3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_server/eap_methods.h"
25 #include "rsn_supp/wpa.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
31 #include "ctrl_iface.h"
32 #include "pcsc_funcs.h"
33 #include "common/version.h"
34 #include "rsn_supp/preauth.h"
35 #include "rsn_supp/pmksa_cache.h"
36 #include "common/wpa_ctrl.h"
38 #include "common/ieee802_11_defs.h"
40 #include "blacklist.h"
41 #include "wpas_glue.h"
42 #include "wps_supplicant.h"
46 #include "p2p_supplicant.h"
52 const char *wpa_supplicant_version
=
53 "wpa_supplicant v" VERSION_STR
"\n"
54 "Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors";
56 const char *wpa_supplicant_license
=
57 "This program is free software. You can distribute it and/or modify it\n"
58 "under the terms of the GNU General Public License version 2.\n"
60 "Alternatively, this software may be distributed under the terms of the\n"
61 "BSD license. See README and COPYING for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1
=
71 "This program is free software; you can redistribute it and/or modify\n"
72 "it under the terms of the GNU General Public License version 2 as\n"
73 "published by the Free Software Foundation.\n"
75 "This program is distributed in the hope that it will be useful,\n"
76 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
77 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
78 "GNU General Public License for more details.\n"
80 const char *wpa_supplicant_full_license2
=
81 "You should have received a copy of the GNU General Public License\n"
82 "along with this program; if not, write to the Free Software\n"
83 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
85 "Alternatively, this software may be distributed under the terms of the\n"
88 "Redistribution and use in source and binary forms, with or without\n"
89 "modification, are permitted provided that the following conditions are\n"
92 const char *wpa_supplicant_full_license3
=
93 "1. Redistributions of source code must retain the above copyright\n"
94 " notice, this list of conditions and the following disclaimer.\n"
96 "2. Redistributions in binary form must reproduce the above copyright\n"
97 " notice, this list of conditions and the following disclaimer in the\n"
98 " documentation and/or other materials provided with the distribution.\n"
100 const char *wpa_supplicant_full_license4
=
101 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
102 " names of its contributors may be used to endorse or promote products\n"
103 " derived from this software without specific prior written permission.\n"
105 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
106 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
107 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
108 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
109 const char *wpa_supplicant_full_license5
=
110 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
111 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
112 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
113 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
114 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
115 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
116 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118 #endif /* CONFIG_NO_STDOUT_DEBUG */
120 extern int wpa_debug_level
;
121 extern int wpa_debug_show_keys
;
122 extern int wpa_debug_timestamp
;
123 extern struct wpa_driver_ops
*wpa_drivers
[];
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
130 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
131 if (ssid
->wep_key_len
[i
] == 0)
135 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
136 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
137 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
144 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
145 struct wpa_ssid
*ssid
)
152 /* IBSS/WPA-None uses only one key (Group) for both receiving and
153 * sending unicast and multicast packets. */
155 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
156 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
157 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
161 if (!ssid
->psk_set
) {
162 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
167 switch (wpa_s
->group_cipher
) {
168 case WPA_CIPHER_CCMP
:
169 os_memcpy(key
, ssid
->psk
, 16);
173 case WPA_CIPHER_TKIP
:
174 /* WPA-None uses the same Michael MIC key for both TX and RX */
175 os_memcpy(key
, ssid
->psk
, 16 + 8);
176 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
181 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
182 "WPA-None", wpa_s
->group_cipher
);
186 /* TODO: should actually remember the previously used seq#, both for TX
187 * and RX from each STA.. */
189 return wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
193 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
195 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
196 const u8
*bssid
= wpa_s
->bssid
;
197 if (is_zero_ether_addr(bssid
))
198 bssid
= wpa_s
->pending_bssid
;
199 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
201 wpa_blacklist_add(wpa_s
, bssid
);
202 wpa_sm_notify_disassoc(wpa_s
->wpa
);
203 wpa_supplicant_disassociate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
204 wpa_s
->reassociate
= 1;
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
210 wpa_supplicant_req_scan(wpa_s
, 1, 0);
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
220 * This function is used to schedule a timeout for the current authentication
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
226 if (wpa_s
->conf
&& wpa_s
->conf
->ap_scan
== 0 &&
227 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
230 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
231 "%d usec", sec
, usec
);
232 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
233 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
247 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
249 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf
;
264 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid
->mode
== WPAS_MODE_IBSS
&&
268 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
269 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
274 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
275 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
276 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
279 #endif /* CONFIG_IBSS_RSN */
281 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
282 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
284 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
285 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
286 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
288 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
290 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
291 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
292 eapol_conf
.accept_802_1x_keys
= 1;
293 eapol_conf
.required_keys
= 0;
294 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
295 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
297 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
298 eapol_conf
.required_keys
|=
299 EAPOL_REQUIRE_KEY_BROADCAST
;
302 if (wpa_s
->conf
&& (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
303 eapol_conf
.required_keys
= 0;
306 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
307 eapol_conf
.workaround
= ssid
->eap_workaround
;
308 eapol_conf
.eap_disabled
=
309 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
311 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
312 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
313 #endif /* IEEE8021X_EAPOL */
318 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
319 * @wpa_s: Pointer to wpa_supplicant data
320 * @ssid: Configuration data for the network
322 * This function is used to configure WPA state machine and related parameters
323 * to a mode where WPA is not enabled. This is called as part of the
324 * authentication configuration when the selected network does not use WPA.
326 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
327 struct wpa_ssid
*ssid
)
331 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
332 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
333 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
334 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
336 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
337 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
338 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
339 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
340 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
341 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
342 wpa_s
->mgmt_group_cipher
= 0;
344 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
345 if (ssid
->wep_key_len
[i
] > 5) {
346 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
347 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
349 } else if (ssid
->wep_key_len
[i
] > 0) {
350 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
351 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
356 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
357 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
358 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
359 wpa_s
->pairwise_cipher
);
360 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
361 #ifdef CONFIG_IEEE80211W
362 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
363 wpa_s
->mgmt_group_cipher
);
364 #endif /* CONFIG_IEEE80211W */
366 pmksa_cache_clear_current(wpa_s
->wpa
);
370 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
372 bgscan_deinit(wpa_s
);
373 scard_deinit(wpa_s
->scard
);
375 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
376 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
377 l2_packet_deinit(wpa_s
->l2
);
380 l2_packet_deinit(wpa_s
->l2_br
);
384 if (wpa_s
->ctrl_iface
) {
385 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
386 wpa_s
->ctrl_iface
= NULL
;
388 if (wpa_s
->conf
!= NULL
) {
389 struct wpa_ssid
*ssid
;
390 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
391 wpas_notify_network_removed(wpa_s
, ssid
);
392 wpa_config_free(wpa_s
->conf
);
396 os_free(wpa_s
->confname
);
397 wpa_s
->confname
= NULL
;
399 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
400 eapol_sm_deinit(wpa_s
->eapol
);
403 rsn_preauth_deinit(wpa_s
->wpa
);
406 wpa_tdls_deinit(wpa_s
->wpa
);
407 #endif /* CONFIG_TDLS */
409 pmksa_candidate_free(wpa_s
->wpa
);
410 wpa_sm_deinit(wpa_s
->wpa
);
412 wpa_blacklist_clear(wpa_s
);
414 wpa_bss_deinit(wpa_s
);
416 wpa_supplicant_cancel_scan(wpa_s
);
417 wpa_supplicant_cancel_auth_timeout(wpa_s
);
419 ieee80211_sta_deinit(wpa_s
);
421 wpas_wps_deinit(wpa_s
);
423 wpabuf_free(wpa_s
->pending_eapol_rx
);
424 wpa_s
->pending_eapol_rx
= NULL
;
426 #ifdef CONFIG_IBSS_RSN
427 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
428 wpa_s
->ibss_rsn
= NULL
;
429 #endif /* CONFIG_IBSS_RSN */
434 wpa_supplicant_ap_deinit(wpa_s
);
435 #endif /* CONFIG_AP */
438 wpas_p2p_deinit(wpa_s
);
439 #endif /* CONFIG_P2P */
441 os_free(wpa_s
->next_scan_freqs
);
442 wpa_s
->next_scan_freqs
= NULL
;
447 * wpa_clear_keys - Clear keys configured for the driver
448 * @wpa_s: Pointer to wpa_supplicant data
449 * @addr: Previously used BSSID or %NULL if not available
451 * This function clears the encryption keys that has been previously configured
454 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
456 if (wpa_s
->keys_cleared
) {
457 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
458 * timing issues with keys being cleared just before new keys
459 * are set or just after association or something similar. This
460 * shows up in group key handshake failing often because of the
461 * client not receiving the first encrypted packets correctly.
462 * Skipping some of the extra key clearing steps seems to help
463 * in completing group key handshake more reliably. */
464 wpa_dbg(wpa_s
, MSG_DEBUG
, "No keys have been configured - "
465 "skip key clearing");
469 /* MLME-DELETEKEYS.request */
470 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 0, 0, NULL
, 0, NULL
, 0);
471 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 1, 0, NULL
, 0, NULL
, 0);
472 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 2, 0, NULL
, 0, NULL
, 0);
473 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 3, 0, NULL
, 0, NULL
, 0);
474 #ifdef CONFIG_IEEE80211W
475 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 4, 0, NULL
, 0, NULL
, 0);
476 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, 5, 0, NULL
, 0, NULL
, 0);
477 #endif /* CONFIG_IEEE80211W */
479 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
481 /* MLME-SETPROTECTION.request(None) */
482 wpa_drv_mlme_setprotection(
484 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
485 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
487 wpa_s
->keys_cleared
= 1;
492 * wpa_supplicant_state_txt - Get the connection state name as a text string
493 * @state: State (wpa_state; WPA_*)
494 * Returns: The state name as a printable text string
496 const char * wpa_supplicant_state_txt(enum wpa_states state
)
499 case WPA_DISCONNECTED
:
500 return "DISCONNECTED";
503 case WPA_INTERFACE_DISABLED
:
504 return "INTERFACE_DISABLED";
507 case WPA_AUTHENTICATING
:
508 return "AUTHENTICATING";
509 case WPA_ASSOCIATING
:
510 return "ASSOCIATING";
513 case WPA_4WAY_HANDSHAKE
:
514 return "4WAY_HANDSHAKE";
515 case WPA_GROUP_HANDSHAKE
:
516 return "GROUP_HANDSHAKE";
526 * wpa_supplicant_set_state - Set current connection state
527 * @wpa_s: Pointer to wpa_supplicant data
528 * @state: The new connection state
530 * This function is called whenever the connection state changes, e.g.,
531 * association is completed for WPA/WPA2 4-Way Handshake is started.
533 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
534 enum wpa_states state
)
536 enum wpa_states old_state
= wpa_s
->wpa_state
;
538 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
539 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
540 wpa_supplicant_state_txt(state
));
542 if (state
!= WPA_SCANNING
)
543 wpa_supplicant_notify_scanning(wpa_s
, 0);
545 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
546 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
547 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
548 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
549 MACSTR
" completed %s [id=%d id_str=%s]",
550 MAC2STR(wpa_s
->bssid
), wpa_s
->reassociated_connection
?
551 "(reauth)" : "(auth)",
552 ssid
? ssid
->id
: -1,
553 ssid
&& ssid
->id_str
? ssid
->id_str
: "");
554 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
555 wpa_s
->new_connection
= 0;
556 wpa_s
->reassociated_connection
= 1;
557 wpa_drv_set_operstate(wpa_s
, 1);
558 #ifndef IEEE8021X_EAPOL
559 wpa_drv_set_supp_port(wpa_s
, 1);
560 #endif /* IEEE8021X_EAPOL */
561 wpa_s
->after_wps
= 0;
563 wpas_p2p_completed(wpa_s
);
564 #endif /* CONFIG_P2P */
565 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
566 state
== WPA_ASSOCIATED
) {
567 wpa_s
->new_connection
= 1;
568 wpa_drv_set_operstate(wpa_s
, 0);
569 #ifndef IEEE8021X_EAPOL
570 wpa_drv_set_supp_port(wpa_s
, 0);
571 #endif /* IEEE8021X_EAPOL */
573 wpa_s
->wpa_state
= state
;
575 if (wpa_s
->wpa_state
!= old_state
)
576 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
580 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
584 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
586 if (wpas_wps_terminate_pending(wpa_s
) == 1)
590 #endif /* CONFIG_WPS */
597 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
599 struct wpa_global
*global
= signal_ctx
;
600 struct wpa_supplicant
*wpa_s
;
601 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
602 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
"- signal %d "
605 wpa_supplicant_terminate_proc(global
);
609 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
611 enum wpa_states old_state
= wpa_s
->wpa_state
;
613 wpa_s
->pairwise_cipher
= 0;
614 wpa_s
->group_cipher
= 0;
615 wpa_s
->mgmt_group_cipher
= 0;
617 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
618 wpa_s
->wpa_state
= WPA_DISCONNECTED
;
620 if (wpa_s
->wpa_state
!= old_state
)
621 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
626 * wpa_supplicant_reload_configuration - Reload configuration data
627 * @wpa_s: Pointer to wpa_supplicant data
628 * Returns: 0 on success or -1 if configuration parsing failed
630 * This function can be used to request that the configuration data is reloaded
631 * (e.g., after configuration file change). This function is reloading
632 * configuration only for one interface, so this may need to be called multiple
633 * times if %wpa_supplicant is controlling multiple interfaces and all
634 * interfaces need reconfiguration.
636 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
638 struct wpa_config
*conf
;
639 struct wpa_ssid
*old_ssid
;
643 if (wpa_s
->confname
== NULL
)
645 conf
= wpa_config_read(wpa_s
->confname
);
647 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
648 "file '%s' - exiting", wpa_s
->confname
);
651 conf
->changed_parameters
= (unsigned int) -1;
653 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
654 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
655 os_strcmp(conf
->ctrl_interface
,
656 wpa_s
->conf
->ctrl_interface
) != 0);
658 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
659 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
660 wpa_s
->ctrl_iface
= NULL
;
663 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
664 old_ssid
= wpa_s
->current_ssid
;
665 wpa_s
->current_ssid
= NULL
;
666 if (old_ssid
!= wpa_s
->current_ssid
)
667 wpas_notify_network_changed(wpa_s
);
670 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
671 * pkcs11_engine_path, pkcs11_module_path.
673 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
)) {
675 * Clear forced success to clear EAP state for next
678 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
680 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
681 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
682 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
683 rsn_preauth_deinit(wpa_s
->wpa
);
685 old_ap_scan
= wpa_s
->conf
->ap_scan
;
686 wpa_config_free(wpa_s
->conf
);
688 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
689 wpas_notify_ap_scan_changed(wpa_s
);
692 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
694 wpa_supplicant_update_config(wpa_s
);
696 wpa_supplicant_clear_status(wpa_s
);
697 if (wpa_supplicant_enabled_networks(wpa_s
->conf
)) {
698 wpa_s
->reassociate
= 1;
699 wpa_supplicant_req_scan(wpa_s
, 0, 0);
701 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
706 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
708 struct wpa_global
*global
= signal_ctx
;
709 struct wpa_supplicant
*wpa_s
;
710 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
711 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
713 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
714 wpa_supplicant_terminate_proc(global
);
720 enum wpa_cipher
cipher_suite2driver(int cipher
)
723 case WPA_CIPHER_NONE
:
725 case WPA_CIPHER_WEP40
:
727 case WPA_CIPHER_WEP104
:
728 return CIPHER_WEP104
;
729 case WPA_CIPHER_CCMP
:
731 case WPA_CIPHER_TKIP
:
738 enum wpa_key_mgmt
key_mgmt2driver(int key_mgmt
)
741 case WPA_KEY_MGMT_NONE
:
742 return KEY_MGMT_NONE
;
743 case WPA_KEY_MGMT_IEEE8021X_NO_WPA
:
744 return KEY_MGMT_802_1X_NO_WPA
;
745 case WPA_KEY_MGMT_IEEE8021X
:
746 return KEY_MGMT_802_1X
;
747 case WPA_KEY_MGMT_WPA_NONE
:
748 return KEY_MGMT_WPA_NONE
;
749 case WPA_KEY_MGMT_FT_IEEE8021X
:
750 return KEY_MGMT_FT_802_1X
;
751 case WPA_KEY_MGMT_FT_PSK
:
752 return KEY_MGMT_FT_PSK
;
753 case WPA_KEY_MGMT_IEEE8021X_SHA256
:
754 return KEY_MGMT_802_1X_SHA256
;
755 case WPA_KEY_MGMT_PSK_SHA256
:
756 return KEY_MGMT_PSK_SHA256
;
757 case WPA_KEY_MGMT_WPS
:
759 case WPA_KEY_MGMT_PSK
:
766 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
767 struct wpa_ssid
*ssid
,
768 struct wpa_ie_data
*ie
)
770 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
773 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
774 "from association info");
779 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
781 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
782 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
783 "cipher 0x%x (mask 0x%x) - reject",
784 ie
->group_cipher
, ssid
->group_cipher
);
787 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
788 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
789 "cipher 0x%x (mask 0x%x) - reject",
790 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
793 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
794 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
795 "management 0x%x (mask 0x%x) - reject",
796 ie
->key_mgmt
, ssid
->key_mgmt
);
800 #ifdef CONFIG_IEEE80211W
801 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
802 ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_REQUIRED
) {
803 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
804 "that does not support management frame protection - "
808 #endif /* CONFIG_IEEE80211W */
815 * wpa_supplicant_set_suites - Set authentication and encryption parameters
816 * @wpa_s: Pointer to wpa_supplicant data
817 * @bss: Scan results for the selected BSS, or %NULL if not available
818 * @ssid: Configuration data for the selected network
819 * @wpa_ie: Buffer for the WPA/RSN IE
820 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
821 * used buffer length in case the functions returns success.
822 * Returns: 0 on success or -1 on failure
824 * This function is used to configure authentication and encryption parameters
825 * based on the network configuration and scan result for the selected BSS (if
828 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
829 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
830 u8
*wpa_ie
, size_t *wpa_ie_len
)
832 struct wpa_ie_data ie
;
834 const u8
*bss_wpa
, *bss_rsn
;
837 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
838 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
840 bss_wpa
= bss_rsn
= NULL
;
842 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
843 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
844 (ie
.group_cipher
& ssid
->group_cipher
) &&
845 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
846 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
847 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
848 proto
= WPA_PROTO_RSN
;
849 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
850 wpa_parse_wpa_ie(bss_wpa
, 2 +bss_wpa
[1], &ie
) == 0 &&
851 (ie
.group_cipher
& ssid
->group_cipher
) &&
852 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
853 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
854 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
855 proto
= WPA_PROTO_WPA
;
857 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
860 if (ssid
->proto
& WPA_PROTO_RSN
)
861 proto
= WPA_PROTO_RSN
;
863 proto
= WPA_PROTO_WPA
;
864 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
865 os_memset(&ie
, 0, sizeof(ie
));
866 ie
.group_cipher
= ssid
->group_cipher
;
867 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
868 ie
.key_mgmt
= ssid
->key_mgmt
;
869 #ifdef CONFIG_IEEE80211W
870 ie
.mgmt_group_cipher
=
871 ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
?
872 WPA_CIPHER_AES_128_CMAC
: 0;
873 #endif /* CONFIG_IEEE80211W */
874 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
875 "based on configuration");
880 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
881 "pairwise %d key_mgmt %d proto %d",
882 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
883 #ifdef CONFIG_IEEE80211W
884 if (ssid
->ieee80211w
) {
885 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
886 ie
.mgmt_group_cipher
);
888 #endif /* CONFIG_IEEE80211W */
890 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
891 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
892 !!(ssid
->proto
& WPA_PROTO_RSN
));
894 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
895 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
896 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
897 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
898 bss_rsn
? 2 + bss_rsn
[1] : 0))
902 sel
= ie
.group_cipher
& ssid
->group_cipher
;
903 if (sel
& WPA_CIPHER_CCMP
) {
904 wpa_s
->group_cipher
= WPA_CIPHER_CCMP
;
905 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK CCMP");
906 } else if (sel
& WPA_CIPHER_TKIP
) {
907 wpa_s
->group_cipher
= WPA_CIPHER_TKIP
;
908 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK TKIP");
909 } else if (sel
& WPA_CIPHER_WEP104
) {
910 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
911 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK WEP104");
912 } else if (sel
& WPA_CIPHER_WEP40
) {
913 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
914 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK WEP40");
916 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
921 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
922 if (sel
& WPA_CIPHER_CCMP
) {
923 wpa_s
->pairwise_cipher
= WPA_CIPHER_CCMP
;
924 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK CCMP");
925 } else if (sel
& WPA_CIPHER_TKIP
) {
926 wpa_s
->pairwise_cipher
= WPA_CIPHER_TKIP
;
927 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK TKIP");
928 } else if (sel
& WPA_CIPHER_NONE
) {
929 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
930 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK NONE");
932 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
937 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
939 #ifdef CONFIG_IEEE80211R
940 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
941 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
942 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
943 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
944 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
945 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
946 #endif /* CONFIG_IEEE80211R */
947 #ifdef CONFIG_IEEE80211W
948 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
949 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
950 wpa_dbg(wpa_s
, MSG_DEBUG
,
951 "WPA: using KEY_MGMT 802.1X with SHA256");
952 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
953 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
954 wpa_dbg(wpa_s
, MSG_DEBUG
,
955 "WPA: using KEY_MGMT PSK with SHA256");
956 #endif /* CONFIG_IEEE80211W */
957 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
958 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
959 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
960 } else if (sel
& WPA_KEY_MGMT_PSK
) {
961 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
962 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
963 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
964 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
965 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
967 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
968 "authenticated key management type");
972 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
973 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
974 wpa_s
->pairwise_cipher
);
975 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
977 #ifdef CONFIG_IEEE80211W
978 sel
= ie
.mgmt_group_cipher
;
979 if (ssid
->ieee80211w
== NO_MGMT_FRAME_PROTECTION
||
980 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
982 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
983 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
984 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
987 wpa_s
->mgmt_group_cipher
= 0;
988 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
990 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
991 wpa_s
->mgmt_group_cipher
);
992 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
, ssid
->ieee80211w
);
993 #endif /* CONFIG_IEEE80211W */
995 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
996 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1000 if (ssid
->key_mgmt
&
1001 (WPA_KEY_MGMT_PSK
| WPA_KEY_MGMT_FT_PSK
| WPA_KEY_MGMT_PSK_SHA256
))
1002 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
);
1004 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1011 * wpa_supplicant_associate - Request association
1012 * @wpa_s: Pointer to wpa_supplicant data
1013 * @bss: Scan results for the selected BSS, or %NULL if not available
1014 * @ssid: Configuration data for the selected network
1016 * This function is used to request %wpa_supplicant to associate with a BSS.
1018 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1019 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1023 int use_crypt
, ret
, i
, bssid_changed
;
1024 int algs
= WPA_AUTH_ALG_OPEN
;
1025 enum wpa_cipher cipher_pairwise
, cipher_group
;
1026 struct wpa_driver_associate_params params
;
1027 int wep_keys_set
= 0;
1028 struct wpa_driver_capa capa
;
1029 int assoc_failed
= 0;
1030 struct wpa_ssid
*old_ssid
;
1032 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1033 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1035 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1036 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1040 wpa_supplicant_create_ap(wpa_s
, ssid
);
1041 wpa_s
->current_bss
= bss
;
1042 #else /* CONFIG_AP */
1043 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1045 #endif /* CONFIG_AP */
1049 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1050 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1051 sme_authenticate(wpa_s
, bss
, ssid
);
1055 os_memset(¶ms
, 0, sizeof(params
));
1056 wpa_s
->reassociate
= 0;
1058 #ifdef CONFIG_IEEE80211R
1059 const u8
*ie
, *md
= NULL
;
1060 #endif /* CONFIG_IEEE80211R */
1061 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
1062 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
1063 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
1064 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
1065 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
1066 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
1068 wpas_notify_bssid_changed(wpa_s
);
1069 #ifdef CONFIG_IEEE80211R
1070 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
1071 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
1073 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
1075 /* Prepare for the next transition */
1076 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
1078 #endif /* CONFIG_IEEE80211R */
1080 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
1081 wpa_s
->conf
->ap_scan
== 2 &&
1082 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
1083 /* Use ap_scan==1 style network selection to find the network
1085 wpa_s
->scan_req
= 2;
1086 wpa_s
->reassociate
= 1;
1087 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1089 #endif /* CONFIG_WPS */
1091 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
1092 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
1093 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
1095 wpa_supplicant_cancel_scan(wpa_s
);
1097 /* Starting new association, so clear the possibly used WPA IE from the
1098 * previous association. */
1099 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
1101 #ifdef IEEE8021X_EAPOL
1102 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1104 if (ssid
->non_leap
== 0)
1105 algs
= WPA_AUTH_ALG_LEAP
;
1107 algs
|= WPA_AUTH_ALG_LEAP
;
1110 #endif /* IEEE8021X_EAPOL */
1111 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
1112 if (ssid
->auth_alg
) {
1113 algs
= ssid
->auth_alg
;
1114 wpa_dbg(wpa_s
, MSG_DEBUG
, "Overriding auth_alg selection: "
1118 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
1119 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
1120 (ssid
->key_mgmt
& (WPA_KEY_MGMT_IEEE8021X
| WPA_KEY_MGMT_PSK
|
1121 WPA_KEY_MGMT_FT_IEEE8021X
|
1122 WPA_KEY_MGMT_FT_PSK
|
1123 WPA_KEY_MGMT_IEEE8021X_SHA256
|
1124 WPA_KEY_MGMT_PSK_SHA256
))) {
1125 int try_opportunistic
;
1126 try_opportunistic
= ssid
->proactive_key_caching
&&
1127 (ssid
->proto
& WPA_PROTO_RSN
);
1128 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
1129 wpa_s
->current_ssid
,
1130 try_opportunistic
) == 0)
1131 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
, 1);
1132 wpa_ie_len
= sizeof(wpa_ie
);
1133 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
1134 wpa_ie
, &wpa_ie_len
)) {
1135 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
1136 "key management and encryption suites");
1139 } else if (ssid
->key_mgmt
&
1140 (WPA_KEY_MGMT_PSK
| WPA_KEY_MGMT_IEEE8021X
|
1141 WPA_KEY_MGMT_WPA_NONE
| WPA_KEY_MGMT_FT_PSK
|
1142 WPA_KEY_MGMT_FT_IEEE8021X
| WPA_KEY_MGMT_PSK_SHA256
|
1143 WPA_KEY_MGMT_IEEE8021X_SHA256
)) {
1144 wpa_ie_len
= sizeof(wpa_ie
);
1145 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
1146 wpa_ie
, &wpa_ie_len
)) {
1147 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
1148 "key management and encryption suites (no "
1153 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
1154 struct wpabuf
*wps_ie
;
1155 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
1156 if (wps_ie
&& wpabuf_len(wps_ie
) <= sizeof(wpa_ie
)) {
1157 wpa_ie_len
= wpabuf_len(wps_ie
);
1158 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
1161 wpabuf_free(wps_ie
);
1162 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1163 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
1164 params
.wps
= WPS_MODE_PRIVACY
;
1166 params
.wps
= WPS_MODE_OPEN
;
1167 #endif /* CONFIG_WPS */
1169 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1174 if (wpa_s
->global
->p2p
) {
1179 p2p_group
= wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_CAPABLE
;
1180 pos
= wpa_ie
+ wpa_ie_len
;
1181 len
= sizeof(wpa_ie
) - wpa_ie_len
;
1182 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
, p2p_group
);
1187 wpa_s
->cross_connect_disallowed
= 0;
1190 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
1192 wpa_s
->cross_connect_disallowed
=
1193 p2p_get_cross_connect_disallowed(p2p
);
1195 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
1197 wpa_s
->cross_connect_disallowed
?
1198 "disallows" : "allows");
1201 #endif /* CONFIG_P2P */
1203 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
1205 cipher_pairwise
= cipher_suite2driver(wpa_s
->pairwise_cipher
);
1206 cipher_group
= cipher_suite2driver(wpa_s
->group_cipher
);
1207 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
1208 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1209 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
1211 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
1216 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
1219 #ifdef IEEE8021X_EAPOL
1220 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
1221 if ((ssid
->eapol_flags
&
1222 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
1223 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
1227 /* Assume that dynamic WEP-104 keys will be used and
1228 * set cipher suites in order for drivers to expect
1230 cipher_pairwise
= cipher_group
= CIPHER_WEP104
;
1233 #endif /* IEEE8021X_EAPOL */
1235 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
1236 /* Set the key before (and later after) association */
1237 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
1240 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
1242 params
.bssid
= bss
->bssid
;
1243 params
.ssid
= bss
->ssid
;
1244 params
.ssid_len
= bss
->ssid_len
;
1245 params
.freq
= bss
->freq
;
1247 params
.ssid
= ssid
->ssid
;
1248 params
.ssid_len
= ssid
->ssid_len
;
1250 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->frequency
> 0 &&
1252 params
.freq
= ssid
->frequency
; /* Initial channel for IBSS */
1253 params
.wpa_ie
= wpa_ie
;
1254 params
.wpa_ie_len
= wpa_ie_len
;
1255 params
.pairwise_suite
= cipher_pairwise
;
1256 params
.group_suite
= cipher_group
;
1257 params
.key_mgmt_suite
= key_mgmt2driver(wpa_s
->key_mgmt
);
1258 params
.auth_alg
= algs
;
1259 params
.mode
= ssid
->mode
;
1260 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
1261 if (ssid
->wep_key_len
[i
])
1262 params
.wep_key
[i
] = ssid
->wep_key
[i
];
1263 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
1265 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
1267 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
1268 (params
.key_mgmt_suite
== KEY_MGMT_PSK
||
1269 params
.key_mgmt_suite
== KEY_MGMT_FT_PSK
)) {
1270 params
.passphrase
= ssid
->passphrase
;
1272 params
.psk
= ssid
->psk
;
1275 params
.drop_unencrypted
= use_crypt
;
1277 #ifdef CONFIG_IEEE80211W
1278 params
.mgmt_frame_protection
= ssid
->ieee80211w
;
1279 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
1280 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1281 struct wpa_ie_data ie
;
1282 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
1284 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
1285 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
1286 "MFP: require MFP");
1287 params
.mgmt_frame_protection
=
1288 MGMT_FRAME_PROTECTION_REQUIRED
;
1291 #endif /* CONFIG_IEEE80211W */
1294 if (wpa_s
->global
->p2p
&&
1295 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_CAPABLE
))
1297 #endif /* CONFIG_P2P */
1299 if (wpa_s
->parent
->set_sta_uapsd
)
1300 params
.uapsd
= wpa_s
->parent
->sta_uapsd
;
1304 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1305 ret
= ieee80211_sta_associate(wpa_s
, ¶ms
);
1307 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
1309 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
1311 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
1313 * The driver is known to mean what is saying, so we
1314 * can stop right here; the association will not
1317 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
1318 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
1321 /* try to continue anyway; new association will be tried again
1326 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
1327 /* Set the key after the association just in case association
1328 * cleared the previously configured key. */
1329 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
1330 /* No need to timeout authentication since there is no key
1332 wpa_supplicant_cancel_auth_timeout(wpa_s
);
1333 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
1334 #ifdef CONFIG_IBSS_RSN
1335 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
1336 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
1337 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
1338 ibss_rsn_set_psk(wpa_s
->ibss_rsn
, ssid
->psk
);
1340 * RSN IBSS authentication is per-STA and we can disable the
1341 * per-BSSID authentication.
1343 wpa_supplicant_cancel_auth_timeout(wpa_s
);
1344 #endif /* CONFIG_IBSS_RSN */
1346 /* Timeout for IEEE 802.11 authentication and association */
1350 /* give IBSS a bit more time */
1351 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
1352 } else if (wpa_s
->conf
->ap_scan
== 1) {
1353 /* give IBSS a bit more time */
1354 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
1356 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
1359 if (wep_keys_set
&& wpa_drv_get_capa(wpa_s
, &capa
) == 0 &&
1360 capa
.flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
) {
1361 /* Set static WEP keys again */
1362 wpa_set_wep_keys(wpa_s
, ssid
);
1365 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
1367 * Do not allow EAP session resumption between different
1368 * network configurations.
1370 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1372 old_ssid
= wpa_s
->current_ssid
;
1373 wpa_s
->current_ssid
= ssid
;
1374 wpa_s
->current_bss
= bss
;
1375 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
1376 wpa_supplicant_initiate_eapol(wpa_s
);
1377 if (old_ssid
!= wpa_s
->current_ssid
)
1378 wpas_notify_network_changed(wpa_s
);
1382 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
1385 struct wpa_ssid
*old_ssid
;
1387 wpa_clear_keys(wpa_s
, addr
);
1388 wpa_supplicant_mark_disassoc(wpa_s
);
1389 old_ssid
= wpa_s
->current_ssid
;
1390 wpa_s
->current_ssid
= NULL
;
1391 wpa_s
->current_bss
= NULL
;
1392 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1393 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1394 if (old_ssid
!= wpa_s
->current_ssid
)
1395 wpas_notify_network_changed(wpa_s
);
1396 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
1401 * wpa_supplicant_disassociate - Disassociate the current connection
1402 * @wpa_s: Pointer to wpa_supplicant data
1403 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1405 * This function is used to request %wpa_supplicant to disassociate with the
1408 void wpa_supplicant_disassociate(struct wpa_supplicant
*wpa_s
,
1413 if (!is_zero_ether_addr(wpa_s
->bssid
)) {
1414 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1415 ieee80211_sta_disassociate(wpa_s
, reason_code
);
1417 wpa_drv_disassociate(wpa_s
, wpa_s
->bssid
, reason_code
);
1418 addr
= wpa_s
->bssid
;
1421 wpa_supplicant_clear_connection(wpa_s
, addr
);
1426 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1427 * @wpa_s: Pointer to wpa_supplicant data
1428 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1430 * This function is used to request %wpa_supplicant to deauthenticate from the
1433 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
1438 if (!is_zero_ether_addr(wpa_s
->bssid
)) {
1439 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1440 ieee80211_sta_deauthenticate(wpa_s
, reason_code
);
1442 wpa_drv_deauthenticate(wpa_s
, wpa_s
->bssid
,
1444 addr
= wpa_s
->bssid
;
1447 wpa_supplicant_clear_connection(wpa_s
, addr
);
1452 * wpa_supplicant_enable_network - Mark a configured network as enabled
1453 * @wpa_s: wpa_supplicant structure for a network interface
1454 * @ssid: wpa_ssid structure for a configured network or %NULL
1456 * Enables the specified network or all networks if no network specified.
1458 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
1459 struct wpa_ssid
*ssid
)
1461 struct wpa_ssid
*other_ssid
;
1465 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1466 other_ssid
= other_ssid
->next
) {
1467 if (other_ssid
->disabled
== 2)
1468 continue; /* do not change persistent P2P group
1470 if (other_ssid
== wpa_s
->current_ssid
&&
1471 other_ssid
->disabled
)
1472 wpa_s
->reassociate
= 1;
1474 was_disabled
= other_ssid
->disabled
;
1476 other_ssid
->disabled
= 0;
1478 if (was_disabled
!= other_ssid
->disabled
)
1479 wpas_notify_network_enabled_changed(
1482 if (wpa_s
->reassociate
)
1483 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1484 } else if (ssid
->disabled
&& ssid
->disabled
!= 2) {
1485 if (wpa_s
->current_ssid
== NULL
) {
1487 * Try to reassociate since there is no current
1488 * configuration and a new network was made available.
1490 wpa_s
->reassociate
= 1;
1491 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1494 was_disabled
= ssid
->disabled
;
1498 if (was_disabled
!= ssid
->disabled
)
1499 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
1505 * wpa_supplicant_disable_network - Mark a configured network as disabled
1506 * @wpa_s: wpa_supplicant structure for a network interface
1507 * @ssid: wpa_ssid structure for a configured network or %NULL
1509 * Disables the specified network or all networks if no network specified.
1511 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
1512 struct wpa_ssid
*ssid
)
1514 struct wpa_ssid
*other_ssid
;
1518 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1519 other_ssid
= other_ssid
->next
) {
1520 was_disabled
= other_ssid
->disabled
;
1521 if (was_disabled
== 2)
1522 continue; /* do not change persistent P2P group
1525 other_ssid
->disabled
= 1;
1527 if (was_disabled
!= other_ssid
->disabled
)
1528 wpas_notify_network_enabled_changed(
1531 if (wpa_s
->current_ssid
)
1532 wpa_supplicant_disassociate(
1533 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1534 } else if (ssid
->disabled
!= 2) {
1535 if (ssid
== wpa_s
->current_ssid
)
1536 wpa_supplicant_disassociate(
1537 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1539 was_disabled
= ssid
->disabled
;
1543 if (was_disabled
!= ssid
->disabled
)
1544 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
1550 * wpa_supplicant_select_network - Attempt association with a network
1551 * @wpa_s: wpa_supplicant structure for a network interface
1552 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1554 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
1555 struct wpa_ssid
*ssid
)
1558 struct wpa_ssid
*other_ssid
;
1560 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
)
1561 wpa_supplicant_disassociate(
1562 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
1565 * Mark all other networks disabled or mark all networks enabled if no
1566 * network specified.
1568 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
1569 other_ssid
= other_ssid
->next
) {
1570 int was_disabled
= other_ssid
->disabled
;
1571 if (was_disabled
== 2)
1572 continue; /* do not change persistent P2P group data */
1574 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
1576 if (was_disabled
!= other_ssid
->disabled
)
1577 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
1579 wpa_s
->disconnected
= 0;
1580 wpa_s
->reassociate
= 1;
1581 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1584 wpas_notify_network_selected(wpa_s
, ssid
);
1589 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1590 * @wpa_s: wpa_supplicant structure for a network interface
1591 * @ap_scan: AP scan mode
1592 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1595 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
1600 if (ap_scan
< 0 || ap_scan
> 2)
1603 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1604 wpa_s
->conf
->ap_scan
= ap_scan
;
1606 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1607 wpas_notify_ap_scan_changed(wpa_s
);
1614 * wpa_supplicant_set_debug_params - Set global debug params
1615 * @global: wpa_global structure
1616 * @debug_level: debug level
1617 * @debug_timestamp: determines if show timestamp in debug data
1618 * @debug_show_keys: determines if show keys in debug data
1619 * Returns: 0 if succeed or -1 if debug_level has wrong value
1621 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
1622 int debug_timestamp
, int debug_show_keys
)
1625 int old_level
, old_timestamp
, old_show_keys
;
1627 /* check for allowed debuglevels */
1628 if (debug_level
!= MSG_MSGDUMP
&&
1629 debug_level
!= MSG_DEBUG
&&
1630 debug_level
!= MSG_INFO
&&
1631 debug_level
!= MSG_WARNING
&&
1632 debug_level
!= MSG_ERROR
)
1635 old_level
= wpa_debug_level
;
1636 old_timestamp
= wpa_debug_timestamp
;
1637 old_show_keys
= wpa_debug_show_keys
;
1639 wpa_debug_level
= debug_level
;
1640 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
1641 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
1643 if (wpa_debug_level
!= old_level
)
1644 wpas_notify_debug_level_changed(global
);
1645 if (wpa_debug_timestamp
!= old_timestamp
)
1646 wpas_notify_debug_timestamp_changed(global
);
1647 if (wpa_debug_show_keys
!= old_show_keys
)
1648 wpas_notify_debug_show_keys_changed(global
);
1655 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1656 * @wpa_s: Pointer to wpa_supplicant data
1657 * Returns: A pointer to the current network structure or %NULL on failure
1659 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
1661 struct wpa_ssid
*entry
;
1662 u8 ssid
[MAX_SSID_LEN
];
1668 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
) {
1669 if (ieee80211_sta_get_ssid(wpa_s
, ssid
, &ssid_len
)) {
1670 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
1675 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
1677 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
1684 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
)
1685 os_memcpy(bssid
, wpa_s
->bssid
, ETH_ALEN
);
1686 else if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
1687 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
1692 wired
= wpa_s
->conf
->ap_scan
== 0 &&
1693 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
1695 entry
= wpa_s
->conf
->ssid
;
1697 if (!entry
->disabled
&&
1698 ((ssid_len
== entry
->ssid_len
&&
1699 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
1700 (!entry
->bssid_set
||
1701 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
1704 if (!entry
->disabled
&&
1705 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
1706 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
1707 (!entry
->bssid_set
||
1708 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
1710 #endif /* CONFIG_WPS */
1711 entry
= entry
->next
;
1718 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
1723 const char *pos
, *driver
= name
;
1728 if (wpa_drivers
[0] == NULL
) {
1729 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
1735 /* default to first driver in the list */
1736 wpa_s
->driver
= wpa_drivers
[0];
1737 wpa_s
->global_drv_priv
= wpa_s
->global
->drv_priv
[0];
1742 pos
= os_strchr(driver
, ',');
1746 len
= os_strlen(driver
);
1748 for (i
= 0; wpa_drivers
[i
]; i
++) {
1749 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
1750 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
1752 wpa_s
->driver
= wpa_drivers
[i
];
1753 wpa_s
->global_drv_priv
=
1754 wpa_s
->global
->drv_priv
[i
];
1762 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
1768 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1769 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1770 * with struct wpa_driver_ops::init()
1771 * @src_addr: Source address of the EAPOL frame
1772 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1773 * @len: Length of the EAPOL data
1775 * This function is called for each received EAPOL frame. Most driver
1776 * interfaces rely on more generic OS mechanism for receiving frames through
1777 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1778 * take care of received EAPOL frames and deliver them to the core supplicant
1779 * code by calling this function.
1781 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
1782 const u8
*buf
, size_t len
)
1784 struct wpa_supplicant
*wpa_s
= ctx
;
1786 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
1787 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
1789 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
) {
1791 * There is possible race condition between receiving the
1792 * association event and the EAPOL frame since they are coming
1793 * through different paths from the driver. In order to avoid
1794 * issues in trying to process the EAPOL frame before receiving
1795 * association information, lets queue it for processing until
1796 * the association event is received.
1798 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
1799 "of received EAPOL frame");
1800 wpabuf_free(wpa_s
->pending_eapol_rx
);
1801 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
1802 if (wpa_s
->pending_eapol_rx
) {
1803 os_get_time(&wpa_s
->pending_eapol_rx_time
);
1804 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
1811 if (wpa_s
->ap_iface
) {
1812 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
1815 #endif /* CONFIG_AP */
1817 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
1818 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
1819 "no key management is configured");
1823 if (wpa_s
->eapol_received
== 0 &&
1824 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
1825 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1826 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
1827 (wpa_s
->current_ssid
== NULL
||
1828 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
1829 /* Timeout for completing IEEE 802.1X and WPA authentication */
1830 wpa_supplicant_req_auth_timeout(
1832 (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
1833 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
1834 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) ?
1837 wpa_s
->eapol_received
++;
1839 if (wpa_s
->countermeasures
) {
1840 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
1845 #ifdef CONFIG_IBSS_RSN
1846 if (wpa_s
->current_ssid
&&
1847 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
1848 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
1851 #endif /* CONFIG_IBSS_RSN */
1853 /* Source address of the incoming EAPOL frame could be compared to the
1854 * current BSSID. However, it is possible that a centralized
1855 * Authenticator could be using another MAC address than the BSSID of
1856 * an AP, so just allow any address to be used for now. The replies are
1857 * still sent to the current BSSID (if available), though. */
1859 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
1860 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
1861 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
1863 wpa_drv_poll(wpa_s
);
1864 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
1865 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
1866 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
1868 * Set portValid = TRUE here since we are going to skip 4-way
1869 * handshake processing which would normally set portValid. We
1870 * need this to allow the EAPOL state machines to be completed
1871 * without going through EAPOL-Key handshake.
1873 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
1879 * wpa_supplicant_driver_init - Initialize driver interface parameters
1880 * @wpa_s: Pointer to wpa_supplicant data
1881 * Returns: 0 on success, -1 on failure
1883 * This function is called to initialize driver interface parameters.
1884 * wpa_drv_init() must have been called before this function to initialize the
1887 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
1889 static int interface_count
= 0;
1891 if (wpa_s
->driver
->send_eapol
) {
1892 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
1894 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
1895 } else if (!(wpa_s
->drv_flags
&
1896 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
1897 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
1898 wpa_drv_get_mac_addr(wpa_s
),
1900 wpa_supplicant_rx_eapol
, wpa_s
, 0);
1901 if (wpa_s
->l2
== NULL
)
1904 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
1906 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
1909 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
1910 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
1914 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
1915 MAC2STR(wpa_s
->own_addr
));
1917 if (wpa_s
->bridge_ifname
[0]) {
1918 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
1919 "interface '%s'", wpa_s
->bridge_ifname
);
1920 wpa_s
->l2_br
= l2_packet_init(wpa_s
->bridge_ifname
,
1923 wpa_supplicant_rx_eapol
, wpa_s
,
1925 if (wpa_s
->l2_br
== NULL
) {
1926 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
1927 "connection for the bridge interface '%s'",
1928 wpa_s
->bridge_ifname
);
1933 wpa_clear_keys(wpa_s
, NULL
);
1935 /* Make sure that TKIP countermeasures are not left enabled (could
1936 * happen if wpa_supplicant is killed during countermeasures. */
1937 wpa_drv_set_countermeasures(wpa_s
, 0);
1939 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
1940 wpa_drv_flush_pmkid(wpa_s
);
1942 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
1943 if (wpa_supplicant_enabled_networks(wpa_s
->conf
)) {
1944 wpa_supplicant_req_scan(wpa_s
, interface_count
, 100000);
1947 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
1953 static int wpa_supplicant_daemon(const char *pid_file
)
1955 wpa_printf(MSG_DEBUG
, "Daemonize..");
1956 return os_daemonize(pid_file
);
1960 static struct wpa_supplicant
* wpa_supplicant_alloc(void)
1962 struct wpa_supplicant
*wpa_s
;
1964 wpa_s
= os_zalloc(sizeof(*wpa_s
));
1967 wpa_s
->scan_req
= 1;
1968 wpa_s
->new_connection
= 1;
1969 wpa_s
->parent
= wpa_s
;
1975 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
1976 struct wpa_interface
*iface
)
1978 const char *ifname
, *driver
;
1979 struct wpa_driver_capa capa
;
1981 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
1982 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
1983 iface
->confname
? iface
->confname
: "N/A",
1984 iface
->driver
? iface
->driver
: "default",
1985 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
1986 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
1988 if (iface
->confname
) {
1989 #ifdef CONFIG_BACKEND_FILE
1990 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
1991 if (wpa_s
->confname
== NULL
) {
1992 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
1993 "for configuration file '%s'.",
1997 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
1998 iface
->confname
, wpa_s
->confname
);
1999 #else /* CONFIG_BACKEND_FILE */
2000 wpa_s
->confname
= os_strdup(iface
->confname
);
2001 #endif /* CONFIG_BACKEND_FILE */
2002 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
);
2003 if (wpa_s
->conf
== NULL
) {
2004 wpa_printf(MSG_ERROR
, "Failed to read or parse "
2005 "configuration '%s'.", wpa_s
->confname
);
2010 * Override ctrl_interface and driver_param if set on command
2013 if (iface
->ctrl_interface
) {
2014 os_free(wpa_s
->conf
->ctrl_interface
);
2015 wpa_s
->conf
->ctrl_interface
=
2016 os_strdup(iface
->ctrl_interface
);
2019 if (iface
->driver_param
) {
2020 os_free(wpa_s
->conf
->driver_param
);
2021 wpa_s
->conf
->driver_param
=
2022 os_strdup(iface
->driver_param
);
2025 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
2026 iface
->driver_param
);
2028 if (wpa_s
->conf
== NULL
) {
2029 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
2033 if (iface
->ifname
== NULL
) {
2034 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
2037 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
2038 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
2042 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
2044 if (iface
->bridge_ifname
) {
2045 if (os_strlen(iface
->bridge_ifname
) >=
2046 sizeof(wpa_s
->bridge_ifname
)) {
2047 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
2048 "name '%s'.", iface
->bridge_ifname
);
2051 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
2052 sizeof(wpa_s
->bridge_ifname
));
2055 /* RSNA Supplicant Key Management - INITIALIZE */
2056 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
2057 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
2059 /* Initialize driver interface and register driver event handler before
2060 * L2 receive handler so that association events are processed before
2061 * EAPOL-Key packets if both become available for the same select()
2063 driver
= iface
->driver
;
2065 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
2068 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
2069 if (wpa_s
->drv_priv
== NULL
) {
2071 pos
= driver
? os_strchr(driver
, ',') : NULL
;
2073 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
2074 "driver interface - try next driver wrapper");
2078 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
2082 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
2083 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
2084 "driver_param '%s'", wpa_s
->conf
->driver_param
);
2088 ifname
= wpa_drv_get_ifname(wpa_s
);
2089 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
2090 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
2091 "interface name with '%s'", ifname
);
2092 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
2095 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
2098 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
2099 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
2101 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
2103 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
2104 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
2105 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
2106 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
2107 "dot11RSNAConfigPMKLifetime");
2111 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
2112 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
2113 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
2114 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
2115 "dot11RSNAConfigPMKReauthThreshold");
2119 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
2120 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
2121 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
2122 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
2123 "dot11RSNAConfigSATimeout");
2127 if (wpa_drv_get_capa(wpa_s
, &capa
) == 0) {
2128 wpa_s
->drv_flags
= capa
.flags
;
2129 if (capa
.flags
& WPA_DRIVER_FLAGS_USER_SPACE_MLME
) {
2130 if (ieee80211_sta_init(wpa_s
))
2133 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
2134 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
2135 wpa_s
->max_stations
= capa
.max_stations
;
2137 if (wpa_s
->max_remain_on_chan
== 0)
2138 wpa_s
->max_remain_on_chan
= 1000;
2140 if (wpa_supplicant_driver_init(wpa_s
) < 0)
2144 if (wpa_tdls_init(wpa_s
->wpa
))
2146 #endif /* CONFIG_TDLS */
2148 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
2149 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
2150 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
2154 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
2156 if (wpas_wps_init(wpa_s
))
2159 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
2161 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
2163 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
2164 if (wpa_s
->ctrl_iface
== NULL
) {
2165 wpa_printf(MSG_ERROR
,
2166 "Failed to initialize control interface '%s'.\n"
2167 "You may have another wpa_supplicant process "
2168 "already running or the file was\n"
2169 "left by an unclean termination of wpa_supplicant "
2170 "in which case you will need\n"
2171 "to manually remove this file before starting "
2172 "wpa_supplicant again.\n",
2173 wpa_s
->conf
->ctrl_interface
);
2177 #ifdef CONFIG_IBSS_RSN
2178 wpa_s
->ibss_rsn
= ibss_rsn_init(wpa_s
);
2179 if (!wpa_s
->ibss_rsn
) {
2180 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to init IBSS RSN");
2183 #endif /* CONFIG_IBSS_RSN */
2186 if (wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
2187 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
2190 #endif /* CONFIG_P2P */
2192 if (wpa_bss_init(wpa_s
) < 0)
2199 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
2202 if (wpa_s
->drv_priv
) {
2203 wpa_supplicant_deauthenticate(wpa_s
,
2204 WLAN_REASON_DEAUTH_LEAVING
);
2206 wpa_drv_set_countermeasures(wpa_s
, 0);
2207 wpa_clear_keys(wpa_s
, NULL
);
2210 wpa_supplicant_cleanup(wpa_s
);
2213 wpas_notify_iface_removed(wpa_s
);
2215 if (wpa_s
->drv_priv
)
2216 wpa_drv_deinit(wpa_s
);
2221 * wpa_supplicant_add_iface - Add a new network interface
2222 * @global: Pointer to global data from wpa_supplicant_init()
2223 * @iface: Interface configuration options
2224 * Returns: Pointer to the created interface or %NULL on failure
2226 * This function is used to add new network interfaces for %wpa_supplicant.
2227 * This can be called before wpa_supplicant_run() to add interfaces before the
2228 * main event loop has been started. In addition, new interfaces can be added
2229 * dynamically while %wpa_supplicant is already running. This could happen,
2230 * e.g., when a hotplug network adapter is inserted.
2232 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
2233 struct wpa_interface
*iface
)
2235 struct wpa_supplicant
*wpa_s
;
2236 struct wpa_interface t_iface
;
2237 struct wpa_ssid
*ssid
;
2239 if (global
== NULL
|| iface
== NULL
)
2242 wpa_s
= wpa_supplicant_alloc();
2246 wpa_s
->global
= global
;
2249 if (global
->params
.override_driver
) {
2250 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
2252 iface
->driver
, global
->params
.override_driver
);
2253 t_iface
.driver
= global
->params
.override_driver
;
2255 if (global
->params
.override_ctrl_interface
) {
2256 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
2257 "ctrl_interface ('%s' -> '%s')",
2258 iface
->ctrl_interface
,
2259 global
->params
.override_ctrl_interface
);
2260 t_iface
.ctrl_interface
=
2261 global
->params
.override_ctrl_interface
;
2263 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
2264 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
2266 wpa_supplicant_deinit_iface(wpa_s
, 0);
2271 /* Notify the control interfaces about new iface */
2272 if (wpas_notify_iface_added(wpa_s
)) {
2273 wpa_supplicant_deinit_iface(wpa_s
, 1);
2278 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
2279 wpas_notify_network_added(wpa_s
, ssid
);
2281 wpa_s
->next
= global
->ifaces
;
2282 global
->ifaces
= wpa_s
;
2284 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
2291 * wpa_supplicant_remove_iface - Remove a network interface
2292 * @global: Pointer to global data from wpa_supplicant_init()
2293 * @wpa_s: Pointer to the network interface to be removed
2294 * Returns: 0 if interface was removed, -1 if interface was not found
2296 * This function can be used to dynamically remove network interfaces from
2297 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2298 * addition, this function is used to remove all remaining interfaces when
2299 * %wpa_supplicant is terminated.
2301 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
2302 struct wpa_supplicant
*wpa_s
)
2304 struct wpa_supplicant
*prev
;
2306 /* Remove interface from the global list of interfaces */
2307 prev
= global
->ifaces
;
2308 if (prev
== wpa_s
) {
2309 global
->ifaces
= wpa_s
->next
;
2311 while (prev
&& prev
->next
!= wpa_s
)
2315 prev
->next
= wpa_s
->next
;
2318 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
2320 if (global
->p2p_group_formation
== wpa_s
)
2321 global
->p2p_group_formation
= NULL
;
2322 wpa_supplicant_deinit_iface(wpa_s
, 1);
2330 * wpa_supplicant_get_iface - Get a new network interface
2331 * @global: Pointer to global data from wpa_supplicant_init()
2332 * @ifname: Interface name
2333 * Returns: Pointer to the interface or %NULL if not found
2335 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
2338 struct wpa_supplicant
*wpa_s
;
2340 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
2341 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
2348 #ifndef CONFIG_NO_WPA_MSG
2349 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
2351 struct wpa_supplicant
*wpa_s
= ctx
;
2354 return wpa_s
->ifname
;
2356 #endif /* CONFIG_NO_WPA_MSG */
2360 * wpa_supplicant_init - Initialize %wpa_supplicant
2361 * @params: Parameters for %wpa_supplicant
2362 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2364 * This function is used to initialize %wpa_supplicant. After successful
2365 * initialization, the returned data pointer can be used to add and remove
2366 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2368 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
2370 struct wpa_global
*global
;
2376 #ifndef CONFIG_NO_WPA_MSG
2377 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
2378 #endif /* CONFIG_NO_WPA_MSG */
2380 wpa_debug_open_file(params
->wpa_debug_file_path
);
2381 if (params
->wpa_debug_syslog
)
2382 wpa_debug_open_syslog();
2384 ret
= eap_register_methods();
2386 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
2388 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
2389 "the same EAP type.");
2393 global
= os_zalloc(sizeof(*global
));
2396 dl_list_init(&global
->p2p_srv_bonjour
);
2397 dl_list_init(&global
->p2p_srv_upnp
);
2398 global
->params
.daemonize
= params
->daemonize
;
2399 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
2400 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
2401 if (params
->pid_file
)
2402 global
->params
.pid_file
= os_strdup(params
->pid_file
);
2403 if (params
->ctrl_interface
)
2404 global
->params
.ctrl_interface
=
2405 os_strdup(params
->ctrl_interface
);
2406 if (params
->override_driver
)
2407 global
->params
.override_driver
=
2408 os_strdup(params
->override_driver
);
2409 if (params
->override_ctrl_interface
)
2410 global
->params
.override_ctrl_interface
=
2411 os_strdup(params
->override_ctrl_interface
);
2412 wpa_debug_level
= global
->params
.wpa_debug_level
=
2413 params
->wpa_debug_level
;
2414 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
2415 params
->wpa_debug_show_keys
;
2416 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
2417 params
->wpa_debug_timestamp
;
2419 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
2422 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
2423 wpa_supplicant_deinit(global
);
2427 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
2428 if (global
->ctrl_iface
== NULL
) {
2429 wpa_supplicant_deinit(global
);
2433 if (wpas_notify_supplicant_initialized(global
)) {
2434 wpa_supplicant_deinit(global
);
2438 for (i
= 0; wpa_drivers
[i
]; i
++)
2439 global
->drv_count
++;
2440 if (global
->drv_count
== 0) {
2441 wpa_printf(MSG_ERROR
, "No drivers enabled");
2442 wpa_supplicant_deinit(global
);
2445 global
->drv_priv
= os_zalloc(global
->drv_count
* sizeof(void *));
2446 if (global
->drv_priv
== NULL
) {
2447 wpa_supplicant_deinit(global
);
2450 for (i
= 0; wpa_drivers
[i
]; i
++) {
2451 if (!wpa_drivers
[i
]->global_init
)
2453 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init();
2454 if (global
->drv_priv
[i
] == NULL
) {
2455 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
2456 "'%s'", wpa_drivers
[i
]->name
);
2457 wpa_supplicant_deinit(global
);
2467 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2468 * @global: Pointer to global data from wpa_supplicant_init()
2469 * Returns: 0 after successful event loop run, -1 on failure
2471 * This function starts the main event loop and continues running as long as
2472 * there are any remaining events. In most cases, this function is running as
2473 * long as the %wpa_supplicant process in still in use.
2475 int wpa_supplicant_run(struct wpa_global
*global
)
2477 struct wpa_supplicant
*wpa_s
;
2479 if (global
->params
.daemonize
&&
2480 wpa_supplicant_daemon(global
->params
.pid_file
))
2483 if (global
->params
.wait_for_monitor
) {
2484 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
2485 if (wpa_s
->ctrl_iface
)
2486 wpa_supplicant_ctrl_iface_wait(
2490 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
2491 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
2500 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2501 * @global: Pointer to global data from wpa_supplicant_init()
2503 * This function is called to deinitialize %wpa_supplicant and to free all
2504 * allocated resources. Remaining network interfaces will also be removed.
2506 void wpa_supplicant_deinit(struct wpa_global
*global
)
2514 wpas_p2p_deinit_global(global
);
2515 #endif /* CONFIG_P2P */
2517 while (global
->ifaces
)
2518 wpa_supplicant_remove_iface(global
, global
->ifaces
);
2520 if (global
->ctrl_iface
)
2521 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
2523 wpas_notify_supplicant_deinitialized(global
);
2525 eap_peer_unregister_methods();
2527 eap_server_unregister_methods();
2528 #endif /* CONFIG_AP */
2530 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
2531 if (!global
->drv_priv
[i
])
2533 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
2535 os_free(global
->drv_priv
);
2539 if (global
->params
.pid_file
) {
2540 os_daemonize_terminate(global
->params
.pid_file
);
2541 os_free(global
->params
.pid_file
);
2543 os_free(global
->params
.ctrl_interface
);
2544 os_free(global
->params
.override_driver
);
2545 os_free(global
->params
.override_ctrl_interface
);
2548 wpa_debug_close_syslog();
2549 wpa_debug_close_file();
2553 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
2556 wpas_wps_update_config(wpa_s
);
2557 #endif /* CONFIG_WPS */
2560 wpas_p2p_update_config(wpa_s
);
2561 #endif /* CONFIG_P2P */
2563 wpa_s
->conf
->changed_parameters
= 0;
2567 void ieee80211_sta_free_hw_features(struct hostapd_hw_modes
*hw_features
,
2568 size_t num_hw_features
)
2572 if (hw_features
== NULL
)
2575 for (i
= 0; i
< num_hw_features
; i
++) {
2576 os_free(hw_features
[i
].channels
);
2577 os_free(hw_features
[i
].rates
);
2580 os_free(hw_features
);
2584 static void add_freq(int *freqs
, int *num_freqs
, int freq
)
2588 for (i
= 0; i
< *num_freqs
; i
++) {
2589 if (freqs
[i
] == freq
)
2593 freqs
[*num_freqs
] = freq
;
2598 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
2600 struct wpa_bss
*bss
, *cbss
;
2601 const int max_freqs
= 10;
2605 freqs
= os_zalloc(sizeof(int) * (max_freqs
+ 1));
2609 cbss
= wpa_s
->current_bss
;
2611 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
2614 if (bss
->ssid_len
== cbss
->ssid_len
&&
2615 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
2616 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
2617 add_freq(freqs
, &num_freqs
, bss
->freq
);
2618 if (num_freqs
== max_freqs
)
2623 if (num_freqs
== 0) {
2632 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
2639 * Add the failed BSSID into the blacklist and speed up next scan
2640 * attempt if there could be other APs that could accept association.
2641 * The current blacklist count indicates how many times we have tried
2642 * connecting to this AP and multiple attempts mean that other APs are
2643 * either not available or has already been tried, so that we can start
2644 * increasing the delay here to avoid constant scanning.
2646 count
= wpa_blacklist_add(wpa_s
, bssid
);
2647 if (count
== 1 && wpa_s
->current_bss
) {
2649 * This BSS was not in the blacklist before. If there is
2650 * another BSS available for the same ESS, we should try that
2651 * next. Otherwise, we may as well try this one once more
2652 * before allowing other, likely worse, ESSes to be considered.
2654 freqs
= get_bss_freqs_in_ess(wpa_s
);
2656 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
2657 "has been seen; try it next");
2658 wpa_blacklist_add(wpa_s
, bssid
);
2660 * On the next scan, go through only the known channels
2661 * used in this ESS based on previous scans to speed up
2662 * common load balancing use case.
2664 os_free(wpa_s
->next_scan_freqs
);
2665 wpa_s
->next_scan_freqs
= freqs
;
2684 * TODO: if more than one possible AP is available in scan results,
2685 * could try the other ones before requesting a new scan.
2687 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
2688 1000 * (timeout
% 1000));