2 * WPA Supplicant / UNIX domain socket -based control interface
3 * Copyright (c) 2004-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
17 #include <sys/ioctl.h>
18 #include <linux/sockios.h>
19 #endif /* __linux__ */
21 #include <cutils/sockets.h>
24 #include "utils/common.h"
25 #include "utils/eloop.h"
26 #include "utils/list.h"
27 #include "common/ctrl_iface_common.h"
28 #include "eapol_supp/eapol_supp_sm.h"
30 #include "wpa_supplicant_i.h"
31 #include "ctrl_iface.h"
33 /* Per-interface ctrl_iface */
35 struct ctrl_iface_priv
{
36 struct wpa_supplicant
*wpa_s
;
38 struct dl_list ctrl_dst
;
39 int android_control_socket
;
40 struct dl_list msg_queue
;
41 unsigned int throttle_count
;
45 struct ctrl_iface_global_priv
{
46 struct wpa_global
*global
;
48 struct dl_list ctrl_dst
;
49 int android_control_socket
;
50 struct dl_list msg_queue
;
51 unsigned int throttle_count
;
54 struct ctrl_iface_msg
{
56 struct wpa_supplicant
*wpa_s
;
58 enum wpa_msg_type type
;
64 static void wpa_supplicant_ctrl_iface_send(struct wpa_supplicant
*wpa_s
,
65 const char *ifname
, int sock
,
66 struct dl_list
*ctrl_dst
,
67 int level
, const char *buf
,
69 struct ctrl_iface_priv
*priv
,
70 struct ctrl_iface_global_priv
*gp
);
71 static int wpas_ctrl_iface_reinit(struct wpa_supplicant
*wpa_s
,
72 struct ctrl_iface_priv
*priv
);
73 static int wpas_ctrl_iface_global_reinit(struct wpa_global
*global
,
74 struct ctrl_iface_global_priv
*priv
);
77 static void wpas_ctrl_sock_debug(const char *title
, int sock
, const char *buf
,
83 int level
= MSG_MSGDUMP
;
85 if (len
>= 5 && os_strncmp(buf
, "PONG\n", 5) == 0)
86 level
= MSG_EXCESSIVE
;
88 optlen
= sizeof(sndbuf
);
90 if (getsockopt(sock
, SOL_SOCKET
, SO_SNDBUF
, &sndbuf
, &optlen
) < 0)
93 if (ioctl(sock
, SIOCOUTQ
, &outq
) < 0)
97 "CTRL-DEBUG: %s: sock=%d sndbuf=%d outq=%d send_len=%d",
98 title
, sock
, sndbuf
, outq
, (int) len
);
99 #endif /* __linux__ */
103 static int wpa_supplicant_ctrl_iface_attach(struct dl_list
*ctrl_dst
,
104 struct sockaddr_un
*from
,
105 socklen_t fromlen
, int global
)
107 return ctrl_iface_attach(ctrl_dst
, from
, fromlen
);
111 static int wpa_supplicant_ctrl_iface_detach(struct dl_list
*ctrl_dst
,
112 struct sockaddr_un
*from
,
115 return ctrl_iface_detach(ctrl_dst
, from
, fromlen
);
119 static int wpa_supplicant_ctrl_iface_level(struct ctrl_iface_priv
*priv
,
120 struct sockaddr_un
*from
,
124 wpa_printf(MSG_DEBUG
, "CTRL_IFACE LEVEL %s", level
);
126 return ctrl_iface_level(&priv
->ctrl_dst
, from
, fromlen
, level
);
130 static void wpa_supplicant_ctrl_iface_receive(int sock
, void *eloop_ctx
,
133 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
134 struct ctrl_iface_priv
*priv
= sock_ctx
;
137 struct sockaddr_un from
;
138 socklen_t fromlen
= sizeof(from
);
139 char *reply
= NULL
, *reply_buf
= NULL
;
140 size_t reply_len
= 0;
141 int new_attached
= 0;
143 res
= recvfrom(sock
, buf
, sizeof(buf
) - 1, 0,
144 (struct sockaddr
*) &from
, &fromlen
);
146 wpa_printf(MSG_ERROR
, "recvfrom(ctrl_iface): %s",
152 if (os_strcmp(buf
, "ATTACH") == 0) {
153 if (wpa_supplicant_ctrl_iface_attach(&priv
->ctrl_dst
, &from
,
160 } else if (os_strcmp(buf
, "DETACH") == 0) {
161 if (wpa_supplicant_ctrl_iface_detach(&priv
->ctrl_dst
, &from
,
166 } else if (os_strncmp(buf
, "LEVEL ", 6) == 0) {
167 if (wpa_supplicant_ctrl_iface_level(priv
, &from
, fromlen
,
173 reply_buf
= wpa_supplicant_ctrl_iface_process(wpa_s
, buf
,
178 * There could be some password/key material in the command, so
179 * clear the buffer explicitly now that it is not needed
182 os_memset(buf
, 0, res
);
185 if (!reply
&& reply_len
== 1) {
188 } else if (!reply
&& reply_len
== 2) {
194 wpas_ctrl_sock_debug("ctrl_sock-sendto", sock
, reply
,
196 if (sendto(sock
, reply
, reply_len
, 0, (struct sockaddr
*) &from
,
199 wpa_dbg(wpa_s
, MSG_DEBUG
,
200 "ctrl_iface sendto failed: %d - %s",
201 _errno
, strerror(_errno
));
202 if (_errno
== ENOBUFS
|| _errno
== EAGAIN
) {
204 * The socket send buffer could be full. This
205 * may happen if client programs are not
206 * receiving their pending messages. Close and
207 * reopen the socket as a workaround to avoid
208 * getting stuck being unable to send any new
211 sock
= wpas_ctrl_iface_reinit(wpa_s
, priv
);
213 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to reinitialize ctrl_iface socket");
217 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to send response to ATTACH - detaching");
219 wpa_supplicant_ctrl_iface_detach(
220 &priv
->ctrl_dst
, &from
, fromlen
);
227 eapol_sm_notify_ctrl_attached(wpa_s
->eapol
);
231 static char * wpa_supplicant_ctrl_iface_path(struct wpa_supplicant
*wpa_s
)
235 char *pbuf
, *dir
= NULL
;
238 if (wpa_s
->conf
->ctrl_interface
== NULL
)
241 pbuf
= os_strdup(wpa_s
->conf
->ctrl_interface
);
244 if (os_strncmp(pbuf
, "DIR=", 4) == 0) {
247 gid_str
= os_strstr(dir
, " GROUP=");
253 len
= os_strlen(dir
) + os_strlen(wpa_s
->ifname
) + 2;
254 buf
= os_malloc(len
);
260 res
= os_snprintf(buf
, len
, "%s/%s", dir
, wpa_s
->ifname
);
261 if (os_snprintf_error(len
, res
)) {
268 /* Windows/WinPcap uses interface names that are not suitable
269 * as a file name - convert invalid chars to underscores */
277 #endif /* __CYGWIN__ */
283 static int wpas_ctrl_iface_throttle(int sock
)
289 optlen
= sizeof(sndbuf
);
291 if (getsockopt(sock
, SOL_SOCKET
, SO_SNDBUF
, &sndbuf
, &optlen
) < 0 ||
292 ioctl(sock
, SIOCOUTQ
, &outq
) < 0 ||
293 sndbuf
<= 0 || outq
< 0)
295 return outq
> sndbuf
/ 2;
296 #else /* __linux__ */
298 #endif /* __linux__ */
302 static void wpas_ctrl_msg_send_pending_global(struct wpa_global
*global
)
304 struct ctrl_iface_global_priv
*gpriv
;
305 struct ctrl_iface_msg
*msg
;
307 gpriv
= global
->ctrl_iface
;
308 while (gpriv
&& !dl_list_empty(&gpriv
->msg_queue
) &&
309 !wpas_ctrl_iface_throttle(gpriv
->sock
)) {
310 msg
= dl_list_first(&gpriv
->msg_queue
, struct ctrl_iface_msg
,
314 dl_list_del(&msg
->list
);
315 wpa_supplicant_ctrl_iface_send(
317 msg
->type
!= WPA_MSG_PER_INTERFACE
?
318 NULL
: msg
->wpa_s
->ifname
,
319 gpriv
->sock
, &gpriv
->ctrl_dst
, msg
->level
,
320 msg
->txt
, msg
->len
, NULL
, gpriv
);
326 static void wpas_ctrl_msg_send_pending_iface(struct wpa_supplicant
*wpa_s
)
328 struct ctrl_iface_priv
*priv
;
329 struct ctrl_iface_msg
*msg
;
331 priv
= wpa_s
->ctrl_iface
;
332 while (priv
&& !dl_list_empty(&priv
->msg_queue
) &&
333 !wpas_ctrl_iface_throttle(priv
->sock
)) {
334 msg
= dl_list_first(&priv
->msg_queue
, struct ctrl_iface_msg
,
338 dl_list_del(&msg
->list
);
339 wpa_supplicant_ctrl_iface_send(wpa_s
, NULL
, priv
->sock
,
340 &priv
->ctrl_dst
, msg
->level
,
341 msg
->txt
, msg
->len
, priv
, NULL
);
347 static void wpas_ctrl_msg_queue_timeout(void *eloop_ctx
, void *timeout_ctx
)
349 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
350 struct ctrl_iface_priv
*priv
;
351 struct ctrl_iface_global_priv
*gpriv
;
352 int sock
= -1, gsock
= -1;
354 wpas_ctrl_msg_send_pending_global(wpa_s
->global
);
355 wpas_ctrl_msg_send_pending_iface(wpa_s
);
357 priv
= wpa_s
->ctrl_iface
;
358 if (priv
&& !dl_list_empty(&priv
->msg_queue
))
361 gpriv
= wpa_s
->global
->ctrl_iface
;
362 if (gpriv
&& !dl_list_empty(&gpriv
->msg_queue
))
365 if (sock
> -1 || gsock
> -1) {
366 /* Continue pending message transmission from a timeout */
367 wpa_printf(MSG_MSGDUMP
,
368 "CTRL: Had to throttle pending event message transmission for (sock %d gsock %d)",
370 eloop_register_timeout(0, 20000, wpas_ctrl_msg_queue_timeout
,
376 static void wpas_ctrl_msg_queue(struct dl_list
*queue
,
377 struct wpa_supplicant
*wpa_s
, int level
,
378 enum wpa_msg_type type
,
379 const char *txt
, size_t len
)
381 struct ctrl_iface_msg
*msg
;
383 msg
= os_zalloc(sizeof(*msg
) + len
);
390 os_memcpy(msg
+ 1, txt
, len
);
391 msg
->txt
= (const char *) (msg
+ 1);
393 dl_list_add_tail(queue
, &msg
->list
);
394 eloop_cancel_timeout(wpas_ctrl_msg_queue_timeout
, wpa_s
, NULL
);
395 eloop_register_timeout(0, 0, wpas_ctrl_msg_queue_timeout
, wpa_s
, NULL
);
399 static void wpas_ctrl_msg_queue_limit(unsigned int throttle_count
,
400 struct dl_list
*queue
)
402 struct ctrl_iface_msg
*msg
;
404 if (throttle_count
< 2000)
407 msg
= dl_list_first(queue
, struct ctrl_iface_msg
, list
);
409 wpa_printf(MSG_DEBUG
, "CTRL: Dropped oldest pending message");
410 dl_list_del(&msg
->list
);
416 static void wpa_supplicant_ctrl_iface_msg_cb(void *ctx
, int level
,
417 enum wpa_msg_type type
,
418 const char *txt
, size_t len
)
420 struct wpa_supplicant
*wpa_s
= ctx
;
421 struct ctrl_iface_priv
*priv
;
422 struct ctrl_iface_global_priv
*gpriv
;
427 gpriv
= wpa_s
->global
->ctrl_iface
;
429 if (type
!= WPA_MSG_NO_GLOBAL
&& gpriv
&&
430 !dl_list_empty(&gpriv
->ctrl_dst
)) {
431 if (!dl_list_empty(&gpriv
->msg_queue
) ||
432 wpas_ctrl_iface_throttle(gpriv
->sock
)) {
433 if (gpriv
->throttle_count
== 0) {
434 wpa_printf(MSG_MSGDUMP
,
435 "CTRL: Had to throttle global event message for sock %d",
438 gpriv
->throttle_count
++;
439 wpas_ctrl_msg_queue_limit(gpriv
->throttle_count
,
441 wpas_ctrl_msg_queue(&gpriv
->msg_queue
, wpa_s
, level
,
444 if (gpriv
->throttle_count
) {
445 wpa_printf(MSG_MSGDUMP
,
446 "CTRL: Had to throttle %u global event message(s) for sock %d",
447 gpriv
->throttle_count
, gpriv
->sock
);
449 gpriv
->throttle_count
= 0;
450 wpa_supplicant_ctrl_iface_send(
452 type
!= WPA_MSG_PER_INTERFACE
?
453 NULL
: wpa_s
->ifname
,
454 gpriv
->sock
, &gpriv
->ctrl_dst
, level
,
455 txt
, len
, NULL
, gpriv
);
459 priv
= wpa_s
->ctrl_iface
;
461 if (type
!= WPA_MSG_ONLY_GLOBAL
&& priv
) {
462 if (!dl_list_empty(&priv
->msg_queue
) ||
463 wpas_ctrl_iface_throttle(priv
->sock
)) {
464 if (priv
->throttle_count
== 0) {
465 wpa_printf(MSG_MSGDUMP
,
466 "CTRL: Had to throttle event message for sock %d",
469 priv
->throttle_count
++;
470 wpas_ctrl_msg_queue_limit(priv
->throttle_count
,
472 wpas_ctrl_msg_queue(&priv
->msg_queue
, wpa_s
, level
,
475 if (priv
->throttle_count
) {
476 wpa_printf(MSG_MSGDUMP
,
477 "CTRL: Had to throttle %u event message(s) for sock %d",
478 priv
->throttle_count
, priv
->sock
);
480 priv
->throttle_count
= 0;
481 wpa_supplicant_ctrl_iface_send(wpa_s
, NULL
, priv
->sock
,
482 &priv
->ctrl_dst
, level
,
483 txt
, len
, priv
, NULL
);
489 static int wpas_ctrl_iface_open_sock(struct wpa_supplicant
*wpa_s
,
490 struct ctrl_iface_priv
*priv
)
492 struct sockaddr_un addr
;
496 char *buf
, *dir
= NULL
, *gid_str
= NULL
;
501 buf
= os_strdup(wpa_s
->conf
->ctrl_interface
);
505 os_snprintf(addr
.sun_path
, sizeof(addr
.sun_path
), "wpa_%s",
506 wpa_s
->conf
->ctrl_interface
);
507 priv
->sock
= android_get_control_socket(addr
.sun_path
);
508 if (priv
->sock
>= 0) {
509 priv
->android_control_socket
= 1;
513 if (os_strncmp(buf
, "DIR=", 4) == 0) {
515 gid_str
= os_strstr(dir
, " GROUP=");
522 gid_str
= wpa_s
->conf
->ctrl_interface_group
;
525 if (mkdir(dir
, S_IRWXU
| S_IRWXG
) < 0) {
526 if (errno
== EEXIST
) {
527 wpa_printf(MSG_DEBUG
, "Using existing control "
528 "interface directory.");
530 wpa_printf(MSG_ERROR
, "mkdir[ctrl_interface=%s]: %s",
531 dir
, strerror(errno
));
538 * wpa_supplicant is started from /init.*.rc on Android and that seems
539 * to be using umask 0077 which would leave the control interface
540 * directory without group access. This breaks things since Wi-Fi
541 * framework assumes that this directory can be accessed by other
542 * applications in the wifi group. Fix this by adding group access even
543 * if umask value would prevent this.
545 if (chmod(dir
, S_IRWXU
| S_IRWXG
) < 0) {
546 wpa_printf(MSG_ERROR
, "CTRL: Could not chmod directory: %s",
548 /* Try to continue anyway */
553 grp
= getgrnam(gid_str
);
557 wpa_printf(MSG_DEBUG
, "ctrl_interface_group=%d"
558 " (from group name '%s')",
561 /* Group name not found - try to parse this as gid */
562 gid
= strtol(gid_str
, &endp
, 10);
563 if (*gid_str
== '\0' || *endp
!= '\0') {
564 wpa_printf(MSG_ERROR
, "CTRL: Invalid group "
569 wpa_printf(MSG_DEBUG
, "ctrl_interface_group=%d",
574 if (gid_set
&& chown(dir
, -1, gid
) < 0) {
575 wpa_printf(MSG_ERROR
, "chown[ctrl_interface=%s,gid=%d]: %s",
576 dir
, (int) gid
, strerror(errno
));
580 /* Make sure the group can enter and read the directory */
582 chmod(dir
, S_IRUSR
| S_IWUSR
| S_IXUSR
| S_IRGRP
| S_IXGRP
) < 0) {
583 wpa_printf(MSG_ERROR
, "CTRL: chmod[ctrl_interface]: %s",
588 if (os_strlen(dir
) + 1 + os_strlen(wpa_s
->ifname
) >=
589 sizeof(addr
.sun_path
)) {
590 wpa_printf(MSG_ERROR
, "ctrl_iface path limit exceeded");
594 priv
->sock
= socket(PF_UNIX
, SOCK_DGRAM
, 0);
595 if (priv
->sock
< 0) {
596 wpa_printf(MSG_ERROR
, "socket(PF_UNIX): %s", strerror(errno
));
600 os_memset(&addr
, 0, sizeof(addr
));
601 #if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
602 addr
.sun_len
= sizeof(addr
);
603 #endif /* __FreeBSD__ */
604 addr
.sun_family
= AF_UNIX
;
605 fname
= wpa_supplicant_ctrl_iface_path(wpa_s
);
608 os_strlcpy(addr
.sun_path
, fname
, sizeof(addr
.sun_path
));
609 if (bind(priv
->sock
, (struct sockaddr
*) &addr
, sizeof(addr
)) < 0) {
610 wpa_printf(MSG_DEBUG
, "ctrl_iface bind(PF_UNIX) failed: %s",
612 if (connect(priv
->sock
, (struct sockaddr
*) &addr
,
614 wpa_printf(MSG_DEBUG
, "ctrl_iface exists, but does not"
615 " allow connections - assuming it was left"
616 "over from forced program termination");
617 if (unlink(fname
) < 0) {
618 wpa_printf(MSG_ERROR
,
619 "Could not unlink existing ctrl_iface socket '%s': %s",
620 fname
, strerror(errno
));
623 if (bind(priv
->sock
, (struct sockaddr
*) &addr
,
625 wpa_printf(MSG_ERROR
, "supp-ctrl-iface-init: bind(PF_UNIX): %s",
629 wpa_printf(MSG_DEBUG
, "Successfully replaced leftover "
630 "ctrl_iface socket '%s'", fname
);
632 wpa_printf(MSG_INFO
, "ctrl_iface exists and seems to "
633 "be in use - cannot override it");
634 wpa_printf(MSG_INFO
, "Delete '%s' manually if it is "
635 "not used anymore", fname
);
642 if (gid_set
&& chown(fname
, -1, gid
) < 0) {
643 wpa_printf(MSG_ERROR
, "chown[ctrl_interface=%s,gid=%d]: %s",
644 fname
, (int) gid
, strerror(errno
));
648 if (chmod(fname
, S_IRWXU
| S_IRWXG
) < 0) {
649 wpa_printf(MSG_ERROR
, "chmod[ctrl_interface=%s]: %s",
650 fname
, strerror(errno
));
660 * Make socket non-blocking so that we don't hang forever if
661 * target dies unexpectedly.
663 flags
= fcntl(priv
->sock
, F_GETFL
);
666 if (fcntl(priv
->sock
, F_SETFL
, flags
) < 0) {
667 wpa_printf(MSG_INFO
, "fcntl(ctrl, O_NONBLOCK): %s",
669 /* Not fatal, continue on.*/
673 eloop_register_read_sock(priv
->sock
, wpa_supplicant_ctrl_iface_receive
,
675 wpa_msg_register_cb(wpa_supplicant_ctrl_iface_msg_cb
);
681 if (priv
->sock
>= 0) {
694 struct ctrl_iface_priv
*
695 wpa_supplicant_ctrl_iface_init(struct wpa_supplicant
*wpa_s
)
697 struct ctrl_iface_priv
*priv
;
699 priv
= os_zalloc(sizeof(*priv
));
702 dl_list_init(&priv
->ctrl_dst
);
703 dl_list_init(&priv
->msg_queue
);
707 if (wpa_s
->conf
->ctrl_interface
== NULL
)
711 if (wpa_s
->global
->params
.ctrl_interface
) {
714 if (wpa_s
->global
->params
.ctrl_interface
[0] == '/') {
715 if (os_strcmp(wpa_s
->global
->params
.ctrl_interface
,
716 wpa_s
->conf
->ctrl_interface
) == 0)
718 } else if (os_strncmp(wpa_s
->global
->params
.ctrl_interface
,
719 "@android:", 9) == 0 ||
720 os_strncmp(wpa_s
->global
->params
.ctrl_interface
,
721 "@abstract:", 10) == 0) {
725 * Currently, Android uses @android:wpa_* as the naming
726 * convention for the global ctrl interface. This logic
727 * needs to be revisited if the above naming convention
730 pos
= os_strchr(wpa_s
->global
->params
.ctrl_interface
,
734 wpa_s
->conf
->ctrl_interface
) == 0)
740 * The invalid configuration combination might be
741 * possible to hit in an Android OTA upgrade case, so
742 * instead of refusing to start the wpa_supplicant
743 * process, do not open the per-interface ctrl_iface
744 * and continue with the global control interface that
745 * was set from the command line since the Wi-Fi
746 * framework will use it for operations.
748 wpa_printf(MSG_ERROR
,
749 "global ctrl interface %s matches ctrl interface %s - do not open per-interface ctrl interface",
750 wpa_s
->global
->params
.ctrl_interface
,
751 wpa_s
->conf
->ctrl_interface
);
757 if (wpas_ctrl_iface_open_sock(wpa_s
, priv
) < 0) {
766 static int wpas_ctrl_iface_reinit(struct wpa_supplicant
*wpa_s
,
767 struct ctrl_iface_priv
*priv
)
775 * On Android, the control socket being used may be the socket
776 * that is created when wpa_supplicant is started as a /init.*.rc
777 * service. Such a socket is maintained as a key-value pair in
778 * Android's environment. Closing this control socket would leave us
779 * in a bad state with an invalid socket descriptor.
781 if (priv
->android_control_socket
)
784 eloop_unregister_read_sock(priv
->sock
);
787 res
= wpas_ctrl_iface_open_sock(wpa_s
, priv
);
794 void wpa_supplicant_ctrl_iface_deinit(struct ctrl_iface_priv
*priv
)
796 struct wpa_ctrl_dst
*dst
, *prev
;
797 struct ctrl_iface_msg
*msg
, *prev_msg
;
798 struct ctrl_iface_global_priv
*gpriv
;
800 if (priv
->sock
> -1) {
802 char *buf
, *dir
= NULL
;
803 eloop_unregister_read_sock(priv
->sock
);
804 if (!dl_list_empty(&priv
->ctrl_dst
)) {
806 * Wait before closing the control socket if
807 * there are any attached monitors in order to allow
808 * them to receive any pending messages.
810 wpa_printf(MSG_DEBUG
, "CTRL_IFACE wait for attached "
811 "monitors to receive messages");
816 fname
= wpa_supplicant_ctrl_iface_path(priv
->wpa_s
);
822 if (priv
->wpa_s
->conf
->ctrl_interface
== NULL
)
824 buf
= os_strdup(priv
->wpa_s
->conf
->ctrl_interface
);
827 if (os_strncmp(buf
, "DIR=", 4) == 0) {
830 gid_str
= os_strstr(dir
, " GROUP=");
836 if (rmdir(dir
) < 0) {
837 if (errno
== ENOTEMPTY
) {
838 wpa_printf(MSG_DEBUG
, "Control interface "
839 "directory not empty - leaving it "
842 wpa_printf(MSG_ERROR
,
843 "rmdir[ctrl_interface=%s]: %s",
844 dir
, strerror(errno
));
851 dl_list_for_each_safe(dst
, prev
, &priv
->ctrl_dst
, struct wpa_ctrl_dst
,
853 dl_list_del(&dst
->list
);
856 dl_list_for_each_safe(msg
, prev_msg
, &priv
->msg_queue
,
857 struct ctrl_iface_msg
, list
) {
858 dl_list_del(&msg
->list
);
861 gpriv
= priv
->wpa_s
->global
->ctrl_iface
;
863 dl_list_for_each_safe(msg
, prev_msg
, &gpriv
->msg_queue
,
864 struct ctrl_iface_msg
, list
) {
865 if (msg
->wpa_s
== priv
->wpa_s
) {
866 dl_list_del(&msg
->list
);
871 eloop_cancel_timeout(wpas_ctrl_msg_queue_timeout
, priv
->wpa_s
, NULL
);
877 * wpa_supplicant_ctrl_iface_send - Send a control interface packet to monitors
878 * @ifname: Interface name for global control socket or %NULL
879 * @sock: Local socket fd
880 * @ctrl_dst: List of attached listeners
881 * @level: Priority level of the message
883 * @len: Message length
885 * Send a packet to all monitor programs attached to the control interface.
887 static void wpa_supplicant_ctrl_iface_send(struct wpa_supplicant
*wpa_s
,
888 const char *ifname
, int sock
,
889 struct dl_list
*ctrl_dst
,
890 int level
, const char *buf
,
892 struct ctrl_iface_priv
*priv
,
893 struct ctrl_iface_global_priv
*gp
)
895 struct wpa_ctrl_dst
*dst
, *next
;
901 if (sock
< 0 || dl_list_empty(ctrl_dst
))
904 res
= os_snprintf(levelstr
, sizeof(levelstr
), "<%d>", level
);
905 if (os_snprintf_error(sizeof(levelstr
), res
))
909 io
[idx
].iov_base
= "IFNAME=";
912 io
[idx
].iov_base
= (char *) ifname
;
913 io
[idx
].iov_len
= os_strlen(ifname
);
915 io
[idx
].iov_base
= " ";
919 io
[idx
].iov_base
= levelstr
;
920 io
[idx
].iov_len
= os_strlen(levelstr
);
922 io
[idx
].iov_base
= (char *) buf
;
923 io
[idx
].iov_len
= len
;
925 os_memset(&msg
, 0, sizeof(msg
));
927 msg
.msg_iovlen
= idx
;
929 dl_list_for_each_safe(dst
, next
, ctrl_dst
, struct wpa_ctrl_dst
, list
) {
933 if (level
< dst
->debug_level
)
936 printf_encode(addr_txt
, sizeof(addr_txt
),
937 (u8
*) dst
->addr
.sun_path
, dst
->addrlen
-
938 offsetof(struct sockaddr_un
, sun_path
));
939 msg
.msg_name
= (void *) &dst
->addr
;
940 msg
.msg_namelen
= dst
->addrlen
;
941 wpas_ctrl_sock_debug("ctrl_sock-sendmsg", sock
, buf
, len
);
942 if (sendmsg(sock
, &msg
, MSG_DONTWAIT
) >= 0) {
943 wpa_printf(MSG_MSGDUMP
,
944 "CTRL_IFACE monitor sent successfully to %s",
951 wpa_printf(MSG_DEBUG
, "CTRL_IFACE monitor[%s]: %d - %s",
952 addr_txt
, errno
, strerror(errno
));
955 if (dst
->errors
> 10 || _errno
== ENOENT
|| _errno
== EPERM
) {
956 wpa_printf(MSG_INFO
, "CTRL_IFACE: Detach monitor %s that cannot receive messages",
958 wpa_supplicant_ctrl_iface_detach(ctrl_dst
, &dst
->addr
,
962 if (_errno
== ENOBUFS
|| _errno
== EAGAIN
) {
964 * The socket send buffer could be full. This may happen
965 * if client programs are not receiving their pending
966 * messages. Close and reopen the socket as a workaround
967 * to avoid getting stuck being unable to send any new
971 sock
= wpas_ctrl_iface_reinit(wpa_s
, priv
);
973 sock
= wpas_ctrl_iface_global_reinit(
978 wpa_dbg(wpa_s
, MSG_DEBUG
,
979 "Failed to reinitialize ctrl_iface socket");
987 void wpa_supplicant_ctrl_iface_wait(struct ctrl_iface_priv
*priv
)
991 struct sockaddr_un from
;
992 socklen_t fromlen
= sizeof(from
);
994 if (priv
->sock
== -1)
998 wpa_printf(MSG_DEBUG
, "CTRL_IFACE - %s - wait for monitor to "
999 "attach", priv
->wpa_s
->ifname
);
1000 eloop_wait_for_read_sock(priv
->sock
);
1002 res
= recvfrom(priv
->sock
, buf
, sizeof(buf
) - 1, 0,
1003 (struct sockaddr
*) &from
, &fromlen
);
1005 wpa_printf(MSG_ERROR
, "recvfrom(ctrl_iface): %s",
1011 if (os_strcmp(buf
, "ATTACH") == 0) {
1012 /* handle ATTACH signal of first monitor interface */
1013 if (!wpa_supplicant_ctrl_iface_attach(&priv
->ctrl_dst
,
1016 if (sendto(priv
->sock
, "OK\n", 3, 0,
1017 (struct sockaddr
*) &from
, fromlen
) <
1019 wpa_printf(MSG_DEBUG
, "ctrl_iface sendto failed: %s",
1022 /* OK to continue */
1025 if (sendto(priv
->sock
, "FAIL\n", 5, 0,
1026 (struct sockaddr
*) &from
, fromlen
) <
1028 wpa_printf(MSG_DEBUG
, "ctrl_iface sendto failed: %s",
1033 /* return FAIL for all other signals */
1034 if (sendto(priv
->sock
, "FAIL\n", 5, 0,
1035 (struct sockaddr
*) &from
, fromlen
) < 0) {
1036 wpa_printf(MSG_DEBUG
,
1037 "ctrl_iface sendto failed: %s",
1045 /* Global ctrl_iface */
1047 static void wpa_supplicant_global_ctrl_iface_receive(int sock
, void *eloop_ctx
,
1050 struct wpa_global
*global
= eloop_ctx
;
1051 struct ctrl_iface_global_priv
*priv
= sock_ctx
;
1054 struct sockaddr_un from
;
1055 socklen_t fromlen
= sizeof(from
);
1056 char *reply
= NULL
, *reply_buf
= NULL
;
1059 res
= recvfrom(sock
, buf
, sizeof(buf
) - 1, 0,
1060 (struct sockaddr
*) &from
, &fromlen
);
1062 wpa_printf(MSG_ERROR
, "recvfrom(ctrl_iface): %s",
1068 if (os_strcmp(buf
, "ATTACH") == 0) {
1069 if (wpa_supplicant_ctrl_iface_attach(&priv
->ctrl_dst
, &from
,
1074 } else if (os_strcmp(buf
, "DETACH") == 0) {
1075 if (wpa_supplicant_ctrl_iface_detach(&priv
->ctrl_dst
, &from
,
1081 reply_buf
= wpa_supplicant_global_ctrl_iface_process(
1082 global
, buf
, &reply_len
);
1086 * There could be some password/key material in the command, so
1087 * clear the buffer explicitly now that it is not needed
1090 os_memset(buf
, 0, res
);
1093 if (!reply
&& reply_len
== 1) {
1096 } else if (!reply
&& reply_len
== 2) {
1102 wpas_ctrl_sock_debug("global_ctrl_sock-sendto",
1103 sock
, reply
, reply_len
);
1104 if (sendto(sock
, reply
, reply_len
, 0, (struct sockaddr
*) &from
,
1106 wpa_printf(MSG_DEBUG
, "ctrl_iface sendto failed: %s",
1114 static int wpas_global_ctrl_iface_open_sock(struct wpa_global
*global
,
1115 struct ctrl_iface_global_priv
*priv
)
1117 struct sockaddr_un addr
;
1118 const char *ctrl
= global
->params
.ctrl_interface
;
1121 wpa_printf(MSG_DEBUG
, "Global control interface '%s'", ctrl
);
1124 if (os_strncmp(ctrl
, "@android:", 9) == 0) {
1125 priv
->sock
= android_get_control_socket(ctrl
+ 9);
1126 if (priv
->sock
< 0) {
1127 wpa_printf(MSG_ERROR
, "Failed to open Android control "
1128 "socket '%s'", ctrl
+ 9);
1131 wpa_printf(MSG_DEBUG
, "Using Android control socket '%s'",
1133 priv
->android_control_socket
= 1;
1137 if (os_strncmp(ctrl
, "@abstract:", 10) != 0) {
1139 * Backwards compatibility - try to open an Android control
1140 * socket and if that fails, assume this was a UNIX domain
1143 priv
->sock
= android_get_control_socket(ctrl
);
1144 if (priv
->sock
>= 0) {
1145 wpa_printf(MSG_DEBUG
,
1146 "Using Android control socket '%s'",
1148 priv
->android_control_socket
= 1;
1152 #endif /* ANDROID */
1154 priv
->sock
= socket(PF_UNIX
, SOCK_DGRAM
, 0);
1155 if (priv
->sock
< 0) {
1156 wpa_printf(MSG_ERROR
, "socket(PF_UNIX): %s", strerror(errno
));
1160 os_memset(&addr
, 0, sizeof(addr
));
1161 #if defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
1162 addr
.sun_len
= sizeof(addr
);
1163 #endif /* __FreeBSD__ */
1164 addr
.sun_family
= AF_UNIX
;
1166 if (os_strncmp(ctrl
, "@abstract:", 10) == 0) {
1167 addr
.sun_path
[0] = '\0';
1168 os_strlcpy(addr
.sun_path
+ 1, ctrl
+ 10,
1169 sizeof(addr
.sun_path
) - 1);
1170 if (bind(priv
->sock
, (struct sockaddr
*) &addr
, sizeof(addr
)) <
1172 wpa_printf(MSG_ERROR
, "supp-global-ctrl-iface-init: "
1173 "bind(PF_UNIX;%s) failed: %s",
1174 ctrl
, strerror(errno
));
1177 wpa_printf(MSG_DEBUG
, "Using Abstract control socket '%s'",
1182 os_strlcpy(addr
.sun_path
, ctrl
, sizeof(addr
.sun_path
));
1183 if (bind(priv
->sock
, (struct sockaddr
*) &addr
, sizeof(addr
)) < 0) {
1184 wpa_printf(MSG_INFO
, "supp-global-ctrl-iface-init(%s) (will try fixup): bind(PF_UNIX): %s",
1185 ctrl
, strerror(errno
));
1186 if (connect(priv
->sock
, (struct sockaddr
*) &addr
,
1187 sizeof(addr
)) < 0) {
1188 wpa_printf(MSG_DEBUG
, "ctrl_iface exists, but does not"
1189 " allow connections - assuming it was left"
1190 "over from forced program termination");
1191 if (unlink(ctrl
) < 0) {
1192 wpa_printf(MSG_ERROR
,
1193 "Could not unlink existing ctrl_iface socket '%s': %s",
1194 ctrl
, strerror(errno
));
1197 if (bind(priv
->sock
, (struct sockaddr
*) &addr
,
1198 sizeof(addr
)) < 0) {
1199 wpa_printf(MSG_ERROR
, "supp-glb-iface-init: bind(PF_UNIX;%s): %s",
1200 ctrl
, strerror(errno
));
1203 wpa_printf(MSG_DEBUG
, "Successfully replaced leftover "
1204 "ctrl_iface socket '%s'",
1207 wpa_printf(MSG_INFO
, "ctrl_iface exists and seems to "
1208 "be in use - cannot override it");
1209 wpa_printf(MSG_INFO
, "Delete '%s' manually if it is "
1216 wpa_printf(MSG_DEBUG
, "Using UNIX control socket '%s'", ctrl
);
1218 if (global
->params
.ctrl_interface_group
) {
1219 char *gid_str
= global
->params
.ctrl_interface_group
;
1224 grp
= getgrnam(gid_str
);
1227 wpa_printf(MSG_DEBUG
, "ctrl_interface_group=%d"
1228 " (from group name '%s')",
1229 (int) gid
, gid_str
);
1231 /* Group name not found - try to parse this as gid */
1232 gid
= strtol(gid_str
, &endp
, 10);
1233 if (*gid_str
== '\0' || *endp
!= '\0') {
1234 wpa_printf(MSG_ERROR
, "CTRL: Invalid group "
1238 wpa_printf(MSG_DEBUG
, "ctrl_interface_group=%d",
1241 if (chown(ctrl
, -1, gid
) < 0) {
1242 wpa_printf(MSG_ERROR
,
1243 "chown[global_ctrl_interface=%s,gid=%d]: %s",
1244 ctrl
, (int) gid
, strerror(errno
));
1248 if (chmod(ctrl
, S_IRWXU
| S_IRWXG
) < 0) {
1249 wpa_printf(MSG_ERROR
,
1250 "chmod[global_ctrl_interface=%s]: %s",
1251 ctrl
, strerror(errno
));
1255 if (chmod(ctrl
, S_IRWXU
) < 0) {
1256 wpa_printf(MSG_DEBUG
,
1257 "chmod[global_ctrl_interface=%s](S_IRWXU): %s",
1258 ctrl
, strerror(errno
));
1259 /* continue anyway since group change was not required
1267 * Make socket non-blocking so that we don't hang forever if
1268 * target dies unexpectedly.
1270 flags
= fcntl(priv
->sock
, F_GETFL
);
1272 flags
|= O_NONBLOCK
;
1273 if (fcntl(priv
->sock
, F_SETFL
, flags
) < 0) {
1274 wpa_printf(MSG_INFO
, "fcntl(ctrl, O_NONBLOCK): %s",
1276 /* Not fatal, continue on.*/
1280 eloop_register_read_sock(priv
->sock
,
1281 wpa_supplicant_global_ctrl_iface_receive
,
1287 if (priv
->sock
>= 0) {
1295 struct ctrl_iface_global_priv
*
1296 wpa_supplicant_global_ctrl_iface_init(struct wpa_global
*global
)
1298 struct ctrl_iface_global_priv
*priv
;
1300 priv
= os_zalloc(sizeof(*priv
));
1303 dl_list_init(&priv
->ctrl_dst
);
1304 dl_list_init(&priv
->msg_queue
);
1305 priv
->global
= global
;
1308 if (global
->params
.ctrl_interface
== NULL
)
1311 if (wpas_global_ctrl_iface_open_sock(global
, priv
) < 0) {
1316 wpa_msg_register_cb(wpa_supplicant_ctrl_iface_msg_cb
);
1322 static int wpas_ctrl_iface_global_reinit(struct wpa_global
*global
,
1323 struct ctrl_iface_global_priv
*priv
)
1327 if (priv
->sock
<= 0)
1331 * On Android, the control socket being used may be the socket
1332 * that is created when wpa_supplicant is started as a /init.*.rc
1333 * service. Such a socket is maintained as a key-value pair in
1334 * Android's environment. Closing this control socket would leave us
1335 * in a bad state with an invalid socket descriptor.
1337 if (priv
->android_control_socket
)
1340 eloop_unregister_read_sock(priv
->sock
);
1343 res
= wpas_global_ctrl_iface_open_sock(global
, priv
);
1351 wpa_supplicant_global_ctrl_iface_deinit(struct ctrl_iface_global_priv
*priv
)
1353 struct wpa_ctrl_dst
*dst
, *prev
;
1354 struct ctrl_iface_msg
*msg
, *prev_msg
;
1356 if (priv
->sock
>= 0) {
1357 eloop_unregister_read_sock(priv
->sock
);
1360 if (priv
->global
->params
.ctrl_interface
)
1361 unlink(priv
->global
->params
.ctrl_interface
);
1362 dl_list_for_each_safe(dst
, prev
, &priv
->ctrl_dst
, struct wpa_ctrl_dst
,
1364 dl_list_del(&dst
->list
);
1367 dl_list_for_each_safe(msg
, prev_msg
, &priv
->msg_queue
,
1368 struct ctrl_iface_msg
, list
) {
1369 dl_list_del(&msg
->list
);