3 * Copyright (c) 2003-2018, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
125 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 /* Configure default/group WEP keys for static WEP */
129 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
133 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
134 if (ssid
->wep_key_len
[i
] == 0)
138 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
139 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
140 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
147 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
148 struct wpa_ssid
*ssid
)
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
159 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
160 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
165 if (!ssid
->psk_set
) {
166 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
171 switch (wpa_s
->group_cipher
) {
172 case WPA_CIPHER_CCMP
:
173 os_memcpy(key
, ssid
->psk
, 16);
177 case WPA_CIPHER_GCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_TKIP
:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key
, ssid
->psk
, 16 + 8);
185 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
190 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s
->group_cipher
);
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
198 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
199 os_memset(key
, 0, sizeof(key
));
204 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
206 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
207 const u8
*bssid
= wpa_s
->bssid
;
208 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
209 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
210 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
211 bssid
= wpa_s
->pending_bssid
;
212 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
214 wpa_blacklist_add(wpa_s
, bssid
);
215 wpa_sm_notify_disassoc(wpa_s
->wpa
);
216 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
217 wpa_s
->reassociate
= 1;
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
223 wpa_supplicant_req_scan(wpa_s
, 1, 0);
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
233 * This function is used to schedule a timeout for the current authentication
236 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
239 if (wpa_s
->conf
->ap_scan
== 0 &&
240 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
243 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
244 "%d usec", sec
, usec
);
245 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
246 wpa_s
->last_auth_timeout_sec
= sec
;
247 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
256 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
258 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
261 wpa_dbg(wpa_s
, MSG_DEBUG
,
262 "Authentication timeout restart: %d sec", new_sec
);
263 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
264 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
278 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
280 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
281 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
282 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
283 os_free(wpa_s
->last_con_fail_realm
);
284 wpa_s
->last_con_fail_realm
= NULL
;
285 wpa_s
->last_con_fail_realm_len
= 0;
290 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
291 * @wpa_s: Pointer to wpa_supplicant data
293 * This function is used to configure EAPOL state machine based on the selected
294 * authentication mode.
296 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
298 #ifdef IEEE8021X_EAPOL
299 struct eapol_config eapol_conf
;
300 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
302 #ifdef CONFIG_IBSS_RSN
303 if (ssid
->mode
== WPAS_MODE_IBSS
&&
304 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
305 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
307 * RSN IBSS authentication is per-STA and we can disable the
308 * per-BSSID EAPOL authentication.
310 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
311 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
312 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
315 #endif /* CONFIG_IBSS_RSN */
317 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
318 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
321 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
322 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
324 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
326 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
327 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
328 eapol_conf
.accept_802_1x_keys
= 1;
329 eapol_conf
.required_keys
= 0;
330 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
331 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
333 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
334 eapol_conf
.required_keys
|=
335 EAPOL_REQUIRE_KEY_BROADCAST
;
338 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
339 eapol_conf
.required_keys
= 0;
341 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
342 eapol_conf
.workaround
= ssid
->eap_workaround
;
343 eapol_conf
.eap_disabled
=
344 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
345 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
346 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
347 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
350 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
351 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
352 if (wpa_s
->current_bss
) {
354 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
359 EAPOL_PEER_IS_WPS20_AP
;
364 #endif /* CONFIG_WPS */
366 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
369 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
370 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
372 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
373 #endif /* CONFIG_MACSEC */
374 #endif /* IEEE8021X_EAPOL */
379 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
380 * @wpa_s: Pointer to wpa_supplicant data
381 * @ssid: Configuration data for the network
383 * This function is used to configure WPA state machine and related parameters
384 * to a mode where WPA is not enabled. This is called as part of the
385 * authentication configuration when the selected network does not use WPA.
387 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
388 struct wpa_ssid
*ssid
)
392 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
393 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
394 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
395 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
397 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
398 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
399 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
400 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
401 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
402 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
403 wpa_s
->mgmt_group_cipher
= 0;
405 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
406 if (ssid
->wep_key_len
[i
] > 5) {
407 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
408 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
410 } else if (ssid
->wep_key_len
[i
] > 0) {
411 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
412 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
417 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
418 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
419 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
420 wpa_s
->pairwise_cipher
);
421 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
422 #ifdef CONFIG_IEEE80211W
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
424 wpa_s
->mgmt_group_cipher
);
425 #endif /* CONFIG_IEEE80211W */
427 pmksa_cache_clear_current(wpa_s
->wpa
);
431 void free_hw_features(struct wpa_supplicant
*wpa_s
)
434 if (wpa_s
->hw
.modes
== NULL
)
437 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
438 os_free(wpa_s
->hw
.modes
[i
].channels
);
439 os_free(wpa_s
->hw
.modes
[i
].rates
);
442 os_free(wpa_s
->hw
.modes
);
443 wpa_s
->hw
.modes
= NULL
;
447 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
449 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
451 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
452 struct wpa_bss_tmp_disallowed
, list
) {
453 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
454 dl_list_del(&bss
->list
);
460 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
462 struct fils_hlp_req
*req
;
464 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
466 dl_list_del(&req
->list
);
467 wpabuf_free(req
->pkt
);
473 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
477 bgscan_deinit(wpa_s
);
478 autoscan_deinit(wpa_s
);
479 scard_deinit(wpa_s
->scard
);
481 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
482 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
483 l2_packet_deinit(wpa_s
->l2
);
486 l2_packet_deinit(wpa_s
->l2_br
);
489 #ifdef CONFIG_TESTING_OPTIONS
490 l2_packet_deinit(wpa_s
->l2_test
);
491 wpa_s
->l2_test
= NULL
;
492 os_free(wpa_s
->get_pref_freq_list_override
);
493 wpa_s
->get_pref_freq_list_override
= NULL
;
494 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
495 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
496 #endif /* CONFIG_TESTING_OPTIONS */
498 if (wpa_s
->conf
!= NULL
) {
499 struct wpa_ssid
*ssid
;
500 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
501 wpas_notify_network_removed(wpa_s
, ssid
);
504 os_free(wpa_s
->confname
);
505 wpa_s
->confname
= NULL
;
507 os_free(wpa_s
->confanother
);
508 wpa_s
->confanother
= NULL
;
510 os_free(wpa_s
->last_con_fail_realm
);
511 wpa_s
->last_con_fail_realm
= NULL
;
512 wpa_s
->last_con_fail_realm_len
= 0;
514 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
515 eapol_sm_deinit(wpa_s
->eapol
);
518 rsn_preauth_deinit(wpa_s
->wpa
);
521 wpa_tdls_deinit(wpa_s
->wpa
);
522 #endif /* CONFIG_TDLS */
524 wmm_ac_clear_saved_tspecs(wpa_s
);
525 pmksa_candidate_free(wpa_s
->wpa
);
526 wpa_sm_deinit(wpa_s
->wpa
);
528 wpa_blacklist_clear(wpa_s
);
530 wpa_bss_deinit(wpa_s
);
532 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
533 wpa_supplicant_cancel_scan(wpa_s
);
534 wpa_supplicant_cancel_auth_timeout(wpa_s
);
535 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
536 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
537 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
539 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
541 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
543 wpas_wps_deinit(wpa_s
);
545 wpabuf_free(wpa_s
->pending_eapol_rx
);
546 wpa_s
->pending_eapol_rx
= NULL
;
548 #ifdef CONFIG_IBSS_RSN
549 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
550 wpa_s
->ibss_rsn
= NULL
;
551 #endif /* CONFIG_IBSS_RSN */
556 wpa_supplicant_ap_deinit(wpa_s
);
557 #endif /* CONFIG_AP */
559 wpas_p2p_deinit(wpa_s
);
561 #ifdef CONFIG_OFFCHANNEL
562 offchannel_deinit(wpa_s
);
563 #endif /* CONFIG_OFFCHANNEL */
565 wpa_supplicant_cancel_sched_scan(wpa_s
);
567 os_free(wpa_s
->next_scan_freqs
);
568 wpa_s
->next_scan_freqs
= NULL
;
570 os_free(wpa_s
->manual_scan_freqs
);
571 wpa_s
->manual_scan_freqs
= NULL
;
572 os_free(wpa_s
->select_network_scan_freqs
);
573 wpa_s
->select_network_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_sched_scan_freqs
);
576 wpa_s
->manual_sched_scan_freqs
= NULL
;
578 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
581 * Need to remove any pending gas-query radio work before the
582 * gas_query_deinit() call because gas_query::work has not yet been set
583 * for works that have not been started. gas_query_free() will be unable
584 * to cancel such pending radio works and once the pending gas-query
585 * radio work eventually gets removed, the deinit notification call to
586 * gas_query_start_cb() would result in dereferencing freed memory.
589 radio_remove_works(wpa_s
, "gas-query", 0);
590 gas_query_deinit(wpa_s
->gas
);
592 gas_server_deinit(wpa_s
->gas_server
);
593 wpa_s
->gas_server
= NULL
;
595 free_hw_features(wpa_s
);
597 ieee802_1x_dealloc_kay_sm(wpa_s
);
599 os_free(wpa_s
->bssid_filter
);
600 wpa_s
->bssid_filter
= NULL
;
602 os_free(wpa_s
->disallow_aps_bssid
);
603 wpa_s
->disallow_aps_bssid
= NULL
;
604 os_free(wpa_s
->disallow_aps_ssid
);
605 wpa_s
->disallow_aps_ssid
= NULL
;
607 wnm_bss_keep_alive_deinit(wpa_s
);
609 wnm_deallocate_memory(wpa_s
);
610 #endif /* CONFIG_WNM */
612 ext_password_deinit(wpa_s
->ext_pw
);
613 wpa_s
->ext_pw
= NULL
;
615 wpabuf_free(wpa_s
->last_gas_resp
);
616 wpa_s
->last_gas_resp
= NULL
;
617 wpabuf_free(wpa_s
->prev_gas_resp
);
618 wpa_s
->prev_gas_resp
= NULL
;
620 os_free(wpa_s
->last_scan_res
);
621 wpa_s
->last_scan_res
= NULL
;
625 wpa_drv_configure_frame_filters(wpa_s
, 0);
627 #endif /* CONFIG_HS20 */
629 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
630 wpabuf_free(wpa_s
->vendor_elem
[i
]);
631 wpa_s
->vendor_elem
[i
] = NULL
;
634 wmm_ac_notify_disassoc(wpa_s
);
636 wpa_s
->sched_scan_plans_num
= 0;
637 os_free(wpa_s
->sched_scan_plans
);
638 wpa_s
->sched_scan_plans
= NULL
;
641 wpa_s
->non_pref_chan_num
= 0;
642 os_free(wpa_s
->non_pref_chan
);
643 wpa_s
->non_pref_chan
= NULL
;
644 #endif /* CONFIG_MBO */
646 free_bss_tmp_disallowed(wpa_s
);
648 wpabuf_free(wpa_s
->lci
);
650 wpas_clear_beacon_rep_data(wpa_s
);
652 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
655 struct external_pmksa_cache
*entry
;
657 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
658 struct external_pmksa_cache
,
660 dl_list_del(&entry
->list
);
661 os_free(entry
->pmksa_cache
);
665 #endif /* CONFIG_MESH */
666 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
668 wpas_flush_fils_hlp_req(wpa_s
);
670 wpabuf_free(wpa_s
->ric_ies
);
671 wpa_s
->ric_ies
= NULL
;
674 wpas_dpp_deinit(wpa_s
);
675 #endif /* CONFIG_DPP */
680 * wpa_clear_keys - Clear keys configured for the driver
681 * @wpa_s: Pointer to wpa_supplicant data
682 * @addr: Previously used BSSID or %NULL if not available
684 * This function clears the encryption keys that has been previously configured
687 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
691 #ifdef CONFIG_IEEE80211W
693 #else /* CONFIG_IEEE80211W */
695 #endif /* CONFIG_IEEE80211W */
697 /* MLME-DELETEKEYS.request */
698 for (i
= 0; i
< max
; i
++) {
699 if (wpa_s
->keys_cleared
& BIT(i
))
701 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
704 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
705 !is_zero_ether_addr(addr
)) {
706 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
708 /* MLME-SETPROTECTION.request(None) */
709 wpa_drv_mlme_setprotection(
711 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
712 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
714 wpa_s
->keys_cleared
= (u32
) -1;
719 * wpa_supplicant_state_txt - Get the connection state name as a text string
720 * @state: State (wpa_state; WPA_*)
721 * Returns: The state name as a printable text string
723 const char * wpa_supplicant_state_txt(enum wpa_states state
)
726 case WPA_DISCONNECTED
:
727 return "DISCONNECTED";
730 case WPA_INTERFACE_DISABLED
:
731 return "INTERFACE_DISABLED";
734 case WPA_AUTHENTICATING
:
735 return "AUTHENTICATING";
736 case WPA_ASSOCIATING
:
737 return "ASSOCIATING";
740 case WPA_4WAY_HANDSHAKE
:
741 return "4WAY_HANDSHAKE";
742 case WPA_GROUP_HANDSHAKE
:
743 return "GROUP_HANDSHAKE";
754 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
758 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
759 name
= wpa_s
->current_ssid
->bgscan
;
761 name
= wpa_s
->conf
->bgscan
;
762 if (name
== NULL
|| name
[0] == '\0')
764 if (wpas_driver_bss_selection(wpa_s
))
766 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
769 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
771 #endif /* CONFIG_P2P */
773 bgscan_deinit(wpa_s
);
774 if (wpa_s
->current_ssid
) {
775 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
776 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
779 * Live without bgscan; it is only used as a roaming
780 * optimization, so the initial connection is not
784 struct wpa_scan_results
*scan_res
;
785 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
786 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
789 bgscan_notify_scan(wpa_s
, scan_res
);
790 wpa_scan_results_free(scan_res
);
794 wpa_s
->bgscan_ssid
= NULL
;
798 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
800 if (wpa_s
->bgscan_ssid
!= NULL
) {
801 bgscan_deinit(wpa_s
);
802 wpa_s
->bgscan_ssid
= NULL
;
806 #endif /* CONFIG_BGSCAN */
809 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
811 if (autoscan_init(wpa_s
, 0))
812 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
816 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
818 autoscan_deinit(wpa_s
);
822 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
824 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
825 wpa_s
->wpa_state
== WPA_SCANNING
) {
826 autoscan_deinit(wpa_s
);
827 wpa_supplicant_start_autoscan(wpa_s
);
833 * wpa_supplicant_set_state - Set current connection state
834 * @wpa_s: Pointer to wpa_supplicant data
835 * @state: The new connection state
837 * This function is called whenever the connection state changes, e.g.,
838 * association is completed for WPA/WPA2 4-Way Handshake is started.
840 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
841 enum wpa_states state
)
843 enum wpa_states old_state
= wpa_s
->wpa_state
;
845 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
846 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
847 wpa_supplicant_state_txt(state
));
849 if (state
== WPA_INTERFACE_DISABLED
) {
850 /* Assure normal scan when interface is restored */
851 wpa_s
->normal_scans
= 0;
854 if (state
== WPA_COMPLETED
) {
855 wpas_connect_work_done(wpa_s
);
856 /* Reinitialize normal_scan counter */
857 wpa_s
->normal_scans
= 0;
862 * P2PS client has to reply to Probe Request frames received on the
863 * group operating channel. Enable Probe Request frame reporting for
864 * P2P connected client in case p2p_cli_probe configuration property is
867 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
868 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
869 wpa_s
->current_ssid
->p2p_group
) {
870 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
871 wpa_dbg(wpa_s
, MSG_DEBUG
,
872 "P2P: Enable CLI Probe Request RX reporting");
873 wpa_s
->p2p_cli_probe
=
874 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
875 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
876 wpa_dbg(wpa_s
, MSG_DEBUG
,
877 "P2P: Disable CLI Probe Request RX reporting");
878 wpa_s
->p2p_cli_probe
= 0;
879 wpa_drv_probe_req_report(wpa_s
, 0);
882 #endif /* CONFIG_P2P */
884 if (state
!= WPA_SCANNING
)
885 wpa_supplicant_notify_scanning(wpa_s
, 0);
887 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
888 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
889 int fils_hlp_sent
= 0;
892 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
893 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
895 #endif /* CONFIG_SME */
896 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
897 wpa_auth_alg_fils(wpa_s
->auth_alg
))
900 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
901 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
902 MACSTR
" completed [id=%d id_str=%s%s]",
903 MAC2STR(wpa_s
->bssid
),
904 ssid
? ssid
->id
: -1,
905 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
906 fils_hlp_sent
? " FILS_HLP_SENT" : "");
907 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
908 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
909 wpa_blacklist_clear(wpa_s
);
910 wpa_s
->extra_blacklist_count
= 0;
911 wpa_s
->new_connection
= 0;
912 wpa_drv_set_operstate(wpa_s
, 1);
913 #ifndef IEEE8021X_EAPOL
914 wpa_drv_set_supp_port(wpa_s
, 1);
915 #endif /* IEEE8021X_EAPOL */
916 wpa_s
->after_wps
= 0;
917 wpa_s
->known_wps_freq
= 0;
918 wpas_p2p_completed(wpa_s
);
920 sme_sched_obss_scan(wpa_s
, 1);
922 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
923 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
924 wpas_update_fils_connect_params(wpa_s
);
925 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
926 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
927 state
== WPA_ASSOCIATED
) {
928 wpa_s
->new_connection
= 1;
929 wpa_drv_set_operstate(wpa_s
, 0);
930 #ifndef IEEE8021X_EAPOL
931 wpa_drv_set_supp_port(wpa_s
, 0);
932 #endif /* IEEE8021X_EAPOL */
933 sme_sched_obss_scan(wpa_s
, 0);
935 wpa_s
->wpa_state
= state
;
938 if (state
== WPA_COMPLETED
)
939 wpa_supplicant_start_bgscan(wpa_s
);
940 else if (state
< WPA_ASSOCIATED
)
941 wpa_supplicant_stop_bgscan(wpa_s
);
942 #endif /* CONFIG_BGSCAN */
944 if (state
== WPA_AUTHENTICATING
)
945 wpa_supplicant_stop_autoscan(wpa_s
);
947 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
948 wpa_supplicant_start_autoscan(wpa_s
);
950 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
951 wmm_ac_notify_disassoc(wpa_s
);
953 if (wpa_s
->wpa_state
!= old_state
) {
954 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
957 * Notify the P2P Device interface about a state change in one
960 wpas_p2p_indicate_state_change(wpa_s
);
962 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
963 old_state
== WPA_COMPLETED
)
964 wpas_notify_auth_changed(wpa_s
);
969 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
973 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
975 struct wpa_supplicant
*next
= wpa_s
->next
;
976 if (wpas_wps_terminate_pending(wpa_s
) == 1)
979 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
980 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
981 wpas_p2p_disconnect(wpa_s
);
982 #endif /* CONFIG_P2P */
985 #endif /* CONFIG_WPS */
992 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
994 struct wpa_global
*global
= signal_ctx
;
995 wpa_supplicant_terminate_proc(global
);
999 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1001 enum wpa_states old_state
= wpa_s
->wpa_state
;
1003 wpa_s
->pairwise_cipher
= 0;
1004 wpa_s
->group_cipher
= 0;
1005 wpa_s
->mgmt_group_cipher
= 0;
1006 wpa_s
->key_mgmt
= 0;
1007 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1008 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1010 if (wpa_s
->wpa_state
!= old_state
)
1011 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1016 * wpa_supplicant_reload_configuration - Reload configuration data
1017 * @wpa_s: Pointer to wpa_supplicant data
1018 * Returns: 0 on success or -1 if configuration parsing failed
1020 * This function can be used to request that the configuration data is reloaded
1021 * (e.g., after configuration file change). This function is reloading
1022 * configuration only for one interface, so this may need to be called multiple
1023 * times if %wpa_supplicant is controlling multiple interfaces and all
1024 * interfaces need reconfiguration.
1026 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1028 struct wpa_config
*conf
;
1032 if (wpa_s
->confname
== NULL
)
1034 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1036 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1037 "file '%s' - exiting", wpa_s
->confname
);
1040 if (wpa_s
->confanother
&&
1041 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1042 wpa_msg(wpa_s
, MSG_ERROR
,
1043 "Failed to parse the configuration file '%s' - exiting",
1044 wpa_s
->confanother
);
1048 conf
->changed_parameters
= (unsigned int) -1;
1050 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1051 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1052 os_strcmp(conf
->ctrl_interface
,
1053 wpa_s
->conf
->ctrl_interface
) != 0);
1055 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1056 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1057 wpa_s
->ctrl_iface
= NULL
;
1060 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1061 if (wpa_s
->current_ssid
) {
1062 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1063 wpa_s
->own_disconnect_req
= 1;
1064 wpa_supplicant_deauthenticate(wpa_s
,
1065 WLAN_REASON_DEAUTH_LEAVING
);
1069 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1070 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1072 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1073 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1074 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1076 * Clear forced success to clear EAP state for next
1079 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1081 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1082 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1083 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1084 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1085 rsn_preauth_deinit(wpa_s
->wpa
);
1087 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1088 wpa_config_free(wpa_s
->conf
);
1090 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1091 wpas_notify_ap_scan_changed(wpa_s
);
1094 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1096 wpa_supplicant_update_config(wpa_s
);
1098 wpa_supplicant_clear_status(wpa_s
);
1099 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1100 wpa_s
->reassociate
= 1;
1101 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1103 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1108 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1110 struct wpa_global
*global
= signal_ctx
;
1111 struct wpa_supplicant
*wpa_s
;
1112 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1113 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1115 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1116 wpa_supplicant_terminate_proc(global
);
1120 if (wpa_debug_reopen_file() < 0) {
1121 /* Ignore errors since we cannot really do much to fix this */
1122 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1127 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1128 struct wpa_ssid
*ssid
,
1129 struct wpa_ie_data
*ie
)
1131 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1134 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1135 "from association info");
1140 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1142 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1143 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1144 "cipher 0x%x (mask 0x%x) - reject",
1145 ie
->group_cipher
, ssid
->group_cipher
);
1148 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1149 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1150 "cipher 0x%x (mask 0x%x) - reject",
1151 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1154 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1155 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1156 "management 0x%x (mask 0x%x) - reject",
1157 ie
->key_mgmt
, ssid
->key_mgmt
);
1161 #ifdef CONFIG_IEEE80211W
1162 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1163 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1164 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1165 "that does not support management frame protection - "
1169 #endif /* CONFIG_IEEE80211W */
1176 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1177 * @wpa_s: Pointer to wpa_supplicant data
1178 * @bss: Scan results for the selected BSS, or %NULL if not available
1179 * @ssid: Configuration data for the selected network
1180 * @wpa_ie: Buffer for the WPA/RSN IE
1181 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1182 * used buffer length in case the functions returns success.
1183 * Returns: 0 on success or -1 on failure
1185 * This function is used to configure authentication and encryption parameters
1186 * based on the network configuration and scan result for the selected BSS (if
1189 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1190 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1191 u8
*wpa_ie
, size_t *wpa_ie_len
)
1193 struct wpa_ie_data ie
;
1195 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1198 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1199 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1200 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1202 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1204 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1205 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1206 (ie
.group_cipher
& ssid
->group_cipher
) &&
1207 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1208 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1209 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1210 proto
= WPA_PROTO_RSN
;
1211 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1212 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1213 (ie
.group_cipher
& ssid
->group_cipher
) &&
1214 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1215 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1216 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1217 proto
= WPA_PROTO_WPA
;
1219 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1220 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1221 /* TODO: parse OSEN element */
1222 os_memset(&ie
, 0, sizeof(ie
));
1223 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1224 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1225 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1226 proto
= WPA_PROTO_OSEN
;
1227 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1228 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1229 (ie
.group_cipher
& ssid
->group_cipher
) &&
1230 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1231 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1232 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1233 proto
= WPA_PROTO_RSN
;
1234 #endif /* CONFIG_HS20 */
1236 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1237 wpa_dbg(wpa_s
, MSG_DEBUG
,
1238 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1239 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1241 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1242 MAC2STR(bss
->bssid
),
1243 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1244 bss_wpa
? " WPA" : "",
1245 bss_rsn
? " RSN" : "",
1246 bss_osen
? " OSEN" : "");
1248 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1249 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1250 wpa_dbg(wpa_s
, MSG_DEBUG
,
1251 "Could not parse RSN element");
1253 wpa_dbg(wpa_s
, MSG_DEBUG
,
1254 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1255 ie
.pairwise_cipher
, ie
.group_cipher
,
1260 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1261 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1262 wpa_dbg(wpa_s
, MSG_DEBUG
,
1263 "Could not parse WPA element");
1265 wpa_dbg(wpa_s
, MSG_DEBUG
,
1266 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1267 ie
.pairwise_cipher
, ie
.group_cipher
,
1273 if (ssid
->proto
& WPA_PROTO_OSEN
)
1274 proto
= WPA_PROTO_OSEN
;
1275 else if (ssid
->proto
& WPA_PROTO_RSN
)
1276 proto
= WPA_PROTO_RSN
;
1278 proto
= WPA_PROTO_WPA
;
1279 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1280 os_memset(&ie
, 0, sizeof(ie
));
1281 ie
.group_cipher
= ssid
->group_cipher
;
1282 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1283 ie
.key_mgmt
= ssid
->key_mgmt
;
1284 #ifdef CONFIG_IEEE80211W
1285 ie
.mgmt_group_cipher
= 0;
1286 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1287 if (ssid
->group_mgmt_cipher
&
1288 WPA_CIPHER_BIP_GMAC_256
)
1289 ie
.mgmt_group_cipher
=
1290 WPA_CIPHER_BIP_GMAC_256
;
1291 else if (ssid
->group_mgmt_cipher
&
1292 WPA_CIPHER_BIP_CMAC_256
)
1293 ie
.mgmt_group_cipher
=
1294 WPA_CIPHER_BIP_CMAC_256
;
1295 else if (ssid
->group_mgmt_cipher
&
1296 WPA_CIPHER_BIP_GMAC_128
)
1297 ie
.mgmt_group_cipher
=
1298 WPA_CIPHER_BIP_GMAC_128
;
1300 ie
.mgmt_group_cipher
=
1301 WPA_CIPHER_AES_128_CMAC
;
1303 #endif /* CONFIG_IEEE80211W */
1305 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1307 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1308 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1309 wpa_s
->wpa_proto
= 0;
1313 #endif /* CONFIG_OWE */
1314 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1315 "based on configuration");
1320 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1321 "pairwise %d key_mgmt %d proto %d",
1322 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1323 #ifdef CONFIG_IEEE80211W
1324 if (ssid
->ieee80211w
) {
1325 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1326 ie
.mgmt_group_cipher
);
1328 #endif /* CONFIG_IEEE80211W */
1330 wpa_s
->wpa_proto
= proto
;
1331 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1332 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1333 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1335 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1336 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1337 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1338 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1339 bss_rsn
? 2 + bss_rsn
[1] : 0))
1343 #ifdef CONFIG_NO_WPA
1344 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1345 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1346 #else /* CONFIG_NO_WPA */
1347 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1348 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1349 if (wpa_s
->group_cipher
< 0) {
1350 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1354 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1355 wpa_cipher_txt(wpa_s
->group_cipher
));
1357 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1358 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1359 if (wpa_s
->pairwise_cipher
< 0) {
1360 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1364 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1365 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1366 #endif /* CONFIG_NO_WPA */
1368 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1370 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1371 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1372 #endif /* CONFIG_SAE */
1374 #ifdef CONFIG_SUITEB192
1375 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1376 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1377 wpa_dbg(wpa_s
, MSG_DEBUG
,
1378 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1379 #endif /* CONFIG_SUITEB192 */
1380 #ifdef CONFIG_SUITEB
1381 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1382 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1383 wpa_dbg(wpa_s
, MSG_DEBUG
,
1384 "WPA: using KEY_MGMT 802.1X with Suite B");
1385 #endif /* CONFIG_SUITEB */
1387 #ifdef CONFIG_IEEE80211R
1388 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1389 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1390 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1391 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1392 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1393 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1394 #endif /* CONFIG_IEEE80211R */
1395 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1396 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1397 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1398 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1399 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1400 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1401 #endif /* CONFIG_FILS */
1402 #ifdef CONFIG_IEEE80211R
1403 #ifdef CONFIG_SHA384
1404 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) {
1405 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1406 wpa_dbg(wpa_s
, MSG_DEBUG
,
1407 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1408 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1409 /* PMKSA caching with FT is not fully functional, so
1410 * disable the case for now. */
1411 wpa_dbg(wpa_s
, MSG_DEBUG
,
1412 "WPA: Disable PMKSA caching for FT/802.1X connection");
1413 pmksa_cache_clear_current(wpa_s
->wpa
);
1415 #endif /* CONFIG_SHA384 */
1416 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1417 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1418 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1419 if (pmksa_cache_get_current(wpa_s
->wpa
)) {
1420 /* PMKSA caching with FT is not fully functional, so
1421 * disable the case for now. */
1422 wpa_dbg(wpa_s
, MSG_DEBUG
,
1423 "WPA: Disable PMKSA caching for FT/802.1X connection");
1424 pmksa_cache_clear_current(wpa_s
->wpa
);
1426 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1427 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1428 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1429 #endif /* CONFIG_IEEE80211R */
1431 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1432 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1433 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1434 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1435 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1436 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1437 #endif /* CONFIG_SAE */
1438 #ifdef CONFIG_IEEE80211W
1439 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1440 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1441 wpa_dbg(wpa_s
, MSG_DEBUG
,
1442 "WPA: using KEY_MGMT 802.1X with SHA256");
1443 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1444 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1445 wpa_dbg(wpa_s
, MSG_DEBUG
,
1446 "WPA: using KEY_MGMT PSK with SHA256");
1447 #endif /* CONFIG_IEEE80211W */
1448 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1449 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1450 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1451 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1452 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1453 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1454 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1455 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1456 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1458 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1459 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1460 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1461 #endif /* CONFIG_HS20 */
1463 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1464 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1465 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1466 #endif /* CONFIG_OWE */
1468 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1469 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1470 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1471 #endif /* CONFIG_DPP */
1473 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1474 "authenticated key management type");
1478 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1479 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1480 wpa_s
->pairwise_cipher
);
1481 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1483 #ifdef CONFIG_IEEE80211W
1484 sel
= ie
.mgmt_group_cipher
;
1485 if (ssid
->group_mgmt_cipher
)
1486 sel
&= ssid
->group_mgmt_cipher
;
1487 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1488 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1490 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1491 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1492 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1494 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1495 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1496 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1498 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1499 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1500 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1502 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1503 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1504 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1507 wpa_s
->mgmt_group_cipher
= 0;
1508 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1510 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1511 wpa_s
->mgmt_group_cipher
);
1512 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1513 wpas_get_ssid_pmf(wpa_s
, ssid
));
1514 #endif /* CONFIG_IEEE80211W */
1516 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1517 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1521 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1525 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1526 WPA_KEY_MGMT_FT_PSK
|
1527 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1529 if (ssid
->psk_set
&& !sae_only
) {
1530 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1531 ssid
->psk
, PMK_LEN
);
1532 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1537 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1538 (ssid
->sae_password
|| ssid
->passphrase
))
1541 #ifndef CONFIG_NO_PBKDF2
1542 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1543 ssid
->passphrase
&& !sae_only
) {
1545 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1546 4096, psk
, PMK_LEN
);
1547 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1549 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1551 os_memset(psk
, 0, sizeof(psk
));
1553 #endif /* CONFIG_NO_PBKDF2 */
1554 #ifdef CONFIG_EXT_PASSWORD
1555 if (ssid
->ext_psk
&& !sae_only
) {
1556 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1558 char pw_str
[64 + 1];
1562 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1563 "found from external storage");
1567 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1568 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1569 "PSK length %d in external storage",
1570 (int) wpabuf_len(pw
));
1571 ext_password_free(pw
);
1575 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1576 pw_str
[wpabuf_len(pw
)] = '\0';
1578 #ifndef CONFIG_NO_PBKDF2
1579 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1581 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1582 4096, psk
, PMK_LEN
);
1583 os_memset(pw_str
, 0, sizeof(pw_str
));
1584 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1585 "external passphrase)",
1587 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1590 os_memset(psk
, 0, sizeof(psk
));
1592 #endif /* CONFIG_NO_PBKDF2 */
1593 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1594 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1595 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1596 "Invalid PSK hex string");
1597 os_memset(pw_str
, 0, sizeof(pw_str
));
1598 ext_password_free(pw
);
1601 wpa_hexdump_key(MSG_MSGDUMP
,
1602 "PSK (from external PSK)",
1604 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1607 os_memset(psk
, 0, sizeof(psk
));
1609 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1611 os_memset(pw_str
, 0, sizeof(pw_str
));
1612 ext_password_free(pw
);
1616 os_memset(pw_str
, 0, sizeof(pw_str
));
1617 ext_password_free(pw
);
1619 #endif /* CONFIG_EXT_PASSWORD */
1622 wpa_msg(wpa_s
, MSG_INFO
,
1623 "No PSK available for association");
1624 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1628 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1629 /* OWE Diffie-Hellman exchange in (Re)Association
1630 * Request/Response frames set the PMK, so do not override it
1632 #endif /* CONFIG_OWE */
1634 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1640 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1645 case 0: /* Bits 0-7 */
1647 case 1: /* Bits 8-15 */
1649 case 2: /* Bits 16-23 */
1651 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1652 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1653 #endif /* CONFIG_WNM */
1655 case 3: /* Bits 24-31 */
1657 *pos
|= 0x02; /* Bit 25 - SSID List */
1658 #endif /* CONFIG_WNM */
1659 #ifdef CONFIG_INTERWORKING
1660 if (wpa_s
->conf
->interworking
)
1661 *pos
|= 0x80; /* Bit 31 - Interworking */
1662 #endif /* CONFIG_INTERWORKING */
1664 case 4: /* Bits 32-39 */
1665 #ifdef CONFIG_INTERWORKING
1666 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1667 *pos
|= 0x01; /* Bit 32 - QoS Map */
1668 #endif /* CONFIG_INTERWORKING */
1670 case 5: /* Bits 40-47 */
1672 if (wpa_s
->conf
->hs20
)
1673 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1674 #endif /* CONFIG_HS20 */
1676 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1677 #endif /* CONFIG_MBO */
1679 case 6: /* Bits 48-55 */
1681 case 7: /* Bits 56-63 */
1683 case 8: /* Bits 64-71 */
1684 if (wpa_s
->conf
->ftm_responder
)
1685 *pos
|= 0x40; /* Bit 70 - FTM responder */
1686 if (wpa_s
->conf
->ftm_initiator
)
1687 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1689 case 9: /* Bits 72-79 */
1691 if (!wpa_s
->disable_fils
)
1693 #endif /* CONFIG_FILS */
1699 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1704 if (len
< wpa_s
->extended_capa_len
)
1705 len
= wpa_s
->extended_capa_len
;
1706 if (buflen
< (size_t) len
+ 2) {
1707 wpa_printf(MSG_INFO
,
1708 "Not enough room for building extended capabilities element");
1712 *pos
++ = WLAN_EID_EXT_CAPAB
;
1714 for (i
= 0; i
< len
; i
++, pos
++) {
1715 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1717 if (i
< wpa_s
->extended_capa_len
) {
1718 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1719 *pos
|= wpa_s
->extended_capa
[i
];
1723 while (len
> 0 && buf
[1 + len
] == 0) {
1734 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1735 struct wpa_bss
*test_bss
)
1737 struct wpa_bss
*bss
;
1739 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1740 if (bss
== test_bss
)
1748 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1749 struct wpa_ssid
*test_ssid
)
1751 struct wpa_ssid
*ssid
;
1753 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1754 if (ssid
== test_ssid
)
1762 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1763 struct wpa_ssid
*test_ssid
)
1765 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1768 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1772 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1780 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1782 struct wpa_connect_work
*cwork
;
1783 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1788 wpa_s
->connect_work
= NULL
;
1791 wpas_connect_work_free(cwork
);
1792 radio_work_done(work
);
1796 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1798 struct os_reltime now
;
1801 os_get_reltime(&now
);
1802 if (wpa_s
->last_mac_addr_style
== style
&&
1803 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1804 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1805 wpa_s
->conf
->rand_addr_lifetime
)) {
1806 wpa_msg(wpa_s
, MSG_DEBUG
,
1807 "Previously selected random MAC address has not yet expired");
1813 if (random_mac_addr(addr
) < 0)
1817 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1818 if (random_mac_addr_keep_oui(addr
) < 0)
1825 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1826 wpa_msg(wpa_s
, MSG_INFO
,
1827 "Failed to set random MAC address");
1831 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1832 wpa_s
->mac_addr_changed
= 1;
1833 wpa_s
->last_mac_addr_style
= style
;
1835 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1836 wpa_msg(wpa_s
, MSG_INFO
,
1837 "Could not update MAC address information");
1841 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1848 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1850 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1851 !wpa_s
->conf
->preassoc_mac_addr
)
1854 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1858 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1861 * wpa_supplicant_associate - Request association
1862 * @wpa_s: Pointer to wpa_supplicant data
1863 * @bss: Scan results for the selected BSS, or %NULL if not available
1864 * @ssid: Configuration data for the selected network
1866 * This function is used to request %wpa_supplicant to associate with a BSS.
1868 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1869 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1871 struct wpa_connect_work
*cwork
;
1874 wpa_s
->own_disconnect_req
= 0;
1877 * If we are starting a new connection, any previously pending EAPOL
1878 * RX cannot be valid anymore.
1880 wpabuf_free(wpa_s
->pending_eapol_rx
);
1881 wpa_s
->pending_eapol_rx
= NULL
;
1883 if (ssid
->mac_addr
== -1)
1884 rand_style
= wpa_s
->conf
->mac_addr
;
1886 rand_style
= ssid
->mac_addr
;
1888 wmm_ac_clear_saved_tspecs(wpa_s
);
1889 wpa_s
->reassoc_same_bss
= 0;
1890 wpa_s
->reassoc_same_ess
= 0;
1891 #ifdef CONFIG_TESTING_OPTIONS
1892 wpa_s
->testing_resend_assoc
= 0;
1893 #endif /* CONFIG_TESTING_OPTIONS */
1895 if (wpa_s
->last_ssid
== ssid
) {
1896 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1897 wpa_s
->reassoc_same_ess
= 1;
1898 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1899 wmm_ac_save_tspecs(wpa_s
);
1900 wpa_s
->reassoc_same_bss
= 1;
1904 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1905 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1907 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1908 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1909 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1910 wpa_msg(wpa_s
, MSG_INFO
,
1911 "Could not restore permanent MAC address");
1914 wpa_s
->mac_addr_changed
= 0;
1915 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1916 wpa_msg(wpa_s
, MSG_INFO
,
1917 "Could not update MAC address information");
1920 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1922 wpa_s
->last_ssid
= ssid
;
1924 #ifdef CONFIG_IBSS_RSN
1925 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1926 wpa_s
->ibss_rsn
= NULL
;
1927 #else /* CONFIG_IBSS_RSN */
1928 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1929 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1930 wpa_msg(wpa_s
, MSG_INFO
,
1931 "IBSS RSN not supported in the build");
1934 #endif /* CONFIG_IBSS_RSN */
1936 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1937 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1939 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1940 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1944 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1945 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1946 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1947 wpas_p2p_ap_setup_failed(wpa_s
);
1950 wpa_s
->current_bss
= bss
;
1951 #else /* CONFIG_AP */
1952 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1954 #endif /* CONFIG_AP */
1958 if (ssid
->mode
== WPAS_MODE_MESH
) {
1960 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1961 wpa_msg(wpa_s
, MSG_INFO
,
1962 "Driver does not support mesh mode");
1966 ssid
->frequency
= bss
->freq
;
1967 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1968 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1971 wpa_s
->current_bss
= bss
;
1972 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1973 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1975 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1976 #else /* CONFIG_MESH */
1977 wpa_msg(wpa_s
, MSG_ERROR
,
1978 "mesh mode support not included in the build");
1979 #endif /* CONFIG_MESH */
1984 * Set WPA state machine configuration to match the selected network now
1985 * so that the information is available before wpas_start_assoc_cb()
1986 * gets called. This is needed at least for RSN pre-authentication where
1987 * candidate APs are added to a list based on scan result processing
1988 * before completion of the first association.
1990 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1993 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
1995 #endif /* CONFIG_DPP */
1999 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2001 #endif /* CONFIG_TDLS */
2003 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2004 ssid
->mode
== IEEE80211_MODE_INFRA
) {
2005 sme_authenticate(wpa_s
, bss
, ssid
);
2009 if (wpa_s
->connect_work
) {
2010 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2014 if (radio_work_pending(wpa_s
, "connect")) {
2015 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2020 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2021 /* Clear possibly set auth_alg, if any, from last attempt. */
2022 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2024 #endif /* CONFIG_SME */
2026 wpas_abort_ongoing_scan(wpa_s
);
2028 cwork
= os_zalloc(sizeof(*cwork
));
2035 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2036 wpas_start_assoc_cb
, cwork
) < 0) {
2042 static int bss_is_ibss(struct wpa_bss
*bss
)
2044 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2049 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2050 const struct wpa_ssid
*ssid
)
2052 enum hostapd_hw_mode hw_mode
;
2053 struct hostapd_hw_modes
*mode
= NULL
;
2057 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2058 if (hw_mode
== NUM_HOSTAPD_MODES
)
2060 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2061 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2062 mode
= &wpa_s
->hw
.modes
[i
];
2070 return mode
->vht_capab
!= 0;
2074 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2075 const struct wpa_ssid
*ssid
,
2076 struct hostapd_freq_params
*freq
)
2078 enum hostapd_hw_mode hw_mode
;
2079 struct hostapd_hw_modes
*mode
= NULL
;
2080 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2082 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2083 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2085 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2087 struct hostapd_freq_params vht_freq
;
2088 int chwidth
, seg0
, seg1
;
2091 freq
->freq
= ssid
->frequency
;
2093 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2094 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2096 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2099 /* Don't adjust control freq in case of fixed_freq */
2100 if (ssid
->fixed_freq
)
2103 if (!bss_is_ibss(bss
))
2106 if (ssid
->ssid_len
== bss
->ssid_len
&&
2107 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2108 wpa_printf(MSG_DEBUG
,
2109 "IBSS already found in scan results, adjust control freq: %d",
2111 freq
->freq
= bss
->freq
;
2117 /* For IBSS check HT_IBSS flag */
2118 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2119 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2122 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2123 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2124 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2125 wpa_printf(MSG_DEBUG
,
2126 "IBSS: WEP/TKIP detected, do not try to enable HT");
2130 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2131 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2132 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2133 mode
= &wpa_s
->hw
.modes
[i
];
2141 #ifdef CONFIG_HT_OVERRIDES
2142 if (ssid
->disable_ht
) {
2143 freq
->ht_enabled
= 0;
2146 #endif /* CONFIG_HT_OVERRIDES */
2148 freq
->ht_enabled
= ht_supported(mode
);
2149 if (!freq
->ht_enabled
)
2152 /* Setup higher BW only for 5 GHz */
2153 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2156 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2157 pri_chan
= &mode
->channels
[chan_idx
];
2158 if (pri_chan
->chan
== channel
)
2165 /* Check primary channel flags */
2166 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2169 #ifdef CONFIG_HT_OVERRIDES
2170 if (ssid
->disable_ht40
)
2172 #endif /* CONFIG_HT_OVERRIDES */
2174 /* Check/setup HT40+/HT40- */
2175 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2176 if (ht40plus
[j
] == channel
) {
2182 /* Find secondary channel */
2183 for (i
= 0; i
< mode
->num_channels
; i
++) {
2184 sec_chan
= &mode
->channels
[i
];
2185 if (sec_chan
->chan
== channel
+ ht40
* 4)
2192 /* Check secondary channel flags */
2193 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2196 freq
->channel
= pri_chan
->chan
;
2199 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2202 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2205 freq
->sec_channel_offset
= ht40
;
2208 struct wpa_scan_results
*scan_res
;
2210 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2211 if (scan_res
== NULL
) {
2213 freq
->sec_channel_offset
= 0;
2217 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2222 freq
->sec_channel_offset
= 0;
2225 /* Configuration allowed */
2228 /* Switch pri/sec channels */
2229 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2230 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2231 freq
->channel
= sec_chan
->chan
;
2234 freq
->sec_channel_offset
= 0;
2238 wpa_scan_results_free(scan_res
);
2241 wpa_printf(MSG_DEBUG
,
2242 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2243 freq
->channel
, freq
->sec_channel_offset
);
2245 if (!drv_supports_vht(wpa_s
, ssid
))
2248 /* For IBSS check VHT_IBSS flag */
2249 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2250 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2255 #ifdef CONFIG_VHT_OVERRIDES
2256 if (ssid
->disable_vht
) {
2257 freq
->vht_enabled
= 0;
2260 #endif /* CONFIG_VHT_OVERRIDES */
2262 vht_freq
.vht_enabled
= vht_supported(mode
);
2263 if (!vht_freq
.vht_enabled
)
2266 /* setup center_freq1, bandwidth */
2267 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2268 if (freq
->channel
>= vht80
[j
] &&
2269 freq
->channel
< vht80
[j
] + 16)
2273 if (j
== ARRAY_SIZE(vht80
))
2276 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2277 struct hostapd_channel_data
*chan
;
2279 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2283 /* Back to HT configuration if channel not usable */
2284 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2288 chwidth
= VHT_CHANWIDTH_80MHZ
;
2289 seg0
= vht80
[j
] + 6;
2292 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2293 /* setup center_freq2, bandwidth */
2294 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2295 /* Only accept 80 MHz segments separated by a gap */
2296 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2298 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2299 struct hostapd_channel_data
*chan
;
2301 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2305 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2306 HOSTAPD_CHAN_NO_IR
|
2307 HOSTAPD_CHAN_RADAR
))
2310 /* Found a suitable second segment for 80+80 */
2311 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2313 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2314 seg1
= vht80
[k
] + 6;
2317 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2320 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2321 if (freq
->freq
== 5180) {
2322 chwidth
= VHT_CHANWIDTH_160MHZ
;
2323 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2325 } else if (freq
->freq
== 5520) {
2326 chwidth
= VHT_CHANWIDTH_160MHZ
;
2327 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2332 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2333 freq
->channel
, freq
->ht_enabled
,
2334 vht_freq
.vht_enabled
,
2335 freq
->sec_channel_offset
,
2336 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2341 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2342 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2347 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2350 struct fils_hlp_req
*req
;
2351 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2355 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2357 rem_len
= ie_buf_len
- ie_len
;
2358 pos
= wpabuf_head(req
->pkt
);
2359 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2360 hlp_len
= wpabuf_len(req
->pkt
);
2362 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2363 wpa_printf(MSG_ERROR
,
2364 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2365 (unsigned long) rem_len
,
2366 (unsigned long) (2 + hdr_len
+ hlp_len
));
2370 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2372 *buf
++ = WLAN_EID_EXTENSION
;
2375 /* Element ID Extension */
2376 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2377 /* Destination MAC address */
2378 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2380 /* Source MAC address */
2381 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2383 /* LLC/SNAP Header */
2384 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2387 os_memcpy(buf
, pos
, len
- hdr_len
);
2388 buf
+= len
- hdr_len
;
2389 pos
+= len
- hdr_len
;
2391 hlp_len
-= len
- hdr_len
;
2396 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2397 if (rem_len
< 2 + len
)
2399 *buf
++ = WLAN_EID_FRAGMENT
;
2401 os_memcpy(buf
, pos
, len
);
2415 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2417 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2418 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2419 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2420 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2424 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2426 #ifdef CONFIG_FILS_SK_PFS
2427 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2428 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2429 #else /* CONFIG_FILS_SK_PFS */
2431 #endif /* CONFIG_FILS_SK_PFS */
2434 #endif /* CONFIG_FILS */
2437 static u8
* wpas_populate_assoc_ies(
2438 struct wpa_supplicant
*wpa_s
,
2439 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2440 struct wpa_driver_associate_params
*params
,
2441 enum wpa_drv_update_connect_params_mask
*mask
)
2444 size_t max_wpa_ie_len
= 500;
2446 int algs
= WPA_AUTH_ALG_OPEN
;
2451 const u8
*realm
, *username
, *rrk
;
2452 size_t realm_len
, username_len
, rrk_len
;
2454 struct fils_hlp_req
*req
;
2456 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2458 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2459 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2461 #endif /* CONFIG_FILS */
2463 wpa_ie
= os_malloc(max_wpa_ie_len
);
2465 wpa_printf(MSG_ERROR
,
2466 "Failed to allocate connect IE buffer for %lu bytes",
2467 (unsigned long) max_wpa_ie_len
);
2471 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2472 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2473 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2474 int try_opportunistic
;
2475 const u8
*cache_id
= NULL
;
2477 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2479 ssid
->proactive_key_caching
) &&
2480 (ssid
->proto
& WPA_PROTO_RSN
);
2482 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2483 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2484 #endif /* CONFIG_FILS */
2485 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2486 ssid
, try_opportunistic
,
2488 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2489 wpa_ie_len
= max_wpa_ie_len
;
2490 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2491 wpa_ie
, &wpa_ie_len
)) {
2492 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2493 "key management and encryption suites");
2497 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2498 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2500 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2501 * use non-WPA since the scan results did not indicate that the
2502 * AP is using WPA or WPA2.
2504 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2506 wpa_s
->wpa_proto
= 0;
2507 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2508 wpa_ie_len
= max_wpa_ie_len
;
2509 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2510 wpa_ie
, &wpa_ie_len
)) {
2511 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2512 "key management and encryption suites (no "
2518 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2519 struct wpabuf
*wps_ie
;
2520 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2521 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2522 wpa_ie_len
= wpabuf_len(wps_ie
);
2523 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2526 wpabuf_free(wps_ie
);
2527 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2528 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2529 params
->wps
= WPS_MODE_PRIVACY
;
2531 params
->wps
= WPS_MODE_OPEN
;
2532 wpa_s
->wpa_proto
= 0;
2533 #endif /* CONFIG_WPS */
2535 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2537 wpa_s
->wpa_proto
= 0;
2540 #ifdef IEEE8021X_EAPOL
2541 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2543 if (ssid
->non_leap
== 0)
2544 algs
= WPA_AUTH_ALG_LEAP
;
2546 algs
|= WPA_AUTH_ALG_LEAP
;
2551 /* Clear FILS association */
2552 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2554 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2555 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2556 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2557 &username_len
, &realm
, &realm_len
,
2558 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2559 (!wpa_s
->last_con_fail_realm
||
2560 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2561 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2562 algs
= WPA_AUTH_ALG_FILS
;
2563 params
->fils_erp_username
= username
;
2564 params
->fils_erp_username_len
= username_len
;
2565 params
->fils_erp_realm
= realm
;
2566 params
->fils_erp_realm_len
= realm_len
;
2567 params
->fils_erp_next_seq_num
= next_seq_num
;
2568 params
->fils_erp_rrk
= rrk
;
2569 params
->fils_erp_rrk_len
= rrk_len
;
2572 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2574 #endif /* CONFIG_FILS */
2575 #endif /* IEEE8021X_EAPOL */
2577 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2578 algs
= WPA_AUTH_ALG_SAE
;
2579 #endif /* CONFIG_SAE */
2581 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2582 if (ssid
->auth_alg
) {
2583 algs
= ssid
->auth_alg
;
2584 wpa_dbg(wpa_s
, MSG_DEBUG
,
2585 "Overriding auth_alg selection: 0x%x", algs
);
2589 if (wpa_s
->global
->p2p
) {
2593 pos
= wpa_ie
+ wpa_ie_len
;
2594 len
= max_wpa_ie_len
- wpa_ie_len
;
2595 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2601 wpa_s
->cross_connect_disallowed
= 0;
2604 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2606 wpa_s
->cross_connect_disallowed
=
2607 p2p_get_cross_connect_disallowed(p2p
);
2609 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2611 wpa_s
->cross_connect_disallowed
?
2612 "disallows" : "allows");
2616 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2617 #endif /* CONFIG_P2P */
2620 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2621 wpa_ie
+ wpa_ie_len
,
2627 * Workaround: Add Extended Capabilities element only if the AP
2628 * included this element in Beacon/Probe Response frames. Some older
2629 * APs seem to have interoperability issues if this element is
2630 * included, so while the standard may require us to include the
2631 * element in all cases, it is justifiable to skip it to avoid
2632 * interoperability issues.
2634 if (ssid
->p2p_group
)
2635 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2637 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2639 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2642 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2644 if (ext_capab_len
> 0 &&
2645 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2647 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2649 os_memmove(pos
+ ext_capab_len
, pos
,
2650 wpa_ie_len
- (pos
- wpa_ie
));
2651 wpa_ie_len
+= ext_capab_len
;
2652 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2657 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2658 struct wpabuf
*hs20
;
2660 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2662 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2665 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2666 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2667 len
= max_wpa_ie_len
- wpa_ie_len
;
2668 if (wpabuf_len(hs20
) <= len
) {
2669 os_memcpy(wpa_ie
+ wpa_ie_len
,
2670 wpabuf_head(hs20
), wpabuf_len(hs20
));
2671 wpa_ie_len
+= wpabuf_len(hs20
);
2675 hs20_configure_frame_filters(wpa_s
);
2678 #endif /* CONFIG_HS20 */
2680 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2681 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2684 len
= max_wpa_ie_len
- wpa_ie_len
;
2685 if (wpabuf_len(buf
) <= len
) {
2686 os_memcpy(wpa_ie
+ wpa_ie_len
,
2687 wpabuf_head(buf
), wpabuf_len(buf
));
2688 wpa_ie_len
+= wpabuf_len(buf
);
2693 if (wpa_s
->fst_ies
) {
2694 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2696 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2697 os_memcpy(wpa_ie
+ wpa_ie_len
,
2698 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2699 wpa_ie_len
+= fst_ies_len
;
2702 #endif /* CONFIG_FST */
2705 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2709 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2710 max_wpa_ie_len
- wpa_ie_len
,
2711 !!mbo_attr_from_mbo_ie(mbo_ie
,
2712 OCE_ATTR_ID_CAPA_IND
));
2716 #endif /* CONFIG_MBO */
2719 if (algs
== WPA_AUTH_ALG_FILS
) {
2722 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2723 max_wpa_ie_len
- wpa_ie_len
);
2726 #endif /* CONFIG_FILS */
2729 #ifdef CONFIG_TESTING_OPTIONS
2730 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2731 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2733 #endif /* CONFIG_TESTING_OPTIONS */
2734 if (algs
== WPA_AUTH_ALG_OPEN
&&
2735 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2736 struct wpabuf
*owe_ie
;
2739 if (ssid
->owe_group
) {
2740 group
= ssid
->owe_group
;
2742 if (wpa_s
->last_owe_group
== 19)
2744 else if (wpa_s
->last_owe_group
== 20)
2747 group
= OWE_DH_GROUP
;
2749 wpa_s
->last_owe_group
= group
;
2750 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2751 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2753 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2754 os_memcpy(wpa_ie
+ wpa_ie_len
,
2755 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2756 wpa_ie_len
+= wpabuf_len(owe_ie
);
2757 wpabuf_free(owe_ie
);
2760 #endif /* CONFIG_OWE */
2762 #ifdef CONFIG_IEEE80211R
2764 * Add MDIE under these conditions: the network profile allows FT,
2765 * the AP supports FT, and the mobility domain ID matches.
2767 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2768 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2770 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2772 const u8
*md
= mdie
+ 2;
2773 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2775 if (os_memcmp(md
, wpa_md
,
2776 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2777 /* Add mobility domain IE */
2778 len
= wpa_ft_add_mdie(
2779 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2780 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2784 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2785 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2786 wpa_dbg(wpa_s
, MSG_DEBUG
,
2787 "SME: Trying to use FT over-the-air");
2788 algs
|= WPA_AUTH_ALG_FT
;
2790 #endif /* CONFIG_SME */
2793 #endif /* CONFIG_IEEE80211R */
2795 params
->wpa_ie
= wpa_ie
;
2796 params
->wpa_ie_len
= wpa_ie_len
;
2797 params
->auth_alg
= algs
;
2799 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2805 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2806 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
2808 struct wpa_driver_associate_params params
;
2809 enum wpa_drv_update_connect_params_mask mask
= 0;
2812 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
2813 return; /* nothing to do */
2815 os_memset(¶ms
, 0, sizeof(params
));
2816 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2817 wpa_s
->current_ssid
, ¶ms
, &mask
);
2821 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
2826 wpa_s
->auth_alg
= params
.auth_alg
;
2827 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
2830 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2833 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2835 struct wpa_connect_work
*cwork
= work
->ctx
;
2836 struct wpa_bss
*bss
= cwork
->bss
;
2837 struct wpa_ssid
*ssid
= cwork
->ssid
;
2838 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2840 int use_crypt
, ret
, i
, bssid_changed
;
2841 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
2842 struct wpa_driver_associate_params params
;
2843 int wep_keys_set
= 0;
2844 int assoc_failed
= 0;
2845 struct wpa_ssid
*old_ssid
;
2846 u8 prev_bssid
[ETH_ALEN
];
2847 #ifdef CONFIG_HT_OVERRIDES
2848 struct ieee80211_ht_capabilities htcaps
;
2849 struct ieee80211_ht_capabilities htcaps_mask
;
2850 #endif /* CONFIG_HT_OVERRIDES */
2851 #ifdef CONFIG_VHT_OVERRIDES
2852 struct ieee80211_vht_capabilities vhtcaps
;
2853 struct ieee80211_vht_capabilities vhtcaps_mask
;
2854 #endif /* CONFIG_VHT_OVERRIDES */
2857 if (work
->started
) {
2858 wpa_s
->connect_work
= NULL
;
2860 /* cancel possible auth. timeout */
2861 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2864 wpas_connect_work_free(cwork
);
2868 wpa_s
->connect_work
= work
;
2870 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2871 wpas_network_disabled(wpa_s
, ssid
)) {
2872 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2873 wpas_connect_work_done(wpa_s
);
2877 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2878 os_memset(¶ms
, 0, sizeof(params
));
2879 wpa_s
->reassociate
= 0;
2880 wpa_s
->eap_expected_failure
= 0;
2882 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2883 #ifdef CONFIG_IEEE80211R
2884 const u8
*ie
, *md
= NULL
;
2885 #endif /* CONFIG_IEEE80211R */
2886 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2887 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2888 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2889 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2890 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2891 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2893 wpas_notify_bssid_changed(wpa_s
);
2894 #ifdef CONFIG_IEEE80211R
2895 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2896 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2898 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2900 /* Prepare for the next transition */
2901 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2903 #endif /* CONFIG_IEEE80211R */
2905 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2906 wpa_s
->conf
->ap_scan
== 2 &&
2907 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2908 /* Use ap_scan==1 style network selection to find the network
2910 wpas_connect_work_done(wpa_s
);
2911 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2912 wpa_s
->reassociate
= 1;
2913 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2915 #endif /* CONFIG_WPS */
2917 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2918 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2920 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2922 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2925 wpa_supplicant_cancel_sched_scan(wpa_s
);
2927 wpa_supplicant_cancel_scan(wpa_s
);
2929 /* Starting new association, so clear the possibly used WPA IE from the
2930 * previous association. */
2931 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2933 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
2935 wpas_connect_work_done(wpa_s
);
2939 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2941 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2942 cipher_group
= wpa_s
->group_cipher
;
2943 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
2944 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2945 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2946 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2948 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2953 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2956 #ifdef IEEE8021X_EAPOL
2957 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2958 if ((ssid
->eapol_flags
&
2959 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2960 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2964 /* Assume that dynamic WEP-104 keys will be used and
2965 * set cipher suites in order for drivers to expect
2967 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2970 #endif /* IEEE8021X_EAPOL */
2972 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2973 /* Set the key before (and later after) association */
2974 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2977 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2979 params
.ssid
= bss
->ssid
;
2980 params
.ssid_len
= bss
->ssid_len
;
2981 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2982 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2983 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2984 MACSTR
" freq=%u MHz based on scan results "
2985 "(bssid_set=%d wps=%d)",
2986 MAC2STR(bss
->bssid
), bss
->freq
,
2988 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2989 params
.bssid
= bss
->bssid
;
2990 params
.freq
.freq
= bss
->freq
;
2992 params
.bssid_hint
= bss
->bssid
;
2993 params
.freq_hint
= bss
->freq
;
2994 params
.pbss
= bss_is_pbss(bss
);
2996 if (ssid
->bssid_hint_set
)
2997 params
.bssid_hint
= ssid
->bssid_hint
;
2999 params
.ssid
= ssid
->ssid
;
3000 params
.ssid_len
= ssid
->ssid_len
;
3001 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3004 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3005 wpa_s
->conf
->ap_scan
== 2) {
3006 params
.bssid
= ssid
->bssid
;
3007 params
.fixed_bssid
= 1;
3010 /* Initial frequency for IBSS/mesh */
3011 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3012 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3013 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3015 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3016 params
.fixed_freq
= ssid
->fixed_freq
;
3017 if (ssid
->beacon_int
)
3018 params
.beacon_int
= ssid
->beacon_int
;
3020 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3023 params
.pairwise_suite
= cipher_pairwise
;
3024 params
.group_suite
= cipher_group
;
3025 params
.mgmt_group_suite
= cipher_group_mgmt
;
3026 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3027 params
.wpa_proto
= wpa_s
->wpa_proto
;
3028 wpa_s
->auth_alg
= params
.auth_alg
;
3029 params
.mode
= ssid
->mode
;
3030 params
.bg_scan_period
= ssid
->bg_scan_period
;
3031 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3032 if (ssid
->wep_key_len
[i
])
3033 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3034 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3036 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3038 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3039 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3040 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3041 params
.passphrase
= ssid
->passphrase
;
3043 params
.psk
= ssid
->psk
;
3046 if (wpa_s
->conf
->key_mgmt_offload
) {
3047 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3048 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3049 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3050 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3051 params
.req_key_mgmt_offload
=
3052 ssid
->proactive_key_caching
< 0 ?
3053 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3055 params
.req_key_mgmt_offload
= 1;
3057 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3058 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3059 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3061 params
.psk
= ssid
->psk
;
3064 params
.drop_unencrypted
= use_crypt
;
3066 #ifdef CONFIG_IEEE80211W
3067 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3068 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3069 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3070 struct wpa_ie_data ie
;
3071 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3073 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3074 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3075 "MFP: require MFP");
3076 params
.mgmt_frame_protection
=
3077 MGMT_FRAME_PROTECTION_REQUIRED
;
3079 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3081 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3082 #endif /* CONFIG_OWE */
3085 #endif /* CONFIG_IEEE80211W */
3087 params
.p2p
= ssid
->p2p_group
;
3089 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3090 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3094 #ifdef CONFIG_HT_OVERRIDES
3095 os_memset(&htcaps
, 0, sizeof(htcaps
));
3096 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3097 params
.htcaps
= (u8
*) &htcaps
;
3098 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3099 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3100 #endif /* CONFIG_HT_OVERRIDES */
3101 #ifdef CONFIG_VHT_OVERRIDES
3102 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3103 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3104 params
.vhtcaps
= &vhtcaps
;
3105 params
.vhtcaps_mask
= &vhtcaps_mask
;
3106 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3107 #endif /* CONFIG_VHT_OVERRIDES */
3111 * If multi-channel concurrency is not supported, check for any
3112 * frequency conflict. In case of any frequency conflict, remove the
3113 * least prioritized connection.
3115 if (wpa_s
->num_multichan_concurrent
< 2) {
3117 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3118 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3119 wpa_printf(MSG_DEBUG
,
3120 "Assoc conflicting freq found (%d != %d)",
3121 freq
, params
.freq
.freq
);
3122 if (wpas_p2p_handle_frequency_conflicts(
3123 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3124 wpas_connect_work_done(wpa_s
);
3130 #endif /* CONFIG_P2P */
3132 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3133 wpa_s
->current_ssid
)
3134 params
.prev_bssid
= prev_bssid
;
3136 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3139 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3141 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3143 * The driver is known to mean what is saying, so we
3144 * can stop right here; the association will not
3147 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3148 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3149 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3152 /* try to continue anyway; new association will be tried again
3157 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3158 /* Set the key after the association just in case association
3159 * cleared the previously configured key. */
3160 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3161 /* No need to timeout authentication since there is no key
3163 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3164 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3165 #ifdef CONFIG_IBSS_RSN
3166 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3167 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3168 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3170 * RSN IBSS authentication is per-STA and we can disable the
3171 * per-BSSID authentication.
3173 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3174 #endif /* CONFIG_IBSS_RSN */
3176 /* Timeout for IEEE 802.11 authentication and association */
3180 /* give IBSS a bit more time */
3181 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3182 } else if (wpa_s
->conf
->ap_scan
== 1) {
3183 /* give IBSS a bit more time */
3184 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3186 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3190 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3191 /* Set static WEP keys again */
3192 wpa_set_wep_keys(wpa_s
, ssid
);
3195 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3197 * Do not allow EAP session resumption between different
3198 * network configurations.
3200 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3202 old_ssid
= wpa_s
->current_ssid
;
3203 wpa_s
->current_ssid
= ssid
;
3205 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3206 wpa_s
->current_bss
= bss
;
3208 hs20_configure_frame_filters(wpa_s
);
3209 #endif /* CONFIG_HS20 */
3212 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3213 wpa_supplicant_initiate_eapol(wpa_s
);
3214 if (old_ssid
!= wpa_s
->current_ssid
)
3215 wpas_notify_network_changed(wpa_s
);
3219 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3222 struct wpa_ssid
*old_ssid
;
3224 wpas_connect_work_done(wpa_s
);
3225 wpa_clear_keys(wpa_s
, addr
);
3226 old_ssid
= wpa_s
->current_ssid
;
3227 wpa_supplicant_mark_disassoc(wpa_s
);
3228 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3229 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3230 if (old_ssid
!= wpa_s
->current_ssid
)
3231 wpas_notify_network_changed(wpa_s
);
3232 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3237 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3238 * @wpa_s: Pointer to wpa_supplicant data
3239 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3241 * This function is used to request %wpa_supplicant to deauthenticate from the
3244 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3248 union wpa_event_data event
;
3251 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3252 " pending_bssid=" MACSTR
" reason=%d state=%s",
3253 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3254 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3256 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3257 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3258 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3259 addr
= wpa_s
->pending_bssid
;
3260 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3261 addr
= wpa_s
->bssid
;
3262 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3264 * When using driver-based BSS selection, we may not know the
3265 * BSSID with which we are currently trying to associate. We
3266 * need to notify the driver of this disconnection even in such
3267 * a case, so use the all zeros address here.
3269 addr
= wpa_s
->bssid
;
3274 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3275 #endif /* CONFIG_TDLS */
3279 struct mesh_conf
*mconf
;
3281 mconf
= wpa_s
->ifmsh
->mconf
;
3282 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3284 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3285 mconf
->meshid_len
, reason_code
);
3286 wpa_supplicant_leave_mesh(wpa_s
);
3288 #endif /* CONFIG_MESH */
3291 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3292 os_memset(&event
, 0, sizeof(event
));
3293 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3294 event
.deauth_info
.locally_generated
= 1;
3295 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3300 wpa_supplicant_clear_connection(wpa_s
, addr
);
3303 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3304 struct wpa_ssid
*ssid
)
3306 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3310 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3311 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3314 * Try to reassociate since there is no current configuration and a new
3315 * network was made available.
3317 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3318 wpa_s
->reassociate
= 1;
3323 * wpa_supplicant_add_network - Add a new network
3324 * @wpa_s: wpa_supplicant structure for a network interface
3325 * Returns: The new network configuration or %NULL if operation failed
3327 * This function performs the following operations:
3328 * 1. Adds a new network.
3329 * 2. Send network addition notification.
3330 * 3. Marks the network disabled.
3331 * 4. Set network default parameters.
3333 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3335 struct wpa_ssid
*ssid
;
3337 ssid
= wpa_config_add_network(wpa_s
->conf
);
3340 wpas_notify_network_added(wpa_s
, ssid
);
3342 wpa_config_set_network_defaults(ssid
);
3349 * wpa_supplicant_remove_network - Remove a configured network based on id
3350 * @wpa_s: wpa_supplicant structure for a network interface
3351 * @id: Unique network id to search for
3352 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3353 * could not be removed
3355 * This function performs the following operations:
3356 * 1. Removes the network.
3357 * 2. Send network removal notification.
3358 * 3. Update internal state machines.
3359 * 4. Stop any running sched scans.
3361 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3363 struct wpa_ssid
*ssid
;
3366 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3369 wpas_notify_network_removed(wpa_s
, ssid
);
3371 if (wpa_s
->last_ssid
== ssid
)
3372 wpa_s
->last_ssid
= NULL
;
3374 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3376 wpa_s
->sme
.prev_bssid_set
= 0;
3377 #endif /* CONFIG_SME */
3379 * Invalidate the EAP session cache if the current or
3380 * previously used network is removed.
3382 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3385 if (ssid
== wpa_s
->current_ssid
) {
3386 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3387 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3389 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3390 wpa_s
->own_disconnect_req
= 1;
3391 wpa_supplicant_deauthenticate(wpa_s
,
3392 WLAN_REASON_DEAUTH_LEAVING
);
3395 was_disabled
= ssid
->disabled
;
3397 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3400 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3401 wpa_printf(MSG_DEBUG
,
3402 "Stop ongoing sched_scan to remove network from filters");
3403 wpa_supplicant_cancel_sched_scan(wpa_s
);
3404 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3412 * wpa_supplicant_enable_network - Mark a configured network as enabled
3413 * @wpa_s: wpa_supplicant structure for a network interface
3414 * @ssid: wpa_ssid structure for a configured network or %NULL
3416 * Enables the specified network or all networks if no network specified.
3418 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3419 struct wpa_ssid
*ssid
)
3422 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3423 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3425 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3427 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3428 (!wpa_s
->current_ssid
||
3429 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3430 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3431 if (wpa_s
->sched_scanning
) {
3432 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3433 "new network to scan filters");
3434 wpa_supplicant_cancel_sched_scan(wpa_s
);
3437 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3438 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3439 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3446 * wpa_supplicant_disable_network - Mark a configured network as disabled
3447 * @wpa_s: wpa_supplicant structure for a network interface
3448 * @ssid: wpa_ssid structure for a configured network or %NULL
3450 * Disables the specified network or all networks if no network specified.
3452 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3453 struct wpa_ssid
*ssid
)
3455 struct wpa_ssid
*other_ssid
;
3459 if (wpa_s
->sched_scanning
)
3460 wpa_supplicant_cancel_sched_scan(wpa_s
);
3462 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3463 other_ssid
= other_ssid
->next
) {
3464 was_disabled
= other_ssid
->disabled
;
3465 if (was_disabled
== 2)
3466 continue; /* do not change persistent P2P group
3469 other_ssid
->disabled
= 1;
3471 if (was_disabled
!= other_ssid
->disabled
)
3472 wpas_notify_network_enabled_changed(
3475 if (wpa_s
->current_ssid
) {
3476 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3477 wpa_s
->own_disconnect_req
= 1;
3478 wpa_supplicant_deauthenticate(
3479 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3481 } else if (ssid
->disabled
!= 2) {
3482 if (ssid
== wpa_s
->current_ssid
) {
3483 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3484 wpa_s
->own_disconnect_req
= 1;
3485 wpa_supplicant_deauthenticate(
3486 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3489 was_disabled
= ssid
->disabled
;
3493 if (was_disabled
!= ssid
->disabled
) {
3494 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3495 if (wpa_s
->sched_scanning
) {
3496 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3497 "to remove network from filters");
3498 wpa_supplicant_cancel_sched_scan(wpa_s
);
3499 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3507 * wpa_supplicant_select_network - Attempt association with a network
3508 * @wpa_s: wpa_supplicant structure for a network interface
3509 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3511 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3512 struct wpa_ssid
*ssid
)
3515 struct wpa_ssid
*other_ssid
;
3516 int disconnected
= 0;
3518 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3519 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3520 wpa_s
->own_disconnect_req
= 1;
3521 wpa_supplicant_deauthenticate(
3522 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3527 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3530 * Mark all other networks disabled or mark all networks enabled if no
3531 * network specified.
3533 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3534 other_ssid
= other_ssid
->next
) {
3535 int was_disabled
= other_ssid
->disabled
;
3536 if (was_disabled
== 2)
3537 continue; /* do not change persistent P2P group data */
3539 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3540 if (was_disabled
&& !other_ssid
->disabled
)
3541 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3543 if (was_disabled
!= other_ssid
->disabled
)
3544 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3547 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3548 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3549 /* We are already associated with the selected network */
3550 wpa_printf(MSG_DEBUG
, "Already associated with the "
3551 "selected network - do nothing");
3556 wpa_s
->current_ssid
= ssid
;
3557 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3558 wpa_s
->connect_without_scan
=
3559 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3562 * Don't optimize next scan freqs since a new ESS has been
3565 os_free(wpa_s
->next_scan_freqs
);
3566 wpa_s
->next_scan_freqs
= NULL
;
3568 wpa_s
->connect_without_scan
= NULL
;
3571 wpa_s
->disconnected
= 0;
3572 wpa_s
->reassociate
= 1;
3573 wpa_s
->last_owe_group
= 0;
3575 if (wpa_s
->connect_without_scan
||
3576 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3577 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3578 wpas_scan_reset_sched_scan(wpa_s
);
3579 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3583 wpas_notify_network_selected(wpa_s
, ssid
);
3588 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3589 * @wpa_s: wpa_supplicant structure for a network interface
3590 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3591 * @pkcs11_module_path: PKCS #11 module path or NULL
3592 * Returns: 0 on success; -1 on failure
3594 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3595 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3596 * module path fails the paths will be reset to the default value (NULL).
3598 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3599 const char *pkcs11_engine_path
,
3600 const char *pkcs11_module_path
)
3602 char *pkcs11_engine_path_copy
= NULL
;
3603 char *pkcs11_module_path_copy
= NULL
;
3605 if (pkcs11_engine_path
!= NULL
) {
3606 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3607 if (pkcs11_engine_path_copy
== NULL
)
3610 if (pkcs11_module_path
!= NULL
) {
3611 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3612 if (pkcs11_module_path_copy
== NULL
) {
3613 os_free(pkcs11_engine_path_copy
);
3618 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3619 os_free(wpa_s
->conf
->pkcs11_module_path
);
3620 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3621 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3623 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3624 eapol_sm_deinit(wpa_s
->eapol
);
3625 wpa_s
->eapol
= NULL
;
3626 if (wpa_supplicant_init_eapol(wpa_s
)) {
3627 /* Error -> Reset paths to the default value (NULL) once. */
3628 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3629 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3634 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3641 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3642 * @wpa_s: wpa_supplicant structure for a network interface
3643 * @ap_scan: AP scan mode
3644 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3647 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3652 if (ap_scan
< 0 || ap_scan
> 2)
3655 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3656 wpa_printf(MSG_INFO
,
3657 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3661 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3662 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3663 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3664 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3665 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3668 #endif /* ANDROID */
3670 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3671 wpa_s
->conf
->ap_scan
= ap_scan
;
3673 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3674 wpas_notify_ap_scan_changed(wpa_s
);
3681 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3682 * @wpa_s: wpa_supplicant structure for a network interface
3683 * @expire_age: Expiration age in seconds
3684 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3687 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3688 unsigned int bss_expire_age
)
3690 if (bss_expire_age
< 10) {
3691 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3695 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3697 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3704 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3705 * @wpa_s: wpa_supplicant structure for a network interface
3706 * @expire_count: number of scans after which an unseen BSS is reclaimed
3707 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3710 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3711 unsigned int bss_expire_count
)
3713 if (bss_expire_count
< 1) {
3714 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3718 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3720 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3727 * wpa_supplicant_set_scan_interval - Set scan interval
3728 * @wpa_s: wpa_supplicant structure for a network interface
3729 * @scan_interval: scan interval in seconds
3730 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3733 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3736 if (scan_interval
< 0) {
3737 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3741 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3743 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3750 * wpa_supplicant_set_debug_params - Set global debug params
3751 * @global: wpa_global structure
3752 * @debug_level: debug level
3753 * @debug_timestamp: determines if show timestamp in debug data
3754 * @debug_show_keys: determines if show keys in debug data
3755 * Returns: 0 if succeed or -1 if debug_level has wrong value
3757 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3758 int debug_timestamp
, int debug_show_keys
)
3761 int old_level
, old_timestamp
, old_show_keys
;
3763 /* check for allowed debuglevels */
3764 if (debug_level
!= MSG_EXCESSIVE
&&
3765 debug_level
!= MSG_MSGDUMP
&&
3766 debug_level
!= MSG_DEBUG
&&
3767 debug_level
!= MSG_INFO
&&
3768 debug_level
!= MSG_WARNING
&&
3769 debug_level
!= MSG_ERROR
)
3772 old_level
= wpa_debug_level
;
3773 old_timestamp
= wpa_debug_timestamp
;
3774 old_show_keys
= wpa_debug_show_keys
;
3776 wpa_debug_level
= debug_level
;
3777 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3778 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3780 if (wpa_debug_level
!= old_level
)
3781 wpas_notify_debug_level_changed(global
);
3782 if (wpa_debug_timestamp
!= old_timestamp
)
3783 wpas_notify_debug_timestamp_changed(global
);
3784 if (wpa_debug_show_keys
!= old_show_keys
)
3785 wpas_notify_debug_show_keys_changed(global
);
3792 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
3793 const u8
*entry_ssid
, size_t entry_ssid_len
)
3795 const u8
*owe
, *pos
, *end
;
3797 struct wpa_bss
*bss
;
3799 /* Check network profile SSID aganst the SSID in the
3800 * OWE Transition Mode element. */
3802 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
3806 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
3811 end
= owe
+ 2 + owe
[1];
3813 if (end
- pos
< ETH_ALEN
+ 1)
3817 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
3820 return entry_ssid_len
== ssid_len
&&
3821 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
3823 #endif /* CONFIG_OWE */
3827 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3828 * @wpa_s: Pointer to wpa_supplicant data
3829 * Returns: A pointer to the current network structure or %NULL on failure
3831 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3833 struct wpa_ssid
*entry
;
3834 u8 ssid
[SSID_MAX_LEN
];
3840 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3842 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3848 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3849 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3854 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3855 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3857 entry
= wpa_s
->conf
->ssid
;
3859 if (!wpas_network_disabled(wpa_s
, entry
) &&
3860 ((ssid_len
== entry
->ssid_len
&&
3861 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3862 (!entry
->bssid_set
||
3863 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3866 if (!wpas_network_disabled(wpa_s
, entry
) &&
3867 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3868 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3869 (!entry
->bssid_set
||
3870 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3872 #endif /* CONFIG_WPS */
3875 if (!wpas_network_disabled(wpa_s
, entry
) &&
3876 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
3878 (!entry
->bssid_set
||
3879 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3881 #endif /* CONFIG_OWE */
3883 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3884 entry
->ssid_len
== 0 &&
3885 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3888 entry
= entry
->next
;
3895 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3897 struct wpa_global
*global
= wpa_s
->global
;
3899 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3900 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3901 if (global
->drv_priv
[i
] == NULL
) {
3902 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3903 "'%s'", wpa_drivers
[i
]->name
);
3908 wpa_s
->driver
= wpa_drivers
[i
];
3909 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3915 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3920 const char *pos
, *driver
= name
;
3925 if (wpa_drivers
[0] == NULL
) {
3926 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3932 /* default to first driver in the list */
3933 return select_driver(wpa_s
, 0);
3937 pos
= os_strchr(driver
, ',');
3941 len
= os_strlen(driver
);
3943 for (i
= 0; wpa_drivers
[i
]; i
++) {
3944 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3945 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3947 /* First driver that succeeds wins */
3948 if (select_driver(wpa_s
, i
) == 0)
3956 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3962 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3963 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3964 * with struct wpa_driver_ops::init()
3965 * @src_addr: Source address of the EAPOL frame
3966 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3967 * @len: Length of the EAPOL data
3969 * This function is called for each received EAPOL frame. Most driver
3970 * interfaces rely on more generic OS mechanism for receiving frames through
3971 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3972 * take care of received EAPOL frames and deliver them to the core supplicant
3973 * code by calling this function.
3975 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3976 const u8
*buf
, size_t len
)
3978 struct wpa_supplicant
*wpa_s
= ctx
;
3980 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3981 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3983 #ifdef CONFIG_TESTING_OPTIONS
3984 if (wpa_s
->ignore_auth_resp
) {
3985 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3988 #endif /* CONFIG_TESTING_OPTIONS */
3990 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3991 (wpa_s
->last_eapol_matches_bssid
&&
3994 #endif /* CONFIG_AP */
3995 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3997 * There is possible race condition between receiving the
3998 * association event and the EAPOL frame since they are coming
3999 * through different paths from the driver. In order to avoid
4000 * issues in trying to process the EAPOL frame before receiving
4001 * association information, lets queue it for processing until
4002 * the association event is received. This may also be needed in
4003 * driver-based roaming case, so also use src_addr != BSSID as a
4004 * trigger if we have previously confirmed that the
4005 * Authenticator uses BSSID as the src_addr (which is not the
4006 * case with wired IEEE 802.1X).
4008 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4009 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4010 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4011 MAC2STR(wpa_s
->bssid
));
4012 wpabuf_free(wpa_s
->pending_eapol_rx
);
4013 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4014 if (wpa_s
->pending_eapol_rx
) {
4015 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4016 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4022 wpa_s
->last_eapol_matches_bssid
=
4023 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4026 if (wpa_s
->ap_iface
) {
4027 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4030 #endif /* CONFIG_AP */
4032 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4033 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4034 "no key management is configured");
4038 if (wpa_s
->eapol_received
== 0 &&
4039 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
4040 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4041 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4042 (wpa_s
->current_ssid
== NULL
||
4043 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
4044 /* Timeout for completing IEEE 802.1X and WPA authentication */
4047 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4048 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4049 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4050 /* Use longer timeout for IEEE 802.1X/EAP */
4055 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4056 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4057 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4059 * Use shorter timeout if going through WPS AP iteration
4060 * for PIN config method with an AP that does not
4061 * advertise Selected Registrar.
4063 struct wpabuf
*wps_ie
;
4065 wps_ie
= wpa_bss_get_vendor_ie_multi(
4066 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4068 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4070 wpabuf_free(wps_ie
);
4072 #endif /* CONFIG_WPS */
4074 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4076 wpa_s
->eapol_received
++;
4078 if (wpa_s
->countermeasures
) {
4079 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4084 #ifdef CONFIG_IBSS_RSN
4085 if (wpa_s
->current_ssid
&&
4086 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4087 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4090 #endif /* CONFIG_IBSS_RSN */
4092 /* Source address of the incoming EAPOL frame could be compared to the
4093 * current BSSID. However, it is possible that a centralized
4094 * Authenticator could be using another MAC address than the BSSID of
4095 * an AP, so just allow any address to be used for now. The replies are
4096 * still sent to the current BSSID (if available), though. */
4098 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4099 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4100 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4101 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4102 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4104 wpa_drv_poll(wpa_s
);
4105 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
4106 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4107 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4109 * Set portValid = TRUE here since we are going to skip 4-way
4110 * handshake processing which would normally set portValid. We
4111 * need this to allow the EAPOL state machines to be completed
4112 * without going through EAPOL-Key handshake.
4114 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4119 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4121 if ((!wpa_s
->p2p_mgmt
||
4122 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4123 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4124 l2_packet_deinit(wpa_s
->l2
);
4125 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4126 wpa_drv_get_mac_addr(wpa_s
),
4128 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4129 if (wpa_s
->l2
== NULL
)
4132 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4133 L2_PACKET_FILTER_PKTTYPE
))
4134 wpa_dbg(wpa_s
, MSG_DEBUG
,
4135 "Failed to attach pkt_type filter");
4137 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4139 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4142 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4143 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4147 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4153 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4154 const u8
*buf
, size_t len
)
4156 struct wpa_supplicant
*wpa_s
= ctx
;
4157 const struct l2_ethhdr
*eth
;
4159 if (len
< sizeof(*eth
))
4161 eth
= (const struct l2_ethhdr
*) buf
;
4163 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4164 !(eth
->h_dest
[0] & 0x01)) {
4165 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4166 " (bridge - not for this interface - ignore)",
4167 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4171 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4172 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4173 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4174 len
- sizeof(*eth
));
4179 * wpa_supplicant_driver_init - Initialize driver interface parameters
4180 * @wpa_s: Pointer to wpa_supplicant data
4181 * Returns: 0 on success, -1 on failure
4183 * This function is called to initialize driver interface parameters.
4184 * wpa_drv_init() must have been called before this function to initialize the
4187 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4189 static int interface_count
= 0;
4191 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4194 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4195 MAC2STR(wpa_s
->own_addr
));
4196 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4197 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4199 if (wpa_s
->bridge_ifname
[0]) {
4200 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4201 "interface '%s'", wpa_s
->bridge_ifname
);
4202 wpa_s
->l2_br
= l2_packet_init_bridge(
4203 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4204 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4205 if (wpa_s
->l2_br
== NULL
) {
4206 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4207 "connection for the bridge interface '%s'",
4208 wpa_s
->bridge_ifname
);
4213 if (wpa_s
->conf
->ap_scan
== 2 &&
4214 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4215 wpa_printf(MSG_INFO
,
4216 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4219 wpa_clear_keys(wpa_s
, NULL
);
4221 /* Make sure that TKIP countermeasures are not left enabled (could
4222 * happen if wpa_supplicant is killed during countermeasures. */
4223 wpa_drv_set_countermeasures(wpa_s
, 0);
4225 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4226 wpa_drv_flush_pmkid(wpa_s
);
4228 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4229 wpa_s
->prev_scan_wildcard
= 0;
4231 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4232 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4233 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4234 interface_count
= 0;
4237 if (!wpa_s
->p2p_mgmt
&&
4238 wpa_supplicant_delayed_sched_scan(wpa_s
,
4239 interface_count
% 3,
4241 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4243 #endif /* ANDROID */
4246 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4252 static int wpa_supplicant_daemon(const char *pid_file
)
4254 wpa_printf(MSG_DEBUG
, "Daemonize..");
4255 return os_daemonize(pid_file
);
4259 static struct wpa_supplicant
*
4260 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4262 struct wpa_supplicant
*wpa_s
;
4264 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4267 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4268 wpa_s
->scan_interval
= 5;
4269 wpa_s
->new_connection
= 1;
4270 wpa_s
->parent
= parent
? parent
: wpa_s
;
4271 wpa_s
->p2pdev
= wpa_s
->parent
;
4272 wpa_s
->sched_scanning
= 0;
4274 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4275 dl_list_init(&wpa_s
->fils_hlp_req
);
4281 #ifdef CONFIG_HT_OVERRIDES
4283 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4284 struct ieee80211_ht_capabilities
*htcaps
,
4285 struct ieee80211_ht_capabilities
*htcaps_mask
,
4288 /* parse ht_mcs into hex array */
4290 const char *tmp
= ht_mcs
;
4293 /* If ht_mcs is null, do not set anything */
4297 /* This is what we are setting in the kernel */
4298 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4300 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4302 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4306 v
= strtol(tmp
, &end
, 16);
4309 wpa_msg(wpa_s
, MSG_DEBUG
,
4310 "htcap value[%i]: %ld end: %p tmp: %p",
4315 htcaps
->supported_mcs_set
[i
] = v
;
4318 wpa_msg(wpa_s
, MSG_ERROR
,
4319 "Failed to parse ht-mcs: %s, error: %s\n",
4320 ht_mcs
, strerror(errno
));
4326 * If we were able to parse any values, then set mask for the MCS set.
4329 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4330 IEEE80211_HT_MCS_MASK_LEN
- 1);
4331 /* skip the 3 reserved bits */
4332 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4340 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4341 struct ieee80211_ht_capabilities
*htcaps
,
4342 struct ieee80211_ht_capabilities
*htcaps_mask
,
4347 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4352 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4353 htcaps_mask
->ht_capabilities_info
|= msk
;
4355 htcaps
->ht_capabilities_info
&= msk
;
4357 htcaps
->ht_capabilities_info
|= msk
;
4363 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4364 struct ieee80211_ht_capabilities
*htcaps
,
4365 struct ieee80211_ht_capabilities
*htcaps_mask
,
4368 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4373 if (factor
< 0 || factor
> 3) {
4374 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4375 "Must be 0-3 or -1", factor
);
4379 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4380 htcaps
->a_mpdu_params
&= ~0x3;
4381 htcaps
->a_mpdu_params
|= factor
& 0x3;
4387 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4388 struct ieee80211_ht_capabilities
*htcaps
,
4389 struct ieee80211_ht_capabilities
*htcaps_mask
,
4392 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4397 if (density
< 0 || density
> 7) {
4398 wpa_msg(wpa_s
, MSG_ERROR
,
4399 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4404 htcaps_mask
->a_mpdu_params
|= 0x1C;
4405 htcaps
->a_mpdu_params
&= ~(0x1C);
4406 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4412 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4413 struct ieee80211_ht_capabilities
*htcaps
,
4414 struct ieee80211_ht_capabilities
*htcaps_mask
,
4417 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4419 set_disable_ht40(htcaps
, disabled
);
4420 set_disable_ht40(htcaps_mask
, 0);
4426 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4427 struct ieee80211_ht_capabilities
*htcaps
,
4428 struct ieee80211_ht_capabilities
*htcaps_mask
,
4431 /* Masking these out disables SGI */
4432 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4433 HT_CAP_INFO_SHORT_GI40MHZ
);
4435 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4438 htcaps
->ht_capabilities_info
&= ~msk
;
4440 htcaps
->ht_capabilities_info
|= msk
;
4442 htcaps_mask
->ht_capabilities_info
|= msk
;
4448 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4449 struct ieee80211_ht_capabilities
*htcaps
,
4450 struct ieee80211_ht_capabilities
*htcaps_mask
,
4453 /* Masking these out disables LDPC */
4454 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4456 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4459 htcaps
->ht_capabilities_info
&= ~msk
;
4461 htcaps
->ht_capabilities_info
|= msk
;
4463 htcaps_mask
->ht_capabilities_info
|= msk
;
4469 void wpa_supplicant_apply_ht_overrides(
4470 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4471 struct wpa_driver_associate_params
*params
)
4473 struct ieee80211_ht_capabilities
*htcaps
;
4474 struct ieee80211_ht_capabilities
*htcaps_mask
;
4479 params
->disable_ht
= ssid
->disable_ht
;
4480 if (!params
->htcaps
|| !params
->htcaps_mask
)
4483 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4484 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4485 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4486 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4487 ssid
->disable_max_amsdu
);
4488 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4489 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4490 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4491 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4492 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4494 if (ssid
->ht40_intolerant
) {
4495 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4496 htcaps
->ht_capabilities_info
|= bit
;
4497 htcaps_mask
->ht_capabilities_info
|= bit
;
4501 #endif /* CONFIG_HT_OVERRIDES */
4504 #ifdef CONFIG_VHT_OVERRIDES
4505 void wpa_supplicant_apply_vht_overrides(
4506 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4507 struct wpa_driver_associate_params
*params
)
4509 struct ieee80211_vht_capabilities
*vhtcaps
;
4510 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4515 params
->disable_vht
= ssid
->disable_vht
;
4517 vhtcaps
= (void *) params
->vhtcaps
;
4518 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4520 if (!vhtcaps
|| !vhtcaps_mask
)
4523 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4524 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4526 #ifdef CONFIG_HT_OVERRIDES
4527 /* if max ampdu is <= 3, we have to make the HT cap the same */
4528 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4531 max_ampdu
= (ssid
->vht_capa
&
4532 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4533 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4535 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4536 wpa_set_ampdu_factor(wpa_s
,
4537 (void *) params
->htcaps
,
4538 (void *) params
->htcaps_mask
,
4541 #endif /* CONFIG_HT_OVERRIDES */
4543 #define OVERRIDE_MCS(i) \
4544 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4545 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4546 host_to_le16(3 << 2 * (i - 1)); \
4547 vhtcaps->vht_supported_mcs_set.tx_map |= \
4548 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4551 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4552 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4553 host_to_le16(3 << 2 * (i - 1)); \
4554 vhtcaps->vht_supported_mcs_set.rx_map |= \
4555 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4568 #endif /* CONFIG_VHT_OVERRIDES */
4571 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4576 if (!wpa_s
->conf
->pcsc_reader
)
4579 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4583 if (wpa_s
->conf
->pcsc_pin
&&
4584 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4585 scard_deinit(wpa_s
->scard
);
4586 wpa_s
->scard
= NULL
;
4587 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4591 len
= sizeof(wpa_s
->imsi
) - 1;
4592 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4593 scard_deinit(wpa_s
->scard
);
4594 wpa_s
->scard
= NULL
;
4595 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4598 wpa_s
->imsi
[len
] = '\0';
4600 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4602 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4603 wpa_s
->imsi
, wpa_s
->mnc_len
);
4605 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4606 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4607 #endif /* PCSC_FUNCS */
4613 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4617 ext_password_deinit(wpa_s
->ext_pw
);
4618 wpa_s
->ext_pw
= NULL
;
4619 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4621 if (!wpa_s
->conf
->ext_password_backend
)
4624 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4627 pos
= os_strchr(val
, ':');
4631 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4633 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4635 if (wpa_s
->ext_pw
== NULL
) {
4636 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4639 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4647 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4649 struct wpa_supplicant
*wpa_s
= ctx
;
4651 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4652 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4656 static void wpas_fst_get_channel_info_cb(void *ctx
,
4657 enum hostapd_hw_mode
*hw_mode
,
4660 struct wpa_supplicant
*wpa_s
= ctx
;
4662 if (wpa_s
->current_bss
) {
4663 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4665 } else if (wpa_s
->hw
.num_modes
) {
4666 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4674 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4676 struct wpa_supplicant
*wpa_s
= ctx
;
4678 *modes
= wpa_s
->hw
.modes
;
4679 return wpa_s
->hw
.num_modes
;
4683 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4685 struct wpa_supplicant
*wpa_s
= ctx
;
4687 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4688 wpa_s
->fst_ies
= fst_ies
;
4692 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4694 struct wpa_supplicant
*wpa_s
= ctx
;
4696 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4697 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4698 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4701 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4702 wpa_s
->own_addr
, wpa_s
->bssid
,
4703 wpabuf_head(data
), wpabuf_len(data
),
4708 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4710 struct wpa_supplicant
*wpa_s
= ctx
;
4712 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4713 return wpa_s
->received_mb_ies
;
4717 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4718 const u8
*buf
, size_t size
)
4720 struct wpa_supplicant
*wpa_s
= ctx
;
4721 struct mb_ies_info info
;
4723 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4725 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4726 wpabuf_free(wpa_s
->received_mb_ies
);
4727 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4732 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4733 struct fst_get_peer_ctx
**get_ctx
,
4736 struct wpa_supplicant
*wpa_s
= ctx
;
4739 if (!is_zero_ether_addr(wpa_s
->bssid
))
4740 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4741 wpa_s
->bssid
: NULL
;
4746 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4747 struct fst_get_peer_ctx
**get_ctx
,
4753 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4754 struct fst_wpa_obj
*iface_obj
)
4756 iface_obj
->ctx
= wpa_s
;
4757 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4758 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4759 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4760 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4761 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4762 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4763 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4764 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4765 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4767 #endif /* CONFIG_FST */
4769 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4770 const struct wpa_driver_capa
*capa
)
4772 struct wowlan_triggers
*triggers
;
4775 if (!wpa_s
->conf
->wowlan_triggers
)
4778 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4780 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4787 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4790 return BAND_2_4_GHZ
;
4797 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4800 unsigned int band
= 0;
4803 /* freqs are specified for the radio work */
4804 for (i
= 0; freqs
[i
]; i
++)
4805 band
|= wpas_freq_to_band(freqs
[i
]);
4808 * freqs are not specified, implies all
4809 * the supported freqs by HW
4811 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4812 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4813 if (wpa_s
->hw
.modes
[i
].mode
==
4814 HOSTAPD_MODE_IEEE80211B
||
4815 wpa_s
->hw
.modes
[i
].mode
==
4816 HOSTAPD_MODE_IEEE80211G
)
4817 band
|= BAND_2_4_GHZ
;
4818 else if (wpa_s
->hw
.modes
[i
].mode
==
4819 HOSTAPD_MODE_IEEE80211A
)
4821 else if (wpa_s
->hw
.modes
[i
].mode
==
4822 HOSTAPD_MODE_IEEE80211AD
)
4823 band
|= BAND_60_GHZ
;
4824 else if (wpa_s
->hw
.modes
[i
].mode
==
4825 HOSTAPD_MODE_IEEE80211ANY
)
4826 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4836 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4839 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4840 struct wpa_radio
*radio
;
4842 while (rn
&& iface
) {
4843 radio
= iface
->radio
;
4844 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4845 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4847 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4851 iface
= iface
->next
;
4854 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4855 wpa_s
->ifname
, rn
? rn
: "N/A");
4856 radio
= os_zalloc(sizeof(*radio
));
4861 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4862 dl_list_init(&radio
->ifaces
);
4863 dl_list_init(&radio
->work
);
4864 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4870 static void radio_work_free(struct wpa_radio_work
*work
)
4872 if (work
->wpa_s
->scan_work
== work
) {
4873 /* This should not really happen. */
4874 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4875 work
->type
, work
, work
->started
);
4876 work
->wpa_s
->scan_work
= NULL
;
4880 if (work
->wpa_s
->p2p_scan_work
== work
) {
4881 /* This should not really happen. */
4882 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4883 work
->type
, work
, work
->started
);
4884 work
->wpa_s
->p2p_scan_work
= NULL
;
4886 #endif /* CONFIG_P2P */
4888 if (work
->started
) {
4889 work
->wpa_s
->radio
->num_active_works
--;
4890 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4891 "radio_work_free('%s'@%p): num_active_works --> %u",
4893 work
->wpa_s
->radio
->num_active_works
);
4896 dl_list_del(&work
->list
);
4901 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4903 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4904 os_strcmp(work
->type
, "connect") == 0;
4908 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4910 return os_strcmp(work
->type
, "scan") == 0 ||
4911 os_strcmp(work
->type
, "p2p-scan") == 0;
4915 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4917 struct wpa_radio_work
*active_work
= NULL
;
4918 struct wpa_radio_work
*tmp
;
4920 /* Get the active work to know the type and band. */
4921 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4929 /* No active work, start one */
4930 radio
->num_active_works
= 0;
4931 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4933 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4934 radio
->external_scan_running
&&
4935 (((struct wpa_driver_scan_params
*)
4936 tmp
->ctx
)->only_new_results
||
4937 tmp
->wpa_s
->clear_driver_scan_cache
))
4944 if (radio_work_is_connect(active_work
)) {
4946 * If the active work is either connect or sme-connect,
4947 * do not parallelize them with other radio works.
4949 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4950 "Do not parallelize radio work with %s",
4955 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4960 * If connect or sme-connect are enqueued, parallelize only
4961 * those operations ahead of them in the queue.
4963 if (radio_work_is_connect(tmp
))
4966 /* Serialize parallel scan and p2p_scan operations on the same
4967 * interface since the driver_nl80211 mechanism for tracking
4968 * scan cookies does not yet have support for this. */
4969 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4970 radio_work_is_scan(active_work
) &&
4971 radio_work_is_scan(tmp
)) {
4972 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4973 "Do not start work '%s' when another work '%s' is already scheduled",
4974 tmp
->type
, active_work
->type
);
4978 * Check that the radio works are distinct and
4979 * on different bands.
4981 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4982 (active_work
->bands
!= tmp
->bands
)) {
4984 * If a scan has to be scheduled through nl80211 scan
4985 * interface and if an external scan is already running,
4986 * do not schedule the scan since it is likely to get
4987 * rejected by kernel.
4989 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4990 radio
->external_scan_running
&&
4991 (((struct wpa_driver_scan_params
*)
4992 tmp
->ctx
)->only_new_results
||
4993 tmp
->wpa_s
->clear_driver_scan_cache
))
4996 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4997 "active_work:%s new_work:%s",
4998 active_work
->type
, tmp
->type
);
5003 /* Did not find a radio work to schedule in parallel. */
5008 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5010 struct wpa_radio
*radio
= eloop_ctx
;
5011 struct wpa_radio_work
*work
;
5012 struct os_reltime now
, diff
;
5013 struct wpa_supplicant
*wpa_s
;
5015 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5017 radio
->num_active_works
= 0;
5021 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5025 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5027 return; /* already started and still in progress */
5029 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5030 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5035 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5036 /* get the work to schedule next */
5037 work
= radio_work_get_next_work(radio
);
5043 wpa_s
= work
->wpa_s
;
5044 os_get_reltime(&now
);
5045 os_reltime_sub(&now
, &work
->time
, &diff
);
5046 wpa_dbg(wpa_s
, MSG_DEBUG
,
5047 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5048 work
->type
, work
, diff
.sec
, diff
.usec
);
5051 radio
->num_active_works
++;
5055 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5056 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5057 radio_work_check_next(wpa_s
);
5062 * This function removes both started and pending radio works running on
5063 * the provided interface's radio.
5064 * Prior to the removal of the radio work, its callback (cb) is called with
5065 * deinit set to be 1. Each work's callback is responsible for clearing its
5066 * internal data and restoring to a correct state.
5067 * @wpa_s: wpa_supplicant data
5068 * @type: type of works to be removed
5069 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5070 * this interface's works.
5072 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5073 const char *type
, int remove_all
)
5075 struct wpa_radio_work
*work
, *tmp
;
5076 struct wpa_radio
*radio
= wpa_s
->radio
;
5078 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5080 if (type
&& os_strcmp(type
, work
->type
) != 0)
5083 /* skip other ifaces' works */
5084 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5087 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5088 work
->type
, work
, work
->started
? " (started)" : "");
5090 radio_work_free(work
);
5093 /* in case we removed the started work */
5094 radio_work_check_next(wpa_s
);
5098 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5100 struct wpa_radio_work
*work
;
5101 struct wpa_radio
*radio
= wpa_s
->radio
;
5103 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5104 if (work
->ctx
!= ctx
)
5106 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5107 work
->type
, work
, work
->started
? " (started)" : "");
5108 radio_work_free(work
);
5114 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5116 struct wpa_radio
*radio
= wpa_s
->radio
;
5121 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5122 wpa_s
->ifname
, radio
->name
);
5123 dl_list_del(&wpa_s
->radio_list
);
5124 radio_remove_works(wpa_s
, NULL
, 0);
5125 wpa_s
->radio
= NULL
;
5126 if (!dl_list_empty(&radio
->ifaces
))
5127 return; /* Interfaces remain for this radio */
5129 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5130 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5135 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5137 struct wpa_radio
*radio
= wpa_s
->radio
;
5139 if (dl_list_empty(&radio
->work
))
5141 if (wpa_s
->ext_work_in_progress
) {
5142 wpa_printf(MSG_DEBUG
,
5143 "External radio work in progress - delay start of pending item");
5146 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5147 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5152 * radio_add_work - Add a radio work item
5153 * @wpa_s: Pointer to wpa_supplicant data
5154 * @freq: Frequency of the offchannel operation in MHz or 0
5155 * @type: Unique identifier for each type of work
5156 * @next: Force as the next work to be executed
5157 * @cb: Callback function for indicating when radio is available
5158 * @ctx: Context pointer for the work (work->ctx in cb())
5159 * Returns: 0 on success, -1 on failure
5161 * This function is used to request time for an operation that requires
5162 * exclusive radio control. Once the radio is available, the registered callback
5163 * function will be called. radio_work_done() must be called once the exclusive
5164 * radio operation has been completed, so that the radio is freed for other
5165 * operations. The special case of deinit=1 is used to free the context data
5166 * during interface removal. That does not allow the callback function to start
5167 * the radio operation, i.e., it must free any resources allocated for the radio
5170 * The @freq parameter can be used to indicate a single channel on which the
5171 * offchannel operation will occur. This may allow multiple radio work
5172 * operations to be performed in parallel if they apply for the same channel.
5173 * Setting this to 0 indicates that the work item may use multiple channels or
5174 * requires exclusive control of the radio.
5176 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5177 const char *type
, int next
,
5178 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5181 struct wpa_radio
*radio
= wpa_s
->radio
;
5182 struct wpa_radio_work
*work
;
5185 work
= os_zalloc(sizeof(*work
));
5188 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5189 os_get_reltime(&work
->time
);
5192 work
->wpa_s
= wpa_s
;
5197 work
->bands
= wpas_freq_to_band(freq
);
5198 else if (os_strcmp(type
, "scan") == 0 ||
5199 os_strcmp(type
, "p2p-scan") == 0)
5200 work
->bands
= wpas_get_bands(wpa_s
,
5201 ((struct wpa_driver_scan_params
*)
5204 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5206 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5208 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5210 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5212 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5213 radio_work_check_next(wpa_s
);
5214 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5215 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5216 wpa_dbg(wpa_s
, MSG_DEBUG
,
5217 "Try to schedule a radio work (num_active_works=%u)",
5218 radio
->num_active_works
);
5219 radio_work_check_next(wpa_s
);
5227 * radio_work_done - Indicate that a radio work item has been completed
5228 * @work: Completed work
5230 * This function is called once the callback function registered with
5231 * radio_add_work() has completed its work.
5233 void radio_work_done(struct wpa_radio_work
*work
)
5235 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5236 struct os_reltime now
, diff
;
5237 unsigned int started
= work
->started
;
5239 os_get_reltime(&now
);
5240 os_reltime_sub(&now
, &work
->time
, &diff
);
5241 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5242 work
->type
, work
, started
? "done" : "canceled",
5243 diff
.sec
, diff
.usec
);
5244 radio_work_free(work
);
5246 radio_work_check_next(wpa_s
);
5250 struct wpa_radio_work
*
5251 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5253 struct wpa_radio_work
*work
;
5254 struct wpa_radio
*radio
= wpa_s
->radio
;
5256 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5257 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5265 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5266 const struct wpa_interface
*iface
)
5268 const char *ifname
, *driver
, *rn
;
5270 driver
= iface
->driver
;
5272 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5275 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5276 if (wpa_s
->drv_priv
== NULL
) {
5278 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5280 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5281 "driver interface - try next driver wrapper");
5285 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5289 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5290 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5291 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5295 ifname
= wpa_drv_get_ifname(wpa_s
);
5296 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5297 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5298 "interface name with '%s'", ifname
);
5299 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5302 rn
= wpa_driver_get_radio_name(wpa_s
);
5303 if (rn
&& rn
[0] == '\0')
5306 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5307 if (wpa_s
->radio
== NULL
)
5314 #ifdef CONFIG_GAS_SERVER
5316 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5317 unsigned int freq
, const u8
*dst
,
5318 const u8
*src
, const u8
*bssid
,
5319 const u8
*data
, size_t data_len
,
5320 enum offchannel_send_action_result result
)
5322 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5325 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5326 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5328 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5329 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5333 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5334 struct wpabuf
*buf
, unsigned int wait_time
)
5336 struct wpa_supplicant
*wpa_s
= ctx
;
5337 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5339 if (wait_time
> wpa_s
->max_remain_on_chan
)
5340 wait_time
= wpa_s
->max_remain_on_chan
;
5342 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5343 wpabuf_head(buf
), wpabuf_len(buf
),
5344 wait_time
, wpas_gas_server_tx_status
, 0);
5347 #endif /* CONFIG_GAS_SERVER */
5349 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5350 const struct wpa_interface
*iface
)
5352 struct wpa_driver_capa capa
;
5356 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5357 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5358 iface
->confname
? iface
->confname
: "N/A",
5359 iface
->driver
? iface
->driver
: "default",
5360 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5361 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5363 if (iface
->confname
) {
5364 #ifdef CONFIG_BACKEND_FILE
5365 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5366 if (wpa_s
->confname
== NULL
) {
5367 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5368 "for configuration file '%s'.",
5372 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5373 iface
->confname
, wpa_s
->confname
);
5374 #else /* CONFIG_BACKEND_FILE */
5375 wpa_s
->confname
= os_strdup(iface
->confname
);
5376 #endif /* CONFIG_BACKEND_FILE */
5377 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5378 if (wpa_s
->conf
== NULL
) {
5379 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5380 "configuration '%s'.", wpa_s
->confname
);
5383 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5384 if (wpa_s
->confanother
&&
5385 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5386 wpa_printf(MSG_ERROR
,
5387 "Failed to read or parse configuration '%s'.",
5388 wpa_s
->confanother
);
5393 * Override ctrl_interface and driver_param if set on command
5396 if (iface
->ctrl_interface
) {
5397 os_free(wpa_s
->conf
->ctrl_interface
);
5398 wpa_s
->conf
->ctrl_interface
=
5399 os_strdup(iface
->ctrl_interface
);
5402 if (iface
->driver_param
) {
5403 os_free(wpa_s
->conf
->driver_param
);
5404 wpa_s
->conf
->driver_param
=
5405 os_strdup(iface
->driver_param
);
5408 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5409 os_free(wpa_s
->conf
->ctrl_interface
);
5410 wpa_s
->conf
->ctrl_interface
= NULL
;
5413 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5414 iface
->driver_param
);
5416 if (wpa_s
->conf
== NULL
) {
5417 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5421 if (iface
->ifname
== NULL
) {
5422 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5425 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5426 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5430 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5432 if (iface
->bridge_ifname
) {
5433 if (os_strlen(iface
->bridge_ifname
) >=
5434 sizeof(wpa_s
->bridge_ifname
)) {
5435 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5436 "name '%s'.", iface
->bridge_ifname
);
5439 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5440 sizeof(wpa_s
->bridge_ifname
));
5443 /* RSNA Supplicant Key Management - INITIALIZE */
5444 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5445 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5447 /* Initialize driver interface and register driver event handler before
5448 * L2 receive handler so that association events are processed before
5449 * EAPOL-Key packets if both become available for the same select()
5451 if (wpas_init_driver(wpa_s
, iface
) < 0)
5454 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5457 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5458 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5460 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5462 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5463 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5464 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5465 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5466 "dot11RSNAConfigPMKLifetime");
5470 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5471 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5472 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5473 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5474 "dot11RSNAConfigPMKReauthThreshold");
5478 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5479 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5480 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5481 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5482 "dot11RSNAConfigSATimeout");
5486 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5487 &wpa_s
->hw
.num_modes
,
5490 if (wpa_s
->hw
.modes
) {
5493 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5494 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5495 wpa_s
->hw_capab
= CAPAB_VHT
;
5499 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5500 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5501 wpa_s
->hw_capab
= CAPAB_HT40
;
5502 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5503 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5504 wpa_s
->hw_capab
= CAPAB_HT
;
5508 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5509 if (capa_res
== 0) {
5510 wpa_s
->drv_capa_known
= 1;
5511 wpa_s
->drv_flags
= capa
.flags
;
5512 wpa_s
->drv_enc
= capa
.enc
;
5513 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5514 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5515 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5516 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5517 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5518 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5519 wpa_s
->max_sched_scan_plan_interval
=
5520 capa
.max_sched_scan_plan_interval
;
5521 wpa_s
->max_sched_scan_plan_iterations
=
5522 capa
.max_sched_scan_plan_iterations
;
5523 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5524 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5525 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5526 wpa_s
->max_stations
= capa
.max_stations
;
5527 wpa_s
->extended_capa
= capa
.extended_capa
;
5528 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5529 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5530 wpa_s
->num_multichan_concurrent
=
5531 capa
.num_multichan_concurrent
;
5532 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5534 if (capa
.mac_addr_rand_scan_supported
)
5535 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5536 if (wpa_s
->sched_scan_supported
&&
5537 capa
.mac_addr_rand_sched_scan_supported
)
5538 wpa_s
->mac_addr_rand_supported
|=
5539 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5541 if (wpa_s
->max_remain_on_chan
== 0)
5542 wpa_s
->max_remain_on_chan
= 1000;
5545 * Only take p2p_mgmt parameters when P2P Device is supported.
5546 * Doing it here as it determines whether l2_packet_init() will be done
5547 * during wpa_supplicant_driver_init().
5549 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5550 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5552 if (wpa_s
->num_multichan_concurrent
== 0)
5553 wpa_s
->num_multichan_concurrent
= 1;
5555 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5559 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5561 #endif /* CONFIG_TDLS */
5563 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5564 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5565 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5570 if (wpa_s
->conf
->fst_group_id
) {
5571 struct fst_iface_cfg cfg
;
5572 struct fst_wpa_obj iface_obj
;
5574 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5575 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5576 sizeof(cfg
.group_id
));
5577 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5578 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5580 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5583 wpa_msg(wpa_s
, MSG_ERROR
,
5584 "FST: Cannot attach iface %s to group %s",
5585 wpa_s
->ifname
, cfg
.group_id
);
5589 #endif /* CONFIG_FST */
5591 if (wpas_wps_init(wpa_s
))
5594 #ifdef CONFIG_GAS_SERVER
5595 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5596 if (!wpa_s
->gas_server
) {
5597 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5600 #endif /* CONFIG_GAS_SERVER */
5603 if (wpas_dpp_init(wpa_s
) < 0)
5605 #endif /* CONFIG_DPP */
5607 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5609 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5611 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5612 if (wpa_s
->ctrl_iface
== NULL
) {
5613 wpa_printf(MSG_ERROR
,
5614 "Failed to initialize control interface '%s'.\n"
5615 "You may have another wpa_supplicant process "
5616 "already running or the file was\n"
5617 "left by an unclean termination of wpa_supplicant "
5618 "in which case you will need\n"
5619 "to manually remove this file before starting "
5620 "wpa_supplicant again.\n",
5621 wpa_s
->conf
->ctrl_interface
);
5625 wpa_s
->gas
= gas_query_init(wpa_s
);
5626 if (wpa_s
->gas
== NULL
) {
5627 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5631 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5633 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5634 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5638 if (wpa_bss_init(wpa_s
) < 0)
5641 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5643 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5644 #endif /* CONFIG_MESH */
5645 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5648 * Set Wake-on-WLAN triggers, if configured.
5649 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5650 * have effect anyway when the interface is down).
5652 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5655 #ifdef CONFIG_EAP_PROXY
5658 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5660 if (wpa_s
->mnc_len
> 0) {
5661 wpa_s
->imsi
[len
] = '\0';
5662 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5663 wpa_s
->imsi
, wpa_s
->mnc_len
);
5665 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5668 #endif /* CONFIG_EAP_PROXY */
5670 if (pcsc_reader_init(wpa_s
) < 0)
5673 if (wpas_init_ext_pw(wpa_s
) < 0)
5676 wpas_rrm_reset(wpa_s
);
5678 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5682 #endif /* CONFIG_HS20 */
5684 if (wpa_s
->conf
->oce
) {
5685 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5686 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5687 wpa_s
->enable_oce
= OCE_STA
;
5688 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5689 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5690 /* TODO: Need to add STA-CFON support */
5691 wpa_printf(MSG_ERROR
,
5692 "OCE STA-CFON feature is not yet supported");
5695 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5696 #endif /* CONFIG_MBO */
5698 wpa_supplicant_set_default_scan_ies(wpa_s
);
5704 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5705 int notify
, int terminate
)
5707 struct wpa_global
*global
= wpa_s
->global
;
5708 struct wpa_supplicant
*iface
, *prev
;
5710 if (wpa_s
== wpa_s
->parent
)
5711 wpas_p2p_group_remove(wpa_s
, "*");
5713 iface
= global
->ifaces
;
5715 if (iface
->p2pdev
== wpa_s
)
5716 iface
->p2pdev
= iface
->parent
;
5717 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5718 iface
= iface
->next
;
5721 wpa_printf(MSG_DEBUG
,
5722 "Remove remaining child interface %s from parent %s",
5723 iface
->ifname
, wpa_s
->ifname
);
5725 iface
= iface
->next
;
5726 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5729 wpa_s
->disconnected
= 1;
5730 if (wpa_s
->drv_priv
) {
5731 wpa_supplicant_deauthenticate(wpa_s
,
5732 WLAN_REASON_DEAUTH_LEAVING
);
5734 wpa_drv_set_countermeasures(wpa_s
, 0);
5735 wpa_clear_keys(wpa_s
, NULL
);
5738 wpa_supplicant_cleanup(wpa_s
);
5739 wpas_p2p_deinit_iface(wpa_s
);
5741 wpas_ctrl_radio_work_flush(wpa_s
);
5742 radio_remove_interface(wpa_s
);
5746 fst_detach(wpa_s
->fst
);
5749 if (wpa_s
->received_mb_ies
) {
5750 wpabuf_free(wpa_s
->received_mb_ies
);
5751 wpa_s
->received_mb_ies
= NULL
;
5753 #endif /* CONFIG_FST */
5755 if (wpa_s
->drv_priv
)
5756 wpa_drv_deinit(wpa_s
);
5759 wpas_notify_iface_removed(wpa_s
);
5762 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5764 if (wpa_s
->ctrl_iface
) {
5765 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5766 wpa_s
->ctrl_iface
= NULL
;
5771 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5772 wpa_s
->ifmsh
= NULL
;
5774 #endif /* CONFIG_MESH */
5776 if (wpa_s
->conf
!= NULL
) {
5777 wpa_config_free(wpa_s
->conf
);
5781 os_free(wpa_s
->ssids_from_scan_req
);
5787 #ifdef CONFIG_MATCH_IFACE
5790 * wpa_supplicant_match_iface - Match an interface description to a name
5791 * @global: Pointer to global data from wpa_supplicant_init()
5792 * @ifname: Name of the interface to match
5793 * Returns: Pointer to the created interface description or %NULL on failure
5795 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5799 struct wpa_interface
*iface
, *miface
;
5801 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5802 miface
= &global
->params
.match_ifaces
[i
];
5803 if (!miface
->ifname
||
5804 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5805 iface
= os_zalloc(sizeof(*iface
));
5809 iface
->ifname
= ifname
;
5819 * wpa_supplicant_match_existing - Match existing interfaces
5820 * @global: Pointer to global data from wpa_supplicant_init()
5821 * Returns: 0 on success, -1 on failure
5823 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5825 struct if_nameindex
*ifi
, *ifp
;
5826 struct wpa_supplicant
*wpa_s
;
5827 struct wpa_interface
*iface
;
5829 ifp
= if_nameindex();
5831 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5835 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5836 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5839 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5841 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5848 if_freenameindex(ifp
);
5852 #endif /* CONFIG_MATCH_IFACE */
5856 * wpa_supplicant_add_iface - Add a new network interface
5857 * @global: Pointer to global data from wpa_supplicant_init()
5858 * @iface: Interface configuration options
5859 * @parent: Parent interface or %NULL to assign new interface as parent
5860 * Returns: Pointer to the created interface or %NULL on failure
5862 * This function is used to add new network interfaces for %wpa_supplicant.
5863 * This can be called before wpa_supplicant_run() to add interfaces before the
5864 * main event loop has been started. In addition, new interfaces can be added
5865 * dynamically while %wpa_supplicant is already running. This could happen,
5866 * e.g., when a hotplug network adapter is inserted.
5868 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5869 struct wpa_interface
*iface
,
5870 struct wpa_supplicant
*parent
)
5872 struct wpa_supplicant
*wpa_s
;
5873 struct wpa_interface t_iface
;
5874 struct wpa_ssid
*ssid
;
5876 if (global
== NULL
|| iface
== NULL
)
5879 wpa_s
= wpa_supplicant_alloc(parent
);
5883 wpa_s
->global
= global
;
5886 if (global
->params
.override_driver
) {
5887 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5889 iface
->driver
, global
->params
.override_driver
);
5890 t_iface
.driver
= global
->params
.override_driver
;
5892 if (global
->params
.override_ctrl_interface
) {
5893 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5894 "ctrl_interface ('%s' -> '%s')",
5895 iface
->ctrl_interface
,
5896 global
->params
.override_ctrl_interface
);
5897 t_iface
.ctrl_interface
=
5898 global
->params
.override_ctrl_interface
;
5900 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5901 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5903 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5907 if (iface
->p2p_mgmt
== 0) {
5908 /* Notify the control interfaces about new iface */
5909 if (wpas_notify_iface_added(wpa_s
)) {
5910 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5914 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5915 wpas_notify_network_added(wpa_s
, ssid
);
5918 wpa_s
->next
= global
->ifaces
;
5919 global
->ifaces
= wpa_s
;
5921 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5922 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5925 if (wpa_s
->global
->p2p
== NULL
&&
5926 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5927 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5928 wpas_p2p_add_p2pdev_interface(
5929 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5930 wpa_printf(MSG_INFO
,
5931 "P2P: Failed to enable P2P Device interface");
5932 /* Try to continue without. P2P will be disabled. */
5934 #endif /* CONFIG_P2P */
5941 * wpa_supplicant_remove_iface - Remove a network interface
5942 * @global: Pointer to global data from wpa_supplicant_init()
5943 * @wpa_s: Pointer to the network interface to be removed
5944 * Returns: 0 if interface was removed, -1 if interface was not found
5946 * This function can be used to dynamically remove network interfaces from
5947 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5948 * addition, this function is used to remove all remaining interfaces when
5949 * %wpa_supplicant is terminated.
5951 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5952 struct wpa_supplicant
*wpa_s
,
5955 struct wpa_supplicant
*prev
;
5957 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5958 char *ifname
= NULL
;
5959 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5960 #endif /* CONFIG_MESH */
5962 /* Remove interface from the global list of interfaces */
5963 prev
= global
->ifaces
;
5964 if (prev
== wpa_s
) {
5965 global
->ifaces
= wpa_s
->next
;
5967 while (prev
&& prev
->next
!= wpa_s
)
5971 prev
->next
= wpa_s
->next
;
5974 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5977 if (mesh_if_created
) {
5978 ifname
= os_strdup(wpa_s
->ifname
);
5979 if (ifname
== NULL
) {
5980 wpa_dbg(wpa_s
, MSG_ERROR
,
5981 "mesh: Failed to malloc ifname");
5985 #endif /* CONFIG_MESH */
5987 if (global
->p2p_group_formation
== wpa_s
)
5988 global
->p2p_group_formation
= NULL
;
5989 if (global
->p2p_invite_group
== wpa_s
)
5990 global
->p2p_invite_group
= NULL
;
5991 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5994 if (mesh_if_created
) {
5995 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5998 #endif /* CONFIG_MESH */
6005 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6006 * @wpa_s: Pointer to the network interface
6007 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6009 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6011 const char *eapol_method
;
6013 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6014 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6018 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6019 if (eapol_method
== NULL
)
6020 return "UNKNOWN-EAP";
6022 return eapol_method
;
6027 * wpa_supplicant_get_iface - Get a new network interface
6028 * @global: Pointer to global data from wpa_supplicant_init()
6029 * @ifname: Interface name
6030 * Returns: Pointer to the interface or %NULL if not found
6032 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6035 struct wpa_supplicant
*wpa_s
;
6037 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6038 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6045 #ifndef CONFIG_NO_WPA_MSG
6046 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6048 struct wpa_supplicant
*wpa_s
= ctx
;
6051 return wpa_s
->ifname
;
6053 #endif /* CONFIG_NO_WPA_MSG */
6056 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6057 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6058 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6060 /* Periodic cleanup tasks */
6061 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6063 struct wpa_global
*global
= eloop_ctx
;
6064 struct wpa_supplicant
*wpa_s
;
6066 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6067 wpas_periodic
, global
, NULL
);
6071 p2p_expire_peers(global
->p2p
);
6072 #endif /* CONFIG_P2P */
6074 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6075 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6078 #endif /* CONFIG_AP */
6084 * wpa_supplicant_init - Initialize %wpa_supplicant
6085 * @params: Parameters for %wpa_supplicant
6086 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6088 * This function is used to initialize %wpa_supplicant. After successful
6089 * initialization, the returned data pointer can be used to add and remove
6090 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6092 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6094 struct wpa_global
*global
;
6100 #ifdef CONFIG_DRIVER_NDIS
6102 void driver_ndis_init_ops(void);
6103 driver_ndis_init_ops();
6105 #endif /* CONFIG_DRIVER_NDIS */
6107 #ifndef CONFIG_NO_WPA_MSG
6108 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6109 #endif /* CONFIG_NO_WPA_MSG */
6111 if (params
->wpa_debug_file_path
)
6112 wpa_debug_open_file(params
->wpa_debug_file_path
);
6114 wpa_debug_setup_stdout();
6115 if (params
->wpa_debug_syslog
)
6116 wpa_debug_open_syslog();
6117 if (params
->wpa_debug_tracing
) {
6118 ret
= wpa_debug_open_linux_tracing();
6120 wpa_printf(MSG_ERROR
,
6121 "Failed to enable trace logging");
6126 ret
= eap_register_methods();
6128 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6130 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6131 "the same EAP type.");
6135 global
= os_zalloc(sizeof(*global
));
6138 dl_list_init(&global
->p2p_srv_bonjour
);
6139 dl_list_init(&global
->p2p_srv_upnp
);
6140 global
->params
.daemonize
= params
->daemonize
;
6141 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6142 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6143 if (params
->pid_file
)
6144 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6145 if (params
->ctrl_interface
)
6146 global
->params
.ctrl_interface
=
6147 os_strdup(params
->ctrl_interface
);
6148 if (params
->ctrl_interface_group
)
6149 global
->params
.ctrl_interface_group
=
6150 os_strdup(params
->ctrl_interface_group
);
6151 if (params
->override_driver
)
6152 global
->params
.override_driver
=
6153 os_strdup(params
->override_driver
);
6154 if (params
->override_ctrl_interface
)
6155 global
->params
.override_ctrl_interface
=
6156 os_strdup(params
->override_ctrl_interface
);
6157 #ifdef CONFIG_MATCH_IFACE
6158 global
->params
.match_iface_count
= params
->match_iface_count
;
6159 if (params
->match_iface_count
) {
6160 global
->params
.match_ifaces
=
6161 os_calloc(params
->match_iface_count
,
6162 sizeof(struct wpa_interface
));
6163 os_memcpy(global
->params
.match_ifaces
,
6164 params
->match_ifaces
,
6165 params
->match_iface_count
*
6166 sizeof(struct wpa_interface
));
6168 #endif /* CONFIG_MATCH_IFACE */
6170 if (params
->conf_p2p_dev
)
6171 global
->params
.conf_p2p_dev
=
6172 os_strdup(params
->conf_p2p_dev
);
6173 #endif /* CONFIG_P2P */
6174 wpa_debug_level
= global
->params
.wpa_debug_level
=
6175 params
->wpa_debug_level
;
6176 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6177 params
->wpa_debug_show_keys
;
6178 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6179 params
->wpa_debug_timestamp
;
6181 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6184 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6185 wpa_supplicant_deinit(global
);
6189 random_init(params
->entropy_file
);
6191 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6192 if (global
->ctrl_iface
== NULL
) {
6193 wpa_supplicant_deinit(global
);
6197 if (wpas_notify_supplicant_initialized(global
)) {
6198 wpa_supplicant_deinit(global
);
6202 for (i
= 0; wpa_drivers
[i
]; i
++)
6203 global
->drv_count
++;
6204 if (global
->drv_count
== 0) {
6205 wpa_printf(MSG_ERROR
, "No drivers enabled");
6206 wpa_supplicant_deinit(global
);
6209 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6210 if (global
->drv_priv
== NULL
) {
6211 wpa_supplicant_deinit(global
);
6215 #ifdef CONFIG_WIFI_DISPLAY
6216 if (wifi_display_init(global
) < 0) {
6217 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6218 wpa_supplicant_deinit(global
);
6221 #endif /* CONFIG_WIFI_DISPLAY */
6223 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6224 wpas_periodic
, global
, NULL
);
6231 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6232 * @global: Pointer to global data from wpa_supplicant_init()
6233 * Returns: 0 after successful event loop run, -1 on failure
6235 * This function starts the main event loop and continues running as long as
6236 * there are any remaining events. In most cases, this function is running as
6237 * long as the %wpa_supplicant process in still in use.
6239 int wpa_supplicant_run(struct wpa_global
*global
)
6241 struct wpa_supplicant
*wpa_s
;
6243 if (global
->params
.daemonize
&&
6244 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6245 eloop_sock_requeue()))
6248 #ifdef CONFIG_MATCH_IFACE
6249 if (wpa_supplicant_match_existing(global
))
6253 if (global
->params
.wait_for_monitor
) {
6254 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6255 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6256 wpa_supplicant_ctrl_iface_wait(
6260 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6261 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6270 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6271 * @global: Pointer to global data from wpa_supplicant_init()
6273 * This function is called to deinitialize %wpa_supplicant and to free all
6274 * allocated resources. Remaining network interfaces will also be removed.
6276 void wpa_supplicant_deinit(struct wpa_global
*global
)
6283 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6285 #ifdef CONFIG_WIFI_DISPLAY
6286 wifi_display_deinit(global
);
6287 #endif /* CONFIG_WIFI_DISPLAY */
6289 while (global
->ifaces
)
6290 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6292 if (global
->ctrl_iface
)
6293 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6295 wpas_notify_supplicant_deinitialized(global
);
6297 eap_peer_unregister_methods();
6299 eap_server_unregister_methods();
6300 #endif /* CONFIG_AP */
6302 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6303 if (!global
->drv_priv
[i
])
6305 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6307 os_free(global
->drv_priv
);
6313 if (global
->params
.pid_file
) {
6314 os_daemonize_terminate(global
->params
.pid_file
);
6315 os_free(global
->params
.pid_file
);
6317 os_free(global
->params
.ctrl_interface
);
6318 os_free(global
->params
.ctrl_interface_group
);
6319 os_free(global
->params
.override_driver
);
6320 os_free(global
->params
.override_ctrl_interface
);
6321 #ifdef CONFIG_MATCH_IFACE
6322 os_free(global
->params
.match_ifaces
);
6323 #endif /* CONFIG_MATCH_IFACE */
6325 os_free(global
->params
.conf_p2p_dev
);
6326 #endif /* CONFIG_P2P */
6328 os_free(global
->p2p_disallow_freq
.range
);
6329 os_free(global
->p2p_go_avoid_freq
.range
);
6330 os_free(global
->add_psk
);
6333 wpa_debug_close_syslog();
6334 wpa_debug_close_file();
6335 wpa_debug_close_linux_tracing();
6339 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6341 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6342 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6344 country
[0] = wpa_s
->conf
->country
[0];
6345 country
[1] = wpa_s
->conf
->country
[1];
6347 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6348 wpa_printf(MSG_ERROR
, "Failed to set country code "
6353 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6354 wpas_init_ext_pw(wpa_s
);
6356 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6357 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6359 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6360 struct wpa_driver_capa capa
;
6361 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6363 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6364 wpa_printf(MSG_ERROR
,
6365 "Failed to update wowlan_triggers to '%s'",
6366 wpa_s
->conf
->wowlan_triggers
);
6370 wpas_wps_update_config(wpa_s
);
6371 #endif /* CONFIG_WPS */
6372 wpas_p2p_update_config(wpa_s
);
6373 wpa_s
->conf
->changed_parameters
= 0;
6377 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6381 for (i
= 0; i
< *num_freqs
; i
++) {
6382 if (freqs
[i
] == freq
)
6386 freqs
[*num_freqs
] = freq
;
6391 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6393 struct wpa_bss
*bss
, *cbss
;
6394 const int max_freqs
= 10;
6398 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6402 cbss
= wpa_s
->current_bss
;
6404 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6407 if (bss
->ssid_len
== cbss
->ssid_len
&&
6408 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6409 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6410 add_freq(freqs
, &num_freqs
, bss
->freq
);
6411 if (num_freqs
== max_freqs
)
6416 if (num_freqs
== 0) {
6425 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6431 wpas_connect_work_done(wpa_s
);
6434 * Remove possible authentication timeout since the connection failed.
6436 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6439 * There is no point in blacklisting the AP if this event is
6440 * generated based on local request to disconnect.
6442 if (wpa_s
->own_disconnect_req
) {
6443 wpa_s
->own_disconnect_req
= 0;
6444 wpa_dbg(wpa_s
, MSG_DEBUG
,
6445 "Ignore connection failure due to local request to disconnect");
6448 if (wpa_s
->disconnected
) {
6449 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6450 "indication since interface has been put into "
6451 "disconnected state");
6456 * Add the failed BSSID into the blacklist and speed up next scan
6457 * attempt if there could be other APs that could accept association.
6458 * The current blacklist count indicates how many times we have tried
6459 * connecting to this AP and multiple attempts mean that other APs are
6460 * either not available or has already been tried, so that we can start
6461 * increasing the delay here to avoid constant scanning.
6463 count
= wpa_blacklist_add(wpa_s
, bssid
);
6464 if (count
== 1 && wpa_s
->current_bss
) {
6466 * This BSS was not in the blacklist before. If there is
6467 * another BSS available for the same ESS, we should try that
6468 * next. Otherwise, we may as well try this one once more
6469 * before allowing other, likely worse, ESSes to be considered.
6471 freqs
= get_bss_freqs_in_ess(wpa_s
);
6473 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6474 "has been seen; try it next");
6475 wpa_blacklist_add(wpa_s
, bssid
);
6477 * On the next scan, go through only the known channels
6478 * used in this ESS based on previous scans to speed up
6479 * common load balancing use case.
6481 os_free(wpa_s
->next_scan_freqs
);
6482 wpa_s
->next_scan_freqs
= freqs
;
6487 * Add previous failure count in case the temporary blacklist was
6488 * cleared due to no other BSSes being available.
6490 count
+= wpa_s
->extra_blacklist_count
;
6492 if (count
> 3 && wpa_s
->current_ssid
) {
6493 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6494 "consider temporary network disabling");
6495 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6516 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6517 "ms", count
, timeout
);
6520 * TODO: if more than one possible AP is available in scan results,
6521 * could try the other ones before requesting a new scan.
6523 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6524 1000 * (timeout
% 1000));
6529 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6531 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6532 const u8
*realm
, *username
, *rrk
;
6533 size_t realm_len
, username_len
, rrk_len
;
6536 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6537 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6538 &username
, &username_len
,
6539 &realm
, &realm_len
, &next_seq_num
,
6540 &rrk
, &rrk_len
) != 0 ||
6544 wpa_hexdump_ascii(MSG_DEBUG
,
6545 "FILS: Store last connection failure realm",
6547 os_free(wpa_s
->last_con_fail_realm
);
6548 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6549 if (wpa_s
->last_con_fail_realm
) {
6550 wpa_s
->last_con_fail_realm_len
= realm_len
;
6551 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6554 #endif /* CONFIG_FILS */
6557 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6559 return wpa_s
->conf
->ap_scan
== 2 ||
6560 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6564 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6565 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6566 struct wpa_ssid
*ssid
,
6570 #ifdef IEEE8021X_EAPOL
6571 struct eap_peer_config
*eap
= &ssid
->eap
;
6573 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6574 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6575 (const u8
*) value
, os_strlen(value
));
6577 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6578 case WPA_CTRL_REQ_EAP_IDENTITY
:
6579 os_free(eap
->identity
);
6580 eap
->identity
= (u8
*) os_strdup(value
);
6581 eap
->identity_len
= os_strlen(value
);
6582 eap
->pending_req_identity
= 0;
6583 if (ssid
== wpa_s
->current_ssid
)
6584 wpa_s
->reassociate
= 1;
6586 case WPA_CTRL_REQ_EAP_PASSWORD
:
6587 bin_clear_free(eap
->password
, eap
->password_len
);
6588 eap
->password
= (u8
*) os_strdup(value
);
6589 eap
->password_len
= os_strlen(value
);
6590 eap
->pending_req_password
= 0;
6591 if (ssid
== wpa_s
->current_ssid
)
6592 wpa_s
->reassociate
= 1;
6594 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6595 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6596 eap
->new_password
= (u8
*) os_strdup(value
);
6597 eap
->new_password_len
= os_strlen(value
);
6598 eap
->pending_req_new_password
= 0;
6599 if (ssid
== wpa_s
->current_ssid
)
6600 wpa_s
->reassociate
= 1;
6602 case WPA_CTRL_REQ_EAP_PIN
:
6603 str_clear_free(eap
->pin
);
6604 eap
->pin
= os_strdup(value
);
6605 eap
->pending_req_pin
= 0;
6606 if (ssid
== wpa_s
->current_ssid
)
6607 wpa_s
->reassociate
= 1;
6609 case WPA_CTRL_REQ_EAP_OTP
:
6610 bin_clear_free(eap
->otp
, eap
->otp_len
);
6611 eap
->otp
= (u8
*) os_strdup(value
);
6612 eap
->otp_len
= os_strlen(value
);
6613 os_free(eap
->pending_req_otp
);
6614 eap
->pending_req_otp
= NULL
;
6615 eap
->pending_req_otp_len
= 0;
6617 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6618 str_clear_free(eap
->private_key_passwd
);
6619 eap
->private_key_passwd
= os_strdup(value
);
6620 eap
->pending_req_passphrase
= 0;
6621 if (ssid
== wpa_s
->current_ssid
)
6622 wpa_s
->reassociate
= 1;
6624 case WPA_CTRL_REQ_SIM
:
6625 str_clear_free(eap
->external_sim_resp
);
6626 eap
->external_sim_resp
= os_strdup(value
);
6627 eap
->pending_req_sim
= 0;
6629 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6630 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6632 ssid
->mem_only_psk
= 1;
6633 if (ssid
->passphrase
)
6634 wpa_config_update_psk(ssid
);
6635 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6636 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6638 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6639 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6641 if (os_strcmp(value
, "good") == 0)
6642 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6643 else if (os_strcmp(value
, "bad") == 0)
6644 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6649 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6654 #else /* IEEE8021X_EAPOL */
6655 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6657 #endif /* IEEE8021X_EAPOL */
6659 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6662 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6665 unsigned int drv_enc
;
6667 if (wpa_s
->p2p_mgmt
)
6668 return 1; /* no normal network profiles on p2p_mgmt interface */
6676 if (wpa_s
->drv_capa_known
)
6677 drv_enc
= wpa_s
->drv_enc
;
6679 drv_enc
= (unsigned int) -1;
6681 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6682 size_t len
= ssid
->wep_key_len
[i
];
6685 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6687 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6689 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6691 return 1; /* invalid WEP key */
6694 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6695 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6696 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
6697 !ssid
->mem_only_psk
)
6704 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6706 #ifdef CONFIG_IEEE80211W
6707 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6708 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6709 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6711 * Driver does not support BIP -- ignore pmf=1 default
6712 * since the connection with PMF would fail and the
6713 * configuration does not require PMF to be enabled.
6715 return NO_MGMT_FRAME_PROTECTION
;
6720 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6721 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6723 * Do not use the default PMF value for non-RSN networks
6724 * since PMF is available only with RSN and pmf=2
6725 * configuration would otherwise prevent connections to
6726 * all open networks.
6728 return NO_MGMT_FRAME_PROTECTION
;
6731 return wpa_s
->conf
->pmf
;
6734 return ssid
->ieee80211w
;
6735 #else /* CONFIG_IEEE80211W */
6736 return NO_MGMT_FRAME_PROTECTION
;
6737 #endif /* CONFIG_IEEE80211W */
6741 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6743 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6745 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6751 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6753 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6755 struct os_reltime now
;
6758 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6763 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6766 ssid
->auth_failures
++;
6769 if (ssid
->p2p_group
&&
6770 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6772 * Skip the wait time since there is a short timeout on the
6773 * connection to a P2P group.
6777 #endif /* CONFIG_P2P */
6779 if (ssid
->auth_failures
> 50)
6781 else if (ssid
->auth_failures
> 10)
6783 else if (ssid
->auth_failures
> 5)
6785 else if (ssid
->auth_failures
> 3)
6787 else if (ssid
->auth_failures
> 2)
6789 else if (ssid
->auth_failures
> 1)
6794 if (ssid
->auth_failures
> 1 &&
6795 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6796 dur
+= os_random() % (ssid
->auth_failures
* 10);
6798 os_get_reltime(&now
);
6799 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6802 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6804 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6805 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6806 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6807 ssid
->auth_failures
, dur
, reason
);
6811 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6812 struct wpa_ssid
*ssid
, int clear_failures
)
6817 if (ssid
->disabled_until
.sec
) {
6818 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6819 "id=%d ssid=\"%s\"",
6820 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6822 ssid
->disabled_until
.sec
= 0;
6823 ssid
->disabled_until
.usec
= 0;
6825 ssid
->auth_failures
= 0;
6829 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6833 if (wpa_s
->disallow_aps_bssid
== NULL
)
6836 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6837 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6838 bssid
, ETH_ALEN
) == 0)
6846 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6851 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6854 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6855 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6856 if (ssid_len
== s
->ssid_len
&&
6857 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6866 * wpas_request_connection - Request a new connection
6867 * @wpa_s: Pointer to the network interface
6869 * This function is used to request a new connection to be found. It will mark
6870 * the interface to allow reassociation and request a new scan to find a
6871 * suitable network to connect to.
6873 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6875 wpa_s
->normal_scans
= 0;
6876 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6877 wpa_supplicant_reinit_autoscan(wpa_s
);
6878 wpa_s
->extra_blacklist_count
= 0;
6879 wpa_s
->disconnected
= 0;
6880 wpa_s
->reassociate
= 1;
6881 wpa_s
->last_owe_group
= 0;
6883 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6884 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6886 wpa_s
->reattach
= 0;
6891 * wpas_request_disconnection - Request disconnection
6892 * @wpa_s: Pointer to the network interface
6894 * This function is used to request disconnection from the currently connected
6895 * network. This will stop any ongoing scans and initiate deauthentication.
6897 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6900 wpa_s
->sme
.prev_bssid_set
= 0;
6901 #endif /* CONFIG_SME */
6902 wpa_s
->reassociate
= 0;
6903 wpa_s
->disconnected
= 1;
6904 wpa_supplicant_cancel_sched_scan(wpa_s
);
6905 wpa_supplicant_cancel_scan(wpa_s
);
6906 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6907 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6911 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6912 struct wpa_used_freq_data
*freqs_data
,
6917 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6919 for (i
= 0; i
< len
; i
++) {
6920 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6921 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6922 i
, cur
->freq
, cur
->flags
);
6928 * Find the operating frequencies of any of the virtual interfaces that
6929 * are using the same radio as the current interface, and in addition, get
6930 * information about the interface types that are using the frequency.
6932 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6933 struct wpa_used_freq_data
*freqs_data
,
6936 struct wpa_supplicant
*ifs
;
6939 unsigned int idx
= 0, i
;
6941 wpa_dbg(wpa_s
, MSG_DEBUG
,
6942 "Determining shared radio frequencies (max len %u)", len
);
6943 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6945 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6950 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6953 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6954 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6955 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6956 freq
= ifs
->current_ssid
->frequency
;
6957 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6958 freq
= ifs
->assoc_freq
;
6962 /* Hold only distinct freqs */
6963 for (i
= 0; i
< idx
; i
++)
6964 if (freqs_data
[i
].freq
== freq
)
6968 freqs_data
[idx
++].freq
= freq
;
6970 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6971 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6972 WPA_FREQ_USED_BY_P2P_CLIENT
:
6973 WPA_FREQ_USED_BY_INFRA_STATION
;
6977 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6983 * Find the operating frequencies of any of the virtual interfaces that
6984 * are using the same radio as the current interface.
6986 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6987 int *freq_array
, unsigned int len
)
6989 struct wpa_used_freq_data
*freqs_data
;
6992 os_memset(freq_array
, 0, sizeof(int) * len
);
6994 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6998 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6999 for (i
= 0; i
< num
; i
++)
7000 freq_array
[i
] = freqs_data
[i
].freq
;
7002 os_free(freqs_data
);
7008 struct wpa_supplicant
*
7009 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7013 case VENDOR_ELEM_PROBE_REQ_P2P
:
7014 case VENDOR_ELEM_PROBE_RESP_P2P
:
7015 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7016 case VENDOR_ELEM_BEACON_P2P_GO
:
7017 case VENDOR_ELEM_P2P_PD_REQ
:
7018 case VENDOR_ELEM_P2P_PD_RESP
:
7019 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7020 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7021 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7022 case VENDOR_ELEM_P2P_INV_REQ
:
7023 case VENDOR_ELEM_P2P_INV_RESP
:
7024 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7025 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7026 return wpa_s
->p2pdev
;
7027 #endif /* CONFIG_P2P */
7034 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7039 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7041 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7042 if (wpa_s
->vendor_elem
[i
]) {
7045 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7046 if (!os_snprintf_error(sizeof(buf
), res
)) {
7047 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7048 wpa_s
->vendor_elem
[i
]);
7054 if (wpa_s
->parent
== wpa_s
&&
7055 wpa_s
->global
->p2p
&&
7056 !wpa_s
->global
->p2p_disabled
)
7057 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7058 #endif /* CONFIG_P2P */
7062 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7063 const u8
*elem
, size_t len
)
7067 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7068 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7070 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7073 if (os_memcmp(ie
, elem
, len
) != 0)
7076 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7077 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7078 wpa_s
->vendor_elem
[frame
] = NULL
;
7080 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7081 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7083 wpas_vendor_elem_update(wpa_s
);
7091 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7092 u16 num_modes
, enum hostapd_hw_mode mode
)
7096 for (i
= 0; i
< num_modes
; i
++) {
7097 if (modes
[i
].mode
== mode
)
7106 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7109 struct wpa_bss_tmp_disallowed
*bss
;
7111 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7112 struct wpa_bss_tmp_disallowed
, list
) {
7113 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7121 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7123 struct wpa_bss_tmp_disallowed
*tmp
;
7124 unsigned int num_bssid
= 0;
7128 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7131 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7132 struct wpa_bss_tmp_disallowed
, list
) {
7133 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7137 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7143 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7145 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7146 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7148 /* Make sure the bss is not already freed */
7149 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7150 struct wpa_bss_tmp_disallowed
, list
) {
7152 dl_list_del(&tmp
->list
);
7154 wpa_set_driver_tmp_disallow_list(wpa_s
);
7161 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7164 struct wpa_bss_tmp_disallowed
*bss
;
7166 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7168 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7169 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7174 bss
= os_malloc(sizeof(*bss
));
7176 wpa_printf(MSG_DEBUG
,
7177 "Failed to allocate memory for temp disallow BSS");
7181 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7182 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7183 wpa_set_driver_tmp_disallow_list(wpa_s
);
7184 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7189 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7191 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
7193 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7194 struct wpa_bss_tmp_disallowed
, list
) {
7195 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {