_results *scan_res;
2182
2183 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2184 if (scan_res == NULL) {
2185 /* Back to HT20 */
2186 freq->sec_channel_offset = 0;
2187 return;
2188 }
2189
2190 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2191 sec_chan->chan);
2192 switch (res) {
2193 case 0:
2194 /* Back to HT20 */
2195 freq->sec_channel_offset = 0;
2196 break;
2197 case 1:
2198 /* Configuration allowed */
2199 break;
2200 case 2:
2201 /* Switch pri/sec channels */
2202 freq->freq = hw_get_freq(mode, sec_chan->chan);
2203 freq->sec_channel_offset = -freq->sec_channel_offset;
2204 freq->channel = sec_chan->chan;
2205 break;
2206 default:
2207 freq->sec_channel_offset = 0;
2208 break;
2209 }
2210
2211 wpa_scan_results_free(scan_res);
2212 }
2213
2214 wpa_printf(MSG_DEBUG,
2215 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2216 freq->channel, freq->sec_channel_offset);
2217
2218 if (!drv_supports_vht(wpa_s, ssid))
2219 return;
2220
2221 /* For IBSS check VHT_IBSS flag */
2222 if (ssid->mode == WPAS_MODE_IBSS &&
2223 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2224 return;
2225
2226 vht_freq = *freq;
2227
2228#ifdef CONFIG_VHT_OVERRIDES
2229 if (ssid->disable_vht) {
2230 freq->vht_enabled = 0;
2231 return;
2232 }
2233#endif /* CONFIG_VHT_OVERRIDES */
2234
2235 vht_freq.vht_enabled = vht_supported(mode);
2236 if (!vht_freq.vht_enabled)
2237 return;
2238
2239 /* setup center_freq1, bandwidth */
2240 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2241 if (freq->channel >= vht80[j] &&
2242 freq->channel < vht80[j] + 16)
2243 break;
2244 }
2245
2246 if (j == ARRAY_SIZE(vht80))
2247 return;
2248
2249 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2250 struct hostapd_channel_data *chan;
2251
2252 chan = hw_get_channel_chan(mode, i, NULL);
2253 if (!chan)
2254 return;
2255
2256 /* Back to HT configuration if channel not usable */
2257 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2258 return;
2259 }
2260
2261 chwidth = VHT_CHANWIDTH_80MHZ;
2262 seg0 = vht80[j] + 6;
2263 seg1 = 0;
2264
2265 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2266 /* setup center_freq2, bandwidth */
2267 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2268 /* Only accept 80 MHz segments separated by a gap */
2269 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2270 continue;
2271 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2272 struct hostapd_channel_data *chan;
2273
2274 chan = hw_get_channel_chan(mode, i, NULL);
2275 if (!chan)
2276 continue;
2277
2278 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2279 HOSTAPD_CHAN_NO_IR |
2280 HOSTAPD_CHAN_RADAR))
2281 continue;
2282
2283 /* Found a suitable second segment for 80+80 */
2284 chwidth = VHT_CHANWIDTH_80P80MHZ;
2285 vht_caps |=
2286 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2287 seg1 = vht80[k] + 6;
2288 }
2289
2290 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2291 break;
2292 }
2293 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2294 if (freq->freq == 5180) {
2295 chwidth = VHT_CHANWIDTH_160MHZ;
2296 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2297 seg0 = 50;
2298 } else if (freq->freq == 5520) {
2299 chwidth = VHT_CHANWIDTH_160MHZ;
2300 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2301 seg0 = 114;
2302 }
2303 }
2304
2305 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2306 freq->channel, freq->ht_enabled,
2307 vht_freq.vht_enabled,
2308 freq->sec_channel_offset,
2309 chwidth, seg0, seg1, vht_caps) != 0)
2310 return;
2311
2312 *freq = vht_freq;
2313
2314 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2315 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2316}
2317
2318
2319#ifdef CONFIG_FILS
2320static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2321 size_t ie_buf_len)
2322{
2323 struct fils_hlp_req *req;
2324 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2325 const u8 *pos;
2326 u8 *buf = ie_buf;
2327
2328 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2329 list) {
2330 rem_len = ie_buf_len - ie_len;
2331 pos = wpabuf_head(req->pkt);
2332 hdr_len = 1 + 2 * ETH_ALEN + 6;
2333 hlp_len = wpabuf_len(req->pkt);
2334
2335 if (rem_len < 2 + hdr_len + hlp_len) {
2336 wpa_printf(MSG_ERROR,
2337 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2338 (unsigned long) rem_len,
2339 (unsigned long) (2 + hdr_len + hlp_len));
2340 break;
2341 }
2342
2343 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2344 /* Element ID */
2345 *buf++ = WLAN_EID_EXTENSION;
2346 /* Length */
2347 *buf++ = len;
2348 /* Element ID Extension */
2349 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2350 /* Destination MAC address */
2351 os_memcpy(buf, req->dst, ETH_ALEN);
2352 buf += ETH_ALEN;
2353 /* Source MAC address */
2354 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2355 buf += ETH_ALEN;
2356 /* LLC/SNAP Header */
2357 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2358 buf += 6;
2359 /* HLP Packet */
2360 os_memcpy(buf, pos, len - hdr_len);
2361 buf += len - hdr_len;
2362 pos += len - hdr_len;
2363
2364 hlp_len -= len - hdr_len;
2365 ie_len += 2 + len;
2366 rem_len -= 2 + len;
2367
2368 while (hlp_len) {
2369 len = (hlp_len > 255) ? 255 : hlp_len;
2370 if (rem_len < 2 + len)
2371 break;
2372 *buf++ = WLAN_EID_FRAGMENT;
2373 *buf++ = len;
2374 os_memcpy(buf, pos, len);
2375 buf += len;
2376 pos += len;
2377
2378 hlp_len -= len;
2379 ie_len += 2 + len;
2380 rem_len -= 2 + len;
2381 }
2382 }
2383
2384 return ie_len;
2385}
2386
2387
2388int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2389{
2390 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2391 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2392 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2393 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2394}
2395
2396
2397int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2398{
2399#ifdef CONFIG_FILS_SK_PFS
2400 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2401 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2402#else /* CONFIG_FILS_SK_PFS */
2403 return 0;
2404#endif /* CONFIG_FILS_SK_PFS */
2405}
2406
2407#endif /* CONFIG_FILS */
2408
2409
2410static u8 * wpas_populate_assoc_ies(
2411 struct wpa_supplicant *wpa_s,
2412 struct wpa_bss *bss, struct wpa_ssid *ssid,
2413 struct wpa_driver_associate_params *params,
2414 enum wpa_drv_update_connect_params_mask *mask)
2415{
2416 u8 *wpa_ie;
2417 size_t max_wpa_ie_len = 500;
2418 size_t wpa_ie_len;
2419 int algs = WPA_AUTH_ALG_OPEN;
2420#ifdef CONFIG_FILS
2421 const u8 *realm, *username, *rrk;
2422 size_t realm_len, username_len, rrk_len;
2423 u16 next_seq_num;
2424 struct fils_hlp_req *req;
2425
2426 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2427 list) {
2428 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2429 2 + 2 * wpabuf_len(req->pkt) / 255;
2430 }
2431#endif /* CONFIG_FILS */
2432
2433 wpa_ie = os_malloc(max_wpa_ie_len);
2434 if (!wpa_ie) {
2435 wpa_printf(MSG_ERROR,
2436 "Failed to allocate connect IE buffer for %lu bytes",
2437 (unsigned long) max_wpa_ie_len);
2438 return NULL;
2439 }
2440
2441 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2442 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2443 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2444 int try_opportunistic;
2445 const u8 *cache_id = NULL;
2446
2447 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2448 wpa_s->conf->okc :
2449 ssid->proactive_key_caching) &&
2450 (ssid->proto & WPA_PROTO_RSN);
2451#ifdef CONFIG_FILS
2452 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2453 cache_id = wpa_bss_get_fils_cache_id(bss);
2454#endif /* CONFIG_FILS */
2455 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2456 ssid, try_opportunistic,
2457 cache_id, 0) == 0)
2458 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2459 wpa_ie_len = max_wpa_ie_len;
2460 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2461 wpa_ie, &wpa_ie_len)) {
2462 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2463 "key management and encryption suites");
2464 os_free(wpa_ie);
2465 return NULL;
2466 }
2467 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2468 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2469 /*
2470 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2471 * use non-WPA since the scan results did not indicate that the
2472 * AP is using WPA or WPA2.
2473 */
2474 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2475 wpa_ie_len = 0;
2476 wpa_s->wpa_proto = 0;
2477 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2478 wpa_ie_len = max_wpa_ie_len;
2479 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2480 wpa_ie, &wpa_ie_len)) {
2481 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2482 "key management and encryption suites (no "
2483 "scan results)");
2484 os_free(wpa_ie);
2485 return NULL;
2486 }
2487#ifdef CONFIG_WPS
2488 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2489 struct wpabuf *wps_ie;
2490 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2491 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
2492 wpa_ie_len = wpabuf_len(wps_ie);
2493 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2494 } else
2495 wpa_ie_len = 0;
2496 wpabuf_free(wps_ie);
2497 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2498 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2499 params->wps = WPS_MODE_PRIVACY;
2500 else
2501 params->wps = WPS_MODE_OPEN;
2502 wpa_s->wpa_proto = 0;
2503#endif /* CONFIG_WPS */
2504 } else {
2505 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2506 wpa_ie_len = 0;
2507 wpa_s->wpa_proto = 0;
2508 }
2509
2510#ifdef IEEE8021X_EAPOL
2511 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2512 if (ssid->leap) {
2513 if (ssid->non_leap == 0)
2514 algs = WPA_AUTH_ALG_LEAP;
2515 else
2516 algs |= WPA_AUTH_ALG_LEAP;
2517 }
2518 }
2519
2520#ifdef CONFIG_FILS
2521 /* Clear FILS association */
2522 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2523
2524 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2525 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2526 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2527 &username_len, &realm, &realm_len,
2528 &next_seq_num, &rrk, &rrk_len) == 0) {
2529 algs = WPA_AUTH_ALG_FILS;
2530 params->fils_erp_username = username;
2531 params->fils_erp_username_len = username_len;
2532 params->fils_erp_realm = realm;
2533 params->fils_erp_realm_len = realm_len;
2534 params->fils_erp_next_seq_num = next_seq_num;
2535 params->fils_erp_rrk = rrk;
2536 params->fils_erp_rrk_len = rrk_len;
2537
2538 if (mask)
2539 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
2540 }
2541#endif /* CONFIG_FILS */
2542#endif /* IEEE8021X_EAPOL */
2543#ifdef CONFIG_SAE
2544 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2545 algs = WPA_AUTH_ALG_SAE;
2546#endif /* CONFIG_SAE */
2547
2548 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2549 if (ssid->auth_alg) {
2550 algs = ssid->auth_alg;
2551 wpa_dbg(wpa_s, MSG_DEBUG,
2552 "Overriding auth_alg selection: 0x%x", algs);
2553 }
2554
2555#ifdef CONFIG_P2P
2556 if (wpa_s->global->p2p) {
2557 u8 *pos;
2558 size_t len;
2559 int res;
2560 pos = wpa_ie + wpa_ie_len;
2561 len = max_wpa_ie_len - wpa_ie_len;
2562 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2563 ssid->p2p_group);
2564 if (res >= 0)
2565 wpa_ie_len += res;
2566 }
2567
2568 wpa_s->cross_connect_disallowed = 0;
2569 if (bss) {
2570 struct wpabuf *p2p;
2571 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2572 if (p2p) {
2573 wpa_s->cross_connect_disallowed =
2574 p2p_get_cross_connect_disallowed(p2p);
2575 wpabuf_free(p2p);
2576 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2577 "connection",
2578 wpa_s->cross_connect_disallowed ?
2579 "disallows" : "allows");
2580 }
2581 }
2582
2583 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2584#endif /* CONFIG_P2P */
2585
2586 if (bss) {
2587 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2588 wpa_ie + wpa_ie_len,
2589 max_wpa_ie_len -
2590 wpa_ie_len);
2591 }
2592
2593 /*
2594 * Workaround: Add Extended Capabilities element only if the AP
2595 * included this element in Beacon/Probe Response frames. Some older
2596 * APs seem to have interoperability issues if this element is
2597 * included, so while the standard may require us to include the
2598 * element in all cases, it is justifiable to skip it to avoid
2599 * interoperability issues.
2600 */
2601 if (ssid->p2p_group)
2602 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2603 else
2604 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2605
2606 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2607 u8 ext_capab[18];
2608 int ext_capab_len;
2609 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2610 sizeof(ext_capab));
2611 if (ext_capab_len > 0 &&
2612 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
2613 u8 *pos = wpa_ie;
2614 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2615 pos += 2 + pos[1];
2616 os_memmove(pos + ext_capab_len, pos,
2617 wpa_ie_len - (pos - wpa_ie));
2618 wpa_ie_len += ext_capab_len;
2619 os_memcpy(pos, ext_capab, ext_capab_len);
2620 }
2621 }
2622
2623#ifdef CONFIG_HS20
2624 if (is_hs20_network(wpa_s, ssid, bss)) {
2625 struct wpabuf *hs20;
2626
2627 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
2628 if (hs20) {
2629 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2630 size_t len;
2631
2632 wpas_hs20_add_indication(hs20, pps_mo_id);
2633 wpas_hs20_add_roam_cons_sel(hs20, ssid);
2634 len = max_wpa_ie_len - wpa_ie_len;
2635 if (wpabuf_len(hs20) <= len) {
2636 os_memcpy(wpa_ie + wpa_ie_len,
2637 wpabuf_head(hs20), wpabuf_len(hs20));
2638 wpa_ie_len += wpabuf_len(hs20);
2639 }
2640 wpabuf_free(hs20);
2641
2642 hs20_configure_frame_filters(wpa_s);
2643 }
2644 }
2645#endif /* CONFIG_HS20 */
2646
2647 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2648 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2649 size_t len;
2650
2651 len = max_wpa_ie_len - wpa_ie_len;
2652 if (wpabuf_len(buf) <= len) {
2653 os_memcpy(wpa_ie + wpa_ie_len,
2654 wpabuf_head(buf), wpabuf_len(buf));
2655 wpa_ie_len += wpabuf_len(buf);
2656 }
2657 }
2658
2659#ifdef CONFIG_FST
2660 if (wpa_s->fst_ies) {
2661 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2662
2663 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
2664 os_memcpy(wpa_ie + wpa_ie_len,
2665 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2666 wpa_ie_len += fst_ies_len;
2667 }
2668 }
2669#endif /* CONFIG_FST */
2670
2671#ifdef CONFIG_MBO
2672 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
2673 int len;
2674
2675 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2676 max_wpa_ie_len - wpa_ie_len);
2677 if (len >= 0)
2678 wpa_ie_len += len;
2679 }
2680#endif /* CONFIG_MBO */
2681
2682#ifdef CONFIG_FILS
2683 if (algs == WPA_AUTH_ALG_FILS) {
2684 size_t len;
2685
2686 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2687 max_wpa_ie_len - wpa_ie_len);
2688 wpa_ie_len += len;
2689 }
2690#endif /* CONFIG_FILS */
2691
2692#ifdef CONFIG_OWE
2693#ifdef CONFIG_TESTING_OPTIONS
2694 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2695 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2696 } else
2697#endif /* CONFIG_TESTING_OPTIONS */
2698 if (algs == WPA_AUTH_ALG_OPEN &&
2699 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2700 struct wpabuf *owe_ie;
2701 u16 group;
2702
2703 if (ssid->owe_group) {
2704 group = ssid->owe_group;
2705 } else {
2706 if (wpa_s->last_owe_group == 19)
2707 group = 20;
2708 else if (wpa_s->last_owe_group == 20)
2709 group = 21;
2710 else
2711 group = OWE_DH_GROUP;
2712 }
2713 wpa_s->last_owe_group = group;
2714 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
2715 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2716 if (owe_ie &&
2717 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2718 os_memcpy(wpa_ie + wpa_ie_len,
2719 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2720 wpa_ie_len += wpabuf_len(owe_ie);
2721 wpabuf_free(owe_ie);
2722 }
2723 }
2724#endif /* CONFIG_OWE */
2725
2726#ifdef CONFIG_IEEE80211R
2727 /*
2728 * Add MDIE under these conditions: the network profile allows FT,
2729 * the AP supports FT, and the mobility domain ID matches.
2730 */
2731 if (wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
2732 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2733
2734 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
2735 size_t len = 0;
2736 const u8 *md = mdie + 2;
2737 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
2738
2739 if (os_memcmp(md, wpa_md,
2740 MOBILITY_DOMAIN_ID_LEN) == 0) {
2741 /* Add mobility domain IE */
2742 len = wpa_ft_add_mdie(
2743 wpa_s->wpa, wpa_ie + wpa_ie_len,
2744 max_wpa_ie_len - wpa_ie_len, mdie);
2745 wpa_ie_len += len;
2746 }
2747#ifdef CONFIG_SME
2748 if (len > 0 && wpa_s->sme.ft_used &&
2749 wpa_sm_has_ptk(wpa_s->wpa)) {
2750 wpa_dbg(wpa_s, MSG_DEBUG,
2751 "SME: Trying to use FT over-the-air");
2752 algs |= WPA_AUTH_ALG_FT;
2753 }
2754#endif /* CONFIG_SME */
2755 }
2756 }
2757#endif /* CONFIG_IEEE80211R */
2758
2759 params->wpa_ie = wpa_ie;
2760 params->wpa_ie_len = wpa_ie_len;
2761 params->auth_alg = algs;
2762 if (mask)
2763 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
2764
2765 return wpa_ie;
2766}
2767
2768
2769#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2770static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
2771{
2772 struct wpa_driver_associate_params params;
2773 enum wpa_drv_update_connect_params_mask mask = 0;
2774 u8 *wpa_ie;
2775
2776 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
2777 return; /* nothing to do */
2778
2779 os_memset(&params, 0, sizeof(params));
2780 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
2781 wpa_s->current_ssid, &params, &mask);
2782 if (!wpa_ie)
2783 return;
2784
2785 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
2786 os_free(wpa_ie);
2787 return;
2788 }
2789
2790 wpa_s->auth_alg = params.auth_alg;
2791 wpa_drv_update_connect_params(wpa_s, &params, mask);
2792 os_free(wpa_ie);
2793}
2794#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2795
2796
2797static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2798{
2799 struct wpa_connect_work *cwork = work->ctx;
2800 struct wpa_bss *bss = cwork->bss;
2801 struct wpa_ssid *ssid = cwork->ssid;
2802 struct wpa_supplicant *wpa_s = work->wpa_s;
2803 u8 *wpa_ie;
2804 int use_crypt, ret, i, bssid_changed;
2805 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
2806 struct wpa_driver_associate_params params;
2807 int wep_keys_set = 0;
2808 int assoc_failed = 0;
2809 struct wpa_ssid *old_ssid;
2810 u8 prev_bssid[ETH_ALEN];
2811#ifdef CONFIG_HT_OVERRIDES
2812 struct ieee80211_ht_capabilities htcaps;
2813 struct ieee80211_ht_capabilities htcaps_mask;
2814#endif /* CONFIG_HT_OVERRIDES */
2815#ifdef CONFIG_VHT_OVERRIDES
2816 struct ieee80211_vht_capabilities vhtcaps;
2817 struct ieee80211_vht_capabilities vhtcaps_mask;
2818#endif /* CONFIG_VHT_OVERRIDES */
2819
2820 if (deinit) {
2821 if (work->started) {
2822 wpa_s->connect_work = NULL;
2823
2824 /* cancel possible auth. timeout */
2825 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2826 NULL);
2827 }
2828 wpas_connect_work_free(cwork);
2829 return;
2830 }
2831
2832 wpa_s->connect_work = work;
2833
2834 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2835 wpas_network_disabled(wpa_s, ssid)) {
2836 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2837 wpas_connect_work_done(wpa_s);
2838 return;
2839 }
2840
2841 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2842 os_memset(&params, 0, sizeof(params));
2843 wpa_s->reassociate = 0;
2844 wpa_s->eap_expected_failure = 0;
2845 if (bss &&
2846 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2847#ifdef CONFIG_IEEE80211R
2848 const u8 *ie, *md = NULL;
2849#endif /* CONFIG_IEEE80211R */
2850 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2851 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2852 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2853 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2854 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2855 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2856 if (bssid_changed)
2857 wpas_notify_bssid_changed(wpa_s);
2858#ifdef CONFIG_IEEE80211R
2859 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2860 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2861 md = ie + 2;
2862 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2863 if (md) {
2864 /* Prepare for the next transition */
2865 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2866 }
2867#endif /* CONFIG_IEEE80211R */
2868#ifdef CONFIG_WPS
2869 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2870 wpa_s->conf->ap_scan == 2 &&
2871 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2872 /* Use ap_scan==1 style network selection to find the network
2873 */
2874 wpas_connect_work_done(wpa_s);
2875 wpa_s->scan_req = MANUAL_SCAN_REQ;
2876 wpa_s->reassociate = 1;
2877 wpa_supplicant_req_scan(wpa_s, 0, 0);
2878 return;
2879#endif /* CONFIG_WPS */
2880 } else {
2881 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2882 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2883 if (bss)
2884 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2885 else
2886 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2887 }
2888 if (!wpa_s->pno)
2889 wpa_supplicant_cancel_sched_scan(wpa_s);
2890
2891 wpa_supplicant_cancel_scan(wpa_s);
2892
2893 /* Starting new association, so clear the possibly used WPA IE from the
2894 * previous association. */
2895 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2896
2897 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
2898 if (!wpa_ie) {
2899 wpas_connect_work_done(wpa_s);
2900 return;
2901 }
2902
2903 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2904 use_crypt = 1;
2905 cipher_pairwise = wpa_s->pairwise_cipher;
2906 cipher_group = wpa_s->group_cipher;
2907 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
2908 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2909 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2910 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2911 use_crypt = 0;
2912 if (wpa_set_wep_keys(wpa_s, ssid)) {
2913 use_crypt = 1;
2914 wep_keys_set = 1;
2915 }
2916 }
2917 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2918 use_crypt = 0;
2919
2920#ifdef IEEE8021X_EAPOL
2921 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2922 if ((ssid->eapol_flags &
2923 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2924 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2925 !wep_keys_set) {
2926 use_crypt = 0;
2927 } else {
2928 /* Assume that dynamic WEP-104 keys will be used and
2929 * set cipher suites in order for drivers to expect
2930 * encryption. */
2931 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2932 }
2933 }
2934#endif /* IEEE8021X_EAPOL */
2935
2936 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2937 /* Set the key before (and later after) association */
2938 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2939 }
2940
2941 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2942 if (bss) {
2943 params.ssid = bss->ssid;
2944 params.ssid_len = bss->ssid_len;
2945 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2946 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
2947 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2948 MACSTR " freq=%u MHz based on scan results "
2949 "(bssid_set=%d wps=%d)",
2950 MAC2STR(bss->bssid), bss->freq,
2951 ssid->bssid_set,
2952 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
2953 params.bssid = bss->bssid;
2954 params.freq.freq = bss->freq;
2955 }
2956 params.bssid_hint = bss->bssid;
2957 params.freq_hint = bss->freq;
2958 params.pbss = bss_is_pbss(bss);
2959 } else {
2960 if (ssid->bssid_hint_set)
2961 params.bssid_hint = ssid->bssid_hint;
2962
2963 params.ssid = ssid->ssid;
2964 params.ssid_len = ssid->ssid_len;
2965 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2966 }
2967
2968 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2969 wpa_s->conf->ap_scan == 2) {
2970 params.bssid = ssid->bssid;
2971 params.fixed_bssid = 1;
2972 }
2973
2974 /* Initial frequency for IBSS/mesh */
2975 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2976 ssid->frequency > 0 && params.freq.freq == 0)
2977 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2978
2979 if (ssid->mode == WPAS_MODE_IBSS) {
2980 params.fixed_freq = ssid->fixed_freq;
2981 if (ssid->beacon_int)
2982 params.beacon_int = ssid->beacon_int;
2983 else
2984 params.beacon_int = wpa_s->conf->beacon_int;
2985 }
2986
2987 params.pairwise_suite = cipher_pairwise;
2988 params.group_suite = cipher_group;
2989 params.mgmt_group_suite = cipher_group_mgmt;
2990 params.key_mgmt_suite = wpa_s->key_mgmt;
2991 params.wpa_proto = wpa_s->wpa_proto;
2992 wpa_s->auth_alg = params.auth_alg;
2993 params.mode = ssid->mode;
2994 params.bg_scan_period = ssid->bg_scan_period;
2995 for (i = 0; i < NUM_WEP_KEYS; i++) {
2996 if (ssid->wep_key_len[i])
2997 params.wep_key[i] = ssid->wep_key[i];
2998 params.wep_key_len[i] = ssid->wep_key_len[i];
2999 }
3000 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3001
3002 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3003 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3004 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3005 params.passphrase = ssid->passphrase;
3006 if (ssid->psk_set)
3007 params.psk = ssid->psk;
3008 }
3009
3010 if (wpa_s->conf->key_mgmt_offload) {
3011 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3012 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3013 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3014 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3015 params.req_key_mgmt_offload =
3016 ssid->proactive_key_caching < 0 ?
3017 wpa_s->conf->okc : ssid->proactive_key_caching;
3018 else
3019 params.req_key_mgmt_offload = 1;
3020
3021 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3022 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3023 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3024 ssid->psk_set)
3025 params.psk = ssid->psk;
3026 }
3027
3028 params.drop_unencrypted = use_crypt;
3029
3030#ifdef CONFIG_IEEE80211W
3031 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3032 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3033 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3034 struct wpa_ie_data ie;
3035 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3036 ie.capabilities &
3037 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3039 "MFP: require MFP");
3040 params.mgmt_frame_protection =
3041 MGMT_FRAME_PROTECTION_REQUIRED;
3042 }
3043 }
3044#endif /* CONFIG_IEEE80211W */
3045
3046 params.p2p = ssid->p2p_group;
3047
3048 if (wpa_s->p2pdev->set_sta_uapsd)
3049 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3050 else
3051 params.uapsd = -1;
3052
3053#ifdef CONFIG_HT_OVERRIDES
3054 os_memset(&htcaps, 0, sizeof(htcaps));
3055 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3056 params.htcaps = (u8 *) &htcaps;
3057 params.htcaps_mask = (u8 *) &htcaps_mask;
3058 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3059#endif /* CONFIG_HT_OVERRIDES */
3060#ifdef CONFIG_VHT_OVERRIDES
3061 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3062 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3063 params.vhtcaps = &vhtcaps;
3064 params.vhtcaps_mask = &vhtcaps_mask;
3065 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
3066#endif /* CONFIG_VHT_OVERRIDES */
3067
3068#ifdef CONFIG_P2P
3069 /*
3070 * If multi-channel concurrency is not supported, check for any
3071 * frequency conflict. In case of any frequency conflict, remove the
3072 * least prioritized connection.
3073 */
3074 if (wpa_s->num_multichan_concurrent < 2) {
3075 int freq, num;
3076 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3077 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3078 wpa_printf(MSG_DEBUG,
3079 "Assoc conflicting freq found (%d != %d)",
3080 freq, params.freq.freq);
3081 if (wpas_p2p_handle_frequency_conflicts(
3082 wpa_s, params.freq.freq, ssid) < 0) {
3083 wpas_connect_work_done(wpa_s);
3084 os_free(wpa_ie);
3085 return;
3086 }
3087 }
3088 }
3089#endif /* CONFIG_P2P */
3090
3091 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3092 wpa_s->current_ssid)
3093 params.prev_bssid = prev_bssid;
3094
3095 ret = wpa_drv_associate(wpa_s, &params);
3096 os_free(wpa_ie);
3097 if (ret < 0) {
3098 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3099 "failed");
3100 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3101 /*
3102 * The driver is known to mean what is saying, so we
3103 * can stop right here; the association will not
3104 * succeed.
3105 */
3106 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
3107 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3108 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3109 return;
3110 }
3111 /* try to continue anyway; new association will be tried again
3112 * after timeout */
3113 assoc_failed = 1;
3114 }
3115
3116 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3117 /* Set the key after the association just in case association
3118 * cleared the previously configured key. */
3119 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3120 /* No need to timeout authentication since there is no key
3121 * management. */
3122 wpa_supplicant_cancel_auth_timeout(wpa_s);
3123 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
3124#ifdef CONFIG_IBSS_RSN
3125 } else if (ssid->mode == WPAS_MODE_IBSS &&
3126 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3127 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3128 /*
3129 * RSN IBSS authentication is per-STA and we can disable the
3130 * per-BSSID authentication.
3131 */
3132 wpa_supplicant_cancel_auth_timeout(wpa_s);
3133#endif /* CONFIG_IBSS_RSN */
3134 } else {
3135 /* Timeout for IEEE 802.11 authentication and association */
3136 int timeout = 60;
3137
3138 if (assoc_failed) {
3139 /* give IBSS a bit more time */
3140 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
3141 } else if (wpa_s->conf->ap_scan == 1) {
3142 /* give IBSS a bit more time */
3143 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
3144 }
3145 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3146 }
3147
3148 if (wep_keys_set &&
3149 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
3150 /* Set static WEP keys again */
3151 wpa_set_wep_keys(wpa_s, ssid);
3152 }
3153
3154 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3155 /*
3156 * Do not allow EAP session resumption between different
3157 * network configurations.
3158 */
3159 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3160 }
3161 old_ssid = wpa_s->current_ssid;
3162 wpa_s->current_ssid = ssid;
3163
3164 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
3165 wpa_s->current_bss = bss;
3166#ifdef CONFIG_HS20
3167 hs20_configure_frame_filters(wpa_s);
3168#endif /* CONFIG_HS20 */
3169 }
3170
3171 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3172 wpa_supplicant_initiate_eapol(wpa_s);
3173 if (old_ssid != wpa_s->current_ssid)
3174 wpas_notify_network_changed(wpa_s);
3175}
3176
3177
3178static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3179 const u8 *addr)
3180{
3181 struct wpa_ssid *old_ssid;
3182
3183 wpas_connect_work_done(wpa_s);
3184 wpa_clear_keys(wpa_s, addr);
3185 old_ssid = wpa_s->current_ssid;
3186 wpa_supplicant_mark_disassoc(wpa_s);
3187 wpa_sm_set_config(wpa_s->wpa, NULL);
3188 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3189 if (old_ssid != wpa_s->current_ssid)
3190 wpas_notify_network_changed(wpa_s);
3191 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3192}
3193
3194
3195/**
3196 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3197 * @wpa_s: Pointer to wpa_supplicant data
3198 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3199 *
3200 * This function is used to request %wpa_supplicant to deauthenticate from the
3201 * current AP.
3202 */
3203void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3204 int reason_code)
3205{
3206 u8 *addr = NULL;
3207 union wpa_event_data event;
3208 int zero_addr = 0;
3209
3210 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3211 " pending_bssid=" MACSTR " reason=%d state=%s",
3212 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3213 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
3214
3215 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3216 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3217 wpa_s->wpa_state == WPA_ASSOCIATING))
3218 addr = wpa_s->pending_bssid;
3219 else if (!is_zero_ether_addr(wpa_s->bssid))
3220 addr = wpa_s->bssid;
3221 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3222 /*
3223 * When using driver-based BSS selection, we may not know the
3224 * BSSID with which we are currently trying to associate. We
3225 * need to notify the driver of this disconnection even in such
3226 * a case, so use the all zeros address here.
3227 */
3228 addr = wpa_s->bssid;
3229 zero_addr = 1;
3230 }
3231
3232#ifdef CONFIG_TDLS
3233 wpa_tdls_teardown_peers(wpa_s->wpa);
3234#endif /* CONFIG_TDLS */
3235
3236#ifdef CONFIG_MESH
3237 if (wpa_s->ifmsh) {
3238 struct mesh_conf *mconf;
3239
3240 mconf = wpa_s->ifmsh->mconf;
3241 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3242 wpa_s->ifname);
3243 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3244 mconf->meshid_len, reason_code);
3245 wpa_supplicant_leave_mesh(wpa_s);
3246 }
3247#endif /* CONFIG_MESH */
3248
3249 if (addr) {
3250 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
3251 os_memset(&event, 0, sizeof(event));
3252 event.deauth_info.reason_code = (u16) reason_code;
3253 event.deauth_info.locally_generated = 1;
3254 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
3255 if (zero_addr)
3256 addr = NULL;
3257 }
3258
3259 wpa_supplicant_clear_connection(wpa_s, addr);
3260}
3261
3262static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3263 struct wpa_ssid *ssid)
3264{
3265 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3266 return;
3267
3268 ssid->disabled = 0;
3269 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3270 wpas_notify_network_enabled_changed(wpa_s, ssid);
3271
3272 /*
3273 * Try to reassociate since there is no current configuration and a new
3274 * network was made available.
3275 */
3276 if (!wpa_s->current_ssid && !wpa_s->disconnected)
3277 wpa_s->reassociate = 1;
3278}
3279
3280
3281/**
3282 * wpa_supplicant_add_network - Add a new network
3283 * @wpa_s: wpa_supplicant structure for a network interface
3284 * Returns: The new network configuration or %NULL if operation failed
3285 *
3286 * This function performs the following operations:
3287 * 1. Adds a new network.
3288 * 2. Send network addition notification.
3289 * 3. Marks the network disabled.
3290 * 4. Set network default parameters.
3291 */
3292struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3293{
3294 struct wpa_ssid *ssid;
3295
3296 ssid = wpa_config_add_network(wpa_s->conf);
3297 if (!ssid)
3298 return NULL;
3299 wpas_notify_network_added(wpa_s, ssid);
3300 ssid->disabled = 1;
3301 wpa_config_set_network_defaults(ssid);
3302
3303 return ssid;
3304}
3305
3306
3307/**
3308 * wpa_supplicant_remove_network - Remove a configured network based on id
3309 * @wpa_s: wpa_supplicant structure for a network interface
3310 * @id: Unique network id to search for
3311 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3312 * could not be removed
3313 *
3314 * This function performs the following operations:
3315 * 1. Removes the network.
3316 * 2. Send network removal notification.
3317 * 3. Update internal state machines.
3318 * 4. Stop any running sched scans.
3319 */
3320int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3321{
3322 struct wpa_ssid *ssid;
3323 int was_disabled;
3324
3325 ssid = wpa_config_get_network(wpa_s->conf, id);
3326 if (!ssid)
3327 return -1;
3328 wpas_notify_network_removed(wpa_s, ssid);
3329
3330 if (wpa_s->last_ssid == ssid)
3331 wpa_s->last_ssid = NULL;
3332
3333 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3334#ifdef CONFIG_SME
3335 wpa_s->sme.prev_bssid_set = 0;
3336#endif /* CONFIG_SME */
3337 /*
3338 * Invalidate the EAP session cache if the current or
3339 * previously used network is removed.
3340 */
3341 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3342 }
3343
3344 if (ssid == wpa_s->current_ssid) {
3345 wpa_sm_set_config(wpa_s->wpa, NULL);
3346 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3347
3348 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3349 wpa_s->own_disconnect_req = 1;
3350 wpa_supplicant_deauthenticate(wpa_s,
3351 WLAN_REASON_DEAUTH_LEAVING);
3352 }
3353
3354 was_disabled = ssid->disabled;
3355
3356 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3357 return -2;
3358
3359 if (!was_disabled && wpa_s->sched_scanning) {
3360 wpa_printf(MSG_DEBUG,
3361 "Stop ongoing sched_scan to remove network from filters");
3362 wpa_supplicant_cancel_sched_scan(wpa_s);
3363 wpa_supplicant_req_scan(wpa_s, 0, 0);
3364 }
3365
3366 return 0;
3367}
3368
3369
3370/**
3371 * wpa_supplicant_enable_network - Mark a configured network as enabled
3372 * @wpa_s: wpa_supplicant structure for a network interface
3373 * @ssid: wpa_ssid structure for a configured network or %NULL
3374 *
3375 * Enables the specified network or all networks if no network specified.
3376 */
3377void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3378 struct wpa_ssid *ssid)
3379{
3380 if (ssid == NULL) {
3381 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3382 wpa_supplicant_enable_one_network(wpa_s, ssid);
3383 } else
3384 wpa_supplicant_enable_one_network(wpa_s, ssid);
3385
3386 if (wpa_s->reassociate && !wpa_s->disconnected &&
3387 (!wpa_s->current_ssid ||
3388 wpa_s->wpa_state == WPA_DISCONNECTED ||
3389 wpa_s->wpa_state == WPA_SCANNING)) {
3390 if (wpa_s->sched_scanning) {
3391 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3392 "new network to scan filters");
3393 wpa_supplicant_cancel_sched_scan(wpa_s);
3394 }
3395
3396 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3397 wpa_s->scan_req = NORMAL_SCAN_REQ;
3398 wpa_supplicant_req_scan(wpa_s, 0, 0);
3399 }
3400 }
3401}
3402
3403
3404/**
3405 * wpa_supplicant_disable_network - Mark a configured network as disabled
3406 * @wpa_s: wpa_supplicant structure for a network interface
3407 * @ssid: wpa_ssid structure for a configured network or %NULL
3408 *
3409 * Disables the specified network or all networks if no network specified.
3410 */
3411void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3412 struct wpa_ssid *ssid)
3413{
3414 struct wpa_ssid *other_ssid;
3415 int was_disabled;
3416
3417 if (ssid == NULL) {
3418 if (wpa_s->sched_scanning)
3419 wpa_supplicant_cancel_sched_scan(wpa_s);
3420
3421 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3422 other_ssid = other_ssid->next) {
3423 was_disabled = other_ssid->disabled;
3424 if (was_disabled == 2)
3425 continue; /* do not change persistent P2P group
3426 * data */
3427
3428 other_ssid->disabled = 1;
3429
3430 if (was_disabled != other_ssid->disabled)
3431 wpas_notify_network_enabled_changed(
3432 wpa_s, other_ssid);
3433 }
3434 if (wpa_s->current_ssid) {
3435 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3436 wpa_s->own_disconnect_req = 1;
3437 wpa_supplicant_deauthenticate(
3438 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3439 }
3440 } else if (ssid->disabled != 2) {
3441 if (ssid == wpa_s->current_ssid) {
3442 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3443 wpa_s->own_disconnect_req = 1;
3444 wpa_supplicant_deauthenticate(
3445 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3446 }
3447
3448 was_disabled = ssid->disabled;
3449
3450 ssid->disabled = 1;
3451
3452 if (was_disabled != ssid->disabled) {
3453 wpas_notify_network_enabled_changed(wpa_s, ssid);
3454 if (wpa_s->sched_scanning) {
3455 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3456 "to remove network from filters");
3457 wpa_supplicant_cancel_sched_scan(wpa_s);
3458 wpa_supplicant_req_scan(wpa_s, 0, 0);
3459 }
3460 }
3461 }
3462}
3463
3464
3465/**
3466 * wpa_supplicant_select_network - Attempt association with a network
3467 * @wpa_s: wpa_supplicant structure for a network interface
3468 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3469 */
3470void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3471 struct wpa_ssid *ssid)
3472{
3473
3474 struct wpa_ssid *other_ssid;
3475 int disconnected = 0;
3476
3477 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
3478 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3479 wpa_s->own_disconnect_req = 1;
3480 wpa_supplicant_deauthenticate(
3481 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
3482 disconnected = 1;
3483 }
3484
3485 if (ssid)
3486 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3487
3488 /*
3489 * Mark all other networks disabled or mark all networks enabled if no
3490 * network specified.
3491 */
3492 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3493 other_ssid = other_ssid->next) {
3494 int was_disabled = other_ssid->disabled;
3495 if (was_disabled == 2)
3496 continue; /* do not change persistent P2P group data */
3497
3498 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
3499 if (was_disabled && !other_ssid->disabled)
3500 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
3501
3502 if (was_disabled != other_ssid->disabled)
3503 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
3504 }
3505
3506 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3507 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
3508 /* We are already associated with the selected network */
3509 wpa_printf(MSG_DEBUG, "Already associated with the "
3510 "selected network - do nothing");
3511 return;
3512 }
3513
3514 if (ssid) {
3515 wpa_s->current_ssid = ssid;
3516 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3517 wpa_s->connect_without_scan =
3518 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
3519
3520 /*
3521 * Don't optimize next scan freqs since a new ESS has been
3522 * selected.
3523 */
3524 os_free(wpa_s->next_scan_freqs);
3525 wpa_s->next_scan_freqs = NULL;
3526 } else {
3527 wpa_s->connect_without_scan = NULL;
3528 }
3529
3530 wpa_s->disconnected = 0;
3531 wpa_s->reassociate = 1;
3532 wpa_s->last_owe_group = 0;
3533
3534 if (wpa_s->connect_without_scan ||
3535 wpa_supplicant_fast_associate(wpa_s) != 1) {
3536 wpa_s->scan_req = NORMAL_SCAN_REQ;
3537 wpas_scan_reset_sched_scan(wpa_s);
3538 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
3539 }
3540
3541 if (ssid)
3542 wpas_notify_network_selected(wpa_s, ssid);
3543}
3544
3545
3546/**
3547 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3548 * @wpa_s: wpa_supplicant structure for a network interface
3549 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3550 * @pkcs11_module_path: PKCS #11 module path or NULL
3551 * Returns: 0 on success; -1 on failure
3552 *
3553 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3554 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3555 * module path fails the paths will be reset to the default value (NULL).
3556 */
3557int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3558 const char *pkcs11_engine_path,
3559 const char *pkcs11_module_path)
3560{
3561 char *pkcs11_engine_path_copy = NULL;
3562 char *pkcs11_module_path_copy = NULL;
3563
3564 if (pkcs11_engine_path != NULL) {
3565 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3566 if (pkcs11_engine_path_copy == NULL)
3567 return -1;
3568 }
3569 if (pkcs11_module_path != NULL) {
3570 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
3571 if (pkcs11_module_path_copy == NULL) {
3572 os_free(pkcs11_engine_path_copy);
3573 return -1;
3574 }
3575 }
3576
3577 os_free(wpa_s->conf->pkcs11_engine_path);
3578 os_free(wpa_s->conf->pkcs11_module_path);
3579 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3580 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3581
3582 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3583 eapol_sm_deinit(wpa_s->eapol);
3584 wpa_s->eapol = NULL;
3585 if (wpa_supplicant_init_eapol(wpa_s)) {
3586 /* Error -> Reset paths to the default value (NULL) once. */
3587 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3588 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3589 NULL);
3590
3591 return -1;
3592 }
3593 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3594
3595 return 0;
3596}
3597
3598
3599/**
3600 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3601 * @wpa_s: wpa_supplicant structure for a network interface
3602 * @ap_scan: AP scan mode
3603 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3604 *
3605 */
3606int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3607{
3608
3609 int old_ap_scan;
3610
3611 if (ap_scan < 0 || ap_scan > 2)
3612 return -1;
3613
3614 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3615 wpa_printf(MSG_INFO,
3616 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3617 }
3618
3619#ifdef ANDROID
3620 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3621 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3622 wpa_s->wpa_state < WPA_COMPLETED) {
3623 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3624 "associating", wpa_s->conf->ap_scan, ap_scan);
3625 return 0;
3626 }
3627#endif /* ANDROID */
3628
3629 old_ap_scan = wpa_s->conf->ap_scan;
3630 wpa_s->conf->ap_scan = ap_scan;
3631
3632 if (old_ap_scan != wpa_s->conf->ap_scan)
3633 wpas_notify_ap_scan_changed(wpa_s);
3634
3635 return 0;
3636}
3637
3638
3639/**
3640 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3641 * @wpa_s: wpa_supplicant structure for a network interface
3642 * @expire_age: Expiration age in seconds
3643 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3644 *
3645 */
3646int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3647 unsigned int bss_expire_age)
3648{
3649 if (bss_expire_age < 10) {
3650 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3651 bss_expire_age);
3652 return -1;
3653 }
3654 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3655 bss_expire_age);
3656 wpa_s->conf->bss_expiration_age = bss_expire_age;
3657
3658 return 0;
3659}
3660
3661
3662/**
3663 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3664 * @wpa_s: wpa_supplicant structure for a network interface
3665 * @expire_count: number of scans after which an unseen BSS is reclaimed
3666 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3667 *
3668 */
3669int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3670 unsigned int bss_expire_count)
3671{
3672 if (bss_expire_count < 1) {
3673 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3674 bss_expire_count);
3675 return -1;
3676 }
3677 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3678 bss_expire_count);
3679 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3680
3681 return 0;
3682}
3683
3684
3685/**
3686 * wpa_supplicant_set_scan_interval - Set scan interval
3687 * @wpa_s: wpa_supplicant structure for a network interface
3688 * @scan_interval: scan interval in seconds
3689 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3690 *
3691 */
3692int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3693 int scan_interval)
3694{
3695 if (scan_interval < 0) {
3696 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3697 scan_interval);
3698 return -1;
3699 }
3700 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3701 scan_interval);
3702 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3703
3704 return 0;
3705}
3706
3707
3708/**
3709 * wpa_supplicant_set_debug_params - Set global debug params
3710 * @global: wpa_global structure
3711 * @debug_level: debug level
3712 * @debug_timestamp: determines if show timestamp in debug data
3713 * @debug_show_keys: determines if show keys in debug data
3714 * Returns: 0 if succeed or -1 if debug_level has wrong value
3715 */
3716int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3717 int debug_timestamp, int debug_show_keys)
3718{
3719
3720 int old_level, old_timestamp, old_show_keys;
3721
3722 /* check for allowed debuglevels */
3723 if (debug_level != MSG_EXCESSIVE &&
3724 debug_level != MSG_MSGDUMP &&
3725 debug_level != MSG_DEBUG &&
3726 debug_level != MSG_INFO &&
3727 debug_level != MSG_WARNING &&
3728 debug_level != MSG_ERROR)
3729 return -1;
3730
3731 old_level = wpa_debug_level;
3732 old_timestamp = wpa_debug_timestamp;
3733 old_show_keys = wpa_debug_show_keys;
3734
3735 wpa_debug_level = debug_level;
3736 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3737 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3738
3739 if (wpa_debug_level != old_level)
3740 wpas_notify_debug_level_changed(global);
3741 if (wpa_debug_timestamp != old_timestamp)
3742 wpas_notify_debug_timestamp_changed(global);
3743 if (wpa_debug_show_keys != old_show_keys)
3744 wpas_notify_debug_show_keys_changed(global);
3745
3746 return 0;
3747}
3748
3749
3750#ifdef CONFIG_OWE
3751static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
3752 const u8 *entry_ssid, size_t entry_ssid_len)
3753{
3754 const u8 *owe, *pos, *end;
3755 u8 ssid_len;
3756 struct wpa_bss *bss;
3757
3758 /* Check network profile SSID aganst the SSID in the
3759 * OWE Transition Mode element. */
3760
3761 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
3762 if (!bss)
3763 return 0;
3764
3765 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
3766 if (!owe)
3767 return 0;
3768
3769 pos = owe + 6;
3770 end = owe + 2 + owe[1];
3771
3772 if (end - pos < ETH_ALEN + 1)
3773 return 0;
3774 pos += ETH_ALEN;
3775 ssid_len = *pos++;
3776 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
3777 return 0;
3778
3779 return entry_ssid_len == ssid_len &&
3780 os_memcmp(pos, entry_ssid, ssid_len) == 0;
3781}
3782#endif /* CONFIG_OWE */
3783
3784
3785/**
3786 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3787 * @wpa_s: Pointer to wpa_supplicant data
3788 * Returns: A pointer to the current network structure or %NULL on failure
3789 */
3790struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3791{
3792 struct wpa_ssid *entry;
3793 u8 ssid[SSID_MAX_LEN];
3794 int res;
3795 size_t ssid_len;
3796 u8 bssid[ETH_ALEN];
3797 int wired;
3798
3799 res = wpa_drv_get_ssid(wpa_s, ssid);
3800 if (res < 0) {
3801 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3802 "driver");
3803 return NULL;
3804 }
3805 ssid_len = res;
3806
3807 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3808 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3809 "driver");
3810 return NULL;
3811 }
3812
3813 wired = wpa_s->conf->ap_scan == 0 &&
3814 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3815
3816 entry = wpa_s->conf->ssid;
3817 while (entry) {
3818 if (!wpas_network_disabled(wpa_s, entry) &&
3819 ((ssid_len == entry->ssid_len &&
3820 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3821 (!entry->bssid_set ||
3822 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3823 return entry;
3824#ifdef CONFIG_WPS
3825 if (!wpas_network_disabled(wpa_s, entry) &&
3826 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3827 (entry->ssid == NULL || entry->ssid_len == 0) &&
3828 (!entry->bssid_set ||
3829 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3830 return entry;
3831#endif /* CONFIG_WPS */
3832
3833#ifdef CONFIG_OWE
3834 if (!wpas_network_disabled(wpa_s, entry) &&
3835 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
3836 entry->ssid_len) &&
3837 (!entry->bssid_set ||
3838 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3839 return entry;
3840#endif /* CONFIG_OWE */
3841
3842 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3843 entry->ssid_len == 0 &&
3844 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3845 return entry;
3846
3847 entry = entry->next;
3848 }
3849
3850 return NULL;
3851}
3852
3853
3854static int select_driver(struct wpa_supplicant *wpa_s, int i)
3855{
3856 struct wpa_global *global = wpa_s->global;
3857
3858 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3859 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3860 if (global->drv_priv[i] == NULL) {
3861 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3862 "'%s'", wpa_drivers[i]->name);
3863 return -1;
3864 }
3865 }
3866
3867 wpa_s->driver = wpa_drivers[i];
3868 wpa_s->global_drv_priv = global->drv_priv[i];
3869
3870 return 0;
3871}
3872
3873
3874static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3875 const char *name)
3876{
3877 int i;
3878 size_t len;
3879 const char *pos, *driver = name;
3880
3881 if (wpa_s == NULL)
3882 return -1;
3883
3884 if (wpa_drivers[0] == NULL) {
3885 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3886 "wpa_supplicant");
3887 return -1;
3888 }
3889
3890 if (name == NULL) {
3891 /* default to first driver in the list */
3892 return select_driver(wpa_s, 0);
3893 }
3894
3895 do {
3896 pos = os_strchr(driver, ',');
3897 if (pos)
3898 len = pos - driver;
3899 else
3900 len = os_strlen(driver);
3901
3902 for (i = 0; wpa_drivers[i]; i++) {
3903 if (os_strlen(wpa_drivers[i]->name) == len &&
3904 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3905 0) {
3906 /* First driver that succeeds wins */
3907 if (select_driver(wpa_s, i) == 0)
3908 return 0;
3909 }
3910 }
3911
3912 driver = pos + 1;
3913 } while (pos);
3914
3915 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3916 return -1;
3917}
3918
3919
3920/**
3921 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3922 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3923 * with struct wpa_driver_ops::init()
3924 * @src_addr: Source address of the EAPOL frame
3925 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3926 * @len: Length of the EAPOL data
3927 *
3928 * This function is called for each received EAPOL frame. Most driver
3929 * interfaces rely on more generic OS mechanism for receiving frames through
3930 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3931 * take care of received EAPOL frames and deliver them to the core supplicant
3932 * code by calling this function.
3933 */
3934void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3935 const u8 *buf, size_t len)
3936{
3937 struct wpa_supplicant *wpa_s = ctx;
3938
3939 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3940 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3941
3942#ifdef CONFIG_TESTING_OPTIONS
3943 if (wpa_s->ignore_auth_resp) {
3944 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3945 return;
3946 }
3947#endif /* CONFIG_TESTING_OPTIONS */
3948
3949 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3950 (wpa_s->last_eapol_matches_bssid &&
3951#ifdef CONFIG_AP
3952 !wpa_s->ap_iface &&
3953#endif /* CONFIG_AP */
3954 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3955 /*
3956 * There is possible race condition between receiving the
3957 * association event and the EAPOL frame since they are coming
3958 * through different paths from the driver. In order to avoid
3959 * issues in trying to process the EAPOL frame before receiving
3960 * association information, lets queue it for processing until
3961 * the association event is received. This may also be needed in
3962 * driver-based roaming case, so also use src_addr != BSSID as a
3963 * trigger if we have previously confirmed that the
3964 * Authenticator uses BSSID as the src_addr (which is not the
3965 * case with wired IEEE 802.1X).
3966 */
3967 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3968 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3969 wpa_supplicant_state_txt(wpa_s->wpa_state),
3970 MAC2STR(wpa_s->bssid));
3971 wpabuf_free(wpa_s->pending_eapol_rx);
3972 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3973 if (wpa_s->pending_eapol_rx) {
3974 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3975 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3976 ETH_ALEN);
3977 }
3978 return;
3979 }
3980
3981 wpa_s->last_eapol_matches_bssid =
3982 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3983
3984#ifdef CONFIG_AP
3985 if (wpa_s->ap_iface) {
3986 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3987 return;
3988 }
3989#endif /* CONFIG_AP */
3990
3991 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3992 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3993 "no key management is configured");
3994 return;
3995 }
3996
3997 if (wpa_s->eapol_received == 0 &&
3998 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3999 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
4000 wpa_s->wpa_state != WPA_COMPLETED) &&
4001 (wpa_s->current_ssid == NULL ||
4002 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
4003 /* Timeout for completing IEEE 802.1X and WPA authentication */
4004 int timeout = 10;
4005
4006 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4007 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4008 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4009 /* Use longer timeout for IEEE 802.1X/EAP */
4010 timeout = 70;
4011 }
4012
4013#ifdef CONFIG_WPS
4014 if (wpa_s->current_ssid && wpa_s->current_bss &&
4015 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4016 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4017 /*
4018 * Use shorter timeout if going through WPS AP iteration
4019 * for PIN config method with an AP that does not
4020 * advertise Selected Registrar.
4021 */
4022 struct wpabuf *wps_ie;
4023
4024 wps_ie = wpa_bss_get_vendor_ie_multi(
4025 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
4026 if (wps_ie &&
4027 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
4028 timeout = 10;
4029 wpabuf_free(wps_ie);
4030 }
4031#endif /* CONFIG_WPS */
4032
4033 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4034 }
4035 wpa_s->eapol_received++;
4036
4037 if (wpa_s->countermeasures) {
4038 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4039 "EAPOL packet");
4040 return;
4041 }
4042
4043#ifdef CONFIG_IBSS_RSN
4044 if (wpa_s->current_ssid &&
4045 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
4046 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4047 return;
4048 }
4049#endif /* CONFIG_IBSS_RSN */
4050
4051 /* Source address of the incoming EAPOL frame could be compared to the
4052 * current BSSID. However, it is possible that a centralized
4053 * Authenticator could be using another MAC address than the BSSID of
4054 * an AP, so just allow any address to be used for now. The replies are
4055 * still sent to the current BSSID (if available), though. */
4056
4057 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
4058 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
4059 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
4060 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
4061 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4062 return;
4063 wpa_drv_poll(wpa_s);
4064 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
4065 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
4066 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
4067 /*
4068 * Set portValid = TRUE here since we are going to skip 4-way
4069 * handshake processing which would normally set portValid. We
4070 * need this to allow the EAPOL state machines to be completed
4071 * without going through EAPOL-Key handshake.
4072 */
4073 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4074 }
4075}
4076
4077
4078int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
4079{
4080 if ((!wpa_s->p2p_mgmt ||
4081 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4082 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
4083 l2_packet_deinit(wpa_s->l2);
4084 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4085 wpa_drv_get_mac_addr(wpa_s),
4086 ETH_P_EAPOL,
4087 wpa_supplicant_rx_eapol, wpa_s, 0);
4088 if (wpa_s->l2 == NULL)
4089 return -1;
4090
4091 if (l2_packet_set_packet_filter(wpa_s->l2,
4092 L2_PACKET_FILTER_PKTTYPE))
4093 wpa_dbg(wpa_s, MSG_DEBUG,
4094 "Failed to attach pkt_type filter");
4095 } else {
4096 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4097 if (addr)
4098 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
4099 }
4100
4101 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
4102 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
4103 return -1;
4104 }
4105
4106 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4107
4108 return 0;
4109}
4110
4111
4112static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4113 const u8 *buf, size_t len)
4114{
4115 struct wpa_supplicant *wpa_s = ctx;
4116 const struct l2_ethhdr *eth;
4117
4118 if (len < sizeof(*eth))
4119 return;
4120 eth = (const struct l2_ethhdr *) buf;
4121
4122 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4123 !(eth->h_dest[0] & 0x01)) {
4124 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4125 " (bridge - not for this interface - ignore)",
4126 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4127 return;
4128 }
4129
4130 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4131 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4132 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4133 len - sizeof(*eth));
4134}
4135
4136
4137/**
4138 * wpa_supplicant_driver_init - Initialize driver interface parameters
4139 * @wpa_s: Pointer to wpa_supplicant data
4140 * Returns: 0 on success, -1 on failure
4141 *
4142 * This function is called to initialize driver interface parameters.
4143 * wpa_drv_init() must have been called before this function to initialize the
4144 * driver interface.
4145 */
4146int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4147{
4148 static int interface_count = 0;
4149
4150 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4151 return -1;
4152
4153 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4154 MAC2STR(wpa_s->own_addr));
4155 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
4156 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4157
4158 if (wpa_s->bridge_ifname[0]) {
4159 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4160 "interface '%s'", wpa_s->bridge_ifname);
4161 wpa_s->l2_br = l2_packet_init_bridge(
4162 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4163 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
4164 if (wpa_s->l2_br == NULL) {
4165 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4166 "connection for the bridge interface '%s'",
4167 wpa_s->bridge_ifname);
4168 return -1;
4169 }
4170 }
4171
4172 if (wpa_s->conf->ap_scan == 2 &&
4173 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4174 wpa_printf(MSG_INFO,
4175 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4176 }
4177
4178 wpa_clear_keys(wpa_s, NULL);
4179
4180 /* Make sure that TKIP countermeasures are not left enabled (could
4181 * happen if wpa_supplicant is killed during countermeasures. */
4182 wpa_drv_set_countermeasures(wpa_s, 0);
4183
4184 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
4185 wpa_drv_flush_pmkid(wpa_s);
4186
4187 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
4188 wpa_s->prev_scan_wildcard = 0;
4189
4190 if (wpa_supplicant_enabled_networks(wpa_s)) {
4191 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4192 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4193 interface_count = 0;
4194 }
4195#ifndef ANDROID
4196 if (!wpa_s->p2p_mgmt &&
4197 wpa_supplicant_delayed_sched_scan(wpa_s,
4198 interface_count % 3,
4199 100000))
4200 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
4201 100000);
4202#endif /* ANDROID */
4203 interface_count++;
4204 } else
4205 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
4206
4207 return 0;
4208}
4209
4210
4211static int wpa_supplicant_daemon(const char *pid_file)
4212{
4213 wpa_printf(MSG_DEBUG, "Daemonize..");
4214 return os_daemonize(pid_file);
4215}
4216
4217
4218static struct wpa_supplicant *
4219wpa_supplicant_alloc(struct wpa_supplicant *parent)
4220{
4221 struct wpa_supplicant *wpa_s;
4222
4223 wpa_s = os_zalloc(sizeof(*wpa_s));
4224 if (wpa_s == NULL)
4225 return NULL;
4226 wpa_s->scan_req = INITIAL_SCAN_REQ;
4227 wpa_s->scan_interval = 5;
4228 wpa_s->new_connection = 1;
4229 wpa_s->parent = parent ? parent : wpa_s;
4230 wpa_s->p2pdev = wpa_s->parent;
4231 wpa_s->sched_scanning = 0;
4232
4233 dl_list_init(&wpa_s->bss_tmp_disallowed);
4234 dl_list_init(&wpa_s->fils_hlp_req);
4235
4236 return wpa_s;
4237}
4238
4239
4240#ifdef CONFIG_HT_OVERRIDES
4241
4242static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4243 struct ieee80211_ht_capabilities *htcaps,
4244 struct ieee80211_ht_capabilities *htcaps_mask,
4245 const char *ht_mcs)
4246{
4247 /* parse ht_mcs into hex array */
4248 int i;
4249 const char *tmp = ht_mcs;
4250 char *end = NULL;
4251
4252 /* If ht_mcs is null, do not set anything */
4253 if (!ht_mcs)
4254 return 0;
4255
4256 /* This is what we are setting in the kernel */
4257 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4258
4259 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4260
4261 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4262 long v;
4263
4264 errno = 0;
4265 v = strtol(tmp, &end, 16);
4266
4267 if (errno == 0) {
4268 wpa_msg(wpa_s, MSG_DEBUG,
4269 "htcap value[%i]: %ld end: %p tmp: %p",
4270 i, v, end, tmp);
4271 if (end == tmp)
4272 break;
4273
4274 htcaps->supported_mcs_set[i] = v;
4275 tmp = end;
4276 } else {
4277 wpa_msg(wpa_s, MSG_ERROR,
4278 "Failed to parse ht-mcs: %s, error: %s\n",
4279 ht_mcs, strerror(errno));
4280 return -1;
4281 }
4282 }
4283
4284 /*
4285 * If we were able to parse any values, then set mask for the MCS set.
4286 */
4287 if (i) {
4288 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4289 IEEE80211_HT_MCS_MASK_LEN - 1);
4290 /* skip the 3 reserved bits */
4291 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4292 0x1f;
4293 }
4294
4295 return 0;
4296}
4297
4298
4299static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4300 struct ieee80211_ht_capabilities *htcaps,
4301 struct ieee80211_ht_capabilities *htcaps_mask,
4302 int disabled)
4303{
4304 le16 msk;
4305
4306 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4307
4308 if (disabled == -1)
4309 return 0;
4310
4311 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4312 htcaps_mask->ht_capabilities_info |= msk;
4313 if (disabled)
4314 htcaps->ht_capabilities_info &= msk;
4315 else
4316 htcaps->ht_capabilities_info |= msk;
4317
4318 return 0;
4319}
4320
4321
4322static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4323 struct ieee80211_ht_capabilities *htcaps,
4324 struct ieee80211_ht_capabilities *htcaps_mask,
4325 int factor)
4326{
4327 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4328
4329 if (factor == -1)
4330 return 0;
4331
4332 if (factor < 0 || factor > 3) {
4333 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4334 "Must be 0-3 or -1", factor);
4335 return -EINVAL;
4336 }
4337
4338 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4339 htcaps->a_mpdu_params &= ~0x3;
4340 htcaps->a_mpdu_params |= factor & 0x3;
4341
4342 return 0;
4343}
4344
4345
4346static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4347 struct ieee80211_ht_capabilities *htcaps,
4348 struct ieee80211_ht_capabilities *htcaps_mask,
4349 int density)
4350{
4351 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4352
4353 if (density == -1)
4354 return 0;
4355
4356 if (density < 0 || density > 7) {
4357 wpa_msg(wpa_s, MSG_ERROR,
4358 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4359 density);
4360 return -EINVAL;
4361 }
4362
4363 htcaps_mask->a_mpdu_params |= 0x1C;
4364 htcaps->a_mpdu_params &= ~(0x1C);
4365 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4366
4367 return 0;
4368}
4369
4370
4371static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4372 struct ieee80211_ht_capabilities *htcaps,
4373 struct ieee80211_ht_capabilities *htcaps_mask,
4374 int disabled)
4375{
4376 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4377
4378 set_disable_ht40(htcaps, disabled);
4379 set_disable_ht40(htcaps_mask, 0);
4380
4381 return 0;
4382}
4383
4384
4385static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4386 struct ieee80211_ht_capabilities *htcaps,
4387 struct ieee80211_ht_capabilities *htcaps_mask,
4388 int disabled)
4389{
4390 /* Masking these out disables SGI */
4391 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4392 HT_CAP_INFO_SHORT_GI40MHZ);
4393
4394 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4395
4396 if (disabled)
4397 htcaps->ht_capabilities_info &= ~msk;
4398 else
4399 htcaps->ht_capabilities_info |= msk;
4400
4401 htcaps_mask->ht_capabilities_info |= msk;
4402
4403 return 0;
4404}
4405
4406
4407static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4408 struct ieee80211_ht_capabilities *htcaps,
4409 struct ieee80211_ht_capabilities *htcaps_mask,
4410 int disabled)
4411{
4412 /* Masking these out disables LDPC */
4413 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
4414
4415 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
4416
4417 if (disabled)
4418 htcaps->ht_capabilities_info &= ~msk;
4419 else
4420 htcaps->ht_capabilities_info |= msk;
4421
4422 htcaps_mask->ht_capabilities_info |= msk;
4423
4424 return 0;
4425}
4426
4427
4428void wpa_supplicant_apply_ht_overrides(
4429 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4430 struct wpa_driver_associate_params *params)
4431{
4432 struct ieee80211_ht_capabilities *htcaps;
4433 struct ieee80211_ht_capabilities *htcaps_mask;
4434
4435 if (!ssid)
4436 return;
4437
4438 params->disable_ht = ssid->disable_ht;
4439 if (!params->htcaps || !params->htcaps_mask)
4440 return;
4441
4442 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4443 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4444 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4445 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4446 ssid->disable_max_amsdu);
4447 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4448 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4449 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
4450 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
4451 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
4452
4453 if (ssid->ht40_intolerant) {
4454 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
4455 htcaps->ht_capabilities_info |= bit;
4456 htcaps_mask->ht_capabilities_info |= bit;
4457 }
4458}
4459
4460#endif /* CONFIG_HT_OVERRIDES */
4461
4462
4463#ifdef CONFIG_VHT_OVERRIDES
4464void wpa_supplicant_apply_vht_overrides(
4465 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4466 struct wpa_driver_associate_params *params)
4467{
4468 struct ieee80211_vht_capabilities *vhtcaps;
4469 struct ieee80211_vht_capabilities *vhtcaps_mask;
4470
4471 if (!ssid)
4472 return;
4473
4474 params->disable_vht = ssid->disable_vht;
4475
4476 vhtcaps = (void *) params->vhtcaps;
4477 vhtcaps_mask = (void *) params->vhtcaps_mask;
4478
4479 if (!vhtcaps || !vhtcaps_mask)
4480 return;
4481
4482 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4483 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
4484
4485#ifdef CONFIG_HT_OVERRIDES
4486 /* if max ampdu is <= 3, we have to make the HT cap the same */
4487 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4488 int max_ampdu;
4489
4490 max_ampdu = (ssid->vht_capa &
4491 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4492 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4493
4494 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4495 wpa_set_ampdu_factor(wpa_s,
4496 (void *) params->htcaps,
4497 (void *) params->htcaps_mask,
4498 max_ampdu);
4499 }
4500#endif /* CONFIG_HT_OVERRIDES */
4501
4502#define OVERRIDE_MCS(i) \
4503 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4504 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4505 host_to_le16(3 << 2 * (i - 1)); \
4506 vhtcaps->vht_supported_mcs_set.tx_map |= \
4507 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4508 2 * (i - 1)); \
4509 } \
4510 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4511 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4512 host_to_le16(3 << 2 * (i - 1)); \
4513 vhtcaps->vht_supported_mcs_set.rx_map |= \
4514 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4515 2 * (i - 1)); \
4516 }
4517
4518 OVERRIDE_MCS(1);
4519 OVERRIDE_MCS(2);
4520 OVERRIDE_MCS(3);
4521 OVERRIDE_MCS(4);
4522 OVERRIDE_MCS(5);
4523 OVERRIDE_MCS(6);
4524 OVERRIDE_MCS(7);
4525 OVERRIDE_MCS(8);
4526}
4527#endif /* CONFIG_VHT_OVERRIDES */
4528
4529
4530static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4531{
4532#ifdef PCSC_FUNCS
4533 size_t len;
4534
4535 if (!wpa_s->conf->pcsc_reader)
4536 return 0;
4537
4538 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
4539 if (!wpa_s->scard)
4540 return 1;
4541
4542 if (wpa_s->conf->pcsc_pin &&
4543 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4544 scard_deinit(wpa_s->scard);
4545 wpa_s->scard = NULL;
4546 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4547 return -1;
4548 }
4549
4550 len = sizeof(wpa_s->imsi) - 1;
4551 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4552 scard_deinit(wpa_s->scard);
4553 wpa_s->scard = NULL;
4554 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4555 return -1;
4556 }
4557 wpa_s->imsi[len] = '\0';
4558
4559 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4560
4561 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4562 wpa_s->imsi, wpa_s->mnc_len);
4563
4564 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4565 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4566#endif /* PCSC_FUNCS */
4567
4568 return 0;
4569}
4570
4571
4572int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4573{
4574 char *val, *pos;
4575
4576 ext_password_deinit(wpa_s->ext_pw);
4577 wpa_s->ext_pw = NULL;
4578 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4579
4580 if (!wpa_s->conf->ext_password_backend)
4581 return 0;
4582
4583 val = os_strdup(wpa_s->conf->ext_password_backend);
4584 if (val == NULL)
4585 return -1;
4586 pos = os_strchr(val, ':');
4587 if (pos)
4588 *pos++ = '\0';
4589
4590 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4591
4592 wpa_s->ext_pw = ext_password_init(val, pos);
4593 os_free(val);
4594 if (wpa_s->ext_pw == NULL) {
4595 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4596 return -1;
4597 }
4598 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4599
4600 return 0;
4601}
4602
4603
4604#ifdef CONFIG_FST
4605
4606static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4607{
4608 struct wpa_supplicant *wpa_s = ctx;
4609
4610 return (is_zero_ether_addr(wpa_s->bssid) ||
4611 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4612}
4613
4614
4615static void wpas_fst_get_channel_info_cb(void *ctx,
4616 enum hostapd_hw_mode *hw_mode,
4617 u8 *channel)
4618{
4619 struct wpa_supplicant *wpa_s = ctx;
4620
4621 if (wpa_s->current_bss) {
4622 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4623 channel);
4624 } else if (wpa_s->hw.num_modes) {
4625 *hw_mode = wpa_s->hw.modes[0].mode;
4626 } else {
4627 WPA_ASSERT(0);
4628 *hw_mode = 0;
4629 }
4630}
4631
4632
4633static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4634{
4635 struct wpa_supplicant *wpa_s = ctx;
4636
4637 *modes = wpa_s->hw.modes;
4638 return wpa_s->hw.num_modes;
4639}
4640
4641
4642static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
4643{
4644 struct wpa_supplicant *wpa_s = ctx;
4645
4646 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
4647 wpa_s->fst_ies = fst_ies;
4648}
4649
4650
4651static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4652{
4653 struct wpa_supplicant *wpa_s = ctx;
4654
4655 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4656 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4657 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4658 return -1;
4659 }
4660 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
4661 wpa_s->own_addr, wpa_s->bssid,
4662 wpabuf_head(data), wpabuf_len(data),
4663 0);
4664}
4665
4666
4667static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4668{
4669 struct wpa_supplicant *wpa_s = ctx;
4670
4671 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4672 return wpa_s->received_mb_ies;
4673}
4674
4675
4676static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4677 const u8 *buf, size_t size)
4678{
4679 struct wpa_supplicant *wpa_s = ctx;
4680 struct mb_ies_info info;
4681
4682 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4683
4684 if (!mb_ies_info_by_ies(&info, buf, size)) {
4685 wpabuf_free(wpa_s->received_mb_ies);
4686 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4687 }
4688}
4689
4690
4691static const u8 * wpas_fst_get_peer_first(void *ctx,
4692 struct fst_get_peer_ctx **get_ctx,
4693 Boolean mb_only)
4694{
4695 struct wpa_supplicant *wpa_s = ctx;
4696
4697 *get_ctx = NULL;
4698 if (!is_zero_ether_addr(wpa_s->bssid))
4699 return (wpa_s->received_mb_ies || !mb_only) ?
4700 wpa_s->bssid : NULL;
4701 return NULL;
4702}
4703
4704
4705static const u8 * wpas_fst_get_peer_next(void *ctx,
4706 struct fst_get_peer_ctx **get_ctx,
4707 Boolean mb_only)
4708{
4709 return NULL;
4710}
4711
4712void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4713 struct fst_wpa_obj *iface_obj)
4714{
4715 iface_obj->ctx = wpa_s;
4716 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4717 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4718 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4719 iface_obj->set_ies = wpas_fst_set_ies_cb;
4720 iface_obj->send_action = wpas_fst_send_action_cb;
4721 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4722 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4723 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4724 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4725}
4726#endif /* CONFIG_FST */
4727
4728static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4729 const struct wpa_driver_capa *capa)
4730{
4731 struct wowlan_triggers *triggers;
4732 int ret = 0;
4733
4734 if (!wpa_s->conf->wowlan_triggers)
4735 return 0;
4736
4737 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4738 if (triggers) {
4739 ret = wpa_drv_wowlan(wpa_s, triggers);
4740 os_free(triggers);
4741 }
4742 return ret;
4743}
4744
4745
4746enum wpa_radio_work_band wpas_freq_to_band(int freq)
4747{
4748 if (freq < 3000)
4749 return BAND_2_4_GHZ;
4750 if (freq > 50000)
4751 return BAND_60_GHZ;
4752 return BAND_5_GHZ;
4753}
4754
4755
4756unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4757{
4758 int i;
4759 unsigned int band = 0;
4760
4761 if (freqs) {
4762 /* freqs are specified for the radio work */
4763 for (i = 0; freqs[i]; i++)
4764 band |= wpas_freq_to_band(freqs[i]);
4765 } else {
4766 /*
4767 * freqs are not specified, implies all
4768 * the supported freqs by HW
4769 */
4770 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4771 if (wpa_s->hw.modes[i].num_channels != 0) {
4772 if (wpa_s->hw.modes[i].mode ==
4773 HOSTAPD_MODE_IEEE80211B ||
4774 wpa_s->hw.modes[i].mode ==
4775 HOSTAPD_MODE_IEEE80211G)
4776 band |= BAND_2_4_GHZ;
4777 else if (wpa_s->hw.modes[i].mode ==
4778 HOSTAPD_MODE_IEEE80211A)
4779 band |= BAND_5_GHZ;
4780 else if (wpa_s->hw.modes[i].mode ==
4781 HOSTAPD_MODE_IEEE80211AD)
4782 band |= BAND_60_GHZ;
4783 else if (wpa_s->hw.modes[i].mode ==
4784 HOSTAPD_MODE_IEEE80211ANY)
4785 band = BAND_2_4_GHZ | BAND_5_GHZ |
4786 BAND_60_GHZ;
4787 }
4788 }
4789 }
4790
4791 return band;
4792}
4793
4794
4795static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4796 const char *rn)
4797{
4798 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4799 struct wpa_radio *radio;
4800
4801 while (rn && iface) {
4802 radio = iface->radio;
4803 if (radio && os_strcmp(rn, radio->name) == 0) {
4804 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4805 wpa_s->ifname, rn);
4806 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4807 return radio;
4808 }
4809
4810 iface = iface->next;
4811 }
4812
4813 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4814 wpa_s->ifname, rn ? rn : "N/A");
4815 radio = os_zalloc(sizeof(*radio));
4816 if (radio == NULL)
4817 return NULL;
4818
4819 if (rn)
4820 os_strlcpy(radio->name, rn, sizeof(radio->name));
4821 dl_list_init(&radio->ifaces);
4822 dl_list_init(&radio->work);
4823 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4824
4825 return radio;
4826}
4827
4828
4829static void radio_work_free(struct wpa_radio_work *work)
4830{
4831 if (work->wpa_s->scan_work == work) {
4832 /* This should not really happen. */
4833 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4834 work->type, work, work->started);
4835 work->wpa_s->scan_work = NULL;
4836 }
4837
4838#ifdef CONFIG_P2P
4839 if (work->wpa_s->p2p_scan_work == work) {
4840 /* This should not really happen. */
4841 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4842 work->type, work, work->started);
4843 work->wpa_s->p2p_scan_work = NULL;
4844 }
4845#endif /* CONFIG_P2P */
4846
4847 if (work->started) {
4848 work->wpa_s->radio->num_active_works--;
4849 wpa_dbg(work->wpa_s, MSG_DEBUG,
4850 "radio_work_free('%s'@%p): num_active_works --> %u",
4851 work->type, work,
4852 work->wpa_s->radio->num_active_works);
4853 }
4854
4855 dl_list_del(&work->list);
4856 os_free(work);
4857}
4858
4859
4860static int radio_work_is_connect(struct wpa_radio_work *work)
4861{
4862 return os_strcmp(work->type, "sme-connect") == 0 ||
4863 os_strcmp(work->type, "connect") == 0;
4864}
4865
4866
4867static int radio_work_is_scan(struct wpa_radio_work *work)
4868{
4869 return os_strcmp(work->type, "scan") == 0 ||
4870 os_strcmp(work->type, "p2p-scan") == 0;
4871}
4872
4873
4874static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4875{
4876 struct wpa_radio_work *active_work = NULL;
4877 struct wpa_radio_work *tmp;
4878
4879 /* Get the active work to know the type and band. */
4880 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4881 if (tmp->started) {
4882 active_work = tmp;
4883 break;
4884 }
4885 }
4886
4887 if (!active_work) {
4888 /* No active work, start one */
4889 radio->num_active_works = 0;
4890 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4891 list) {
4892 if (os_strcmp(tmp->type, "scan") == 0 &&
4893 radio->external_scan_running &&
4894 (((struct wpa_driver_scan_params *)
4895 tmp->ctx)->only_new_results ||
4896 tmp->wpa_s->clear_driver_scan_cache))
4897 continue;
4898 return tmp;
4899 }
4900 return NULL;
4901 }
4902
4903 if (radio_work_is_connect(active_work)) {
4904 /*
4905 * If the active work is either connect or sme-connect,
4906 * do not parallelize them with other radio works.
4907 */
4908 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4909 "Do not parallelize radio work with %s",
4910 active_work->type);
4911 return NULL;
4912 }
4913
4914 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4915 if (tmp->started)
4916 continue;
4917
4918 /*
4919 * If connect or sme-connect are enqueued, parallelize only
4920 * those operations ahead of them in the queue.
4921 */
4922 if (radio_work_is_connect(tmp))
4923 break;
4924
4925 /* Serialize parallel scan and p2p_scan operations on the same
4926 * interface since the driver_nl80211 mechanism for tracking
4927 * scan cookies does not yet have support for this. */
4928 if (active_work->wpa_s == tmp->wpa_s &&
4929 radio_work_is_scan(active_work) &&
4930 radio_work_is_scan(tmp)) {
4931 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4932 "Do not start work '%s' when another work '%s' is already scheduled",
4933 tmp->type, active_work->type);
4934 continue;
4935 }
4936 /*
4937 * Check that the radio works are distinct and
4938 * on different bands.
4939 */
4940 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4941 (active_work->bands != tmp->bands)) {
4942 /*
4943 * If a scan has to be scheduled through nl80211 scan
4944 * interface and if an external scan is already running,
4945 * do not schedule the scan since it is likely to get
4946 * rejected by kernel.
4947 */
4948 if (os_strcmp(tmp->type, "scan") == 0 &&
4949 radio->external_scan_running &&
4950 (((struct wpa_driver_scan_params *)
4951 tmp->ctx)->only_new_results ||
4952 tmp->wpa_s->clear_driver_scan_cache))
4953 continue;
4954
4955 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4956 "active_work:%s new_work:%s",
4957 active_work->type, tmp->type);
4958 return tmp;
4959 }
4960 }
4961
4962 /* Did not find a radio work to schedule in parallel. */
4963 return NULL;
4964}
4965
4966
4967static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4968{
4969 struct wpa_radio *radio = eloop_ctx;
4970 struct wpa_radio_work *work;
4971 struct os_reltime now, diff;
4972 struct wpa_supplicant *wpa_s;
4973
4974 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4975 if (work == NULL) {
4976 radio->num_active_works = 0;
4977 return;
4978 }
4979
4980 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4981 radio_list);
4982
4983 if (!(wpa_s &&
4984 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4985 if (work->started)
4986 return; /* already started and still in progress */
4987
4988 if (wpa_s && wpa_s->radio->external_scan_running) {
4989 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4990 return;
4991 }
4992 } else {
4993 work = NULL;
4994 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4995 /* get the work to schedule next */
4996 work = radio_work_get_next_work(radio);
4997 }
4998 if (!work)
4999 return;
5000 }
5001
5002 wpa_s = work->wpa_s;
5003 os_get_reltime(&now);
5004 os_reltime_sub(&now, &work->time, &diff);
5005 wpa_dbg(wpa_s, MSG_DEBUG,
5006 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5007 work->type, work, diff.sec, diff.usec);
5008 work->started = 1;
5009 work->time = now;
5010 radio->num_active_works++;
5011
5012 work->cb(work, 0);
5013
5014 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5015 radio->num_active_works < MAX_ACTIVE_WORKS)
5016 radio_work_check_next(wpa_s);
5017}
5018
5019
5020/*
5021 * This function removes both started and pending radio works running on
5022 * the provided interface's radio.
5023 * Prior to the removal of the radio work, its callback (cb) is called with
5024 * deinit set to be 1. Each work's callback is responsible for clearing its
5025 * internal data and restoring to a correct state.
5026 * @wpa_s: wpa_supplicant data
5027 * @type: type of works to be removed
5028 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5029 * this interface's works.
5030 */
5031void radio_remove_works(struct wpa_supplicant *wpa_s,
5032 const char *type, int remove_all)
5033{
5034 struct wpa_radio_work *work, *tmp;
5035 struct wpa_radio *radio = wpa_s->radio;
5036
5037 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5038 list) {
5039 if (type && os_strcmp(type, work->type) != 0)
5040 continue;
5041
5042 /* skip other ifaces' works */
5043 if (!remove_all && work->wpa_s != wpa_s)
5044 continue;
5045
5046 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5047 work->type, work, work->started ? " (started)" : "");
5048 work->cb(work, 1);
5049 radio_work_free(work);
5050 }
5051
5052 /* in case we removed the started work */
5053 radio_work_check_next(wpa_s);
5054}
5055
5056
5057void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5058{
5059 struct wpa_radio_work *work;
5060 struct wpa_radio *radio = wpa_s->radio;
5061
5062 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5063 if (work->ctx != ctx)
5064 continue;
5065 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5066 work->type, work, work->started ? " (started)" : "");
5067 radio_work_free(work);
5068 break;
5069 }
5070}
5071
5072
5073static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5074{
5075 struct wpa_radio *radio = wpa_s->radio;
5076
5077 if (!radio)
5078 return;
5079
5080 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5081 wpa_s->ifname, radio->name);
5082 dl_list_del(&wpa_s->radio_list);
5083 radio_remove_works(wpa_s, NULL, 0);
5084 wpa_s->radio = NULL;
5085 if (!dl_list_empty(&radio->ifaces))
5086 return; /* Interfaces remain for this radio */
5087
5088 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
5089 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5090 os_free(radio);
5091}
5092
5093
5094void radio_work_check_next(struct wpa_supplicant *wpa_s)
5095{
5096 struct wpa_radio *radio = wpa_s->radio;
5097
5098 if (dl_list_empty(&radio->work))
5099 return;
5100 if (wpa_s->ext_work_in_progress) {
5101 wpa_printf(MSG_DEBUG,
5102 "External radio work in progress - delay start of pending item");
5103 return;
5104 }
5105 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5106 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5107}
5108
5109
5110/**
5111 * radio_add_work - Add a radio work item
5112 * @wpa_s: Pointer to wpa_supplicant data
5113 * @freq: Frequency of the offchannel operation in MHz or 0
5114 * @type: Unique identifier for each type of work
5115 * @next: Force as the next work to be executed
5116 * @cb: Callback function for indicating when radio is available
5117 * @ctx: Context pointer for the work (work->ctx in cb())
5118 * Returns: 0 on success, -1 on failure
5119 *
5120 * This function is used to request time for an operation that requires
5121 * exclusive radio control. Once the radio is available, the registered callback
5122 * function will be called. radio_work_done() must be called once the exclusive
5123 * radio operation has been completed, so that the radio is freed for other
5124 * operations. The special case of deinit=1 is used to free the context data
5125 * during interface removal. That does not allow the callback function to start
5126 * the radio operation, i.e., it must free any resources allocated for the radio
5127 * work and return.
5128 *
5129 * The @freq parameter can be used to indicate a single channel on which the
5130 * offchannel operation will occur. This may allow multiple radio work
5131 * operations to be performed in parallel if they apply for the same channel.
5132 * Setting this to 0 indicates that the work item may use multiple channels or
5133 * requires exclusive control of the radio.
5134 */
5135int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5136 const char *type, int next,
5137 void (*cb)(struct wpa_radio_work *work, int deinit),
5138 void *ctx)
5139{
5140 struct wpa_radio *radio = wpa_s->radio;
5141 struct wpa_radio_work *work;
5142 int was_empty;
5143
5144 work = os_zalloc(sizeof(*work));
5145 if (work == NULL)
5146 return -1;
5147 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5148 os_get_reltime(&work->time);
5149 work->freq = freq;
5150 work->type = type;
5151 work->wpa_s = wpa_s;
5152 work->cb = cb;
5153 work->ctx = ctx;
5154
5155 if (freq)
5156 work->bands = wpas_freq_to_band(freq);
5157 else if (os_strcmp(type, "scan") == 0 ||
5158 os_strcmp(type, "p2p-scan") == 0)
5159 work->bands = wpas_get_bands(wpa_s,
5160 ((struct wpa_driver_scan_params *)
5161 ctx)->freqs);
5162 else
5163 work->bands = wpas_get_bands(wpa_s, NULL);
5164
5165 was_empty = dl_list_empty(&wpa_s->radio->work);
5166 if (next)
5167 dl_list_add(&wpa_s->radio->work, &work->list);
5168 else
5169 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5170 if (was_empty) {
5171 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5172 radio_work_check_next(wpa_s);
5173 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5174 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5175 wpa_dbg(wpa_s, MSG_DEBUG,
5176 "Try to schedule a radio work (num_active_works=%u)",
5177 radio->num_active_works);
5178 radio_work_check_next(wpa_s);
5179 }
5180
5181 return 0;
5182}
5183
5184
5185/**
5186 * radio_work_done - Indicate that a radio work item has been completed
5187 * @work: Completed work
5188 *
5189 * This function is called once the callback function registered with
5190 * radio_add_work() has completed its work.
5191 */
5192void radio_work_done(struct wpa_radio_work *work)
5193{
5194 struct wpa_supplicant *wpa_s = work->wpa_s;
5195 struct os_reltime now, diff;
5196 unsigned int started = work->started;
5197
5198 os_get_reltime(&now);
5199 os_reltime_sub(&now, &work->time, &diff);
5200 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5201 work->type, work, started ? "done" : "canceled",
5202 diff.sec, diff.usec);
5203 radio_work_free(work);
5204 if (started)
5205 radio_work_check_next(wpa_s);
5206}
5207
5208
5209struct wpa_radio_work *
5210radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
5211{
5212 struct wpa_radio_work *work;
5213 struct wpa_radio *radio = wpa_s->radio;
5214
5215 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5216 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
5217 return work;
5218 }
5219
5220 return NULL;
5221}
5222
5223
5224static int wpas_init_driver(struct wpa_supplicant *wpa_s,
5225 const struct wpa_interface *iface)
5226{
5227 const char *ifname, *driver, *rn;
5228
5229 driver = iface->driver;
5230next_driver:
5231 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5232 return -1;
5233
5234 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5235 if (wpa_s->drv_priv == NULL) {
5236 const char *pos;
5237 pos = driver ? os_strchr(driver, ',') : NULL;
5238 if (pos) {
5239 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5240 "driver interface - try next driver wrapper");
5241 driver = pos + 1;
5242 goto next_driver;
5243 }
5244 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5245 "interface");
5246 return -1;
5247 }
5248 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5249 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5250 "driver_param '%s'", wpa_s->conf->driver_param);
5251 return -1;
5252 }
5253
5254 ifname = wpa_drv_get_ifname(wpa_s);
5255 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5256 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5257 "interface name with '%s'", ifname);
5258 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5259 }
5260
5261 rn = wpa_driver_get_radio_name(wpa_s);
5262 if (rn && rn[0] == '\0')
5263 rn = NULL;
5264
5265 wpa_s->radio = radio_add_interface(wpa_s, rn);
5266 if (wpa_s->radio == NULL)
5267 return -1;
5268
5269 return 0;
5270}
5271
5272
5273#ifdef CONFIG_GAS_SERVER
5274
5275static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5276 unsigned int freq, const u8 *dst,
5277 const u8 *src, const u8 *bssid,
5278 const u8 *data, size_t data_len,
5279 enum offchannel_send_action_result result)
5280{
5281 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5282 " result=%s",
5283 freq, MAC2STR(dst),
5284 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5285 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5286 "FAILED"));
5287 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5288 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5289}
5290
5291
5292static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5293 struct wpabuf *buf, unsigned int wait_time)
5294{
5295 struct wpa_supplicant *wpa_s = ctx;
5296 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5297
5298 if (wait_time > wpa_s->max_remain_on_chan)
5299 wait_time = wpa_s->max_remain_on_chan;
5300
5301 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5302 wpabuf_head(buf), wpabuf_len(buf),
5303 wait_time, wpas_gas_server_tx_status, 0);
5304}
5305
5306#endif /* CONFIG_GAS_SERVER */
5307
5308static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
5309 const struct wpa_interface *iface)
5310{
5311 struct wpa_driver_capa capa;
5312 int capa_res;
5313 u8 dfs_domain;
5314
5315 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5316 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5317 iface->confname ? iface->confname : "N/A",
5318 iface->driver ? iface->driver : "default",
5319 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5320 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5321
5322 if (iface->confname) {
5323#ifdef CONFIG_BACKEND_FILE
5324 wpa_s->confname = os_rel2abs_path(iface->confname);
5325 if (wpa_s->confname == NULL) {
5326 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5327 "for configuration file '%s'.",
5328 iface->confname);
5329 return -1;
5330 }
5331 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5332 iface->confname, wpa_s->confname);
5333#else /* CONFIG_BACKEND_FILE */
5334 wpa_s->confname = os_strdup(iface->confname);
5335#endif /* CONFIG_BACKEND_FILE */
5336 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
5337 if (wpa_s->conf == NULL) {
5338 wpa_printf(MSG_ERROR, "Failed to read or parse "
5339 "configuration '%s'.", wpa_s->confname);
5340 return -1;
5341 }
5342 wpa_s->confanother = os_rel2abs_path(iface->confanother);
5343 if (wpa_s->confanother &&
5344 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5345 wpa_printf(MSG_ERROR,
5346 "Failed to read or parse configuration '%s'.",
5347 wpa_s->confanother);
5348 return -1;
5349 }
5350
5351 /*
5352 * Override ctrl_interface and driver_param if set on command
5353 * line.
5354 */
5355 if (iface->ctrl_interface) {
5356 os_free(wpa_s->conf->ctrl_interface);
5357 wpa_s->conf->ctrl_interface =
5358 os_strdup(iface->ctrl_interface);
5359 }
5360
5361 if (iface->driver_param) {
5362 os_free(wpa_s->conf->driver_param);
5363 wpa_s->conf->driver_param =
5364 os_strdup(iface->driver_param);
5365 }
5366
5367 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5368 os_free(wpa_s->conf->ctrl_interface);
5369 wpa_s->conf->ctrl_interface = NULL;
5370 }
5371 } else
5372 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5373 iface->driver_param);
5374
5375 if (wpa_s->conf == NULL) {
5376 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5377 return -1;
5378 }
5379
5380 if (iface->ifname == NULL) {
5381 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5382 return -1;
5383 }
5384 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5385 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5386 iface->ifname);
5387 return -1;
5388 }
5389 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5390
5391 if (iface->bridge_ifname) {
5392 if (os_strlen(iface->bridge_ifname) >=
5393 sizeof(wpa_s->bridge_ifname)) {
5394 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5395 "name '%s'.", iface->bridge_ifname);
5396 return -1;
5397 }
5398 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5399 sizeof(wpa_s->bridge_ifname));
5400 }
5401
5402 /* RSNA Supplicant Key Management - INITIALIZE */
5403 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5404 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5405
5406 /* Initialize driver interface and register driver event handler before
5407 * L2 receive handler so that association events are processed before
5408 * EAPOL-Key packets if both become available for the same select()
5409 * call. */
5410 if (wpas_init_driver(wpa_s, iface) < 0)
5411 return -1;
5412
5413 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5414 return -1;
5415
5416 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5417 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5418 NULL);
5419 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5420
5421 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5422 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5423 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
5424 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5425 "dot11RSNAConfigPMKLifetime");
5426 return -1;
5427 }
5428
5429 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5430 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5431 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
5432 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5433 "dot11RSNAConfigPMKReauthThreshold");
5434 return -1;
5435 }
5436
5437 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5438 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5439 wpa_s->conf->dot11RSNAConfigSATimeout)) {
5440 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5441 "dot11RSNAConfigSATimeout");
5442 return -1;
5443 }
5444
5445 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5446 &wpa_s->hw.num_modes,
5447 &wpa_s->hw.flags,
5448 &dfs_domain);
5449 if (wpa_s->hw.modes) {
5450 u16 i;
5451
5452 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5453 if (wpa_s->hw.modes[i].vht_capab) {
5454 wpa_s->hw_capab = CAPAB_VHT;
5455 break;
5456 }
5457
5458 if (wpa_s->hw.modes[i].ht_capab &
5459 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5460 wpa_s->hw_capab = CAPAB_HT40;
5461 else if (wpa_s->hw.modes[i].ht_capab &&
5462 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5463 wpa_s->hw_capab = CAPAB_HT;
5464 }
5465 }
5466
5467 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5468 if (capa_res == 0) {
5469 wpa_s->drv_capa_known = 1;
5470 wpa_s->drv_flags = capa.flags;
5471 wpa_s->drv_enc = capa.enc;
5472 wpa_s->drv_smps_modes = capa.smps_modes;
5473 wpa_s->drv_rrm_flags = capa.rrm_flags;
5474 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
5475 wpa_s->max_scan_ssids = capa.max_scan_ssids;
5476 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
5477 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5478 wpa_s->max_sched_scan_plan_interval =
5479 capa.max_sched_scan_plan_interval;
5480 wpa_s->max_sched_scan_plan_iterations =
5481 capa.max_sched_scan_plan_iterations;
5482 wpa_s->sched_scan_supported = capa.sched_scan_supported;
5483 wpa_s->max_match_sets = capa.max_match_sets;
5484 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
5485 wpa_s->max_stations = capa.max_stations;
5486 wpa_s->extended_capa = capa.extended_capa;
5487 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5488 wpa_s->extended_capa_len = capa.extended_capa_len;
5489 wpa_s->num_multichan_concurrent =
5490 capa.num_multichan_concurrent;
5491 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
5492
5493 if (capa.mac_addr_rand_scan_supported)
5494 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5495 if (wpa_s->sched_scan_supported &&
5496 capa.mac_addr_rand_sched_scan_supported)
5497 wpa_s->mac_addr_rand_supported |=
5498 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
5499 }
5500 if (wpa_s->max_remain_on_chan == 0)
5501 wpa_s->max_remain_on_chan = 1000;
5502
5503 /*
5504 * Only take p2p_mgmt parameters when P2P Device is supported.
5505 * Doing it here as it determines whether l2_packet_init() will be done
5506 * during wpa_supplicant_driver_init().
5507 */
5508 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5509 wpa_s->p2p_mgmt = iface->p2p_mgmt;
5510
5511 if (wpa_s->num_multichan_concurrent == 0)
5512 wpa_s->num_multichan_concurrent = 1;
5513
5514 if (wpa_supplicant_driver_init(wpa_s) < 0)
5515 return -1;
5516
5517#ifdef CONFIG_TDLS
5518 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5519 return -1;
5520#endif /* CONFIG_TDLS */
5521
5522 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5523 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
5524 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
5525 return -1;
5526 }
5527
5528#ifdef CONFIG_FST
5529 if (wpa_s->conf->fst_group_id) {
5530 struct fst_iface_cfg cfg;
5531 struct fst_wpa_obj iface_obj;
5532
5533 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5534 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5535 sizeof(cfg.group_id));
5536 cfg.priority = wpa_s->conf->fst_priority;
5537 cfg.llt = wpa_s->conf->fst_llt;
5538
5539 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5540 &iface_obj, &cfg);
5541 if (!wpa_s->fst) {
5542 wpa_msg(wpa_s, MSG_ERROR,
5543 "FST: Cannot attach iface %s to group %s",
5544 wpa_s->ifname, cfg.group_id);
5545 return -1;
5546 }
5547 }
5548#endif /* CONFIG_FST */
5549
5550 if (wpas_wps_init(wpa_s))
5551 return -1;
5552
5553#ifdef CONFIG_GAS_SERVER
5554 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5555 if (!wpa_s->gas_server) {
5556 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5557 return -1;
5558 }
5559#endif /* CONFIG_GAS_SERVER */
5560
5561#ifdef CONFIG_DPP
5562 if (wpas_dpp_init(wpa_s) < 0)
5563 return -1;
5564#endif /* CONFIG_DPP */
5565
5566 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5567 return -1;
5568 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5569
5570 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5571 if (wpa_s->ctrl_iface == NULL) {
5572 wpa_printf(MSG_ERROR,
5573 "Failed to initialize control interface '%s'.\n"
5574 "You may have another wpa_supplicant process "
5575 "already running or the file was\n"
5576 "left by an unclean termination of wpa_supplicant "
5577 "in which case you will need\n"
5578 "to manually remove this file before starting "
5579 "wpa_supplicant again.\n",
5580 wpa_s->conf->ctrl_interface);
5581 return -1;
5582 }
5583
5584 wpa_s->gas = gas_query_init(wpa_s);
5585 if (wpa_s->gas == NULL) {
5586 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5587 return -1;
5588 }
5589
5590 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
5591 wpa_s->p2p_mgmt) &&
5592 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
5593 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
5594 return -1;
5595 }
5596
5597 if (wpa_bss_init(wpa_s) < 0)
5598 return -1;
5599
5600#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5601#ifdef CONFIG_MESH
5602 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5603#endif /* CONFIG_MESH */
5604#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5605
5606 /*
5607 * Set Wake-on-WLAN triggers, if configured.
5608 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5609 * have effect anyway when the interface is down).
5610 */
5611 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
5612 return -1;
5613
5614#ifdef CONFIG_EAP_PROXY
5615{
5616 size_t len;
5617 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5618 wpa_s->imsi, &len);
5619 if (wpa_s->mnc_len > 0) {
5620 wpa_s->imsi[len] = '\0';
5621 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5622 wpa_s->imsi, wpa_s->mnc_len);
5623 } else {
5624 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5625 }
5626}
5627#endif /* CONFIG_EAP_PROXY */
5628
5629 if (pcsc_reader_init(wpa_s) < 0)
5630 return -1;
5631
5632 if (wpas_init_ext_pw(wpa_s) < 0)
5633 return -1;
5634
5635 wpas_rrm_reset(wpa_s);
5636
5637 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5638
5639#ifdef CONFIG_HS20
5640 hs20_init(wpa_s);
5641#endif /* CONFIG_HS20 */
5642#ifdef CONFIG_MBO
5643 if (wpa_s->conf->oce) {
5644 if ((wpa_s->conf->oce & OCE_STA) &&
5645 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5646 wpa_s->enable_oce = OCE_STA;
5647 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5648 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5649 /* TODO: Need to add STA-CFON support */
5650 wpa_printf(MSG_ERROR,
5651 "OCE STA-CFON feature is not yet supported");
5652 }
5653 }
5654 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5655#endif /* CONFIG_MBO */
5656
5657 wpa_supplicant_set_default_scan_ies(wpa_s);
5658
5659 return 0;
5660}
5661
5662
5663static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
5664 int notify, int terminate)
5665{
5666 struct wpa_global *global = wpa_s->global;
5667 struct wpa_supplicant *iface, *prev;
5668
5669 if (wpa_s == wpa_s->parent)
5670 wpas_p2p_group_remove(wpa_s, "*");
5671
5672 iface = global->ifaces;
5673 while (iface) {
5674 if (iface->p2pdev == wpa_s)
5675 iface->p2pdev = iface->parent;
5676 if (iface == wpa_s || iface->parent != wpa_s) {
5677 iface = iface->next;
5678 continue;
5679 }
5680 wpa_printf(MSG_DEBUG,
5681 "Remove remaining child interface %s from parent %s",
5682 iface->ifname, wpa_s->ifname);
5683 prev = iface;
5684 iface = iface->next;
5685 wpa_supplicant_remove_iface(global, prev, terminate);
5686 }
5687
5688 wpa_s->disconnected = 1;
5689 if (wpa_s->drv_priv) {
5690 wpa_supplicant_deauthenticate(wpa_s,
5691 WLAN_REASON_DEAUTH_LEAVING);
5692
5693 wpa_drv_set_countermeasures(wpa_s, 0);
5694 wpa_clear_keys(wpa_s, NULL);
5695 }
5696
5697 wpa_supplicant_cleanup(wpa_s);
5698 wpas_p2p_deinit_iface(wpa_s);
5699
5700 wpas_ctrl_radio_work_flush(wpa_s);
5701 radio_remove_interface(wpa_s);
5702
5703#ifdef CONFIG_FST
5704 if (wpa_s->fst) {
5705 fst_detach(wpa_s->fst);
5706 wpa_s->fst = NULL;
5707 }
5708 if (wpa_s->received_mb_ies) {
5709 wpabuf_free(wpa_s->received_mb_ies);
5710 wpa_s->received_mb_ies = NULL;
5711 }
5712#endif /* CONFIG_FST */
5713
5714 if (wpa_s->drv_priv)
5715 wpa_drv_deinit(wpa_s);
5716
5717 if (notify)
5718 wpas_notify_iface_removed(wpa_s);
5719
5720 if (terminate)
5721 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5722
5723 if (wpa_s->ctrl_iface) {
5724 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5725 wpa_s->ctrl_iface = NULL;
5726 }
5727
5728#ifdef CONFIG_MESH
5729 if (wpa_s->ifmsh) {
5730 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5731 wpa_s->ifmsh = NULL;
5732 }
5733#endif /* CONFIG_MESH */
5734
5735 if (wpa_s->conf != NULL) {
5736 wpa_config_free(wpa_s->conf);
5737 wpa_s->conf = NULL;
5738 }
5739
5740 os_free(wpa_s->ssids_from_scan_req);
5741
5742 os_free(wpa_s);
5743}
5744
5745
5746#ifdef CONFIG_MATCH_IFACE
5747
5748/**
5749 * wpa_supplicant_match_iface - Match an interface description to a name
5750 * @global: Pointer to global data from wpa_supplicant_init()
5751 * @ifname: Name of the interface to match
5752 * Returns: Pointer to the created interface description or %NULL on failure
5753 */
5754struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5755 const char *ifname)
5756{
5757 int i;
5758 struct wpa_interface *iface, *miface;
5759
5760 for (i = 0; i < global->params.match_iface_count; i++) {
5761 miface = &global->params.match_ifaces[i];
5762 if (!miface->ifname ||
5763 fnmatch(miface->ifname, ifname, 0) == 0) {
5764 iface = os_zalloc(sizeof(*iface));
5765 if (!iface)
5766 return NULL;
5767 *iface = *miface;
5768 iface->ifname = ifname;
5769 return iface;
5770 }
5771 }
5772
5773 return NULL;
5774}
5775
5776
5777/**
5778 * wpa_supplicant_match_existing - Match existing interfaces
5779 * @global: Pointer to global data from wpa_supplicant_init()
5780 * Returns: 0 on success, -1 on failure
5781 */
5782static int wpa_supplicant_match_existing(struct wpa_global *global)
5783{
5784 struct if_nameindex *ifi, *ifp;
5785 struct wpa_supplicant *wpa_s;
5786 struct wpa_interface *iface;
5787
5788 ifp = if_nameindex();
5789 if (!ifp) {
5790 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5791 return -1;
5792 }
5793
5794 for (ifi = ifp; ifi->if_name; ifi++) {
5795 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5796 if (wpa_s)
5797 continue;
5798 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5799 if (iface) {
5800 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5801 os_free(iface);
5802 if (wpa_s)
5803 wpa_s->matched = 1;
5804 }
5805 }
5806
5807 if_freenameindex(ifp);
5808 return 0;
5809}
5810
5811#endif /* CONFIG_MATCH_IFACE */
5812
5813
5814/**
5815 * wpa_supplicant_add_iface - Add a new network interface
5816 * @global: Pointer to global data from wpa_supplicant_init()
5817 * @iface: Interface configuration options
5818 * @parent: Parent interface or %NULL to assign new interface as parent
5819 * Returns: Pointer to the created interface or %NULL on failure
5820 *
5821 * This function is used to add new network interfaces for %wpa_supplicant.
5822 * This can be called before wpa_supplicant_run() to add interfaces before the
5823 * main event loop has been started. In addition, new interfaces can be added
5824 * dynamically while %wpa_supplicant is already running. This could happen,
5825 * e.g., when a hotplug network adapter is inserted.
5826 */
5827struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5828 struct wpa_interface *iface,
5829 struct wpa_supplicant *parent)
5830{
5831 struct wpa_supplicant *wpa_s;
5832 struct wpa_interface t_iface;
5833 struct wpa_ssid *ssid;
5834
5835 if (global == NULL || iface == NULL)
5836 return NULL;
5837
5838 wpa_s = wpa_supplicant_alloc(parent);
5839 if (wpa_s == NULL)
5840 return NULL;
5841
5842 wpa_s->global = global;
5843
5844 t_iface = *iface;
5845 if (global->params.override_driver) {
5846 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5847 "('%s' -> '%s')",
5848 iface->driver, global->params.override_driver);
5849 t_iface.driver = global->params.override_driver;
5850 }
5851 if (global->params.override_ctrl_interface) {
5852 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5853 "ctrl_interface ('%s' -> '%s')",
5854 iface->ctrl_interface,
5855 global->params.override_ctrl_interface);
5856 t_iface.ctrl_interface =
5857 global->params.override_ctrl_interface;
5858 }
5859 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5860 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5861 iface->ifname);
5862 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5863 return NULL;
5864 }
5865
5866 if (iface->p2p_mgmt == 0) {
5867 /* Notify the control interfaces about new iface */
5868 if (wpas_notify_iface_added(wpa_s)) {
5869 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5870 return NULL;
5871 }
5872
5873 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5874 wpas_notify_network_added(wpa_s, ssid);
5875 }
5876
5877 wpa_s->next = global->ifaces;
5878 global->ifaces = wpa_s;
5879
5880 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5881 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5882
5883#ifdef CONFIG_P2P
5884 if (wpa_s->global->p2p == NULL &&
5885 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5886 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5887 wpas_p2p_add_p2pdev_interface(
5888 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5889 wpa_printf(MSG_INFO,
5890 "P2P: Failed to enable P2P Device interface");
5891 /* Try to continue without. P2P will be disabled. */
5892 }
5893#endif /* CONFIG_P2P */
5894
5895 return wpa_s;
5896}
5897
5898
5899/**
5900 * wpa_supplicant_remove_iface - Remove a network interface
5901 * @global: Pointer to global data from wpa_supplicant_init()
5902 * @wpa_s: Pointer to the network interface to be removed
5903 * Returns: 0 if interface was removed, -1 if interface was not found
5904 *
5905 * This function can be used to dynamically remove network interfaces from
5906 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5907 * addition, this function is used to remove all remaining interfaces when
5908 * %wpa_supplicant is terminated.
5909 */
5910int wpa_supplicant_remove_iface(struct wpa_global *global,
5911 struct wpa_supplicant *wpa_s,
5912 int terminate)
5913{
5914 struct wpa_supplicant *prev;
5915#ifdef CONFIG_MESH
5916 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5917 char *ifname = NULL;
5918 struct wpa_supplicant *parent = wpa_s->parent;
5919#endif /* CONFIG_MESH */
5920
5921 /* Remove interface from the global list of interfaces */
5922 prev = global->ifaces;
5923 if (prev == wpa_s) {
5924 global->ifaces = wpa_s->next;
5925 } else {
5926 while (prev && prev->next != wpa_s)
5927 prev = prev->next;
5928 if (prev == NULL)
5929 return -1;
5930 prev->next = wpa_s->next;
5931 }
5932
5933 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5934
5935#ifdef CONFIG_MESH
5936 if (mesh_if_created) {
5937 ifname = os_strdup(wpa_s->ifname);
5938 if (ifname == NULL) {
5939 wpa_dbg(wpa_s, MSG_ERROR,
5940 "mesh: Failed to malloc ifname");
5941 return -1;
5942 }
5943 }
5944#endif /* CONFIG_MESH */
5945
5946 if (global->p2p_group_formation == wpa_s)
5947 global->p2p_group_formation = NULL;
5948 if (global->p2p_invite_group == wpa_s)
5949 global->p2p_invite_group = NULL;
5950 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5951
5952#ifdef CONFIG_MESH
5953 if (mesh_if_created) {
5954 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5955 os_free(ifname);
5956 }
5957#endif /* CONFIG_MESH */
5958
5959 return 0;
5960}
5961
5962
5963/**
5964 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5965 * @wpa_s: Pointer to the network interface
5966 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5967 */
5968const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5969{
5970 const char *eapol_method;
5971
5972 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5973 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5974 return "NO-EAP";
5975 }
5976
5977 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5978 if (eapol_method == NULL)
5979 return "UNKNOWN-EAP";
5980
5981 return eapol_method;
5982}
5983
5984
5985/**
5986 * wpa_supplicant_get_iface - Get a new network interface
5987 * @global: Pointer to global data from wpa_supplicant_init()
5988 * @ifname: Interface name
5989 * Returns: Pointer to the interface or %NULL if not found
5990 */
5991struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5992 const char *ifname)
5993{
5994 struct wpa_supplicant *wpa_s;
5995
5996 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5997 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5998 return wpa_s;
5999 }
6000 return NULL;
6001}
6002
6003
6004#ifndef CONFIG_NO_WPA_MSG
6005static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6006{
6007 struct wpa_supplicant *wpa_s = ctx;
6008 if (wpa_s == NULL)
6009 return NULL;
6010 return wpa_s->ifname;
6011}
6012#endif /* CONFIG_NO_WPA_MSG */
6013
6014
6015#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6016#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6017#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6018
6019/* Periodic cleanup tasks */
6020static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6021{
6022 struct wpa_global *global = eloop_ctx;
6023 struct wpa_supplicant *wpa_s;
6024
6025 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6026 wpas_periodic, global, NULL);
6027
6028#ifdef CONFIG_P2P
6029 if (global->p2p)
6030 p2p_expire_peers(global->p2p);
6031#endif /* CONFIG_P2P */
6032
6033 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6034 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
6035#ifdef CONFIG_AP
6036 ap_periodic(wpa_s);
6037#endif /* CONFIG_AP */
6038 }
6039}
6040
6041
6042/**
6043 * wpa_supplicant_init - Initialize %wpa_supplicant
6044 * @params: Parameters for %wpa_supplicant
6045 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6046 *
6047 * This function is used to initialize %wpa_supplicant. After successful
6048 * initialization, the returned data pointer can be used to add and remove
6049 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6050 */
6051struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6052{
6053 struct wpa_global *global;
6054 int ret, i;
6055
6056 if (params == NULL)
6057 return NULL;
6058
6059#ifdef CONFIG_DRIVER_NDIS
6060 {
6061 void driver_ndis_init_ops(void);
6062 driver_ndis_init_ops();
6063 }
6064#endif /* CONFIG_DRIVER_NDIS */
6065
6066#ifndef CONFIG_NO_WPA_MSG
6067 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
6068#endif /* CONFIG_NO_WPA_MSG */
6069
6070 if (params->wpa_debug_file_path)
6071 wpa_debug_open_file(params->wpa_debug_file_path);
6072 else
6073 wpa_debug_setup_stdout();
6074 if (params->wpa_debug_syslog)
6075 wpa_debug_open_syslog();
6076 if (params->wpa_debug_tracing) {
6077 ret = wpa_debug_open_linux_tracing();
6078 if (ret) {
6079 wpa_printf(MSG_ERROR,
6080 "Failed to enable trace logging");
6081 return NULL;
6082 }
6083 }
6084
6085 ret = eap_register_methods();
6086 if (ret) {
6087 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6088 if (ret == -2)
6089 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6090 "the same EAP type.");
6091 return NULL;
6092 }
6093
6094 global = os_zalloc(sizeof(*global));
6095 if (global == NULL)
6096 return NULL;
6097 dl_list_init(&global->p2p_srv_bonjour);
6098 dl_list_init(&global->p2p_srv_upnp);
6099 global->params.daemonize = params->daemonize;
6100 global->params.wait_for_monitor = params->wait_for_monitor;
6101 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6102 if (params->pid_file)
6103 global->params.pid_file = os_strdup(params->pid_file);
6104 if (params->ctrl_interface)
6105 global->params.ctrl_interface =
6106 os_strdup(params->ctrl_interface);
6107 if (params->ctrl_interface_group)
6108 global->params.ctrl_interface_group =
6109 os_strdup(params->ctrl_interface_group);
6110 if (params->override_driver)
6111 global->params.override_driver =
6112 os_strdup(params->override_driver);
6113 if (params->override_ctrl_interface)
6114 global->params.override_ctrl_interface =
6115 os_strdup(params->override_ctrl_interface);
6116#ifdef CONFIG_MATCH_IFACE
6117 global->params.match_iface_count = params->match_iface_count;
6118 if (params->match_iface_count) {
6119 global->params.match_ifaces =
6120 os_calloc(params->match_iface_count,
6121 sizeof(struct wpa_interface));
6122 os_memcpy(global->params.match_ifaces,
6123 params->match_ifaces,
6124 params->match_iface_count *
6125 sizeof(struct wpa_interface));
6126 }
6127#endif /* CONFIG_MATCH_IFACE */
6128#ifdef CONFIG_P2P
6129 if (params->conf_p2p_dev)
6130 global->params.conf_p2p_dev =
6131 os_strdup(params->conf_p2p_dev);
6132#endif /* CONFIG_P2P */
6133 wpa_debug_level = global->params.wpa_debug_level =
6134 params->wpa_debug_level;
6135 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6136 params->wpa_debug_show_keys;
6137 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6138 params->wpa_debug_timestamp;
6139
6140 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6141
6142 if (eloop_init()) {
6143 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6144 wpa_supplicant_deinit(global);
6145 return NULL;
6146 }
6147
6148 random_init(params->entropy_file);
6149
6150 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6151 if (global->ctrl_iface == NULL) {
6152 wpa_supplicant_deinit(global);
6153 return NULL;
6154 }
6155
6156 if (wpas_notify_supplicant_initialized(global)) {
6157 wpa_supplicant_deinit(global);
6158 return NULL;
6159 }
6160
6161 for (i = 0; wpa_drivers[i]; i++)
6162 global->drv_count++;
6163 if (global->drv_count == 0) {
6164 wpa_printf(MSG_ERROR, "No drivers enabled");
6165 wpa_supplicant_deinit(global);
6166 return NULL;
6167 }
6168 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
6169 if (global->drv_priv == NULL) {
6170 wpa_supplicant_deinit(global);
6171 return NULL;
6172 }
6173
6174#ifdef CONFIG_WIFI_DISPLAY
6175 if (wifi_display_init(global) < 0) {
6176 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6177 wpa_supplicant_deinit(global);
6178 return NULL;
6179 }
6180#endif /* CONFIG_WIFI_DISPLAY */
6181
6182 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6183 wpas_periodic, global, NULL);
6184
6185 return global;
6186}
6187
6188
6189/**
6190 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6191 * @global: Pointer to global data from wpa_supplicant_init()
6192 * Returns: 0 after successful event loop run, -1 on failure
6193 *
6194 * This function starts the main event loop and continues running as long as
6195 * there are any remaining events. In most cases, this function is running as
6196 * long as the %wpa_supplicant process in still in use.
6197 */
6198int wpa_supplicant_run(struct wpa_global *global)
6199{
6200 struct wpa_supplicant *wpa_s;
6201
6202 if (global->params.daemonize &&
6203 (wpa_supplicant_daemon(global->params.pid_file) ||
6204 eloop_sock_requeue()))
6205 return -1;
6206
6207#ifdef CONFIG_MATCH_IFACE
6208 if (wpa_supplicant_match_existing(global))
6209 return -1;
6210#endif
6211
6212 if (global->params.wait_for_monitor) {
6213 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
6214 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6215 wpa_supplicant_ctrl_iface_wait(
6216 wpa_s->ctrl_iface);
6217 }
6218
6219 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6220 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6221
6222 eloop_run();
6223
6224 return 0;
6225}
6226
6227
6228/**
6229 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6230 * @global: Pointer to global data from wpa_supplicant_init()
6231 *
6232 * This function is called to deinitialize %wpa_supplicant and to free all
6233 * allocated resources. Remaining network interfaces will also be removed.
6234 */
6235void wpa_supplicant_deinit(struct wpa_global *global)
6236{
6237 int i;
6238
6239 if (global == NULL)
6240 return;
6241
6242 eloop_cancel_timeout(wpas_periodic, global, NULL);
6243
6244#ifdef CONFIG_WIFI_DISPLAY
6245 wifi_display_deinit(global);
6246#endif /* CONFIG_WIFI_DISPLAY */
6247
6248 while (global->ifaces)
6249 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6250
6251 if (global->ctrl_iface)
6252 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
6253
6254 wpas_notify_supplicant_deinitialized(global);
6255
6256 eap_peer_unregister_methods();
6257#ifdef CONFIG_AP
6258 eap_server_unregister_methods();
6259#endif /* CONFIG_AP */
6260
6261 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
6262 if (!global->drv_priv[i])
6263 continue;
6264 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
6265 }
6266 os_free(global->drv_priv);
6267
6268 random_deinit();
6269
6270 eloop_destroy();
6271
6272 if (global->params.pid_file) {
6273 os_daemonize_terminate(global->params.pid_file);
6274 os_free(global->params.pid_file);
6275 }
6276 os_free(global->params.ctrl_interface);
6277 os_free(global->params.ctrl_interface_group);
6278 os_free(global->params.override_driver);
6279 os_free(global->params.override_ctrl_interface);
6280#ifdef CONFIG_MATCH_IFACE
6281 os_free(global->params.match_ifaces);
6282#endif /* CONFIG_MATCH_IFACE */
6283#ifdef CONFIG_P2P
6284 os_free(global->params.conf_p2p_dev);
6285#endif /* CONFIG_P2P */
6286
6287 os_free(global->p2p_disallow_freq.range);
6288 os_free(global->p2p_go_avoid_freq.range);
6289 os_free(global->add_psk);
6290
6291 os_free(global);
6292 wpa_debug_close_syslog();
6293 wpa_debug_close_file();
6294 wpa_debug_close_linux_tracing();
6295}
6296
6297
6298void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6299{
6300 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6301 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6302 char country[3];
6303 country[0] = wpa_s->conf->country[0];
6304 country[1] = wpa_s->conf->country[1];
6305 country[2] = '\0';
6306 if (wpa_drv_set_country(wpa_s, country) < 0) {
6307 wpa_printf(MSG_ERROR, "Failed to set country code "
6308 "'%s'", country);
6309 }
6310 }
6311
6312 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6313 wpas_init_ext_pw(wpa_s);
6314
6315 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6316 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6317
6318 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6319 struct wpa_driver_capa capa;
6320 int res = wpa_drv_get_capa(wpa_s, &capa);
6321
6322 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6323 wpa_printf(MSG_ERROR,
6324 "Failed to update wowlan_triggers to '%s'",
6325 wpa_s->conf->wowlan_triggers);
6326 }
6327
6328#ifdef CONFIG_WPS
6329 wpas_wps_update_config(wpa_s);
6330#endif /* CONFIG_WPS */
6331 wpas_p2p_update_config(wpa_s);
6332 wpa_s->conf->changed_parameters = 0;
6333}
6334
6335
6336void add_freq(int *freqs, int *num_freqs, int freq)
6337{
6338 int i;
6339
6340 for (i = 0; i < *num_freqs; i++) {
6341 if (freqs[i] == freq)
6342 return;
6343 }
6344
6345 freqs[*num_freqs] = freq;
6346 (*num_freqs)++;
6347}
6348
6349
6350static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6351{
6352 struct wpa_bss *bss, *cbss;
6353 const int max_freqs = 10;
6354 int *freqs;
6355 int num_freqs = 0;
6356
6357 freqs = os_calloc(max_freqs + 1, sizeof(int));
6358 if (freqs == NULL)
6359 return NULL;
6360
6361 cbss = wpa_s->current_bss;
6362
6363 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6364 if (bss == cbss)
6365 continue;
6366 if (bss->ssid_len == cbss->ssid_len &&
6367 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6368 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6369 add_freq(freqs, &num_freqs, bss->freq);
6370 if (num_freqs == max_freqs)
6371 break;
6372 }
6373 }
6374
6375 if (num_freqs == 0) {
6376 os_free(freqs);
6377 freqs = NULL;
6378 }
6379
6380 return freqs;
6381}
6382
6383
6384void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6385{
6386 int timeout;
6387 int count;
6388 int *freqs = NULL;
6389
6390 wpas_connect_work_done(wpa_s);
6391
6392 /*
6393 * Remove possible authentication timeout since the connection failed.
6394 */
6395 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6396
6397 /*
6398 * There is no point in blacklisting the AP if this event is
6399 * generated based on local request to disconnect.
6400 */
6401 if (wpa_s->own_disconnect_req) {
6402 wpa_s->own_disconnect_req = 0;
6403 wpa_dbg(wpa_s, MSG_DEBUG,
6404 "Ignore connection failure due to local request to disconnect");
6405 return;
6406 }
6407 if (wpa_s->disconnected) {
6408 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6409 "indication since interface has been put into "
6410 "disconnected state");
6411 return;
6412 }
6413
6414 /*
6415 * Add the failed BSSID into the blacklist and speed up next scan
6416 * attempt if there could be other APs that could accept association.
6417 * The current blacklist count indicates how many times we have tried
6418 * connecting to this AP and multiple attempts mean that other APs are
6419 * either not available or has already been tried, so that we can start
6420 * increasing the delay here to avoid constant scanning.
6421 */
6422 count = wpa_blacklist_add(wpa_s, bssid);
6423 if (count == 1 && wpa_s->current_bss) {
6424 /*
6425 * This BSS was not in the blacklist before. If there is
6426 * another BSS available for the same ESS, we should try that
6427 * next. Otherwise, we may as well try this one once more
6428 * before allowing other, likely worse, ESSes to be considered.
6429 */
6430 freqs = get_bss_freqs_in_ess(wpa_s);
6431 if (freqs) {
6432 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6433 "has been seen; try it next");
6434 wpa_blacklist_add(wpa_s, bssid);
6435 /*
6436 * On the next scan, go through only the known channels
6437 * used in this ESS based on previous scans to speed up
6438 * common load balancing use case.
6439 */
6440 os_free(wpa_s->next_scan_freqs);
6441 wpa_s->next_scan_freqs = freqs;
6442 }
6443 }
6444
6445 /*
6446 * Add previous failure count in case the temporary blacklist was
6447 * cleared due to no other BSSes being available.
6448 */
6449 count += wpa_s->extra_blacklist_count;
6450
6451 if (count > 3 && wpa_s->current_ssid) {
6452 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6453 "consider temporary network disabling");
6454 wpas_auth_failed(wpa_s, "CONN_FAILED");
6455 }
6456
6457 switch (count) {
6458 case 1:
6459 timeout = 100;
6460 break;
6461 case 2:
6462 timeout = 500;
6463 break;
6464 case 3:
6465 timeout = 1000;
6466 break;
6467 case 4:
6468 timeout = 5000;
6469 break;
6470 default:
6471 timeout = 10000;
6472 break;
6473 }
6474
6475 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6476 "ms", count, timeout);
6477
6478 /*
6479 * TODO: if more than one possible AP is available in scan results,
6480 * could try the other ones before requesting a new scan.
6481 */
6482 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6483 1000 * (timeout % 1000));
6484}
6485
6486
6487int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6488{
6489 return wpa_s->conf->ap_scan == 2 ||
6490 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6491}
6492
6493
6494#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6495int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6496 struct wpa_ssid *ssid,
6497 const char *field,
6498 const char *value)
6499{
6500#ifdef IEEE8021X_EAPOL
6501 struct eap_peer_config *eap = &ssid->eap;
6502
6503 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6504 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6505 (const u8 *) value, os_strlen(value));
6506
6507 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6508 case WPA_CTRL_REQ_EAP_IDENTITY:
6509 os_free(eap->identity);
6510 eap->identity = (u8 *) os_strdup(value);
6511 eap->identity_len = os_strlen(value);
6512 eap->pending_req_identity = 0;
6513 if (ssid == wpa_s->current_ssid)
6514 wpa_s->reassociate = 1;
6515 break;
6516 case WPA_CTRL_REQ_EAP_PASSWORD:
6517 bin_clear_free(eap->password, eap->password_len);
6518 eap->password = (u8 *) os_strdup(value);
6519 eap->password_len = os_strlen(value);
6520 eap->pending_req_password = 0;
6521 if (ssid == wpa_s->current_ssid)
6522 wpa_s->reassociate = 1;
6523 break;
6524 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
6525 bin_clear_free(eap->new_password, eap->new_password_len);
6526 eap->new_password = (u8 *) os_strdup(value);
6527 eap->new_password_len = os_strlen(value);
6528 eap->pending_req_new_password = 0;
6529 if (ssid == wpa_s->current_ssid)
6530 wpa_s->reassociate = 1;
6531 break;
6532 case WPA_CTRL_REQ_EAP_PIN:
6533 str_clear_free(eap->pin);
6534 eap->pin = os_strdup(value);
6535 eap->pending_req_pin = 0;
6536 if (ssid == wpa_s->current_ssid)
6537 wpa_s->reassociate = 1;
6538 break;
6539 case WPA_CTRL_REQ_EAP_OTP:
6540 bin_clear_free(eap->otp, eap->otp_len);
6541 eap->otp = (u8 *) os_strdup(value);
6542 eap->otp_len = os_strlen(value);
6543 os_free(eap->pending_req_otp);
6544 eap->pending_req_otp = NULL;
6545 eap->pending_req_otp_len = 0;
6546 break;
6547 case WPA_CTRL_REQ_EAP_PASSPHRASE:
6548 str_clear_free(eap->private_key_passwd);
6549 eap->private_key_passwd = os_strdup(value);
6550 eap->pending_req_passphrase = 0;
6551 if (ssid == wpa_s->current_ssid)
6552 wpa_s->reassociate = 1;
6553 break;
6554 case WPA_CTRL_REQ_SIM:
6555 str_clear_free(eap->external_sim_resp);
6556 eap->external_sim_resp = os_strdup(value);
6557 eap->pending_req_sim = 0;
6558 break;
6559 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6560 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6561 return -1;
6562 ssid->mem_only_psk = 1;
6563 if (ssid->passphrase)
6564 wpa_config_update_psk(ssid);
6565 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6566 wpa_supplicant_req_scan(wpa_s, 0, 0);
6567 break;
6568 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6569 if (eap->pending_ext_cert_check != PENDING_CHECK)
6570 return -1;
6571 if (os_strcmp(value, "good") == 0)
6572 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6573 else if (os_strcmp(value, "bad") == 0)
6574 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6575 else
6576 return -1;
6577 break;
6578 default:
6579 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6580 return -1;
6581 }
6582
6583 return 0;
6584#else /* IEEE8021X_EAPOL */
6585 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6586 return -1;
6587#endif /* IEEE8021X_EAPOL */
6588}
6589#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6590
6591
6592int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6593{
6594 int i;
6595 unsigned int drv_enc;
6596
6597 if (wpa_s->p2p_mgmt)
6598 return 1; /* no normal network profiles on p2p_mgmt interface */
6599
6600 if (ssid == NULL)
6601 return 1;
6602
6603 if (ssid->disabled)
6604 return 1;
6605
6606 if (wpa_s->drv_capa_known)
6607 drv_enc = wpa_s->drv_enc;
6608 else
6609 drv_enc = (unsigned int) -1;
6610
6611 for (i = 0; i < NUM_WEP_KEYS; i++) {
6612 size_t len = ssid->wep_key_len[i];
6613 if (len == 0)
6614 continue;
6615 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6616 continue;
6617 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6618 continue;
6619 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6620 continue;
6621 return 1; /* invalid WEP key */
6622 }
6623
6624 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
6625 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
6626 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
6627 !ssid->mem_only_psk)
6628 return 1;
6629
6630 return 0;
6631}
6632
6633
6634int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6635{
6636#ifdef CONFIG_IEEE80211W
6637 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6638 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6639 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6640 /*
6641 * Driver does not support BIP -- ignore pmf=1 default
6642 * since the connection with PMF would fail and the
6643 * configuration does not require PMF to be enabled.
6644 */
6645 return NO_MGMT_FRAME_PROTECTION;
6646 }
6647
6648 if (ssid &&
6649 (ssid->key_mgmt &
6650 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6651 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6652 /*
6653 * Do not use the default PMF value for non-RSN networks
6654 * since PMF is available only with RSN and pmf=2
6655 * configuration would otherwise prevent connections to
6656 * all open networks.
6657 */
6658 return NO_MGMT_FRAME_PROTECTION;
6659 }
6660
6661 return wpa_s->conf->pmf;
6662 }
6663
6664 return ssid->ieee80211w;
6665#else /* CONFIG_IEEE80211W */
6666 return NO_MGMT_FRAME_PROTECTION;
6667#endif /* CONFIG_IEEE80211W */
6668}
6669
6670
6671int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6672{
6673 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6674 return 1;
6675 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6676 return 0;
6677 return -1;
6678}
6679
6680
6681void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
6682{
6683 struct wpa_ssid *ssid = wpa_s->current_ssid;
6684 int dur;
6685 struct os_reltime now;
6686
6687 if (ssid == NULL) {
6688 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6689 "SSID block");
6690 return;
6691 }
6692
6693 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6694 return;
6695
6696 ssid->auth_failures++;
6697
6698#ifdef CONFIG_P2P
6699 if (ssid->p2p_group &&
6700 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6701 /*
6702 * Skip the wait time since there is a short timeout on the
6703 * connection to a P2P group.
6704 */
6705 return;
6706 }
6707#endif /* CONFIG_P2P */
6708
6709 if (ssid->auth_failures > 50)
6710 dur = 300;
6711 else if (ssid->auth_failures > 10)
6712 dur = 120;
6713 else if (ssid->auth_failures > 5)
6714 dur = 90;
6715 else if (ssid->auth_failures > 3)
6716 dur = 60;
6717 else if (ssid->auth_failures > 2)
6718 dur = 30;
6719 else if (ssid->auth_failures > 1)
6720 dur = 20;
6721 else
6722 dur = 10;
6723
6724 if (ssid->auth_failures > 1 &&
6725 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6726 dur += os_random() % (ssid->auth_failures * 10);
6727
6728 os_get_reltime(&now);
6729 if (now.sec + dur <= ssid->disabled_until.sec)
6730 return;
6731
6732 ssid->disabled_until.sec = now.sec + dur;
6733
6734 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
6735 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6736 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
6737 ssid->auth_failures, dur, reason);
6738}
6739
6740
6741void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6742 struct wpa_ssid *ssid, int clear_failures)
6743{
6744 if (ssid == NULL)
6745 return;
6746
6747 if (ssid->disabled_until.sec) {
6748 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6749 "id=%d ssid=\"%s\"",
6750 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6751 }
6752 ssid->disabled_until.sec = 0;
6753 ssid->disabled_until.usec = 0;
6754 if (clear_failures)
6755 ssid->auth_failures = 0;
6756}
6757
6758
6759int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6760{
6761 size_t i;
6762
6763 if (wpa_s->disallow_aps_bssid == NULL)
6764 return 0;
6765
6766 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6767 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6768 bssid, ETH_ALEN) == 0)
6769 return 1;
6770 }
6771
6772 return 0;
6773}
6774
6775
6776int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6777 size_t ssid_len)
6778{
6779 size_t i;
6780
6781 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6782 return 0;
6783
6784 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6785 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6786 if (ssid_len == s->ssid_len &&
6787 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6788 return 1;
6789 }
6790
6791 return 0;
6792}
6793
6794
6795/**
6796 * wpas_request_connection - Request a new connection
6797 * @wpa_s: Pointer to the network interface
6798 *
6799 * This function is used to request a new connection to be found. It will mark
6800 * the interface to allow reassociation and request a new scan to find a
6801 * suitable network to connect to.
6802 */
6803void wpas_request_connection(struct wpa_supplicant *wpa_s)
6804{
6805 wpa_s->normal_scans = 0;
6806 wpa_s->scan_req = NORMAL_SCAN_REQ;
6807 wpa_supplicant_reinit_autoscan(wpa_s);
6808 wpa_s->extra_blacklist_count = 0;
6809 wpa_s->disconnected = 0;
6810 wpa_s->reassociate = 1;
6811 wpa_s->last_owe_group = 0;
6812
6813 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6814 wpa_supplicant_req_scan(wpa_s, 0, 0);
6815 else
6816 wpa_s->reattach = 0;
6817}
6818
6819
6820/**
6821 * wpas_request_disconnection - Request disconnection
6822 * @wpa_s: Pointer to the network interface
6823 *
6824 * This function is used to request disconnection from the currently connected
6825 * network. This will stop any ongoing scans and initiate deauthentication.
6826 */
6827void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6828{
6829#ifdef CONFIG_SME
6830 wpa_s->sme.prev_bssid_set = 0;
6831#endif /* CONFIG_SME */
6832 wpa_s->reassociate = 0;
6833 wpa_s->disconnected = 1;
6834 wpa_supplicant_cancel_sched_scan(wpa_s);
6835 wpa_supplicant_cancel_scan(wpa_s);
6836 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6837 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6838}
6839
6840
6841void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6842 struct wpa_used_freq_data *freqs_data,
6843 unsigned int len)
6844{
6845 unsigned int i;
6846
6847 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6848 len, title);
6849 for (i = 0; i < len; i++) {
6850 struct wpa_used_freq_data *cur = &freqs_data[i];
6851 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6852 i, cur->freq, cur->flags);
6853 }
6854}
6855
6856
6857/*
6858 * Find the operating frequencies of any of the virtual interfaces that
6859 * are using the same radio as the current interface, and in addition, get
6860 * information about the interface types that are using the frequency.
6861 */
6862int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6863 struct wpa_used_freq_data *freqs_data,
6864 unsigned int len)
6865{
6866 struct wpa_supplicant *ifs;
6867 u8 bssid[ETH_ALEN];
6868 int freq;
6869 unsigned int idx = 0, i;
6870
6871 wpa_dbg(wpa_s, MSG_DEBUG,
6872 "Determining shared radio frequencies (max len %u)", len);
6873 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6874
6875 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6876 radio_list) {
6877 if (idx == len)
6878 break;
6879
6880 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6881 continue;
6882
6883 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6884 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6885 ifs->current_ssid->mode == WPAS_MODE_MESH)
6886 freq = ifs->current_ssid->frequency;
6887 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6888 freq = ifs->assoc_freq;
6889 else
6890 continue;
6891
6892 /* Hold only distinct freqs */
6893 for (i = 0; i < idx; i++)
6894 if (freqs_data[i].freq == freq)
6895 break;
6896
6897 if (i == idx)
6898 freqs_data[idx++].freq = freq;
6899
6900 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6901 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6902 WPA_FREQ_USED_BY_P2P_CLIENT :
6903 WPA_FREQ_USED_BY_INFRA_STATION;
6904 }
6905 }
6906
6907 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6908 return idx;
6909}
6910
6911
6912/*
6913 * Find the operating frequencies of any of the virtual interfaces that
6914 * are using the same radio as the current interface.
6915 */
6916int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6917 int *freq_array, unsigned int len)
6918{
6919 struct wpa_used_freq_data *freqs_data;
6920 int num, i;
6921
6922 os_memset(freq_array, 0, sizeof(int) * len);
6923
6924 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6925 if (!freqs_data)
6926 return -1;
6927
6928 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6929 for (i = 0; i < num; i++)
6930 freq_array[i] = freqs_data[i].freq;
6931
6932 os_free(freqs_data);
6933
6934 return num;
6935}
6936
6937
6938struct wpa_supplicant *
6939wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6940{
6941 switch (frame) {
6942#ifdef CONFIG_P2P
6943 case VENDOR_ELEM_PROBE_REQ_P2P:
6944 case VENDOR_ELEM_PROBE_RESP_P2P:
6945 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6946 case VENDOR_ELEM_BEACON_P2P_GO:
6947 case VENDOR_ELEM_P2P_PD_REQ:
6948 case VENDOR_ELEM_P2P_PD_RESP:
6949 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6950 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6951 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6952 case VENDOR_ELEM_P2P_INV_REQ:
6953 case VENDOR_ELEM_P2P_INV_RESP:
6954 case VENDOR_ELEM_P2P_ASSOC_REQ:
6955 case VENDOR_ELEM_P2P_ASSOC_RESP:
6956 return wpa_s->p2pdev;
6957#endif /* CONFIG_P2P */
6958 default:
6959 return wpa_s;
6960 }
6961}
6962
6963
6964void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6965{
6966 unsigned int i;
6967 char buf[30];
6968
6969 wpa_printf(MSG_DEBUG, "Update vendor elements");
6970
6971 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6972 if (wpa_s->vendor_elem[i]) {
6973 int res;
6974
6975 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6976 if (!os_snprintf_error(sizeof(buf), res)) {
6977 wpa_hexdump_buf(MSG_DEBUG, buf,
6978 wpa_s->vendor_elem[i]);
6979 }
6980 }
6981 }
6982
6983#ifdef CONFIG_P2P
6984 if (wpa_s->parent == wpa_s &&
6985 wpa_s->global->p2p &&
6986 !wpa_s->global->p2p_disabled)
6987 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6988#endif /* CONFIG_P2P */
6989}
6990
6991
6992int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6993 const u8 *elem, size_t len)
6994{
6995 u8 *ie, *end;
6996
6997 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6998 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6999
7000 for (; ie + 1 < end; ie += 2 + ie[1]) {
7001 if (ie + len > end)
7002 break;
7003 if (os_memcmp(ie, elem, len) != 0)
7004 continue;
7005
7006 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7007 wpabuf_free(wpa_s->vendor_elem[frame]);
7008 wpa_s->vendor_elem[frame] = NULL;
7009 } else {
7010 os_memmove(ie, ie + len, end - (ie + len));
7011 wpa_s->vendor_elem[frame]->used -= len;
7012 }
7013 wpas_vendor_elem_update(wpa_s);
7014 return 0;
7015 }
7016
7017 return -1;
7018}
7019
7020
7021struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7022 u16 num_modes, enum hostapd_hw_mode mode)
7023{
7024 u16 i;
7025
7026 for (i = 0; i < num_modes; i++) {
7027 if (modes[i].mode == mode)
7028 return &modes[i];
7029 }
7030
7031 return NULL;
7032}
7033
7034
7035static struct
7036wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7037 const u8 *bssid)
7038{
7039 struct wpa_bss_tmp_disallowed *bss;
7040
7041 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7042 struct wpa_bss_tmp_disallowed, list) {
7043 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7044 return bss;
7045 }
7046
7047 return NULL;
7048}
7049
7050
7051static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7052{
7053 struct wpa_bss_tmp_disallowed *tmp;
7054 unsigned int num_bssid = 0;
7055 u8 *bssids;
7056 int ret;
7057
7058 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7059 if (!bssids)
7060 return -1;
7061 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7062 struct wpa_bss_tmp_disallowed, list) {
7063 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7064 ETH_ALEN);
7065 num_bssid++;
7066 }
7067 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7068 os_free(bssids);
7069 return ret;
7070}
7071
7072
7073static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7074{
7075 struct wpa_supplicant *wpa_s = eloop_ctx;
7076 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7077
7078 /* Make sure the bss is not already freed */
7079 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7080 struct wpa_bss_tmp_disallowed, list) {
7081 if (bss == tmp) {
7082 dl_list_del(&tmp->list);
7083 os_free(tmp);
7084 wpa_set_driver_tmp_disallow_list(wpa_s);
7085 break;
7086 }
7087 }
7088}
7089
7090
7091void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7092 unsigned int sec)
7093{
7094 struct wpa_bss_tmp_disallowed *bss;
7095
7096 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7097 if (bss) {
7098 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7099 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7100 wpa_s, bss);
7101 return;
7102 }
7103
7104 bss = os_malloc(sizeof(*bss));
7105 if (!bss) {
7106 wpa_printf(MSG_DEBUG,
7107 "Failed to allocate memory for temp disallow BSS");
7108 return;
7109 }
7110
7111 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7112 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
7113 wpa_set_driver_tmp_disallow_list(wpa_s);
7114 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7115 wpa_s, bss);
7116}
7117
7118
7119int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7120{
7121 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
7122
7123 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7124 struct wpa_bss_tmp_disallowed, list) {
7125 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
7126 bss = tmp;
7127 break;
7128 }
7129 }
7130 if (!bss)
7131 return 0;
7132
7133 return 1;
7134}
Unnamed repository; edit this file 'description' to name the repository.