]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
TDLS: Add initial support for TDLS (IEEE Std 802.11z-2010)
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19 #include "includes.h"
20
21 #include "common.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_server/eap_methods.h"
25 #include "rsn_supp/wpa.h"
26 #include "eloop.h"
27 #include "config.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "driver_i.h"
31 #include "ctrl_iface.h"
32 #include "pcsc_funcs.h"
33 #include "common/version.h"
34 #include "rsn_supp/preauth.h"
35 #include "rsn_supp/pmksa_cache.h"
36 #include "common/wpa_ctrl.h"
37 #include "mlme.h"
38 #include "common/ieee802_11_defs.h"
39 #include "p2p/p2p.h"
40 #include "blacklist.h"
41 #include "wpas_glue.h"
42 #include "wps_supplicant.h"
43 #include "ibss_rsn.h"
44 #include "sme.h"
45 #include "ap.h"
46 #include "p2p_supplicant.h"
47 #include "notify.h"
48 #include "bgscan.h"
49 #include "bss.h"
50 #include "scan.h"
51
52 const char *wpa_supplicant_version =
53 "wpa_supplicant v" VERSION_STR "\n"
54 "Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors";
55
56 const char *wpa_supplicant_license =
57 "This program is free software. You can distribute it and/or modify it\n"
58 "under the terms of the GNU General Public License version 2.\n"
59 "\n"
60 "Alternatively, this software may be distributed under the terms of the\n"
61 "BSD license. See README and COPYING for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
66 ;
67
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
71 "This program is free software; you can redistribute it and/or modify\n"
72 "it under the terms of the GNU General Public License version 2 as\n"
73 "published by the Free Software Foundation.\n"
74 "\n"
75 "This program is distributed in the hope that it will be useful,\n"
76 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
77 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
78 "GNU General Public License for more details.\n"
79 "\n";
80 const char *wpa_supplicant_full_license2 =
81 "You should have received a copy of the GNU General Public License\n"
82 "along with this program; if not, write to the Free Software\n"
83 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
84 "\n"
85 "Alternatively, this software may be distributed under the terms of the\n"
86 "BSD license.\n"
87 "\n"
88 "Redistribution and use in source and binary forms, with or without\n"
89 "modification, are permitted provided that the following conditions are\n"
90 "met:\n"
91 "\n";
92 const char *wpa_supplicant_full_license3 =
93 "1. Redistributions of source code must retain the above copyright\n"
94 " notice, this list of conditions and the following disclaimer.\n"
95 "\n"
96 "2. Redistributions in binary form must reproduce the above copyright\n"
97 " notice, this list of conditions and the following disclaimer in the\n"
98 " documentation and/or other materials provided with the distribution.\n"
99 "\n";
100 const char *wpa_supplicant_full_license4 =
101 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
102 " names of its contributors may be used to endorse or promote products\n"
103 " derived from this software without specific prior written permission.\n"
104 "\n"
105 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
106 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
107 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
108 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
109 const char *wpa_supplicant_full_license5 =
110 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
111 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
112 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
113 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
114 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
115 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
116 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
117 "\n";
118 #endif /* CONFIG_NO_STDOUT_DEBUG */
119
120 extern int wpa_debug_level;
121 extern int wpa_debug_show_keys;
122 extern int wpa_debug_timestamp;
123 extern struct wpa_driver_ops *wpa_drivers[];
124
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
127 {
128 int i, set = 0;
129
130 for (i = 0; i < NUM_WEP_KEYS; i++) {
131 if (ssid->wep_key_len[i] == 0)
132 continue;
133
134 set = 1;
135 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
136 i, i == ssid->wep_tx_keyidx, NULL, 0,
137 ssid->wep_key[i], ssid->wep_key_len[i]);
138 }
139
140 return set;
141 }
142
143
144 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
145 struct wpa_ssid *ssid)
146 {
147 u8 key[32];
148 size_t keylen;
149 enum wpa_alg alg;
150 u8 seq[6] = { 0 };
151
152 /* IBSS/WPA-None uses only one key (Group) for both receiving and
153 * sending unicast and multicast packets. */
154
155 if (ssid->mode != WPAS_MODE_IBSS) {
156 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
157 "IBSS/ad-hoc) for WPA-None", ssid->mode);
158 return -1;
159 }
160
161 if (!ssid->psk_set) {
162 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
163 "WPA-None");
164 return -1;
165 }
166
167 switch (wpa_s->group_cipher) {
168 case WPA_CIPHER_CCMP:
169 os_memcpy(key, ssid->psk, 16);
170 keylen = 16;
171 alg = WPA_ALG_CCMP;
172 break;
173 case WPA_CIPHER_TKIP:
174 /* WPA-None uses the same Michael MIC key for both TX and RX */
175 os_memcpy(key, ssid->psk, 16 + 8);
176 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
177 keylen = 32;
178 alg = WPA_ALG_TKIP;
179 break;
180 default:
181 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
182 "WPA-None", wpa_s->group_cipher);
183 return -1;
184 }
185
186 /* TODO: should actually remember the previously used seq#, both for TX
187 * and RX from each STA.. */
188
189 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
190 }
191
192
193 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
194 {
195 struct wpa_supplicant *wpa_s = eloop_ctx;
196 const u8 *bssid = wpa_s->bssid;
197 if (is_zero_ether_addr(bssid))
198 bssid = wpa_s->pending_bssid;
199 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
200 MAC2STR(bssid));
201 wpa_blacklist_add(wpa_s, bssid);
202 wpa_sm_notify_disassoc(wpa_s->wpa);
203 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
204 wpa_s->reassociate = 1;
205
206 /*
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
209 */
210 wpa_supplicant_req_scan(wpa_s, 1, 0);
211 }
212
213
214 /**
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
219 *
220 * This function is used to schedule a timeout for the current authentication
221 * attempt.
222 */
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 int sec, int usec)
225 {
226 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
227 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 return;
229
230 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
231 "%d usec", sec, usec);
232 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
233 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
234 }
235
236
237 /**
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
240 *
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 * been completed.
244 */
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
246 {
247 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
249 wpa_blacklist_del(wpa_s, wpa_s->bssid);
250 }
251
252
253 /**
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
256 *
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
259 */
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
261 {
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf;
264 struct wpa_ssid *ssid = wpa_s->current_ssid;
265
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid->mode == WPAS_MODE_IBSS &&
268 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
270 /*
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
273 */
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 return;
278 }
279 #endif /* CONFIG_IBSS_RSN */
280
281 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
282 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
283
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
285 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
286 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
287 else
288 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
289
290 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
291 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
292 eapol_conf.accept_802_1x_keys = 1;
293 eapol_conf.required_keys = 0;
294 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
295 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
296 }
297 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
298 eapol_conf.required_keys |=
299 EAPOL_REQUIRE_KEY_BROADCAST;
300 }
301
302 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
303 eapol_conf.required_keys = 0;
304 }
305 if (wpa_s->conf)
306 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
307 eapol_conf.workaround = ssid->eap_workaround;
308 eapol_conf.eap_disabled =
309 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
311 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
312 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
313 #endif /* IEEE8021X_EAPOL */
314 }
315
316
317 /**
318 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
319 * @wpa_s: Pointer to wpa_supplicant data
320 * @ssid: Configuration data for the network
321 *
322 * This function is used to configure WPA state machine and related parameters
323 * to a mode where WPA is not enabled. This is called as part of the
324 * authentication configuration when the selected network does not use WPA.
325 */
326 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
327 struct wpa_ssid *ssid)
328 {
329 int i;
330
331 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
332 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
333 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
334 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
335 else
336 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
337 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
338 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
340 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
341 wpa_s->group_cipher = WPA_CIPHER_NONE;
342 wpa_s->mgmt_group_cipher = 0;
343
344 for (i = 0; i < NUM_WEP_KEYS; i++) {
345 if (ssid->wep_key_len[i] > 5) {
346 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
347 wpa_s->group_cipher = WPA_CIPHER_WEP104;
348 break;
349 } else if (ssid->wep_key_len[i] > 0) {
350 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
351 wpa_s->group_cipher = WPA_CIPHER_WEP40;
352 break;
353 }
354 }
355
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
359 wpa_s->pairwise_cipher);
360 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
361 #ifdef CONFIG_IEEE80211W
362 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
363 wpa_s->mgmt_group_cipher);
364 #endif /* CONFIG_IEEE80211W */
365
366 pmksa_cache_clear_current(wpa_s->wpa);
367 }
368
369
370 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
371 {
372 bgscan_deinit(wpa_s);
373 scard_deinit(wpa_s->scard);
374 wpa_s->scard = NULL;
375 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
376 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
377 l2_packet_deinit(wpa_s->l2);
378 wpa_s->l2 = NULL;
379 if (wpa_s->l2_br) {
380 l2_packet_deinit(wpa_s->l2_br);
381 wpa_s->l2_br = NULL;
382 }
383
384 if (wpa_s->ctrl_iface) {
385 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
386 wpa_s->ctrl_iface = NULL;
387 }
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
392 wpa_config_free(wpa_s->conf);
393 wpa_s->conf = NULL;
394 }
395
396 os_free(wpa_s->confname);
397 wpa_s->confname = NULL;
398
399 wpa_sm_set_eapol(wpa_s->wpa, NULL);
400 eapol_sm_deinit(wpa_s->eapol);
401 wpa_s->eapol = NULL;
402
403 rsn_preauth_deinit(wpa_s->wpa);
404
405 #ifdef CONFIG_TDLS
406 wpa_tdls_deinit(wpa_s->wpa);
407 #endif /* CONFIG_TDLS */
408
409 pmksa_candidate_free(wpa_s->wpa);
410 wpa_sm_deinit(wpa_s->wpa);
411 wpa_s->wpa = NULL;
412 wpa_blacklist_clear(wpa_s);
413
414 wpa_bss_deinit(wpa_s);
415
416 wpa_supplicant_cancel_scan(wpa_s);
417 wpa_supplicant_cancel_auth_timeout(wpa_s);
418
419 ieee80211_sta_deinit(wpa_s);
420
421 wpas_wps_deinit(wpa_s);
422
423 wpabuf_free(wpa_s->pending_eapol_rx);
424 wpa_s->pending_eapol_rx = NULL;
425
426 #ifdef CONFIG_IBSS_RSN
427 ibss_rsn_deinit(wpa_s->ibss_rsn);
428 wpa_s->ibss_rsn = NULL;
429 #endif /* CONFIG_IBSS_RSN */
430
431 sme_deinit(wpa_s);
432
433 #ifdef CONFIG_AP
434 wpa_supplicant_ap_deinit(wpa_s);
435 #endif /* CONFIG_AP */
436
437 #ifdef CONFIG_P2P
438 wpas_p2p_deinit(wpa_s);
439 #endif /* CONFIG_P2P */
440
441 os_free(wpa_s->next_scan_freqs);
442 wpa_s->next_scan_freqs = NULL;
443 }
444
445
446 /**
447 * wpa_clear_keys - Clear keys configured for the driver
448 * @wpa_s: Pointer to wpa_supplicant data
449 * @addr: Previously used BSSID or %NULL if not available
450 *
451 * This function clears the encryption keys that has been previously configured
452 * for the driver.
453 */
454 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
455 {
456 if (wpa_s->keys_cleared) {
457 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
458 * timing issues with keys being cleared just before new keys
459 * are set or just after association or something similar. This
460 * shows up in group key handshake failing often because of the
461 * client not receiving the first encrypted packets correctly.
462 * Skipping some of the extra key clearing steps seems to help
463 * in completing group key handshake more reliably. */
464 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
465 "skip key clearing");
466 return;
467 }
468
469 /* MLME-DELETEKEYS.request */
470 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
471 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
472 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
473 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
474 #ifdef CONFIG_IEEE80211W
475 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
476 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
477 #endif /* CONFIG_IEEE80211W */
478 if (addr) {
479 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
480 0);
481 /* MLME-SETPROTECTION.request(None) */
482 wpa_drv_mlme_setprotection(
483 wpa_s, addr,
484 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
485 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
486 }
487 wpa_s->keys_cleared = 1;
488 }
489
490
491 /**
492 * wpa_supplicant_state_txt - Get the connection state name as a text string
493 * @state: State (wpa_state; WPA_*)
494 * Returns: The state name as a printable text string
495 */
496 const char * wpa_supplicant_state_txt(enum wpa_states state)
497 {
498 switch (state) {
499 case WPA_DISCONNECTED:
500 return "DISCONNECTED";
501 case WPA_INACTIVE:
502 return "INACTIVE";
503 case WPA_INTERFACE_DISABLED:
504 return "INTERFACE_DISABLED";
505 case WPA_SCANNING:
506 return "SCANNING";
507 case WPA_AUTHENTICATING:
508 return "AUTHENTICATING";
509 case WPA_ASSOCIATING:
510 return "ASSOCIATING";
511 case WPA_ASSOCIATED:
512 return "ASSOCIATED";
513 case WPA_4WAY_HANDSHAKE:
514 return "4WAY_HANDSHAKE";
515 case WPA_GROUP_HANDSHAKE:
516 return "GROUP_HANDSHAKE";
517 case WPA_COMPLETED:
518 return "COMPLETED";
519 default:
520 return "UNKNOWN";
521 }
522 }
523
524
525 /**
526 * wpa_supplicant_set_state - Set current connection state
527 * @wpa_s: Pointer to wpa_supplicant data
528 * @state: The new connection state
529 *
530 * This function is called whenever the connection state changes, e.g.,
531 * association is completed for WPA/WPA2 4-Way Handshake is started.
532 */
533 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
534 enum wpa_states state)
535 {
536 enum wpa_states old_state = wpa_s->wpa_state;
537
538 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
539 wpa_supplicant_state_txt(wpa_s->wpa_state),
540 wpa_supplicant_state_txt(state));
541
542 if (state != WPA_SCANNING)
543 wpa_supplicant_notify_scanning(wpa_s, 0);
544
545 if (state == WPA_COMPLETED && wpa_s->new_connection) {
546 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
547 struct wpa_ssid *ssid = wpa_s->current_ssid;
548 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
549 MACSTR " completed %s [id=%d id_str=%s]",
550 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
551 "(reauth)" : "(auth)",
552 ssid ? ssid->id : -1,
553 ssid && ssid->id_str ? ssid->id_str : "");
554 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
555 wpa_s->new_connection = 0;
556 wpa_s->reassociated_connection = 1;
557 wpa_drv_set_operstate(wpa_s, 1);
558 #ifndef IEEE8021X_EAPOL
559 wpa_drv_set_supp_port(wpa_s, 1);
560 #endif /* IEEE8021X_EAPOL */
561 wpa_s->after_wps = 0;
562 #ifdef CONFIG_P2P
563 wpas_p2p_completed(wpa_s);
564 #endif /* CONFIG_P2P */
565 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
566 state == WPA_ASSOCIATED) {
567 wpa_s->new_connection = 1;
568 wpa_drv_set_operstate(wpa_s, 0);
569 #ifndef IEEE8021X_EAPOL
570 wpa_drv_set_supp_port(wpa_s, 0);
571 #endif /* IEEE8021X_EAPOL */
572 }
573 wpa_s->wpa_state = state;
574
575 if (wpa_s->wpa_state != old_state)
576 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
577 }
578
579
580 void wpa_supplicant_terminate_proc(struct wpa_global *global)
581 {
582 int pending = 0;
583 #ifdef CONFIG_WPS
584 struct wpa_supplicant *wpa_s = global->ifaces;
585 while (wpa_s) {
586 if (wpas_wps_terminate_pending(wpa_s) == 1)
587 pending = 1;
588 wpa_s = wpa_s->next;
589 }
590 #endif /* CONFIG_WPS */
591 if (pending)
592 return;
593 eloop_terminate();
594 }
595
596
597 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
598 {
599 struct wpa_global *global = signal_ctx;
600 struct wpa_supplicant *wpa_s;
601 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
602 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
603 "received", sig);
604 }
605 wpa_supplicant_terminate_proc(global);
606 }
607
608
609 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
610 {
611 enum wpa_states old_state = wpa_s->wpa_state;
612
613 wpa_s->pairwise_cipher = 0;
614 wpa_s->group_cipher = 0;
615 wpa_s->mgmt_group_cipher = 0;
616 wpa_s->key_mgmt = 0;
617 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
618 wpa_s->wpa_state = WPA_DISCONNECTED;
619
620 if (wpa_s->wpa_state != old_state)
621 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
622 }
623
624
625 /**
626 * wpa_supplicant_reload_configuration - Reload configuration data
627 * @wpa_s: Pointer to wpa_supplicant data
628 * Returns: 0 on success or -1 if configuration parsing failed
629 *
630 * This function can be used to request that the configuration data is reloaded
631 * (e.g., after configuration file change). This function is reloading
632 * configuration only for one interface, so this may need to be called multiple
633 * times if %wpa_supplicant is controlling multiple interfaces and all
634 * interfaces need reconfiguration.
635 */
636 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
637 {
638 struct wpa_config *conf;
639 struct wpa_ssid *old_ssid;
640 int reconf_ctrl;
641 int old_ap_scan;
642
643 if (wpa_s->confname == NULL)
644 return -1;
645 conf = wpa_config_read(wpa_s->confname);
646 if (conf == NULL) {
647 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
648 "file '%s' - exiting", wpa_s->confname);
649 return -1;
650 }
651 conf->changed_parameters = (unsigned int) -1;
652
653 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
654 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
655 os_strcmp(conf->ctrl_interface,
656 wpa_s->conf->ctrl_interface) != 0);
657
658 if (reconf_ctrl && wpa_s->ctrl_iface) {
659 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
660 wpa_s->ctrl_iface = NULL;
661 }
662
663 eapol_sm_invalidate_cached_session(wpa_s->eapol);
664 old_ssid = wpa_s->current_ssid;
665 wpa_s->current_ssid = NULL;
666 if (old_ssid != wpa_s->current_ssid)
667 wpas_notify_network_changed(wpa_s);
668
669 /*
670 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
671 * pkcs11_engine_path, pkcs11_module_path.
672 */
673 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
674 /*
675 * Clear forced success to clear EAP state for next
676 * authentication.
677 */
678 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
679 }
680 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
681 wpa_sm_set_config(wpa_s->wpa, NULL);
682 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
683 rsn_preauth_deinit(wpa_s->wpa);
684
685 old_ap_scan = wpa_s->conf->ap_scan;
686 wpa_config_free(wpa_s->conf);
687 wpa_s->conf = conf;
688 if (old_ap_scan != wpa_s->conf->ap_scan)
689 wpas_notify_ap_scan_changed(wpa_s);
690
691 if (reconf_ctrl)
692 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
693
694 wpa_supplicant_update_config(wpa_s);
695
696 wpa_supplicant_clear_status(wpa_s);
697 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
698 wpa_s->reassociate = 1;
699 wpa_supplicant_req_scan(wpa_s, 0, 0);
700 }
701 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
702 return 0;
703 }
704
705
706 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
707 {
708 struct wpa_global *global = signal_ctx;
709 struct wpa_supplicant *wpa_s;
710 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
711 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
712 sig);
713 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
714 wpa_supplicant_terminate_proc(global);
715 }
716 }
717 }
718
719
720 enum wpa_cipher cipher_suite2driver(int cipher)
721 {
722 switch (cipher) {
723 case WPA_CIPHER_NONE:
724 return CIPHER_NONE;
725 case WPA_CIPHER_WEP40:
726 return CIPHER_WEP40;
727 case WPA_CIPHER_WEP104:
728 return CIPHER_WEP104;
729 case WPA_CIPHER_CCMP:
730 return CIPHER_CCMP;
731 case WPA_CIPHER_TKIP:
732 default:
733 return CIPHER_TKIP;
734 }
735 }
736
737
738 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
739 {
740 switch (key_mgmt) {
741 case WPA_KEY_MGMT_NONE:
742 return KEY_MGMT_NONE;
743 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
744 return KEY_MGMT_802_1X_NO_WPA;
745 case WPA_KEY_MGMT_IEEE8021X:
746 return KEY_MGMT_802_1X;
747 case WPA_KEY_MGMT_WPA_NONE:
748 return KEY_MGMT_WPA_NONE;
749 case WPA_KEY_MGMT_FT_IEEE8021X:
750 return KEY_MGMT_FT_802_1X;
751 case WPA_KEY_MGMT_FT_PSK:
752 return KEY_MGMT_FT_PSK;
753 case WPA_KEY_MGMT_IEEE8021X_SHA256:
754 return KEY_MGMT_802_1X_SHA256;
755 case WPA_KEY_MGMT_PSK_SHA256:
756 return KEY_MGMT_PSK_SHA256;
757 case WPA_KEY_MGMT_WPS:
758 return KEY_MGMT_WPS;
759 case WPA_KEY_MGMT_PSK:
760 default:
761 return KEY_MGMT_PSK;
762 }
763 }
764
765
766 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
767 struct wpa_ssid *ssid,
768 struct wpa_ie_data *ie)
769 {
770 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
771 if (ret) {
772 if (ret == -2) {
773 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
774 "from association info");
775 }
776 return -1;
777 }
778
779 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
780 "cipher suites");
781 if (!(ie->group_cipher & ssid->group_cipher)) {
782 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
783 "cipher 0x%x (mask 0x%x) - reject",
784 ie->group_cipher, ssid->group_cipher);
785 return -1;
786 }
787 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
788 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
789 "cipher 0x%x (mask 0x%x) - reject",
790 ie->pairwise_cipher, ssid->pairwise_cipher);
791 return -1;
792 }
793 if (!(ie->key_mgmt & ssid->key_mgmt)) {
794 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
795 "management 0x%x (mask 0x%x) - reject",
796 ie->key_mgmt, ssid->key_mgmt);
797 return -1;
798 }
799
800 #ifdef CONFIG_IEEE80211W
801 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
802 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
803 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
804 "that does not support management frame protection - "
805 "reject");
806 return -1;
807 }
808 #endif /* CONFIG_IEEE80211W */
809
810 return 0;
811 }
812
813
814 /**
815 * wpa_supplicant_set_suites - Set authentication and encryption parameters
816 * @wpa_s: Pointer to wpa_supplicant data
817 * @bss: Scan results for the selected BSS, or %NULL if not available
818 * @ssid: Configuration data for the selected network
819 * @wpa_ie: Buffer for the WPA/RSN IE
820 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
821 * used buffer length in case the functions returns success.
822 * Returns: 0 on success or -1 on failure
823 *
824 * This function is used to configure authentication and encryption parameters
825 * based on the network configuration and scan result for the selected BSS (if
826 * available).
827 */
828 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
829 struct wpa_bss *bss, struct wpa_ssid *ssid,
830 u8 *wpa_ie, size_t *wpa_ie_len)
831 {
832 struct wpa_ie_data ie;
833 int sel, proto;
834 const u8 *bss_wpa, *bss_rsn;
835
836 if (bss) {
837 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
838 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
839 } else
840 bss_wpa = bss_rsn = NULL;
841
842 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
843 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
844 (ie.group_cipher & ssid->group_cipher) &&
845 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
846 (ie.key_mgmt & ssid->key_mgmt)) {
847 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
848 proto = WPA_PROTO_RSN;
849 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
850 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
851 (ie.group_cipher & ssid->group_cipher) &&
852 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
853 (ie.key_mgmt & ssid->key_mgmt)) {
854 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
855 proto = WPA_PROTO_WPA;
856 } else if (bss) {
857 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
858 return -1;
859 } else {
860 if (ssid->proto & WPA_PROTO_RSN)
861 proto = WPA_PROTO_RSN;
862 else
863 proto = WPA_PROTO_WPA;
864 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
865 os_memset(&ie, 0, sizeof(ie));
866 ie.group_cipher = ssid->group_cipher;
867 ie.pairwise_cipher = ssid->pairwise_cipher;
868 ie.key_mgmt = ssid->key_mgmt;
869 #ifdef CONFIG_IEEE80211W
870 ie.mgmt_group_cipher =
871 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
872 WPA_CIPHER_AES_128_CMAC : 0;
873 #endif /* CONFIG_IEEE80211W */
874 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
875 "based on configuration");
876 } else
877 proto = ie.proto;
878 }
879
880 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
881 "pairwise %d key_mgmt %d proto %d",
882 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
883 #ifdef CONFIG_IEEE80211W
884 if (ssid->ieee80211w) {
885 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
886 ie.mgmt_group_cipher);
887 }
888 #endif /* CONFIG_IEEE80211W */
889
890 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
891 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
892 !!(ssid->proto & WPA_PROTO_RSN));
893
894 if (bss || !wpa_s->ap_ies_from_associnfo) {
895 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
896 bss_wpa ? 2 + bss_wpa[1] : 0) ||
897 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
898 bss_rsn ? 2 + bss_rsn[1] : 0))
899 return -1;
900 }
901
902 sel = ie.group_cipher & ssid->group_cipher;
903 if (sel & WPA_CIPHER_CCMP) {
904 wpa_s->group_cipher = WPA_CIPHER_CCMP;
905 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
906 } else if (sel & WPA_CIPHER_TKIP) {
907 wpa_s->group_cipher = WPA_CIPHER_TKIP;
908 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
909 } else if (sel & WPA_CIPHER_WEP104) {
910 wpa_s->group_cipher = WPA_CIPHER_WEP104;
911 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
912 } else if (sel & WPA_CIPHER_WEP40) {
913 wpa_s->group_cipher = WPA_CIPHER_WEP40;
914 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
915 } else {
916 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
917 "cipher");
918 return -1;
919 }
920
921 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
922 if (sel & WPA_CIPHER_CCMP) {
923 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
924 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
925 } else if (sel & WPA_CIPHER_TKIP) {
926 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
927 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
928 } else if (sel & WPA_CIPHER_NONE) {
929 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
930 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
931 } else {
932 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
933 "cipher");
934 return -1;
935 }
936
937 sel = ie.key_mgmt & ssid->key_mgmt;
938 if (0) {
939 #ifdef CONFIG_IEEE80211R
940 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
941 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
942 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
943 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
944 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
945 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
946 #endif /* CONFIG_IEEE80211R */
947 #ifdef CONFIG_IEEE80211W
948 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
949 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
950 wpa_dbg(wpa_s, MSG_DEBUG,
951 "WPA: using KEY_MGMT 802.1X with SHA256");
952 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
953 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
954 wpa_dbg(wpa_s, MSG_DEBUG,
955 "WPA: using KEY_MGMT PSK with SHA256");
956 #endif /* CONFIG_IEEE80211W */
957 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
958 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
959 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
960 } else if (sel & WPA_KEY_MGMT_PSK) {
961 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
962 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
963 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
964 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
965 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
966 } else {
967 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
968 "authenticated key management type");
969 return -1;
970 }
971
972 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
973 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
974 wpa_s->pairwise_cipher);
975 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
976
977 #ifdef CONFIG_IEEE80211W
978 sel = ie.mgmt_group_cipher;
979 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
980 !(ie.capabilities & WPA_CAPABILITY_MFPC))
981 sel = 0;
982 if (sel & WPA_CIPHER_AES_128_CMAC) {
983 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
984 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
985 "AES-128-CMAC");
986 } else {
987 wpa_s->mgmt_group_cipher = 0;
988 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
989 }
990 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
991 wpa_s->mgmt_group_cipher);
992 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
993 #endif /* CONFIG_IEEE80211W */
994
995 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
996 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
997 return -1;
998 }
999
1000 if (ssid->key_mgmt &
1001 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
1002 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1003 else
1004 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1005
1006 return 0;
1007 }
1008
1009
1010 /**
1011 * wpa_supplicant_associate - Request association
1012 * @wpa_s: Pointer to wpa_supplicant data
1013 * @bss: Scan results for the selected BSS, or %NULL if not available
1014 * @ssid: Configuration data for the selected network
1015 *
1016 * This function is used to request %wpa_supplicant to associate with a BSS.
1017 */
1018 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1019 struct wpa_bss *bss, struct wpa_ssid *ssid)
1020 {
1021 u8 wpa_ie[200];
1022 size_t wpa_ie_len;
1023 int use_crypt, ret, i, bssid_changed;
1024 int algs = WPA_AUTH_ALG_OPEN;
1025 enum wpa_cipher cipher_pairwise, cipher_group;
1026 struct wpa_driver_associate_params params;
1027 int wep_keys_set = 0;
1028 struct wpa_driver_capa capa;
1029 int assoc_failed = 0;
1030 struct wpa_ssid *old_ssid;
1031
1032 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1033 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1034 #ifdef CONFIG_AP
1035 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1036 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1037 "mode");
1038 return;
1039 }
1040 wpa_supplicant_create_ap(wpa_s, ssid);
1041 wpa_s->current_bss = bss;
1042 #else /* CONFIG_AP */
1043 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1044 "the build");
1045 #endif /* CONFIG_AP */
1046 return;
1047 }
1048
1049 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1050 ssid->mode == IEEE80211_MODE_INFRA) {
1051 sme_authenticate(wpa_s, bss, ssid);
1052 return;
1053 }
1054
1055 os_memset(&params, 0, sizeof(params));
1056 wpa_s->reassociate = 0;
1057 if (bss) {
1058 #ifdef CONFIG_IEEE80211R
1059 const u8 *ie, *md = NULL;
1060 #endif /* CONFIG_IEEE80211R */
1061 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1062 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1063 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1064 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1065 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1066 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1067 if (bssid_changed)
1068 wpas_notify_bssid_changed(wpa_s);
1069 #ifdef CONFIG_IEEE80211R
1070 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1071 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1072 md = ie + 2;
1073 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1074 if (md) {
1075 /* Prepare for the next transition */
1076 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1077 }
1078 #endif /* CONFIG_IEEE80211R */
1079 #ifdef CONFIG_WPS
1080 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1081 wpa_s->conf->ap_scan == 2 &&
1082 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1083 /* Use ap_scan==1 style network selection to find the network
1084 */
1085 wpa_s->scan_req = 2;
1086 wpa_s->reassociate = 1;
1087 wpa_supplicant_req_scan(wpa_s, 0, 0);
1088 return;
1089 #endif /* CONFIG_WPS */
1090 } else {
1091 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1092 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1093 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1094 }
1095 wpa_supplicant_cancel_scan(wpa_s);
1096
1097 /* Starting new association, so clear the possibly used WPA IE from the
1098 * previous association. */
1099 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1100
1101 #ifdef IEEE8021X_EAPOL
1102 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1103 if (ssid->leap) {
1104 if (ssid->non_leap == 0)
1105 algs = WPA_AUTH_ALG_LEAP;
1106 else
1107 algs |= WPA_AUTH_ALG_LEAP;
1108 }
1109 }
1110 #endif /* IEEE8021X_EAPOL */
1111 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1112 if (ssid->auth_alg) {
1113 algs = ssid->auth_alg;
1114 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1115 "0x%x", algs);
1116 }
1117
1118 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1119 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1120 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1121 WPA_KEY_MGMT_FT_IEEE8021X |
1122 WPA_KEY_MGMT_FT_PSK |
1123 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1124 WPA_KEY_MGMT_PSK_SHA256))) {
1125 int try_opportunistic;
1126 try_opportunistic = ssid->proactive_key_caching &&
1127 (ssid->proto & WPA_PROTO_RSN);
1128 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1129 wpa_s->current_ssid,
1130 try_opportunistic) == 0)
1131 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1132 wpa_ie_len = sizeof(wpa_ie);
1133 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1134 wpa_ie, &wpa_ie_len)) {
1135 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1136 "key management and encryption suites");
1137 return;
1138 }
1139 } else if (ssid->key_mgmt &
1140 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1141 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
1142 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1143 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
1144 wpa_ie_len = sizeof(wpa_ie);
1145 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1146 wpa_ie, &wpa_ie_len)) {
1147 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1148 "key management and encryption suites (no "
1149 "scan results)");
1150 return;
1151 }
1152 #ifdef CONFIG_WPS
1153 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1154 struct wpabuf *wps_ie;
1155 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1156 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1157 wpa_ie_len = wpabuf_len(wps_ie);
1158 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1159 } else
1160 wpa_ie_len = 0;
1161 wpabuf_free(wps_ie);
1162 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1163 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1164 params.wps = WPS_MODE_PRIVACY;
1165 else
1166 params.wps = WPS_MODE_OPEN;
1167 #endif /* CONFIG_WPS */
1168 } else {
1169 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1170 wpa_ie_len = 0;
1171 }
1172
1173 #ifdef CONFIG_P2P
1174 if (wpa_s->global->p2p) {
1175 u8 *pos;
1176 size_t len;
1177 int res;
1178 int p2p_group;
1179 p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
1180 pos = wpa_ie + wpa_ie_len;
1181 len = sizeof(wpa_ie) - wpa_ie_len;
1182 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
1183 if (res >= 0)
1184 wpa_ie_len += res;
1185 }
1186
1187 wpa_s->cross_connect_disallowed = 0;
1188 if (bss) {
1189 struct wpabuf *p2p;
1190 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1191 if (p2p) {
1192 wpa_s->cross_connect_disallowed =
1193 p2p_get_cross_connect_disallowed(p2p);
1194 wpabuf_free(p2p);
1195 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1196 "connection",
1197 wpa_s->cross_connect_disallowed ?
1198 "disallows" : "allows");
1199 }
1200 }
1201 #endif /* CONFIG_P2P */
1202
1203 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1204 use_crypt = 1;
1205 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1206 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1207 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1208 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1209 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1210 use_crypt = 0;
1211 if (wpa_set_wep_keys(wpa_s, ssid)) {
1212 use_crypt = 1;
1213 wep_keys_set = 1;
1214 }
1215 }
1216 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1217 use_crypt = 0;
1218
1219 #ifdef IEEE8021X_EAPOL
1220 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1221 if ((ssid->eapol_flags &
1222 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1223 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1224 !wep_keys_set) {
1225 use_crypt = 0;
1226 } else {
1227 /* Assume that dynamic WEP-104 keys will be used and
1228 * set cipher suites in order for drivers to expect
1229 * encryption. */
1230 cipher_pairwise = cipher_group = CIPHER_WEP104;
1231 }
1232 }
1233 #endif /* IEEE8021X_EAPOL */
1234
1235 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1236 /* Set the key before (and later after) association */
1237 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1238 }
1239
1240 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1241 if (bss) {
1242 params.bssid = bss->bssid;
1243 params.ssid = bss->ssid;
1244 params.ssid_len = bss->ssid_len;
1245 params.freq = bss->freq;
1246 } else {
1247 params.ssid = ssid->ssid;
1248 params.ssid_len = ssid->ssid_len;
1249 }
1250 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1251 params.freq == 0)
1252 params.freq = ssid->frequency; /* Initial channel for IBSS */
1253 params.wpa_ie = wpa_ie;
1254 params.wpa_ie_len = wpa_ie_len;
1255 params.pairwise_suite = cipher_pairwise;
1256 params.group_suite = cipher_group;
1257 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1258 params.auth_alg = algs;
1259 params.mode = ssid->mode;
1260 for (i = 0; i < NUM_WEP_KEYS; i++) {
1261 if (ssid->wep_key_len[i])
1262 params.wep_key[i] = ssid->wep_key[i];
1263 params.wep_key_len[i] = ssid->wep_key_len[i];
1264 }
1265 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1266
1267 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1268 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1269 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1270 params.passphrase = ssid->passphrase;
1271 if (ssid->psk_set)
1272 params.psk = ssid->psk;
1273 }
1274
1275 params.drop_unencrypted = use_crypt;
1276
1277 #ifdef CONFIG_IEEE80211W
1278 params.mgmt_frame_protection = ssid->ieee80211w;
1279 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1280 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1281 struct wpa_ie_data ie;
1282 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1283 ie.capabilities &
1284 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1285 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1286 "MFP: require MFP");
1287 params.mgmt_frame_protection =
1288 MGMT_FRAME_PROTECTION_REQUIRED;
1289 }
1290 }
1291 #endif /* CONFIG_IEEE80211W */
1292
1293 #ifdef CONFIG_P2P
1294 if (wpa_s->global->p2p &&
1295 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE))
1296 params.p2p = 1;
1297 #endif /* CONFIG_P2P */
1298
1299 if (wpa_s->parent->set_sta_uapsd)
1300 params.uapsd = wpa_s->parent->sta_uapsd;
1301 else
1302 params.uapsd = -1;
1303
1304 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1305 ret = ieee80211_sta_associate(wpa_s, &params);
1306 else
1307 ret = wpa_drv_associate(wpa_s, &params);
1308 if (ret < 0) {
1309 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1310 "failed");
1311 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1312 /*
1313 * The driver is known to mean what is saying, so we
1314 * can stop right here; the association will not
1315 * succeed.
1316 */
1317 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1318 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1319 return;
1320 }
1321 /* try to continue anyway; new association will be tried again
1322 * after timeout */
1323 assoc_failed = 1;
1324 }
1325
1326 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1327 /* Set the key after the association just in case association
1328 * cleared the previously configured key. */
1329 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1330 /* No need to timeout authentication since there is no key
1331 * management. */
1332 wpa_supplicant_cancel_auth_timeout(wpa_s);
1333 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1334 #ifdef CONFIG_IBSS_RSN
1335 } else if (ssid->mode == WPAS_MODE_IBSS &&
1336 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1337 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1338 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
1339 /*
1340 * RSN IBSS authentication is per-STA and we can disable the
1341 * per-BSSID authentication.
1342 */
1343 wpa_supplicant_cancel_auth_timeout(wpa_s);
1344 #endif /* CONFIG_IBSS_RSN */
1345 } else {
1346 /* Timeout for IEEE 802.11 authentication and association */
1347 int timeout = 60;
1348
1349 if (assoc_failed) {
1350 /* give IBSS a bit more time */
1351 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1352 } else if (wpa_s->conf->ap_scan == 1) {
1353 /* give IBSS a bit more time */
1354 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1355 }
1356 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1357 }
1358
1359 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1360 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1361 /* Set static WEP keys again */
1362 wpa_set_wep_keys(wpa_s, ssid);
1363 }
1364
1365 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1366 /*
1367 * Do not allow EAP session resumption between different
1368 * network configurations.
1369 */
1370 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1371 }
1372 old_ssid = wpa_s->current_ssid;
1373 wpa_s->current_ssid = ssid;
1374 wpa_s->current_bss = bss;
1375 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1376 wpa_supplicant_initiate_eapol(wpa_s);
1377 if (old_ssid != wpa_s->current_ssid)
1378 wpas_notify_network_changed(wpa_s);
1379 }
1380
1381
1382 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1383 const u8 *addr)
1384 {
1385 struct wpa_ssid *old_ssid;
1386
1387 wpa_clear_keys(wpa_s, addr);
1388 wpa_supplicant_mark_disassoc(wpa_s);
1389 old_ssid = wpa_s->current_ssid;
1390 wpa_s->current_ssid = NULL;
1391 wpa_s->current_bss = NULL;
1392 wpa_sm_set_config(wpa_s->wpa, NULL);
1393 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1394 if (old_ssid != wpa_s->current_ssid)
1395 wpas_notify_network_changed(wpa_s);
1396 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1397 }
1398
1399
1400 /**
1401 * wpa_supplicant_disassociate - Disassociate the current connection
1402 * @wpa_s: Pointer to wpa_supplicant data
1403 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1404 *
1405 * This function is used to request %wpa_supplicant to disassociate with the
1406 * current AP.
1407 */
1408 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1409 int reason_code)
1410 {
1411 u8 *addr = NULL;
1412
1413 if (!is_zero_ether_addr(wpa_s->bssid)) {
1414 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1415 ieee80211_sta_disassociate(wpa_s, reason_code);
1416 else
1417 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1418 addr = wpa_s->bssid;
1419 }
1420
1421 wpa_supplicant_clear_connection(wpa_s, addr);
1422 }
1423
1424
1425 /**
1426 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1427 * @wpa_s: Pointer to wpa_supplicant data
1428 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1429 *
1430 * This function is used to request %wpa_supplicant to deauthenticate from the
1431 * current AP.
1432 */
1433 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1434 int reason_code)
1435 {
1436 u8 *addr = NULL;
1437
1438 if (!is_zero_ether_addr(wpa_s->bssid)) {
1439 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1440 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1441 else
1442 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1443 reason_code);
1444 addr = wpa_s->bssid;
1445 }
1446
1447 wpa_supplicant_clear_connection(wpa_s, addr);
1448 }
1449
1450
1451 /**
1452 * wpa_supplicant_enable_network - Mark a configured network as enabled
1453 * @wpa_s: wpa_supplicant structure for a network interface
1454 * @ssid: wpa_ssid structure for a configured network or %NULL
1455 *
1456 * Enables the specified network or all networks if no network specified.
1457 */
1458 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1459 struct wpa_ssid *ssid)
1460 {
1461 struct wpa_ssid *other_ssid;
1462 int was_disabled;
1463
1464 if (ssid == NULL) {
1465 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1466 other_ssid = other_ssid->next) {
1467 if (other_ssid->disabled == 2)
1468 continue; /* do not change persistent P2P group
1469 * data */
1470 if (other_ssid == wpa_s->current_ssid &&
1471 other_ssid->disabled)
1472 wpa_s->reassociate = 1;
1473
1474 was_disabled = other_ssid->disabled;
1475
1476 other_ssid->disabled = 0;
1477
1478 if (was_disabled != other_ssid->disabled)
1479 wpas_notify_network_enabled_changed(
1480 wpa_s, other_ssid);
1481 }
1482 if (wpa_s->reassociate)
1483 wpa_supplicant_req_scan(wpa_s, 0, 0);
1484 } else if (ssid->disabled && ssid->disabled != 2) {
1485 if (wpa_s->current_ssid == NULL) {
1486 /*
1487 * Try to reassociate since there is no current
1488 * configuration and a new network was made available.
1489 */
1490 wpa_s->reassociate = 1;
1491 wpa_supplicant_req_scan(wpa_s, 0, 0);
1492 }
1493
1494 was_disabled = ssid->disabled;
1495
1496 ssid->disabled = 0;
1497
1498 if (was_disabled != ssid->disabled)
1499 wpas_notify_network_enabled_changed(wpa_s, ssid);
1500 }
1501 }
1502
1503
1504 /**
1505 * wpa_supplicant_disable_network - Mark a configured network as disabled
1506 * @wpa_s: wpa_supplicant structure for a network interface
1507 * @ssid: wpa_ssid structure for a configured network or %NULL
1508 *
1509 * Disables the specified network or all networks if no network specified.
1510 */
1511 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1512 struct wpa_ssid *ssid)
1513 {
1514 struct wpa_ssid *other_ssid;
1515 int was_disabled;
1516
1517 if (ssid == NULL) {
1518 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1519 other_ssid = other_ssid->next) {
1520 was_disabled = other_ssid->disabled;
1521 if (was_disabled == 2)
1522 continue; /* do not change persistent P2P group
1523 * data */
1524
1525 other_ssid->disabled = 1;
1526
1527 if (was_disabled != other_ssid->disabled)
1528 wpas_notify_network_enabled_changed(
1529 wpa_s, other_ssid);
1530 }
1531 if (wpa_s->current_ssid)
1532 wpa_supplicant_disassociate(
1533 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1534 } else if (ssid->disabled != 2) {
1535 if (ssid == wpa_s->current_ssid)
1536 wpa_supplicant_disassociate(
1537 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1538
1539 was_disabled = ssid->disabled;
1540
1541 ssid->disabled = 1;
1542
1543 if (was_disabled != ssid->disabled)
1544 wpas_notify_network_enabled_changed(wpa_s, ssid);
1545 }
1546 }
1547
1548
1549 /**
1550 * wpa_supplicant_select_network - Attempt association with a network
1551 * @wpa_s: wpa_supplicant structure for a network interface
1552 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1553 */
1554 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1555 struct wpa_ssid *ssid)
1556 {
1557
1558 struct wpa_ssid *other_ssid;
1559
1560 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1561 wpa_supplicant_disassociate(
1562 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1563
1564 /*
1565 * Mark all other networks disabled or mark all networks enabled if no
1566 * network specified.
1567 */
1568 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1569 other_ssid = other_ssid->next) {
1570 int was_disabled = other_ssid->disabled;
1571 if (was_disabled == 2)
1572 continue; /* do not change persistent P2P group data */
1573
1574 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1575
1576 if (was_disabled != other_ssid->disabled)
1577 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1578 }
1579 wpa_s->disconnected = 0;
1580 wpa_s->reassociate = 1;
1581 wpa_supplicant_req_scan(wpa_s, 0, 0);
1582
1583 if (ssid)
1584 wpas_notify_network_selected(wpa_s, ssid);
1585 }
1586
1587
1588 /**
1589 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1590 * @wpa_s: wpa_supplicant structure for a network interface
1591 * @ap_scan: AP scan mode
1592 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1593 *
1594 */
1595 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1596 {
1597
1598 int old_ap_scan;
1599
1600 if (ap_scan < 0 || ap_scan > 2)
1601 return -1;
1602
1603 old_ap_scan = wpa_s->conf->ap_scan;
1604 wpa_s->conf->ap_scan = ap_scan;
1605
1606 if (old_ap_scan != wpa_s->conf->ap_scan)
1607 wpas_notify_ap_scan_changed(wpa_s);
1608
1609 return 0;
1610 }
1611
1612
1613 /**
1614 * wpa_supplicant_set_debug_params - Set global debug params
1615 * @global: wpa_global structure
1616 * @debug_level: debug level
1617 * @debug_timestamp: determines if show timestamp in debug data
1618 * @debug_show_keys: determines if show keys in debug data
1619 * Returns: 0 if succeed or -1 if debug_level has wrong value
1620 */
1621 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1622 int debug_timestamp, int debug_show_keys)
1623 {
1624
1625 int old_level, old_timestamp, old_show_keys;
1626
1627 /* check for allowed debuglevels */
1628 if (debug_level != MSG_MSGDUMP &&
1629 debug_level != MSG_DEBUG &&
1630 debug_level != MSG_INFO &&
1631 debug_level != MSG_WARNING &&
1632 debug_level != MSG_ERROR)
1633 return -1;
1634
1635 old_level = wpa_debug_level;
1636 old_timestamp = wpa_debug_timestamp;
1637 old_show_keys = wpa_debug_show_keys;
1638
1639 wpa_debug_level = debug_level;
1640 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1641 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1642
1643 if (wpa_debug_level != old_level)
1644 wpas_notify_debug_level_changed(global);
1645 if (wpa_debug_timestamp != old_timestamp)
1646 wpas_notify_debug_timestamp_changed(global);
1647 if (wpa_debug_show_keys != old_show_keys)
1648 wpas_notify_debug_show_keys_changed(global);
1649
1650 return 0;
1651 }
1652
1653
1654 /**
1655 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1656 * @wpa_s: Pointer to wpa_supplicant data
1657 * Returns: A pointer to the current network structure or %NULL on failure
1658 */
1659 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1660 {
1661 struct wpa_ssid *entry;
1662 u8 ssid[MAX_SSID_LEN];
1663 int res;
1664 size_t ssid_len;
1665 u8 bssid[ETH_ALEN];
1666 int wired;
1667
1668 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1669 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1670 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1671 "MLME");
1672 return NULL;
1673 }
1674 } else {
1675 res = wpa_drv_get_ssid(wpa_s, ssid);
1676 if (res < 0) {
1677 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1678 "driver");
1679 return NULL;
1680 }
1681 ssid_len = res;
1682 }
1683
1684 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1685 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1686 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1687 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
1688 "driver");
1689 return NULL;
1690 }
1691
1692 wired = wpa_s->conf->ap_scan == 0 &&
1693 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1694
1695 entry = wpa_s->conf->ssid;
1696 while (entry) {
1697 if (!entry->disabled &&
1698 ((ssid_len == entry->ssid_len &&
1699 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1700 (!entry->bssid_set ||
1701 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1702 return entry;
1703 #ifdef CONFIG_WPS
1704 if (!entry->disabled &&
1705 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1706 (entry->ssid == NULL || entry->ssid_len == 0) &&
1707 (!entry->bssid_set ||
1708 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1709 return entry;
1710 #endif /* CONFIG_WPS */
1711 entry = entry->next;
1712 }
1713
1714 return NULL;
1715 }
1716
1717
1718 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1719 const char *name)
1720 {
1721 int i;
1722 size_t len;
1723 const char *pos, *driver = name;
1724
1725 if (wpa_s == NULL)
1726 return -1;
1727
1728 if (wpa_drivers[0] == NULL) {
1729 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
1730 "wpa_supplicant");
1731 return -1;
1732 }
1733
1734 if (name == NULL) {
1735 /* default to first driver in the list */
1736 wpa_s->driver = wpa_drivers[0];
1737 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
1738 return 0;
1739 }
1740
1741 do {
1742 pos = os_strchr(driver, ',');
1743 if (pos)
1744 len = pos - driver;
1745 else
1746 len = os_strlen(driver);
1747
1748 for (i = 0; wpa_drivers[i]; i++) {
1749 if (os_strlen(wpa_drivers[i]->name) == len &&
1750 os_strncmp(driver, wpa_drivers[i]->name, len) ==
1751 0) {
1752 wpa_s->driver = wpa_drivers[i];
1753 wpa_s->global_drv_priv =
1754 wpa_s->global->drv_priv[i];
1755 return 0;
1756 }
1757 }
1758
1759 driver = pos + 1;
1760 } while (pos);
1761
1762 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
1763 return -1;
1764 }
1765
1766
1767 /**
1768 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1769 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1770 * with struct wpa_driver_ops::init()
1771 * @src_addr: Source address of the EAPOL frame
1772 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1773 * @len: Length of the EAPOL data
1774 *
1775 * This function is called for each received EAPOL frame. Most driver
1776 * interfaces rely on more generic OS mechanism for receiving frames through
1777 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1778 * take care of received EAPOL frames and deliver them to the core supplicant
1779 * code by calling this function.
1780 */
1781 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1782 const u8 *buf, size_t len)
1783 {
1784 struct wpa_supplicant *wpa_s = ctx;
1785
1786 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1787 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1788
1789 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1790 /*
1791 * There is possible race condition between receiving the
1792 * association event and the EAPOL frame since they are coming
1793 * through different paths from the driver. In order to avoid
1794 * issues in trying to process the EAPOL frame before receiving
1795 * association information, lets queue it for processing until
1796 * the association event is received.
1797 */
1798 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
1799 "of received EAPOL frame");
1800 wpabuf_free(wpa_s->pending_eapol_rx);
1801 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1802 if (wpa_s->pending_eapol_rx) {
1803 os_get_time(&wpa_s->pending_eapol_rx_time);
1804 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1805 ETH_ALEN);
1806 }
1807 return;
1808 }
1809
1810 #ifdef CONFIG_AP
1811 if (wpa_s->ap_iface) {
1812 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1813 return;
1814 }
1815 #endif /* CONFIG_AP */
1816
1817 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1818 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
1819 "no key management is configured");
1820 return;
1821 }
1822
1823 if (wpa_s->eapol_received == 0 &&
1824 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
1825 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1826 wpa_s->wpa_state != WPA_COMPLETED) &&
1827 (wpa_s->current_ssid == NULL ||
1828 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
1829 /* Timeout for completing IEEE 802.1X and WPA authentication */
1830 wpa_supplicant_req_auth_timeout(
1831 wpa_s,
1832 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1833 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1834 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
1835 70 : 10, 0);
1836 }
1837 wpa_s->eapol_received++;
1838
1839 if (wpa_s->countermeasures) {
1840 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
1841 "EAPOL packet");
1842 return;
1843 }
1844
1845 #ifdef CONFIG_IBSS_RSN
1846 if (wpa_s->current_ssid &&
1847 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
1848 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1849 return;
1850 }
1851 #endif /* CONFIG_IBSS_RSN */
1852
1853 /* Source address of the incoming EAPOL frame could be compared to the
1854 * current BSSID. However, it is possible that a centralized
1855 * Authenticator could be using another MAC address than the BSSID of
1856 * an AP, so just allow any address to be used for now. The replies are
1857 * still sent to the current BSSID (if available), though. */
1858
1859 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1860 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1861 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1862 return;
1863 wpa_drv_poll(wpa_s);
1864 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1865 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1866 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1867 /*
1868 * Set portValid = TRUE here since we are going to skip 4-way
1869 * handshake processing which would normally set portValid. We
1870 * need this to allow the EAPOL state machines to be completed
1871 * without going through EAPOL-Key handshake.
1872 */
1873 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1874 }
1875 }
1876
1877
1878 /**
1879 * wpa_supplicant_driver_init - Initialize driver interface parameters
1880 * @wpa_s: Pointer to wpa_supplicant data
1881 * Returns: 0 on success, -1 on failure
1882 *
1883 * This function is called to initialize driver interface parameters.
1884 * wpa_drv_init() must have been called before this function to initialize the
1885 * driver interface.
1886 */
1887 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1888 {
1889 static int interface_count = 0;
1890
1891 if (wpa_s->driver->send_eapol) {
1892 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1893 if (addr)
1894 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1895 } else if (!(wpa_s->drv_flags &
1896 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
1897 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1898 wpa_drv_get_mac_addr(wpa_s),
1899 ETH_P_EAPOL,
1900 wpa_supplicant_rx_eapol, wpa_s, 0);
1901 if (wpa_s->l2 == NULL)
1902 return -1;
1903 } else {
1904 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1905 if (addr)
1906 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1907 }
1908
1909 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1910 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
1911 return -1;
1912 }
1913
1914 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
1915 MAC2STR(wpa_s->own_addr));
1916
1917 if (wpa_s->bridge_ifname[0]) {
1918 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
1919 "interface '%s'", wpa_s->bridge_ifname);
1920 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1921 wpa_s->own_addr,
1922 ETH_P_EAPOL,
1923 wpa_supplicant_rx_eapol, wpa_s,
1924 0);
1925 if (wpa_s->l2_br == NULL) {
1926 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
1927 "connection for the bridge interface '%s'",
1928 wpa_s->bridge_ifname);
1929 return -1;
1930 }
1931 }
1932
1933 wpa_clear_keys(wpa_s, NULL);
1934
1935 /* Make sure that TKIP countermeasures are not left enabled (could
1936 * happen if wpa_supplicant is killed during countermeasures. */
1937 wpa_drv_set_countermeasures(wpa_s, 0);
1938
1939 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1940 wpa_drv_flush_pmkid(wpa_s);
1941
1942 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
1943 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
1944 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1945 interface_count++;
1946 } else
1947 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
1948
1949 return 0;
1950 }
1951
1952
1953 static int wpa_supplicant_daemon(const char *pid_file)
1954 {
1955 wpa_printf(MSG_DEBUG, "Daemonize..");
1956 return os_daemonize(pid_file);
1957 }
1958
1959
1960 static struct wpa_supplicant * wpa_supplicant_alloc(void)
1961 {
1962 struct wpa_supplicant *wpa_s;
1963
1964 wpa_s = os_zalloc(sizeof(*wpa_s));
1965 if (wpa_s == NULL)
1966 return NULL;
1967 wpa_s->scan_req = 1;
1968 wpa_s->new_connection = 1;
1969 wpa_s->parent = wpa_s;
1970
1971 return wpa_s;
1972 }
1973
1974
1975 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1976 struct wpa_interface *iface)
1977 {
1978 const char *ifname, *driver;
1979 struct wpa_driver_capa capa;
1980
1981 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1982 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1983 iface->confname ? iface->confname : "N/A",
1984 iface->driver ? iface->driver : "default",
1985 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1986 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1987
1988 if (iface->confname) {
1989 #ifdef CONFIG_BACKEND_FILE
1990 wpa_s->confname = os_rel2abs_path(iface->confname);
1991 if (wpa_s->confname == NULL) {
1992 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1993 "for configuration file '%s'.",
1994 iface->confname);
1995 return -1;
1996 }
1997 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1998 iface->confname, wpa_s->confname);
1999 #else /* CONFIG_BACKEND_FILE */
2000 wpa_s->confname = os_strdup(iface->confname);
2001 #endif /* CONFIG_BACKEND_FILE */
2002 wpa_s->conf = wpa_config_read(wpa_s->confname);
2003 if (wpa_s->conf == NULL) {
2004 wpa_printf(MSG_ERROR, "Failed to read or parse "
2005 "configuration '%s'.", wpa_s->confname);
2006 return -1;
2007 }
2008
2009 /*
2010 * Override ctrl_interface and driver_param if set on command
2011 * line.
2012 */
2013 if (iface->ctrl_interface) {
2014 os_free(wpa_s->conf->ctrl_interface);
2015 wpa_s->conf->ctrl_interface =
2016 os_strdup(iface->ctrl_interface);
2017 }
2018
2019 if (iface->driver_param) {
2020 os_free(wpa_s->conf->driver_param);
2021 wpa_s->conf->driver_param =
2022 os_strdup(iface->driver_param);
2023 }
2024 } else
2025 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2026 iface->driver_param);
2027
2028 if (wpa_s->conf == NULL) {
2029 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2030 return -1;
2031 }
2032
2033 if (iface->ifname == NULL) {
2034 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2035 return -1;
2036 }
2037 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2038 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2039 iface->ifname);
2040 return -1;
2041 }
2042 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2043
2044 if (iface->bridge_ifname) {
2045 if (os_strlen(iface->bridge_ifname) >=
2046 sizeof(wpa_s->bridge_ifname)) {
2047 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2048 "name '%s'.", iface->bridge_ifname);
2049 return -1;
2050 }
2051 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2052 sizeof(wpa_s->bridge_ifname));
2053 }
2054
2055 /* RSNA Supplicant Key Management - INITIALIZE */
2056 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2057 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2058
2059 /* Initialize driver interface and register driver event handler before
2060 * L2 receive handler so that association events are processed before
2061 * EAPOL-Key packets if both become available for the same select()
2062 * call. */
2063 driver = iface->driver;
2064 next_driver:
2065 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2066 return -1;
2067
2068 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2069 if (wpa_s->drv_priv == NULL) {
2070 const char *pos;
2071 pos = driver ? os_strchr(driver, ',') : NULL;
2072 if (pos) {
2073 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2074 "driver interface - try next driver wrapper");
2075 driver = pos + 1;
2076 goto next_driver;
2077 }
2078 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2079 "interface");
2080 return -1;
2081 }
2082 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2083 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2084 "driver_param '%s'", wpa_s->conf->driver_param);
2085 return -1;
2086 }
2087
2088 ifname = wpa_drv_get_ifname(wpa_s);
2089 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2090 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2091 "interface name with '%s'", ifname);
2092 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2093 }
2094
2095 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2096 return -1;
2097
2098 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2099 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2100 NULL);
2101 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2102
2103 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2104 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2105 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2106 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2107 "dot11RSNAConfigPMKLifetime");
2108 return -1;
2109 }
2110
2111 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2112 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2113 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2114 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2115 "dot11RSNAConfigPMKReauthThreshold");
2116 return -1;
2117 }
2118
2119 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2120 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2121 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2122 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2123 "dot11RSNAConfigSATimeout");
2124 return -1;
2125 }
2126
2127 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2128 wpa_s->drv_flags = capa.flags;
2129 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
2130 if (ieee80211_sta_init(wpa_s))
2131 return -1;
2132 }
2133 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2134 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2135 wpa_s->max_stations = capa.max_stations;
2136 }
2137 if (wpa_s->max_remain_on_chan == 0)
2138 wpa_s->max_remain_on_chan = 1000;
2139
2140 if (wpa_supplicant_driver_init(wpa_s) < 0)
2141 return -1;
2142
2143 #ifdef CONFIG_TDLS
2144 if (wpa_tdls_init(wpa_s->wpa))
2145 return -1;
2146 #endif /* CONFIG_TDLS */
2147
2148 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2149 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2150 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2151 return -1;
2152 }
2153
2154 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2155
2156 if (wpas_wps_init(wpa_s))
2157 return -1;
2158
2159 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2160 return -1;
2161 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2162
2163 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2164 if (wpa_s->ctrl_iface == NULL) {
2165 wpa_printf(MSG_ERROR,
2166 "Failed to initialize control interface '%s'.\n"
2167 "You may have another wpa_supplicant process "
2168 "already running or the file was\n"
2169 "left by an unclean termination of wpa_supplicant "
2170 "in which case you will need\n"
2171 "to manually remove this file before starting "
2172 "wpa_supplicant again.\n",
2173 wpa_s->conf->ctrl_interface);
2174 return -1;
2175 }
2176
2177 #ifdef CONFIG_IBSS_RSN
2178 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2179 if (!wpa_s->ibss_rsn) {
2180 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to init IBSS RSN");
2181 return -1;
2182 }
2183 #endif /* CONFIG_IBSS_RSN */
2184
2185 #ifdef CONFIG_P2P
2186 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2187 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2188 return -1;
2189 }
2190 #endif /* CONFIG_P2P */
2191
2192 if (wpa_bss_init(wpa_s) < 0)
2193 return -1;
2194
2195 return 0;
2196 }
2197
2198
2199 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2200 int notify)
2201 {
2202 if (wpa_s->drv_priv) {
2203 wpa_supplicant_deauthenticate(wpa_s,
2204 WLAN_REASON_DEAUTH_LEAVING);
2205
2206 wpa_drv_set_countermeasures(wpa_s, 0);
2207 wpa_clear_keys(wpa_s, NULL);
2208 }
2209
2210 wpa_supplicant_cleanup(wpa_s);
2211
2212 if (notify)
2213 wpas_notify_iface_removed(wpa_s);
2214
2215 if (wpa_s->drv_priv)
2216 wpa_drv_deinit(wpa_s);
2217 }
2218
2219
2220 /**
2221 * wpa_supplicant_add_iface - Add a new network interface
2222 * @global: Pointer to global data from wpa_supplicant_init()
2223 * @iface: Interface configuration options
2224 * Returns: Pointer to the created interface or %NULL on failure
2225 *
2226 * This function is used to add new network interfaces for %wpa_supplicant.
2227 * This can be called before wpa_supplicant_run() to add interfaces before the
2228 * main event loop has been started. In addition, new interfaces can be added
2229 * dynamically while %wpa_supplicant is already running. This could happen,
2230 * e.g., when a hotplug network adapter is inserted.
2231 */
2232 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2233 struct wpa_interface *iface)
2234 {
2235 struct wpa_supplicant *wpa_s;
2236 struct wpa_interface t_iface;
2237 struct wpa_ssid *ssid;
2238
2239 if (global == NULL || iface == NULL)
2240 return NULL;
2241
2242 wpa_s = wpa_supplicant_alloc();
2243 if (wpa_s == NULL)
2244 return NULL;
2245
2246 wpa_s->global = global;
2247
2248 t_iface = *iface;
2249 if (global->params.override_driver) {
2250 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2251 "('%s' -> '%s')",
2252 iface->driver, global->params.override_driver);
2253 t_iface.driver = global->params.override_driver;
2254 }
2255 if (global->params.override_ctrl_interface) {
2256 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2257 "ctrl_interface ('%s' -> '%s')",
2258 iface->ctrl_interface,
2259 global->params.override_ctrl_interface);
2260 t_iface.ctrl_interface =
2261 global->params.override_ctrl_interface;
2262 }
2263 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2264 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2265 iface->ifname);
2266 wpa_supplicant_deinit_iface(wpa_s, 0);
2267 os_free(wpa_s);
2268 return NULL;
2269 }
2270
2271 /* Notify the control interfaces about new iface */
2272 if (wpas_notify_iface_added(wpa_s)) {
2273 wpa_supplicant_deinit_iface(wpa_s, 1);
2274 os_free(wpa_s);
2275 return NULL;
2276 }
2277
2278 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2279 wpas_notify_network_added(wpa_s, ssid);
2280
2281 wpa_s->next = global->ifaces;
2282 global->ifaces = wpa_s;
2283
2284 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2285
2286 return wpa_s;
2287 }
2288
2289
2290 /**
2291 * wpa_supplicant_remove_iface - Remove a network interface
2292 * @global: Pointer to global data from wpa_supplicant_init()
2293 * @wpa_s: Pointer to the network interface to be removed
2294 * Returns: 0 if interface was removed, -1 if interface was not found
2295 *
2296 * This function can be used to dynamically remove network interfaces from
2297 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2298 * addition, this function is used to remove all remaining interfaces when
2299 * %wpa_supplicant is terminated.
2300 */
2301 int wpa_supplicant_remove_iface(struct wpa_global *global,
2302 struct wpa_supplicant *wpa_s)
2303 {
2304 struct wpa_supplicant *prev;
2305
2306 /* Remove interface from the global list of interfaces */
2307 prev = global->ifaces;
2308 if (prev == wpa_s) {
2309 global->ifaces = wpa_s->next;
2310 } else {
2311 while (prev && prev->next != wpa_s)
2312 prev = prev->next;
2313 if (prev == NULL)
2314 return -1;
2315 prev->next = wpa_s->next;
2316 }
2317
2318 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2319
2320 if (global->p2p_group_formation == wpa_s)
2321 global->p2p_group_formation = NULL;
2322 wpa_supplicant_deinit_iface(wpa_s, 1);
2323 os_free(wpa_s);
2324
2325 return 0;
2326 }
2327
2328
2329 /**
2330 * wpa_supplicant_get_iface - Get a new network interface
2331 * @global: Pointer to global data from wpa_supplicant_init()
2332 * @ifname: Interface name
2333 * Returns: Pointer to the interface or %NULL if not found
2334 */
2335 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2336 const char *ifname)
2337 {
2338 struct wpa_supplicant *wpa_s;
2339
2340 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2341 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2342 return wpa_s;
2343 }
2344 return NULL;
2345 }
2346
2347
2348 #ifndef CONFIG_NO_WPA_MSG
2349 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
2350 {
2351 struct wpa_supplicant *wpa_s = ctx;
2352 if (wpa_s == NULL)
2353 return NULL;
2354 return wpa_s->ifname;
2355 }
2356 #endif /* CONFIG_NO_WPA_MSG */
2357
2358
2359 /**
2360 * wpa_supplicant_init - Initialize %wpa_supplicant
2361 * @params: Parameters for %wpa_supplicant
2362 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2363 *
2364 * This function is used to initialize %wpa_supplicant. After successful
2365 * initialization, the returned data pointer can be used to add and remove
2366 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2367 */
2368 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2369 {
2370 struct wpa_global *global;
2371 int ret, i;
2372
2373 if (params == NULL)
2374 return NULL;
2375
2376 #ifndef CONFIG_NO_WPA_MSG
2377 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
2378 #endif /* CONFIG_NO_WPA_MSG */
2379
2380 wpa_debug_open_file(params->wpa_debug_file_path);
2381 if (params->wpa_debug_syslog)
2382 wpa_debug_open_syslog();
2383
2384 ret = eap_register_methods();
2385 if (ret) {
2386 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2387 if (ret == -2)
2388 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2389 "the same EAP type.");
2390 return NULL;
2391 }
2392
2393 global = os_zalloc(sizeof(*global));
2394 if (global == NULL)
2395 return NULL;
2396 dl_list_init(&global->p2p_srv_bonjour);
2397 dl_list_init(&global->p2p_srv_upnp);
2398 global->params.daemonize = params->daemonize;
2399 global->params.wait_for_monitor = params->wait_for_monitor;
2400 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2401 if (params->pid_file)
2402 global->params.pid_file = os_strdup(params->pid_file);
2403 if (params->ctrl_interface)
2404 global->params.ctrl_interface =
2405 os_strdup(params->ctrl_interface);
2406 if (params->override_driver)
2407 global->params.override_driver =
2408 os_strdup(params->override_driver);
2409 if (params->override_ctrl_interface)
2410 global->params.override_ctrl_interface =
2411 os_strdup(params->override_ctrl_interface);
2412 wpa_debug_level = global->params.wpa_debug_level =
2413 params->wpa_debug_level;
2414 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2415 params->wpa_debug_show_keys;
2416 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2417 params->wpa_debug_timestamp;
2418
2419 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
2420
2421 if (eloop_init()) {
2422 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2423 wpa_supplicant_deinit(global);
2424 return NULL;
2425 }
2426
2427 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2428 if (global->ctrl_iface == NULL) {
2429 wpa_supplicant_deinit(global);
2430 return NULL;
2431 }
2432
2433 if (wpas_notify_supplicant_initialized(global)) {
2434 wpa_supplicant_deinit(global);
2435 return NULL;
2436 }
2437
2438 for (i = 0; wpa_drivers[i]; i++)
2439 global->drv_count++;
2440 if (global->drv_count == 0) {
2441 wpa_printf(MSG_ERROR, "No drivers enabled");
2442 wpa_supplicant_deinit(global);
2443 return NULL;
2444 }
2445 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2446 if (global->drv_priv == NULL) {
2447 wpa_supplicant_deinit(global);
2448 return NULL;
2449 }
2450 for (i = 0; wpa_drivers[i]; i++) {
2451 if (!wpa_drivers[i]->global_init)
2452 continue;
2453 global->drv_priv[i] = wpa_drivers[i]->global_init();
2454 if (global->drv_priv[i] == NULL) {
2455 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2456 "'%s'", wpa_drivers[i]->name);
2457 wpa_supplicant_deinit(global);
2458 return NULL;
2459 }
2460 }
2461
2462 return global;
2463 }
2464
2465
2466 /**
2467 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2468 * @global: Pointer to global data from wpa_supplicant_init()
2469 * Returns: 0 after successful event loop run, -1 on failure
2470 *
2471 * This function starts the main event loop and continues running as long as
2472 * there are any remaining events. In most cases, this function is running as
2473 * long as the %wpa_supplicant process in still in use.
2474 */
2475 int wpa_supplicant_run(struct wpa_global *global)
2476 {
2477 struct wpa_supplicant *wpa_s;
2478
2479 if (global->params.daemonize &&
2480 wpa_supplicant_daemon(global->params.pid_file))
2481 return -1;
2482
2483 if (global->params.wait_for_monitor) {
2484 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2485 if (wpa_s->ctrl_iface)
2486 wpa_supplicant_ctrl_iface_wait(
2487 wpa_s->ctrl_iface);
2488 }
2489
2490 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2491 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
2492
2493 eloop_run();
2494
2495 return 0;
2496 }
2497
2498
2499 /**
2500 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2501 * @global: Pointer to global data from wpa_supplicant_init()
2502 *
2503 * This function is called to deinitialize %wpa_supplicant and to free all
2504 * allocated resources. Remaining network interfaces will also be removed.
2505 */
2506 void wpa_supplicant_deinit(struct wpa_global *global)
2507 {
2508 int i;
2509
2510 if (global == NULL)
2511 return;
2512
2513 #ifdef CONFIG_P2P
2514 wpas_p2p_deinit_global(global);
2515 #endif /* CONFIG_P2P */
2516
2517 while (global->ifaces)
2518 wpa_supplicant_remove_iface(global, global->ifaces);
2519
2520 if (global->ctrl_iface)
2521 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2522
2523 wpas_notify_supplicant_deinitialized(global);
2524
2525 eap_peer_unregister_methods();
2526 #ifdef CONFIG_AP
2527 eap_server_unregister_methods();
2528 #endif /* CONFIG_AP */
2529
2530 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
2531 if (!global->drv_priv[i])
2532 continue;
2533 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
2534 }
2535 os_free(global->drv_priv);
2536
2537 eloop_destroy();
2538
2539 if (global->params.pid_file) {
2540 os_daemonize_terminate(global->params.pid_file);
2541 os_free(global->params.pid_file);
2542 }
2543 os_free(global->params.ctrl_interface);
2544 os_free(global->params.override_driver);
2545 os_free(global->params.override_ctrl_interface);
2546
2547 os_free(global);
2548 wpa_debug_close_syslog();
2549 wpa_debug_close_file();
2550 }
2551
2552
2553 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
2554 {
2555 #ifdef CONFIG_WPS
2556 wpas_wps_update_config(wpa_s);
2557 #endif /* CONFIG_WPS */
2558
2559 #ifdef CONFIG_P2P
2560 wpas_p2p_update_config(wpa_s);
2561 #endif /* CONFIG_P2P */
2562
2563 wpa_s->conf->changed_parameters = 0;
2564 }
2565
2566
2567 void ieee80211_sta_free_hw_features(struct hostapd_hw_modes *hw_features,
2568 size_t num_hw_features)
2569 {
2570 size_t i;
2571
2572 if (hw_features == NULL)
2573 return;
2574
2575 for (i = 0; i < num_hw_features; i++) {
2576 os_free(hw_features[i].channels);
2577 os_free(hw_features[i].rates);
2578 }
2579
2580 os_free(hw_features);
2581 }
2582
2583
2584 static void add_freq(int *freqs, int *num_freqs, int freq)
2585 {
2586 int i;
2587
2588 for (i = 0; i < *num_freqs; i++) {
2589 if (freqs[i] == freq)
2590 return;
2591 }
2592
2593 freqs[*num_freqs] = freq;
2594 (*num_freqs)++;
2595 }
2596
2597
2598 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
2599 {
2600 struct wpa_bss *bss, *cbss;
2601 const int max_freqs = 10;
2602 int *freqs;
2603 int num_freqs = 0;
2604
2605 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
2606 if (freqs == NULL)
2607 return NULL;
2608
2609 cbss = wpa_s->current_bss;
2610
2611 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2612 if (bss == cbss)
2613 continue;
2614 if (bss->ssid_len == cbss->ssid_len &&
2615 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
2616 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
2617 add_freq(freqs, &num_freqs, bss->freq);
2618 if (num_freqs == max_freqs)
2619 break;
2620 }
2621 }
2622
2623 if (num_freqs == 0) {
2624 os_free(freqs);
2625 freqs = NULL;
2626 }
2627
2628 return freqs;
2629 }
2630
2631
2632 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
2633 {
2634 int timeout;
2635 int count;
2636 int *freqs = NULL;
2637
2638 /*
2639 * Add the failed BSSID into the blacklist and speed up next scan
2640 * attempt if there could be other APs that could accept association.
2641 * The current blacklist count indicates how many times we have tried
2642 * connecting to this AP and multiple attempts mean that other APs are
2643 * either not available or has already been tried, so that we can start
2644 * increasing the delay here to avoid constant scanning.
2645 */
2646 count = wpa_blacklist_add(wpa_s, bssid);
2647 if (count == 1 && wpa_s->current_bss) {
2648 /*
2649 * This BSS was not in the blacklist before. If there is
2650 * another BSS available for the same ESS, we should try that
2651 * next. Otherwise, we may as well try this one once more
2652 * before allowing other, likely worse, ESSes to be considered.
2653 */
2654 freqs = get_bss_freqs_in_ess(wpa_s);
2655 if (freqs) {
2656 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
2657 "has been seen; try it next");
2658 wpa_blacklist_add(wpa_s, bssid);
2659 /*
2660 * On the next scan, go through only the known channels
2661 * used in this ESS based on previous scans to speed up
2662 * common load balancing use case.
2663 */
2664 os_free(wpa_s->next_scan_freqs);
2665 wpa_s->next_scan_freqs = freqs;
2666 }
2667 }
2668
2669 switch (count) {
2670 case 1:
2671 timeout = 100;
2672 break;
2673 case 2:
2674 timeout = 500;
2675 break;
2676 case 3:
2677 timeout = 1000;
2678 break;
2679 default:
2680 timeout = 5000;
2681 }
2682
2683 /*
2684 * TODO: if more than one possible AP is available in scan results,
2685 * could try the other ones before requesting a new scan.
2686 */
2687 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
2688 1000 * (timeout % 1000));
2689 }
Unnamed repository; edit this file 'description' to name the repository.