3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
41 #include "common/gas_server.h"
44 #include "blacklist.h"
45 #include "wpas_glue.h"
46 #include "wps_supplicant.h"
49 #include "gas_query.h"
51 #include "p2p_supplicant.h"
52 #include "wifi_display.h"
58 #include "offchannel.h"
59 #include "hs20_supplicant.h"
63 #include "dpp_supplicant.h"
65 #include "ap/ap_config.h"
66 #include "ap/hostapd.h"
67 #endif /* CONFIG_MESH */
69 const char *const wpa_supplicant_version
=
70 "wpa_supplicant v" VERSION_STR
"\n"
71 "Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
73 const char *const wpa_supplicant_license
=
74 "This software may be distributed under the terms of the BSD license.\n"
75 "See README for more details.\n"
76 #ifdef EAP_TLS_OPENSSL
77 "\nThis product includes software developed by the OpenSSL Project\n"
78 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79 #endif /* EAP_TLS_OPENSSL */
82 #ifndef CONFIG_NO_STDOUT_DEBUG
83 /* Long text divided into parts in order to fit in C89 strings size limits. */
84 const char *const wpa_supplicant_full_license1
=
86 const char *const wpa_supplicant_full_license2
=
87 "This software may be distributed under the terms of the BSD license.\n"
89 "Redistribution and use in source and binary forms, with or without\n"
90 "modification, are permitted provided that the following conditions are\n"
93 const char *const wpa_supplicant_full_license3
=
94 "1. Redistributions of source code must retain the above copyright\n"
95 " notice, this list of conditions and the following disclaimer.\n"
97 "2. Redistributions in binary form must reproduce the above copyright\n"
98 " notice, this list of conditions and the following disclaimer in the\n"
99 " documentation and/or other materials provided with the distribution.\n"
101 const char *const wpa_supplicant_full_license4
=
102 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103 " names of its contributors may be used to endorse or promote products\n"
104 " derived from this software without specific prior written permission.\n"
106 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
110 const char *const wpa_supplicant_full_license5
=
111 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
119 #endif /* CONFIG_NO_STDOUT_DEBUG */
122 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
130 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
131 if (ssid
->wep_key_len
[i
] == 0)
135 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
136 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
137 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
144 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
145 struct wpa_ssid
*ssid
)
153 /* IBSS/WPA-None uses only one key (Group) for both receiving and
154 * sending unicast and multicast packets. */
156 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
157 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
158 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
162 if (!ssid
->psk_set
) {
163 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
168 switch (wpa_s
->group_cipher
) {
169 case WPA_CIPHER_CCMP
:
170 os_memcpy(key
, ssid
->psk
, 16);
174 case WPA_CIPHER_GCMP
:
175 os_memcpy(key
, ssid
->psk
, 16);
179 case WPA_CIPHER_TKIP
:
180 /* WPA-None uses the same Michael MIC key for both TX and RX */
181 os_memcpy(key
, ssid
->psk
, 16 + 8);
182 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
187 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
188 "WPA-None", wpa_s
->group_cipher
);
192 /* TODO: should actually remember the previously used seq#, both for TX
193 * and RX from each STA.. */
195 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
196 os_memset(key
, 0, sizeof(key
));
201 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
203 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
204 const u8
*bssid
= wpa_s
->bssid
;
205 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
206 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
207 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
208 bssid
= wpa_s
->pending_bssid
;
209 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
211 wpa_blacklist_add(wpa_s
, bssid
);
212 wpa_sm_notify_disassoc(wpa_s
->wpa
);
213 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
214 wpa_s
->reassociate
= 1;
217 * If we timed out, the AP or the local radio may be busy.
218 * So, wait a second until scanning again.
220 wpa_supplicant_req_scan(wpa_s
, 1, 0);
225 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
226 * @wpa_s: Pointer to wpa_supplicant data
227 * @sec: Number of seconds after which to time out authentication
228 * @usec: Number of microseconds after which to time out authentication
230 * This function is used to schedule a timeout for the current authentication
233 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
236 if (wpa_s
->conf
->ap_scan
== 0 &&
237 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
240 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
241 "%d usec", sec
, usec
);
242 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
243 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
248 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to cancel authentication timeout scheduled with
252 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
255 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
257 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
258 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
259 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
264 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
265 * @wpa_s: Pointer to wpa_supplicant data
267 * This function is used to configure EAPOL state machine based on the selected
268 * authentication mode.
270 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
272 #ifdef IEEE8021X_EAPOL
273 struct eapol_config eapol_conf
;
274 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
276 #ifdef CONFIG_IBSS_RSN
277 if (ssid
->mode
== WPAS_MODE_IBSS
&&
278 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
279 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
281 * RSN IBSS authentication is per-STA and we can disable the
282 * per-BSSID EAPOL authentication.
284 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
285 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
286 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
289 #endif /* CONFIG_IBSS_RSN */
291 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
292 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
294 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
295 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
296 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
298 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
300 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
301 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
302 eapol_conf
.accept_802_1x_keys
= 1;
303 eapol_conf
.required_keys
= 0;
304 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
305 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
307 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
308 eapol_conf
.required_keys
|=
309 EAPOL_REQUIRE_KEY_BROADCAST
;
312 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
313 eapol_conf
.required_keys
= 0;
315 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
316 eapol_conf
.workaround
= ssid
->eap_workaround
;
317 eapol_conf
.eap_disabled
=
318 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
319 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
320 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
321 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
324 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
325 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
326 if (wpa_s
->current_bss
) {
328 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
333 EAPOL_PEER_IS_WPS20_AP
;
338 #endif /* CONFIG_WPS */
340 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
343 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
344 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
346 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
347 #endif /* CONFIG_MACSEC */
348 #endif /* IEEE8021X_EAPOL */
353 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
354 * @wpa_s: Pointer to wpa_supplicant data
355 * @ssid: Configuration data for the network
357 * This function is used to configure WPA state machine and related parameters
358 * to a mode where WPA is not enabled. This is called as part of the
359 * authentication configuration when the selected network does not use WPA.
361 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
362 struct wpa_ssid
*ssid
)
366 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
367 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
368 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
369 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
371 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
372 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
373 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
374 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
375 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
376 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
377 wpa_s
->mgmt_group_cipher
= 0;
379 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
380 if (ssid
->wep_key_len
[i
] > 5) {
381 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
382 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
384 } else if (ssid
->wep_key_len
[i
] > 0) {
385 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
386 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
391 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
392 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
393 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
394 wpa_s
->pairwise_cipher
);
395 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
396 #ifdef CONFIG_IEEE80211W
397 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
398 wpa_s
->mgmt_group_cipher
);
399 #endif /* CONFIG_IEEE80211W */
401 pmksa_cache_clear_current(wpa_s
->wpa
);
405 void free_hw_features(struct wpa_supplicant
*wpa_s
)
408 if (wpa_s
->hw
.modes
== NULL
)
411 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
412 os_free(wpa_s
->hw
.modes
[i
].channels
);
413 os_free(wpa_s
->hw
.modes
[i
].rates
);
416 os_free(wpa_s
->hw
.modes
);
417 wpa_s
->hw
.modes
= NULL
;
421 static void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
423 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
425 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
426 struct wpa_bss_tmp_disallowed
, list
) {
427 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
428 dl_list_del(&bss
->list
);
434 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
436 struct fils_hlp_req
*req
;
438 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
440 dl_list_del(&req
->list
);
441 wpabuf_free(req
->pkt
);
447 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
451 bgscan_deinit(wpa_s
);
452 autoscan_deinit(wpa_s
);
453 scard_deinit(wpa_s
->scard
);
455 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
456 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
457 l2_packet_deinit(wpa_s
->l2
);
460 l2_packet_deinit(wpa_s
->l2_br
);
463 #ifdef CONFIG_TESTING_OPTIONS
464 l2_packet_deinit(wpa_s
->l2_test
);
465 wpa_s
->l2_test
= NULL
;
466 os_free(wpa_s
->get_pref_freq_list_override
);
467 wpa_s
->get_pref_freq_list_override
= NULL
;
468 #endif /* CONFIG_TESTING_OPTIONS */
470 if (wpa_s
->conf
!= NULL
) {
471 struct wpa_ssid
*ssid
;
472 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
473 wpas_notify_network_removed(wpa_s
, ssid
);
476 os_free(wpa_s
->confname
);
477 wpa_s
->confname
= NULL
;
479 os_free(wpa_s
->confanother
);
480 wpa_s
->confanother
= NULL
;
482 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
483 eapol_sm_deinit(wpa_s
->eapol
);
486 rsn_preauth_deinit(wpa_s
->wpa
);
489 wpa_tdls_deinit(wpa_s
->wpa
);
490 #endif /* CONFIG_TDLS */
492 wmm_ac_clear_saved_tspecs(wpa_s
);
493 pmksa_candidate_free(wpa_s
->wpa
);
494 wpa_sm_deinit(wpa_s
->wpa
);
496 wpa_blacklist_clear(wpa_s
);
498 wpa_bss_deinit(wpa_s
);
500 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
501 wpa_supplicant_cancel_scan(wpa_s
);
502 wpa_supplicant_cancel_auth_timeout(wpa_s
);
503 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
504 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
505 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
507 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
509 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
511 wpas_wps_deinit(wpa_s
);
513 wpabuf_free(wpa_s
->pending_eapol_rx
);
514 wpa_s
->pending_eapol_rx
= NULL
;
516 #ifdef CONFIG_IBSS_RSN
517 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
518 wpa_s
->ibss_rsn
= NULL
;
519 #endif /* CONFIG_IBSS_RSN */
524 wpa_supplicant_ap_deinit(wpa_s
);
525 #endif /* CONFIG_AP */
527 wpas_p2p_deinit(wpa_s
);
529 #ifdef CONFIG_OFFCHANNEL
530 offchannel_deinit(wpa_s
);
531 #endif /* CONFIG_OFFCHANNEL */
533 wpa_supplicant_cancel_sched_scan(wpa_s
);
535 os_free(wpa_s
->next_scan_freqs
);
536 wpa_s
->next_scan_freqs
= NULL
;
538 os_free(wpa_s
->manual_scan_freqs
);
539 wpa_s
->manual_scan_freqs
= NULL
;
540 os_free(wpa_s
->select_network_scan_freqs
);
541 wpa_s
->select_network_scan_freqs
= NULL
;
543 os_free(wpa_s
->manual_sched_scan_freqs
);
544 wpa_s
->manual_sched_scan_freqs
= NULL
;
546 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
549 * Need to remove any pending gas-query radio work before the
550 * gas_query_deinit() call because gas_query::work has not yet been set
551 * for works that have not been started. gas_query_free() will be unable
552 * to cancel such pending radio works and once the pending gas-query
553 * radio work eventually gets removed, the deinit notification call to
554 * gas_query_start_cb() would result in dereferencing freed memory.
557 radio_remove_works(wpa_s
, "gas-query", 0);
558 gas_query_deinit(wpa_s
->gas
);
560 gas_server_deinit(wpa_s
->gas_server
);
561 wpa_s
->gas_server
= NULL
;
563 free_hw_features(wpa_s
);
565 ieee802_1x_dealloc_kay_sm(wpa_s
);
567 os_free(wpa_s
->bssid_filter
);
568 wpa_s
->bssid_filter
= NULL
;
570 os_free(wpa_s
->disallow_aps_bssid
);
571 wpa_s
->disallow_aps_bssid
= NULL
;
572 os_free(wpa_s
->disallow_aps_ssid
);
573 wpa_s
->disallow_aps_ssid
= NULL
;
575 wnm_bss_keep_alive_deinit(wpa_s
);
577 wnm_deallocate_memory(wpa_s
);
578 #endif /* CONFIG_WNM */
580 ext_password_deinit(wpa_s
->ext_pw
);
581 wpa_s
->ext_pw
= NULL
;
583 wpabuf_free(wpa_s
->last_gas_resp
);
584 wpa_s
->last_gas_resp
= NULL
;
585 wpabuf_free(wpa_s
->prev_gas_resp
);
586 wpa_s
->prev_gas_resp
= NULL
;
588 os_free(wpa_s
->last_scan_res
);
589 wpa_s
->last_scan_res
= NULL
;
593 wpa_drv_configure_frame_filters(wpa_s
, 0);
595 #endif /* CONFIG_HS20 */
597 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
598 wpabuf_free(wpa_s
->vendor_elem
[i
]);
599 wpa_s
->vendor_elem
[i
] = NULL
;
602 wmm_ac_notify_disassoc(wpa_s
);
604 wpa_s
->sched_scan_plans_num
= 0;
605 os_free(wpa_s
->sched_scan_plans
);
606 wpa_s
->sched_scan_plans
= NULL
;
609 wpa_s
->non_pref_chan_num
= 0;
610 os_free(wpa_s
->non_pref_chan
);
611 wpa_s
->non_pref_chan
= NULL
;
612 #endif /* CONFIG_MBO */
614 free_bss_tmp_disallowed(wpa_s
);
616 wpabuf_free(wpa_s
->lci
);
618 wpas_clear_beacon_rep_data(wpa_s
);
620 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
623 struct external_pmksa_cache
*entry
;
625 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
626 struct external_pmksa_cache
,
628 dl_list_del(&entry
->list
);
629 os_free(entry
->pmksa_cache
);
633 #endif /* CONFIG_MESH */
634 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
636 wpas_flush_fils_hlp_req(wpa_s
);
638 wpabuf_free(wpa_s
->ric_ies
);
639 wpa_s
->ric_ies
= NULL
;
642 wpas_dpp_deinit(wpa_s
);
643 #endif /* CONFIG_DPP */
648 * wpa_clear_keys - Clear keys configured for the driver
649 * @wpa_s: Pointer to wpa_supplicant data
650 * @addr: Previously used BSSID or %NULL if not available
652 * This function clears the encryption keys that has been previously configured
655 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
659 #ifdef CONFIG_IEEE80211W
661 #else /* CONFIG_IEEE80211W */
663 #endif /* CONFIG_IEEE80211W */
665 /* MLME-DELETEKEYS.request */
666 for (i
= 0; i
< max
; i
++) {
667 if (wpa_s
->keys_cleared
& BIT(i
))
669 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
672 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
673 !is_zero_ether_addr(addr
)) {
674 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
676 /* MLME-SETPROTECTION.request(None) */
677 wpa_drv_mlme_setprotection(
679 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
680 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
682 wpa_s
->keys_cleared
= (u32
) -1;
687 * wpa_supplicant_state_txt - Get the connection state name as a text string
688 * @state: State (wpa_state; WPA_*)
689 * Returns: The state name as a printable text string
691 const char * wpa_supplicant_state_txt(enum wpa_states state
)
694 case WPA_DISCONNECTED
:
695 return "DISCONNECTED";
698 case WPA_INTERFACE_DISABLED
:
699 return "INTERFACE_DISABLED";
702 case WPA_AUTHENTICATING
:
703 return "AUTHENTICATING";
704 case WPA_ASSOCIATING
:
705 return "ASSOCIATING";
708 case WPA_4WAY_HANDSHAKE
:
709 return "4WAY_HANDSHAKE";
710 case WPA_GROUP_HANDSHAKE
:
711 return "GROUP_HANDSHAKE";
722 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
726 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
727 name
= wpa_s
->current_ssid
->bgscan
;
729 name
= wpa_s
->conf
->bgscan
;
730 if (name
== NULL
|| name
[0] == '\0')
732 if (wpas_driver_bss_selection(wpa_s
))
734 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
737 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
739 #endif /* CONFIG_P2P */
741 bgscan_deinit(wpa_s
);
742 if (wpa_s
->current_ssid
) {
743 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
744 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
747 * Live without bgscan; it is only used as a roaming
748 * optimization, so the initial connection is not
752 struct wpa_scan_results
*scan_res
;
753 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
754 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
757 bgscan_notify_scan(wpa_s
, scan_res
);
758 wpa_scan_results_free(scan_res
);
762 wpa_s
->bgscan_ssid
= NULL
;
766 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
768 if (wpa_s
->bgscan_ssid
!= NULL
) {
769 bgscan_deinit(wpa_s
);
770 wpa_s
->bgscan_ssid
= NULL
;
774 #endif /* CONFIG_BGSCAN */
777 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
779 if (autoscan_init(wpa_s
, 0))
780 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
784 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
786 autoscan_deinit(wpa_s
);
790 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
792 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
793 wpa_s
->wpa_state
== WPA_SCANNING
) {
794 autoscan_deinit(wpa_s
);
795 wpa_supplicant_start_autoscan(wpa_s
);
801 * wpa_supplicant_set_state - Set current connection state
802 * @wpa_s: Pointer to wpa_supplicant data
803 * @state: The new connection state
805 * This function is called whenever the connection state changes, e.g.,
806 * association is completed for WPA/WPA2 4-Way Handshake is started.
808 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
809 enum wpa_states state
)
811 enum wpa_states old_state
= wpa_s
->wpa_state
;
813 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
814 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
815 wpa_supplicant_state_txt(state
));
817 if (state
== WPA_INTERFACE_DISABLED
) {
818 /* Assure normal scan when interface is restored */
819 wpa_s
->normal_scans
= 0;
822 if (state
== WPA_COMPLETED
) {
823 wpas_connect_work_done(wpa_s
);
824 /* Reinitialize normal_scan counter */
825 wpa_s
->normal_scans
= 0;
830 * P2PS client has to reply to Probe Request frames received on the
831 * group operating channel. Enable Probe Request frame reporting for
832 * P2P connected client in case p2p_cli_probe configuration property is
835 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
836 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
837 wpa_s
->current_ssid
->p2p_group
) {
838 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
839 wpa_dbg(wpa_s
, MSG_DEBUG
,
840 "P2P: Enable CLI Probe Request RX reporting");
841 wpa_s
->p2p_cli_probe
=
842 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
843 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
844 wpa_dbg(wpa_s
, MSG_DEBUG
,
845 "P2P: Disable CLI Probe Request RX reporting");
846 wpa_s
->p2p_cli_probe
= 0;
847 wpa_drv_probe_req_report(wpa_s
, 0);
850 #endif /* CONFIG_P2P */
852 if (state
!= WPA_SCANNING
)
853 wpa_supplicant_notify_scanning(wpa_s
, 0);
855 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
856 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
857 int fils_hlp_sent
= 0;
860 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
861 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
863 #endif /* CONFIG_SME */
864 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
865 wpa_auth_alg_fils(wpa_s
->auth_alg
))
868 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
869 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
870 MACSTR
" completed [id=%d id_str=%s%s]",
871 MAC2STR(wpa_s
->bssid
),
872 ssid
? ssid
->id
: -1,
873 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
874 fils_hlp_sent
? " FILS_HLP_SENT" : "");
875 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
876 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
877 wpa_blacklist_clear(wpa_s
);
878 wpa_s
->extra_blacklist_count
= 0;
879 wpa_s
->new_connection
= 0;
880 wpa_drv_set_operstate(wpa_s
, 1);
881 #ifndef IEEE8021X_EAPOL
882 wpa_drv_set_supp_port(wpa_s
, 1);
883 #endif /* IEEE8021X_EAPOL */
884 wpa_s
->after_wps
= 0;
885 wpa_s
->known_wps_freq
= 0;
886 wpas_p2p_completed(wpa_s
);
888 sme_sched_obss_scan(wpa_s
, 1);
889 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
890 state
== WPA_ASSOCIATED
) {
891 wpa_s
->new_connection
= 1;
892 wpa_drv_set_operstate(wpa_s
, 0);
893 #ifndef IEEE8021X_EAPOL
894 wpa_drv_set_supp_port(wpa_s
, 0);
895 #endif /* IEEE8021X_EAPOL */
896 sme_sched_obss_scan(wpa_s
, 0);
898 wpa_s
->wpa_state
= state
;
901 if (state
== WPA_COMPLETED
)
902 wpa_supplicant_start_bgscan(wpa_s
);
903 else if (state
< WPA_ASSOCIATED
)
904 wpa_supplicant_stop_bgscan(wpa_s
);
905 #endif /* CONFIG_BGSCAN */
907 if (state
== WPA_AUTHENTICATING
)
908 wpa_supplicant_stop_autoscan(wpa_s
);
910 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
911 wpa_supplicant_start_autoscan(wpa_s
);
913 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
914 wmm_ac_notify_disassoc(wpa_s
);
916 if (wpa_s
->wpa_state
!= old_state
) {
917 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
920 * Notify the P2P Device interface about a state change in one
923 wpas_p2p_indicate_state_change(wpa_s
);
925 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
926 old_state
== WPA_COMPLETED
)
927 wpas_notify_auth_changed(wpa_s
);
932 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
936 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
938 struct wpa_supplicant
*next
= wpa_s
->next
;
939 if (wpas_wps_terminate_pending(wpa_s
) == 1)
942 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
943 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
944 wpas_p2p_disconnect(wpa_s
);
945 #endif /* CONFIG_P2P */
948 #endif /* CONFIG_WPS */
955 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
957 struct wpa_global
*global
= signal_ctx
;
958 wpa_supplicant_terminate_proc(global
);
962 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
964 enum wpa_states old_state
= wpa_s
->wpa_state
;
966 wpa_s
->pairwise_cipher
= 0;
967 wpa_s
->group_cipher
= 0;
968 wpa_s
->mgmt_group_cipher
= 0;
970 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
971 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
973 if (wpa_s
->wpa_state
!= old_state
)
974 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
979 * wpa_supplicant_reload_configuration - Reload configuration data
980 * @wpa_s: Pointer to wpa_supplicant data
981 * Returns: 0 on success or -1 if configuration parsing failed
983 * This function can be used to request that the configuration data is reloaded
984 * (e.g., after configuration file change). This function is reloading
985 * configuration only for one interface, so this may need to be called multiple
986 * times if %wpa_supplicant is controlling multiple interfaces and all
987 * interfaces need reconfiguration.
989 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
991 struct wpa_config
*conf
;
995 if (wpa_s
->confname
== NULL
)
997 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
999 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1000 "file '%s' - exiting", wpa_s
->confname
);
1003 wpa_config_read(wpa_s
->confanother
, conf
);
1005 conf
->changed_parameters
= (unsigned int) -1;
1007 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1008 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1009 os_strcmp(conf
->ctrl_interface
,
1010 wpa_s
->conf
->ctrl_interface
) != 0);
1012 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1013 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1014 wpa_s
->ctrl_iface
= NULL
;
1017 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1018 if (wpa_s
->current_ssid
) {
1019 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1020 wpa_s
->own_disconnect_req
= 1;
1021 wpa_supplicant_deauthenticate(wpa_s
,
1022 WLAN_REASON_DEAUTH_LEAVING
);
1026 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1027 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1029 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1030 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1031 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1033 * Clear forced success to clear EAP state for next
1036 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1038 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1039 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1040 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1041 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1042 rsn_preauth_deinit(wpa_s
->wpa
);
1044 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1045 wpa_config_free(wpa_s
->conf
);
1047 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1048 wpas_notify_ap_scan_changed(wpa_s
);
1051 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1053 wpa_supplicant_update_config(wpa_s
);
1055 wpa_supplicant_clear_status(wpa_s
);
1056 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1057 wpa_s
->reassociate
= 1;
1058 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1060 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1065 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1067 struct wpa_global
*global
= signal_ctx
;
1068 struct wpa_supplicant
*wpa_s
;
1069 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1070 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1072 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1073 wpa_supplicant_terminate_proc(global
);
1077 if (wpa_debug_reopen_file() < 0) {
1078 /* Ignore errors since we cannot really do much to fix this */
1079 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1084 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1085 struct wpa_ssid
*ssid
,
1086 struct wpa_ie_data
*ie
)
1088 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1091 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1092 "from association info");
1097 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1099 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1100 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1101 "cipher 0x%x (mask 0x%x) - reject",
1102 ie
->group_cipher
, ssid
->group_cipher
);
1105 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1106 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1107 "cipher 0x%x (mask 0x%x) - reject",
1108 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1111 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1112 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1113 "management 0x%x (mask 0x%x) - reject",
1114 ie
->key_mgmt
, ssid
->key_mgmt
);
1118 #ifdef CONFIG_IEEE80211W
1119 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1120 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1121 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1122 "that does not support management frame protection - "
1126 #endif /* CONFIG_IEEE80211W */
1133 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1134 * @wpa_s: Pointer to wpa_supplicant data
1135 * @bss: Scan results for the selected BSS, or %NULL if not available
1136 * @ssid: Configuration data for the selected network
1137 * @wpa_ie: Buffer for the WPA/RSN IE
1138 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1139 * used buffer length in case the functions returns success.
1140 * Returns: 0 on success or -1 on failure
1142 * This function is used to configure authentication and encryption parameters
1143 * based on the network configuration and scan result for the selected BSS (if
1146 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1147 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1148 u8
*wpa_ie
, size_t *wpa_ie_len
)
1150 struct wpa_ie_data ie
;
1152 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1155 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1156 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1157 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1159 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1161 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1162 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1163 (ie
.group_cipher
& ssid
->group_cipher
) &&
1164 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1165 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1166 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1167 proto
= WPA_PROTO_RSN
;
1168 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1169 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1170 (ie
.group_cipher
& ssid
->group_cipher
) &&
1171 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1172 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1173 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1174 proto
= WPA_PROTO_WPA
;
1176 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
)) {
1177 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1178 /* TODO: parse OSEN element */
1179 os_memset(&ie
, 0, sizeof(ie
));
1180 ie
.group_cipher
= WPA_CIPHER_CCMP
;
1181 ie
.pairwise_cipher
= WPA_CIPHER_CCMP
;
1182 ie
.key_mgmt
= WPA_KEY_MGMT_OSEN
;
1183 proto
= WPA_PROTO_OSEN
;
1184 #endif /* CONFIG_HS20 */
1186 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1187 wpa_dbg(wpa_s
, MSG_DEBUG
,
1188 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1189 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1191 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1192 MAC2STR(bss
->bssid
),
1193 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1194 bss_wpa
? " WPA" : "",
1195 bss_rsn
? " RSN" : "",
1196 bss_osen
? " OSEN" : "");
1198 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1199 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1200 wpa_dbg(wpa_s
, MSG_DEBUG
,
1201 "Could not parse RSN element");
1203 wpa_dbg(wpa_s
, MSG_DEBUG
,
1204 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1205 ie
.pairwise_cipher
, ie
.group_cipher
,
1210 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1211 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1212 wpa_dbg(wpa_s
, MSG_DEBUG
,
1213 "Could not parse WPA element");
1215 wpa_dbg(wpa_s
, MSG_DEBUG
,
1216 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1217 ie
.pairwise_cipher
, ie
.group_cipher
,
1223 if (ssid
->proto
& WPA_PROTO_OSEN
)
1224 proto
= WPA_PROTO_OSEN
;
1225 else if (ssid
->proto
& WPA_PROTO_RSN
)
1226 proto
= WPA_PROTO_RSN
;
1228 proto
= WPA_PROTO_WPA
;
1229 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1230 os_memset(&ie
, 0, sizeof(ie
));
1231 ie
.group_cipher
= ssid
->group_cipher
;
1232 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1233 ie
.key_mgmt
= ssid
->key_mgmt
;
1234 #ifdef CONFIG_IEEE80211W
1235 ie
.mgmt_group_cipher
=
1236 ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
?
1237 WPA_CIPHER_AES_128_CMAC
: 0;
1238 #endif /* CONFIG_IEEE80211W */
1239 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1240 "based on configuration");
1245 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1246 "pairwise %d key_mgmt %d proto %d",
1247 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1248 #ifdef CONFIG_IEEE80211W
1249 if (ssid
->ieee80211w
) {
1250 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1251 ie
.mgmt_group_cipher
);
1253 #endif /* CONFIG_IEEE80211W */
1255 wpa_s
->wpa_proto
= proto
;
1256 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1257 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1258 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1260 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1261 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1262 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1263 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1264 bss_rsn
? 2 + bss_rsn
[1] : 0))
1268 #ifdef CONFIG_NO_WPA
1269 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1270 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1271 #else /* CONFIG_NO_WPA */
1272 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1273 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1274 if (wpa_s
->group_cipher
< 0) {
1275 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1279 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1280 wpa_cipher_txt(wpa_s
->group_cipher
));
1282 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1283 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1284 if (wpa_s
->pairwise_cipher
< 0) {
1285 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1289 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1290 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1291 #endif /* CONFIG_NO_WPA */
1293 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1295 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1296 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1297 #endif /* CONFIG_SAE */
1299 #ifdef CONFIG_SUITEB192
1300 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1301 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1302 wpa_dbg(wpa_s
, MSG_DEBUG
,
1303 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1304 #endif /* CONFIG_SUITEB192 */
1305 #ifdef CONFIG_SUITEB
1306 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1307 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1308 wpa_dbg(wpa_s
, MSG_DEBUG
,
1309 "WPA: using KEY_MGMT 802.1X with Suite B");
1310 #endif /* CONFIG_SUITEB */
1312 #ifdef CONFIG_IEEE80211R
1313 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1314 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1315 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1316 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1317 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1318 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1319 #endif /* CONFIG_IEEE80211R */
1320 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1321 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1322 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1323 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1324 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1325 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1326 #endif /* CONFIG_FILS */
1327 #ifdef CONFIG_IEEE80211R
1328 } else if (sel
& WPA_KEY_MGMT_FT_IEEE8021X
) {
1329 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1330 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1331 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1332 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1333 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1334 #endif /* CONFIG_IEEE80211R */
1336 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1337 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1338 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1339 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1340 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1341 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1342 #endif /* CONFIG_SAE */
1343 #ifdef CONFIG_IEEE80211W
1344 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1345 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1346 wpa_dbg(wpa_s
, MSG_DEBUG
,
1347 "WPA: using KEY_MGMT 802.1X with SHA256");
1348 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1349 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1350 wpa_dbg(wpa_s
, MSG_DEBUG
,
1351 "WPA: using KEY_MGMT PSK with SHA256");
1352 #endif /* CONFIG_IEEE80211W */
1353 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1354 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1355 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1356 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1357 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1358 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1359 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1360 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1361 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1363 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1364 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1365 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1366 #endif /* CONFIG_HS20 */
1368 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1369 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1370 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1371 #endif /* CONFIG_OWE */
1373 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1374 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1375 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1376 #endif /* CONFIG_DPP */
1378 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1379 "authenticated key management type");
1383 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1384 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1385 wpa_s
->pairwise_cipher
);
1386 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1388 #ifdef CONFIG_IEEE80211W
1389 sel
= ie
.mgmt_group_cipher
;
1390 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1391 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1393 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1394 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1395 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1397 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1398 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1399 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1401 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1402 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1403 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1405 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1406 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1407 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1410 wpa_s
->mgmt_group_cipher
= 0;
1411 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1413 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1414 wpa_s
->mgmt_group_cipher
);
1415 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1416 wpas_get_ssid_pmf(wpa_s
, ssid
));
1417 #endif /* CONFIG_IEEE80211W */
1419 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1420 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1424 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1427 if (ssid
->psk_set
) {
1428 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1432 #ifndef CONFIG_NO_PBKDF2
1433 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1436 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1437 4096, psk
, PMK_LEN
);
1438 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1440 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1442 os_memset(psk
, 0, sizeof(psk
));
1444 #endif /* CONFIG_NO_PBKDF2 */
1445 #ifdef CONFIG_EXT_PASSWORD
1446 if (ssid
->ext_psk
) {
1447 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1449 char pw_str
[64 + 1];
1453 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1454 "found from external storage");
1458 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1459 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1460 "PSK length %d in external storage",
1461 (int) wpabuf_len(pw
));
1462 ext_password_free(pw
);
1466 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1467 pw_str
[wpabuf_len(pw
)] = '\0';
1469 #ifndef CONFIG_NO_PBKDF2
1470 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1472 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1473 4096, psk
, PMK_LEN
);
1474 os_memset(pw_str
, 0, sizeof(pw_str
));
1475 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1476 "external passphrase)",
1478 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1481 os_memset(psk
, 0, sizeof(psk
));
1483 #endif /* CONFIG_NO_PBKDF2 */
1484 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1485 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1486 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1487 "Invalid PSK hex string");
1488 os_memset(pw_str
, 0, sizeof(pw_str
));
1489 ext_password_free(pw
);
1492 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1495 os_memset(psk
, 0, sizeof(psk
));
1497 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1499 os_memset(pw_str
, 0, sizeof(pw_str
));
1500 ext_password_free(pw
);
1504 os_memset(pw_str
, 0, sizeof(pw_str
));
1505 ext_password_free(pw
);
1507 #endif /* CONFIG_EXT_PASSWORD */
1510 wpa_msg(wpa_s
, MSG_INFO
,
1511 "No PSK available for association");
1515 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1521 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1526 case 0: /* Bits 0-7 */
1528 case 1: /* Bits 8-15 */
1530 case 2: /* Bits 16-23 */
1532 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1533 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1534 #endif /* CONFIG_WNM */
1536 case 3: /* Bits 24-31 */
1538 *pos
|= 0x02; /* Bit 25 - SSID List */
1539 #endif /* CONFIG_WNM */
1540 #ifdef CONFIG_INTERWORKING
1541 if (wpa_s
->conf
->interworking
)
1542 *pos
|= 0x80; /* Bit 31 - Interworking */
1543 #endif /* CONFIG_INTERWORKING */
1545 case 4: /* Bits 32-39 */
1546 #ifdef CONFIG_INTERWORKING
1547 if (wpa_s
->drv_flags
/ WPA_DRIVER_FLAGS_QOS_MAPPING
)
1548 *pos
|= 0x01; /* Bit 32 - QoS Map */
1549 #endif /* CONFIG_INTERWORKING */
1551 case 5: /* Bits 40-47 */
1553 if (wpa_s
->conf
->hs20
)
1554 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1555 #endif /* CONFIG_HS20 */
1557 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1558 #endif /* CONFIG_MBO */
1560 case 6: /* Bits 48-55 */
1562 case 7: /* Bits 56-63 */
1564 case 8: /* Bits 64-71 */
1565 if (wpa_s
->conf
->ftm_responder
)
1566 *pos
|= 0x40; /* Bit 70 - FTM responder */
1567 if (wpa_s
->conf
->ftm_initiator
)
1568 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1570 case 9: /* Bits 72-79 */
1573 #endif /* CONFIG_FILS */
1579 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1584 if (len
< wpa_s
->extended_capa_len
)
1585 len
= wpa_s
->extended_capa_len
;
1586 if (buflen
< (size_t) len
+ 2) {
1587 wpa_printf(MSG_INFO
,
1588 "Not enough room for building extended capabilities element");
1592 *pos
++ = WLAN_EID_EXT_CAPAB
;
1594 for (i
= 0; i
< len
; i
++, pos
++) {
1595 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1597 if (i
< wpa_s
->extended_capa_len
) {
1598 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1599 *pos
|= wpa_s
->extended_capa
[i
];
1603 while (len
> 0 && buf
[1 + len
] == 0) {
1614 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1615 struct wpa_bss
*test_bss
)
1617 struct wpa_bss
*bss
;
1619 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1620 if (bss
== test_bss
)
1628 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1629 struct wpa_ssid
*test_ssid
)
1631 struct wpa_ssid
*ssid
;
1633 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1634 if (ssid
== test_ssid
)
1642 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1643 struct wpa_ssid
*test_ssid
)
1645 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1648 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1652 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1660 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1662 struct wpa_connect_work
*cwork
;
1663 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1668 wpa_s
->connect_work
= NULL
;
1671 wpas_connect_work_free(cwork
);
1672 radio_work_done(work
);
1676 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1678 struct os_reltime now
;
1681 os_get_reltime(&now
);
1682 if (wpa_s
->last_mac_addr_style
== style
&&
1683 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1684 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1685 wpa_s
->conf
->rand_addr_lifetime
)) {
1686 wpa_msg(wpa_s
, MSG_DEBUG
,
1687 "Previously selected random MAC address has not yet expired");
1693 if (random_mac_addr(addr
) < 0)
1697 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1698 if (random_mac_addr_keep_oui(addr
) < 0)
1705 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1706 wpa_msg(wpa_s
, MSG_INFO
,
1707 "Failed to set random MAC address");
1711 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1712 wpa_s
->mac_addr_changed
= 1;
1713 wpa_s
->last_mac_addr_style
= style
;
1715 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1716 wpa_msg(wpa_s
, MSG_INFO
,
1717 "Could not update MAC address information");
1721 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1728 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1730 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1731 !wpa_s
->conf
->preassoc_mac_addr
)
1734 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1738 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1741 * wpa_supplicant_associate - Request association
1742 * @wpa_s: Pointer to wpa_supplicant data
1743 * @bss: Scan results for the selected BSS, or %NULL if not available
1744 * @ssid: Configuration data for the selected network
1746 * This function is used to request %wpa_supplicant to associate with a BSS.
1748 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1749 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1751 struct wpa_connect_work
*cwork
;
1754 wpa_s
->own_disconnect_req
= 0;
1757 * If we are starting a new connection, any previously pending EAPOL
1758 * RX cannot be valid anymore.
1760 wpabuf_free(wpa_s
->pending_eapol_rx
);
1761 wpa_s
->pending_eapol_rx
= NULL
;
1763 if (ssid
->mac_addr
== -1)
1764 rand_style
= wpa_s
->conf
->mac_addr
;
1766 rand_style
= ssid
->mac_addr
;
1768 wmm_ac_clear_saved_tspecs(wpa_s
);
1769 wpa_s
->reassoc_same_bss
= 0;
1770 wpa_s
->reassoc_same_ess
= 0;
1772 if (wpa_s
->last_ssid
== ssid
) {
1773 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1774 wpa_s
->reassoc_same_ess
= 1;
1775 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1776 wmm_ac_save_tspecs(wpa_s
);
1777 wpa_s
->reassoc_same_bss
= 1;
1781 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1782 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1784 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1785 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1786 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1787 wpa_msg(wpa_s
, MSG_INFO
,
1788 "Could not restore permanent MAC address");
1791 wpa_s
->mac_addr_changed
= 0;
1792 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1793 wpa_msg(wpa_s
, MSG_INFO
,
1794 "Could not update MAC address information");
1797 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1799 wpa_s
->last_ssid
= ssid
;
1801 #ifdef CONFIG_IBSS_RSN
1802 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
1803 wpa_s
->ibss_rsn
= NULL
;
1804 #else /* CONFIG_IBSS_RSN */
1805 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1806 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
1807 wpa_msg(wpa_s
, MSG_INFO
,
1808 "IBSS RSN not supported in the build");
1811 #endif /* CONFIG_IBSS_RSN */
1813 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
1814 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
1816 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
1817 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
1821 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
1822 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1823 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
1824 wpas_p2p_ap_setup_failed(wpa_s
);
1827 wpa_s
->current_bss
= bss
;
1828 #else /* CONFIG_AP */
1829 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
1831 #endif /* CONFIG_AP */
1835 if (ssid
->mode
== WPAS_MODE_MESH
) {
1837 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
1838 wpa_msg(wpa_s
, MSG_INFO
,
1839 "Driver does not support mesh mode");
1843 ssid
->frequency
= bss
->freq
;
1844 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
1845 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
1848 wpa_s
->current_bss
= bss
;
1849 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
1850 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
1852 wpas_notify_mesh_group_started(wpa_s
, ssid
);
1853 #else /* CONFIG_MESH */
1854 wpa_msg(wpa_s
, MSG_ERROR
,
1855 "mesh mode support not included in the build");
1856 #endif /* CONFIG_MESH */
1861 * Set WPA state machine configuration to match the selected network now
1862 * so that the information is available before wpas_start_assoc_cb()
1863 * gets called. This is needed at least for RSN pre-authentication where
1864 * candidate APs are added to a list based on scan result processing
1865 * before completion of the first association.
1867 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
1870 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
1872 #endif /* CONFIG_DPP */
1876 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
1878 #endif /* CONFIG_TDLS */
1880 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
1881 ssid
->mode
== IEEE80211_MODE_INFRA
) {
1882 sme_authenticate(wpa_s
, bss
, ssid
);
1886 if (wpa_s
->connect_work
) {
1887 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
1891 if (radio_work_pending(wpa_s
, "connect")) {
1892 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
1897 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
1898 /* Clear possibly set auth_alg, if any, from last attempt. */
1899 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
1901 #endif /* CONFIG_SME */
1903 wpas_abort_ongoing_scan(wpa_s
);
1905 cwork
= os_zalloc(sizeof(*cwork
));
1912 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
1913 wpas_start_assoc_cb
, cwork
) < 0) {
1919 static int bss_is_ibss(struct wpa_bss
*bss
)
1921 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
1926 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
1927 const struct wpa_ssid
*ssid
)
1929 enum hostapd_hw_mode hw_mode
;
1930 struct hostapd_hw_modes
*mode
= NULL
;
1934 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
1935 if (hw_mode
== NUM_HOSTAPD_MODES
)
1937 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
1938 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
1939 mode
= &wpa_s
->hw
.modes
[i
];
1947 return mode
->vht_capab
!= 0;
1951 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
1952 const struct wpa_ssid
*ssid
,
1953 struct hostapd_freq_params
*freq
)
1955 enum hostapd_hw_mode hw_mode
;
1956 struct hostapd_hw_modes
*mode
= NULL
;
1957 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1959 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
1960 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
1962 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
1964 struct hostapd_freq_params vht_freq
;
1965 int chwidth
, seg0
, seg1
;
1968 freq
->freq
= ssid
->frequency
;
1970 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
1971 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
1973 if (ssid
->mode
!= WPAS_MODE_IBSS
)
1976 /* Don't adjust control freq in case of fixed_freq */
1977 if (ssid
->fixed_freq
)
1980 if (!bss_is_ibss(bss
))
1983 if (ssid
->ssid_len
== bss
->ssid_len
&&
1984 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
1985 wpa_printf(MSG_DEBUG
,
1986 "IBSS already found in scan results, adjust control freq: %d",
1988 freq
->freq
= bss
->freq
;
1994 /* For IBSS check HT_IBSS flag */
1995 if (ssid
->mode
== WPAS_MODE_IBSS
&&
1996 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
1999 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2000 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2001 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2002 wpa_printf(MSG_DEBUG
,
2003 "IBSS: WEP/TKIP detected, do not try to enable HT");
2007 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2008 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2009 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2010 mode
= &wpa_s
->hw
.modes
[i
];
2018 #ifdef CONFIG_HT_OVERRIDES
2019 if (ssid
->disable_ht
) {
2020 freq
->ht_enabled
= 0;
2023 #endif /* CONFIG_HT_OVERRIDES */
2025 freq
->ht_enabled
= ht_supported(mode
);
2026 if (!freq
->ht_enabled
)
2029 /* Setup higher BW only for 5 GHz */
2030 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2033 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2034 pri_chan
= &mode
->channels
[chan_idx
];
2035 if (pri_chan
->chan
== channel
)
2042 /* Check primary channel flags */
2043 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2046 #ifdef CONFIG_HT_OVERRIDES
2047 if (ssid
->disable_ht40
)
2049 #endif /* CONFIG_HT_OVERRIDES */
2051 /* Check/setup HT40+/HT40- */
2052 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2053 if (ht40plus
[j
] == channel
) {
2059 /* Find secondary channel */
2060 for (i
= 0; i
< mode
->num_channels
; i
++) {
2061 sec_chan
= &mode
->channels
[i
];
2062 if (sec_chan
->chan
== channel
+ ht40
* 4)
2069 /* Check secondary channel flags */
2070 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2073 freq
->channel
= pri_chan
->chan
;
2076 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2079 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2082 freq
->sec_channel_offset
= ht40
;
2085 struct wpa_scan_results
*scan_res
;
2087 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2088 if (scan_res
== NULL
) {
2090 freq
->sec_channel_offset
= 0;
2094 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2099 freq
->sec_channel_offset
= 0;
2102 /* Configuration allowed */
2105 /* Switch pri/sec channels */
2106 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2107 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2108 freq
->channel
= sec_chan
->chan
;
2111 freq
->sec_channel_offset
= 0;
2115 wpa_scan_results_free(scan_res
);
2118 wpa_printf(MSG_DEBUG
,
2119 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2120 freq
->channel
, freq
->sec_channel_offset
);
2122 if (!drv_supports_vht(wpa_s
, ssid
))
2125 /* For IBSS check VHT_IBSS flag */
2126 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2127 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2132 #ifdef CONFIG_VHT_OVERRIDES
2133 if (ssid
->disable_vht
) {
2134 freq
->vht_enabled
= 0;
2137 #endif /* CONFIG_VHT_OVERRIDES */
2139 vht_freq
.vht_enabled
= vht_supported(mode
);
2140 if (!vht_freq
.vht_enabled
)
2143 /* setup center_freq1, bandwidth */
2144 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2145 if (freq
->channel
>= vht80
[j
] &&
2146 freq
->channel
< vht80
[j
] + 16)
2150 if (j
== ARRAY_SIZE(vht80
))
2153 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2154 struct hostapd_channel_data
*chan
;
2156 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2160 /* Back to HT configuration if channel not usable */
2161 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2165 chwidth
= VHT_CHANWIDTH_80MHZ
;
2166 seg0
= vht80
[j
] + 6;
2169 if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_80P80MHZ
) {
2170 /* setup center_freq2, bandwidth */
2171 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2172 /* Only accept 80 MHz segments separated by a gap */
2173 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2175 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2176 struct hostapd_channel_data
*chan
;
2178 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2182 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2183 HOSTAPD_CHAN_NO_IR
|
2184 HOSTAPD_CHAN_RADAR
))
2187 /* Found a suitable second segment for 80+80 */
2188 chwidth
= VHT_CHANWIDTH_80P80MHZ
;
2190 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2191 seg1
= vht80
[k
] + 6;
2194 if (chwidth
== VHT_CHANWIDTH_80P80MHZ
)
2197 } else if (ssid
->max_oper_chwidth
== VHT_CHANWIDTH_160MHZ
) {
2198 if (freq
->freq
== 5180) {
2199 chwidth
= VHT_CHANWIDTH_160MHZ
;
2200 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2202 } else if (freq
->freq
== 5520) {
2203 chwidth
= VHT_CHANWIDTH_160MHZ
;
2204 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2209 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2210 freq
->channel
, freq
->ht_enabled
,
2211 vht_freq
.vht_enabled
,
2212 freq
->sec_channel_offset
,
2213 chwidth
, seg0
, seg1
, vht_caps
) != 0)
2218 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2219 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2224 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2227 struct fils_hlp_req
*req
;
2228 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2232 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2234 rem_len
= ie_buf_len
- ie_len
;
2235 pos
= wpabuf_head(req
->pkt
);
2236 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2237 hlp_len
= wpabuf_len(req
->pkt
);
2239 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2240 wpa_printf(MSG_ERROR
,
2241 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2242 (unsigned long) rem_len
,
2243 (unsigned long) (2 + hdr_len
+ hlp_len
));
2247 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2249 *buf
++ = WLAN_EID_EXTENSION
;
2252 /* Element ID Extension */
2253 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2254 /* Destination MAC address */
2255 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2257 /* Source MAC address */
2258 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2260 /* LLC/SNAP Header */
2261 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2264 os_memcpy(buf
, pos
, len
- hdr_len
);
2265 buf
+= len
- hdr_len
;
2266 pos
+= len
- hdr_len
;
2268 hlp_len
-= len
- hdr_len
;
2273 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2274 if (rem_len
< 2 + len
)
2276 *buf
++ = WLAN_EID_FRAGMENT
;
2278 os_memcpy(buf
, pos
, len
);
2290 #endif /* CONFIG_FILS */
2293 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
2295 struct wpa_connect_work
*cwork
= work
->ctx
;
2296 struct wpa_bss
*bss
= cwork
->bss
;
2297 struct wpa_ssid
*ssid
= cwork
->ssid
;
2298 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
2300 size_t max_wpa_ie_len
= 200;
2302 int use_crypt
, ret
, i
, bssid_changed
;
2303 int algs
= WPA_AUTH_ALG_OPEN
;
2304 unsigned int cipher_pairwise
, cipher_group
;
2305 struct wpa_driver_associate_params params
;
2306 int wep_keys_set
= 0;
2307 int assoc_failed
= 0;
2308 struct wpa_ssid
*old_ssid
;
2309 u8 prev_bssid
[ETH_ALEN
];
2310 #ifdef CONFIG_HT_OVERRIDES
2311 struct ieee80211_ht_capabilities htcaps
;
2312 struct ieee80211_ht_capabilities htcaps_mask
;
2313 #endif /* CONFIG_HT_OVERRIDES */
2314 #ifdef CONFIG_VHT_OVERRIDES
2315 struct ieee80211_vht_capabilities vhtcaps
;
2316 struct ieee80211_vht_capabilities vhtcaps_mask
;
2317 #endif /* CONFIG_VHT_OVERRIDES */
2319 const u8
*realm
, *username
, *rrk
;
2320 size_t realm_len
, username_len
, rrk_len
;
2322 struct fils_hlp_req
*req
;
2323 #endif /* CONFIG_FILS */
2326 if (work
->started
) {
2327 wpa_s
->connect_work
= NULL
;
2329 /* cancel possible auth. timeout */
2330 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
2333 wpas_connect_work_free(cwork
);
2337 wpa_s
->connect_work
= work
;
2339 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
2340 wpas_network_disabled(wpa_s
, ssid
)) {
2341 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2342 wpas_connect_work_done(wpa_s
);
2346 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
2347 os_memset(¶ms
, 0, sizeof(params
));
2348 wpa_s
->reassociate
= 0;
2349 wpa_s
->eap_expected_failure
= 0;
2351 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
2352 #ifdef CONFIG_IEEE80211R
2353 const u8
*ie
, *md
= NULL
;
2354 #endif /* CONFIG_IEEE80211R */
2355 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
2356 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
2357 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
2358 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
2359 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
2360 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2362 wpas_notify_bssid_changed(wpa_s
);
2363 #ifdef CONFIG_IEEE80211R
2364 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2365 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
2367 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
2369 /* Prepare for the next transition */
2370 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
2372 #endif /* CONFIG_IEEE80211R */
2374 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
2375 wpa_s
->conf
->ap_scan
== 2 &&
2376 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
2377 /* Use ap_scan==1 style network selection to find the network
2379 wpas_connect_work_done(wpa_s
);
2380 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
2381 wpa_s
->reassociate
= 1;
2382 wpa_supplicant_req_scan(wpa_s
, 0, 0);
2384 #endif /* CONFIG_WPS */
2386 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
2387 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
2389 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
2391 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2394 wpa_supplicant_cancel_sched_scan(wpa_s
);
2396 wpa_supplicant_cancel_scan(wpa_s
);
2398 /* Starting new association, so clear the possibly used WPA IE from the
2399 * previous association. */
2400 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
2403 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2405 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2406 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2408 #endif /* CONFIG_FILS */
2410 wpa_ie
= os_malloc(max_wpa_ie_len
);
2412 wpa_printf(MSG_ERROR
,
2413 "Failed to allocate connect IE buffer for %lu bytes",
2414 (unsigned long) max_wpa_ie_len
);
2415 wpas_connect_work_done(wpa_s
);
2419 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2420 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2421 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2422 int try_opportunistic
;
2423 const u8
*cache_id
= NULL
;
2425 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2427 ssid
->proactive_key_caching
) &&
2428 (ssid
->proto
& WPA_PROTO_RSN
);
2430 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2431 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2432 #endif /* CONFIG_FILS */
2433 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2434 ssid
, try_opportunistic
,
2436 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2437 wpa_ie_len
= max_wpa_ie_len
;
2438 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2439 wpa_ie
, &wpa_ie_len
)) {
2440 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2441 "key management and encryption suites");
2442 wpas_connect_work_done(wpa_s
);
2446 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2447 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2449 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2450 * use non-WPA since the scan results did not indicate that the
2451 * AP is using WPA or WPA2.
2453 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2455 wpa_s
->wpa_proto
= 0;
2456 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2457 wpa_ie_len
= max_wpa_ie_len
;
2458 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2459 wpa_ie
, &wpa_ie_len
)) {
2460 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2461 "key management and encryption suites (no "
2463 wpas_connect_work_done(wpa_s
);
2468 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2469 struct wpabuf
*wps_ie
;
2470 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2471 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2472 wpa_ie_len
= wpabuf_len(wps_ie
);
2473 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2476 wpabuf_free(wps_ie
);
2477 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2478 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2479 params
.wps
= WPS_MODE_PRIVACY
;
2481 params
.wps
= WPS_MODE_OPEN
;
2482 wpa_s
->wpa_proto
= 0;
2483 #endif /* CONFIG_WPS */
2485 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2487 wpa_s
->wpa_proto
= 0;
2490 #ifdef IEEE8021X_EAPOL
2491 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2493 if (ssid
->non_leap
== 0)
2494 algs
= WPA_AUTH_ALG_LEAP
;
2496 algs
|= WPA_AUTH_ALG_LEAP
;
2501 /* Clear FILS association */
2502 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2504 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2505 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2506 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2507 &username_len
, &realm
, &realm_len
,
2508 &next_seq_num
, &rrk
, &rrk_len
) == 0) {
2509 algs
= WPA_AUTH_ALG_FILS
;
2510 params
.fils_erp_username
= username
;
2511 params
.fils_erp_username_len
= username_len
;
2512 params
.fils_erp_realm
= realm
;
2513 params
.fils_erp_realm_len
= realm_len
;
2514 params
.fils_erp_next_seq_num
= next_seq_num
;
2515 params
.fils_erp_rrk
= rrk
;
2516 params
.fils_erp_rrk_len
= rrk_len
;
2518 #endif /* CONFIG_FILS */
2519 #endif /* IEEE8021X_EAPOL */
2521 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2522 if (ssid
->auth_alg
) {
2523 algs
= ssid
->auth_alg
;
2524 wpa_dbg(wpa_s
, MSG_DEBUG
,
2525 "Overriding auth_alg selection: 0x%x", algs
);
2529 if (wpa_s
->global
->p2p
) {
2533 pos
= wpa_ie
+ wpa_ie_len
;
2534 len
= max_wpa_ie_len
- wpa_ie_len
;
2535 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2541 wpa_s
->cross_connect_disallowed
= 0;
2544 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2546 wpa_s
->cross_connect_disallowed
=
2547 p2p_get_cross_connect_disallowed(p2p
);
2549 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2551 wpa_s
->cross_connect_disallowed
?
2552 "disallows" : "allows");
2556 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2557 #endif /* CONFIG_P2P */
2560 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, bss
->freq
,
2561 wpa_ie
+ wpa_ie_len
,
2567 * Workaround: Add Extended Capabilities element only if the AP
2568 * included this element in Beacon/Probe Response frames. Some older
2569 * APs seem to have interoperability issues if this element is
2570 * included, so while the standard may require us to include the
2571 * element in all cases, it is justifiable to skip it to avoid
2572 * interoperability issues.
2574 if (ssid
->p2p_group
)
2575 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2577 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2579 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2582 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2584 if (ext_capab_len
> 0 &&
2585 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2587 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2589 os_memmove(pos
+ ext_capab_len
, pos
,
2590 wpa_ie_len
- (pos
- wpa_ie
));
2591 wpa_ie_len
+= ext_capab_len
;
2592 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2597 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2598 struct wpabuf
*hs20
;
2600 hs20
= wpabuf_alloc(20);
2602 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2605 wpas_hs20_add_indication(hs20
, pps_mo_id
);
2606 len
= max_wpa_ie_len
- wpa_ie_len
;
2607 if (wpabuf_len(hs20
) <= len
) {
2608 os_memcpy(wpa_ie
+ wpa_ie_len
,
2609 wpabuf_head(hs20
), wpabuf_len(hs20
));
2610 wpa_ie_len
+= wpabuf_len(hs20
);
2614 hs20_configure_frame_filters(wpa_s
);
2617 #endif /* CONFIG_HS20 */
2619 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2620 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2623 len
= max_wpa_ie_len
- wpa_ie_len
;
2624 if (wpabuf_len(buf
) <= len
) {
2625 os_memcpy(wpa_ie
+ wpa_ie_len
,
2626 wpabuf_head(buf
), wpabuf_len(buf
));
2627 wpa_ie_len
+= wpabuf_len(buf
);
2632 if (wpa_s
->fst_ies
) {
2633 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2635 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2636 os_memcpy(wpa_ie
+ wpa_ie_len
,
2637 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2638 wpa_ie_len
+= fst_ies_len
;
2641 #endif /* CONFIG_FST */
2644 if (bss
&& wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
)) {
2647 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2648 max_wpa_ie_len
- wpa_ie_len
);
2652 #endif /* CONFIG_MBO */
2655 if (algs
== WPA_AUTH_ALG_FILS
) {
2658 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2659 max_wpa_ie_len
- wpa_ie_len
);
2662 #endif /* CONFIG_FILS */
2664 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
2666 cipher_pairwise
= wpa_s
->pairwise_cipher
;
2667 cipher_group
= wpa_s
->group_cipher
;
2668 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
2669 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2670 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
2672 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
2677 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
2680 #ifdef IEEE8021X_EAPOL
2681 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2682 if ((ssid
->eapol_flags
&
2683 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
2684 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
2688 /* Assume that dynamic WEP-104 keys will be used and
2689 * set cipher suites in order for drivers to expect
2691 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
2694 #endif /* IEEE8021X_EAPOL */
2696 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2697 /* Set the key before (and later after) association */
2698 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2701 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
2703 params
.ssid
= bss
->ssid
;
2704 params
.ssid_len
= bss
->ssid_len
;
2705 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
2706 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
2707 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
2708 MACSTR
" freq=%u MHz based on scan results "
2709 "(bssid_set=%d wps=%d)",
2710 MAC2STR(bss
->bssid
), bss
->freq
,
2712 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
2713 params
.bssid
= bss
->bssid
;
2714 params
.freq
.freq
= bss
->freq
;
2716 params
.bssid_hint
= bss
->bssid
;
2717 params
.freq_hint
= bss
->freq
;
2718 params
.pbss
= bss_is_pbss(bss
);
2720 if (ssid
->bssid_hint_set
)
2721 params
.bssid_hint
= ssid
->bssid_hint
;
2723 params
.ssid
= ssid
->ssid
;
2724 params
.ssid_len
= ssid
->ssid_len
;
2725 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
2728 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
2729 wpa_s
->conf
->ap_scan
== 2) {
2730 params
.bssid
= ssid
->bssid
;
2731 params
.fixed_bssid
= 1;
2734 /* Initial frequency for IBSS/mesh */
2735 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
2736 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
2737 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
2739 if (ssid
->mode
== WPAS_MODE_IBSS
) {
2740 params
.fixed_freq
= ssid
->fixed_freq
;
2741 if (ssid
->beacon_int
)
2742 params
.beacon_int
= ssid
->beacon_int
;
2744 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
2747 params
.wpa_ie
= wpa_ie
;
2748 params
.wpa_ie_len
= wpa_ie_len
;
2749 params
.pairwise_suite
= cipher_pairwise
;
2750 params
.group_suite
= cipher_group
;
2751 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
2752 params
.wpa_proto
= wpa_s
->wpa_proto
;
2753 params
.auth_alg
= algs
;
2754 wpa_s
->auth_alg
= params
.auth_alg
;
2755 params
.mode
= ssid
->mode
;
2756 params
.bg_scan_period
= ssid
->bg_scan_period
;
2757 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
2758 if (ssid
->wep_key_len
[i
])
2759 params
.wep_key
[i
] = ssid
->wep_key
[i
];
2760 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
2762 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
2764 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
2765 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2766 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
2767 params
.passphrase
= ssid
->passphrase
;
2769 params
.psk
= ssid
->psk
;
2772 if (wpa_s
->conf
->key_mgmt_offload
) {
2773 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
2774 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
2775 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
2776 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
2777 params
.req_key_mgmt_offload
=
2778 ssid
->proactive_key_caching
< 0 ?
2779 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
2781 params
.req_key_mgmt_offload
= 1;
2783 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
2784 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
2785 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
2787 params
.psk
= ssid
->psk
;
2790 params
.drop_unencrypted
= use_crypt
;
2792 #ifdef CONFIG_IEEE80211W
2793 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
2794 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
2795 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
2796 struct wpa_ie_data ie
;
2797 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
2799 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
2800 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
2801 "MFP: require MFP");
2802 params
.mgmt_frame_protection
=
2803 MGMT_FRAME_PROTECTION_REQUIRED
;
2806 #endif /* CONFIG_IEEE80211W */
2808 params
.p2p
= ssid
->p2p_group
;
2810 if (wpa_s
->p2pdev
->set_sta_uapsd
)
2811 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
2815 #ifdef CONFIG_HT_OVERRIDES
2816 os_memset(&htcaps
, 0, sizeof(htcaps
));
2817 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
2818 params
.htcaps
= (u8
*) &htcaps
;
2819 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
2820 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
2821 #endif /* CONFIG_HT_OVERRIDES */
2822 #ifdef CONFIG_VHT_OVERRIDES
2823 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
2824 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
2825 params
.vhtcaps
= &vhtcaps
;
2826 params
.vhtcaps_mask
= &vhtcaps_mask
;
2827 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
2828 #endif /* CONFIG_VHT_OVERRIDES */
2832 * If multi-channel concurrency is not supported, check for any
2833 * frequency conflict. In case of any frequency conflict, remove the
2834 * least prioritized connection.
2836 if (wpa_s
->num_multichan_concurrent
< 2) {
2838 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
2839 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
2840 wpa_printf(MSG_DEBUG
,
2841 "Assoc conflicting freq found (%d != %d)",
2842 freq
, params
.freq
.freq
);
2843 if (wpas_p2p_handle_frequency_conflicts(
2844 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
2845 wpas_connect_work_done(wpa_s
);
2851 #endif /* CONFIG_P2P */
2853 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
2854 wpa_s
->current_ssid
)
2855 params
.prev_bssid
= prev_bssid
;
2857 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
2860 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
2862 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
2864 * The driver is known to mean what is saying, so we
2865 * can stop right here; the association will not
2868 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
2869 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2870 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
2873 /* try to continue anyway; new association will be tried again
2878 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
2879 /* Set the key after the association just in case association
2880 * cleared the previously configured key. */
2881 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
2882 /* No need to timeout authentication since there is no key
2884 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2885 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
2886 #ifdef CONFIG_IBSS_RSN
2887 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
2888 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
2889 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
2891 * RSN IBSS authentication is per-STA and we can disable the
2892 * per-BSSID authentication.
2894 wpa_supplicant_cancel_auth_timeout(wpa_s
);
2895 #endif /* CONFIG_IBSS_RSN */
2897 /* Timeout for IEEE 802.11 authentication and association */
2901 /* give IBSS a bit more time */
2902 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
2903 } else if (wpa_s
->conf
->ap_scan
== 1) {
2904 /* give IBSS a bit more time */
2905 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
2907 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
2911 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
2912 /* Set static WEP keys again */
2913 wpa_set_wep_keys(wpa_s
, ssid
);
2916 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
2918 * Do not allow EAP session resumption between different
2919 * network configurations.
2921 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
2923 old_ssid
= wpa_s
->current_ssid
;
2924 wpa_s
->current_ssid
= ssid
;
2926 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
2927 wpa_s
->current_bss
= bss
;
2929 hs20_configure_frame_filters(wpa_s
);
2930 #endif /* CONFIG_HS20 */
2933 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
2934 wpa_supplicant_initiate_eapol(wpa_s
);
2935 if (old_ssid
!= wpa_s
->current_ssid
)
2936 wpas_notify_network_changed(wpa_s
);
2940 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
2943 struct wpa_ssid
*old_ssid
;
2945 wpas_connect_work_done(wpa_s
);
2946 wpa_clear_keys(wpa_s
, addr
);
2947 old_ssid
= wpa_s
->current_ssid
;
2948 wpa_supplicant_mark_disassoc(wpa_s
);
2949 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
2950 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
2951 if (old_ssid
!= wpa_s
->current_ssid
)
2952 wpas_notify_network_changed(wpa_s
);
2953 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
2958 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2959 * @wpa_s: Pointer to wpa_supplicant data
2960 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2962 * This function is used to request %wpa_supplicant to deauthenticate from the
2965 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
2969 union wpa_event_data event
;
2972 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
2973 " pending_bssid=" MACSTR
" reason=%d state=%s",
2974 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
2975 reason_code
, wpa_supplicant_state_txt(wpa_s
->wpa_state
));
2977 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
2978 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
2979 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
2980 addr
= wpa_s
->pending_bssid
;
2981 else if (!is_zero_ether_addr(wpa_s
->bssid
))
2982 addr
= wpa_s
->bssid
;
2983 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
2985 * When using driver-based BSS selection, we may not know the
2986 * BSSID with which we are currently trying to associate. We
2987 * need to notify the driver of this disconnection even in such
2988 * a case, so use the all zeros address here.
2990 addr
= wpa_s
->bssid
;
2995 wpa_tdls_teardown_peers(wpa_s
->wpa
);
2996 #endif /* CONFIG_TDLS */
3000 struct mesh_conf
*mconf
;
3002 mconf
= wpa_s
->ifmsh
->mconf
;
3003 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3005 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3006 mconf
->meshid_len
, reason_code
);
3007 wpa_supplicant_leave_mesh(wpa_s
);
3009 #endif /* CONFIG_MESH */
3012 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3013 os_memset(&event
, 0, sizeof(event
));
3014 event
.deauth_info
.reason_code
= (u16
) reason_code
;
3015 event
.deauth_info
.locally_generated
= 1;
3016 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3021 wpa_supplicant_clear_connection(wpa_s
, addr
);
3024 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3025 struct wpa_ssid
*ssid
)
3027 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3031 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3032 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3035 * Try to reassociate since there is no current configuration and a new
3036 * network was made available.
3038 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3039 wpa_s
->reassociate
= 1;
3044 * wpa_supplicant_add_network - Add a new network
3045 * @wpa_s: wpa_supplicant structure for a network interface
3046 * Returns: The new network configuration or %NULL if operation failed
3048 * This function performs the following operations:
3049 * 1. Adds a new network.
3050 * 2. Send network addition notification.
3051 * 3. Marks the network disabled.
3052 * 4. Set network default parameters.
3054 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3056 struct wpa_ssid
*ssid
;
3058 ssid
= wpa_config_add_network(wpa_s
->conf
);
3061 wpas_notify_network_added(wpa_s
, ssid
);
3063 wpa_config_set_network_defaults(ssid
);
3070 * wpa_supplicant_remove_network - Remove a configured network based on id
3071 * @wpa_s: wpa_supplicant structure for a network interface
3072 * @id: Unique network id to search for
3073 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3074 * could not be removed
3076 * This function performs the following operations:
3077 * 1. Removes the network.
3078 * 2. Send network removal notification.
3079 * 3. Update internal state machines.
3080 * 4. Stop any running sched scans.
3082 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3084 struct wpa_ssid
*ssid
;
3087 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3090 wpas_notify_network_removed(wpa_s
, ssid
);
3092 if (wpa_s
->last_ssid
== ssid
)
3093 wpa_s
->last_ssid
= NULL
;
3095 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3097 wpa_s
->sme
.prev_bssid_set
= 0;
3098 #endif /* CONFIG_SME */
3100 * Invalidate the EAP session cache if the current or
3101 * previously used network is removed.
3103 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3106 if (ssid
== wpa_s
->current_ssid
) {
3107 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3108 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3110 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3111 wpa_s
->own_disconnect_req
= 1;
3112 wpa_supplicant_deauthenticate(wpa_s
,
3113 WLAN_REASON_DEAUTH_LEAVING
);
3116 was_disabled
= ssid
->disabled
;
3118 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3121 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3122 wpa_printf(MSG_DEBUG
,
3123 "Stop ongoing sched_scan to remove network from filters");
3124 wpa_supplicant_cancel_sched_scan(wpa_s
);
3125 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3133 * wpa_supplicant_enable_network - Mark a configured network as enabled
3134 * @wpa_s: wpa_supplicant structure for a network interface
3135 * @ssid: wpa_ssid structure for a configured network or %NULL
3137 * Enables the specified network or all networks if no network specified.
3139 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3140 struct wpa_ssid
*ssid
)
3143 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3144 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3146 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3148 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3149 (!wpa_s
->current_ssid
||
3150 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3151 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3152 if (wpa_s
->sched_scanning
) {
3153 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3154 "new network to scan filters");
3155 wpa_supplicant_cancel_sched_scan(wpa_s
);
3158 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3159 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3160 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3167 * wpa_supplicant_disable_network - Mark a configured network as disabled
3168 * @wpa_s: wpa_supplicant structure for a network interface
3169 * @ssid: wpa_ssid structure for a configured network or %NULL
3171 * Disables the specified network or all networks if no network specified.
3173 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3174 struct wpa_ssid
*ssid
)
3176 struct wpa_ssid
*other_ssid
;
3180 if (wpa_s
->sched_scanning
)
3181 wpa_supplicant_cancel_sched_scan(wpa_s
);
3183 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3184 other_ssid
= other_ssid
->next
) {
3185 was_disabled
= other_ssid
->disabled
;
3186 if (was_disabled
== 2)
3187 continue; /* do not change persistent P2P group
3190 other_ssid
->disabled
= 1;
3192 if (was_disabled
!= other_ssid
->disabled
)
3193 wpas_notify_network_enabled_changed(
3196 if (wpa_s
->current_ssid
) {
3197 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3198 wpa_s
->own_disconnect_req
= 1;
3199 wpa_supplicant_deauthenticate(
3200 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3202 } else if (ssid
->disabled
!= 2) {
3203 if (ssid
== wpa_s
->current_ssid
) {
3204 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3205 wpa_s
->own_disconnect_req
= 1;
3206 wpa_supplicant_deauthenticate(
3207 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3210 was_disabled
= ssid
->disabled
;
3214 if (was_disabled
!= ssid
->disabled
) {
3215 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3216 if (wpa_s
->sched_scanning
) {
3217 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3218 "to remove network from filters");
3219 wpa_supplicant_cancel_sched_scan(wpa_s
);
3220 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3228 * wpa_supplicant_select_network - Attempt association with a network
3229 * @wpa_s: wpa_supplicant structure for a network interface
3230 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3232 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3233 struct wpa_ssid
*ssid
)
3236 struct wpa_ssid
*other_ssid
;
3237 int disconnected
= 0;
3239 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3240 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3241 wpa_s
->own_disconnect_req
= 1;
3242 wpa_supplicant_deauthenticate(
3243 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3248 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3251 * Mark all other networks disabled or mark all networks enabled if no
3252 * network specified.
3254 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3255 other_ssid
= other_ssid
->next
) {
3256 int was_disabled
= other_ssid
->disabled
;
3257 if (was_disabled
== 2)
3258 continue; /* do not change persistent P2P group data */
3260 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3261 if (was_disabled
&& !other_ssid
->disabled
)
3262 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3264 if (was_disabled
!= other_ssid
->disabled
)
3265 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3268 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3269 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3270 /* We are already associated with the selected network */
3271 wpa_printf(MSG_DEBUG
, "Already associated with the "
3272 "selected network - do nothing");
3277 wpa_s
->current_ssid
= ssid
;
3278 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3279 wpa_s
->connect_without_scan
=
3280 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3283 * Don't optimize next scan freqs since a new ESS has been
3286 os_free(wpa_s
->next_scan_freqs
);
3287 wpa_s
->next_scan_freqs
= NULL
;
3289 wpa_s
->connect_without_scan
= NULL
;
3292 wpa_s
->disconnected
= 0;
3293 wpa_s
->reassociate
= 1;
3295 if (wpa_s
->connect_without_scan
||
3296 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3297 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3298 wpas_scan_reset_sched_scan(wpa_s
);
3299 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3303 wpas_notify_network_selected(wpa_s
, ssid
);
3308 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3309 * @wpa_s: wpa_supplicant structure for a network interface
3310 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3311 * @pkcs11_module_path: PKCS #11 module path or NULL
3312 * Returns: 0 on success; -1 on failure
3314 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3315 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3316 * module path fails the paths will be reset to the default value (NULL).
3318 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3319 const char *pkcs11_engine_path
,
3320 const char *pkcs11_module_path
)
3322 char *pkcs11_engine_path_copy
= NULL
;
3323 char *pkcs11_module_path_copy
= NULL
;
3325 if (pkcs11_engine_path
!= NULL
) {
3326 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3327 if (pkcs11_engine_path_copy
== NULL
)
3330 if (pkcs11_module_path
!= NULL
) {
3331 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3332 if (pkcs11_module_path_copy
== NULL
) {
3333 os_free(pkcs11_engine_path_copy
);
3338 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3339 os_free(wpa_s
->conf
->pkcs11_module_path
);
3340 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3341 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3343 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3344 eapol_sm_deinit(wpa_s
->eapol
);
3345 wpa_s
->eapol
= NULL
;
3346 if (wpa_supplicant_init_eapol(wpa_s
)) {
3347 /* Error -> Reset paths to the default value (NULL) once. */
3348 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3349 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3354 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3361 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3362 * @wpa_s: wpa_supplicant structure for a network interface
3363 * @ap_scan: AP scan mode
3364 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3367 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3372 if (ap_scan
< 0 || ap_scan
> 2)
3375 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3376 wpa_printf(MSG_INFO
,
3377 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3381 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3382 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3383 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3384 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3385 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3388 #endif /* ANDROID */
3390 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3391 wpa_s
->conf
->ap_scan
= ap_scan
;
3393 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3394 wpas_notify_ap_scan_changed(wpa_s
);
3401 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3402 * @wpa_s: wpa_supplicant structure for a network interface
3403 * @expire_age: Expiration age in seconds
3404 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3407 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3408 unsigned int bss_expire_age
)
3410 if (bss_expire_age
< 10) {
3411 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3415 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3417 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3424 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3425 * @wpa_s: wpa_supplicant structure for a network interface
3426 * @expire_count: number of scans after which an unseen BSS is reclaimed
3427 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3430 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3431 unsigned int bss_expire_count
)
3433 if (bss_expire_count
< 1) {
3434 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3438 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3440 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3447 * wpa_supplicant_set_scan_interval - Set scan interval
3448 * @wpa_s: wpa_supplicant structure for a network interface
3449 * @scan_interval: scan interval in seconds
3450 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3453 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3456 if (scan_interval
< 0) {
3457 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3461 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3463 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3470 * wpa_supplicant_set_debug_params - Set global debug params
3471 * @global: wpa_global structure
3472 * @debug_level: debug level
3473 * @debug_timestamp: determines if show timestamp in debug data
3474 * @debug_show_keys: determines if show keys in debug data
3475 * Returns: 0 if succeed or -1 if debug_level has wrong value
3477 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3478 int debug_timestamp
, int debug_show_keys
)
3481 int old_level
, old_timestamp
, old_show_keys
;
3483 /* check for allowed debuglevels */
3484 if (debug_level
!= MSG_EXCESSIVE
&&
3485 debug_level
!= MSG_MSGDUMP
&&
3486 debug_level
!= MSG_DEBUG
&&
3487 debug_level
!= MSG_INFO
&&
3488 debug_level
!= MSG_WARNING
&&
3489 debug_level
!= MSG_ERROR
)
3492 old_level
= wpa_debug_level
;
3493 old_timestamp
= wpa_debug_timestamp
;
3494 old_show_keys
= wpa_debug_show_keys
;
3496 wpa_debug_level
= debug_level
;
3497 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
3498 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
3500 if (wpa_debug_level
!= old_level
)
3501 wpas_notify_debug_level_changed(global
);
3502 if (wpa_debug_timestamp
!= old_timestamp
)
3503 wpas_notify_debug_timestamp_changed(global
);
3504 if (wpa_debug_show_keys
!= old_show_keys
)
3505 wpas_notify_debug_show_keys_changed(global
);
3512 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3513 * @wpa_s: Pointer to wpa_supplicant data
3514 * Returns: A pointer to the current network structure or %NULL on failure
3516 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
3518 struct wpa_ssid
*entry
;
3519 u8 ssid
[SSID_MAX_LEN
];
3525 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
3527 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
3533 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
3534 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
3539 wired
= wpa_s
->conf
->ap_scan
== 0 &&
3540 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
3542 entry
= wpa_s
->conf
->ssid
;
3544 if (!wpas_network_disabled(wpa_s
, entry
) &&
3545 ((ssid_len
== entry
->ssid_len
&&
3546 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0) || wired
) &&
3547 (!entry
->bssid_set
||
3548 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3551 if (!wpas_network_disabled(wpa_s
, entry
) &&
3552 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3553 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
3554 (!entry
->bssid_set
||
3555 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
3557 #endif /* CONFIG_WPS */
3559 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
3560 entry
->ssid_len
== 0 &&
3561 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
3564 entry
= entry
->next
;
3571 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
3573 struct wpa_global
*global
= wpa_s
->global
;
3575 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
3576 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
3577 if (global
->drv_priv
[i
] == NULL
) {
3578 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
3579 "'%s'", wpa_drivers
[i
]->name
);
3584 wpa_s
->driver
= wpa_drivers
[i
];
3585 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
3591 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
3596 const char *pos
, *driver
= name
;
3601 if (wpa_drivers
[0] == NULL
) {
3602 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
3608 /* default to first driver in the list */
3609 return select_driver(wpa_s
, 0);
3613 pos
= os_strchr(driver
, ',');
3617 len
= os_strlen(driver
);
3619 for (i
= 0; wpa_drivers
[i
]; i
++) {
3620 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
3621 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
3623 /* First driver that succeeds wins */
3624 if (select_driver(wpa_s
, i
) == 0)
3632 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
3638 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3639 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3640 * with struct wpa_driver_ops::init()
3641 * @src_addr: Source address of the EAPOL frame
3642 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3643 * @len: Length of the EAPOL data
3645 * This function is called for each received EAPOL frame. Most driver
3646 * interfaces rely on more generic OS mechanism for receiving frames through
3647 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3648 * take care of received EAPOL frames and deliver them to the core supplicant
3649 * code by calling this function.
3651 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
3652 const u8
*buf
, size_t len
)
3654 struct wpa_supplicant
*wpa_s
= ctx
;
3656 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
3657 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
3659 #ifdef CONFIG_TESTING_OPTIONS
3660 if (wpa_s
->ignore_auth_resp
) {
3661 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
3664 #endif /* CONFIG_TESTING_OPTIONS */
3666 #ifdef CONFIG_PEERKEY
3667 if (wpa_s
->wpa_state
> WPA_ASSOCIATED
&& wpa_s
->current_ssid
&&
3668 wpa_s
->current_ssid
->peerkey
&&
3669 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) &&
3670 wpa_sm_rx_eapol_peerkey(wpa_s
->wpa
, src_addr
, buf
, len
) == 1) {
3671 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: Processed PeerKey EAPOL-Key");
3674 #endif /* CONFIG_PEERKEY */
3676 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
3677 (wpa_s
->last_eapol_matches_bssid
&&
3680 #endif /* CONFIG_AP */
3681 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
3683 * There is possible race condition between receiving the
3684 * association event and the EAPOL frame since they are coming
3685 * through different paths from the driver. In order to avoid
3686 * issues in trying to process the EAPOL frame before receiving
3687 * association information, lets queue it for processing until
3688 * the association event is received. This may also be needed in
3689 * driver-based roaming case, so also use src_addr != BSSID as a
3690 * trigger if we have previously confirmed that the
3691 * Authenticator uses BSSID as the src_addr (which is not the
3692 * case with wired IEEE 802.1X).
3694 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
3695 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
3696 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
3697 MAC2STR(wpa_s
->bssid
));
3698 wpabuf_free(wpa_s
->pending_eapol_rx
);
3699 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
3700 if (wpa_s
->pending_eapol_rx
) {
3701 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
3702 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
3708 wpa_s
->last_eapol_matches_bssid
=
3709 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
3712 if (wpa_s
->ap_iface
) {
3713 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
3716 #endif /* CONFIG_AP */
3718 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
3719 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
3720 "no key management is configured");
3724 if (wpa_s
->eapol_received
== 0 &&
3725 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
) ||
3726 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
3727 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
3728 (wpa_s
->current_ssid
== NULL
||
3729 wpa_s
->current_ssid
->mode
!= IEEE80211_MODE_IBSS
)) {
3730 /* Timeout for completing IEEE 802.1X and WPA authentication */
3733 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
3734 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
3735 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3736 /* Use longer timeout for IEEE 802.1X/EAP */
3741 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
3742 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
3743 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
3745 * Use shorter timeout if going through WPS AP iteration
3746 * for PIN config method with an AP that does not
3747 * advertise Selected Registrar.
3749 struct wpabuf
*wps_ie
;
3751 wps_ie
= wpa_bss_get_vendor_ie_multi(
3752 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
3754 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
3756 wpabuf_free(wps_ie
);
3758 #endif /* CONFIG_WPS */
3760 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3762 wpa_s
->eapol_received
++;
3764 if (wpa_s
->countermeasures
) {
3765 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
3770 #ifdef CONFIG_IBSS_RSN
3771 if (wpa_s
->current_ssid
&&
3772 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
3773 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
3776 #endif /* CONFIG_IBSS_RSN */
3778 /* Source address of the incoming EAPOL frame could be compared to the
3779 * current BSSID. However, it is possible that a centralized
3780 * Authenticator could be using another MAC address than the BSSID of
3781 * an AP, so just allow any address to be used for now. The replies are
3782 * still sent to the current BSSID (if available), though. */
3784 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
3785 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
3786 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
3787 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
3788 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
3790 wpa_drv_poll(wpa_s
);
3791 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE
))
3792 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
3793 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
3795 * Set portValid = TRUE here since we are going to skip 4-way
3796 * handshake processing which would normally set portValid. We
3797 * need this to allow the EAPOL state machines to be completed
3798 * without going through EAPOL-Key handshake.
3800 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
3805 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
3807 if ((!wpa_s
->p2p_mgmt
||
3808 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
3809 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
3810 l2_packet_deinit(wpa_s
->l2
);
3811 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
3812 wpa_drv_get_mac_addr(wpa_s
),
3814 wpa_supplicant_rx_eapol
, wpa_s
, 0);
3815 if (wpa_s
->l2
== NULL
)
3818 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
3820 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
3823 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
3824 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
3828 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3834 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
3835 const u8
*buf
, size_t len
)
3837 struct wpa_supplicant
*wpa_s
= ctx
;
3838 const struct l2_ethhdr
*eth
;
3840 if (len
< sizeof(*eth
))
3842 eth
= (const struct l2_ethhdr
*) buf
;
3844 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
3845 !(eth
->h_dest
[0] & 0x01)) {
3846 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3847 " (bridge - not for this interface - ignore)",
3848 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3852 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
3853 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
3854 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
3855 len
- sizeof(*eth
));
3860 * wpa_supplicant_driver_init - Initialize driver interface parameters
3861 * @wpa_s: Pointer to wpa_supplicant data
3862 * Returns: 0 on success, -1 on failure
3864 * This function is called to initialize driver interface parameters.
3865 * wpa_drv_init() must have been called before this function to initialize the
3868 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
3870 static int interface_count
= 0;
3872 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
3875 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
3876 MAC2STR(wpa_s
->own_addr
));
3877 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
3878 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
3880 if (wpa_s
->bridge_ifname
[0]) {
3881 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
3882 "interface '%s'", wpa_s
->bridge_ifname
);
3883 wpa_s
->l2_br
= l2_packet_init_bridge(
3884 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
3885 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
3886 if (wpa_s
->l2_br
== NULL
) {
3887 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
3888 "connection for the bridge interface '%s'",
3889 wpa_s
->bridge_ifname
);
3894 if (wpa_s
->conf
->ap_scan
== 2 &&
3895 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3896 wpa_printf(MSG_INFO
,
3897 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3900 wpa_clear_keys(wpa_s
, NULL
);
3902 /* Make sure that TKIP countermeasures are not left enabled (could
3903 * happen if wpa_supplicant is killed during countermeasures. */
3904 wpa_drv_set_countermeasures(wpa_s
, 0);
3906 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
3907 wpa_drv_flush_pmkid(wpa_s
);
3909 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
3910 wpa_s
->prev_scan_wildcard
= 0;
3912 if (wpa_supplicant_enabled_networks(wpa_s
)) {
3913 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
3914 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3915 interface_count
= 0;
3918 if (!wpa_s
->p2p_mgmt
&&
3919 wpa_supplicant_delayed_sched_scan(wpa_s
,
3920 interface_count
% 3,
3922 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
3924 #endif /* ANDROID */
3927 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
3933 static int wpa_supplicant_daemon(const char *pid_file
)
3935 wpa_printf(MSG_DEBUG
, "Daemonize..");
3936 return os_daemonize(pid_file
);
3940 static struct wpa_supplicant
*
3941 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
3943 struct wpa_supplicant
*wpa_s
;
3945 wpa_s
= os_zalloc(sizeof(*wpa_s
));
3948 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
3949 wpa_s
->scan_interval
= 5;
3950 wpa_s
->new_connection
= 1;
3951 wpa_s
->parent
= parent
? parent
: wpa_s
;
3952 wpa_s
->p2pdev
= wpa_s
->parent
;
3953 wpa_s
->sched_scanning
= 0;
3955 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
3956 dl_list_init(&wpa_s
->fils_hlp_req
);
3962 #ifdef CONFIG_HT_OVERRIDES
3964 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
3965 struct ieee80211_ht_capabilities
*htcaps
,
3966 struct ieee80211_ht_capabilities
*htcaps_mask
,
3969 /* parse ht_mcs into hex array */
3971 const char *tmp
= ht_mcs
;
3974 /* If ht_mcs is null, do not set anything */
3978 /* This is what we are setting in the kernel */
3979 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
3981 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
3983 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
3987 v
= strtol(tmp
, &end
, 16);
3990 wpa_msg(wpa_s
, MSG_DEBUG
,
3991 "htcap value[%i]: %ld end: %p tmp: %p",
3996 htcaps
->supported_mcs_set
[i
] = v
;
3999 wpa_msg(wpa_s
, MSG_ERROR
,
4000 "Failed to parse ht-mcs: %s, error: %s\n",
4001 ht_mcs
, strerror(errno
));
4007 * If we were able to parse any values, then set mask for the MCS set.
4010 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4011 IEEE80211_HT_MCS_MASK_LEN
- 1);
4012 /* skip the 3 reserved bits */
4013 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4021 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4022 struct ieee80211_ht_capabilities
*htcaps
,
4023 struct ieee80211_ht_capabilities
*htcaps_mask
,
4028 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4033 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4034 htcaps_mask
->ht_capabilities_info
|= msk
;
4036 htcaps
->ht_capabilities_info
&= msk
;
4038 htcaps
->ht_capabilities_info
|= msk
;
4044 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4045 struct ieee80211_ht_capabilities
*htcaps
,
4046 struct ieee80211_ht_capabilities
*htcaps_mask
,
4049 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4054 if (factor
< 0 || factor
> 3) {
4055 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4056 "Must be 0-3 or -1", factor
);
4060 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4061 htcaps
->a_mpdu_params
&= ~0x3;
4062 htcaps
->a_mpdu_params
|= factor
& 0x3;
4068 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4069 struct ieee80211_ht_capabilities
*htcaps
,
4070 struct ieee80211_ht_capabilities
*htcaps_mask
,
4073 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4078 if (density
< 0 || density
> 7) {
4079 wpa_msg(wpa_s
, MSG_ERROR
,
4080 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4085 htcaps_mask
->a_mpdu_params
|= 0x1C;
4086 htcaps
->a_mpdu_params
&= ~(0x1C);
4087 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4093 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4094 struct ieee80211_ht_capabilities
*htcaps
,
4095 struct ieee80211_ht_capabilities
*htcaps_mask
,
4098 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4100 set_disable_ht40(htcaps
, disabled
);
4101 set_disable_ht40(htcaps_mask
, 0);
4107 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4108 struct ieee80211_ht_capabilities
*htcaps
,
4109 struct ieee80211_ht_capabilities
*htcaps_mask
,
4112 /* Masking these out disables SGI */
4113 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4114 HT_CAP_INFO_SHORT_GI40MHZ
);
4116 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4119 htcaps
->ht_capabilities_info
&= ~msk
;
4121 htcaps
->ht_capabilities_info
|= msk
;
4123 htcaps_mask
->ht_capabilities_info
|= msk
;
4129 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4130 struct ieee80211_ht_capabilities
*htcaps
,
4131 struct ieee80211_ht_capabilities
*htcaps_mask
,
4134 /* Masking these out disables LDPC */
4135 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4137 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4140 htcaps
->ht_capabilities_info
&= ~msk
;
4142 htcaps
->ht_capabilities_info
|= msk
;
4144 htcaps_mask
->ht_capabilities_info
|= msk
;
4150 void wpa_supplicant_apply_ht_overrides(
4151 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4152 struct wpa_driver_associate_params
*params
)
4154 struct ieee80211_ht_capabilities
*htcaps
;
4155 struct ieee80211_ht_capabilities
*htcaps_mask
;
4160 params
->disable_ht
= ssid
->disable_ht
;
4161 if (!params
->htcaps
|| !params
->htcaps_mask
)
4164 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4165 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4166 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4167 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4168 ssid
->disable_max_amsdu
);
4169 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4170 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4171 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4172 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4173 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4175 if (ssid
->ht40_intolerant
) {
4176 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4177 htcaps
->ht_capabilities_info
|= bit
;
4178 htcaps_mask
->ht_capabilities_info
|= bit
;
4182 #endif /* CONFIG_HT_OVERRIDES */
4185 #ifdef CONFIG_VHT_OVERRIDES
4186 void wpa_supplicant_apply_vht_overrides(
4187 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4188 struct wpa_driver_associate_params
*params
)
4190 struct ieee80211_vht_capabilities
*vhtcaps
;
4191 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4196 params
->disable_vht
= ssid
->disable_vht
;
4198 vhtcaps
= (void *) params
->vhtcaps
;
4199 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4201 if (!vhtcaps
|| !vhtcaps_mask
)
4204 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4205 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4207 #ifdef CONFIG_HT_OVERRIDES
4208 /* if max ampdu is <= 3, we have to make the HT cap the same */
4209 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4212 max_ampdu
= (ssid
->vht_capa
&
4213 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4214 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4216 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4217 wpa_set_ampdu_factor(wpa_s
,
4218 (void *) params
->htcaps
,
4219 (void *) params
->htcaps_mask
,
4222 #endif /* CONFIG_HT_OVERRIDES */
4224 #define OVERRIDE_MCS(i) \
4225 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4226 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4227 host_to_le16(3 << 2 * (i - 1)); \
4228 vhtcaps->vht_supported_mcs_set.tx_map |= \
4229 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4232 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4233 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4234 host_to_le16(3 << 2 * (i - 1)); \
4235 vhtcaps->vht_supported_mcs_set.rx_map |= \
4236 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4249 #endif /* CONFIG_VHT_OVERRIDES */
4252 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4257 if (!wpa_s
->conf
->pcsc_reader
)
4260 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4264 if (wpa_s
->conf
->pcsc_pin
&&
4265 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4266 scard_deinit(wpa_s
->scard
);
4267 wpa_s
->scard
= NULL
;
4268 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4272 len
= sizeof(wpa_s
->imsi
) - 1;
4273 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4274 scard_deinit(wpa_s
->scard
);
4275 wpa_s
->scard
= NULL
;
4276 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4279 wpa_s
->imsi
[len
] = '\0';
4281 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4283 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4284 wpa_s
->imsi
, wpa_s
->mnc_len
);
4286 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4287 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4288 #endif /* PCSC_FUNCS */
4294 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4298 ext_password_deinit(wpa_s
->ext_pw
);
4299 wpa_s
->ext_pw
= NULL
;
4300 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4302 if (!wpa_s
->conf
->ext_password_backend
)
4305 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4308 pos
= os_strchr(val
, ':');
4312 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4314 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4316 if (wpa_s
->ext_pw
== NULL
) {
4317 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4320 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4328 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4330 struct wpa_supplicant
*wpa_s
= ctx
;
4332 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4333 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4337 static void wpas_fst_get_channel_info_cb(void *ctx
,
4338 enum hostapd_hw_mode
*hw_mode
,
4341 struct wpa_supplicant
*wpa_s
= ctx
;
4343 if (wpa_s
->current_bss
) {
4344 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4346 } else if (wpa_s
->hw
.num_modes
) {
4347 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4355 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4357 struct wpa_supplicant
*wpa_s
= ctx
;
4359 *modes
= wpa_s
->hw
.modes
;
4360 return wpa_s
->hw
.num_modes
;
4364 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4366 struct wpa_supplicant
*wpa_s
= ctx
;
4368 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4369 wpa_s
->fst_ies
= fst_ies
;
4373 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4375 struct wpa_supplicant
*wpa_s
= ctx
;
4377 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4378 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4379 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4382 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
4383 wpa_s
->own_addr
, wpa_s
->bssid
,
4384 wpabuf_head(data
), wpabuf_len(data
),
4389 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
4391 struct wpa_supplicant
*wpa_s
= ctx
;
4393 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4394 return wpa_s
->received_mb_ies
;
4398 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
4399 const u8
*buf
, size_t size
)
4401 struct wpa_supplicant
*wpa_s
= ctx
;
4402 struct mb_ies_info info
;
4404 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
4406 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
4407 wpabuf_free(wpa_s
->received_mb_ies
);
4408 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
4413 static const u8
* wpas_fst_get_peer_first(void *ctx
,
4414 struct fst_get_peer_ctx
**get_ctx
,
4417 struct wpa_supplicant
*wpa_s
= ctx
;
4420 if (!is_zero_ether_addr(wpa_s
->bssid
))
4421 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
4422 wpa_s
->bssid
: NULL
;
4427 static const u8
* wpas_fst_get_peer_next(void *ctx
,
4428 struct fst_get_peer_ctx
**get_ctx
,
4434 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
4435 struct fst_wpa_obj
*iface_obj
)
4437 iface_obj
->ctx
= wpa_s
;
4438 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
4439 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
4440 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
4441 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
4442 iface_obj
->send_action
= wpas_fst_send_action_cb
;
4443 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
4444 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
4445 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
4446 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
4448 #endif /* CONFIG_FST */
4450 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
4451 const struct wpa_driver_capa
*capa
)
4453 struct wowlan_triggers
*triggers
;
4456 if (!wpa_s
->conf
->wowlan_triggers
)
4459 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
4461 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
4468 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
4471 return BAND_2_4_GHZ
;
4478 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
4481 unsigned int band
= 0;
4484 /* freqs are specified for the radio work */
4485 for (i
= 0; freqs
[i
]; i
++)
4486 band
|= wpas_freq_to_band(freqs
[i
]);
4489 * freqs are not specified, implies all
4490 * the supported freqs by HW
4492 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
4493 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
4494 if (wpa_s
->hw
.modes
[i
].mode
==
4495 HOSTAPD_MODE_IEEE80211B
||
4496 wpa_s
->hw
.modes
[i
].mode
==
4497 HOSTAPD_MODE_IEEE80211G
)
4498 band
|= BAND_2_4_GHZ
;
4499 else if (wpa_s
->hw
.modes
[i
].mode
==
4500 HOSTAPD_MODE_IEEE80211A
)
4502 else if (wpa_s
->hw
.modes
[i
].mode
==
4503 HOSTAPD_MODE_IEEE80211AD
)
4504 band
|= BAND_60_GHZ
;
4505 else if (wpa_s
->hw
.modes
[i
].mode
==
4506 HOSTAPD_MODE_IEEE80211ANY
)
4507 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
4517 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
4520 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
4521 struct wpa_radio
*radio
;
4523 while (rn
&& iface
) {
4524 radio
= iface
->radio
;
4525 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
4526 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
4528 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4532 iface
= iface
->next
;
4535 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
4536 wpa_s
->ifname
, rn
? rn
: "N/A");
4537 radio
= os_zalloc(sizeof(*radio
));
4542 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
4543 dl_list_init(&radio
->ifaces
);
4544 dl_list_init(&radio
->work
);
4545 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
4551 static void radio_work_free(struct wpa_radio_work
*work
)
4553 if (work
->wpa_s
->scan_work
== work
) {
4554 /* This should not really happen. */
4555 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4556 work
->type
, work
, work
->started
);
4557 work
->wpa_s
->scan_work
= NULL
;
4561 if (work
->wpa_s
->p2p_scan_work
== work
) {
4562 /* This should not really happen. */
4563 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4564 work
->type
, work
, work
->started
);
4565 work
->wpa_s
->p2p_scan_work
= NULL
;
4567 #endif /* CONFIG_P2P */
4569 if (work
->started
) {
4570 work
->wpa_s
->radio
->num_active_works
--;
4571 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
4572 "radio_work_free('%s'@%p: num_active_works --> %u",
4574 work
->wpa_s
->radio
->num_active_works
);
4577 dl_list_del(&work
->list
);
4582 static int radio_work_is_connect(struct wpa_radio_work
*work
)
4584 return os_strcmp(work
->type
, "sme-connect") == 0 ||
4585 os_strcmp(work
->type
, "connect") == 0;
4589 static int radio_work_is_scan(struct wpa_radio_work
*work
)
4591 return os_strcmp(work
->type
, "scan") == 0 ||
4592 os_strcmp(work
->type
, "p2p-scan") == 0;
4596 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
4598 struct wpa_radio_work
*active_work
= NULL
;
4599 struct wpa_radio_work
*tmp
;
4601 /* Get the active work to know the type and band. */
4602 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4610 /* No active work, start one */
4611 radio
->num_active_works
= 0;
4612 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
4614 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4615 radio
->external_scan_running
&&
4616 (((struct wpa_driver_scan_params
*)
4617 tmp
->ctx
)->only_new_results
||
4618 tmp
->wpa_s
->clear_driver_scan_cache
))
4625 if (radio_work_is_connect(active_work
)) {
4627 * If the active work is either connect or sme-connect,
4628 * do not parallelize them with other radio works.
4630 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4631 "Do not parallelize radio work with %s",
4636 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
4641 * If connect or sme-connect are enqueued, parallelize only
4642 * those operations ahead of them in the queue.
4644 if (radio_work_is_connect(tmp
))
4647 /* Serialize parallel scan and p2p_scan operations on the same
4648 * interface since the driver_nl80211 mechanism for tracking
4649 * scan cookies does not yet have support for this. */
4650 if (active_work
->wpa_s
== tmp
->wpa_s
&&
4651 radio_work_is_scan(active_work
) &&
4652 radio_work_is_scan(tmp
)) {
4653 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4654 "Do not start work '%s' when another work '%s' is already scheduled",
4655 tmp
->type
, active_work
->type
);
4659 * Check that the radio works are distinct and
4660 * on different bands.
4662 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
4663 (active_work
->bands
!= tmp
->bands
)) {
4665 * If a scan has to be scheduled through nl80211 scan
4666 * interface and if an external scan is already running,
4667 * do not schedule the scan since it is likely to get
4668 * rejected by kernel.
4670 if (os_strcmp(tmp
->type
, "scan") == 0 &&
4671 radio
->external_scan_running
&&
4672 (((struct wpa_driver_scan_params
*)
4673 tmp
->ctx
)->only_new_results
||
4674 tmp
->wpa_s
->clear_driver_scan_cache
))
4677 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
4678 "active_work:%s new_work:%s",
4679 active_work
->type
, tmp
->type
);
4684 /* Did not find a radio work to schedule in parallel. */
4689 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
4691 struct wpa_radio
*radio
= eloop_ctx
;
4692 struct wpa_radio_work
*work
;
4693 struct os_reltime now
, diff
;
4694 struct wpa_supplicant
*wpa_s
;
4696 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
4698 radio
->num_active_works
= 0;
4702 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
4706 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
4708 return; /* already started and still in progress */
4710 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
4711 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
4716 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4717 /* get the work to schedule next */
4718 work
= radio_work_get_next_work(radio
);
4724 wpa_s
= work
->wpa_s
;
4725 os_get_reltime(&now
);
4726 os_reltime_sub(&now
, &work
->time
, &diff
);
4727 wpa_dbg(wpa_s
, MSG_DEBUG
,
4728 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4729 work
->type
, work
, diff
.sec
, diff
.usec
);
4732 radio
->num_active_works
++;
4736 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
4737 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
4738 radio_work_check_next(wpa_s
);
4743 * This function removes both started and pending radio works running on
4744 * the provided interface's radio.
4745 * Prior to the removal of the radio work, its callback (cb) is called with
4746 * deinit set to be 1. Each work's callback is responsible for clearing its
4747 * internal data and restoring to a correct state.
4748 * @wpa_s: wpa_supplicant data
4749 * @type: type of works to be removed
4750 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4751 * this interface's works.
4753 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
4754 const char *type
, int remove_all
)
4756 struct wpa_radio_work
*work
, *tmp
;
4757 struct wpa_radio
*radio
= wpa_s
->radio
;
4759 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
4761 if (type
&& os_strcmp(type
, work
->type
) != 0)
4764 /* skip other ifaces' works */
4765 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
4768 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
4769 work
->type
, work
, work
->started
? " (started)" : "");
4771 radio_work_free(work
);
4774 /* in case we removed the started work */
4775 radio_work_check_next(wpa_s
);
4779 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
4781 struct wpa_radio
*radio
= wpa_s
->radio
;
4786 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
4787 wpa_s
->ifname
, radio
->name
);
4788 dl_list_del(&wpa_s
->radio_list
);
4789 radio_remove_works(wpa_s
, NULL
, 0);
4790 wpa_s
->radio
= NULL
;
4791 if (!dl_list_empty(&radio
->ifaces
))
4792 return; /* Interfaces remain for this radio */
4794 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
4795 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4800 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
4802 struct wpa_radio
*radio
= wpa_s
->radio
;
4804 if (dl_list_empty(&radio
->work
))
4806 if (wpa_s
->ext_work_in_progress
) {
4807 wpa_printf(MSG_DEBUG
,
4808 "External radio work in progress - delay start of pending item");
4811 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
4812 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
4817 * radio_add_work - Add a radio work item
4818 * @wpa_s: Pointer to wpa_supplicant data
4819 * @freq: Frequency of the offchannel operation in MHz or 0
4820 * @type: Unique identifier for each type of work
4821 * @next: Force as the next work to be executed
4822 * @cb: Callback function for indicating when radio is available
4823 * @ctx: Context pointer for the work (work->ctx in cb())
4824 * Returns: 0 on success, -1 on failure
4826 * This function is used to request time for an operation that requires
4827 * exclusive radio control. Once the radio is available, the registered callback
4828 * function will be called. radio_work_done() must be called once the exclusive
4829 * radio operation has been completed, so that the radio is freed for other
4830 * operations. The special case of deinit=1 is used to free the context data
4831 * during interface removal. That does not allow the callback function to start
4832 * the radio operation, i.e., it must free any resources allocated for the radio
4835 * The @freq parameter can be used to indicate a single channel on which the
4836 * offchannel operation will occur. This may allow multiple radio work
4837 * operations to be performed in parallel if they apply for the same channel.
4838 * Setting this to 0 indicates that the work item may use multiple channels or
4839 * requires exclusive control of the radio.
4841 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
4842 const char *type
, int next
,
4843 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
4846 struct wpa_radio
*radio
= wpa_s
->radio
;
4847 struct wpa_radio_work
*work
;
4850 work
= os_zalloc(sizeof(*work
));
4853 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
4854 os_get_reltime(&work
->time
);
4857 work
->wpa_s
= wpa_s
;
4862 work
->bands
= wpas_freq_to_band(freq
);
4863 else if (os_strcmp(type
, "scan") == 0 ||
4864 os_strcmp(type
, "p2p-scan") == 0)
4865 work
->bands
= wpas_get_bands(wpa_s
,
4866 ((struct wpa_driver_scan_params
*)
4869 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
4871 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
4873 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
4875 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
4877 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
4878 radio_work_check_next(wpa_s
);
4879 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
4880 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
4881 wpa_dbg(wpa_s
, MSG_DEBUG
,
4882 "Try to schedule a radio work (num_active_works=%u)",
4883 radio
->num_active_works
);
4884 radio_work_check_next(wpa_s
);
4892 * radio_work_done - Indicate that a radio work item has been completed
4893 * @work: Completed work
4895 * This function is called once the callback function registered with
4896 * radio_add_work() has completed its work.
4898 void radio_work_done(struct wpa_radio_work
*work
)
4900 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
4901 struct os_reltime now
, diff
;
4902 unsigned int started
= work
->started
;
4904 os_get_reltime(&now
);
4905 os_reltime_sub(&now
, &work
->time
, &diff
);
4906 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4907 work
->type
, work
, started
? "done" : "canceled",
4908 diff
.sec
, diff
.usec
);
4909 radio_work_free(work
);
4911 radio_work_check_next(wpa_s
);
4915 struct wpa_radio_work
*
4916 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
4918 struct wpa_radio_work
*work
;
4919 struct wpa_radio
*radio
= wpa_s
->radio
;
4921 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
4922 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
4930 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
4931 struct wpa_interface
*iface
)
4933 const char *ifname
, *driver
, *rn
;
4935 driver
= iface
->driver
;
4937 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
4940 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
4941 if (wpa_s
->drv_priv
== NULL
) {
4943 pos
= driver
? os_strchr(driver
, ',') : NULL
;
4945 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
4946 "driver interface - try next driver wrapper");
4950 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
4954 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
4955 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
4956 "driver_param '%s'", wpa_s
->conf
->driver_param
);
4960 ifname
= wpa_drv_get_ifname(wpa_s
);
4961 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
4962 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
4963 "interface name with '%s'", ifname
);
4964 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
4967 rn
= wpa_driver_get_radio_name(wpa_s
);
4968 if (rn
&& rn
[0] == '\0')
4971 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
4972 if (wpa_s
->radio
== NULL
)
4979 #ifdef CONFIG_GAS_SERVER
4981 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
4982 unsigned int freq
, const u8
*dst
,
4983 const u8
*src
, const u8
*bssid
,
4984 const u8
*data
, size_t data_len
,
4985 enum offchannel_send_action_result result
)
4987 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
4990 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
4991 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
4993 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
4994 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
4998 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
4999 struct wpabuf
*buf
, unsigned int wait_time
)
5001 struct wpa_supplicant
*wpa_s
= ctx
;
5002 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5004 if (wait_time
> wpa_s
->max_remain_on_chan
)
5005 wait_time
= wpa_s
->max_remain_on_chan
;
5007 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5008 wpabuf_head(buf
), wpabuf_len(buf
),
5009 wait_time
, wpas_gas_server_tx_status
, 0);
5012 #endif /* CONFIG_GAS_SERVER */
5014 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5015 struct wpa_interface
*iface
)
5017 struct wpa_driver_capa capa
;
5021 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5022 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5023 iface
->confname
? iface
->confname
: "N/A",
5024 iface
->driver
? iface
->driver
: "default",
5025 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5026 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5028 if (iface
->confname
) {
5029 #ifdef CONFIG_BACKEND_FILE
5030 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5031 if (wpa_s
->confname
== NULL
) {
5032 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5033 "for configuration file '%s'.",
5037 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5038 iface
->confname
, wpa_s
->confname
);
5039 #else /* CONFIG_BACKEND_FILE */
5040 wpa_s
->confname
= os_strdup(iface
->confname
);
5041 #endif /* CONFIG_BACKEND_FILE */
5042 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5043 if (wpa_s
->conf
== NULL
) {
5044 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5045 "configuration '%s'.", wpa_s
->confname
);
5048 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5049 wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
);
5052 * Override ctrl_interface and driver_param if set on command
5055 if (iface
->ctrl_interface
) {
5056 os_free(wpa_s
->conf
->ctrl_interface
);
5057 wpa_s
->conf
->ctrl_interface
=
5058 os_strdup(iface
->ctrl_interface
);
5061 if (iface
->driver_param
) {
5062 os_free(wpa_s
->conf
->driver_param
);
5063 wpa_s
->conf
->driver_param
=
5064 os_strdup(iface
->driver_param
);
5067 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5068 os_free(wpa_s
->conf
->ctrl_interface
);
5069 wpa_s
->conf
->ctrl_interface
= NULL
;
5072 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5073 iface
->driver_param
);
5075 if (wpa_s
->conf
== NULL
) {
5076 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5080 if (iface
->ifname
== NULL
) {
5081 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5084 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5085 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5089 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5091 if (iface
->bridge_ifname
) {
5092 if (os_strlen(iface
->bridge_ifname
) >=
5093 sizeof(wpa_s
->bridge_ifname
)) {
5094 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5095 "name '%s'.", iface
->bridge_ifname
);
5098 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5099 sizeof(wpa_s
->bridge_ifname
));
5102 /* RSNA Supplicant Key Management - INITIALIZE */
5103 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5104 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5106 /* Initialize driver interface and register driver event handler before
5107 * L2 receive handler so that association events are processed before
5108 * EAPOL-Key packets if both become available for the same select()
5110 if (wpas_init_driver(wpa_s
, iface
) < 0)
5113 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5116 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5117 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5119 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5121 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5122 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5123 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5124 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5125 "dot11RSNAConfigPMKLifetime");
5129 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5130 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5131 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5132 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5133 "dot11RSNAConfigPMKReauthThreshold");
5137 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5138 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5139 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5140 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5141 "dot11RSNAConfigSATimeout");
5145 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5146 &wpa_s
->hw
.num_modes
,
5149 if (wpa_s
->hw
.modes
) {
5152 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5153 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5154 wpa_s
->hw_capab
= CAPAB_VHT
;
5158 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5159 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5160 wpa_s
->hw_capab
= CAPAB_HT40
;
5161 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5162 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5163 wpa_s
->hw_capab
= CAPAB_HT
;
5167 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5168 if (capa_res
== 0) {
5169 wpa_s
->drv_capa_known
= 1;
5170 wpa_s
->drv_flags
= capa
.flags
;
5171 wpa_s
->drv_enc
= capa
.enc
;
5172 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5173 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5174 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5175 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5176 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5177 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5178 wpa_s
->max_sched_scan_plan_interval
=
5179 capa
.max_sched_scan_plan_interval
;
5180 wpa_s
->max_sched_scan_plan_iterations
=
5181 capa
.max_sched_scan_plan_iterations
;
5182 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5183 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5184 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5185 wpa_s
->max_stations
= capa
.max_stations
;
5186 wpa_s
->extended_capa
= capa
.extended_capa
;
5187 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5188 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5189 wpa_s
->num_multichan_concurrent
=
5190 capa
.num_multichan_concurrent
;
5191 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5193 if (capa
.mac_addr_rand_scan_supported
)
5194 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5195 if (wpa_s
->sched_scan_supported
&&
5196 capa
.mac_addr_rand_sched_scan_supported
)
5197 wpa_s
->mac_addr_rand_supported
|=
5198 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5200 if (wpa_s
->max_remain_on_chan
== 0)
5201 wpa_s
->max_remain_on_chan
= 1000;
5204 * Only take p2p_mgmt parameters when P2P Device is supported.
5205 * Doing it here as it determines whether l2_packet_init() will be done
5206 * during wpa_supplicant_driver_init().
5208 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5209 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5211 iface
->p2p_mgmt
= 1;
5213 if (wpa_s
->num_multichan_concurrent
== 0)
5214 wpa_s
->num_multichan_concurrent
= 1;
5216 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5220 if ((!iface
->p2p_mgmt
||
5221 !(wpa_s
->drv_flags
&
5222 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
5223 wpa_tdls_init(wpa_s
->wpa
))
5225 #endif /* CONFIG_TDLS */
5227 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5228 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5229 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5234 if (wpa_s
->conf
->fst_group_id
) {
5235 struct fst_iface_cfg cfg
;
5236 struct fst_wpa_obj iface_obj
;
5238 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5239 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5240 sizeof(cfg
.group_id
));
5241 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5242 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5244 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5247 wpa_msg(wpa_s
, MSG_ERROR
,
5248 "FST: Cannot attach iface %s to group %s",
5249 wpa_s
->ifname
, cfg
.group_id
);
5253 #endif /* CONFIG_FST */
5255 if (wpas_wps_init(wpa_s
))
5258 #ifdef CONFIG_GAS_SERVER
5259 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5260 if (!wpa_s
->gas_server
) {
5261 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5264 #endif /* CONFIG_GAS_SERVER */
5267 if (wpas_dpp_init(wpa_s
) < 0)
5269 #endif /* CONFIG_DPP */
5271 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5273 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5275 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5276 if (wpa_s
->ctrl_iface
== NULL
) {
5277 wpa_printf(MSG_ERROR
,
5278 "Failed to initialize control interface '%s'.\n"
5279 "You may have another wpa_supplicant process "
5280 "already running or the file was\n"
5281 "left by an unclean termination of wpa_supplicant "
5282 "in which case you will need\n"
5283 "to manually remove this file before starting "
5284 "wpa_supplicant again.\n",
5285 wpa_s
->conf
->ctrl_interface
);
5289 wpa_s
->gas
= gas_query_init(wpa_s
);
5290 if (wpa_s
->gas
== NULL
) {
5291 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5295 if (iface
->p2p_mgmt
&& wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5296 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5300 if (wpa_bss_init(wpa_s
) < 0)
5303 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5305 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5306 #endif /* CONFIG_MESH */
5307 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5310 * Set Wake-on-WLAN triggers, if configured.
5311 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5312 * have effect anyway when the interface is down).
5314 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5317 #ifdef CONFIG_EAP_PROXY
5320 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5322 if (wpa_s
->mnc_len
> 0) {
5323 wpa_s
->imsi
[len
] = '\0';
5324 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5325 wpa_s
->imsi
, wpa_s
->mnc_len
);
5327 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5330 #endif /* CONFIG_EAP_PROXY */
5332 if (pcsc_reader_init(wpa_s
) < 0)
5335 if (wpas_init_ext_pw(wpa_s
) < 0)
5338 wpas_rrm_reset(wpa_s
);
5340 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5344 #endif /* CONFIG_HS20 */
5346 if (wpa_s
->conf
->oce
) {
5347 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5348 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5349 wpa_s
->enable_oce
= OCE_STA
;
5350 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5351 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5352 /* TODO: Need to add STA-CFON support */
5353 wpa_printf(MSG_ERROR
,
5354 "OCE STA-CFON feature is not yet supported");
5357 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
5358 #endif /* CONFIG_MBO */
5360 wpa_supplicant_set_default_scan_ies(wpa_s
);
5366 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
5367 int notify
, int terminate
)
5369 struct wpa_global
*global
= wpa_s
->global
;
5370 struct wpa_supplicant
*iface
, *prev
;
5372 if (wpa_s
== wpa_s
->parent
)
5373 wpas_p2p_group_remove(wpa_s
, "*");
5375 iface
= global
->ifaces
;
5377 if (iface
->p2pdev
== wpa_s
)
5378 iface
->p2pdev
= iface
->parent
;
5379 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
5380 iface
= iface
->next
;
5383 wpa_printf(MSG_DEBUG
,
5384 "Remove remaining child interface %s from parent %s",
5385 iface
->ifname
, wpa_s
->ifname
);
5387 iface
= iface
->next
;
5388 wpa_supplicant_remove_iface(global
, prev
, terminate
);
5391 wpa_s
->disconnected
= 1;
5392 if (wpa_s
->drv_priv
) {
5393 wpa_supplicant_deauthenticate(wpa_s
,
5394 WLAN_REASON_DEAUTH_LEAVING
);
5396 wpa_drv_set_countermeasures(wpa_s
, 0);
5397 wpa_clear_keys(wpa_s
, NULL
);
5400 wpa_supplicant_cleanup(wpa_s
);
5401 wpas_p2p_deinit_iface(wpa_s
);
5403 wpas_ctrl_radio_work_flush(wpa_s
);
5404 radio_remove_interface(wpa_s
);
5408 fst_detach(wpa_s
->fst
);
5411 if (wpa_s
->received_mb_ies
) {
5412 wpabuf_free(wpa_s
->received_mb_ies
);
5413 wpa_s
->received_mb_ies
= NULL
;
5415 #endif /* CONFIG_FST */
5417 if (wpa_s
->drv_priv
)
5418 wpa_drv_deinit(wpa_s
);
5421 wpas_notify_iface_removed(wpa_s
);
5424 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
5426 if (wpa_s
->ctrl_iface
) {
5427 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
5428 wpa_s
->ctrl_iface
= NULL
;
5433 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
5434 wpa_s
->ifmsh
= NULL
;
5436 #endif /* CONFIG_MESH */
5438 if (wpa_s
->conf
!= NULL
) {
5439 wpa_config_free(wpa_s
->conf
);
5443 os_free(wpa_s
->ssids_from_scan_req
);
5449 #ifdef CONFIG_MATCH_IFACE
5452 * wpa_supplicant_match_iface - Match an interface description to a name
5453 * @global: Pointer to global data from wpa_supplicant_init()
5454 * @ifname: Name of the interface to match
5455 * Returns: Pointer to the created interface description or %NULL on failure
5457 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
5461 struct wpa_interface
*iface
, *miface
;
5463 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
5464 miface
= &global
->params
.match_ifaces
[i
];
5465 if (!miface
->ifname
||
5466 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
5467 iface
= os_zalloc(sizeof(*iface
));
5471 iface
->ifname
= ifname
;
5481 * wpa_supplicant_match_existing - Match existing interfaces
5482 * @global: Pointer to global data from wpa_supplicant_init()
5483 * Returns: 0 on success, -1 on failure
5485 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
5487 struct if_nameindex
*ifi
, *ifp
;
5488 struct wpa_supplicant
*wpa_s
;
5489 struct wpa_interface
*iface
;
5491 ifp
= if_nameindex();
5493 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
5497 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
5498 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
5501 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
5503 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
5510 if_freenameindex(ifp
);
5514 #endif /* CONFIG_MATCH_IFACE */
5518 * wpa_supplicant_add_iface - Add a new network interface
5519 * @global: Pointer to global data from wpa_supplicant_init()
5520 * @iface: Interface configuration options
5521 * @parent: Parent interface or %NULL to assign new interface as parent
5522 * Returns: Pointer to the created interface or %NULL on failure
5524 * This function is used to add new network interfaces for %wpa_supplicant.
5525 * This can be called before wpa_supplicant_run() to add interfaces before the
5526 * main event loop has been started. In addition, new interfaces can be added
5527 * dynamically while %wpa_supplicant is already running. This could happen,
5528 * e.g., when a hotplug network adapter is inserted.
5530 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
5531 struct wpa_interface
*iface
,
5532 struct wpa_supplicant
*parent
)
5534 struct wpa_supplicant
*wpa_s
;
5535 struct wpa_interface t_iface
;
5536 struct wpa_ssid
*ssid
;
5538 if (global
== NULL
|| iface
== NULL
)
5541 wpa_s
= wpa_supplicant_alloc(parent
);
5545 wpa_s
->global
= global
;
5548 if (global
->params
.override_driver
) {
5549 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
5551 iface
->driver
, global
->params
.override_driver
);
5552 t_iface
.driver
= global
->params
.override_driver
;
5554 if (global
->params
.override_ctrl_interface
) {
5555 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
5556 "ctrl_interface ('%s' -> '%s')",
5557 iface
->ctrl_interface
,
5558 global
->params
.override_ctrl_interface
);
5559 t_iface
.ctrl_interface
=
5560 global
->params
.override_ctrl_interface
;
5562 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
5563 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
5565 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
5569 if (iface
->p2p_mgmt
== 0) {
5570 /* Notify the control interfaces about new iface */
5571 if (wpas_notify_iface_added(wpa_s
)) {
5572 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
5576 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
5577 wpas_notify_network_added(wpa_s
, ssid
);
5580 wpa_s
->next
= global
->ifaces
;
5581 global
->ifaces
= wpa_s
;
5583 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
5584 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
5587 if (wpa_s
->global
->p2p
== NULL
&&
5588 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
5589 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
5590 wpas_p2p_add_p2pdev_interface(
5591 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
5592 wpa_printf(MSG_INFO
,
5593 "P2P: Failed to enable P2P Device interface");
5594 /* Try to continue without. P2P will be disabled. */
5596 #endif /* CONFIG_P2P */
5603 * wpa_supplicant_remove_iface - Remove a network interface
5604 * @global: Pointer to global data from wpa_supplicant_init()
5605 * @wpa_s: Pointer to the network interface to be removed
5606 * Returns: 0 if interface was removed, -1 if interface was not found
5608 * This function can be used to dynamically remove network interfaces from
5609 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5610 * addition, this function is used to remove all remaining interfaces when
5611 * %wpa_supplicant is terminated.
5613 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
5614 struct wpa_supplicant
*wpa_s
,
5617 struct wpa_supplicant
*prev
;
5619 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
5620 char *ifname
= NULL
;
5621 struct wpa_supplicant
*parent
= wpa_s
->parent
;
5622 #endif /* CONFIG_MESH */
5624 /* Remove interface from the global list of interfaces */
5625 prev
= global
->ifaces
;
5626 if (prev
== wpa_s
) {
5627 global
->ifaces
= wpa_s
->next
;
5629 while (prev
&& prev
->next
!= wpa_s
)
5633 prev
->next
= wpa_s
->next
;
5636 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
5639 if (mesh_if_created
) {
5640 ifname
= os_strdup(wpa_s
->ifname
);
5641 if (ifname
== NULL
) {
5642 wpa_dbg(wpa_s
, MSG_ERROR
,
5643 "mesh: Failed to malloc ifname");
5647 #endif /* CONFIG_MESH */
5649 if (global
->p2p_group_formation
== wpa_s
)
5650 global
->p2p_group_formation
= NULL
;
5651 if (global
->p2p_invite_group
== wpa_s
)
5652 global
->p2p_invite_group
= NULL
;
5653 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
5656 if (mesh_if_created
) {
5657 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
5660 #endif /* CONFIG_MESH */
5667 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5668 * @wpa_s: Pointer to the network interface
5669 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5671 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
5673 const char *eapol_method
;
5675 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
5676 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
5680 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
5681 if (eapol_method
== NULL
)
5682 return "UNKNOWN-EAP";
5684 return eapol_method
;
5689 * wpa_supplicant_get_iface - Get a new network interface
5690 * @global: Pointer to global data from wpa_supplicant_init()
5691 * @ifname: Interface name
5692 * Returns: Pointer to the interface or %NULL if not found
5694 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
5697 struct wpa_supplicant
*wpa_s
;
5699 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5700 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
5707 #ifndef CONFIG_NO_WPA_MSG
5708 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
5710 struct wpa_supplicant
*wpa_s
= ctx
;
5713 return wpa_s
->ifname
;
5715 #endif /* CONFIG_NO_WPA_MSG */
5718 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5719 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5720 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5722 /* Periodic cleanup tasks */
5723 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
5725 struct wpa_global
*global
= eloop_ctx
;
5726 struct wpa_supplicant
*wpa_s
;
5728 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5729 wpas_periodic
, global
, NULL
);
5733 p2p_expire_peers(global
->p2p
);
5734 #endif /* CONFIG_P2P */
5736 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
5737 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
5740 #endif /* CONFIG_AP */
5746 * wpa_supplicant_init - Initialize %wpa_supplicant
5747 * @params: Parameters for %wpa_supplicant
5748 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5750 * This function is used to initialize %wpa_supplicant. After successful
5751 * initialization, the returned data pointer can be used to add and remove
5752 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5754 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
5756 struct wpa_global
*global
;
5762 #ifdef CONFIG_DRIVER_NDIS
5764 void driver_ndis_init_ops(void);
5765 driver_ndis_init_ops();
5767 #endif /* CONFIG_DRIVER_NDIS */
5769 #ifndef CONFIG_NO_WPA_MSG
5770 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
5771 #endif /* CONFIG_NO_WPA_MSG */
5773 if (params
->wpa_debug_file_path
)
5774 wpa_debug_open_file(params
->wpa_debug_file_path
);
5776 wpa_debug_setup_stdout();
5777 if (params
->wpa_debug_syslog
)
5778 wpa_debug_open_syslog();
5779 if (params
->wpa_debug_tracing
) {
5780 ret
= wpa_debug_open_linux_tracing();
5782 wpa_printf(MSG_ERROR
,
5783 "Failed to enable trace logging");
5788 ret
= eap_register_methods();
5790 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
5792 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
5793 "the same EAP type.");
5797 global
= os_zalloc(sizeof(*global
));
5800 dl_list_init(&global
->p2p_srv_bonjour
);
5801 dl_list_init(&global
->p2p_srv_upnp
);
5802 global
->params
.daemonize
= params
->daemonize
;
5803 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
5804 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
5805 if (params
->pid_file
)
5806 global
->params
.pid_file
= os_strdup(params
->pid_file
);
5807 if (params
->ctrl_interface
)
5808 global
->params
.ctrl_interface
=
5809 os_strdup(params
->ctrl_interface
);
5810 if (params
->ctrl_interface_group
)
5811 global
->params
.ctrl_interface_group
=
5812 os_strdup(params
->ctrl_interface_group
);
5813 if (params
->override_driver
)
5814 global
->params
.override_driver
=
5815 os_strdup(params
->override_driver
);
5816 if (params
->override_ctrl_interface
)
5817 global
->params
.override_ctrl_interface
=
5818 os_strdup(params
->override_ctrl_interface
);
5819 #ifdef CONFIG_MATCH_IFACE
5820 global
->params
.match_iface_count
= params
->match_iface_count
;
5821 if (params
->match_iface_count
) {
5822 global
->params
.match_ifaces
=
5823 os_calloc(params
->match_iface_count
,
5824 sizeof(struct wpa_interface
));
5825 os_memcpy(global
->params
.match_ifaces
,
5826 params
->match_ifaces
,
5827 params
->match_iface_count
*
5828 sizeof(struct wpa_interface
));
5830 #endif /* CONFIG_MATCH_IFACE */
5832 if (params
->conf_p2p_dev
)
5833 global
->params
.conf_p2p_dev
=
5834 os_strdup(params
->conf_p2p_dev
);
5835 #endif /* CONFIG_P2P */
5836 wpa_debug_level
= global
->params
.wpa_debug_level
=
5837 params
->wpa_debug_level
;
5838 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
5839 params
->wpa_debug_show_keys
;
5840 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
5841 params
->wpa_debug_timestamp
;
5843 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
5846 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
5847 wpa_supplicant_deinit(global
);
5851 random_init(params
->entropy_file
);
5853 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
5854 if (global
->ctrl_iface
== NULL
) {
5855 wpa_supplicant_deinit(global
);
5859 if (wpas_notify_supplicant_initialized(global
)) {
5860 wpa_supplicant_deinit(global
);
5864 for (i
= 0; wpa_drivers
[i
]; i
++)
5865 global
->drv_count
++;
5866 if (global
->drv_count
== 0) {
5867 wpa_printf(MSG_ERROR
, "No drivers enabled");
5868 wpa_supplicant_deinit(global
);
5871 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
5872 if (global
->drv_priv
== NULL
) {
5873 wpa_supplicant_deinit(global
);
5877 #ifdef CONFIG_WIFI_DISPLAY
5878 if (wifi_display_init(global
) < 0) {
5879 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
5880 wpa_supplicant_deinit(global
);
5883 #endif /* CONFIG_WIFI_DISPLAY */
5885 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
5886 wpas_periodic
, global
, NULL
);
5893 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5894 * @global: Pointer to global data from wpa_supplicant_init()
5895 * Returns: 0 after successful event loop run, -1 on failure
5897 * This function starts the main event loop and continues running as long as
5898 * there are any remaining events. In most cases, this function is running as
5899 * long as the %wpa_supplicant process in still in use.
5901 int wpa_supplicant_run(struct wpa_global
*global
)
5903 struct wpa_supplicant
*wpa_s
;
5905 if (global
->params
.daemonize
&&
5906 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
5907 eloop_sock_requeue()))
5910 #ifdef CONFIG_MATCH_IFACE
5911 if (wpa_supplicant_match_existing(global
))
5915 if (global
->params
.wait_for_monitor
) {
5916 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
5917 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
5918 wpa_supplicant_ctrl_iface_wait(
5922 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
5923 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
5932 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5933 * @global: Pointer to global data from wpa_supplicant_init()
5935 * This function is called to deinitialize %wpa_supplicant and to free all
5936 * allocated resources. Remaining network interfaces will also be removed.
5938 void wpa_supplicant_deinit(struct wpa_global
*global
)
5945 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
5947 #ifdef CONFIG_WIFI_DISPLAY
5948 wifi_display_deinit(global
);
5949 #endif /* CONFIG_WIFI_DISPLAY */
5951 while (global
->ifaces
)
5952 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
5954 if (global
->ctrl_iface
)
5955 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
5957 wpas_notify_supplicant_deinitialized(global
);
5959 eap_peer_unregister_methods();
5961 eap_server_unregister_methods();
5962 #endif /* CONFIG_AP */
5964 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
5965 if (!global
->drv_priv
[i
])
5967 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
5969 os_free(global
->drv_priv
);
5975 if (global
->params
.pid_file
) {
5976 os_daemonize_terminate(global
->params
.pid_file
);
5977 os_free(global
->params
.pid_file
);
5979 os_free(global
->params
.ctrl_interface
);
5980 os_free(global
->params
.ctrl_interface_group
);
5981 os_free(global
->params
.override_driver
);
5982 os_free(global
->params
.override_ctrl_interface
);
5983 #ifdef CONFIG_MATCH_IFACE
5984 os_free(global
->params
.match_ifaces
);
5985 #endif /* CONFIG_MATCH_IFACE */
5987 os_free(global
->params
.conf_p2p_dev
);
5988 #endif /* CONFIG_P2P */
5990 os_free(global
->p2p_disallow_freq
.range
);
5991 os_free(global
->p2p_go_avoid_freq
.range
);
5992 os_free(global
->add_psk
);
5995 wpa_debug_close_syslog();
5996 wpa_debug_close_file();
5997 wpa_debug_close_linux_tracing();
6001 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6003 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6004 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6006 country
[0] = wpa_s
->conf
->country
[0];
6007 country
[1] = wpa_s
->conf
->country
[1];
6009 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6010 wpa_printf(MSG_ERROR
, "Failed to set country code "
6015 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6016 wpas_init_ext_pw(wpa_s
);
6018 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6019 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6022 wpas_wps_update_config(wpa_s
);
6023 #endif /* CONFIG_WPS */
6024 wpas_p2p_update_config(wpa_s
);
6025 wpa_s
->conf
->changed_parameters
= 0;
6029 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6033 for (i
= 0; i
< *num_freqs
; i
++) {
6034 if (freqs
[i
] == freq
)
6038 freqs
[*num_freqs
] = freq
;
6043 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6045 struct wpa_bss
*bss
, *cbss
;
6046 const int max_freqs
= 10;
6050 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6054 cbss
= wpa_s
->current_bss
;
6056 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6059 if (bss
->ssid_len
== cbss
->ssid_len
&&
6060 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6061 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6062 add_freq(freqs
, &num_freqs
, bss
->freq
);
6063 if (num_freqs
== max_freqs
)
6068 if (num_freqs
== 0) {
6077 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6083 wpas_connect_work_done(wpa_s
);
6086 * Remove possible authentication timeout since the connection failed.
6088 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6091 * There is no point in blacklisting the AP if this event is
6092 * generated based on local request to disconnect.
6094 if (wpa_s
->own_disconnect_req
) {
6095 wpa_s
->own_disconnect_req
= 0;
6096 wpa_dbg(wpa_s
, MSG_DEBUG
,
6097 "Ignore connection failure due to local request to disconnect");
6100 if (wpa_s
->disconnected
) {
6101 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6102 "indication since interface has been put into "
6103 "disconnected state");
6108 * Add the failed BSSID into the blacklist and speed up next scan
6109 * attempt if there could be other APs that could accept association.
6110 * The current blacklist count indicates how many times we have tried
6111 * connecting to this AP and multiple attempts mean that other APs are
6112 * either not available or has already been tried, so that we can start
6113 * increasing the delay here to avoid constant scanning.
6115 count
= wpa_blacklist_add(wpa_s
, bssid
);
6116 if (count
== 1 && wpa_s
->current_bss
) {
6118 * This BSS was not in the blacklist before. If there is
6119 * another BSS available for the same ESS, we should try that
6120 * next. Otherwise, we may as well try this one once more
6121 * before allowing other, likely worse, ESSes to be considered.
6123 freqs
= get_bss_freqs_in_ess(wpa_s
);
6125 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6126 "has been seen; try it next");
6127 wpa_blacklist_add(wpa_s
, bssid
);
6129 * On the next scan, go through only the known channels
6130 * used in this ESS based on previous scans to speed up
6131 * common load balancing use case.
6133 os_free(wpa_s
->next_scan_freqs
);
6134 wpa_s
->next_scan_freqs
= freqs
;
6139 * Add previous failure count in case the temporary blacklist was
6140 * cleared due to no other BSSes being available.
6142 count
+= wpa_s
->extra_blacklist_count
;
6144 if (count
> 3 && wpa_s
->current_ssid
) {
6145 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6146 "consider temporary network disabling");
6147 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6168 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6169 "ms", count
, timeout
);
6172 * TODO: if more than one possible AP is available in scan results,
6173 * could try the other ones before requesting a new scan.
6175 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6176 1000 * (timeout
% 1000));
6180 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6182 return wpa_s
->conf
->ap_scan
== 2 ||
6183 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6187 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6188 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6189 struct wpa_ssid
*ssid
,
6193 #ifdef IEEE8021X_EAPOL
6194 struct eap_peer_config
*eap
= &ssid
->eap
;
6196 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6197 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6198 (const u8
*) value
, os_strlen(value
));
6200 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6201 case WPA_CTRL_REQ_EAP_IDENTITY
:
6202 os_free(eap
->identity
);
6203 eap
->identity
= (u8
*) os_strdup(value
);
6204 eap
->identity_len
= os_strlen(value
);
6205 eap
->pending_req_identity
= 0;
6206 if (ssid
== wpa_s
->current_ssid
)
6207 wpa_s
->reassociate
= 1;
6209 case WPA_CTRL_REQ_EAP_PASSWORD
:
6210 bin_clear_free(eap
->password
, eap
->password_len
);
6211 eap
->password
= (u8
*) os_strdup(value
);
6212 eap
->password_len
= os_strlen(value
);
6213 eap
->pending_req_password
= 0;
6214 if (ssid
== wpa_s
->current_ssid
)
6215 wpa_s
->reassociate
= 1;
6217 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6218 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6219 eap
->new_password
= (u8
*) os_strdup(value
);
6220 eap
->new_password_len
= os_strlen(value
);
6221 eap
->pending_req_new_password
= 0;
6222 if (ssid
== wpa_s
->current_ssid
)
6223 wpa_s
->reassociate
= 1;
6225 case WPA_CTRL_REQ_EAP_PIN
:
6226 str_clear_free(eap
->pin
);
6227 eap
->pin
= os_strdup(value
);
6228 eap
->pending_req_pin
= 0;
6229 if (ssid
== wpa_s
->current_ssid
)
6230 wpa_s
->reassociate
= 1;
6232 case WPA_CTRL_REQ_EAP_OTP
:
6233 bin_clear_free(eap
->otp
, eap
->otp_len
);
6234 eap
->otp
= (u8
*) os_strdup(value
);
6235 eap
->otp_len
= os_strlen(value
);
6236 os_free(eap
->pending_req_otp
);
6237 eap
->pending_req_otp
= NULL
;
6238 eap
->pending_req_otp_len
= 0;
6240 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6241 str_clear_free(eap
->private_key_passwd
);
6242 eap
->private_key_passwd
= os_strdup(value
);
6243 eap
->pending_req_passphrase
= 0;
6244 if (ssid
== wpa_s
->current_ssid
)
6245 wpa_s
->reassociate
= 1;
6247 case WPA_CTRL_REQ_SIM
:
6248 str_clear_free(eap
->external_sim_resp
);
6249 eap
->external_sim_resp
= os_strdup(value
);
6250 eap
->pending_req_sim
= 0;
6252 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6253 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6255 ssid
->mem_only_psk
= 1;
6256 if (ssid
->passphrase
)
6257 wpa_config_update_psk(ssid
);
6258 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6259 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6261 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6262 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6264 if (os_strcmp(value
, "good") == 0)
6265 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6266 else if (os_strcmp(value
, "bad") == 0)
6267 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6272 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6277 #else /* IEEE8021X_EAPOL */
6278 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6280 #endif /* IEEE8021X_EAPOL */
6282 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6285 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6288 unsigned int drv_enc
;
6290 if (wpa_s
->p2p_mgmt
)
6291 return 1; /* no normal network profiles on p2p_mgmt interface */
6299 if (wpa_s
->drv_capa_known
)
6300 drv_enc
= wpa_s
->drv_enc
;
6302 drv_enc
= (unsigned int) -1;
6304 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6305 size_t len
= ssid
->wep_key_len
[i
];
6308 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6310 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6312 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
6314 return 1; /* invalid WEP key */
6317 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
6318 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
6319 !ssid
->mem_only_psk
)
6326 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6328 #ifdef CONFIG_IEEE80211W
6329 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
6330 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
6331 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
6333 * Driver does not support BIP -- ignore pmf=1 default
6334 * since the connection with PMF would fail and the
6335 * configuration does not require PMF to be enabled.
6337 return NO_MGMT_FRAME_PROTECTION
;
6342 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
6343 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
6345 * Do not use the default PMF value for non-RSN networks
6346 * since PMF is available only with RSN and pmf=2
6347 * configuration would otherwise prevent connections to
6348 * all open networks.
6350 return NO_MGMT_FRAME_PROTECTION
;
6353 return wpa_s
->conf
->pmf
;
6356 return ssid
->ieee80211w
;
6357 #else /* CONFIG_IEEE80211W */
6358 return NO_MGMT_FRAME_PROTECTION
;
6359 #endif /* CONFIG_IEEE80211W */
6363 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
6365 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
6367 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
6373 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
6375 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6377 struct os_reltime now
;
6380 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
6385 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
6388 ssid
->auth_failures
++;
6391 if (ssid
->p2p_group
&&
6392 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
6394 * Skip the wait time since there is a short timeout on the
6395 * connection to a P2P group.
6399 #endif /* CONFIG_P2P */
6401 if (ssid
->auth_failures
> 50)
6403 else if (ssid
->auth_failures
> 10)
6405 else if (ssid
->auth_failures
> 5)
6407 else if (ssid
->auth_failures
> 3)
6409 else if (ssid
->auth_failures
> 2)
6411 else if (ssid
->auth_failures
> 1)
6416 if (ssid
->auth_failures
> 1 &&
6417 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
6418 dur
+= os_random() % (ssid
->auth_failures
* 10);
6420 os_get_reltime(&now
);
6421 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
6424 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
6426 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
6427 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
6428 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
6429 ssid
->auth_failures
, dur
, reason
);
6433 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
6434 struct wpa_ssid
*ssid
, int clear_failures
)
6439 if (ssid
->disabled_until
.sec
) {
6440 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
6441 "id=%d ssid=\"%s\"",
6442 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
6444 ssid
->disabled_until
.sec
= 0;
6445 ssid
->disabled_until
.usec
= 0;
6447 ssid
->auth_failures
= 0;
6451 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6455 if (wpa_s
->disallow_aps_bssid
== NULL
)
6458 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
6459 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
6460 bssid
, ETH_ALEN
) == 0)
6468 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
6473 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
6476 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
6477 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
6478 if (ssid_len
== s
->ssid_len
&&
6479 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
6488 * wpas_request_connection - Request a new connection
6489 * @wpa_s: Pointer to the network interface
6491 * This function is used to request a new connection to be found. It will mark
6492 * the interface to allow reassociation and request a new scan to find a
6493 * suitable network to connect to.
6495 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
6497 wpa_s
->normal_scans
= 0;
6498 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
6499 wpa_supplicant_reinit_autoscan(wpa_s
);
6500 wpa_s
->extra_blacklist_count
= 0;
6501 wpa_s
->disconnected
= 0;
6502 wpa_s
->reassociate
= 1;
6504 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
6505 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6507 wpa_s
->reattach
= 0;
6512 * wpas_request_disconnection - Request disconnection
6513 * @wpa_s: Pointer to the network interface
6515 * This function is used to request disconnection from the currently connected
6516 * network. This will stop any ongoing scans and initiate deauthentication.
6518 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
6521 wpa_s
->sme
.prev_bssid_set
= 0;
6522 #endif /* CONFIG_SME */
6523 wpa_s
->reassociate
= 0;
6524 wpa_s
->disconnected
= 1;
6525 wpa_supplicant_cancel_sched_scan(wpa_s
);
6526 wpa_supplicant_cancel_scan(wpa_s
);
6527 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
6528 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
6532 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
6533 struct wpa_used_freq_data
*freqs_data
,
6538 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
6540 for (i
= 0; i
< len
; i
++) {
6541 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
6542 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
6543 i
, cur
->freq
, cur
->flags
);
6549 * Find the operating frequencies of any of the virtual interfaces that
6550 * are using the same radio as the current interface, and in addition, get
6551 * information about the interface types that are using the frequency.
6553 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
6554 struct wpa_used_freq_data
*freqs_data
,
6557 struct wpa_supplicant
*ifs
;
6560 unsigned int idx
= 0, i
;
6562 wpa_dbg(wpa_s
, MSG_DEBUG
,
6563 "Determining shared radio frequencies (max len %u)", len
);
6564 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
6566 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
6571 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
6574 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
6575 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
6576 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
6577 freq
= ifs
->current_ssid
->frequency
;
6578 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
6579 freq
= ifs
->assoc_freq
;
6583 /* Hold only distinct freqs */
6584 for (i
= 0; i
< idx
; i
++)
6585 if (freqs_data
[i
].freq
== freq
)
6589 freqs_data
[idx
++].freq
= freq
;
6591 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
6592 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
6593 WPA_FREQ_USED_BY_P2P_CLIENT
:
6594 WPA_FREQ_USED_BY_INFRA_STATION
;
6598 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
6604 * Find the operating frequencies of any of the virtual interfaces that
6605 * are using the same radio as the current interface.
6607 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
6608 int *freq_array
, unsigned int len
)
6610 struct wpa_used_freq_data
*freqs_data
;
6613 os_memset(freq_array
, 0, sizeof(int) * len
);
6615 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
6619 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
6620 for (i
= 0; i
< num
; i
++)
6621 freq_array
[i
] = freqs_data
[i
].freq
;
6623 os_free(freqs_data
);
6629 struct wpa_supplicant
*
6630 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
6634 case VENDOR_ELEM_PROBE_REQ_P2P
:
6635 case VENDOR_ELEM_PROBE_RESP_P2P
:
6636 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
6637 case VENDOR_ELEM_BEACON_P2P_GO
:
6638 case VENDOR_ELEM_P2P_PD_REQ
:
6639 case VENDOR_ELEM_P2P_PD_RESP
:
6640 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
6641 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
6642 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
6643 case VENDOR_ELEM_P2P_INV_REQ
:
6644 case VENDOR_ELEM_P2P_INV_RESP
:
6645 case VENDOR_ELEM_P2P_ASSOC_REQ
:
6646 case VENDOR_ELEM_P2P_ASSOC_RESP
:
6647 return wpa_s
->p2pdev
;
6648 #endif /* CONFIG_P2P */
6655 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
6660 wpa_printf(MSG_DEBUG
, "Update vendor elements");
6662 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
6663 if (wpa_s
->vendor_elem
[i
]) {
6666 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
6667 if (!os_snprintf_error(sizeof(buf
), res
)) {
6668 wpa_hexdump_buf(MSG_DEBUG
, buf
,
6669 wpa_s
->vendor_elem
[i
]);
6675 if (wpa_s
->parent
== wpa_s
&&
6676 wpa_s
->global
->p2p
&&
6677 !wpa_s
->global
->p2p_disabled
)
6678 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
6679 #endif /* CONFIG_P2P */
6683 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
6684 const u8
*elem
, size_t len
)
6688 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
6689 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
6691 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
6694 if (os_memcmp(ie
, elem
, len
) != 0)
6697 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
6698 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
6699 wpa_s
->vendor_elem
[frame
] = NULL
;
6701 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
6702 wpa_s
->vendor_elem
[frame
]->used
-= len
;
6704 wpas_vendor_elem_update(wpa_s
);
6712 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
6713 u16 num_modes
, enum hostapd_hw_mode mode
)
6717 for (i
= 0; i
< num_modes
; i
++) {
6718 if (modes
[i
].mode
== mode
)
6727 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
6730 struct wpa_bss_tmp_disallowed
*bss
;
6732 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
6733 struct wpa_bss_tmp_disallowed
, list
) {
6734 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
6742 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
6744 struct wpa_bss_tmp_disallowed
*tmp
;
6745 unsigned int num_bssid
= 0;
6749 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
6752 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
6753 struct wpa_bss_tmp_disallowed
, list
) {
6754 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
6758 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
6764 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
6766 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
6767 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
6769 /* Make sure the bss is not already freed */
6770 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
6771 struct wpa_bss_tmp_disallowed
, list
) {
6773 dl_list_del(&tmp
->list
);
6775 wpa_set_driver_tmp_disallow_list(wpa_s
);
6782 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
6785 struct wpa_bss_tmp_disallowed
*bss
;
6787 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
6789 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
6790 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
6795 bss
= os_malloc(sizeof(*bss
));
6797 wpa_printf(MSG_DEBUG
,
6798 "Failed to allocate memory for temp disallow BSS");
6802 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
6803 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
6804 wpa_set_driver_tmp_disallow_list(wpa_s
);
6805 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
6810 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6812 struct wpa_bss_tmp_disallowed
*bss
= NULL
, *tmp
, *prev
;
6814 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
6815 struct wpa_bss_tmp_disallowed
, list
) {
6816 if (os_memcmp(bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {