]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
MBO: Parse MBO IE in BSS Transition Management Request frames
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
23 #include "eloop.h"
24 #include "config.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
28 #include "driver_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "common/hw_features_common.h"
37 #include "p2p/p2p.h"
38 #include "fst/fst.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
41 #include "wps_supplicant.h"
42 #include "ibss_rsn.h"
43 #include "sme.h"
44 #include "gas_query.h"
45 #include "ap.h"
46 #include "p2p_supplicant.h"
47 #include "wifi_display.h"
48 #include "notify.h"
49 #include "bgscan.h"
50 #include "autoscan.h"
51 #include "bss.h"
52 #include "scan.h"
53 #include "offchannel.h"
54 #include "hs20_supplicant.h"
55 #include "wnm_sta.h"
56 #include "wpas_kay.h"
57 #include "mesh.h"
58
59 const char *const wpa_supplicant_version =
60 "wpa_supplicant v" VERSION_STR "\n"
61 "Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors";
62
63 const char *const wpa_supplicant_license =
64 "This software may be distributed under the terms of the BSD license.\n"
65 "See README for more details.\n"
66 #ifdef EAP_TLS_OPENSSL
67 "\nThis product includes software developed by the OpenSSL Project\n"
68 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
69 #endif /* EAP_TLS_OPENSSL */
70 ;
71
72 #ifndef CONFIG_NO_STDOUT_DEBUG
73 /* Long text divided into parts in order to fit in C89 strings size limits. */
74 const char *const wpa_supplicant_full_license1 =
75 "";
76 const char *const wpa_supplicant_full_license2 =
77 "This software may be distributed under the terms of the BSD license.\n"
78 "\n"
79 "Redistribution and use in source and binary forms, with or without\n"
80 "modification, are permitted provided that the following conditions are\n"
81 "met:\n"
82 "\n";
83 const char *const wpa_supplicant_full_license3 =
84 "1. Redistributions of source code must retain the above copyright\n"
85 " notice, this list of conditions and the following disclaimer.\n"
86 "\n"
87 "2. Redistributions in binary form must reproduce the above copyright\n"
88 " notice, this list of conditions and the following disclaimer in the\n"
89 " documentation and/or other materials provided with the distribution.\n"
90 "\n";
91 const char *const wpa_supplicant_full_license4 =
92 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
93 " names of its contributors may be used to endorse or promote products\n"
94 " derived from this software without specific prior written permission.\n"
95 "\n"
96 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
97 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
98 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
99 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
100 const char *const wpa_supplicant_full_license5 =
101 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
102 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
103 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
104 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
105 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
106 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
107 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
108 "\n";
109 #endif /* CONFIG_NO_STDOUT_DEBUG */
110
111 /* Configure default/group WEP keys for static WEP */
112 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
113 {
114 int i, set = 0;
115
116 for (i = 0; i < NUM_WEP_KEYS; i++) {
117 if (ssid->wep_key_len[i] == 0)
118 continue;
119
120 set = 1;
121 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
122 i, i == ssid->wep_tx_keyidx, NULL, 0,
123 ssid->wep_key[i], ssid->wep_key_len[i]);
124 }
125
126 return set;
127 }
128
129
130 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
131 struct wpa_ssid *ssid)
132 {
133 u8 key[32];
134 size_t keylen;
135 enum wpa_alg alg;
136 u8 seq[6] = { 0 };
137 int ret;
138
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
141
142 if (ssid->mode != WPAS_MODE_IBSS) {
143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
145 return -1;
146 }
147
148 if (!ssid->psk_set) {
149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150 "WPA-None");
151 return -1;
152 }
153
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
157 keylen = 16;
158 alg = WPA_ALG_CCMP;
159 break;
160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
162 keylen = 16;
163 alg = WPA_ALG_GCMP;
164 break;
165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
169 keylen = 32;
170 alg = WPA_ALG_TKIP;
171 break;
172 default:
173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
175 return -1;
176 }
177
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
180
181 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
182 os_memset(key, 0, sizeof(key));
183 return ret;
184 }
185
186
187 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
188 {
189 struct wpa_supplicant *wpa_s = eloop_ctx;
190 const u8 *bssid = wpa_s->bssid;
191 if (is_zero_ether_addr(bssid))
192 bssid = wpa_s->pending_bssid;
193 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
194 MAC2STR(bssid));
195 wpa_blacklist_add(wpa_s, bssid);
196 wpa_sm_notify_disassoc(wpa_s->wpa);
197 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
198 wpa_s->reassociate = 1;
199
200 /*
201 * If we timed out, the AP or the local radio may be busy.
202 * So, wait a second until scanning again.
203 */
204 wpa_supplicant_req_scan(wpa_s, 1, 0);
205 }
206
207
208 /**
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
213 *
214 * This function is used to schedule a timeout for the current authentication
215 * attempt.
216 */
217 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
218 int sec, int usec)
219 {
220 if (wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
222 return;
223
224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228 }
229
230
231 /**
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
234 *
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
237 * been completed.
238 */
239 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
240 {
241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244 }
245
246
247 /**
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
253 */
254 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
255 {
256 #ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
259
260 #ifdef CONFIG_IBSS_RSN
261 if (ssid->mode == WPAS_MODE_IBSS &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
264 /*
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
267 */
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 return;
272 }
273 #endif /* CONFIG_IBSS_RSN */
274
275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
281 else
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
283
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
290 }
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
294 }
295
296 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
297 eapol_conf.required_keys = 0;
298 }
299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
300 eapol_conf.workaround = ssid->eap_workaround;
301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
305 eapol_conf.external_sim = wpa_s->conf->external_sim;
306
307 #ifdef CONFIG_WPS
308 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
309 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
310 if (wpa_s->current_bss) {
311 struct wpabuf *ie;
312 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
313 WPS_IE_VENDOR_TYPE);
314 if (ie) {
315 if (wps_is_20(ie))
316 eapol_conf.wps |=
317 EAPOL_PEER_IS_WPS20_AP;
318 wpabuf_free(ie);
319 }
320 }
321 }
322 #endif /* CONFIG_WPS */
323
324 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
325
326 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
327 #endif /* IEEE8021X_EAPOL */
328 }
329
330
331 /**
332 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
333 * @wpa_s: Pointer to wpa_supplicant data
334 * @ssid: Configuration data for the network
335 *
336 * This function is used to configure WPA state machine and related parameters
337 * to a mode where WPA is not enabled. This is called as part of the
338 * authentication configuration when the selected network does not use WPA.
339 */
340 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
341 struct wpa_ssid *ssid)
342 {
343 int i;
344
345 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
346 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
347 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
348 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
349 else
350 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
351 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
352 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
353 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
354 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
355 wpa_s->group_cipher = WPA_CIPHER_NONE;
356 wpa_s->mgmt_group_cipher = 0;
357
358 for (i = 0; i < NUM_WEP_KEYS; i++) {
359 if (ssid->wep_key_len[i] > 5) {
360 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
361 wpa_s->group_cipher = WPA_CIPHER_WEP104;
362 break;
363 } else if (ssid->wep_key_len[i] > 0) {
364 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
365 wpa_s->group_cipher = WPA_CIPHER_WEP40;
366 break;
367 }
368 }
369
370 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
371 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
372 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
373 wpa_s->pairwise_cipher);
374 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
375 #ifdef CONFIG_IEEE80211W
376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
377 wpa_s->mgmt_group_cipher);
378 #endif /* CONFIG_IEEE80211W */
379
380 pmksa_cache_clear_current(wpa_s->wpa);
381 }
382
383
384 void free_hw_features(struct wpa_supplicant *wpa_s)
385 {
386 int i;
387 if (wpa_s->hw.modes == NULL)
388 return;
389
390 for (i = 0; i < wpa_s->hw.num_modes; i++) {
391 os_free(wpa_s->hw.modes[i].channels);
392 os_free(wpa_s->hw.modes[i].rates);
393 }
394
395 os_free(wpa_s->hw.modes);
396 wpa_s->hw.modes = NULL;
397 }
398
399
400 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
401 {
402 struct wpa_bss_tmp_disallowed *bss, *prev;
403
404 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
405 struct wpa_bss_tmp_disallowed, list) {
406 dl_list_del(&bss->list);
407 os_free(bss);
408 }
409 }
410
411
412 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
413 {
414 int i;
415
416 bgscan_deinit(wpa_s);
417 autoscan_deinit(wpa_s);
418 scard_deinit(wpa_s->scard);
419 wpa_s->scard = NULL;
420 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
421 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
422 l2_packet_deinit(wpa_s->l2);
423 wpa_s->l2 = NULL;
424 if (wpa_s->l2_br) {
425 l2_packet_deinit(wpa_s->l2_br);
426 wpa_s->l2_br = NULL;
427 }
428 #ifdef CONFIG_TESTING_OPTIONS
429 l2_packet_deinit(wpa_s->l2_test);
430 wpa_s->l2_test = NULL;
431 #endif /* CONFIG_TESTING_OPTIONS */
432
433 if (wpa_s->conf != NULL) {
434 struct wpa_ssid *ssid;
435 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
436 wpas_notify_network_removed(wpa_s, ssid);
437 }
438
439 os_free(wpa_s->confname);
440 wpa_s->confname = NULL;
441
442 os_free(wpa_s->confanother);
443 wpa_s->confanother = NULL;
444
445 wpa_sm_set_eapol(wpa_s->wpa, NULL);
446 eapol_sm_deinit(wpa_s->eapol);
447 wpa_s->eapol = NULL;
448
449 rsn_preauth_deinit(wpa_s->wpa);
450
451 #ifdef CONFIG_TDLS
452 wpa_tdls_deinit(wpa_s->wpa);
453 #endif /* CONFIG_TDLS */
454
455 wmm_ac_clear_saved_tspecs(wpa_s);
456 pmksa_candidate_free(wpa_s->wpa);
457 wpa_sm_deinit(wpa_s->wpa);
458 wpa_s->wpa = NULL;
459 wpa_blacklist_clear(wpa_s);
460
461 wpa_bss_deinit(wpa_s);
462
463 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
464 wpa_supplicant_cancel_scan(wpa_s);
465 wpa_supplicant_cancel_auth_timeout(wpa_s);
466 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
467 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
468 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
469 wpa_s, NULL);
470 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
471
472 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
473
474 wpas_wps_deinit(wpa_s);
475
476 wpabuf_free(wpa_s->pending_eapol_rx);
477 wpa_s->pending_eapol_rx = NULL;
478
479 #ifdef CONFIG_IBSS_RSN
480 ibss_rsn_deinit(wpa_s->ibss_rsn);
481 wpa_s->ibss_rsn = NULL;
482 #endif /* CONFIG_IBSS_RSN */
483
484 sme_deinit(wpa_s);
485
486 #ifdef CONFIG_AP
487 wpa_supplicant_ap_deinit(wpa_s);
488 #endif /* CONFIG_AP */
489
490 wpas_p2p_deinit(wpa_s);
491
492 #ifdef CONFIG_OFFCHANNEL
493 offchannel_deinit(wpa_s);
494 #endif /* CONFIG_OFFCHANNEL */
495
496 wpa_supplicant_cancel_sched_scan(wpa_s);
497
498 os_free(wpa_s->next_scan_freqs);
499 wpa_s->next_scan_freqs = NULL;
500
501 os_free(wpa_s->manual_scan_freqs);
502 wpa_s->manual_scan_freqs = NULL;
503
504 os_free(wpa_s->manual_sched_scan_freqs);
505 wpa_s->manual_sched_scan_freqs = NULL;
506
507 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
508
509 /*
510 * Need to remove any pending gas-query radio work before the
511 * gas_query_deinit() call because gas_query::work has not yet been set
512 * for works that have not been started. gas_query_free() will be unable
513 * to cancel such pending radio works and once the pending gas-query
514 * radio work eventually gets removed, the deinit notification call to
515 * gas_query_start_cb() would result in dereferencing freed memory.
516 */
517 if (wpa_s->radio)
518 radio_remove_works(wpa_s, "gas-query", 0);
519 gas_query_deinit(wpa_s->gas);
520 wpa_s->gas = NULL;
521
522 free_hw_features(wpa_s);
523
524 ieee802_1x_dealloc_kay_sm(wpa_s);
525
526 os_free(wpa_s->bssid_filter);
527 wpa_s->bssid_filter = NULL;
528
529 os_free(wpa_s->disallow_aps_bssid);
530 wpa_s->disallow_aps_bssid = NULL;
531 os_free(wpa_s->disallow_aps_ssid);
532 wpa_s->disallow_aps_ssid = NULL;
533
534 wnm_bss_keep_alive_deinit(wpa_s);
535 #ifdef CONFIG_WNM
536 wnm_deallocate_memory(wpa_s);
537 #endif /* CONFIG_WNM */
538
539 ext_password_deinit(wpa_s->ext_pw);
540 wpa_s->ext_pw = NULL;
541
542 wpabuf_free(wpa_s->last_gas_resp);
543 wpa_s->last_gas_resp = NULL;
544 wpabuf_free(wpa_s->prev_gas_resp);
545 wpa_s->prev_gas_resp = NULL;
546
547 os_free(wpa_s->last_scan_res);
548 wpa_s->last_scan_res = NULL;
549
550 #ifdef CONFIG_HS20
551 hs20_deinit(wpa_s);
552 #endif /* CONFIG_HS20 */
553
554 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
555 wpabuf_free(wpa_s->vendor_elem[i]);
556 wpa_s->vendor_elem[i] = NULL;
557 }
558
559 wmm_ac_notify_disassoc(wpa_s);
560
561 wpa_s->sched_scan_plans_num = 0;
562 os_free(wpa_s->sched_scan_plans);
563 wpa_s->sched_scan_plans = NULL;
564
565 #ifdef CONFIG_MBO
566 wpa_s->non_pref_chan_num = 0;
567 os_free(wpa_s->non_pref_chan);
568 wpa_s->non_pref_chan = NULL;
569 #endif /* CONFIG_MBO */
570
571 free_bss_tmp_disallowed(wpa_s);
572 }
573
574
575 /**
576 * wpa_clear_keys - Clear keys configured for the driver
577 * @wpa_s: Pointer to wpa_supplicant data
578 * @addr: Previously used BSSID or %NULL if not available
579 *
580 * This function clears the encryption keys that has been previously configured
581 * for the driver.
582 */
583 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
584 {
585 int i, max;
586
587 #ifdef CONFIG_IEEE80211W
588 max = 6;
589 #else /* CONFIG_IEEE80211W */
590 max = 4;
591 #endif /* CONFIG_IEEE80211W */
592
593 /* MLME-DELETEKEYS.request */
594 for (i = 0; i < max; i++) {
595 if (wpa_s->keys_cleared & BIT(i))
596 continue;
597 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
598 NULL, 0);
599 }
600 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
601 !is_zero_ether_addr(addr)) {
602 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
603 0);
604 /* MLME-SETPROTECTION.request(None) */
605 wpa_drv_mlme_setprotection(
606 wpa_s, addr,
607 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
608 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
609 }
610 wpa_s->keys_cleared = (u32) -1;
611 }
612
613
614 /**
615 * wpa_supplicant_state_txt - Get the connection state name as a text string
616 * @state: State (wpa_state; WPA_*)
617 * Returns: The state name as a printable text string
618 */
619 const char * wpa_supplicant_state_txt(enum wpa_states state)
620 {
621 switch (state) {
622 case WPA_DISCONNECTED:
623 return "DISCONNECTED";
624 case WPA_INACTIVE:
625 return "INACTIVE";
626 case WPA_INTERFACE_DISABLED:
627 return "INTERFACE_DISABLED";
628 case WPA_SCANNING:
629 return "SCANNING";
630 case WPA_AUTHENTICATING:
631 return "AUTHENTICATING";
632 case WPA_ASSOCIATING:
633 return "ASSOCIATING";
634 case WPA_ASSOCIATED:
635 return "ASSOCIATED";
636 case WPA_4WAY_HANDSHAKE:
637 return "4WAY_HANDSHAKE";
638 case WPA_GROUP_HANDSHAKE:
639 return "GROUP_HANDSHAKE";
640 case WPA_COMPLETED:
641 return "COMPLETED";
642 default:
643 return "UNKNOWN";
644 }
645 }
646
647
648 #ifdef CONFIG_BGSCAN
649
650 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
651 {
652 const char *name;
653
654 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
655 name = wpa_s->current_ssid->bgscan;
656 else
657 name = wpa_s->conf->bgscan;
658 if (name == NULL || name[0] == '\0')
659 return;
660 if (wpas_driver_bss_selection(wpa_s))
661 return;
662 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
663 return;
664 #ifdef CONFIG_P2P
665 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
666 return;
667 #endif /* CONFIG_P2P */
668
669 bgscan_deinit(wpa_s);
670 if (wpa_s->current_ssid) {
671 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
672 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
673 "bgscan");
674 /*
675 * Live without bgscan; it is only used as a roaming
676 * optimization, so the initial connection is not
677 * affected.
678 */
679 } else {
680 struct wpa_scan_results *scan_res;
681 wpa_s->bgscan_ssid = wpa_s->current_ssid;
682 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
683 0);
684 if (scan_res) {
685 bgscan_notify_scan(wpa_s, scan_res);
686 wpa_scan_results_free(scan_res);
687 }
688 }
689 } else
690 wpa_s->bgscan_ssid = NULL;
691 }
692
693
694 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
695 {
696 if (wpa_s->bgscan_ssid != NULL) {
697 bgscan_deinit(wpa_s);
698 wpa_s->bgscan_ssid = NULL;
699 }
700 }
701
702 #endif /* CONFIG_BGSCAN */
703
704
705 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
706 {
707 if (autoscan_init(wpa_s, 0))
708 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
709 }
710
711
712 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
713 {
714 autoscan_deinit(wpa_s);
715 }
716
717
718 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
719 {
720 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
721 wpa_s->wpa_state == WPA_SCANNING) {
722 autoscan_deinit(wpa_s);
723 wpa_supplicant_start_autoscan(wpa_s);
724 }
725 }
726
727
728 /**
729 * wpa_supplicant_set_state - Set current connection state
730 * @wpa_s: Pointer to wpa_supplicant data
731 * @state: The new connection state
732 *
733 * This function is called whenever the connection state changes, e.g.,
734 * association is completed for WPA/WPA2 4-Way Handshake is started.
735 */
736 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
737 enum wpa_states state)
738 {
739 enum wpa_states old_state = wpa_s->wpa_state;
740
741 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
742 wpa_supplicant_state_txt(wpa_s->wpa_state),
743 wpa_supplicant_state_txt(state));
744
745 if (state == WPA_INTERFACE_DISABLED) {
746 /* Assure normal scan when interface is restored */
747 wpa_s->normal_scans = 0;
748 }
749
750 if (state == WPA_COMPLETED) {
751 wpas_connect_work_done(wpa_s);
752 /* Reinitialize normal_scan counter */
753 wpa_s->normal_scans = 0;
754 }
755
756 #ifdef CONFIG_P2P
757 /*
758 * P2PS client has to reply to Probe Request frames received on the
759 * group operating channel. Enable Probe Request frame reporting for
760 * P2P connected client in case p2p_cli_probe configuration property is
761 * set to 1.
762 */
763 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
764 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
765 wpa_s->current_ssid->p2p_group) {
766 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
767 wpa_dbg(wpa_s, MSG_DEBUG,
768 "P2P: Enable CLI Probe Request RX reporting");
769 wpa_s->p2p_cli_probe =
770 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
771 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
772 wpa_dbg(wpa_s, MSG_DEBUG,
773 "P2P: Disable CLI Probe Request RX reporting");
774 wpa_s->p2p_cli_probe = 0;
775 wpa_drv_probe_req_report(wpa_s, 0);
776 }
777 }
778 #endif /* CONFIG_P2P */
779
780 if (state != WPA_SCANNING)
781 wpa_supplicant_notify_scanning(wpa_s, 0);
782
783 if (state == WPA_COMPLETED && wpa_s->new_connection) {
784 struct wpa_ssid *ssid = wpa_s->current_ssid;
785 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
786 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
787 MACSTR " completed [id=%d id_str=%s]",
788 MAC2STR(wpa_s->bssid),
789 ssid ? ssid->id : -1,
790 ssid && ssid->id_str ? ssid->id_str : "");
791 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
792 wpas_clear_temp_disabled(wpa_s, ssid, 1);
793 wpa_blacklist_clear(wpa_s);
794 wpa_s->extra_blacklist_count = 0;
795 wpa_s->new_connection = 0;
796 wpa_drv_set_operstate(wpa_s, 1);
797 #ifndef IEEE8021X_EAPOL
798 wpa_drv_set_supp_port(wpa_s, 1);
799 #endif /* IEEE8021X_EAPOL */
800 wpa_s->after_wps = 0;
801 wpa_s->known_wps_freq = 0;
802 wpas_p2p_completed(wpa_s);
803
804 sme_sched_obss_scan(wpa_s, 1);
805 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
806 state == WPA_ASSOCIATED) {
807 wpa_s->new_connection = 1;
808 wpa_drv_set_operstate(wpa_s, 0);
809 #ifndef IEEE8021X_EAPOL
810 wpa_drv_set_supp_port(wpa_s, 0);
811 #endif /* IEEE8021X_EAPOL */
812 sme_sched_obss_scan(wpa_s, 0);
813 }
814 wpa_s->wpa_state = state;
815
816 #ifdef CONFIG_BGSCAN
817 if (state == WPA_COMPLETED)
818 wpa_supplicant_start_bgscan(wpa_s);
819 else if (state < WPA_ASSOCIATED)
820 wpa_supplicant_stop_bgscan(wpa_s);
821 #endif /* CONFIG_BGSCAN */
822
823 if (state == WPA_AUTHENTICATING)
824 wpa_supplicant_stop_autoscan(wpa_s);
825
826 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
827 wpa_supplicant_start_autoscan(wpa_s);
828
829 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
830 wmm_ac_notify_disassoc(wpa_s);
831
832 if (wpa_s->wpa_state != old_state) {
833 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
834
835 /*
836 * Notify the P2P Device interface about a state change in one
837 * of the interfaces.
838 */
839 wpas_p2p_indicate_state_change(wpa_s);
840
841 if (wpa_s->wpa_state == WPA_COMPLETED ||
842 old_state == WPA_COMPLETED)
843 wpas_notify_auth_changed(wpa_s);
844 }
845 }
846
847
848 void wpa_supplicant_terminate_proc(struct wpa_global *global)
849 {
850 int pending = 0;
851 #ifdef CONFIG_WPS
852 struct wpa_supplicant *wpa_s = global->ifaces;
853 while (wpa_s) {
854 struct wpa_supplicant *next = wpa_s->next;
855 if (wpas_wps_terminate_pending(wpa_s) == 1)
856 pending = 1;
857 #ifdef CONFIG_P2P
858 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
859 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
860 wpas_p2p_disconnect(wpa_s);
861 #endif /* CONFIG_P2P */
862 wpa_s = next;
863 }
864 #endif /* CONFIG_WPS */
865 if (pending)
866 return;
867 eloop_terminate();
868 }
869
870
871 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
872 {
873 struct wpa_global *global = signal_ctx;
874 wpa_supplicant_terminate_proc(global);
875 }
876
877
878 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
879 {
880 enum wpa_states old_state = wpa_s->wpa_state;
881
882 wpa_s->pairwise_cipher = 0;
883 wpa_s->group_cipher = 0;
884 wpa_s->mgmt_group_cipher = 0;
885 wpa_s->key_mgmt = 0;
886 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
887 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
888
889 if (wpa_s->wpa_state != old_state)
890 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
891 }
892
893
894 /**
895 * wpa_supplicant_reload_configuration - Reload configuration data
896 * @wpa_s: Pointer to wpa_supplicant data
897 * Returns: 0 on success or -1 if configuration parsing failed
898 *
899 * This function can be used to request that the configuration data is reloaded
900 * (e.g., after configuration file change). This function is reloading
901 * configuration only for one interface, so this may need to be called multiple
902 * times if %wpa_supplicant is controlling multiple interfaces and all
903 * interfaces need reconfiguration.
904 */
905 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
906 {
907 struct wpa_config *conf;
908 int reconf_ctrl;
909 int old_ap_scan;
910
911 if (wpa_s->confname == NULL)
912 return -1;
913 conf = wpa_config_read(wpa_s->confname, NULL);
914 if (conf == NULL) {
915 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
916 "file '%s' - exiting", wpa_s->confname);
917 return -1;
918 }
919 wpa_config_read(wpa_s->confanother, conf);
920
921 conf->changed_parameters = (unsigned int) -1;
922
923 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
924 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
925 os_strcmp(conf->ctrl_interface,
926 wpa_s->conf->ctrl_interface) != 0);
927
928 if (reconf_ctrl && wpa_s->ctrl_iface) {
929 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
930 wpa_s->ctrl_iface = NULL;
931 }
932
933 eapol_sm_invalidate_cached_session(wpa_s->eapol);
934 if (wpa_s->current_ssid) {
935 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
936 wpa_s->own_disconnect_req = 1;
937 wpa_supplicant_deauthenticate(wpa_s,
938 WLAN_REASON_DEAUTH_LEAVING);
939 }
940
941 /*
942 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
943 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
944 */
945 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
946 /*
947 * Clear forced success to clear EAP state for next
948 * authentication.
949 */
950 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
951 }
952 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
953 wpa_sm_set_config(wpa_s->wpa, NULL);
954 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
955 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
956 rsn_preauth_deinit(wpa_s->wpa);
957
958 old_ap_scan = wpa_s->conf->ap_scan;
959 wpa_config_free(wpa_s->conf);
960 wpa_s->conf = conf;
961 if (old_ap_scan != wpa_s->conf->ap_scan)
962 wpas_notify_ap_scan_changed(wpa_s);
963
964 if (reconf_ctrl)
965 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
966
967 wpa_supplicant_update_config(wpa_s);
968
969 wpa_supplicant_clear_status(wpa_s);
970 if (wpa_supplicant_enabled_networks(wpa_s)) {
971 wpa_s->reassociate = 1;
972 wpa_supplicant_req_scan(wpa_s, 0, 0);
973 }
974 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
975 return 0;
976 }
977
978
979 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
980 {
981 struct wpa_global *global = signal_ctx;
982 struct wpa_supplicant *wpa_s;
983 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
984 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
985 sig);
986 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
987 wpa_supplicant_terminate_proc(global);
988 }
989 }
990
991 if (wpa_debug_reopen_file() < 0) {
992 /* Ignore errors since we cannot really do much to fix this */
993 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
994 }
995 }
996
997
998 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
999 struct wpa_ssid *ssid,
1000 struct wpa_ie_data *ie)
1001 {
1002 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1003 if (ret) {
1004 if (ret == -2) {
1005 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1006 "from association info");
1007 }
1008 return -1;
1009 }
1010
1011 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1012 "cipher suites");
1013 if (!(ie->group_cipher & ssid->group_cipher)) {
1014 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1015 "cipher 0x%x (mask 0x%x) - reject",
1016 ie->group_cipher, ssid->group_cipher);
1017 return -1;
1018 }
1019 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1020 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1021 "cipher 0x%x (mask 0x%x) - reject",
1022 ie->pairwise_cipher, ssid->pairwise_cipher);
1023 return -1;
1024 }
1025 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1026 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1027 "management 0x%x (mask 0x%x) - reject",
1028 ie->key_mgmt, ssid->key_mgmt);
1029 return -1;
1030 }
1031
1032 #ifdef CONFIG_IEEE80211W
1033 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1034 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1035 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1036 "that does not support management frame protection - "
1037 "reject");
1038 return -1;
1039 }
1040 #endif /* CONFIG_IEEE80211W */
1041
1042 return 0;
1043 }
1044
1045
1046 /**
1047 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1048 * @wpa_s: Pointer to wpa_supplicant data
1049 * @bss: Scan results for the selected BSS, or %NULL if not available
1050 * @ssid: Configuration data for the selected network
1051 * @wpa_ie: Buffer for the WPA/RSN IE
1052 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1053 * used buffer length in case the functions returns success.
1054 * Returns: 0 on success or -1 on failure
1055 *
1056 * This function is used to configure authentication and encryption parameters
1057 * based on the network configuration and scan result for the selected BSS (if
1058 * available).
1059 */
1060 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1061 struct wpa_bss *bss, struct wpa_ssid *ssid,
1062 u8 *wpa_ie, size_t *wpa_ie_len)
1063 {
1064 struct wpa_ie_data ie;
1065 int sel, proto;
1066 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1067
1068 if (bss) {
1069 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1070 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1071 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1072 } else
1073 bss_wpa = bss_rsn = bss_osen = NULL;
1074
1075 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1076 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1077 (ie.group_cipher & ssid->group_cipher) &&
1078 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1079 (ie.key_mgmt & ssid->key_mgmt)) {
1080 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1081 proto = WPA_PROTO_RSN;
1082 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1083 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1084 (ie.group_cipher & ssid->group_cipher) &&
1085 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1086 (ie.key_mgmt & ssid->key_mgmt)) {
1087 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1088 proto = WPA_PROTO_WPA;
1089 #ifdef CONFIG_HS20
1090 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1091 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1092 /* TODO: parse OSEN element */
1093 os_memset(&ie, 0, sizeof(ie));
1094 ie.group_cipher = WPA_CIPHER_CCMP;
1095 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1096 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1097 proto = WPA_PROTO_OSEN;
1098 #endif /* CONFIG_HS20 */
1099 } else if (bss) {
1100 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1101 wpa_dbg(wpa_s, MSG_DEBUG,
1102 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1103 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1104 ssid->key_mgmt);
1105 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1106 MAC2STR(bss->bssid),
1107 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1108 bss_wpa ? " WPA" : "",
1109 bss_rsn ? " RSN" : "",
1110 bss_osen ? " OSEN" : "");
1111 if (bss_rsn) {
1112 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1113 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1114 wpa_dbg(wpa_s, MSG_DEBUG,
1115 "Could not parse RSN element");
1116 } else {
1117 wpa_dbg(wpa_s, MSG_DEBUG,
1118 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1119 ie.pairwise_cipher, ie.group_cipher,
1120 ie.key_mgmt);
1121 }
1122 }
1123 if (bss_wpa) {
1124 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1125 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1126 wpa_dbg(wpa_s, MSG_DEBUG,
1127 "Could not parse WPA element");
1128 } else {
1129 wpa_dbg(wpa_s, MSG_DEBUG,
1130 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1131 ie.pairwise_cipher, ie.group_cipher,
1132 ie.key_mgmt);
1133 }
1134 }
1135 return -1;
1136 } else {
1137 if (ssid->proto & WPA_PROTO_OSEN)
1138 proto = WPA_PROTO_OSEN;
1139 else if (ssid->proto & WPA_PROTO_RSN)
1140 proto = WPA_PROTO_RSN;
1141 else
1142 proto = WPA_PROTO_WPA;
1143 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1144 os_memset(&ie, 0, sizeof(ie));
1145 ie.group_cipher = ssid->group_cipher;
1146 ie.pairwise_cipher = ssid->pairwise_cipher;
1147 ie.key_mgmt = ssid->key_mgmt;
1148 #ifdef CONFIG_IEEE80211W
1149 ie.mgmt_group_cipher =
1150 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1151 WPA_CIPHER_AES_128_CMAC : 0;
1152 #endif /* CONFIG_IEEE80211W */
1153 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1154 "based on configuration");
1155 } else
1156 proto = ie.proto;
1157 }
1158
1159 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1160 "pairwise %d key_mgmt %d proto %d",
1161 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1162 #ifdef CONFIG_IEEE80211W
1163 if (ssid->ieee80211w) {
1164 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1165 ie.mgmt_group_cipher);
1166 }
1167 #endif /* CONFIG_IEEE80211W */
1168
1169 wpa_s->wpa_proto = proto;
1170 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1171 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1172 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1173
1174 if (bss || !wpa_s->ap_ies_from_associnfo) {
1175 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1176 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1177 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1178 bss_rsn ? 2 + bss_rsn[1] : 0))
1179 return -1;
1180 }
1181
1182 #ifdef CONFIG_NO_WPA
1183 wpa_s->group_cipher = WPA_CIPHER_NONE;
1184 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1185 #else /* CONFIG_NO_WPA */
1186 sel = ie.group_cipher & ssid->group_cipher;
1187 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1188 if (wpa_s->group_cipher < 0) {
1189 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1190 "cipher");
1191 return -1;
1192 }
1193 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1194 wpa_cipher_txt(wpa_s->group_cipher));
1195
1196 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1197 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1198 if (wpa_s->pairwise_cipher < 0) {
1199 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1200 "cipher");
1201 return -1;
1202 }
1203 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1204 wpa_cipher_txt(wpa_s->pairwise_cipher));
1205 #endif /* CONFIG_NO_WPA */
1206
1207 sel = ie.key_mgmt & ssid->key_mgmt;
1208 #ifdef CONFIG_SAE
1209 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1210 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1211 #endif /* CONFIG_SAE */
1212 if (0) {
1213 #ifdef CONFIG_SUITEB192
1214 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1215 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1216 wpa_dbg(wpa_s, MSG_DEBUG,
1217 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1218 #endif /* CONFIG_SUITEB192 */
1219 #ifdef CONFIG_SUITEB
1220 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1221 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1222 wpa_dbg(wpa_s, MSG_DEBUG,
1223 "WPA: using KEY_MGMT 802.1X with Suite B");
1224 #endif /* CONFIG_SUITEB */
1225 #ifdef CONFIG_IEEE80211R
1226 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1227 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1228 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1229 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1230 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1231 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1232 #endif /* CONFIG_IEEE80211R */
1233 #ifdef CONFIG_SAE
1234 } else if (sel & WPA_KEY_MGMT_SAE) {
1235 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1236 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1237 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1238 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1239 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1240 #endif /* CONFIG_SAE */
1241 #ifdef CONFIG_IEEE80211W
1242 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1243 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1244 wpa_dbg(wpa_s, MSG_DEBUG,
1245 "WPA: using KEY_MGMT 802.1X with SHA256");
1246 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1247 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1248 wpa_dbg(wpa_s, MSG_DEBUG,
1249 "WPA: using KEY_MGMT PSK with SHA256");
1250 #endif /* CONFIG_IEEE80211W */
1251 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1252 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1253 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1254 } else if (sel & WPA_KEY_MGMT_PSK) {
1255 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1256 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1257 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1258 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1259 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1260 #ifdef CONFIG_HS20
1261 } else if (sel & WPA_KEY_MGMT_OSEN) {
1262 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1263 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1264 #endif /* CONFIG_HS20 */
1265 } else {
1266 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1267 "authenticated key management type");
1268 return -1;
1269 }
1270
1271 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1272 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1273 wpa_s->pairwise_cipher);
1274 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1275
1276 #ifdef CONFIG_IEEE80211W
1277 sel = ie.mgmt_group_cipher;
1278 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1279 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1280 sel = 0;
1281 if (sel & WPA_CIPHER_AES_128_CMAC) {
1282 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1283 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1284 "AES-128-CMAC");
1285 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1286 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1287 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1288 "BIP-GMAC-128");
1289 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1290 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1291 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1292 "BIP-GMAC-256");
1293 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1294 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1295 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1296 "BIP-CMAC-256");
1297 } else {
1298 wpa_s->mgmt_group_cipher = 0;
1299 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1300 }
1301 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1302 wpa_s->mgmt_group_cipher);
1303 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1304 wpas_get_ssid_pmf(wpa_s, ssid));
1305 #endif /* CONFIG_IEEE80211W */
1306
1307 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1308 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1309 return -1;
1310 }
1311
1312 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1313 int psk_set = 0;
1314
1315 if (ssid->psk_set) {
1316 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1317 NULL);
1318 psk_set = 1;
1319 }
1320 #ifndef CONFIG_NO_PBKDF2
1321 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1322 ssid->passphrase) {
1323 u8 psk[PMK_LEN];
1324 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1325 4096, psk, PMK_LEN);
1326 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1327 psk, PMK_LEN);
1328 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1329 psk_set = 1;
1330 os_memset(psk, 0, sizeof(psk));
1331 }
1332 #endif /* CONFIG_NO_PBKDF2 */
1333 #ifdef CONFIG_EXT_PASSWORD
1334 if (ssid->ext_psk) {
1335 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1336 ssid->ext_psk);
1337 char pw_str[64 + 1];
1338 u8 psk[PMK_LEN];
1339
1340 if (pw == NULL) {
1341 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1342 "found from external storage");
1343 return -1;
1344 }
1345
1346 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1347 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1348 "PSK length %d in external storage",
1349 (int) wpabuf_len(pw));
1350 ext_password_free(pw);
1351 return -1;
1352 }
1353
1354 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1355 pw_str[wpabuf_len(pw)] = '\0';
1356
1357 #ifndef CONFIG_NO_PBKDF2
1358 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1359 {
1360 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1361 4096, psk, PMK_LEN);
1362 os_memset(pw_str, 0, sizeof(pw_str));
1363 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1364 "external passphrase)",
1365 psk, PMK_LEN);
1366 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1367 NULL);
1368 psk_set = 1;
1369 os_memset(psk, 0, sizeof(psk));
1370 } else
1371 #endif /* CONFIG_NO_PBKDF2 */
1372 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1373 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1374 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1375 "Invalid PSK hex string");
1376 os_memset(pw_str, 0, sizeof(pw_str));
1377 ext_password_free(pw);
1378 return -1;
1379 }
1380 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1381 NULL);
1382 psk_set = 1;
1383 os_memset(psk, 0, sizeof(psk));
1384 } else {
1385 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1386 "PSK available");
1387 os_memset(pw_str, 0, sizeof(pw_str));
1388 ext_password_free(pw);
1389 return -1;
1390 }
1391
1392 os_memset(pw_str, 0, sizeof(pw_str));
1393 ext_password_free(pw);
1394 }
1395 #endif /* CONFIG_EXT_PASSWORD */
1396
1397 if (!psk_set) {
1398 wpa_msg(wpa_s, MSG_INFO,
1399 "No PSK available for association");
1400 return -1;
1401 }
1402 } else
1403 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1404
1405 return 0;
1406 }
1407
1408
1409 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1410 {
1411 *pos = 0x00;
1412
1413 switch (idx) {
1414 case 0: /* Bits 0-7 */
1415 break;
1416 case 1: /* Bits 8-15 */
1417 break;
1418 case 2: /* Bits 16-23 */
1419 #ifdef CONFIG_WNM
1420 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1421 *pos |= 0x08; /* Bit 19 - BSS Transition */
1422 #endif /* CONFIG_WNM */
1423 break;
1424 case 3: /* Bits 24-31 */
1425 #ifdef CONFIG_WNM
1426 *pos |= 0x02; /* Bit 25 - SSID List */
1427 #endif /* CONFIG_WNM */
1428 #ifdef CONFIG_INTERWORKING
1429 if (wpa_s->conf->interworking)
1430 *pos |= 0x80; /* Bit 31 - Interworking */
1431 #endif /* CONFIG_INTERWORKING */
1432 break;
1433 case 4: /* Bits 32-39 */
1434 #ifdef CONFIG_INTERWORKING
1435 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1436 *pos |= 0x01; /* Bit 32 - QoS Map */
1437 #endif /* CONFIG_INTERWORKING */
1438 break;
1439 case 5: /* Bits 40-47 */
1440 #ifdef CONFIG_HS20
1441 if (wpa_s->conf->hs20)
1442 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1443 #endif /* CONFIG_HS20 */
1444 #ifdef CONFIG_MBO
1445 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1446 #endif /* CONFIG_MBO */
1447 break;
1448 case 6: /* Bits 48-55 */
1449 break;
1450 }
1451 }
1452
1453
1454 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1455 {
1456 u8 *pos = buf;
1457 u8 len = 6, i;
1458
1459 if (len < wpa_s->extended_capa_len)
1460 len = wpa_s->extended_capa_len;
1461 if (buflen < (size_t) len + 2) {
1462 wpa_printf(MSG_INFO,
1463 "Not enough room for building extended capabilities element");
1464 return -1;
1465 }
1466
1467 *pos++ = WLAN_EID_EXT_CAPAB;
1468 *pos++ = len;
1469 for (i = 0; i < len; i++, pos++) {
1470 wpas_ext_capab_byte(wpa_s, pos, i);
1471
1472 if (i < wpa_s->extended_capa_len) {
1473 *pos &= ~wpa_s->extended_capa_mask[i];
1474 *pos |= wpa_s->extended_capa[i];
1475 }
1476 }
1477
1478 while (len > 0 && buf[1 + len] == 0) {
1479 len--;
1480 buf[1] = len;
1481 }
1482 if (len == 0)
1483 return 0;
1484
1485 return 2 + len;
1486 }
1487
1488
1489 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1490 struct wpa_bss *test_bss)
1491 {
1492 struct wpa_bss *bss;
1493
1494 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1495 if (bss == test_bss)
1496 return 1;
1497 }
1498
1499 return 0;
1500 }
1501
1502
1503 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1504 struct wpa_ssid *test_ssid)
1505 {
1506 struct wpa_ssid *ssid;
1507
1508 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1509 if (ssid == test_ssid)
1510 return 1;
1511 }
1512
1513 return 0;
1514 }
1515
1516
1517 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1518 struct wpa_ssid *test_ssid)
1519 {
1520 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1521 return 0;
1522
1523 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1524 }
1525
1526
1527 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1528 {
1529 if (cwork == NULL)
1530 return;
1531 os_free(cwork);
1532 }
1533
1534
1535 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1536 {
1537 struct wpa_connect_work *cwork;
1538 struct wpa_radio_work *work = wpa_s->connect_work;
1539
1540 if (!work)
1541 return;
1542
1543 wpa_s->connect_work = NULL;
1544 cwork = work->ctx;
1545 work->ctx = NULL;
1546 wpas_connect_work_free(cwork);
1547 radio_work_done(work);
1548 }
1549
1550
1551 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1552 {
1553 struct os_reltime now;
1554 u8 addr[ETH_ALEN];
1555
1556 os_get_reltime(&now);
1557 if (wpa_s->last_mac_addr_style == style &&
1558 wpa_s->last_mac_addr_change.sec != 0 &&
1559 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1560 wpa_s->conf->rand_addr_lifetime)) {
1561 wpa_msg(wpa_s, MSG_DEBUG,
1562 "Previously selected random MAC address has not yet expired");
1563 return 0;
1564 }
1565
1566 switch (style) {
1567 case 1:
1568 if (random_mac_addr(addr) < 0)
1569 return -1;
1570 break;
1571 case 2:
1572 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1573 if (random_mac_addr_keep_oui(addr) < 0)
1574 return -1;
1575 break;
1576 default:
1577 return -1;
1578 }
1579
1580 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1581 wpa_msg(wpa_s, MSG_INFO,
1582 "Failed to set random MAC address");
1583 return -1;
1584 }
1585
1586 os_get_reltime(&wpa_s->last_mac_addr_change);
1587 wpa_s->mac_addr_changed = 1;
1588 wpa_s->last_mac_addr_style = style;
1589
1590 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1591 wpa_msg(wpa_s, MSG_INFO,
1592 "Could not update MAC address information");
1593 return -1;
1594 }
1595
1596 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1597 MAC2STR(addr));
1598
1599 return 0;
1600 }
1601
1602
1603 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1604 {
1605 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1606 !wpa_s->conf->preassoc_mac_addr)
1607 return 0;
1608
1609 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1610 }
1611
1612
1613 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1614
1615 /**
1616 * wpa_supplicant_associate - Request association
1617 * @wpa_s: Pointer to wpa_supplicant data
1618 * @bss: Scan results for the selected BSS, or %NULL if not available
1619 * @ssid: Configuration data for the selected network
1620 *
1621 * This function is used to request %wpa_supplicant to associate with a BSS.
1622 */
1623 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1624 struct wpa_bss *bss, struct wpa_ssid *ssid)
1625 {
1626 struct wpa_connect_work *cwork;
1627 int rand_style;
1628
1629 wpa_s->own_disconnect_req = 0;
1630
1631 /*
1632 * If we are starting a new connection, any previously pending EAPOL
1633 * RX cannot be valid anymore.
1634 */
1635 wpabuf_free(wpa_s->pending_eapol_rx);
1636 wpa_s->pending_eapol_rx = NULL;
1637
1638 if (ssid->mac_addr == -1)
1639 rand_style = wpa_s->conf->mac_addr;
1640 else
1641 rand_style = ssid->mac_addr;
1642
1643 wmm_ac_clear_saved_tspecs(wpa_s);
1644 wpa_s->reassoc_same_bss = 0;
1645
1646 if (wpa_s->last_ssid == ssid) {
1647 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1648 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1649 wmm_ac_save_tspecs(wpa_s);
1650 wpa_s->reassoc_same_bss = 1;
1651 }
1652 } else if (rand_style > 0) {
1653 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1654 return;
1655 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1656 } else if (wpa_s->mac_addr_changed) {
1657 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1658 wpa_msg(wpa_s, MSG_INFO,
1659 "Could not restore permanent MAC address");
1660 return;
1661 }
1662 wpa_s->mac_addr_changed = 0;
1663 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1664 wpa_msg(wpa_s, MSG_INFO,
1665 "Could not update MAC address information");
1666 return;
1667 }
1668 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1669 }
1670 wpa_s->last_ssid = ssid;
1671
1672 #ifdef CONFIG_IBSS_RSN
1673 ibss_rsn_deinit(wpa_s->ibss_rsn);
1674 wpa_s->ibss_rsn = NULL;
1675 #endif /* CONFIG_IBSS_RSN */
1676
1677 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1678 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1679 #ifdef CONFIG_AP
1680 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1681 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1682 "mode");
1683 return;
1684 }
1685 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1686 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1687 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1688 wpas_p2p_ap_setup_failed(wpa_s);
1689 return;
1690 }
1691 wpa_s->current_bss = bss;
1692 #else /* CONFIG_AP */
1693 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1694 "the build");
1695 #endif /* CONFIG_AP */
1696 return;
1697 }
1698
1699 if (ssid->mode == WPAS_MODE_MESH) {
1700 #ifdef CONFIG_MESH
1701 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1702 wpa_msg(wpa_s, MSG_INFO,
1703 "Driver does not support mesh mode");
1704 return;
1705 }
1706 if (bss)
1707 ssid->frequency = bss->freq;
1708 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1709 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1710 return;
1711 }
1712 wpa_s->current_bss = bss;
1713 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1714 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1715 ssid->id);
1716 #else /* CONFIG_MESH */
1717 wpa_msg(wpa_s, MSG_ERROR,
1718 "mesh mode support not included in the build");
1719 #endif /* CONFIG_MESH */
1720 return;
1721 }
1722
1723 #ifdef CONFIG_TDLS
1724 if (bss)
1725 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1726 bss->ie_len);
1727 #endif /* CONFIG_TDLS */
1728
1729 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1730 ssid->mode == IEEE80211_MODE_INFRA) {
1731 sme_authenticate(wpa_s, bss, ssid);
1732 return;
1733 }
1734
1735 if (wpa_s->connect_work) {
1736 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1737 return;
1738 }
1739
1740 if (radio_work_pending(wpa_s, "connect")) {
1741 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1742 return;
1743 }
1744
1745 wpas_abort_ongoing_scan(wpa_s);
1746
1747 cwork = os_zalloc(sizeof(*cwork));
1748 if (cwork == NULL)
1749 return;
1750
1751 cwork->bss = bss;
1752 cwork->ssid = ssid;
1753
1754 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1755 wpas_start_assoc_cb, cwork) < 0) {
1756 os_free(cwork);
1757 }
1758 }
1759
1760
1761 static int bss_is_ibss(struct wpa_bss *bss)
1762 {
1763 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1764 IEEE80211_CAP_IBSS;
1765 }
1766
1767
1768 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1769 const struct wpa_ssid *ssid)
1770 {
1771 enum hostapd_hw_mode hw_mode;
1772 struct hostapd_hw_modes *mode = NULL;
1773 u8 channel;
1774 int i;
1775
1776 #ifdef CONFIG_HT_OVERRIDES
1777 if (ssid->disable_ht)
1778 return 0;
1779 #endif /* CONFIG_HT_OVERRIDES */
1780
1781 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1782 if (hw_mode == NUM_HOSTAPD_MODES)
1783 return 0;
1784 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1785 if (wpa_s->hw.modes[i].mode == hw_mode) {
1786 mode = &wpa_s->hw.modes[i];
1787 break;
1788 }
1789 }
1790
1791 if (!mode)
1792 return 0;
1793
1794 return mode->vht_capab != 0;
1795 }
1796
1797
1798 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1799 const struct wpa_ssid *ssid,
1800 struct hostapd_freq_params *freq)
1801 {
1802 enum hostapd_hw_mode hw_mode;
1803 struct hostapd_hw_modes *mode = NULL;
1804 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1805 184, 192 };
1806 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1807 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1808 u8 channel;
1809 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1810 unsigned int j, k;
1811 struct hostapd_freq_params vht_freq;
1812 int chwidth, seg0, seg1;
1813 u32 vht_caps = 0;
1814
1815 freq->freq = ssid->frequency;
1816
1817 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1818 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1819
1820 if (ssid->mode != WPAS_MODE_IBSS)
1821 break;
1822
1823 /* Don't adjust control freq in case of fixed_freq */
1824 if (ssid->fixed_freq)
1825 break;
1826
1827 if (!bss_is_ibss(bss))
1828 continue;
1829
1830 if (ssid->ssid_len == bss->ssid_len &&
1831 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1832 wpa_printf(MSG_DEBUG,
1833 "IBSS already found in scan results, adjust control freq: %d",
1834 bss->freq);
1835 freq->freq = bss->freq;
1836 obss_scan = 0;
1837 break;
1838 }
1839 }
1840
1841 /* For IBSS check HT_IBSS flag */
1842 if (ssid->mode == WPAS_MODE_IBSS &&
1843 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1844 return;
1845
1846 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1847 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1848 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1849 wpa_printf(MSG_DEBUG,
1850 "IBSS: WEP/TKIP detected, do not try to enable HT");
1851 return;
1852 }
1853
1854 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1855 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1856 if (wpa_s->hw.modes[i].mode == hw_mode) {
1857 mode = &wpa_s->hw.modes[i];
1858 break;
1859 }
1860 }
1861
1862 if (!mode)
1863 return;
1864
1865 freq->ht_enabled = ht_supported(mode);
1866 if (!freq->ht_enabled)
1867 return;
1868
1869 /* Setup higher BW only for 5 GHz */
1870 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1871 return;
1872
1873 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1874 pri_chan = &mode->channels[chan_idx];
1875 if (pri_chan->chan == channel)
1876 break;
1877 pri_chan = NULL;
1878 }
1879 if (!pri_chan)
1880 return;
1881
1882 /* Check primary channel flags */
1883 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1884 return;
1885
1886 /* Check/setup HT40+/HT40- */
1887 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1888 if (ht40plus[j] == channel) {
1889 ht40 = 1;
1890 break;
1891 }
1892 }
1893
1894 /* Find secondary channel */
1895 for (i = 0; i < mode->num_channels; i++) {
1896 sec_chan = &mode->channels[i];
1897 if (sec_chan->chan == channel + ht40 * 4)
1898 break;
1899 sec_chan = NULL;
1900 }
1901 if (!sec_chan)
1902 return;
1903
1904 /* Check secondary channel flags */
1905 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1906 return;
1907
1908 freq->channel = pri_chan->chan;
1909
1910 switch (ht40) {
1911 case -1:
1912 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1913 return;
1914 freq->sec_channel_offset = -1;
1915 break;
1916 case 1:
1917 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1918 return;
1919 freq->sec_channel_offset = 1;
1920 break;
1921 default:
1922 break;
1923 }
1924
1925 if (freq->sec_channel_offset && obss_scan) {
1926 struct wpa_scan_results *scan_res;
1927
1928 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1929 if (scan_res == NULL) {
1930 /* Back to HT20 */
1931 freq->sec_channel_offset = 0;
1932 return;
1933 }
1934
1935 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1936 sec_chan->chan);
1937 switch (res) {
1938 case 0:
1939 /* Back to HT20 */
1940 freq->sec_channel_offset = 0;
1941 break;
1942 case 1:
1943 /* Configuration allowed */
1944 break;
1945 case 2:
1946 /* Switch pri/sec channels */
1947 freq->freq = hw_get_freq(mode, sec_chan->chan);
1948 freq->sec_channel_offset = -freq->sec_channel_offset;
1949 freq->channel = sec_chan->chan;
1950 break;
1951 default:
1952 freq->sec_channel_offset = 0;
1953 break;
1954 }
1955
1956 wpa_scan_results_free(scan_res);
1957 }
1958
1959 wpa_printf(MSG_DEBUG,
1960 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1961 freq->channel, freq->sec_channel_offset);
1962
1963 if (!drv_supports_vht(wpa_s, ssid))
1964 return;
1965
1966 /* For IBSS check VHT_IBSS flag */
1967 if (ssid->mode == WPAS_MODE_IBSS &&
1968 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1969 return;
1970
1971 vht_freq = *freq;
1972
1973 vht_freq.vht_enabled = vht_supported(mode);
1974 if (!vht_freq.vht_enabled)
1975 return;
1976
1977 /* setup center_freq1, bandwidth */
1978 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
1979 if (freq->channel >= vht80[j] &&
1980 freq->channel < vht80[j] + 16)
1981 break;
1982 }
1983
1984 if (j == ARRAY_SIZE(vht80))
1985 return;
1986
1987 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
1988 struct hostapd_channel_data *chan;
1989
1990 chan = hw_get_channel_chan(mode, i, NULL);
1991 if (!chan)
1992 return;
1993
1994 /* Back to HT configuration if channel not usable */
1995 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1996 return;
1997 }
1998
1999 chwidth = VHT_CHANWIDTH_80MHZ;
2000 seg0 = vht80[j] + 6;
2001 seg1 = 0;
2002
2003 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2004 /* setup center_freq2, bandwidth */
2005 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2006 /* Only accept 80 MHz segments separated by a gap */
2007 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2008 continue;
2009 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2010 struct hostapd_channel_data *chan;
2011
2012 chan = hw_get_channel_chan(mode, i, NULL);
2013 if (!chan)
2014 continue;
2015
2016 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2017 HOSTAPD_CHAN_NO_IR |
2018 HOSTAPD_CHAN_RADAR))
2019 continue;
2020
2021 /* Found a suitable second segment for 80+80 */
2022 chwidth = VHT_CHANWIDTH_80P80MHZ;
2023 vht_caps |=
2024 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2025 seg1 = vht80[k] + 6;
2026 }
2027
2028 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2029 break;
2030 }
2031 }
2032
2033 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2034 freq->channel, freq->ht_enabled,
2035 vht_freq.vht_enabled,
2036 freq->sec_channel_offset,
2037 chwidth, seg0, seg1, vht_caps) != 0)
2038 return;
2039
2040 *freq = vht_freq;
2041
2042 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2043 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2044 }
2045
2046
2047 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2048 {
2049 struct wpa_connect_work *cwork = work->ctx;
2050 struct wpa_bss *bss = cwork->bss;
2051 struct wpa_ssid *ssid = cwork->ssid;
2052 struct wpa_supplicant *wpa_s = work->wpa_s;
2053 u8 wpa_ie[200];
2054 size_t wpa_ie_len;
2055 int use_crypt, ret, i, bssid_changed;
2056 int algs = WPA_AUTH_ALG_OPEN;
2057 unsigned int cipher_pairwise, cipher_group;
2058 struct wpa_driver_associate_params params;
2059 int wep_keys_set = 0;
2060 int assoc_failed = 0;
2061 struct wpa_ssid *old_ssid;
2062 #ifdef CONFIG_HT_OVERRIDES
2063 struct ieee80211_ht_capabilities htcaps;
2064 struct ieee80211_ht_capabilities htcaps_mask;
2065 #endif /* CONFIG_HT_OVERRIDES */
2066 #ifdef CONFIG_VHT_OVERRIDES
2067 struct ieee80211_vht_capabilities vhtcaps;
2068 struct ieee80211_vht_capabilities vhtcaps_mask;
2069 #endif /* CONFIG_VHT_OVERRIDES */
2070 #ifdef CONFIG_MBO
2071 const u8 *mbo = NULL;
2072 #endif /* CONFIG_MBO */
2073
2074 if (deinit) {
2075 if (work->started) {
2076 wpa_s->connect_work = NULL;
2077
2078 /* cancel possible auth. timeout */
2079 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2080 NULL);
2081 }
2082 wpas_connect_work_free(cwork);
2083 return;
2084 }
2085
2086 wpa_s->connect_work = work;
2087
2088 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2089 wpas_network_disabled(wpa_s, ssid)) {
2090 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2091 wpas_connect_work_done(wpa_s);
2092 return;
2093 }
2094
2095 os_memset(&params, 0, sizeof(params));
2096 wpa_s->reassociate = 0;
2097 wpa_s->eap_expected_failure = 0;
2098 if (bss &&
2099 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2100 #ifdef CONFIG_IEEE80211R
2101 const u8 *ie, *md = NULL;
2102 #endif /* CONFIG_IEEE80211R */
2103 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2104 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2105 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2106 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2107 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2108 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2109 if (bssid_changed)
2110 wpas_notify_bssid_changed(wpa_s);
2111 #ifdef CONFIG_IEEE80211R
2112 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2113 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2114 md = ie + 2;
2115 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2116 if (md) {
2117 /* Prepare for the next transition */
2118 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2119 }
2120 #endif /* CONFIG_IEEE80211R */
2121 #ifdef CONFIG_WPS
2122 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2123 wpa_s->conf->ap_scan == 2 &&
2124 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2125 /* Use ap_scan==1 style network selection to find the network
2126 */
2127 wpas_connect_work_done(wpa_s);
2128 wpa_s->scan_req = MANUAL_SCAN_REQ;
2129 wpa_s->reassociate = 1;
2130 wpa_supplicant_req_scan(wpa_s, 0, 0);
2131 return;
2132 #endif /* CONFIG_WPS */
2133 } else {
2134 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2135 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2136 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2137 }
2138 if (!wpa_s->pno)
2139 wpa_supplicant_cancel_sched_scan(wpa_s);
2140
2141 wpa_supplicant_cancel_scan(wpa_s);
2142
2143 /* Starting new association, so clear the possibly used WPA IE from the
2144 * previous association. */
2145 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2146
2147 #ifdef IEEE8021X_EAPOL
2148 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2149 if (ssid->leap) {
2150 if (ssid->non_leap == 0)
2151 algs = WPA_AUTH_ALG_LEAP;
2152 else
2153 algs |= WPA_AUTH_ALG_LEAP;
2154 }
2155 }
2156 #endif /* IEEE8021X_EAPOL */
2157 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2158 if (ssid->auth_alg) {
2159 algs = ssid->auth_alg;
2160 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2161 "0x%x", algs);
2162 }
2163
2164 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2165 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2166 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2167 int try_opportunistic;
2168 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2169 wpa_s->conf->okc :
2170 ssid->proactive_key_caching) &&
2171 (ssid->proto & WPA_PROTO_RSN);
2172 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2173 ssid, try_opportunistic) == 0)
2174 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2175 wpa_ie_len = sizeof(wpa_ie);
2176 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2177 wpa_ie, &wpa_ie_len)) {
2178 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2179 "key management and encryption suites");
2180 wpas_connect_work_done(wpa_s);
2181 return;
2182 }
2183 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2184 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2185 /*
2186 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2187 * use non-WPA since the scan results did not indicate that the
2188 * AP is using WPA or WPA2.
2189 */
2190 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2191 wpa_ie_len = 0;
2192 wpa_s->wpa_proto = 0;
2193 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2194 wpa_ie_len = sizeof(wpa_ie);
2195 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2196 wpa_ie, &wpa_ie_len)) {
2197 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2198 "key management and encryption suites (no "
2199 "scan results)");
2200 wpas_connect_work_done(wpa_s);
2201 return;
2202 }
2203 #ifdef CONFIG_WPS
2204 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2205 struct wpabuf *wps_ie;
2206 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2207 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2208 wpa_ie_len = wpabuf_len(wps_ie);
2209 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2210 } else
2211 wpa_ie_len = 0;
2212 wpabuf_free(wps_ie);
2213 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2214 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2215 params.wps = WPS_MODE_PRIVACY;
2216 else
2217 params.wps = WPS_MODE_OPEN;
2218 wpa_s->wpa_proto = 0;
2219 #endif /* CONFIG_WPS */
2220 } else {
2221 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2222 wpa_ie_len = 0;
2223 wpa_s->wpa_proto = 0;
2224 }
2225
2226 #ifdef CONFIG_P2P
2227 if (wpa_s->global->p2p) {
2228 u8 *pos;
2229 size_t len;
2230 int res;
2231 pos = wpa_ie + wpa_ie_len;
2232 len = sizeof(wpa_ie) - wpa_ie_len;
2233 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2234 ssid->p2p_group);
2235 if (res >= 0)
2236 wpa_ie_len += res;
2237 }
2238
2239 wpa_s->cross_connect_disallowed = 0;
2240 if (bss) {
2241 struct wpabuf *p2p;
2242 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2243 if (p2p) {
2244 wpa_s->cross_connect_disallowed =
2245 p2p_get_cross_connect_disallowed(p2p);
2246 wpabuf_free(p2p);
2247 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2248 "connection",
2249 wpa_s->cross_connect_disallowed ?
2250 "disallows" : "allows");
2251 }
2252 }
2253
2254 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2255 #endif /* CONFIG_P2P */
2256
2257 #ifdef CONFIG_HS20
2258 if (is_hs20_network(wpa_s, ssid, bss)) {
2259 struct wpabuf *hs20;
2260 hs20 = wpabuf_alloc(20);
2261 if (hs20) {
2262 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2263 size_t len;
2264
2265 wpas_hs20_add_indication(hs20, pps_mo_id);
2266 len = sizeof(wpa_ie) - wpa_ie_len;
2267 if (wpabuf_len(hs20) <= len) {
2268 os_memcpy(wpa_ie + wpa_ie_len,
2269 wpabuf_head(hs20), wpabuf_len(hs20));
2270 wpa_ie_len += wpabuf_len(hs20);
2271 }
2272 wpabuf_free(hs20);
2273 }
2274 }
2275 #endif /* CONFIG_HS20 */
2276
2277 #ifdef CONFIG_MBO
2278 if (bss) {
2279 mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE);
2280 if (mbo) {
2281 int len;
2282
2283 len = wpas_mbo_supp_op_class_ie(wpa_s, bss->freq,
2284 wpa_ie + wpa_ie_len,
2285 sizeof(wpa_ie) -
2286 wpa_ie_len);
2287 if (len > 0)
2288 wpa_ie_len += len;
2289 }
2290 }
2291 #endif /* CONFIG_MBO */
2292
2293 /*
2294 * Workaround: Add Extended Capabilities element only if the AP
2295 * included this element in Beacon/Probe Response frames. Some older
2296 * APs seem to have interoperability issues if this element is
2297 * included, so while the standard may require us to include the
2298 * element in all cases, it is justifiable to skip it to avoid
2299 * interoperability issues.
2300 */
2301 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2302 u8 ext_capab[18];
2303 int ext_capab_len;
2304 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2305 sizeof(ext_capab));
2306 if (ext_capab_len > 0) {
2307 u8 *pos = wpa_ie;
2308 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2309 pos += 2 + pos[1];
2310 os_memmove(pos + ext_capab_len, pos,
2311 wpa_ie_len - (pos - wpa_ie));
2312 wpa_ie_len += ext_capab_len;
2313 os_memcpy(pos, ext_capab, ext_capab_len);
2314 }
2315 }
2316
2317 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2318 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2319 size_t len;
2320
2321 len = sizeof(wpa_ie) - wpa_ie_len;
2322 if (wpabuf_len(buf) <= len) {
2323 os_memcpy(wpa_ie + wpa_ie_len,
2324 wpabuf_head(buf), wpabuf_len(buf));
2325 wpa_ie_len += wpabuf_len(buf);
2326 }
2327 }
2328
2329 #ifdef CONFIG_FST
2330 if (wpa_s->fst_ies) {
2331 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2332
2333 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2334 os_memcpy(wpa_ie + wpa_ie_len,
2335 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2336 wpa_ie_len += fst_ies_len;
2337 }
2338 }
2339 #endif /* CONFIG_FST */
2340
2341 #ifdef CONFIG_MBO
2342 if (mbo) {
2343 int len;
2344
2345 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2346 sizeof(wpa_ie) - wpa_ie_len);
2347 if (len >= 0)
2348 wpa_ie_len += len;
2349 }
2350 #endif /* CONFIG_MBO */
2351
2352 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2353 use_crypt = 1;
2354 cipher_pairwise = wpa_s->pairwise_cipher;
2355 cipher_group = wpa_s->group_cipher;
2356 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2357 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2358 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2359 use_crypt = 0;
2360 if (wpa_set_wep_keys(wpa_s, ssid)) {
2361 use_crypt = 1;
2362 wep_keys_set = 1;
2363 }
2364 }
2365 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2366 use_crypt = 0;
2367
2368 #ifdef IEEE8021X_EAPOL
2369 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2370 if ((ssid->eapol_flags &
2371 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2372 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2373 !wep_keys_set) {
2374 use_crypt = 0;
2375 } else {
2376 /* Assume that dynamic WEP-104 keys will be used and
2377 * set cipher suites in order for drivers to expect
2378 * encryption. */
2379 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2380 }
2381 }
2382 #endif /* IEEE8021X_EAPOL */
2383
2384 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2385 /* Set the key before (and later after) association */
2386 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2387 }
2388
2389 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2390 if (bss) {
2391 params.ssid = bss->ssid;
2392 params.ssid_len = bss->ssid_len;
2393 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2394 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2395 MACSTR " freq=%u MHz based on scan results "
2396 "(bssid_set=%d)",
2397 MAC2STR(bss->bssid), bss->freq,
2398 ssid->bssid_set);
2399 params.bssid = bss->bssid;
2400 params.freq.freq = bss->freq;
2401 }
2402 params.bssid_hint = bss->bssid;
2403 params.freq_hint = bss->freq;
2404 params.pbss = bss_is_pbss(bss);
2405 } else {
2406 params.ssid = ssid->ssid;
2407 params.ssid_len = ssid->ssid_len;
2408 params.pbss = ssid->pbss;
2409 }
2410
2411 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2412 wpa_s->conf->ap_scan == 2) {
2413 params.bssid = ssid->bssid;
2414 params.fixed_bssid = 1;
2415 }
2416
2417 /* Initial frequency for IBSS/mesh */
2418 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2419 ssid->frequency > 0 && params.freq.freq == 0)
2420 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2421
2422 if (ssid->mode == WPAS_MODE_IBSS) {
2423 params.fixed_freq = ssid->fixed_freq;
2424 if (ssid->beacon_int)
2425 params.beacon_int = ssid->beacon_int;
2426 else
2427 params.beacon_int = wpa_s->conf->beacon_int;
2428 }
2429
2430 params.wpa_ie = wpa_ie;
2431 params.wpa_ie_len = wpa_ie_len;
2432 params.pairwise_suite = cipher_pairwise;
2433 params.group_suite = cipher_group;
2434 params.key_mgmt_suite = wpa_s->key_mgmt;
2435 params.wpa_proto = wpa_s->wpa_proto;
2436 params.auth_alg = algs;
2437 params.mode = ssid->mode;
2438 params.bg_scan_period = ssid->bg_scan_period;
2439 for (i = 0; i < NUM_WEP_KEYS; i++) {
2440 if (ssid->wep_key_len[i])
2441 params.wep_key[i] = ssid->wep_key[i];
2442 params.wep_key_len[i] = ssid->wep_key_len[i];
2443 }
2444 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2445
2446 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2447 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2448 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2449 params.passphrase = ssid->passphrase;
2450 if (ssid->psk_set)
2451 params.psk = ssid->psk;
2452 }
2453
2454 if (wpa_s->conf->key_mgmt_offload) {
2455 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2456 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2457 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2458 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2459 params.req_key_mgmt_offload =
2460 ssid->proactive_key_caching < 0 ?
2461 wpa_s->conf->okc : ssid->proactive_key_caching;
2462 else
2463 params.req_key_mgmt_offload = 1;
2464
2465 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2466 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2467 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2468 ssid->psk_set)
2469 params.psk = ssid->psk;
2470 }
2471
2472 params.drop_unencrypted = use_crypt;
2473
2474 #ifdef CONFIG_IEEE80211W
2475 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2476 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2477 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2478 struct wpa_ie_data ie;
2479 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2480 ie.capabilities &
2481 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2482 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2483 "MFP: require MFP");
2484 params.mgmt_frame_protection =
2485 MGMT_FRAME_PROTECTION_REQUIRED;
2486 }
2487 }
2488 #endif /* CONFIG_IEEE80211W */
2489
2490 params.p2p = ssid->p2p_group;
2491
2492 if (wpa_s->parent->set_sta_uapsd)
2493 params.uapsd = wpa_s->parent->sta_uapsd;
2494 else
2495 params.uapsd = -1;
2496
2497 #ifdef CONFIG_HT_OVERRIDES
2498 os_memset(&htcaps, 0, sizeof(htcaps));
2499 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2500 params.htcaps = (u8 *) &htcaps;
2501 params.htcaps_mask = (u8 *) &htcaps_mask;
2502 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
2503 #endif /* CONFIG_HT_OVERRIDES */
2504 #ifdef CONFIG_VHT_OVERRIDES
2505 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2506 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2507 params.vhtcaps = &vhtcaps;
2508 params.vhtcaps_mask = &vhtcaps_mask;
2509 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
2510 #endif /* CONFIG_VHT_OVERRIDES */
2511
2512 #ifdef CONFIG_P2P
2513 /*
2514 * If multi-channel concurrency is not supported, check for any
2515 * frequency conflict. In case of any frequency conflict, remove the
2516 * least prioritized connection.
2517 */
2518 if (wpa_s->num_multichan_concurrent < 2) {
2519 int freq, num;
2520 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2521 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2522 wpa_printf(MSG_DEBUG,
2523 "Assoc conflicting freq found (%d != %d)",
2524 freq, params.freq.freq);
2525 if (wpas_p2p_handle_frequency_conflicts(
2526 wpa_s, params.freq.freq, ssid) < 0) {
2527 wpas_connect_work_done(wpa_s);
2528 return;
2529 }
2530 }
2531 }
2532 #endif /* CONFIG_P2P */
2533
2534 ret = wpa_drv_associate(wpa_s, &params);
2535 if (ret < 0) {
2536 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2537 "failed");
2538 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2539 /*
2540 * The driver is known to mean what is saying, so we
2541 * can stop right here; the association will not
2542 * succeed.
2543 */
2544 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2545 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2546 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2547 return;
2548 }
2549 /* try to continue anyway; new association will be tried again
2550 * after timeout */
2551 assoc_failed = 1;
2552 }
2553
2554 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2555 /* Set the key after the association just in case association
2556 * cleared the previously configured key. */
2557 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2558 /* No need to timeout authentication since there is no key
2559 * management. */
2560 wpa_supplicant_cancel_auth_timeout(wpa_s);
2561 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2562 #ifdef CONFIG_IBSS_RSN
2563 } else if (ssid->mode == WPAS_MODE_IBSS &&
2564 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2565 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2566 /*
2567 * RSN IBSS authentication is per-STA and we can disable the
2568 * per-BSSID authentication.
2569 */
2570 wpa_supplicant_cancel_auth_timeout(wpa_s);
2571 #endif /* CONFIG_IBSS_RSN */
2572 } else {
2573 /* Timeout for IEEE 802.11 authentication and association */
2574 int timeout = 60;
2575
2576 if (assoc_failed) {
2577 /* give IBSS a bit more time */
2578 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2579 } else if (wpa_s->conf->ap_scan == 1) {
2580 /* give IBSS a bit more time */
2581 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2582 }
2583 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2584 }
2585
2586 if (wep_keys_set &&
2587 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2588 /* Set static WEP keys again */
2589 wpa_set_wep_keys(wpa_s, ssid);
2590 }
2591
2592 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2593 /*
2594 * Do not allow EAP session resumption between different
2595 * network configurations.
2596 */
2597 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2598 }
2599 old_ssid = wpa_s->current_ssid;
2600 wpa_s->current_ssid = ssid;
2601 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set)
2602 wpa_s->current_bss = bss;
2603 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2604 wpa_supplicant_initiate_eapol(wpa_s);
2605 if (old_ssid != wpa_s->current_ssid)
2606 wpas_notify_network_changed(wpa_s);
2607 }
2608
2609
2610 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2611 const u8 *addr)
2612 {
2613 struct wpa_ssid *old_ssid;
2614
2615 wpas_connect_work_done(wpa_s);
2616 wpa_clear_keys(wpa_s, addr);
2617 old_ssid = wpa_s->current_ssid;
2618 wpa_supplicant_mark_disassoc(wpa_s);
2619 wpa_sm_set_config(wpa_s->wpa, NULL);
2620 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2621 if (old_ssid != wpa_s->current_ssid)
2622 wpas_notify_network_changed(wpa_s);
2623 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2624 }
2625
2626
2627 /**
2628 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2629 * @wpa_s: Pointer to wpa_supplicant data
2630 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2631 *
2632 * This function is used to request %wpa_supplicant to deauthenticate from the
2633 * current AP.
2634 */
2635 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2636 int reason_code)
2637 {
2638 u8 *addr = NULL;
2639 union wpa_event_data event;
2640 int zero_addr = 0;
2641
2642 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2643 " pending_bssid=" MACSTR " reason=%d state=%s",
2644 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2645 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2646
2647 if (!is_zero_ether_addr(wpa_s->bssid))
2648 addr = wpa_s->bssid;
2649 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2650 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2651 wpa_s->wpa_state == WPA_ASSOCIATING))
2652 addr = wpa_s->pending_bssid;
2653 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2654 /*
2655 * When using driver-based BSS selection, we may not know the
2656 * BSSID with which we are currently trying to associate. We
2657 * need to notify the driver of this disconnection even in such
2658 * a case, so use the all zeros address here.
2659 */
2660 addr = wpa_s->bssid;
2661 zero_addr = 1;
2662 }
2663
2664 #ifdef CONFIG_TDLS
2665 wpa_tdls_teardown_peers(wpa_s->wpa);
2666 #endif /* CONFIG_TDLS */
2667
2668 #ifdef CONFIG_MESH
2669 if (wpa_s->ifmsh) {
2670 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2671 wpa_s->ifname);
2672 wpa_supplicant_leave_mesh(wpa_s);
2673 }
2674 #endif /* CONFIG_MESH */
2675
2676 if (addr) {
2677 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2678 os_memset(&event, 0, sizeof(event));
2679 event.deauth_info.reason_code = (u16) reason_code;
2680 event.deauth_info.locally_generated = 1;
2681 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2682 if (zero_addr)
2683 addr = NULL;
2684 }
2685
2686 wpa_supplicant_clear_connection(wpa_s, addr);
2687 }
2688
2689 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2690 struct wpa_ssid *ssid)
2691 {
2692 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2693 return;
2694
2695 ssid->disabled = 0;
2696 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2697 wpas_notify_network_enabled_changed(wpa_s, ssid);
2698
2699 /*
2700 * Try to reassociate since there is no current configuration and a new
2701 * network was made available.
2702 */
2703 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2704 wpa_s->reassociate = 1;
2705 }
2706
2707
2708 /**
2709 * wpa_supplicant_enable_network - Mark a configured network as enabled
2710 * @wpa_s: wpa_supplicant structure for a network interface
2711 * @ssid: wpa_ssid structure for a configured network or %NULL
2712 *
2713 * Enables the specified network or all networks if no network specified.
2714 */
2715 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2716 struct wpa_ssid *ssid)
2717 {
2718 if (ssid == NULL) {
2719 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2720 wpa_supplicant_enable_one_network(wpa_s, ssid);
2721 } else
2722 wpa_supplicant_enable_one_network(wpa_s, ssid);
2723
2724 if (wpa_s->reassociate && !wpa_s->disconnected &&
2725 (!wpa_s->current_ssid ||
2726 wpa_s->wpa_state == WPA_DISCONNECTED ||
2727 wpa_s->wpa_state == WPA_SCANNING)) {
2728 if (wpa_s->sched_scanning) {
2729 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2730 "new network to scan filters");
2731 wpa_supplicant_cancel_sched_scan(wpa_s);
2732 }
2733
2734 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2735 wpa_s->scan_req = NORMAL_SCAN_REQ;
2736 wpa_supplicant_req_scan(wpa_s, 0, 0);
2737 }
2738 }
2739 }
2740
2741
2742 /**
2743 * wpa_supplicant_disable_network - Mark a configured network as disabled
2744 * @wpa_s: wpa_supplicant structure for a network interface
2745 * @ssid: wpa_ssid structure for a configured network or %NULL
2746 *
2747 * Disables the specified network or all networks if no network specified.
2748 */
2749 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2750 struct wpa_ssid *ssid)
2751 {
2752 struct wpa_ssid *other_ssid;
2753 int was_disabled;
2754
2755 if (ssid == NULL) {
2756 if (wpa_s->sched_scanning)
2757 wpa_supplicant_cancel_sched_scan(wpa_s);
2758
2759 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2760 other_ssid = other_ssid->next) {
2761 was_disabled = other_ssid->disabled;
2762 if (was_disabled == 2)
2763 continue; /* do not change persistent P2P group
2764 * data */
2765
2766 other_ssid->disabled = 1;
2767
2768 if (was_disabled != other_ssid->disabled)
2769 wpas_notify_network_enabled_changed(
2770 wpa_s, other_ssid);
2771 }
2772 if (wpa_s->current_ssid)
2773 wpa_supplicant_deauthenticate(
2774 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2775 } else if (ssid->disabled != 2) {
2776 if (ssid == wpa_s->current_ssid)
2777 wpa_supplicant_deauthenticate(
2778 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2779
2780 was_disabled = ssid->disabled;
2781
2782 ssid->disabled = 1;
2783
2784 if (was_disabled != ssid->disabled) {
2785 wpas_notify_network_enabled_changed(wpa_s, ssid);
2786 if (wpa_s->sched_scanning) {
2787 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2788 "to remove network from filters");
2789 wpa_supplicant_cancel_sched_scan(wpa_s);
2790 wpa_supplicant_req_scan(wpa_s, 0, 0);
2791 }
2792 }
2793 }
2794 }
2795
2796
2797 /**
2798 * wpa_supplicant_select_network - Attempt association with a network
2799 * @wpa_s: wpa_supplicant structure for a network interface
2800 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2801 */
2802 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2803 struct wpa_ssid *ssid)
2804 {
2805
2806 struct wpa_ssid *other_ssid;
2807 int disconnected = 0;
2808
2809 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2810 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2811 wpa_s->own_disconnect_req = 1;
2812 wpa_supplicant_deauthenticate(
2813 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2814 disconnected = 1;
2815 }
2816
2817 if (ssid)
2818 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2819
2820 /*
2821 * Mark all other networks disabled or mark all networks enabled if no
2822 * network specified.
2823 */
2824 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2825 other_ssid = other_ssid->next) {
2826 int was_disabled = other_ssid->disabled;
2827 if (was_disabled == 2)
2828 continue; /* do not change persistent P2P group data */
2829
2830 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2831 if (was_disabled && !other_ssid->disabled)
2832 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2833
2834 if (was_disabled != other_ssid->disabled)
2835 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2836 }
2837
2838 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
2839 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2840 /* We are already associated with the selected network */
2841 wpa_printf(MSG_DEBUG, "Already associated with the "
2842 "selected network - do nothing");
2843 return;
2844 }
2845
2846 if (ssid) {
2847 wpa_s->current_ssid = ssid;
2848 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2849 wpa_s->connect_without_scan =
2850 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2851
2852 /*
2853 * Don't optimize next scan freqs since a new ESS has been
2854 * selected.
2855 */
2856 os_free(wpa_s->next_scan_freqs);
2857 wpa_s->next_scan_freqs = NULL;
2858 } else {
2859 wpa_s->connect_without_scan = NULL;
2860 }
2861
2862 wpa_s->disconnected = 0;
2863 wpa_s->reassociate = 1;
2864
2865 if (wpa_s->connect_without_scan ||
2866 wpa_supplicant_fast_associate(wpa_s) != 1) {
2867 wpa_s->scan_req = NORMAL_SCAN_REQ;
2868 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2869 }
2870
2871 if (ssid)
2872 wpas_notify_network_selected(wpa_s, ssid);
2873 }
2874
2875
2876 /**
2877 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2878 * @wpa_s: wpa_supplicant structure for a network interface
2879 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2880 * @pkcs11_module_path: PKCS #11 module path or NULL
2881 * Returns: 0 on success; -1 on failure
2882 *
2883 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2884 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2885 * module path fails the paths will be reset to the default value (NULL).
2886 */
2887 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2888 const char *pkcs11_engine_path,
2889 const char *pkcs11_module_path)
2890 {
2891 char *pkcs11_engine_path_copy = NULL;
2892 char *pkcs11_module_path_copy = NULL;
2893
2894 if (pkcs11_engine_path != NULL) {
2895 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2896 if (pkcs11_engine_path_copy == NULL)
2897 return -1;
2898 }
2899 if (pkcs11_module_path != NULL) {
2900 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2901 if (pkcs11_module_path_copy == NULL) {
2902 os_free(pkcs11_engine_path_copy);
2903 return -1;
2904 }
2905 }
2906
2907 os_free(wpa_s->conf->pkcs11_engine_path);
2908 os_free(wpa_s->conf->pkcs11_module_path);
2909 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2910 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2911
2912 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2913 eapol_sm_deinit(wpa_s->eapol);
2914 wpa_s->eapol = NULL;
2915 if (wpa_supplicant_init_eapol(wpa_s)) {
2916 /* Error -> Reset paths to the default value (NULL) once. */
2917 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2918 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2919 NULL);
2920
2921 return -1;
2922 }
2923 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2924
2925 return 0;
2926 }
2927
2928
2929 /**
2930 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2931 * @wpa_s: wpa_supplicant structure for a network interface
2932 * @ap_scan: AP scan mode
2933 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2934 *
2935 */
2936 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2937 {
2938
2939 int old_ap_scan;
2940
2941 if (ap_scan < 0 || ap_scan > 2)
2942 return -1;
2943
2944 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
2945 wpa_printf(MSG_INFO,
2946 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
2947 }
2948
2949 #ifdef ANDROID
2950 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2951 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2952 wpa_s->wpa_state < WPA_COMPLETED) {
2953 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2954 "associating", wpa_s->conf->ap_scan, ap_scan);
2955 return 0;
2956 }
2957 #endif /* ANDROID */
2958
2959 old_ap_scan = wpa_s->conf->ap_scan;
2960 wpa_s->conf->ap_scan = ap_scan;
2961
2962 if (old_ap_scan != wpa_s->conf->ap_scan)
2963 wpas_notify_ap_scan_changed(wpa_s);
2964
2965 return 0;
2966 }
2967
2968
2969 /**
2970 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2971 * @wpa_s: wpa_supplicant structure for a network interface
2972 * @expire_age: Expiration age in seconds
2973 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2974 *
2975 */
2976 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2977 unsigned int bss_expire_age)
2978 {
2979 if (bss_expire_age < 10) {
2980 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2981 bss_expire_age);
2982 return -1;
2983 }
2984 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2985 bss_expire_age);
2986 wpa_s->conf->bss_expiration_age = bss_expire_age;
2987
2988 return 0;
2989 }
2990
2991
2992 /**
2993 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2994 * @wpa_s: wpa_supplicant structure for a network interface
2995 * @expire_count: number of scans after which an unseen BSS is reclaimed
2996 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2997 *
2998 */
2999 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3000 unsigned int bss_expire_count)
3001 {
3002 if (bss_expire_count < 1) {
3003 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3004 bss_expire_count);
3005 return -1;
3006 }
3007 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3008 bss_expire_count);
3009 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3010
3011 return 0;
3012 }
3013
3014
3015 /**
3016 * wpa_supplicant_set_scan_interval - Set scan interval
3017 * @wpa_s: wpa_supplicant structure for a network interface
3018 * @scan_interval: scan interval in seconds
3019 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3020 *
3021 */
3022 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3023 int scan_interval)
3024 {
3025 if (scan_interval < 0) {
3026 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3027 scan_interval);
3028 return -1;
3029 }
3030 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3031 scan_interval);
3032 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3033
3034 return 0;
3035 }
3036
3037
3038 /**
3039 * wpa_supplicant_set_debug_params - Set global debug params
3040 * @global: wpa_global structure
3041 * @debug_level: debug level
3042 * @debug_timestamp: determines if show timestamp in debug data
3043 * @debug_show_keys: determines if show keys in debug data
3044 * Returns: 0 if succeed or -1 if debug_level has wrong value
3045 */
3046 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3047 int debug_timestamp, int debug_show_keys)
3048 {
3049
3050 int old_level, old_timestamp, old_show_keys;
3051
3052 /* check for allowed debuglevels */
3053 if (debug_level != MSG_EXCESSIVE &&
3054 debug_level != MSG_MSGDUMP &&
3055 debug_level != MSG_DEBUG &&
3056 debug_level != MSG_INFO &&
3057 debug_level != MSG_WARNING &&
3058 debug_level != MSG_ERROR)
3059 return -1;
3060
3061 old_level = wpa_debug_level;
3062 old_timestamp = wpa_debug_timestamp;
3063 old_show_keys = wpa_debug_show_keys;
3064
3065 wpa_debug_level = debug_level;
3066 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3067 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3068
3069 if (wpa_debug_level != old_level)
3070 wpas_notify_debug_level_changed(global);
3071 if (wpa_debug_timestamp != old_timestamp)
3072 wpas_notify_debug_timestamp_changed(global);
3073 if (wpa_debug_show_keys != old_show_keys)
3074 wpas_notify_debug_show_keys_changed(global);
3075
3076 return 0;
3077 }
3078
3079
3080 /**
3081 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3082 * @wpa_s: Pointer to wpa_supplicant data
3083 * Returns: A pointer to the current network structure or %NULL on failure
3084 */
3085 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3086 {
3087 struct wpa_ssid *entry;
3088 u8 ssid[SSID_MAX_LEN];
3089 int res;
3090 size_t ssid_len;
3091 u8 bssid[ETH_ALEN];
3092 int wired;
3093
3094 res = wpa_drv_get_ssid(wpa_s, ssid);
3095 if (res < 0) {
3096 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3097 "driver");
3098 return NULL;
3099 }
3100 ssid_len = res;
3101
3102 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3103 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3104 "driver");
3105 return NULL;
3106 }
3107
3108 wired = wpa_s->conf->ap_scan == 0 &&
3109 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3110
3111 entry = wpa_s->conf->ssid;
3112 while (entry) {
3113 if (!wpas_network_disabled(wpa_s, entry) &&
3114 ((ssid_len == entry->ssid_len &&
3115 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3116 (!entry->bssid_set ||
3117 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3118 return entry;
3119 #ifdef CONFIG_WPS
3120 if (!wpas_network_disabled(wpa_s, entry) &&
3121 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3122 (entry->ssid == NULL || entry->ssid_len == 0) &&
3123 (!entry->bssid_set ||
3124 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3125 return entry;
3126 #endif /* CONFIG_WPS */
3127
3128 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3129 entry->ssid_len == 0 &&
3130 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3131 return entry;
3132
3133 entry = entry->next;
3134 }
3135
3136 return NULL;
3137 }
3138
3139
3140 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3141 {
3142 struct wpa_global *global = wpa_s->global;
3143
3144 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3145 global->drv_priv[i] = wpa_drivers[i]->global_init();
3146 if (global->drv_priv[i] == NULL) {
3147 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3148 "'%s'", wpa_drivers[i]->name);
3149 return -1;
3150 }
3151 }
3152
3153 wpa_s->driver = wpa_drivers[i];
3154 wpa_s->global_drv_priv = global->drv_priv[i];
3155
3156 return 0;
3157 }
3158
3159
3160 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3161 const char *name)
3162 {
3163 int i;
3164 size_t len;
3165 const char *pos, *driver = name;
3166
3167 if (wpa_s == NULL)
3168 return -1;
3169
3170 if (wpa_drivers[0] == NULL) {
3171 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3172 "wpa_supplicant");
3173 return -1;
3174 }
3175
3176 if (name == NULL) {
3177 /* default to first driver in the list */
3178 return select_driver(wpa_s, 0);
3179 }
3180
3181 do {
3182 pos = os_strchr(driver, ',');
3183 if (pos)
3184 len = pos - driver;
3185 else
3186 len = os_strlen(driver);
3187
3188 for (i = 0; wpa_drivers[i]; i++) {
3189 if (os_strlen(wpa_drivers[i]->name) == len &&
3190 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3191 0) {
3192 /* First driver that succeeds wins */
3193 if (select_driver(wpa_s, i) == 0)
3194 return 0;
3195 }
3196 }
3197
3198 driver = pos + 1;
3199 } while (pos);
3200
3201 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3202 return -1;
3203 }
3204
3205
3206 /**
3207 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3208 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3209 * with struct wpa_driver_ops::init()
3210 * @src_addr: Source address of the EAPOL frame
3211 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3212 * @len: Length of the EAPOL data
3213 *
3214 * This function is called for each received EAPOL frame. Most driver
3215 * interfaces rely on more generic OS mechanism for receiving frames through
3216 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3217 * take care of received EAPOL frames and deliver them to the core supplicant
3218 * code by calling this function.
3219 */
3220 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3221 const u8 *buf, size_t len)
3222 {
3223 struct wpa_supplicant *wpa_s = ctx;
3224
3225 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3226 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3227
3228 #ifdef CONFIG_PEERKEY
3229 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3230 wpa_s->current_ssid->peerkey &&
3231 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3232 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3233 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3234 return;
3235 }
3236 #endif /* CONFIG_PEERKEY */
3237
3238 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3239 (wpa_s->last_eapol_matches_bssid &&
3240 #ifdef CONFIG_AP
3241 !wpa_s->ap_iface &&
3242 #endif /* CONFIG_AP */
3243 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3244 /*
3245 * There is possible race condition between receiving the
3246 * association event and the EAPOL frame since they are coming
3247 * through different paths from the driver. In order to avoid
3248 * issues in trying to process the EAPOL frame before receiving
3249 * association information, lets queue it for processing until
3250 * the association event is received. This may also be needed in
3251 * driver-based roaming case, so also use src_addr != BSSID as a
3252 * trigger if we have previously confirmed that the
3253 * Authenticator uses BSSID as the src_addr (which is not the
3254 * case with wired IEEE 802.1X).
3255 */
3256 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3257 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3258 wpa_supplicant_state_txt(wpa_s->wpa_state),
3259 MAC2STR(wpa_s->bssid));
3260 wpabuf_free(wpa_s->pending_eapol_rx);
3261 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3262 if (wpa_s->pending_eapol_rx) {
3263 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3264 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3265 ETH_ALEN);
3266 }
3267 return;
3268 }
3269
3270 wpa_s->last_eapol_matches_bssid =
3271 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3272
3273 #ifdef CONFIG_AP
3274 if (wpa_s->ap_iface) {
3275 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3276 return;
3277 }
3278 #endif /* CONFIG_AP */
3279
3280 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3281 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3282 "no key management is configured");
3283 return;
3284 }
3285
3286 if (wpa_s->eapol_received == 0 &&
3287 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3288 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3289 wpa_s->wpa_state != WPA_COMPLETED) &&
3290 (wpa_s->current_ssid == NULL ||
3291 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3292 /* Timeout for completing IEEE 802.1X and WPA authentication */
3293 int timeout = 10;
3294
3295 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3296 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3297 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3298 /* Use longer timeout for IEEE 802.1X/EAP */
3299 timeout = 70;
3300 }
3301
3302 #ifdef CONFIG_WPS
3303 if (wpa_s->current_ssid && wpa_s->current_bss &&
3304 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3305 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3306 /*
3307 * Use shorter timeout if going through WPS AP iteration
3308 * for PIN config method with an AP that does not
3309 * advertise Selected Registrar.
3310 */
3311 struct wpabuf *wps_ie;
3312
3313 wps_ie = wpa_bss_get_vendor_ie_multi(
3314 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3315 if (wps_ie &&
3316 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3317 timeout = 10;
3318 wpabuf_free(wps_ie);
3319 }
3320 #endif /* CONFIG_WPS */
3321
3322 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3323 }
3324 wpa_s->eapol_received++;
3325
3326 if (wpa_s->countermeasures) {
3327 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3328 "EAPOL packet");
3329 return;
3330 }
3331
3332 #ifdef CONFIG_IBSS_RSN
3333 if (wpa_s->current_ssid &&
3334 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3335 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3336 return;
3337 }
3338 #endif /* CONFIG_IBSS_RSN */
3339
3340 /* Source address of the incoming EAPOL frame could be compared to the
3341 * current BSSID. However, it is possible that a centralized
3342 * Authenticator could be using another MAC address than the BSSID of
3343 * an AP, so just allow any address to be used for now. The replies are
3344 * still sent to the current BSSID (if available), though. */
3345
3346 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3347 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3348 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3349 return;
3350 wpa_drv_poll(wpa_s);
3351 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3352 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3353 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3354 /*
3355 * Set portValid = TRUE here since we are going to skip 4-way
3356 * handshake processing which would normally set portValid. We
3357 * need this to allow the EAPOL state machines to be completed
3358 * without going through EAPOL-Key handshake.
3359 */
3360 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3361 }
3362 }
3363
3364
3365 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3366 {
3367 if ((!wpa_s->p2p_mgmt ||
3368 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3369 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3370 l2_packet_deinit(wpa_s->l2);
3371 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3372 wpa_drv_get_mac_addr(wpa_s),
3373 ETH_P_EAPOL,
3374 wpa_supplicant_rx_eapol, wpa_s, 0);
3375 if (wpa_s->l2 == NULL)
3376 return -1;
3377 } else {
3378 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3379 if (addr)
3380 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3381 }
3382
3383 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3384 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3385 return -1;
3386 }
3387
3388 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3389
3390 return 0;
3391 }
3392
3393
3394 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3395 const u8 *buf, size_t len)
3396 {
3397 struct wpa_supplicant *wpa_s = ctx;
3398 const struct l2_ethhdr *eth;
3399
3400 if (len < sizeof(*eth))
3401 return;
3402 eth = (const struct l2_ethhdr *) buf;
3403
3404 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3405 !(eth->h_dest[0] & 0x01)) {
3406 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3407 " (bridge - not for this interface - ignore)",
3408 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3409 return;
3410 }
3411
3412 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3413 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3414 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3415 len - sizeof(*eth));
3416 }
3417
3418
3419 /**
3420 * wpa_supplicant_driver_init - Initialize driver interface parameters
3421 * @wpa_s: Pointer to wpa_supplicant data
3422 * Returns: 0 on success, -1 on failure
3423 *
3424 * This function is called to initialize driver interface parameters.
3425 * wpa_drv_init() must have been called before this function to initialize the
3426 * driver interface.
3427 */
3428 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3429 {
3430 static int interface_count = 0;
3431
3432 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3433 return -1;
3434
3435 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3436 MAC2STR(wpa_s->own_addr));
3437 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3438 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3439
3440 if (wpa_s->bridge_ifname[0]) {
3441 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3442 "interface '%s'", wpa_s->bridge_ifname);
3443 wpa_s->l2_br = l2_packet_init_bridge(
3444 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3445 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3446 if (wpa_s->l2_br == NULL) {
3447 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3448 "connection for the bridge interface '%s'",
3449 wpa_s->bridge_ifname);
3450 return -1;
3451 }
3452 }
3453
3454 if (wpa_s->conf->ap_scan == 2 &&
3455 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3456 wpa_printf(MSG_INFO,
3457 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3458 }
3459
3460 wpa_clear_keys(wpa_s, NULL);
3461
3462 /* Make sure that TKIP countermeasures are not left enabled (could
3463 * happen if wpa_supplicant is killed during countermeasures. */
3464 wpa_drv_set_countermeasures(wpa_s, 0);
3465
3466 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3467 wpa_drv_flush_pmkid(wpa_s);
3468
3469 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3470 wpa_s->prev_scan_wildcard = 0;
3471
3472 if (wpa_supplicant_enabled_networks(wpa_s)) {
3473 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3474 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3475 interface_count = 0;
3476 }
3477 #ifndef ANDROID
3478 if (!wpa_s->p2p_mgmt &&
3479 wpa_supplicant_delayed_sched_scan(wpa_s,
3480 interface_count % 3,
3481 100000))
3482 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3483 100000);
3484 #endif /* ANDROID */
3485 interface_count++;
3486 } else
3487 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3488
3489 return 0;
3490 }
3491
3492
3493 static int wpa_supplicant_daemon(const char *pid_file)
3494 {
3495 wpa_printf(MSG_DEBUG, "Daemonize..");
3496 return os_daemonize(pid_file);
3497 }
3498
3499
3500 static struct wpa_supplicant *
3501 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3502 {
3503 struct wpa_supplicant *wpa_s;
3504
3505 wpa_s = os_zalloc(sizeof(*wpa_s));
3506 if (wpa_s == NULL)
3507 return NULL;
3508 wpa_s->scan_req = INITIAL_SCAN_REQ;
3509 wpa_s->scan_interval = 5;
3510 wpa_s->new_connection = 1;
3511 wpa_s->parent = parent ? parent : wpa_s;
3512 wpa_s->sched_scanning = 0;
3513
3514 dl_list_init(&wpa_s->bss_tmp_disallowed);
3515
3516 return wpa_s;
3517 }
3518
3519
3520 #ifdef CONFIG_HT_OVERRIDES
3521
3522 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3523 struct ieee80211_ht_capabilities *htcaps,
3524 struct ieee80211_ht_capabilities *htcaps_mask,
3525 const char *ht_mcs)
3526 {
3527 /* parse ht_mcs into hex array */
3528 int i;
3529 const char *tmp = ht_mcs;
3530 char *end = NULL;
3531
3532 /* If ht_mcs is null, do not set anything */
3533 if (!ht_mcs)
3534 return 0;
3535
3536 /* This is what we are setting in the kernel */
3537 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3538
3539 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3540
3541 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3542 errno = 0;
3543 long v = strtol(tmp, &end, 16);
3544 if (errno == 0) {
3545 wpa_msg(wpa_s, MSG_DEBUG,
3546 "htcap value[%i]: %ld end: %p tmp: %p",
3547 i, v, end, tmp);
3548 if (end == tmp)
3549 break;
3550
3551 htcaps->supported_mcs_set[i] = v;
3552 tmp = end;
3553 } else {
3554 wpa_msg(wpa_s, MSG_ERROR,
3555 "Failed to parse ht-mcs: %s, error: %s\n",
3556 ht_mcs, strerror(errno));
3557 return -1;
3558 }
3559 }
3560
3561 /*
3562 * If we were able to parse any values, then set mask for the MCS set.
3563 */
3564 if (i) {
3565 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3566 IEEE80211_HT_MCS_MASK_LEN - 1);
3567 /* skip the 3 reserved bits */
3568 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3569 0x1f;
3570 }
3571
3572 return 0;
3573 }
3574
3575
3576 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3577 struct ieee80211_ht_capabilities *htcaps,
3578 struct ieee80211_ht_capabilities *htcaps_mask,
3579 int disabled)
3580 {
3581 le16 msk;
3582
3583 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3584
3585 if (disabled == -1)
3586 return 0;
3587
3588 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3589 htcaps_mask->ht_capabilities_info |= msk;
3590 if (disabled)
3591 htcaps->ht_capabilities_info &= msk;
3592 else
3593 htcaps->ht_capabilities_info |= msk;
3594
3595 return 0;
3596 }
3597
3598
3599 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3600 struct ieee80211_ht_capabilities *htcaps,
3601 struct ieee80211_ht_capabilities *htcaps_mask,
3602 int factor)
3603 {
3604 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3605
3606 if (factor == -1)
3607 return 0;
3608
3609 if (factor < 0 || factor > 3) {
3610 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3611 "Must be 0-3 or -1", factor);
3612 return -EINVAL;
3613 }
3614
3615 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3616 htcaps->a_mpdu_params &= ~0x3;
3617 htcaps->a_mpdu_params |= factor & 0x3;
3618
3619 return 0;
3620 }
3621
3622
3623 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3624 struct ieee80211_ht_capabilities *htcaps,
3625 struct ieee80211_ht_capabilities *htcaps_mask,
3626 int density)
3627 {
3628 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3629
3630 if (density == -1)
3631 return 0;
3632
3633 if (density < 0 || density > 7) {
3634 wpa_msg(wpa_s, MSG_ERROR,
3635 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3636 density);
3637 return -EINVAL;
3638 }
3639
3640 htcaps_mask->a_mpdu_params |= 0x1C;
3641 htcaps->a_mpdu_params &= ~(0x1C);
3642 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3643
3644 return 0;
3645 }
3646
3647
3648 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3649 struct ieee80211_ht_capabilities *htcaps,
3650 struct ieee80211_ht_capabilities *htcaps_mask,
3651 int disabled)
3652 {
3653 /* Masking these out disables HT40 */
3654 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3655 HT_CAP_INFO_SHORT_GI40MHZ);
3656
3657 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3658
3659 if (disabled)
3660 htcaps->ht_capabilities_info &= ~msk;
3661 else
3662 htcaps->ht_capabilities_info |= msk;
3663
3664 htcaps_mask->ht_capabilities_info |= msk;
3665
3666 return 0;
3667 }
3668
3669
3670 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3671 struct ieee80211_ht_capabilities *htcaps,
3672 struct ieee80211_ht_capabilities *htcaps_mask,
3673 int disabled)
3674 {
3675 /* Masking these out disables SGI */
3676 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3677 HT_CAP_INFO_SHORT_GI40MHZ);
3678
3679 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3680
3681 if (disabled)
3682 htcaps->ht_capabilities_info &= ~msk;
3683 else
3684 htcaps->ht_capabilities_info |= msk;
3685
3686 htcaps_mask->ht_capabilities_info |= msk;
3687
3688 return 0;
3689 }
3690
3691
3692 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3693 struct ieee80211_ht_capabilities *htcaps,
3694 struct ieee80211_ht_capabilities *htcaps_mask,
3695 int disabled)
3696 {
3697 /* Masking these out disables LDPC */
3698 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3699
3700 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3701
3702 if (disabled)
3703 htcaps->ht_capabilities_info &= ~msk;
3704 else
3705 htcaps->ht_capabilities_info |= msk;
3706
3707 htcaps_mask->ht_capabilities_info |= msk;
3708
3709 return 0;
3710 }
3711
3712
3713 void wpa_supplicant_apply_ht_overrides(
3714 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3715 struct wpa_driver_associate_params *params)
3716 {
3717 struct ieee80211_ht_capabilities *htcaps;
3718 struct ieee80211_ht_capabilities *htcaps_mask;
3719
3720 if (!ssid)
3721 return;
3722
3723 params->disable_ht = ssid->disable_ht;
3724 if (!params->htcaps || !params->htcaps_mask)
3725 return;
3726
3727 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3728 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3729 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3730 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3731 ssid->disable_max_amsdu);
3732 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3733 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3734 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3735 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3736 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3737
3738 if (ssid->ht40_intolerant) {
3739 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3740 htcaps->ht_capabilities_info |= bit;
3741 htcaps_mask->ht_capabilities_info |= bit;
3742 }
3743 }
3744
3745 #endif /* CONFIG_HT_OVERRIDES */
3746
3747
3748 #ifdef CONFIG_VHT_OVERRIDES
3749 void wpa_supplicant_apply_vht_overrides(
3750 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3751 struct wpa_driver_associate_params *params)
3752 {
3753 struct ieee80211_vht_capabilities *vhtcaps;
3754 struct ieee80211_vht_capabilities *vhtcaps_mask;
3755
3756 if (!ssid)
3757 return;
3758
3759 params->disable_vht = ssid->disable_vht;
3760
3761 vhtcaps = (void *) params->vhtcaps;
3762 vhtcaps_mask = (void *) params->vhtcaps_mask;
3763
3764 if (!vhtcaps || !vhtcaps_mask)
3765 return;
3766
3767 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3768 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3769
3770 #ifdef CONFIG_HT_OVERRIDES
3771 /* if max ampdu is <= 3, we have to make the HT cap the same */
3772 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3773 int max_ampdu;
3774
3775 max_ampdu = (ssid->vht_capa &
3776 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3777 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3778
3779 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3780 wpa_set_ampdu_factor(wpa_s,
3781 (void *) params->htcaps,
3782 (void *) params->htcaps_mask,
3783 max_ampdu);
3784 }
3785 #endif /* CONFIG_HT_OVERRIDES */
3786
3787 #define OVERRIDE_MCS(i) \
3788 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3789 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3790 3 << 2 * (i - 1); \
3791 vhtcaps->vht_supported_mcs_set.tx_map |= \
3792 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3793 } \
3794 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3795 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3796 3 << 2 * (i - 1); \
3797 vhtcaps->vht_supported_mcs_set.rx_map |= \
3798 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3799 }
3800
3801 OVERRIDE_MCS(1);
3802 OVERRIDE_MCS(2);
3803 OVERRIDE_MCS(3);
3804 OVERRIDE_MCS(4);
3805 OVERRIDE_MCS(5);
3806 OVERRIDE_MCS(6);
3807 OVERRIDE_MCS(7);
3808 OVERRIDE_MCS(8);
3809 }
3810 #endif /* CONFIG_VHT_OVERRIDES */
3811
3812
3813 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3814 {
3815 #ifdef PCSC_FUNCS
3816 size_t len;
3817
3818 if (!wpa_s->conf->pcsc_reader)
3819 return 0;
3820
3821 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3822 if (!wpa_s->scard)
3823 return 1;
3824
3825 if (wpa_s->conf->pcsc_pin &&
3826 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3827 scard_deinit(wpa_s->scard);
3828 wpa_s->scard = NULL;
3829 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3830 return -1;
3831 }
3832
3833 len = sizeof(wpa_s->imsi) - 1;
3834 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3835 scard_deinit(wpa_s->scard);
3836 wpa_s->scard = NULL;
3837 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3838 return -1;
3839 }
3840 wpa_s->imsi[len] = '\0';
3841
3842 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3843
3844 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3845 wpa_s->imsi, wpa_s->mnc_len);
3846
3847 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3848 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3849 #endif /* PCSC_FUNCS */
3850
3851 return 0;
3852 }
3853
3854
3855 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3856 {
3857 char *val, *pos;
3858
3859 ext_password_deinit(wpa_s->ext_pw);
3860 wpa_s->ext_pw = NULL;
3861 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3862
3863 if (!wpa_s->conf->ext_password_backend)
3864 return 0;
3865
3866 val = os_strdup(wpa_s->conf->ext_password_backend);
3867 if (val == NULL)
3868 return -1;
3869 pos = os_strchr(val, ':');
3870 if (pos)
3871 *pos++ = '\0';
3872
3873 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3874
3875 wpa_s->ext_pw = ext_password_init(val, pos);
3876 os_free(val);
3877 if (wpa_s->ext_pw == NULL) {
3878 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3879 return -1;
3880 }
3881 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3882
3883 return 0;
3884 }
3885
3886
3887 #ifdef CONFIG_FST
3888
3889 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
3890 {
3891 struct wpa_supplicant *wpa_s = ctx;
3892
3893 return (is_zero_ether_addr(wpa_s->bssid) ||
3894 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
3895 }
3896
3897
3898 static void wpas_fst_get_channel_info_cb(void *ctx,
3899 enum hostapd_hw_mode *hw_mode,
3900 u8 *channel)
3901 {
3902 struct wpa_supplicant *wpa_s = ctx;
3903
3904 if (wpa_s->current_bss) {
3905 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
3906 channel);
3907 } else if (wpa_s->hw.num_modes) {
3908 *hw_mode = wpa_s->hw.modes[0].mode;
3909 } else {
3910 WPA_ASSERT(0);
3911 *hw_mode = 0;
3912 }
3913 }
3914
3915
3916 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
3917 {
3918 struct wpa_supplicant *wpa_s = ctx;
3919
3920 *modes = wpa_s->hw.modes;
3921 return wpa_s->hw.num_modes;
3922 }
3923
3924
3925 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
3926 {
3927 struct wpa_supplicant *wpa_s = ctx;
3928
3929 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
3930 wpa_s->fst_ies = fst_ies;
3931 }
3932
3933
3934 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
3935 {
3936 struct wpa_supplicant *wpa_s = ctx;
3937
3938 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
3939 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
3940 wpa_s->own_addr, wpa_s->bssid,
3941 wpabuf_head(data), wpabuf_len(data),
3942 0);
3943 }
3944
3945
3946 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
3947 {
3948 struct wpa_supplicant *wpa_s = ctx;
3949
3950 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3951 return wpa_s->received_mb_ies;
3952 }
3953
3954
3955 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
3956 const u8 *buf, size_t size)
3957 {
3958 struct wpa_supplicant *wpa_s = ctx;
3959 struct mb_ies_info info;
3960
3961 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3962
3963 if (!mb_ies_info_by_ies(&info, buf, size)) {
3964 wpabuf_free(wpa_s->received_mb_ies);
3965 wpa_s->received_mb_ies = mb_ies_by_info(&info);
3966 }
3967 }
3968
3969
3970 const u8 * wpas_fst_get_peer_first(void *ctx, struct fst_get_peer_ctx **get_ctx,
3971 Boolean mb_only)
3972 {
3973 struct wpa_supplicant *wpa_s = ctx;
3974
3975 *get_ctx = NULL;
3976 if (!is_zero_ether_addr(wpa_s->bssid))
3977 return (wpa_s->received_mb_ies || !mb_only) ?
3978 wpa_s->bssid : NULL;
3979 return NULL;
3980 }
3981
3982
3983 const u8 * wpas_fst_get_peer_next(void *ctx, struct fst_get_peer_ctx **get_ctx,
3984 Boolean mb_only)
3985 {
3986 return NULL;
3987 }
3988
3989 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
3990 struct fst_wpa_obj *iface_obj)
3991 {
3992 iface_obj->ctx = wpa_s;
3993 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
3994 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
3995 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
3996 iface_obj->set_ies = wpas_fst_set_ies_cb;
3997 iface_obj->send_action = wpas_fst_send_action_cb;
3998 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
3999 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4000 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4001 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4002 }
4003 #endif /* CONFIG_FST */
4004
4005 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4006 const struct wpa_driver_capa *capa)
4007 {
4008 struct wowlan_triggers *triggers;
4009 int ret = 0;
4010
4011 if (!wpa_s->conf->wowlan_triggers)
4012 return 0;
4013
4014 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4015 if (triggers) {
4016 ret = wpa_drv_wowlan(wpa_s, triggers);
4017 os_free(triggers);
4018 }
4019 return ret;
4020 }
4021
4022
4023 static enum wpa_radio_work_band wpas_freq_to_band(int freq)
4024 {
4025 if (freq < 3000)
4026 return BAND_2_4_GHZ;
4027 if (freq > 50000)
4028 return BAND_60_GHZ;
4029 return BAND_5_GHZ;
4030 }
4031
4032
4033 static unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s,
4034 const int *freqs)
4035 {
4036 int i;
4037 unsigned int band = 0;
4038
4039 if (freqs) {
4040 /* freqs are specified for the radio work */
4041 for (i = 0; freqs[i]; i++)
4042 band |= wpas_freq_to_band(freqs[i]);
4043 } else {
4044 /*
4045 * freqs are not specified, implies all
4046 * the supported freqs by HW
4047 */
4048 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4049 if (wpa_s->hw.modes[i].num_channels != 0) {
4050 if (wpa_s->hw.modes[i].mode ==
4051 HOSTAPD_MODE_IEEE80211B ||
4052 wpa_s->hw.modes[i].mode ==
4053 HOSTAPD_MODE_IEEE80211G)
4054 band |= BAND_2_4_GHZ;
4055 else if (wpa_s->hw.modes[i].mode ==
4056 HOSTAPD_MODE_IEEE80211A)
4057 band |= BAND_5_GHZ;
4058 else if (wpa_s->hw.modes[i].mode ==
4059 HOSTAPD_MODE_IEEE80211AD)
4060 band |= BAND_60_GHZ;
4061 else if (wpa_s->hw.modes[i].mode ==
4062 HOSTAPD_MODE_IEEE80211ANY)
4063 band = BAND_2_4_GHZ | BAND_5_GHZ |
4064 BAND_60_GHZ;
4065 }
4066 }
4067 }
4068
4069 return band;
4070 }
4071
4072
4073 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4074 const char *rn)
4075 {
4076 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4077 struct wpa_radio *radio;
4078
4079 while (rn && iface) {
4080 radio = iface->radio;
4081 if (radio && os_strcmp(rn, radio->name) == 0) {
4082 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4083 wpa_s->ifname, rn);
4084 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4085 return radio;
4086 }
4087
4088 iface = iface->next;
4089 }
4090
4091 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4092 wpa_s->ifname, rn ? rn : "N/A");
4093 radio = os_zalloc(sizeof(*radio));
4094 if (radio == NULL)
4095 return NULL;
4096
4097 if (rn)
4098 os_strlcpy(radio->name, rn, sizeof(radio->name));
4099 dl_list_init(&radio->ifaces);
4100 dl_list_init(&radio->work);
4101 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4102
4103 return radio;
4104 }
4105
4106
4107 static void radio_work_free(struct wpa_radio_work *work)
4108 {
4109 if (work->wpa_s->scan_work == work) {
4110 /* This should not really happen. */
4111 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4112 work->type, work, work->started);
4113 work->wpa_s->scan_work = NULL;
4114 }
4115
4116 #ifdef CONFIG_P2P
4117 if (work->wpa_s->p2p_scan_work == work) {
4118 /* This should not really happen. */
4119 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4120 work->type, work, work->started);
4121 work->wpa_s->p2p_scan_work = NULL;
4122 }
4123 #endif /* CONFIG_P2P */
4124
4125 if (work->started) {
4126 work->wpa_s->radio->num_active_works--;
4127 wpa_dbg(work->wpa_s, MSG_DEBUG,
4128 "radio_work_free('%s'@%p: num_active_works --> %u",
4129 work->type, work,
4130 work->wpa_s->radio->num_active_works);
4131 }
4132
4133 dl_list_del(&work->list);
4134 os_free(work);
4135 }
4136
4137
4138 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4139 {
4140 struct wpa_radio_work *active_work = NULL;
4141 struct wpa_radio_work *tmp;
4142
4143 /* Get the active work to know the type and band. */
4144 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4145 if (tmp->started) {
4146 active_work = tmp;
4147 break;
4148 }
4149 }
4150
4151 if (!active_work) {
4152 /* No active work, start one */
4153 radio->num_active_works = 0;
4154 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4155 list) {
4156 if (os_strcmp(tmp->type, "scan") == 0 &&
4157 radio->external_scan_running &&
4158 (((struct wpa_driver_scan_params *)
4159 tmp->ctx)->only_new_results ||
4160 tmp->wpa_s->clear_driver_scan_cache))
4161 continue;
4162 return tmp;
4163 }
4164 return NULL;
4165 }
4166
4167 if (os_strcmp(active_work->type, "sme-connect") == 0 ||
4168 os_strcmp(active_work->type, "connect") == 0) {
4169 /*
4170 * If the active work is either connect or sme-connect,
4171 * do not parallelize them with other radio works.
4172 */
4173 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4174 "Do not parallelize radio work with %s",
4175 active_work->type);
4176 return NULL;
4177 }
4178
4179 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4180 if (tmp->started)
4181 continue;
4182
4183 /*
4184 * If connect or sme-connect are enqueued, parallelize only
4185 * those operations ahead of them in the queue.
4186 */
4187 if (os_strcmp(tmp->type, "connect") == 0 ||
4188 os_strcmp(tmp->type, "sme-connect") == 0)
4189 break;
4190
4191 /*
4192 * Check that the radio works are distinct and
4193 * on different bands.
4194 */
4195 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4196 (active_work->bands != tmp->bands)) {
4197 /*
4198 * If a scan has to be scheduled through nl80211 scan
4199 * interface and if an external scan is already running,
4200 * do not schedule the scan since it is likely to get
4201 * rejected by kernel.
4202 */
4203 if (os_strcmp(tmp->type, "scan") == 0 &&
4204 radio->external_scan_running &&
4205 (((struct wpa_driver_scan_params *)
4206 tmp->ctx)->only_new_results ||
4207 tmp->wpa_s->clear_driver_scan_cache))
4208 continue;
4209
4210 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4211 "active_work:%s new_work:%s",
4212 active_work->type, tmp->type);
4213 return tmp;
4214 }
4215 }
4216
4217 /* Did not find a radio work to schedule in parallel. */
4218 return NULL;
4219 }
4220
4221
4222 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4223 {
4224 struct wpa_radio *radio = eloop_ctx;
4225 struct wpa_radio_work *work;
4226 struct os_reltime now, diff;
4227 struct wpa_supplicant *wpa_s;
4228
4229 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4230 if (work == NULL) {
4231 radio->num_active_works = 0;
4232 return;
4233 }
4234
4235 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4236 radio_list);
4237
4238 if (!(wpa_s &&
4239 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4240 if (work->started)
4241 return; /* already started and still in progress */
4242
4243 if (wpa_s && wpa_s->radio->external_scan_running) {
4244 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4245 return;
4246 }
4247 } else {
4248 work = NULL;
4249 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4250 /* get the work to schedule next */
4251 work = radio_work_get_next_work(radio);
4252 }
4253 if (!work)
4254 return;
4255 }
4256
4257 wpa_s = work->wpa_s;
4258 os_get_reltime(&now);
4259 os_reltime_sub(&now, &work->time, &diff);
4260 wpa_dbg(wpa_s, MSG_DEBUG,
4261 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4262 work->type, work, diff.sec, diff.usec);
4263 work->started = 1;
4264 work->time = now;
4265 radio->num_active_works++;
4266
4267 work->cb(work, 0);
4268
4269 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4270 radio->num_active_works < MAX_ACTIVE_WORKS)
4271 radio_work_check_next(wpa_s);
4272 }
4273
4274
4275 /*
4276 * This function removes both started and pending radio works running on
4277 * the provided interface's radio.
4278 * Prior to the removal of the radio work, its callback (cb) is called with
4279 * deinit set to be 1. Each work's callback is responsible for clearing its
4280 * internal data and restoring to a correct state.
4281 * @wpa_s: wpa_supplicant data
4282 * @type: type of works to be removed
4283 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4284 * this interface's works.
4285 */
4286 void radio_remove_works(struct wpa_supplicant *wpa_s,
4287 const char *type, int remove_all)
4288 {
4289 struct wpa_radio_work *work, *tmp;
4290 struct wpa_radio *radio = wpa_s->radio;
4291
4292 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4293 list) {
4294 if (type && os_strcmp(type, work->type) != 0)
4295 continue;
4296
4297 /* skip other ifaces' works */
4298 if (!remove_all && work->wpa_s != wpa_s)
4299 continue;
4300
4301 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4302 work->type, work, work->started ? " (started)" : "");
4303 work->cb(work, 1);
4304 radio_work_free(work);
4305 }
4306
4307 /* in case we removed the started work */
4308 radio_work_check_next(wpa_s);
4309 }
4310
4311
4312 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4313 {
4314 struct wpa_radio *radio = wpa_s->radio;
4315
4316 if (!radio)
4317 return;
4318
4319 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4320 wpa_s->ifname, radio->name);
4321 dl_list_del(&wpa_s->radio_list);
4322 radio_remove_works(wpa_s, NULL, 0);
4323 wpa_s->radio = NULL;
4324 if (!dl_list_empty(&radio->ifaces))
4325 return; /* Interfaces remain for this radio */
4326
4327 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4328 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4329 os_free(radio);
4330 }
4331
4332
4333 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4334 {
4335 struct wpa_radio *radio = wpa_s->radio;
4336
4337 if (dl_list_empty(&radio->work))
4338 return;
4339 if (wpa_s->ext_work_in_progress) {
4340 wpa_printf(MSG_DEBUG,
4341 "External radio work in progress - delay start of pending item");
4342 return;
4343 }
4344 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4345 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4346 }
4347
4348
4349 /**
4350 * radio_add_work - Add a radio work item
4351 * @wpa_s: Pointer to wpa_supplicant data
4352 * @freq: Frequency of the offchannel operation in MHz or 0
4353 * @type: Unique identifier for each type of work
4354 * @next: Force as the next work to be executed
4355 * @cb: Callback function for indicating when radio is available
4356 * @ctx: Context pointer for the work (work->ctx in cb())
4357 * Returns: 0 on success, -1 on failure
4358 *
4359 * This function is used to request time for an operation that requires
4360 * exclusive radio control. Once the radio is available, the registered callback
4361 * function will be called. radio_work_done() must be called once the exclusive
4362 * radio operation has been completed, so that the radio is freed for other
4363 * operations. The special case of deinit=1 is used to free the context data
4364 * during interface removal. That does not allow the callback function to start
4365 * the radio operation, i.e., it must free any resources allocated for the radio
4366 * work and return.
4367 *
4368 * The @freq parameter can be used to indicate a single channel on which the
4369 * offchannel operation will occur. This may allow multiple radio work
4370 * operations to be performed in parallel if they apply for the same channel.
4371 * Setting this to 0 indicates that the work item may use multiple channels or
4372 * requires exclusive control of the radio.
4373 */
4374 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4375 const char *type, int next,
4376 void (*cb)(struct wpa_radio_work *work, int deinit),
4377 void *ctx)
4378 {
4379 struct wpa_radio *radio = wpa_s->radio;
4380 struct wpa_radio_work *work;
4381 int was_empty;
4382
4383 work = os_zalloc(sizeof(*work));
4384 if (work == NULL)
4385 return -1;
4386 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4387 os_get_reltime(&work->time);
4388 work->freq = freq;
4389 work->type = type;
4390 work->wpa_s = wpa_s;
4391 work->cb = cb;
4392 work->ctx = ctx;
4393
4394 if (freq)
4395 work->bands = wpas_freq_to_band(freq);
4396 else if (os_strcmp(type, "scan") == 0 ||
4397 os_strcmp(type, "p2p-scan") == 0)
4398 work->bands = wpas_get_bands(wpa_s,
4399 ((struct wpa_driver_scan_params *)
4400 ctx)->freqs);
4401 else
4402 work->bands = wpas_get_bands(wpa_s, NULL);
4403
4404 was_empty = dl_list_empty(&wpa_s->radio->work);
4405 if (next)
4406 dl_list_add(&wpa_s->radio->work, &work->list);
4407 else
4408 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4409 if (was_empty) {
4410 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4411 radio_work_check_next(wpa_s);
4412 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4413 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4414 wpa_dbg(wpa_s, MSG_DEBUG,
4415 "Try to schedule a radio work (num_active_works=%u)",
4416 radio->num_active_works);
4417 radio_work_check_next(wpa_s);
4418 }
4419
4420 return 0;
4421 }
4422
4423
4424 /**
4425 * radio_work_done - Indicate that a radio work item has been completed
4426 * @work: Completed work
4427 *
4428 * This function is called once the callback function registered with
4429 * radio_add_work() has completed its work.
4430 */
4431 void radio_work_done(struct wpa_radio_work *work)
4432 {
4433 struct wpa_supplicant *wpa_s = work->wpa_s;
4434 struct os_reltime now, diff;
4435 unsigned int started = work->started;
4436
4437 os_get_reltime(&now);
4438 os_reltime_sub(&now, &work->time, &diff);
4439 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4440 work->type, work, started ? "done" : "canceled",
4441 diff.sec, diff.usec);
4442 radio_work_free(work);
4443 if (started)
4444 radio_work_check_next(wpa_s);
4445 }
4446
4447
4448 struct wpa_radio_work *
4449 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4450 {
4451 struct wpa_radio_work *work;
4452 struct wpa_radio *radio = wpa_s->radio;
4453
4454 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4455 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4456 return work;
4457 }
4458
4459 return NULL;
4460 }
4461
4462
4463 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4464 struct wpa_interface *iface)
4465 {
4466 const char *ifname, *driver, *rn;
4467
4468 driver = iface->driver;
4469 next_driver:
4470 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4471 return -1;
4472
4473 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4474 if (wpa_s->drv_priv == NULL) {
4475 const char *pos;
4476 pos = driver ? os_strchr(driver, ',') : NULL;
4477 if (pos) {
4478 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4479 "driver interface - try next driver wrapper");
4480 driver = pos + 1;
4481 goto next_driver;
4482 }
4483 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4484 "interface");
4485 return -1;
4486 }
4487 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4488 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4489 "driver_param '%s'", wpa_s->conf->driver_param);
4490 return -1;
4491 }
4492
4493 ifname = wpa_drv_get_ifname(wpa_s);
4494 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4495 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4496 "interface name with '%s'", ifname);
4497 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4498 }
4499
4500 rn = wpa_driver_get_radio_name(wpa_s);
4501 if (rn && rn[0] == '\0')
4502 rn = NULL;
4503
4504 wpa_s->radio = radio_add_interface(wpa_s, rn);
4505 if (wpa_s->radio == NULL)
4506 return -1;
4507
4508 return 0;
4509 }
4510
4511
4512 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4513 struct wpa_interface *iface)
4514 {
4515 struct wpa_driver_capa capa;
4516 int capa_res;
4517
4518 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4519 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4520 iface->confname ? iface->confname : "N/A",
4521 iface->driver ? iface->driver : "default",
4522 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4523 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4524
4525 if (iface->confname) {
4526 #ifdef CONFIG_BACKEND_FILE
4527 wpa_s->confname = os_rel2abs_path(iface->confname);
4528 if (wpa_s->confname == NULL) {
4529 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4530 "for configuration file '%s'.",
4531 iface->confname);
4532 return -1;
4533 }
4534 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4535 iface->confname, wpa_s->confname);
4536 #else /* CONFIG_BACKEND_FILE */
4537 wpa_s->confname = os_strdup(iface->confname);
4538 #endif /* CONFIG_BACKEND_FILE */
4539 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4540 if (wpa_s->conf == NULL) {
4541 wpa_printf(MSG_ERROR, "Failed to read or parse "
4542 "configuration '%s'.", wpa_s->confname);
4543 return -1;
4544 }
4545 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4546 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4547
4548 /*
4549 * Override ctrl_interface and driver_param if set on command
4550 * line.
4551 */
4552 if (iface->ctrl_interface) {
4553 os_free(wpa_s->conf->ctrl_interface);
4554 wpa_s->conf->ctrl_interface =
4555 os_strdup(iface->ctrl_interface);
4556 }
4557
4558 if (iface->driver_param) {
4559 os_free(wpa_s->conf->driver_param);
4560 wpa_s->conf->driver_param =
4561 os_strdup(iface->driver_param);
4562 }
4563
4564 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4565 os_free(wpa_s->conf->ctrl_interface);
4566 wpa_s->conf->ctrl_interface = NULL;
4567 }
4568 } else
4569 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4570 iface->driver_param);
4571
4572 if (wpa_s->conf == NULL) {
4573 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4574 return -1;
4575 }
4576
4577 if (iface->ifname == NULL) {
4578 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4579 return -1;
4580 }
4581 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4582 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4583 iface->ifname);
4584 return -1;
4585 }
4586 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4587
4588 if (iface->bridge_ifname) {
4589 if (os_strlen(iface->bridge_ifname) >=
4590 sizeof(wpa_s->bridge_ifname)) {
4591 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4592 "name '%s'.", iface->bridge_ifname);
4593 return -1;
4594 }
4595 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4596 sizeof(wpa_s->bridge_ifname));
4597 }
4598
4599 /* RSNA Supplicant Key Management - INITIALIZE */
4600 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4601 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4602
4603 /* Initialize driver interface and register driver event handler before
4604 * L2 receive handler so that association events are processed before
4605 * EAPOL-Key packets if both become available for the same select()
4606 * call. */
4607 if (wpas_init_driver(wpa_s, iface) < 0)
4608 return -1;
4609
4610 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4611 return -1;
4612
4613 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4614 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4615 NULL);
4616 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4617
4618 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4619 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4620 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4621 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4622 "dot11RSNAConfigPMKLifetime");
4623 return -1;
4624 }
4625
4626 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4627 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4628 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4629 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4630 "dot11RSNAConfigPMKReauthThreshold");
4631 return -1;
4632 }
4633
4634 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4635 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4636 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4637 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4638 "dot11RSNAConfigSATimeout");
4639 return -1;
4640 }
4641
4642 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4643 &wpa_s->hw.num_modes,
4644 &wpa_s->hw.flags);
4645 if (wpa_s->hw.modes) {
4646 u16 i;
4647
4648 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4649 if (wpa_s->hw.modes[i].vht_capab) {
4650 wpa_s->hw_capab = CAPAB_VHT;
4651 break;
4652 }
4653
4654 if (wpa_s->hw.modes[i].ht_capab &
4655 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4656 wpa_s->hw_capab = CAPAB_HT40;
4657 else if (wpa_s->hw.modes[i].ht_capab &&
4658 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4659 wpa_s->hw_capab = CAPAB_HT;
4660 }
4661 }
4662
4663 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4664 if (capa_res == 0) {
4665 wpa_s->drv_capa_known = 1;
4666 wpa_s->drv_flags = capa.flags;
4667 wpa_s->drv_enc = capa.enc;
4668 wpa_s->drv_smps_modes = capa.smps_modes;
4669 wpa_s->drv_rrm_flags = capa.rrm_flags;
4670 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4671 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4672 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4673 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
4674 wpa_s->max_sched_scan_plan_interval =
4675 capa.max_sched_scan_plan_interval;
4676 wpa_s->max_sched_scan_plan_iterations =
4677 capa.max_sched_scan_plan_iterations;
4678 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4679 wpa_s->max_match_sets = capa.max_match_sets;
4680 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4681 wpa_s->max_stations = capa.max_stations;
4682 wpa_s->extended_capa = capa.extended_capa;
4683 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4684 wpa_s->extended_capa_len = capa.extended_capa_len;
4685 wpa_s->num_multichan_concurrent =
4686 capa.num_multichan_concurrent;
4687 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4688
4689 if (capa.mac_addr_rand_scan_supported)
4690 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4691 if (wpa_s->sched_scan_supported &&
4692 capa.mac_addr_rand_sched_scan_supported)
4693 wpa_s->mac_addr_rand_supported |=
4694 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4695 }
4696 if (wpa_s->max_remain_on_chan == 0)
4697 wpa_s->max_remain_on_chan = 1000;
4698
4699 /*
4700 * Only take p2p_mgmt parameters when P2P Device is supported.
4701 * Doing it here as it determines whether l2_packet_init() will be done
4702 * during wpa_supplicant_driver_init().
4703 */
4704 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4705 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4706 else
4707 iface->p2p_mgmt = 1;
4708
4709 if (wpa_s->num_multichan_concurrent == 0)
4710 wpa_s->num_multichan_concurrent = 1;
4711
4712 if (wpa_supplicant_driver_init(wpa_s) < 0)
4713 return -1;
4714
4715 #ifdef CONFIG_TDLS
4716 if ((!iface->p2p_mgmt ||
4717 !(wpa_s->drv_flags &
4718 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4719 wpa_tdls_init(wpa_s->wpa))
4720 return -1;
4721 #endif /* CONFIG_TDLS */
4722
4723 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4724 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4725 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4726 return -1;
4727 }
4728
4729 #ifdef CONFIG_FST
4730 if (wpa_s->conf->fst_group_id) {
4731 struct fst_iface_cfg cfg;
4732 struct fst_wpa_obj iface_obj;
4733
4734 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4735 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4736 sizeof(cfg.group_id));
4737 cfg.priority = wpa_s->conf->fst_priority;
4738 cfg.llt = wpa_s->conf->fst_llt;
4739
4740 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4741 &iface_obj, &cfg);
4742 if (!wpa_s->fst) {
4743 wpa_msg(wpa_s, MSG_ERROR,
4744 "FST: Cannot attach iface %s to group %s",
4745 wpa_s->ifname, cfg.group_id);
4746 return -1;
4747 }
4748 }
4749 #endif /* CONFIG_FST */
4750
4751 if (wpas_wps_init(wpa_s))
4752 return -1;
4753
4754 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4755 return -1;
4756 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4757
4758 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4759 if (wpa_s->ctrl_iface == NULL) {
4760 wpa_printf(MSG_ERROR,
4761 "Failed to initialize control interface '%s'.\n"
4762 "You may have another wpa_supplicant process "
4763 "already running or the file was\n"
4764 "left by an unclean termination of wpa_supplicant "
4765 "in which case you will need\n"
4766 "to manually remove this file before starting "
4767 "wpa_supplicant again.\n",
4768 wpa_s->conf->ctrl_interface);
4769 return -1;
4770 }
4771
4772 wpa_s->gas = gas_query_init(wpa_s);
4773 if (wpa_s->gas == NULL) {
4774 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4775 return -1;
4776 }
4777
4778 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4779 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4780 return -1;
4781 }
4782
4783 if (wpa_bss_init(wpa_s) < 0)
4784 return -1;
4785
4786 /*
4787 * Set Wake-on-WLAN triggers, if configured.
4788 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4789 * have effect anyway when the interface is down).
4790 */
4791 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4792 return -1;
4793
4794 #ifdef CONFIG_EAP_PROXY
4795 {
4796 size_t len;
4797 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4798 &len);
4799 if (wpa_s->mnc_len > 0) {
4800 wpa_s->imsi[len] = '\0';
4801 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4802 wpa_s->imsi, wpa_s->mnc_len);
4803 } else {
4804 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4805 }
4806 }
4807 #endif /* CONFIG_EAP_PROXY */
4808
4809 if (pcsc_reader_init(wpa_s) < 0)
4810 return -1;
4811
4812 if (wpas_init_ext_pw(wpa_s) < 0)
4813 return -1;
4814
4815 wpas_rrm_reset(wpa_s);
4816
4817 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
4818
4819 #ifdef CONFIG_HS20
4820 hs20_init(wpa_s);
4821 #endif /* CONFIG_HS20 */
4822 #ifdef CONFIG_MBO
4823 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
4824 #endif /* CONFIG_MBO */
4825
4826 return 0;
4827 }
4828
4829
4830 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4831 int notify, int terminate)
4832 {
4833 struct wpa_global *global = wpa_s->global;
4834 struct wpa_supplicant *iface, *prev;
4835
4836 if (wpa_s == wpa_s->parent)
4837 wpas_p2p_group_remove(wpa_s, "*");
4838
4839 iface = global->ifaces;
4840 while (iface) {
4841 if (iface == wpa_s || iface->parent != wpa_s) {
4842 iface = iface->next;
4843 continue;
4844 }
4845 wpa_printf(MSG_DEBUG,
4846 "Remove remaining child interface %s from parent %s",
4847 iface->ifname, wpa_s->ifname);
4848 prev = iface;
4849 iface = iface->next;
4850 wpa_supplicant_remove_iface(global, prev, terminate);
4851 }
4852
4853 wpa_s->disconnected = 1;
4854 if (wpa_s->drv_priv) {
4855 wpa_supplicant_deauthenticate(wpa_s,
4856 WLAN_REASON_DEAUTH_LEAVING);
4857
4858 wpa_drv_set_countermeasures(wpa_s, 0);
4859 wpa_clear_keys(wpa_s, NULL);
4860 }
4861
4862 wpa_supplicant_cleanup(wpa_s);
4863 wpas_p2p_deinit_iface(wpa_s);
4864
4865 wpas_ctrl_radio_work_flush(wpa_s);
4866 radio_remove_interface(wpa_s);
4867
4868 #ifdef CONFIG_FST
4869 if (wpa_s->fst) {
4870 fst_detach(wpa_s->fst);
4871 wpa_s->fst = NULL;
4872 }
4873 if (wpa_s->received_mb_ies) {
4874 wpabuf_free(wpa_s->received_mb_ies);
4875 wpa_s->received_mb_ies = NULL;
4876 }
4877 #endif /* CONFIG_FST */
4878
4879 if (wpa_s->drv_priv)
4880 wpa_drv_deinit(wpa_s);
4881
4882 if (notify)
4883 wpas_notify_iface_removed(wpa_s);
4884
4885 if (terminate)
4886 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4887
4888 if (wpa_s->ctrl_iface) {
4889 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4890 wpa_s->ctrl_iface = NULL;
4891 }
4892
4893 #ifdef CONFIG_MESH
4894 if (wpa_s->ifmsh) {
4895 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4896 wpa_s->ifmsh = NULL;
4897 }
4898 #endif /* CONFIG_MESH */
4899
4900 if (wpa_s->conf != NULL) {
4901 wpa_config_free(wpa_s->conf);
4902 wpa_s->conf = NULL;
4903 }
4904
4905 os_free(wpa_s->ssids_from_scan_req);
4906
4907 os_free(wpa_s);
4908 }
4909
4910
4911 /**
4912 * wpa_supplicant_add_iface - Add a new network interface
4913 * @global: Pointer to global data from wpa_supplicant_init()
4914 * @iface: Interface configuration options
4915 * @parent: Parent interface or %NULL to assign new interface as parent
4916 * Returns: Pointer to the created interface or %NULL on failure
4917 *
4918 * This function is used to add new network interfaces for %wpa_supplicant.
4919 * This can be called before wpa_supplicant_run() to add interfaces before the
4920 * main event loop has been started. In addition, new interfaces can be added
4921 * dynamically while %wpa_supplicant is already running. This could happen,
4922 * e.g., when a hotplug network adapter is inserted.
4923 */
4924 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
4925 struct wpa_interface *iface,
4926 struct wpa_supplicant *parent)
4927 {
4928 struct wpa_supplicant *wpa_s;
4929 struct wpa_interface t_iface;
4930 struct wpa_ssid *ssid;
4931
4932 if (global == NULL || iface == NULL)
4933 return NULL;
4934
4935 wpa_s = wpa_supplicant_alloc(parent);
4936 if (wpa_s == NULL)
4937 return NULL;
4938
4939 wpa_s->global = global;
4940
4941 t_iface = *iface;
4942 if (global->params.override_driver) {
4943 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
4944 "('%s' -> '%s')",
4945 iface->driver, global->params.override_driver);
4946 t_iface.driver = global->params.override_driver;
4947 }
4948 if (global->params.override_ctrl_interface) {
4949 wpa_printf(MSG_DEBUG, "Override interface parameter: "
4950 "ctrl_interface ('%s' -> '%s')",
4951 iface->ctrl_interface,
4952 global->params.override_ctrl_interface);
4953 t_iface.ctrl_interface =
4954 global->params.override_ctrl_interface;
4955 }
4956 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
4957 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
4958 iface->ifname);
4959 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
4960 return NULL;
4961 }
4962
4963 if (iface->p2p_mgmt == 0) {
4964 /* Notify the control interfaces about new iface */
4965 if (wpas_notify_iface_added(wpa_s)) {
4966 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
4967 return NULL;
4968 }
4969
4970 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4971 wpas_notify_network_added(wpa_s, ssid);
4972 }
4973
4974 wpa_s->next = global->ifaces;
4975 global->ifaces = wpa_s;
4976
4977 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
4978 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4979
4980 #ifdef CONFIG_P2P
4981 if (wpa_s->global->p2p == NULL &&
4982 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
4983 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
4984 wpas_p2p_add_p2pdev_interface(
4985 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
4986 wpa_printf(MSG_INFO,
4987 "P2P: Failed to enable P2P Device interface");
4988 /* Try to continue without. P2P will be disabled. */
4989 }
4990 #endif /* CONFIG_P2P */
4991
4992 return wpa_s;
4993 }
4994
4995
4996 /**
4997 * wpa_supplicant_remove_iface - Remove a network interface
4998 * @global: Pointer to global data from wpa_supplicant_init()
4999 * @wpa_s: Pointer to the network interface to be removed
5000 * Returns: 0 if interface was removed, -1 if interface was not found
5001 *
5002 * This function can be used to dynamically remove network interfaces from
5003 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5004 * addition, this function is used to remove all remaining interfaces when
5005 * %wpa_supplicant is terminated.
5006 */
5007 int wpa_supplicant_remove_iface(struct wpa_global *global,
5008 struct wpa_supplicant *wpa_s,
5009 int terminate)
5010 {
5011 struct wpa_supplicant *prev;
5012 #ifdef CONFIG_MESH
5013 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5014 char *ifname = NULL;
5015 #endif /* CONFIG_MESH */
5016
5017 /* Remove interface from the global list of interfaces */
5018 prev = global->ifaces;
5019 if (prev == wpa_s) {
5020 global->ifaces = wpa_s->next;
5021 } else {
5022 while (prev && prev->next != wpa_s)
5023 prev = prev->next;
5024 if (prev == NULL)
5025 return -1;
5026 prev->next = wpa_s->next;
5027 }
5028
5029 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5030
5031 #ifdef CONFIG_MESH
5032 if (mesh_if_created) {
5033 ifname = os_strdup(wpa_s->ifname);
5034 if (ifname == NULL) {
5035 wpa_dbg(wpa_s, MSG_ERROR,
5036 "mesh: Failed to malloc ifname");
5037 return -1;
5038 }
5039 }
5040 #endif /* CONFIG_MESH */
5041
5042 if (global->p2p_group_formation == wpa_s)
5043 global->p2p_group_formation = NULL;
5044 if (global->p2p_invite_group == wpa_s)
5045 global->p2p_invite_group = NULL;
5046 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5047
5048 #ifdef CONFIG_MESH
5049 if (mesh_if_created) {
5050 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
5051 os_free(ifname);
5052 }
5053 #endif /* CONFIG_MESH */
5054
5055 return 0;
5056 }
5057
5058
5059 /**
5060 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5061 * @wpa_s: Pointer to the network interface
5062 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5063 */
5064 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5065 {
5066 const char *eapol_method;
5067
5068 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5069 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5070 return "NO-EAP";
5071 }
5072
5073 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5074 if (eapol_method == NULL)
5075 return "UNKNOWN-EAP";
5076
5077 return eapol_method;
5078 }
5079
5080
5081 /**
5082 * wpa_supplicant_get_iface - Get a new network interface
5083 * @global: Pointer to global data from wpa_supplicant_init()
5084 * @ifname: Interface name
5085 * Returns: Pointer to the interface or %NULL if not found
5086 */
5087 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5088 const char *ifname)
5089 {
5090 struct wpa_supplicant *wpa_s;
5091
5092 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5093 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5094 return wpa_s;
5095 }
5096 return NULL;
5097 }
5098
5099
5100 #ifndef CONFIG_NO_WPA_MSG
5101 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5102 {
5103 struct wpa_supplicant *wpa_s = ctx;
5104 if (wpa_s == NULL)
5105 return NULL;
5106 return wpa_s->ifname;
5107 }
5108 #endif /* CONFIG_NO_WPA_MSG */
5109
5110
5111 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5112 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5113 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5114
5115 /* Periodic cleanup tasks */
5116 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5117 {
5118 struct wpa_global *global = eloop_ctx;
5119 struct wpa_supplicant *wpa_s;
5120
5121 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5122 wpas_periodic, global, NULL);
5123
5124 #ifdef CONFIG_P2P
5125 if (global->p2p)
5126 p2p_expire_peers(global->p2p);
5127 #endif /* CONFIG_P2P */
5128
5129 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5130 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5131 #ifdef CONFIG_AP
5132 ap_periodic(wpa_s);
5133 #endif /* CONFIG_AP */
5134 }
5135 }
5136
5137
5138 /**
5139 * wpa_supplicant_init - Initialize %wpa_supplicant
5140 * @params: Parameters for %wpa_supplicant
5141 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5142 *
5143 * This function is used to initialize %wpa_supplicant. After successful
5144 * initialization, the returned data pointer can be used to add and remove
5145 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5146 */
5147 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5148 {
5149 struct wpa_global *global;
5150 int ret, i;
5151
5152 if (params == NULL)
5153 return NULL;
5154
5155 #ifdef CONFIG_DRIVER_NDIS
5156 {
5157 void driver_ndis_init_ops(void);
5158 driver_ndis_init_ops();
5159 }
5160 #endif /* CONFIG_DRIVER_NDIS */
5161
5162 #ifndef CONFIG_NO_WPA_MSG
5163 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5164 #endif /* CONFIG_NO_WPA_MSG */
5165
5166 if (params->wpa_debug_file_path)
5167 wpa_debug_open_file(params->wpa_debug_file_path);
5168 else
5169 wpa_debug_setup_stdout();
5170 if (params->wpa_debug_syslog)
5171 wpa_debug_open_syslog();
5172 if (params->wpa_debug_tracing) {
5173 ret = wpa_debug_open_linux_tracing();
5174 if (ret) {
5175 wpa_printf(MSG_ERROR,
5176 "Failed to enable trace logging");
5177 return NULL;
5178 }
5179 }
5180
5181 ret = eap_register_methods();
5182 if (ret) {
5183 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5184 if (ret == -2)
5185 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5186 "the same EAP type.");
5187 return NULL;
5188 }
5189
5190 global = os_zalloc(sizeof(*global));
5191 if (global == NULL)
5192 return NULL;
5193 dl_list_init(&global->p2p_srv_bonjour);
5194 dl_list_init(&global->p2p_srv_upnp);
5195 global->params.daemonize = params->daemonize;
5196 global->params.wait_for_monitor = params->wait_for_monitor;
5197 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5198 if (params->pid_file)
5199 global->params.pid_file = os_strdup(params->pid_file);
5200 if (params->ctrl_interface)
5201 global->params.ctrl_interface =
5202 os_strdup(params->ctrl_interface);
5203 if (params->ctrl_interface_group)
5204 global->params.ctrl_interface_group =
5205 os_strdup(params->ctrl_interface_group);
5206 if (params->override_driver)
5207 global->params.override_driver =
5208 os_strdup(params->override_driver);
5209 if (params->override_ctrl_interface)
5210 global->params.override_ctrl_interface =
5211 os_strdup(params->override_ctrl_interface);
5212 #ifdef CONFIG_P2P
5213 if (params->conf_p2p_dev)
5214 global->params.conf_p2p_dev =
5215 os_strdup(params->conf_p2p_dev);
5216 #endif /* CONFIG_P2P */
5217 wpa_debug_level = global->params.wpa_debug_level =
5218 params->wpa_debug_level;
5219 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5220 params->wpa_debug_show_keys;
5221 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5222 params->wpa_debug_timestamp;
5223
5224 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5225
5226 if (eloop_init()) {
5227 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5228 wpa_supplicant_deinit(global);
5229 return NULL;
5230 }
5231
5232 random_init(params->entropy_file);
5233
5234 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5235 if (global->ctrl_iface == NULL) {
5236 wpa_supplicant_deinit(global);
5237 return NULL;
5238 }
5239
5240 if (wpas_notify_supplicant_initialized(global)) {
5241 wpa_supplicant_deinit(global);
5242 return NULL;
5243 }
5244
5245 for (i = 0; wpa_drivers[i]; i++)
5246 global->drv_count++;
5247 if (global->drv_count == 0) {
5248 wpa_printf(MSG_ERROR, "No drivers enabled");
5249 wpa_supplicant_deinit(global);
5250 return NULL;
5251 }
5252 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5253 if (global->drv_priv == NULL) {
5254 wpa_supplicant_deinit(global);
5255 return NULL;
5256 }
5257
5258 #ifdef CONFIG_WIFI_DISPLAY
5259 if (wifi_display_init(global) < 0) {
5260 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5261 wpa_supplicant_deinit(global);
5262 return NULL;
5263 }
5264 #endif /* CONFIG_WIFI_DISPLAY */
5265
5266 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5267 wpas_periodic, global, NULL);
5268
5269 return global;
5270 }
5271
5272
5273 /**
5274 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5275 * @global: Pointer to global data from wpa_supplicant_init()
5276 * Returns: 0 after successful event loop run, -1 on failure
5277 *
5278 * This function starts the main event loop and continues running as long as
5279 * there are any remaining events. In most cases, this function is running as
5280 * long as the %wpa_supplicant process in still in use.
5281 */
5282 int wpa_supplicant_run(struct wpa_global *global)
5283 {
5284 struct wpa_supplicant *wpa_s;
5285
5286 if (global->params.daemonize &&
5287 (wpa_supplicant_daemon(global->params.pid_file) ||
5288 eloop_sock_requeue()))
5289 return -1;
5290
5291 if (global->params.wait_for_monitor) {
5292 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5293 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
5294 wpa_supplicant_ctrl_iface_wait(
5295 wpa_s->ctrl_iface);
5296 }
5297
5298 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5299 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5300
5301 eloop_run();
5302
5303 return 0;
5304 }
5305
5306
5307 /**
5308 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5309 * @global: Pointer to global data from wpa_supplicant_init()
5310 *
5311 * This function is called to deinitialize %wpa_supplicant and to free all
5312 * allocated resources. Remaining network interfaces will also be removed.
5313 */
5314 void wpa_supplicant_deinit(struct wpa_global *global)
5315 {
5316 int i;
5317
5318 if (global == NULL)
5319 return;
5320
5321 eloop_cancel_timeout(wpas_periodic, global, NULL);
5322
5323 #ifdef CONFIG_WIFI_DISPLAY
5324 wifi_display_deinit(global);
5325 #endif /* CONFIG_WIFI_DISPLAY */
5326
5327 while (global->ifaces)
5328 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5329
5330 if (global->ctrl_iface)
5331 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5332
5333 wpas_notify_supplicant_deinitialized(global);
5334
5335 eap_peer_unregister_methods();
5336 #ifdef CONFIG_AP
5337 eap_server_unregister_methods();
5338 #endif /* CONFIG_AP */
5339
5340 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5341 if (!global->drv_priv[i])
5342 continue;
5343 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5344 }
5345 os_free(global->drv_priv);
5346
5347 random_deinit();
5348
5349 eloop_destroy();
5350
5351 if (global->params.pid_file) {
5352 os_daemonize_terminate(global->params.pid_file);
5353 os_free(global->params.pid_file);
5354 }
5355 os_free(global->params.ctrl_interface);
5356 os_free(global->params.ctrl_interface_group);
5357 os_free(global->params.override_driver);
5358 os_free(global->params.override_ctrl_interface);
5359 #ifdef CONFIG_P2P
5360 os_free(global->params.conf_p2p_dev);
5361 #endif /* CONFIG_P2P */
5362
5363 os_free(global->p2p_disallow_freq.range);
5364 os_free(global->p2p_go_avoid_freq.range);
5365 os_free(global->add_psk);
5366
5367 os_free(global);
5368 wpa_debug_close_syslog();
5369 wpa_debug_close_file();
5370 wpa_debug_close_linux_tracing();
5371 }
5372
5373
5374 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5375 {
5376 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5377 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5378 char country[3];
5379 country[0] = wpa_s->conf->country[0];
5380 country[1] = wpa_s->conf->country[1];
5381 country[2] = '\0';
5382 if (wpa_drv_set_country(wpa_s, country) < 0) {
5383 wpa_printf(MSG_ERROR, "Failed to set country code "
5384 "'%s'", country);
5385 }
5386 }
5387
5388 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5389 wpas_init_ext_pw(wpa_s);
5390
5391 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
5392 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5393
5394 #ifdef CONFIG_WPS
5395 wpas_wps_update_config(wpa_s);
5396 #endif /* CONFIG_WPS */
5397 wpas_p2p_update_config(wpa_s);
5398 wpa_s->conf->changed_parameters = 0;
5399 }
5400
5401
5402 void add_freq(int *freqs, int *num_freqs, int freq)
5403 {
5404 int i;
5405
5406 for (i = 0; i < *num_freqs; i++) {
5407 if (freqs[i] == freq)
5408 return;
5409 }
5410
5411 freqs[*num_freqs] = freq;
5412 (*num_freqs)++;
5413 }
5414
5415
5416 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5417 {
5418 struct wpa_bss *bss, *cbss;
5419 const int max_freqs = 10;
5420 int *freqs;
5421 int num_freqs = 0;
5422
5423 freqs = os_calloc(max_freqs + 1, sizeof(int));
5424 if (freqs == NULL)
5425 return NULL;
5426
5427 cbss = wpa_s->current_bss;
5428
5429 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5430 if (bss == cbss)
5431 continue;
5432 if (bss->ssid_len == cbss->ssid_len &&
5433 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5434 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5435 add_freq(freqs, &num_freqs, bss->freq);
5436 if (num_freqs == max_freqs)
5437 break;
5438 }
5439 }
5440
5441 if (num_freqs == 0) {
5442 os_free(freqs);
5443 freqs = NULL;
5444 }
5445
5446 return freqs;
5447 }
5448
5449
5450 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5451 {
5452 int timeout;
5453 int count;
5454 int *freqs = NULL;
5455
5456 wpas_connect_work_done(wpa_s);
5457
5458 /*
5459 * Remove possible authentication timeout since the connection failed.
5460 */
5461 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5462
5463 /*
5464 * There is no point in blacklisting the AP if this event is
5465 * generated based on local request to disconnect.
5466 */
5467 if (wpa_s->own_disconnect_req) {
5468 wpa_s->own_disconnect_req = 0;
5469 wpa_dbg(wpa_s, MSG_DEBUG,
5470 "Ignore connection failure due to local request to disconnect");
5471 return;
5472 }
5473 if (wpa_s->disconnected) {
5474 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5475 "indication since interface has been put into "
5476 "disconnected state");
5477 return;
5478 }
5479
5480 /*
5481 * Add the failed BSSID into the blacklist and speed up next scan
5482 * attempt if there could be other APs that could accept association.
5483 * The current blacklist count indicates how many times we have tried
5484 * connecting to this AP and multiple attempts mean that other APs are
5485 * either not available or has already been tried, so that we can start
5486 * increasing the delay here to avoid constant scanning.
5487 */
5488 count = wpa_blacklist_add(wpa_s, bssid);
5489 if (count == 1 && wpa_s->current_bss) {
5490 /*
5491 * This BSS was not in the blacklist before. If there is
5492 * another BSS available for the same ESS, we should try that
5493 * next. Otherwise, we may as well try this one once more
5494 * before allowing other, likely worse, ESSes to be considered.
5495 */
5496 freqs = get_bss_freqs_in_ess(wpa_s);
5497 if (freqs) {
5498 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5499 "has been seen; try it next");
5500 wpa_blacklist_add(wpa_s, bssid);
5501 /*
5502 * On the next scan, go through only the known channels
5503 * used in this ESS based on previous scans to speed up
5504 * common load balancing use case.
5505 */
5506 os_free(wpa_s->next_scan_freqs);
5507 wpa_s->next_scan_freqs = freqs;
5508 }
5509 }
5510
5511 /*
5512 * Add previous failure count in case the temporary blacklist was
5513 * cleared due to no other BSSes being available.
5514 */
5515 count += wpa_s->extra_blacklist_count;
5516
5517 if (count > 3 && wpa_s->current_ssid) {
5518 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5519 "consider temporary network disabling");
5520 wpas_auth_failed(wpa_s, "CONN_FAILED");
5521 }
5522
5523 switch (count) {
5524 case 1:
5525 timeout = 100;
5526 break;
5527 case 2:
5528 timeout = 500;
5529 break;
5530 case 3:
5531 timeout = 1000;
5532 break;
5533 case 4:
5534 timeout = 5000;
5535 break;
5536 default:
5537 timeout = 10000;
5538 break;
5539 }
5540
5541 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5542 "ms", count, timeout);
5543
5544 /*
5545 * TODO: if more than one possible AP is available in scan results,
5546 * could try the other ones before requesting a new scan.
5547 */
5548 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5549 1000 * (timeout % 1000));
5550 }
5551
5552
5553 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5554 {
5555 return wpa_s->conf->ap_scan == 2 ||
5556 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5557 }
5558
5559
5560 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5561 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5562 struct wpa_ssid *ssid,
5563 const char *field,
5564 const char *value)
5565 {
5566 #ifdef IEEE8021X_EAPOL
5567 struct eap_peer_config *eap = &ssid->eap;
5568
5569 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5570 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5571 (const u8 *) value, os_strlen(value));
5572
5573 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5574 case WPA_CTRL_REQ_EAP_IDENTITY:
5575 os_free(eap->identity);
5576 eap->identity = (u8 *) os_strdup(value);
5577 eap->identity_len = os_strlen(value);
5578 eap->pending_req_identity = 0;
5579 if (ssid == wpa_s->current_ssid)
5580 wpa_s->reassociate = 1;
5581 break;
5582 case WPA_CTRL_REQ_EAP_PASSWORD:
5583 bin_clear_free(eap->password, eap->password_len);
5584 eap->password = (u8 *) os_strdup(value);
5585 eap->password_len = os_strlen(value);
5586 eap->pending_req_password = 0;
5587 if (ssid == wpa_s->current_ssid)
5588 wpa_s->reassociate = 1;
5589 break;
5590 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5591 bin_clear_free(eap->new_password, eap->new_password_len);
5592 eap->new_password = (u8 *) os_strdup(value);
5593 eap->new_password_len = os_strlen(value);
5594 eap->pending_req_new_password = 0;
5595 if (ssid == wpa_s->current_ssid)
5596 wpa_s->reassociate = 1;
5597 break;
5598 case WPA_CTRL_REQ_EAP_PIN:
5599 str_clear_free(eap->pin);
5600 eap->pin = os_strdup(value);
5601 eap->pending_req_pin = 0;
5602 if (ssid == wpa_s->current_ssid)
5603 wpa_s->reassociate = 1;
5604 break;
5605 case WPA_CTRL_REQ_EAP_OTP:
5606 bin_clear_free(eap->otp, eap->otp_len);
5607 eap->otp = (u8 *) os_strdup(value);
5608 eap->otp_len = os_strlen(value);
5609 os_free(eap->pending_req_otp);
5610 eap->pending_req_otp = NULL;
5611 eap->pending_req_otp_len = 0;
5612 break;
5613 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5614 str_clear_free(eap->private_key_passwd);
5615 eap->private_key_passwd = os_strdup(value);
5616 eap->pending_req_passphrase = 0;
5617 if (ssid == wpa_s->current_ssid)
5618 wpa_s->reassociate = 1;
5619 break;
5620 case WPA_CTRL_REQ_SIM:
5621 str_clear_free(eap->external_sim_resp);
5622 eap->external_sim_resp = os_strdup(value);
5623 break;
5624 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5625 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5626 return -1;
5627 ssid->mem_only_psk = 1;
5628 if (ssid->passphrase)
5629 wpa_config_update_psk(ssid);
5630 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5631 wpa_supplicant_req_scan(wpa_s, 0, 0);
5632 break;
5633 case WPA_CTRL_REQ_EXT_CERT_CHECK:
5634 if (eap->pending_ext_cert_check != PENDING_CHECK)
5635 return -1;
5636 if (os_strcmp(value, "good") == 0)
5637 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
5638 else if (os_strcmp(value, "bad") == 0)
5639 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
5640 else
5641 return -1;
5642 break;
5643 default:
5644 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5645 return -1;
5646 }
5647
5648 return 0;
5649 #else /* IEEE8021X_EAPOL */
5650 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5651 return -1;
5652 #endif /* IEEE8021X_EAPOL */
5653 }
5654 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5655
5656
5657 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5658 {
5659 int i;
5660 unsigned int drv_enc;
5661
5662 if (wpa_s->p2p_mgmt)
5663 return 1; /* no normal network profiles on p2p_mgmt interface */
5664
5665 if (ssid == NULL)
5666 return 1;
5667
5668 if (ssid->disabled)
5669 return 1;
5670
5671 if (wpa_s->drv_capa_known)
5672 drv_enc = wpa_s->drv_enc;
5673 else
5674 drv_enc = (unsigned int) -1;
5675
5676 for (i = 0; i < NUM_WEP_KEYS; i++) {
5677 size_t len = ssid->wep_key_len[i];
5678 if (len == 0)
5679 continue;
5680 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5681 continue;
5682 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5683 continue;
5684 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5685 continue;
5686 return 1; /* invalid WEP key */
5687 }
5688
5689 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5690 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5691 !ssid->mem_only_psk)
5692 return 1;
5693
5694 return 0;
5695 }
5696
5697
5698 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5699 {
5700 #ifdef CONFIG_IEEE80211W
5701 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5702 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5703 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5704 /*
5705 * Driver does not support BIP -- ignore pmf=1 default
5706 * since the connection with PMF would fail and the
5707 * configuration does not require PMF to be enabled.
5708 */
5709 return NO_MGMT_FRAME_PROTECTION;
5710 }
5711
5712 return wpa_s->conf->pmf;
5713 }
5714
5715 return ssid->ieee80211w;
5716 #else /* CONFIG_IEEE80211W */
5717 return NO_MGMT_FRAME_PROTECTION;
5718 #endif /* CONFIG_IEEE80211W */
5719 }
5720
5721
5722 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5723 {
5724 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5725 return 1;
5726 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5727 return 0;
5728 return -1;
5729 }
5730
5731
5732 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5733 {
5734 struct wpa_ssid *ssid = wpa_s->current_ssid;
5735 int dur;
5736 struct os_reltime now;
5737
5738 if (ssid == NULL) {
5739 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5740 "SSID block");
5741 return;
5742 }
5743
5744 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5745 return;
5746
5747 ssid->auth_failures++;
5748
5749 #ifdef CONFIG_P2P
5750 if (ssid->p2p_group &&
5751 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5752 /*
5753 * Skip the wait time since there is a short timeout on the
5754 * connection to a P2P group.
5755 */
5756 return;
5757 }
5758 #endif /* CONFIG_P2P */
5759
5760 if (ssid->auth_failures > 50)
5761 dur = 300;
5762 else if (ssid->auth_failures > 10)
5763 dur = 120;
5764 else if (ssid->auth_failures > 5)
5765 dur = 90;
5766 else if (ssid->auth_failures > 3)
5767 dur = 60;
5768 else if (ssid->auth_failures > 2)
5769 dur = 30;
5770 else if (ssid->auth_failures > 1)
5771 dur = 20;
5772 else
5773 dur = 10;
5774
5775 if (ssid->auth_failures > 1 &&
5776 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5777 dur += os_random() % (ssid->auth_failures * 10);
5778
5779 os_get_reltime(&now);
5780 if (now.sec + dur <= ssid->disabled_until.sec)
5781 return;
5782
5783 ssid->disabled_until.sec = now.sec + dur;
5784
5785 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5786 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5787 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5788 ssid->auth_failures, dur, reason);
5789 }
5790
5791
5792 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5793 struct wpa_ssid *ssid, int clear_failures)
5794 {
5795 if (ssid == NULL)
5796 return;
5797
5798 if (ssid->disabled_until.sec) {
5799 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5800 "id=%d ssid=\"%s\"",
5801 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5802 }
5803 ssid->disabled_until.sec = 0;
5804 ssid->disabled_until.usec = 0;
5805 if (clear_failures)
5806 ssid->auth_failures = 0;
5807 }
5808
5809
5810 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5811 {
5812 size_t i;
5813
5814 if (wpa_s->disallow_aps_bssid == NULL)
5815 return 0;
5816
5817 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5818 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5819 bssid, ETH_ALEN) == 0)
5820 return 1;
5821 }
5822
5823 return 0;
5824 }
5825
5826
5827 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5828 size_t ssid_len)
5829 {
5830 size_t i;
5831
5832 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5833 return 0;
5834
5835 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5836 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5837 if (ssid_len == s->ssid_len &&
5838 os_memcmp(ssid, s->ssid, ssid_len) == 0)
5839 return 1;
5840 }
5841
5842 return 0;
5843 }
5844
5845
5846 /**
5847 * wpas_request_connection - Request a new connection
5848 * @wpa_s: Pointer to the network interface
5849 *
5850 * This function is used to request a new connection to be found. It will mark
5851 * the interface to allow reassociation and request a new scan to find a
5852 * suitable network to connect to.
5853 */
5854 void wpas_request_connection(struct wpa_supplicant *wpa_s)
5855 {
5856 wpa_s->normal_scans = 0;
5857 wpa_s->scan_req = NORMAL_SCAN_REQ;
5858 wpa_supplicant_reinit_autoscan(wpa_s);
5859 wpa_s->extra_blacklist_count = 0;
5860 wpa_s->disconnected = 0;
5861 wpa_s->reassociate = 1;
5862
5863 if (wpa_supplicant_fast_associate(wpa_s) != 1)
5864 wpa_supplicant_req_scan(wpa_s, 0, 0);
5865 else
5866 wpa_s->reattach = 0;
5867 }
5868
5869
5870 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
5871 struct wpa_used_freq_data *freqs_data,
5872 unsigned int len)
5873 {
5874 unsigned int i;
5875
5876 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
5877 len, title);
5878 for (i = 0; i < len; i++) {
5879 struct wpa_used_freq_data *cur = &freqs_data[i];
5880 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
5881 i, cur->freq, cur->flags);
5882 }
5883 }
5884
5885
5886 /*
5887 * Find the operating frequencies of any of the virtual interfaces that
5888 * are using the same radio as the current interface, and in addition, get
5889 * information about the interface types that are using the frequency.
5890 */
5891 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
5892 struct wpa_used_freq_data *freqs_data,
5893 unsigned int len)
5894 {
5895 struct wpa_supplicant *ifs;
5896 u8 bssid[ETH_ALEN];
5897 int freq;
5898 unsigned int idx = 0, i;
5899
5900 wpa_dbg(wpa_s, MSG_DEBUG,
5901 "Determining shared radio frequencies (max len %u)", len);
5902 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
5903
5904 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
5905 radio_list) {
5906 if (idx == len)
5907 break;
5908
5909 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
5910 continue;
5911
5912 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
5913 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
5914 ifs->current_ssid->mode == WPAS_MODE_MESH)
5915 freq = ifs->current_ssid->frequency;
5916 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
5917 freq = ifs->assoc_freq;
5918 else
5919 continue;
5920
5921 /* Hold only distinct freqs */
5922 for (i = 0; i < idx; i++)
5923 if (freqs_data[i].freq == freq)
5924 break;
5925
5926 if (i == idx)
5927 freqs_data[idx++].freq = freq;
5928
5929 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
5930 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
5931 WPA_FREQ_USED_BY_P2P_CLIENT :
5932 WPA_FREQ_USED_BY_INFRA_STATION;
5933 }
5934 }
5935
5936 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
5937 return idx;
5938 }
5939
5940
5941 /*
5942 * Find the operating frequencies of any of the virtual interfaces that
5943 * are using the same radio as the current interface.
5944 */
5945 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
5946 int *freq_array, unsigned int len)
5947 {
5948 struct wpa_used_freq_data *freqs_data;
5949 int num, i;
5950
5951 os_memset(freq_array, 0, sizeof(int) * len);
5952
5953 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
5954 if (!freqs_data)
5955 return -1;
5956
5957 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
5958 for (i = 0; i < num; i++)
5959 freq_array[i] = freqs_data[i].freq;
5960
5961 os_free(freqs_data);
5962
5963 return num;
5964 }
5965
5966
5967 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
5968 {
5969 struct rrm_data *rrm = data;
5970
5971 if (!rrm->notify_neighbor_rep) {
5972 wpa_printf(MSG_ERROR,
5973 "RRM: Unexpected neighbor report timeout");
5974 return;
5975 }
5976
5977 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
5978 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
5979
5980 rrm->notify_neighbor_rep = NULL;
5981 rrm->neighbor_rep_cb_ctx = NULL;
5982 }
5983
5984
5985 /*
5986 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
5987 * @wpa_s: Pointer to wpa_supplicant
5988 */
5989 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
5990 {
5991 wpa_s->rrm.rrm_used = 0;
5992
5993 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5994 NULL);
5995 if (wpa_s->rrm.notify_neighbor_rep)
5996 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
5997 wpa_s->rrm.next_neighbor_rep_token = 1;
5998 }
5999
6000
6001 /*
6002 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
6003 * @wpa_s: Pointer to wpa_supplicant
6004 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
6005 * @report_len: Length of neighbor report buffer
6006 */
6007 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
6008 const u8 *report, size_t report_len)
6009 {
6010 struct wpabuf *neighbor_rep;
6011
6012 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
6013 if (report_len < 1)
6014 return;
6015
6016 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
6017 wpa_printf(MSG_DEBUG,
6018 "RRM: Discarding neighbor report with token %d (expected %d)",
6019 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
6020 return;
6021 }
6022
6023 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6024 NULL);
6025
6026 if (!wpa_s->rrm.notify_neighbor_rep) {
6027 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
6028 return;
6029 }
6030
6031 /* skipping the first byte, which is only an id (dialog token) */
6032 neighbor_rep = wpabuf_alloc(report_len - 1);
6033 if (neighbor_rep == NULL)
6034 return;
6035 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
6036 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
6037 report[0]);
6038 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
6039 neighbor_rep);
6040 wpa_s->rrm.notify_neighbor_rep = NULL;
6041 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
6042 }
6043
6044
6045 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
6046 /* Workaround different, undefined for Windows, error codes used here */
6047 #define ENOTCONN -1
6048 #define EOPNOTSUPP -1
6049 #define ECANCELED -1
6050 #endif
6051
6052 /**
6053 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
6054 * @wpa_s: Pointer to wpa_supplicant
6055 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
6056 * is sent in the request.
6057 * @cb: Callback function to be called once the requested report arrives, or
6058 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
6059 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
6060 * the requester's responsibility to free it.
6061 * In the latter case NULL will be sent in 'neighbor_rep'.
6062 * @cb_ctx: Context value to send the callback function
6063 * Returns: 0 in case of success, negative error code otherwise
6064 *
6065 * In case there is a previous request which has not been answered yet, the
6066 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
6067 * Request must contain a callback function.
6068 */
6069 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
6070 const struct wpa_ssid *ssid,
6071 void (*cb)(void *ctx,
6072 struct wpabuf *neighbor_rep),
6073 void *cb_ctx)
6074 {
6075 struct wpabuf *buf;
6076 const u8 *rrm_ie;
6077
6078 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
6079 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
6080 return -ENOTCONN;
6081 }
6082
6083 if (!wpa_s->rrm.rrm_used) {
6084 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
6085 return -EOPNOTSUPP;
6086 }
6087
6088 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
6089 WLAN_EID_RRM_ENABLED_CAPABILITIES);
6090 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
6091 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
6092 wpa_printf(MSG_DEBUG,
6093 "RRM: No network support for Neighbor Report.");
6094 return -EOPNOTSUPP;
6095 }
6096
6097 if (!cb) {
6098 wpa_printf(MSG_DEBUG,
6099 "RRM: Neighbor Report request must provide a callback.");
6100 return -EINVAL;
6101 }
6102
6103 /* Refuse if there's a live request */
6104 if (wpa_s->rrm.notify_neighbor_rep) {
6105 wpa_printf(MSG_DEBUG,
6106 "RRM: Currently handling previous Neighbor Report.");
6107 return -EBUSY;
6108 }
6109
6110 /* 3 = action category + action code + dialog token */
6111 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
6112 if (buf == NULL) {
6113 wpa_printf(MSG_DEBUG,
6114 "RRM: Failed to allocate Neighbor Report Request");
6115 return -ENOMEM;
6116 }
6117
6118 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
6119 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
6120 wpa_s->rrm.next_neighbor_rep_token);
6121
6122 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6123 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
6124 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
6125 if (ssid) {
6126 wpabuf_put_u8(buf, WLAN_EID_SSID);
6127 wpabuf_put_u8(buf, ssid->ssid_len);
6128 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
6129 }
6130
6131 wpa_s->rrm.next_neighbor_rep_token++;
6132
6133 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6134 wpa_s->own_addr, wpa_s->bssid,
6135 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
6136 wpa_printf(MSG_DEBUG,
6137 "RRM: Failed to send Neighbor Report Request");
6138 wpabuf_free(buf);
6139 return -ECANCELED;
6140 }
6141
6142 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
6143 wpa_s->rrm.notify_neighbor_rep = cb;
6144 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
6145 wpas_rrm_neighbor_rep_timeout_handler,
6146 &wpa_s->rrm, NULL);
6147
6148 wpabuf_free(buf);
6149 return 0;
6150 }
6151
6152
6153 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
6154 const u8 *src,
6155 const u8 *frame, size_t len,
6156 int rssi)
6157 {
6158 struct wpabuf *buf;
6159 const struct rrm_link_measurement_request *req;
6160 struct rrm_link_measurement_report report;
6161
6162 if (wpa_s->wpa_state != WPA_COMPLETED) {
6163 wpa_printf(MSG_INFO,
6164 "RRM: Ignoring link measurement request. Not associated");
6165 return;
6166 }
6167
6168 if (!wpa_s->rrm.rrm_used) {
6169 wpa_printf(MSG_INFO,
6170 "RRM: Ignoring link measurement request. Not RRM network");
6171 return;
6172 }
6173
6174 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
6175 wpa_printf(MSG_INFO,
6176 "RRM: Measurement report failed. TX power insertion not supported");
6177 return;
6178 }
6179
6180 req = (const struct rrm_link_measurement_request *) frame;
6181 if (len < sizeof(*req)) {
6182 wpa_printf(MSG_INFO,
6183 "RRM: Link measurement report failed. Request too short");
6184 return;
6185 }
6186
6187 os_memset(&report, 0, sizeof(report));
6188 report.tpc.eid = WLAN_EID_TPC_REPORT;
6189 report.tpc.len = 2;
6190 report.rsni = 255; /* 255 indicates that RSNI is not available */
6191 report.dialog_token = req->dialog_token;
6192
6193 /*
6194 * It's possible to estimate RCPI based on RSSI in dBm. This
6195 * calculation will not reflect the correct value for high rates,
6196 * but it's good enough for Action frames which are transmitted
6197 * with up to 24 Mbps rates.
6198 */
6199 if (!rssi)
6200 report.rcpi = 255; /* not available */
6201 else if (rssi < -110)
6202 report.rcpi = 0;
6203 else if (rssi > 0)
6204 report.rcpi = 220;
6205 else
6206 report.rcpi = (rssi + 110) * 2;
6207
6208 /* action_category + action_code */
6209 buf = wpabuf_alloc(2 + sizeof(report));
6210 if (buf == NULL) {
6211 wpa_printf(MSG_ERROR,
6212 "RRM: Link measurement report failed. Buffer allocation failed");
6213 return;
6214 }
6215
6216 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6217 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
6218 wpabuf_put_data(buf, &report, sizeof(report));
6219 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
6220 wpabuf_head(buf), wpabuf_len(buf));
6221
6222 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6223 wpa_s->own_addr, wpa_s->bssid,
6224 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6225 wpa_printf(MSG_ERROR,
6226 "RRM: Link measurement report failed. Send action failed");
6227 }
6228 wpabuf_free(buf);
6229 }
6230
6231
6232 struct wpa_supplicant *
6233 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6234 {
6235 switch (frame) {
6236 #ifdef CONFIG_P2P
6237 case VENDOR_ELEM_PROBE_REQ_P2P:
6238 case VENDOR_ELEM_PROBE_RESP_P2P:
6239 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6240 case VENDOR_ELEM_BEACON_P2P_GO:
6241 case VENDOR_ELEM_P2P_PD_REQ:
6242 case VENDOR_ELEM_P2P_PD_RESP:
6243 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6244 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6245 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6246 case VENDOR_ELEM_P2P_INV_REQ:
6247 case VENDOR_ELEM_P2P_INV_RESP:
6248 case VENDOR_ELEM_P2P_ASSOC_REQ:
6249 case VENDOR_ELEM_P2P_ASSOC_RESP:
6250 return wpa_s->parent;
6251 #endif /* CONFIG_P2P */
6252 default:
6253 return wpa_s;
6254 }
6255 }
6256
6257
6258 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6259 {
6260 unsigned int i;
6261 char buf[30];
6262
6263 wpa_printf(MSG_DEBUG, "Update vendor elements");
6264
6265 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6266 if (wpa_s->vendor_elem[i]) {
6267 int res;
6268
6269 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6270 if (!os_snprintf_error(sizeof(buf), res)) {
6271 wpa_hexdump_buf(MSG_DEBUG, buf,
6272 wpa_s->vendor_elem[i]);
6273 }
6274 }
6275 }
6276
6277 #ifdef CONFIG_P2P
6278 if (wpa_s->parent == wpa_s &&
6279 wpa_s->global->p2p &&
6280 !wpa_s->global->p2p_disabled)
6281 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6282 #endif /* CONFIG_P2P */
6283 }
6284
6285
6286 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6287 const u8 *elem, size_t len)
6288 {
6289 u8 *ie, *end;
6290
6291 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6292 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6293
6294 for (; ie + 1 < end; ie += 2 + ie[1]) {
6295 if (ie + len > end)
6296 break;
6297 if (os_memcmp(ie, elem, len) != 0)
6298 continue;
6299
6300 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6301 wpabuf_free(wpa_s->vendor_elem[frame]);
6302 wpa_s->vendor_elem[frame] = NULL;
6303 } else {
6304 os_memmove(ie, ie + len, end - (ie + len));
6305 wpa_s->vendor_elem[frame]->used -= len;
6306 }
6307 wpas_vendor_elem_update(wpa_s);
6308 return 0;
6309 }
6310
6311 return -1;
6312 }
6313
6314
6315 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6316 u16 num_modes, enum hostapd_hw_mode mode)
6317 {
6318 u16 i;
6319
6320 for (i = 0; i < num_modes; i++) {
6321 if (modes[i].mode == mode)
6322 return &modes[i];
6323 }
6324
6325 return NULL;
6326 }
6327
6328
6329 static struct
6330 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6331 const u8 *bssid)
6332 {
6333 struct wpa_bss_tmp_disallowed *bss;
6334
6335 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6336 struct wpa_bss_tmp_disallowed, list) {
6337 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6338 return bss;
6339 }
6340
6341 return NULL;
6342 }
6343
6344
6345 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6346 unsigned int sec)
6347 {
6348 struct wpa_bss_tmp_disallowed *bss;
6349 struct os_reltime until;
6350
6351 os_get_reltime(&until);
6352 until.sec += sec;
6353
6354 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6355 if (bss) {
6356 bss->disallowed_until = until;
6357 return;
6358 }
6359
6360 bss = os_malloc(sizeof(*bss));
6361 if (!bss) {
6362 wpa_printf(MSG_DEBUG,
6363 "Failed to allocate memory for temp disallow BSS");
6364 return;
6365 }
6366
6367 bss->disallowed_until = until;
6368 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6369 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6370 }
6371
6372
6373 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6374 {
6375 struct wpa_bss_tmp_disallowed *bss;
6376 struct os_reltime now, age;
6377
6378 os_get_reltime(&now);
6379
6380 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6381 if (!bss)
6382 return 0;
6383
6384 if (os_reltime_before(&now, &bss->disallowed_until)) {
6385 os_reltime_sub(&bss->disallowed_until, &now, &age);
6386 wpa_printf(MSG_DEBUG,
6387 "BSS " MACSTR " disabled for %ld.%0ld seconds",
6388 MAC2STR(bss->bssid), age.sec, age.usec);
6389 return 1;
6390 }
6391
6392 /* This BSS is not disallowed anymore */
6393 dl_list_del(&bss->list);
6394 os_free(bss);
6395 return 0;
6396 }
Unnamed repository; edit this file 'description' to name the repository.