]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
IBSS: Add support for VHT80 configuration
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
23 #include "eloop.h"
24 #include "config.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
28 #include "driver_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "common/hw_features_common.h"
37 #include "p2p/p2p.h"
38 #include "blacklist.h"
39 #include "wpas_glue.h"
40 #include "wps_supplicant.h"
41 #include "ibss_rsn.h"
42 #include "sme.h"
43 #include "gas_query.h"
44 #include "ap.h"
45 #include "p2p_supplicant.h"
46 #include "wifi_display.h"
47 #include "notify.h"
48 #include "bgscan.h"
49 #include "autoscan.h"
50 #include "bss.h"
51 #include "scan.h"
52 #include "offchannel.h"
53 #include "hs20_supplicant.h"
54 #include "wnm_sta.h"
55 #include "wpas_kay.h"
56 #include "mesh.h"
57
58 const char *wpa_supplicant_version =
59 "wpa_supplicant v" VERSION_STR "\n"
60 "Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> and contributors";
61
62 const char *wpa_supplicant_license =
63 "This software may be distributed under the terms of the BSD license.\n"
64 "See README for more details.\n"
65 #ifdef EAP_TLS_OPENSSL
66 "\nThis product includes software developed by the OpenSSL Project\n"
67 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
68 #endif /* EAP_TLS_OPENSSL */
69 ;
70
71 #ifndef CONFIG_NO_STDOUT_DEBUG
72 /* Long text divided into parts in order to fit in C89 strings size limits. */
73 const char *wpa_supplicant_full_license1 =
74 "";
75 const char *wpa_supplicant_full_license2 =
76 "This software may be distributed under the terms of the BSD license.\n"
77 "\n"
78 "Redistribution and use in source and binary forms, with or without\n"
79 "modification, are permitted provided that the following conditions are\n"
80 "met:\n"
81 "\n";
82 const char *wpa_supplicant_full_license3 =
83 "1. Redistributions of source code must retain the above copyright\n"
84 " notice, this list of conditions and the following disclaimer.\n"
85 "\n"
86 "2. Redistributions in binary form must reproduce the above copyright\n"
87 " notice, this list of conditions and the following disclaimer in the\n"
88 " documentation and/or other materials provided with the distribution.\n"
89 "\n";
90 const char *wpa_supplicant_full_license4 =
91 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
92 " names of its contributors may be used to endorse or promote products\n"
93 " derived from this software without specific prior written permission.\n"
94 "\n"
95 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
96 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
97 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
98 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
99 const char *wpa_supplicant_full_license5 =
100 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
101 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
102 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
103 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
104 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
105 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
106 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
107 "\n";
108 #endif /* CONFIG_NO_STDOUT_DEBUG */
109
110 /* Configure default/group WEP keys for static WEP */
111 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 {
113 int i, set = 0;
114
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
117 continue;
118
119 set = 1;
120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
121 i, i == ssid->wep_tx_keyidx, NULL, 0,
122 ssid->wep_key[i], ssid->wep_key_len[i]);
123 }
124
125 return set;
126 }
127
128
129 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
131 {
132 u8 key[32];
133 size_t keylen;
134 enum wpa_alg alg;
135 u8 seq[6] = { 0 };
136 int ret;
137
138 /* IBSS/WPA-None uses only one key (Group) for both receiving and
139 * sending unicast and multicast packets. */
140
141 if (ssid->mode != WPAS_MODE_IBSS) {
142 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
143 "IBSS/ad-hoc) for WPA-None", ssid->mode);
144 return -1;
145 }
146
147 if (!ssid->psk_set) {
148 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 "WPA-None");
150 return -1;
151 }
152
153 switch (wpa_s->group_cipher) {
154 case WPA_CIPHER_CCMP:
155 os_memcpy(key, ssid->psk, 16);
156 keylen = 16;
157 alg = WPA_ALG_CCMP;
158 break;
159 case WPA_CIPHER_GCMP:
160 os_memcpy(key, ssid->psk, 16);
161 keylen = 16;
162 alg = WPA_ALG_GCMP;
163 break;
164 case WPA_CIPHER_TKIP:
165 /* WPA-None uses the same Michael MIC key for both TX and RX */
166 os_memcpy(key, ssid->psk, 16 + 8);
167 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 keylen = 32;
169 alg = WPA_ALG_TKIP;
170 break;
171 default:
172 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
173 "WPA-None", wpa_s->group_cipher);
174 return -1;
175 }
176
177 /* TODO: should actually remember the previously used seq#, both for TX
178 * and RX from each STA.. */
179
180 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
181 os_memset(key, 0, sizeof(key));
182 return ret;
183 }
184
185
186 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
187 {
188 struct wpa_supplicant *wpa_s = eloop_ctx;
189 const u8 *bssid = wpa_s->bssid;
190 if (is_zero_ether_addr(bssid))
191 bssid = wpa_s->pending_bssid;
192 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
193 MAC2STR(bssid));
194 wpa_blacklist_add(wpa_s, bssid);
195 wpa_sm_notify_disassoc(wpa_s->wpa);
196 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
197 wpa_s->reassociate = 1;
198
199 /*
200 * If we timed out, the AP or the local radio may be busy.
201 * So, wait a second until scanning again.
202 */
203 wpa_supplicant_req_scan(wpa_s, 1, 0);
204 }
205
206
207 /**
208 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
209 * @wpa_s: Pointer to wpa_supplicant data
210 * @sec: Number of seconds after which to time out authentication
211 * @usec: Number of microseconds after which to time out authentication
212 *
213 * This function is used to schedule a timeout for the current authentication
214 * attempt.
215 */
216 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
217 int sec, int usec)
218 {
219 if (wpa_s->conf->ap_scan == 0 &&
220 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
221 return;
222
223 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
224 "%d usec", sec, usec);
225 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
226 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
227 }
228
229
230 /**
231 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
232 * @wpa_s: Pointer to wpa_supplicant data
233 *
234 * This function is used to cancel authentication timeout scheduled with
235 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
236 * been completed.
237 */
238 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
239 {
240 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
241 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
242 wpa_blacklist_del(wpa_s, wpa_s->bssid);
243 }
244
245
246 /**
247 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
248 * @wpa_s: Pointer to wpa_supplicant data
249 *
250 * This function is used to configure EAPOL state machine based on the selected
251 * authentication mode.
252 */
253 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
254 {
255 #ifdef IEEE8021X_EAPOL
256 struct eapol_config eapol_conf;
257 struct wpa_ssid *ssid = wpa_s->current_ssid;
258
259 #ifdef CONFIG_IBSS_RSN
260 if (ssid->mode == WPAS_MODE_IBSS &&
261 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
263 /*
264 * RSN IBSS authentication is per-STA and we can disable the
265 * per-BSSID EAPOL authentication.
266 */
267 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
268 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
270 return;
271 }
272 #endif /* CONFIG_IBSS_RSN */
273
274 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
275 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
276
277 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
278 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
279 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
280 else
281 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
282
283 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
285 eapol_conf.accept_802_1x_keys = 1;
286 eapol_conf.required_keys = 0;
287 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
288 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
289 }
290 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
291 eapol_conf.required_keys |=
292 EAPOL_REQUIRE_KEY_BROADCAST;
293 }
294
295 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
296 eapol_conf.required_keys = 0;
297 }
298 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
299 eapol_conf.workaround = ssid->eap_workaround;
300 eapol_conf.eap_disabled =
301 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
302 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
304 eapol_conf.external_sim = wpa_s->conf->external_sim;
305
306 #ifdef CONFIG_WPS
307 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
308 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
309 if (wpa_s->current_bss) {
310 struct wpabuf *ie;
311 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
312 WPS_IE_VENDOR_TYPE);
313 if (ie) {
314 if (wps_is_20(ie))
315 eapol_conf.wps |=
316 EAPOL_PEER_IS_WPS20_AP;
317 wpabuf_free(ie);
318 }
319 }
320 }
321 #endif /* CONFIG_WPS */
322
323 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
324
325 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
326 #endif /* IEEE8021X_EAPOL */
327 }
328
329
330 /**
331 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
332 * @wpa_s: Pointer to wpa_supplicant data
333 * @ssid: Configuration data for the network
334 *
335 * This function is used to configure WPA state machine and related parameters
336 * to a mode where WPA is not enabled. This is called as part of the
337 * authentication configuration when the selected network does not use WPA.
338 */
339 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
340 struct wpa_ssid *ssid)
341 {
342 int i;
343
344 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
345 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
346 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
347 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
348 else
349 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
350 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
351 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
352 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
353 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
354 wpa_s->group_cipher = WPA_CIPHER_NONE;
355 wpa_s->mgmt_group_cipher = 0;
356
357 for (i = 0; i < NUM_WEP_KEYS; i++) {
358 if (ssid->wep_key_len[i] > 5) {
359 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
360 wpa_s->group_cipher = WPA_CIPHER_WEP104;
361 break;
362 } else if (ssid->wep_key_len[i] > 0) {
363 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
364 wpa_s->group_cipher = WPA_CIPHER_WEP40;
365 break;
366 }
367 }
368
369 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
370 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
371 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
372 wpa_s->pairwise_cipher);
373 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
374 #ifdef CONFIG_IEEE80211W
375 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
376 wpa_s->mgmt_group_cipher);
377 #endif /* CONFIG_IEEE80211W */
378
379 pmksa_cache_clear_current(wpa_s->wpa);
380 }
381
382
383 void free_hw_features(struct wpa_supplicant *wpa_s)
384 {
385 int i;
386 if (wpa_s->hw.modes == NULL)
387 return;
388
389 for (i = 0; i < wpa_s->hw.num_modes; i++) {
390 os_free(wpa_s->hw.modes[i].channels);
391 os_free(wpa_s->hw.modes[i].rates);
392 }
393
394 os_free(wpa_s->hw.modes);
395 wpa_s->hw.modes = NULL;
396 }
397
398
399 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
400 {
401 int i;
402
403 bgscan_deinit(wpa_s);
404 autoscan_deinit(wpa_s);
405 scard_deinit(wpa_s->scard);
406 wpa_s->scard = NULL;
407 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
408 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
409 l2_packet_deinit(wpa_s->l2);
410 wpa_s->l2 = NULL;
411 if (wpa_s->l2_br) {
412 l2_packet_deinit(wpa_s->l2_br);
413 wpa_s->l2_br = NULL;
414 }
415 #ifdef CONFIG_TESTING_OPTIONS
416 l2_packet_deinit(wpa_s->l2_test);
417 wpa_s->l2_test = NULL;
418 #endif /* CONFIG_TESTING_OPTIONS */
419
420 if (wpa_s->conf != NULL) {
421 struct wpa_ssid *ssid;
422 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
423 wpas_notify_network_removed(wpa_s, ssid);
424 }
425
426 os_free(wpa_s->confname);
427 wpa_s->confname = NULL;
428
429 os_free(wpa_s->confanother);
430 wpa_s->confanother = NULL;
431
432 wpa_sm_set_eapol(wpa_s->wpa, NULL);
433 eapol_sm_deinit(wpa_s->eapol);
434 wpa_s->eapol = NULL;
435
436 rsn_preauth_deinit(wpa_s->wpa);
437
438 #ifdef CONFIG_TDLS
439 wpa_tdls_deinit(wpa_s->wpa);
440 #endif /* CONFIG_TDLS */
441
442 wmm_ac_clear_saved_tspecs(wpa_s);
443 pmksa_candidate_free(wpa_s->wpa);
444 wpa_sm_deinit(wpa_s->wpa);
445 wpa_s->wpa = NULL;
446 wpa_blacklist_clear(wpa_s);
447
448 wpa_bss_deinit(wpa_s);
449
450 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
451 wpa_supplicant_cancel_scan(wpa_s);
452 wpa_supplicant_cancel_auth_timeout(wpa_s);
453 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
454 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
455 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
456 wpa_s, NULL);
457 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
458
459 wpas_wps_deinit(wpa_s);
460
461 wpabuf_free(wpa_s->pending_eapol_rx);
462 wpa_s->pending_eapol_rx = NULL;
463
464 #ifdef CONFIG_IBSS_RSN
465 ibss_rsn_deinit(wpa_s->ibss_rsn);
466 wpa_s->ibss_rsn = NULL;
467 #endif /* CONFIG_IBSS_RSN */
468
469 sme_deinit(wpa_s);
470
471 #ifdef CONFIG_AP
472 wpa_supplicant_ap_deinit(wpa_s);
473 #endif /* CONFIG_AP */
474
475 wpas_p2p_deinit(wpa_s);
476
477 #ifdef CONFIG_OFFCHANNEL
478 offchannel_deinit(wpa_s);
479 #endif /* CONFIG_OFFCHANNEL */
480
481 wpa_supplicant_cancel_sched_scan(wpa_s);
482
483 os_free(wpa_s->next_scan_freqs);
484 wpa_s->next_scan_freqs = NULL;
485
486 os_free(wpa_s->manual_scan_freqs);
487 wpa_s->manual_scan_freqs = NULL;
488
489 os_free(wpa_s->manual_sched_scan_freqs);
490 wpa_s->manual_sched_scan_freqs = NULL;
491
492 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
493
494 gas_query_deinit(wpa_s->gas);
495 wpa_s->gas = NULL;
496
497 free_hw_features(wpa_s);
498
499 ieee802_1x_dealloc_kay_sm(wpa_s);
500
501 os_free(wpa_s->bssid_filter);
502 wpa_s->bssid_filter = NULL;
503
504 os_free(wpa_s->disallow_aps_bssid);
505 wpa_s->disallow_aps_bssid = NULL;
506 os_free(wpa_s->disallow_aps_ssid);
507 wpa_s->disallow_aps_ssid = NULL;
508
509 wnm_bss_keep_alive_deinit(wpa_s);
510 #ifdef CONFIG_WNM
511 wnm_deallocate_memory(wpa_s);
512 #endif /* CONFIG_WNM */
513
514 ext_password_deinit(wpa_s->ext_pw);
515 wpa_s->ext_pw = NULL;
516
517 wpabuf_free(wpa_s->last_gas_resp);
518 wpa_s->last_gas_resp = NULL;
519 wpabuf_free(wpa_s->prev_gas_resp);
520 wpa_s->prev_gas_resp = NULL;
521
522 os_free(wpa_s->last_scan_res);
523 wpa_s->last_scan_res = NULL;
524
525 #ifdef CONFIG_HS20
526 hs20_deinit(wpa_s);
527 #endif /* CONFIG_HS20 */
528
529 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
530 wpabuf_free(wpa_s->vendor_elem[i]);
531 wpa_s->vendor_elem[i] = NULL;
532 }
533
534 wmm_ac_notify_disassoc(wpa_s);
535 }
536
537
538 /**
539 * wpa_clear_keys - Clear keys configured for the driver
540 * @wpa_s: Pointer to wpa_supplicant data
541 * @addr: Previously used BSSID or %NULL if not available
542 *
543 * This function clears the encryption keys that has been previously configured
544 * for the driver.
545 */
546 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
547 {
548 int i, max;
549
550 #ifdef CONFIG_IEEE80211W
551 max = 6;
552 #else /* CONFIG_IEEE80211W */
553 max = 4;
554 #endif /* CONFIG_IEEE80211W */
555
556 /* MLME-DELETEKEYS.request */
557 for (i = 0; i < max; i++) {
558 if (wpa_s->keys_cleared & BIT(i))
559 continue;
560 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
561 NULL, 0);
562 }
563 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
564 !is_zero_ether_addr(addr)) {
565 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
566 0);
567 /* MLME-SETPROTECTION.request(None) */
568 wpa_drv_mlme_setprotection(
569 wpa_s, addr,
570 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
571 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
572 }
573 wpa_s->keys_cleared = (u32) -1;
574 }
575
576
577 /**
578 * wpa_supplicant_state_txt - Get the connection state name as a text string
579 * @state: State (wpa_state; WPA_*)
580 * Returns: The state name as a printable text string
581 */
582 const char * wpa_supplicant_state_txt(enum wpa_states state)
583 {
584 switch (state) {
585 case WPA_DISCONNECTED:
586 return "DISCONNECTED";
587 case WPA_INACTIVE:
588 return "INACTIVE";
589 case WPA_INTERFACE_DISABLED:
590 return "INTERFACE_DISABLED";
591 case WPA_SCANNING:
592 return "SCANNING";
593 case WPA_AUTHENTICATING:
594 return "AUTHENTICATING";
595 case WPA_ASSOCIATING:
596 return "ASSOCIATING";
597 case WPA_ASSOCIATED:
598 return "ASSOCIATED";
599 case WPA_4WAY_HANDSHAKE:
600 return "4WAY_HANDSHAKE";
601 case WPA_GROUP_HANDSHAKE:
602 return "GROUP_HANDSHAKE";
603 case WPA_COMPLETED:
604 return "COMPLETED";
605 default:
606 return "UNKNOWN";
607 }
608 }
609
610
611 #ifdef CONFIG_BGSCAN
612
613 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
614 {
615 const char *name;
616
617 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
618 name = wpa_s->current_ssid->bgscan;
619 else
620 name = wpa_s->conf->bgscan;
621 if (name == NULL || name[0] == '\0')
622 return;
623 if (wpas_driver_bss_selection(wpa_s))
624 return;
625 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
626 return;
627 #ifdef CONFIG_P2P
628 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
629 return;
630 #endif /* CONFIG_P2P */
631
632 bgscan_deinit(wpa_s);
633 if (wpa_s->current_ssid) {
634 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
635 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
636 "bgscan");
637 /*
638 * Live without bgscan; it is only used as a roaming
639 * optimization, so the initial connection is not
640 * affected.
641 */
642 } else {
643 struct wpa_scan_results *scan_res;
644 wpa_s->bgscan_ssid = wpa_s->current_ssid;
645 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
646 0);
647 if (scan_res) {
648 bgscan_notify_scan(wpa_s, scan_res);
649 wpa_scan_results_free(scan_res);
650 }
651 }
652 } else
653 wpa_s->bgscan_ssid = NULL;
654 }
655
656
657 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
658 {
659 if (wpa_s->bgscan_ssid != NULL) {
660 bgscan_deinit(wpa_s);
661 wpa_s->bgscan_ssid = NULL;
662 }
663 }
664
665 #endif /* CONFIG_BGSCAN */
666
667
668 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
669 {
670 if (autoscan_init(wpa_s, 0))
671 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
672 }
673
674
675 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
676 {
677 autoscan_deinit(wpa_s);
678 }
679
680
681 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
682 {
683 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
684 wpa_s->wpa_state == WPA_SCANNING) {
685 autoscan_deinit(wpa_s);
686 wpa_supplicant_start_autoscan(wpa_s);
687 }
688 }
689
690
691 /**
692 * wpa_supplicant_set_state - Set current connection state
693 * @wpa_s: Pointer to wpa_supplicant data
694 * @state: The new connection state
695 *
696 * This function is called whenever the connection state changes, e.g.,
697 * association is completed for WPA/WPA2 4-Way Handshake is started.
698 */
699 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
700 enum wpa_states state)
701 {
702 enum wpa_states old_state = wpa_s->wpa_state;
703
704 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
705 wpa_supplicant_state_txt(wpa_s->wpa_state),
706 wpa_supplicant_state_txt(state));
707
708 if (state == WPA_INTERFACE_DISABLED) {
709 /* Assure normal scan when interface is restored */
710 wpa_s->normal_scans = 0;
711 }
712
713 if (state == WPA_COMPLETED) {
714 wpas_connect_work_done(wpa_s);
715 /* Reinitialize normal_scan counter */
716 wpa_s->normal_scans = 0;
717 }
718
719 if (state != WPA_SCANNING)
720 wpa_supplicant_notify_scanning(wpa_s, 0);
721
722 if (state == WPA_COMPLETED && wpa_s->new_connection) {
723 struct wpa_ssid *ssid = wpa_s->current_ssid;
724 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
725 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
726 MACSTR " completed [id=%d id_str=%s]",
727 MAC2STR(wpa_s->bssid),
728 ssid ? ssid->id : -1,
729 ssid && ssid->id_str ? ssid->id_str : "");
730 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
731 wpas_clear_temp_disabled(wpa_s, ssid, 1);
732 wpa_s->extra_blacklist_count = 0;
733 wpa_s->new_connection = 0;
734 wpa_drv_set_operstate(wpa_s, 1);
735 #ifndef IEEE8021X_EAPOL
736 wpa_drv_set_supp_port(wpa_s, 1);
737 #endif /* IEEE8021X_EAPOL */
738 wpa_s->after_wps = 0;
739 wpa_s->known_wps_freq = 0;
740 wpas_p2p_completed(wpa_s);
741
742 sme_sched_obss_scan(wpa_s, 1);
743 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
744 state == WPA_ASSOCIATED) {
745 wpa_s->new_connection = 1;
746 wpa_drv_set_operstate(wpa_s, 0);
747 #ifndef IEEE8021X_EAPOL
748 wpa_drv_set_supp_port(wpa_s, 0);
749 #endif /* IEEE8021X_EAPOL */
750 sme_sched_obss_scan(wpa_s, 0);
751 }
752 wpa_s->wpa_state = state;
753
754 #ifdef CONFIG_BGSCAN
755 if (state == WPA_COMPLETED)
756 wpa_supplicant_start_bgscan(wpa_s);
757 else if (state < WPA_ASSOCIATED)
758 wpa_supplicant_stop_bgscan(wpa_s);
759 #endif /* CONFIG_BGSCAN */
760
761 if (state == WPA_AUTHENTICATING)
762 wpa_supplicant_stop_autoscan(wpa_s);
763
764 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
765 wpa_supplicant_start_autoscan(wpa_s);
766
767 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
768 wmm_ac_notify_disassoc(wpa_s);
769
770 if (wpa_s->wpa_state != old_state) {
771 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
772
773 /*
774 * Notify the P2P Device interface about a state change in one
775 * of the interfaces.
776 */
777 wpas_p2p_indicate_state_change(wpa_s);
778
779 if (wpa_s->wpa_state == WPA_COMPLETED ||
780 old_state == WPA_COMPLETED)
781 wpas_notify_auth_changed(wpa_s);
782 }
783 }
784
785
786 void wpa_supplicant_terminate_proc(struct wpa_global *global)
787 {
788 int pending = 0;
789 #ifdef CONFIG_WPS
790 struct wpa_supplicant *wpa_s = global->ifaces;
791 while (wpa_s) {
792 struct wpa_supplicant *next = wpa_s->next;
793 if (wpas_wps_terminate_pending(wpa_s) == 1)
794 pending = 1;
795 #ifdef CONFIG_P2P
796 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
797 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
798 wpas_p2p_disconnect(wpa_s);
799 #endif /* CONFIG_P2P */
800 wpa_s = next;
801 }
802 #endif /* CONFIG_WPS */
803 if (pending)
804 return;
805 eloop_terminate();
806 }
807
808
809 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
810 {
811 struct wpa_global *global = signal_ctx;
812 wpa_supplicant_terminate_proc(global);
813 }
814
815
816 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
817 {
818 enum wpa_states old_state = wpa_s->wpa_state;
819
820 wpa_s->pairwise_cipher = 0;
821 wpa_s->group_cipher = 0;
822 wpa_s->mgmt_group_cipher = 0;
823 wpa_s->key_mgmt = 0;
824 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
825 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
826
827 if (wpa_s->wpa_state != old_state)
828 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
829 }
830
831
832 /**
833 * wpa_supplicant_reload_configuration - Reload configuration data
834 * @wpa_s: Pointer to wpa_supplicant data
835 * Returns: 0 on success or -1 if configuration parsing failed
836 *
837 * This function can be used to request that the configuration data is reloaded
838 * (e.g., after configuration file change). This function is reloading
839 * configuration only for one interface, so this may need to be called multiple
840 * times if %wpa_supplicant is controlling multiple interfaces and all
841 * interfaces need reconfiguration.
842 */
843 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
844 {
845 struct wpa_config *conf;
846 int reconf_ctrl;
847 int old_ap_scan;
848
849 if (wpa_s->confname == NULL)
850 return -1;
851 conf = wpa_config_read(wpa_s->confname, NULL);
852 if (conf == NULL) {
853 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
854 "file '%s' - exiting", wpa_s->confname);
855 return -1;
856 }
857 wpa_config_read(wpa_s->confanother, conf);
858
859 conf->changed_parameters = (unsigned int) -1;
860
861 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
862 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
863 os_strcmp(conf->ctrl_interface,
864 wpa_s->conf->ctrl_interface) != 0);
865
866 if (reconf_ctrl && wpa_s->ctrl_iface) {
867 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
868 wpa_s->ctrl_iface = NULL;
869 }
870
871 eapol_sm_invalidate_cached_session(wpa_s->eapol);
872 if (wpa_s->current_ssid) {
873 wpa_supplicant_deauthenticate(wpa_s,
874 WLAN_REASON_DEAUTH_LEAVING);
875 }
876
877 /*
878 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
879 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
880 */
881 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
882 /*
883 * Clear forced success to clear EAP state for next
884 * authentication.
885 */
886 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
887 }
888 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
889 wpa_sm_set_config(wpa_s->wpa, NULL);
890 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
891 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
892 rsn_preauth_deinit(wpa_s->wpa);
893
894 old_ap_scan = wpa_s->conf->ap_scan;
895 wpa_config_free(wpa_s->conf);
896 wpa_s->conf = conf;
897 if (old_ap_scan != wpa_s->conf->ap_scan)
898 wpas_notify_ap_scan_changed(wpa_s);
899
900 if (reconf_ctrl)
901 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
902
903 wpa_supplicant_update_config(wpa_s);
904
905 wpa_supplicant_clear_status(wpa_s);
906 if (wpa_supplicant_enabled_networks(wpa_s)) {
907 wpa_s->reassociate = 1;
908 wpa_supplicant_req_scan(wpa_s, 0, 0);
909 }
910 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
911 return 0;
912 }
913
914
915 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
916 {
917 struct wpa_global *global = signal_ctx;
918 struct wpa_supplicant *wpa_s;
919 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
920 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
921 sig);
922 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
923 wpa_supplicant_terminate_proc(global);
924 }
925 }
926 }
927
928
929 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
930 struct wpa_ssid *ssid,
931 struct wpa_ie_data *ie)
932 {
933 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
934 if (ret) {
935 if (ret == -2) {
936 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
937 "from association info");
938 }
939 return -1;
940 }
941
942 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
943 "cipher suites");
944 if (!(ie->group_cipher & ssid->group_cipher)) {
945 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
946 "cipher 0x%x (mask 0x%x) - reject",
947 ie->group_cipher, ssid->group_cipher);
948 return -1;
949 }
950 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
951 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
952 "cipher 0x%x (mask 0x%x) - reject",
953 ie->pairwise_cipher, ssid->pairwise_cipher);
954 return -1;
955 }
956 if (!(ie->key_mgmt & ssid->key_mgmt)) {
957 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
958 "management 0x%x (mask 0x%x) - reject",
959 ie->key_mgmt, ssid->key_mgmt);
960 return -1;
961 }
962
963 #ifdef CONFIG_IEEE80211W
964 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
965 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
966 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
967 "that does not support management frame protection - "
968 "reject");
969 return -1;
970 }
971 #endif /* CONFIG_IEEE80211W */
972
973 return 0;
974 }
975
976
977 /**
978 * wpa_supplicant_set_suites - Set authentication and encryption parameters
979 * @wpa_s: Pointer to wpa_supplicant data
980 * @bss: Scan results for the selected BSS, or %NULL if not available
981 * @ssid: Configuration data for the selected network
982 * @wpa_ie: Buffer for the WPA/RSN IE
983 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
984 * used buffer length in case the functions returns success.
985 * Returns: 0 on success or -1 on failure
986 *
987 * This function is used to configure authentication and encryption parameters
988 * based on the network configuration and scan result for the selected BSS (if
989 * available).
990 */
991 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
992 struct wpa_bss *bss, struct wpa_ssid *ssid,
993 u8 *wpa_ie, size_t *wpa_ie_len)
994 {
995 struct wpa_ie_data ie;
996 int sel, proto;
997 const u8 *bss_wpa, *bss_rsn, *bss_osen;
998
999 if (bss) {
1000 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1001 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1002 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1003 } else
1004 bss_wpa = bss_rsn = bss_osen = NULL;
1005
1006 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1007 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1008 (ie.group_cipher & ssid->group_cipher) &&
1009 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1010 (ie.key_mgmt & ssid->key_mgmt)) {
1011 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1012 proto = WPA_PROTO_RSN;
1013 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1014 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1015 (ie.group_cipher & ssid->group_cipher) &&
1016 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1017 (ie.key_mgmt & ssid->key_mgmt)) {
1018 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1019 proto = WPA_PROTO_WPA;
1020 #ifdef CONFIG_HS20
1021 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1022 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1023 /* TODO: parse OSEN element */
1024 os_memset(&ie, 0, sizeof(ie));
1025 ie.group_cipher = WPA_CIPHER_CCMP;
1026 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1027 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1028 proto = WPA_PROTO_OSEN;
1029 #endif /* CONFIG_HS20 */
1030 } else if (bss) {
1031 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1032 wpa_dbg(wpa_s, MSG_DEBUG,
1033 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1034 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1035 ssid->key_mgmt);
1036 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1037 MAC2STR(bss->bssid),
1038 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1039 bss_wpa ? " WPA" : "",
1040 bss_rsn ? " RSN" : "",
1041 bss_osen ? " OSEN" : "");
1042 if (bss_rsn) {
1043 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1044 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1045 wpa_dbg(wpa_s, MSG_DEBUG,
1046 "Could not parse RSN element");
1047 } else {
1048 wpa_dbg(wpa_s, MSG_DEBUG,
1049 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1050 ie.pairwise_cipher, ie.group_cipher,
1051 ie.key_mgmt);
1052 }
1053 }
1054 if (bss_wpa) {
1055 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1056 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1057 wpa_dbg(wpa_s, MSG_DEBUG,
1058 "Could not parse WPA element");
1059 } else {
1060 wpa_dbg(wpa_s, MSG_DEBUG,
1061 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1062 ie.pairwise_cipher, ie.group_cipher,
1063 ie.key_mgmt);
1064 }
1065 }
1066 return -1;
1067 } else {
1068 if (ssid->proto & WPA_PROTO_OSEN)
1069 proto = WPA_PROTO_OSEN;
1070 else if (ssid->proto & WPA_PROTO_RSN)
1071 proto = WPA_PROTO_RSN;
1072 else
1073 proto = WPA_PROTO_WPA;
1074 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1075 os_memset(&ie, 0, sizeof(ie));
1076 ie.group_cipher = ssid->group_cipher;
1077 ie.pairwise_cipher = ssid->pairwise_cipher;
1078 ie.key_mgmt = ssid->key_mgmt;
1079 #ifdef CONFIG_IEEE80211W
1080 ie.mgmt_group_cipher =
1081 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1082 WPA_CIPHER_AES_128_CMAC : 0;
1083 #endif /* CONFIG_IEEE80211W */
1084 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1085 "based on configuration");
1086 } else
1087 proto = ie.proto;
1088 }
1089
1090 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1091 "pairwise %d key_mgmt %d proto %d",
1092 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1093 #ifdef CONFIG_IEEE80211W
1094 if (ssid->ieee80211w) {
1095 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1096 ie.mgmt_group_cipher);
1097 }
1098 #endif /* CONFIG_IEEE80211W */
1099
1100 wpa_s->wpa_proto = proto;
1101 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1102 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1103 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1104
1105 if (bss || !wpa_s->ap_ies_from_associnfo) {
1106 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1107 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1108 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1109 bss_rsn ? 2 + bss_rsn[1] : 0))
1110 return -1;
1111 }
1112
1113 sel = ie.group_cipher & ssid->group_cipher;
1114 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1115 if (wpa_s->group_cipher < 0) {
1116 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1117 "cipher");
1118 return -1;
1119 }
1120 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1121 wpa_cipher_txt(wpa_s->group_cipher));
1122
1123 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1124 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1125 if (wpa_s->pairwise_cipher < 0) {
1126 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1127 "cipher");
1128 return -1;
1129 }
1130 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1131 wpa_cipher_txt(wpa_s->pairwise_cipher));
1132
1133 sel = ie.key_mgmt & ssid->key_mgmt;
1134 #ifdef CONFIG_SAE
1135 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1136 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1137 #endif /* CONFIG_SAE */
1138 if (0) {
1139 #ifdef CONFIG_SUITEB192
1140 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1141 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1142 wpa_dbg(wpa_s, MSG_DEBUG,
1143 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1144 #endif /* CONFIG_SUITEB192 */
1145 #ifdef CONFIG_SUITEB
1146 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1147 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1148 wpa_dbg(wpa_s, MSG_DEBUG,
1149 "WPA: using KEY_MGMT 802.1X with Suite B");
1150 #endif /* CONFIG_SUITEB */
1151 #ifdef CONFIG_IEEE80211R
1152 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1153 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1154 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1155 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1156 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1157 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1158 #endif /* CONFIG_IEEE80211R */
1159 #ifdef CONFIG_SAE
1160 } else if (sel & WPA_KEY_MGMT_SAE) {
1161 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1162 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1163 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1164 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1165 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1166 #endif /* CONFIG_SAE */
1167 #ifdef CONFIG_IEEE80211W
1168 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1169 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1170 wpa_dbg(wpa_s, MSG_DEBUG,
1171 "WPA: using KEY_MGMT 802.1X with SHA256");
1172 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1173 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1174 wpa_dbg(wpa_s, MSG_DEBUG,
1175 "WPA: using KEY_MGMT PSK with SHA256");
1176 #endif /* CONFIG_IEEE80211W */
1177 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1178 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1179 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1180 } else if (sel & WPA_KEY_MGMT_PSK) {
1181 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1182 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1183 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1184 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1185 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1186 #ifdef CONFIG_HS20
1187 } else if (sel & WPA_KEY_MGMT_OSEN) {
1188 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1189 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1190 #endif /* CONFIG_HS20 */
1191 } else {
1192 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1193 "authenticated key management type");
1194 return -1;
1195 }
1196
1197 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1198 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1199 wpa_s->pairwise_cipher);
1200 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1201
1202 #ifdef CONFIG_IEEE80211W
1203 sel = ie.mgmt_group_cipher;
1204 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1205 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1206 sel = 0;
1207 if (sel & WPA_CIPHER_AES_128_CMAC) {
1208 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1209 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1210 "AES-128-CMAC");
1211 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1212 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1213 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1214 "BIP-GMAC-128");
1215 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1216 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1217 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1218 "BIP-GMAC-256");
1219 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1220 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1221 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1222 "BIP-CMAC-256");
1223 } else {
1224 wpa_s->mgmt_group_cipher = 0;
1225 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1226 }
1227 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1228 wpa_s->mgmt_group_cipher);
1229 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1230 wpas_get_ssid_pmf(wpa_s, ssid));
1231 #endif /* CONFIG_IEEE80211W */
1232
1233 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1234 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1235 return -1;
1236 }
1237
1238 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1239 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL);
1240 #ifndef CONFIG_NO_PBKDF2
1241 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1242 ssid->passphrase) {
1243 u8 psk[PMK_LEN];
1244 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1245 4096, psk, PMK_LEN);
1246 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1247 psk, PMK_LEN);
1248 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1249 os_memset(psk, 0, sizeof(psk));
1250 }
1251 #endif /* CONFIG_NO_PBKDF2 */
1252 #ifdef CONFIG_EXT_PASSWORD
1253 if (ssid->ext_psk) {
1254 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1255 ssid->ext_psk);
1256 char pw_str[64 + 1];
1257 u8 psk[PMK_LEN];
1258
1259 if (pw == NULL) {
1260 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1261 "found from external storage");
1262 return -1;
1263 }
1264
1265 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1266 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1267 "PSK length %d in external storage",
1268 (int) wpabuf_len(pw));
1269 ext_password_free(pw);
1270 return -1;
1271 }
1272
1273 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1274 pw_str[wpabuf_len(pw)] = '\0';
1275
1276 #ifndef CONFIG_NO_PBKDF2
1277 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1278 {
1279 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1280 4096, psk, PMK_LEN);
1281 os_memset(pw_str, 0, sizeof(pw_str));
1282 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1283 "external passphrase)",
1284 psk, PMK_LEN);
1285 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1286 os_memset(psk, 0, sizeof(psk));
1287 } else
1288 #endif /* CONFIG_NO_PBKDF2 */
1289 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1290 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1291 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1292 "Invalid PSK hex string");
1293 os_memset(pw_str, 0, sizeof(pw_str));
1294 ext_password_free(pw);
1295 return -1;
1296 }
1297 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1298 os_memset(psk, 0, sizeof(psk));
1299 } else {
1300 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1301 "PSK available");
1302 os_memset(pw_str, 0, sizeof(pw_str));
1303 ext_password_free(pw);
1304 return -1;
1305 }
1306
1307 os_memset(pw_str, 0, sizeof(pw_str));
1308 ext_password_free(pw);
1309 }
1310 #endif /* CONFIG_EXT_PASSWORD */
1311 } else
1312 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1313
1314 return 0;
1315 }
1316
1317
1318 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1319 {
1320 *pos = 0x00;
1321
1322 switch (idx) {
1323 case 0: /* Bits 0-7 */
1324 break;
1325 case 1: /* Bits 8-15 */
1326 break;
1327 case 2: /* Bits 16-23 */
1328 #ifdef CONFIG_WNM
1329 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1330 *pos |= 0x08; /* Bit 19 - BSS Transition */
1331 #endif /* CONFIG_WNM */
1332 break;
1333 case 3: /* Bits 24-31 */
1334 #ifdef CONFIG_WNM
1335 *pos |= 0x02; /* Bit 25 - SSID List */
1336 #endif /* CONFIG_WNM */
1337 #ifdef CONFIG_INTERWORKING
1338 if (wpa_s->conf->interworking)
1339 *pos |= 0x80; /* Bit 31 - Interworking */
1340 #endif /* CONFIG_INTERWORKING */
1341 break;
1342 case 4: /* Bits 32-39 */
1343 #ifdef CONFIG_INTERWORKING
1344 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1345 *pos |= 0x01; /* Bit 32 - QoS Map */
1346 #endif /* CONFIG_INTERWORKING */
1347 break;
1348 case 5: /* Bits 40-47 */
1349 #ifdef CONFIG_HS20
1350 if (wpa_s->conf->hs20)
1351 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1352 #endif /* CONFIG_HS20 */
1353 break;
1354 case 6: /* Bits 48-55 */
1355 break;
1356 }
1357 }
1358
1359
1360 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1361 {
1362 u8 *pos = buf;
1363 u8 len = 6, i;
1364
1365 if (len < wpa_s->extended_capa_len)
1366 len = wpa_s->extended_capa_len;
1367 if (buflen < (size_t) len + 2) {
1368 wpa_printf(MSG_INFO,
1369 "Not enough room for building extended capabilities element");
1370 return -1;
1371 }
1372
1373 *pos++ = WLAN_EID_EXT_CAPAB;
1374 *pos++ = len;
1375 for (i = 0; i < len; i++, pos++) {
1376 wpas_ext_capab_byte(wpa_s, pos, i);
1377
1378 if (i < wpa_s->extended_capa_len) {
1379 *pos &= ~wpa_s->extended_capa_mask[i];
1380 *pos |= wpa_s->extended_capa[i];
1381 }
1382 }
1383
1384 while (len > 0 && buf[1 + len] == 0) {
1385 len--;
1386 buf[1] = len;
1387 }
1388 if (len == 0)
1389 return 0;
1390
1391 return 2 + len;
1392 }
1393
1394
1395 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1396 struct wpa_bss *test_bss)
1397 {
1398 struct wpa_bss *bss;
1399
1400 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1401 if (bss == test_bss)
1402 return 1;
1403 }
1404
1405 return 0;
1406 }
1407
1408
1409 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1410 struct wpa_ssid *test_ssid)
1411 {
1412 struct wpa_ssid *ssid;
1413
1414 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1415 if (ssid == test_ssid)
1416 return 1;
1417 }
1418
1419 return 0;
1420 }
1421
1422
1423 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1424 struct wpa_ssid *test_ssid)
1425 {
1426 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1427 return 0;
1428
1429 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1430 }
1431
1432
1433 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1434 {
1435 if (cwork == NULL)
1436 return;
1437 os_free(cwork);
1438 }
1439
1440
1441 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1442 {
1443 struct wpa_connect_work *cwork;
1444 struct wpa_radio_work *work = wpa_s->connect_work;
1445
1446 if (!work)
1447 return;
1448
1449 wpa_s->connect_work = NULL;
1450 cwork = work->ctx;
1451 work->ctx = NULL;
1452 wpas_connect_work_free(cwork);
1453 radio_work_done(work);
1454 }
1455
1456
1457 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1458 {
1459 struct os_reltime now;
1460 u8 addr[ETH_ALEN];
1461
1462 os_get_reltime(&now);
1463 if (wpa_s->last_mac_addr_style == style &&
1464 wpa_s->last_mac_addr_change.sec != 0 &&
1465 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1466 wpa_s->conf->rand_addr_lifetime)) {
1467 wpa_msg(wpa_s, MSG_DEBUG,
1468 "Previously selected random MAC address has not yet expired");
1469 return 0;
1470 }
1471
1472 switch (style) {
1473 case 1:
1474 if (random_mac_addr(addr) < 0)
1475 return -1;
1476 break;
1477 case 2:
1478 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1479 if (random_mac_addr_keep_oui(addr) < 0)
1480 return -1;
1481 break;
1482 default:
1483 return -1;
1484 }
1485
1486 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1487 wpa_msg(wpa_s, MSG_INFO,
1488 "Failed to set random MAC address");
1489 return -1;
1490 }
1491
1492 os_get_reltime(&wpa_s->last_mac_addr_change);
1493 wpa_s->mac_addr_changed = 1;
1494 wpa_s->last_mac_addr_style = style;
1495
1496 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1497 wpa_msg(wpa_s, MSG_INFO,
1498 "Could not update MAC address information");
1499 return -1;
1500 }
1501
1502 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1503 MAC2STR(addr));
1504
1505 return 0;
1506 }
1507
1508
1509 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1510 {
1511 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1512 !wpa_s->conf->preassoc_mac_addr)
1513 return 0;
1514
1515 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1516 }
1517
1518
1519 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1520
1521 /**
1522 * wpa_supplicant_associate - Request association
1523 * @wpa_s: Pointer to wpa_supplicant data
1524 * @bss: Scan results for the selected BSS, or %NULL if not available
1525 * @ssid: Configuration data for the selected network
1526 *
1527 * This function is used to request %wpa_supplicant to associate with a BSS.
1528 */
1529 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1530 struct wpa_bss *bss, struct wpa_ssid *ssid)
1531 {
1532 struct wpa_connect_work *cwork;
1533 int rand_style;
1534
1535 if (ssid->mac_addr == -1)
1536 rand_style = wpa_s->conf->mac_addr;
1537 else
1538 rand_style = ssid->mac_addr;
1539
1540 wmm_ac_clear_saved_tspecs(wpa_s);
1541 wpa_s->reassoc_same_bss = 0;
1542
1543 if (wpa_s->last_ssid == ssid) {
1544 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1545 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1546 wmm_ac_save_tspecs(wpa_s);
1547 wpa_s->reassoc_same_bss = 1;
1548 }
1549 } else if (rand_style > 0) {
1550 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1551 return;
1552 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1553 } else if (wpa_s->mac_addr_changed) {
1554 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1555 wpa_msg(wpa_s, MSG_INFO,
1556 "Could not restore permanent MAC address");
1557 return;
1558 }
1559 wpa_s->mac_addr_changed = 0;
1560 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1561 wpa_msg(wpa_s, MSG_INFO,
1562 "Could not update MAC address information");
1563 return;
1564 }
1565 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1566 }
1567 wpa_s->last_ssid = ssid;
1568
1569 #ifdef CONFIG_IBSS_RSN
1570 ibss_rsn_deinit(wpa_s->ibss_rsn);
1571 wpa_s->ibss_rsn = NULL;
1572 #endif /* CONFIG_IBSS_RSN */
1573
1574 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1575 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1576 #ifdef CONFIG_AP
1577 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1578 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1579 "mode");
1580 return;
1581 }
1582 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1583 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1584 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1585 wpas_p2p_ap_setup_failed(wpa_s);
1586 return;
1587 }
1588 wpa_s->current_bss = bss;
1589 #else /* CONFIG_AP */
1590 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1591 "the build");
1592 #endif /* CONFIG_AP */
1593 return;
1594 }
1595
1596 if (ssid->mode == WPAS_MODE_MESH) {
1597 #ifdef CONFIG_MESH
1598 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1599 wpa_msg(wpa_s, MSG_INFO,
1600 "Driver does not support mesh mode");
1601 return;
1602 }
1603 if (bss)
1604 ssid->frequency = bss->freq;
1605 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1606 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1607 return;
1608 }
1609 wpa_s->current_bss = bss;
1610 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_STARTED
1611 "ssid=\"%s\" id=%d",
1612 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1613 ssid->id);
1614 #else /* CONFIG_MESH */
1615 wpa_msg(wpa_s, MSG_ERROR,
1616 "mesh mode support not included in the build");
1617 #endif /* CONFIG_MESH */
1618 return;
1619 }
1620
1621 #ifdef CONFIG_TDLS
1622 if (bss)
1623 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1624 bss->ie_len);
1625 #endif /* CONFIG_TDLS */
1626
1627 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1628 ssid->mode == IEEE80211_MODE_INFRA) {
1629 sme_authenticate(wpa_s, bss, ssid);
1630 return;
1631 }
1632
1633 if (wpa_s->connect_work) {
1634 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1635 return;
1636 }
1637
1638 if (radio_work_pending(wpa_s, "connect")) {
1639 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1640 return;
1641 }
1642
1643 cwork = os_zalloc(sizeof(*cwork));
1644 if (cwork == NULL)
1645 return;
1646
1647 cwork->bss = bss;
1648 cwork->ssid = ssid;
1649
1650 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1651 wpas_start_assoc_cb, cwork) < 0) {
1652 os_free(cwork);
1653 }
1654 }
1655
1656
1657 static int bss_is_ibss(struct wpa_bss *bss)
1658 {
1659 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1660 IEEE80211_CAP_IBSS;
1661 }
1662
1663
1664 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1665 const struct wpa_ssid *ssid,
1666 struct hostapd_freq_params *freq)
1667 {
1668 enum hostapd_hw_mode hw_mode;
1669 struct hostapd_hw_modes *mode = NULL;
1670 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1671 184, 192 };
1672 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1673 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1674 u8 channel;
1675 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1676 unsigned int j;
1677 struct hostapd_freq_params vht_freq;
1678
1679 freq->freq = ssid->frequency;
1680
1681 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1682 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1683
1684 if (ssid->mode != WPAS_MODE_IBSS)
1685 break;
1686
1687 /* Don't adjust control freq in case of fixed_freq */
1688 if (ssid->fixed_freq)
1689 break;
1690
1691 if (!bss_is_ibss(bss))
1692 continue;
1693
1694 if (ssid->ssid_len == bss->ssid_len &&
1695 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1696 wpa_printf(MSG_DEBUG,
1697 "IBSS already found in scan results, adjust control freq: %d",
1698 bss->freq);
1699 freq->freq = bss->freq;
1700 obss_scan = 0;
1701 break;
1702 }
1703 }
1704
1705 /* For IBSS check HT_IBSS flag */
1706 if (ssid->mode == WPAS_MODE_IBSS &&
1707 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1708 return;
1709
1710 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1711 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1712 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1713 wpa_printf(MSG_DEBUG,
1714 "IBSS: WEP/TKIP detected, do not try to enable HT");
1715 return;
1716 }
1717
1718 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1719 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1720 if (wpa_s->hw.modes[i].mode == hw_mode) {
1721 mode = &wpa_s->hw.modes[i];
1722 break;
1723 }
1724 }
1725
1726 if (!mode)
1727 return;
1728
1729 freq->ht_enabled = ht_supported(mode);
1730 if (!freq->ht_enabled)
1731 return;
1732
1733 /* Setup higher BW only for 5 GHz */
1734 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1735 return;
1736
1737 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1738 pri_chan = &mode->channels[chan_idx];
1739 if (pri_chan->chan == channel)
1740 break;
1741 pri_chan = NULL;
1742 }
1743 if (!pri_chan)
1744 return;
1745
1746 /* Check primary channel flags */
1747 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1748 return;
1749
1750 /* Check/setup HT40+/HT40- */
1751 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1752 if (ht40plus[j] == channel) {
1753 ht40 = 1;
1754 break;
1755 }
1756 }
1757
1758 /* Find secondary channel */
1759 for (i = 0; i < mode->num_channels; i++) {
1760 sec_chan = &mode->channels[i];
1761 if (sec_chan->chan == channel + ht40 * 4)
1762 break;
1763 sec_chan = NULL;
1764 }
1765 if (!sec_chan)
1766 return;
1767
1768 /* Check secondary channel flags */
1769 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1770 return;
1771
1772 freq->channel = pri_chan->chan;
1773
1774 switch (ht40) {
1775 case -1:
1776 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1777 return;
1778 freq->sec_channel_offset = -1;
1779 break;
1780 case 1:
1781 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1782 return;
1783 freq->sec_channel_offset = 1;
1784 break;
1785 default:
1786 break;
1787 }
1788
1789 if (freq->sec_channel_offset && obss_scan) {
1790 struct wpa_scan_results *scan_res;
1791
1792 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1793 if (scan_res == NULL) {
1794 /* Back to HT20 */
1795 freq->sec_channel_offset = 0;
1796 return;
1797 }
1798
1799 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1800 sec_chan->chan);
1801 switch (res) {
1802 case 0:
1803 /* Back to HT20 */
1804 freq->sec_channel_offset = 0;
1805 break;
1806 case 1:
1807 /* Configuration allowed */
1808 break;
1809 case 2:
1810 /* Switch pri/sec channels */
1811 freq->freq = hw_get_freq(mode, sec_chan->chan);
1812 freq->sec_channel_offset = -freq->sec_channel_offset;
1813 freq->channel = sec_chan->chan;
1814 break;
1815 default:
1816 freq->sec_channel_offset = 0;
1817 break;
1818 }
1819
1820 wpa_scan_results_free(scan_res);
1821 }
1822
1823 wpa_printf(MSG_DEBUG,
1824 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1825 freq->channel, freq->sec_channel_offset);
1826
1827 /* Not sure if mesh is ready for VHT */
1828 if (ssid->mode != WPAS_MODE_IBSS)
1829 return;
1830
1831 /* For IBSS check VHT_IBSS flag */
1832 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1833 return;
1834
1835 vht_freq = *freq;
1836
1837 vht_freq.vht_enabled = vht_supported(mode);
1838 if (!vht_freq.vht_enabled)
1839 return;
1840
1841 /* setup center_freq1, bandwidth */
1842 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
1843 if (freq->channel >= vht80[j] &&
1844 freq->channel < vht80[j] + 16)
1845 break;
1846 }
1847
1848 if (j == ARRAY_SIZE(vht80))
1849 return;
1850
1851 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
1852 struct hostapd_channel_data *chan;
1853
1854 chan = hw_get_channel_chan(mode, i, NULL);
1855 if (!chan)
1856 return;
1857
1858 /* Back to HT configuration if channel not usable */
1859 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1860 return;
1861 }
1862
1863 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
1864 freq->channel, freq->ht_enabled,
1865 vht_freq.vht_enabled,
1866 freq->sec_channel_offset,
1867 VHT_CHANWIDTH_80MHZ,
1868 vht80[i] + 6, 0, 0) != 0)
1869 return;
1870
1871 *freq = vht_freq;
1872
1873 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
1874 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1875 }
1876
1877
1878 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1879 {
1880 struct wpa_connect_work *cwork = work->ctx;
1881 struct wpa_bss *bss = cwork->bss;
1882 struct wpa_ssid *ssid = cwork->ssid;
1883 struct wpa_supplicant *wpa_s = work->wpa_s;
1884 u8 wpa_ie[200];
1885 size_t wpa_ie_len;
1886 int use_crypt, ret, i, bssid_changed;
1887 int algs = WPA_AUTH_ALG_OPEN;
1888 unsigned int cipher_pairwise, cipher_group;
1889 struct wpa_driver_associate_params params;
1890 int wep_keys_set = 0;
1891 int assoc_failed = 0;
1892 struct wpa_ssid *old_ssid;
1893 #ifdef CONFIG_HT_OVERRIDES
1894 struct ieee80211_ht_capabilities htcaps;
1895 struct ieee80211_ht_capabilities htcaps_mask;
1896 #endif /* CONFIG_HT_OVERRIDES */
1897 #ifdef CONFIG_VHT_OVERRIDES
1898 struct ieee80211_vht_capabilities vhtcaps;
1899 struct ieee80211_vht_capabilities vhtcaps_mask;
1900 #endif /* CONFIG_VHT_OVERRIDES */
1901
1902 if (deinit) {
1903 if (work->started) {
1904 wpa_s->connect_work = NULL;
1905
1906 /* cancel possible auth. timeout */
1907 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1908 NULL);
1909 }
1910 wpas_connect_work_free(cwork);
1911 return;
1912 }
1913
1914 wpa_s->connect_work = work;
1915
1916 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1917 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1918 wpas_connect_work_done(wpa_s);
1919 return;
1920 }
1921
1922 os_memset(&params, 0, sizeof(params));
1923 wpa_s->reassociate = 0;
1924 wpa_s->eap_expected_failure = 0;
1925 if (bss &&
1926 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
1927 #ifdef CONFIG_IEEE80211R
1928 const u8 *ie, *md = NULL;
1929 #endif /* CONFIG_IEEE80211R */
1930 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1931 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1932 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1933 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1934 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1935 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1936 if (bssid_changed)
1937 wpas_notify_bssid_changed(wpa_s);
1938 #ifdef CONFIG_IEEE80211R
1939 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1940 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1941 md = ie + 2;
1942 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1943 if (md) {
1944 /* Prepare for the next transition */
1945 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1946 }
1947 #endif /* CONFIG_IEEE80211R */
1948 #ifdef CONFIG_WPS
1949 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1950 wpa_s->conf->ap_scan == 2 &&
1951 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1952 /* Use ap_scan==1 style network selection to find the network
1953 */
1954 wpas_connect_work_done(wpa_s);
1955 wpa_s->scan_req = MANUAL_SCAN_REQ;
1956 wpa_s->reassociate = 1;
1957 wpa_supplicant_req_scan(wpa_s, 0, 0);
1958 return;
1959 #endif /* CONFIG_WPS */
1960 } else {
1961 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1962 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1963 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1964 }
1965 wpa_supplicant_cancel_sched_scan(wpa_s);
1966 wpa_supplicant_cancel_scan(wpa_s);
1967
1968 /* Starting new association, so clear the possibly used WPA IE from the
1969 * previous association. */
1970 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1971
1972 #ifdef IEEE8021X_EAPOL
1973 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1974 if (ssid->leap) {
1975 if (ssid->non_leap == 0)
1976 algs = WPA_AUTH_ALG_LEAP;
1977 else
1978 algs |= WPA_AUTH_ALG_LEAP;
1979 }
1980 }
1981 #endif /* IEEE8021X_EAPOL */
1982 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1983 if (ssid->auth_alg) {
1984 algs = ssid->auth_alg;
1985 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1986 "0x%x", algs);
1987 }
1988
1989 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1990 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1991 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1992 int try_opportunistic;
1993 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1994 wpa_s->conf->okc :
1995 ssid->proactive_key_caching) &&
1996 (ssid->proto & WPA_PROTO_RSN);
1997 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1998 ssid, try_opportunistic) == 0)
1999 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2000 wpa_ie_len = sizeof(wpa_ie);
2001 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2002 wpa_ie, &wpa_ie_len)) {
2003 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2004 "key management and encryption suites");
2005 wpas_connect_work_done(wpa_s);
2006 return;
2007 }
2008 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2009 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2010 /*
2011 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2012 * use non-WPA since the scan results did not indicate that the
2013 * AP is using WPA or WPA2.
2014 */
2015 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2016 wpa_ie_len = 0;
2017 wpa_s->wpa_proto = 0;
2018 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2019 wpa_ie_len = sizeof(wpa_ie);
2020 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2021 wpa_ie, &wpa_ie_len)) {
2022 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2023 "key management and encryption suites (no "
2024 "scan results)");
2025 wpas_connect_work_done(wpa_s);
2026 return;
2027 }
2028 #ifdef CONFIG_WPS
2029 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2030 struct wpabuf *wps_ie;
2031 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2032 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2033 wpa_ie_len = wpabuf_len(wps_ie);
2034 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2035 } else
2036 wpa_ie_len = 0;
2037 wpabuf_free(wps_ie);
2038 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2039 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2040 params.wps = WPS_MODE_PRIVACY;
2041 else
2042 params.wps = WPS_MODE_OPEN;
2043 wpa_s->wpa_proto = 0;
2044 #endif /* CONFIG_WPS */
2045 } else {
2046 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2047 wpa_ie_len = 0;
2048 wpa_s->wpa_proto = 0;
2049 }
2050
2051 #ifdef CONFIG_P2P
2052 if (wpa_s->global->p2p) {
2053 u8 *pos;
2054 size_t len;
2055 int res;
2056 pos = wpa_ie + wpa_ie_len;
2057 len = sizeof(wpa_ie) - wpa_ie_len;
2058 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2059 ssid->p2p_group);
2060 if (res >= 0)
2061 wpa_ie_len += res;
2062 }
2063
2064 wpa_s->cross_connect_disallowed = 0;
2065 if (bss) {
2066 struct wpabuf *p2p;
2067 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2068 if (p2p) {
2069 wpa_s->cross_connect_disallowed =
2070 p2p_get_cross_connect_disallowed(p2p);
2071 wpabuf_free(p2p);
2072 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2073 "connection",
2074 wpa_s->cross_connect_disallowed ?
2075 "disallows" : "allows");
2076 }
2077 }
2078
2079 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2080 #endif /* CONFIG_P2P */
2081
2082 #ifdef CONFIG_HS20
2083 if (is_hs20_network(wpa_s, ssid, bss)) {
2084 struct wpabuf *hs20;
2085 hs20 = wpabuf_alloc(20);
2086 if (hs20) {
2087 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2088 size_t len;
2089
2090 wpas_hs20_add_indication(hs20, pps_mo_id);
2091 len = sizeof(wpa_ie) - wpa_ie_len;
2092 if (wpabuf_len(hs20) <= len) {
2093 os_memcpy(wpa_ie + wpa_ie_len,
2094 wpabuf_head(hs20), wpabuf_len(hs20));
2095 wpa_ie_len += wpabuf_len(hs20);
2096 }
2097 wpabuf_free(hs20);
2098 }
2099 }
2100 #endif /* CONFIG_HS20 */
2101
2102 /*
2103 * Workaround: Add Extended Capabilities element only if the AP
2104 * included this element in Beacon/Probe Response frames. Some older
2105 * APs seem to have interoperability issues if this element is
2106 * included, so while the standard may require us to include the
2107 * element in all cases, it is justifiable to skip it to avoid
2108 * interoperability issues.
2109 */
2110 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2111 u8 ext_capab[18];
2112 int ext_capab_len;
2113 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2114 sizeof(ext_capab));
2115 if (ext_capab_len > 0) {
2116 u8 *pos = wpa_ie;
2117 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2118 pos += 2 + pos[1];
2119 os_memmove(pos + ext_capab_len, pos,
2120 wpa_ie_len - (pos - wpa_ie));
2121 wpa_ie_len += ext_capab_len;
2122 os_memcpy(pos, ext_capab, ext_capab_len);
2123 }
2124 }
2125
2126 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2127 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2128 size_t len;
2129
2130 len = sizeof(wpa_ie) - wpa_ie_len;
2131 if (wpabuf_len(buf) <= len) {
2132 os_memcpy(wpa_ie + wpa_ie_len,
2133 wpabuf_head(buf), wpabuf_len(buf));
2134 wpa_ie_len += wpabuf_len(buf);
2135 }
2136 }
2137
2138 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2139 use_crypt = 1;
2140 cipher_pairwise = wpa_s->pairwise_cipher;
2141 cipher_group = wpa_s->group_cipher;
2142 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2143 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2144 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2145 use_crypt = 0;
2146 if (wpa_set_wep_keys(wpa_s, ssid)) {
2147 use_crypt = 1;
2148 wep_keys_set = 1;
2149 }
2150 }
2151 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2152 use_crypt = 0;
2153
2154 #ifdef IEEE8021X_EAPOL
2155 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2156 if ((ssid->eapol_flags &
2157 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2158 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2159 !wep_keys_set) {
2160 use_crypt = 0;
2161 } else {
2162 /* Assume that dynamic WEP-104 keys will be used and
2163 * set cipher suites in order for drivers to expect
2164 * encryption. */
2165 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2166 }
2167 }
2168 #endif /* IEEE8021X_EAPOL */
2169
2170 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2171 /* Set the key before (and later after) association */
2172 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2173 }
2174
2175 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2176 if (bss) {
2177 params.ssid = bss->ssid;
2178 params.ssid_len = bss->ssid_len;
2179 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2180 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2181 MACSTR " freq=%u MHz based on scan results "
2182 "(bssid_set=%d)",
2183 MAC2STR(bss->bssid), bss->freq,
2184 ssid->bssid_set);
2185 params.bssid = bss->bssid;
2186 params.freq.freq = bss->freq;
2187 }
2188 params.bssid_hint = bss->bssid;
2189 params.freq_hint = bss->freq;
2190 } else {
2191 params.ssid = ssid->ssid;
2192 params.ssid_len = ssid->ssid_len;
2193 }
2194
2195 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2196 wpa_s->conf->ap_scan == 2) {
2197 params.bssid = ssid->bssid;
2198 params.fixed_bssid = 1;
2199 }
2200
2201 /* Initial frequency for IBSS/mesh */
2202 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2203 ssid->frequency > 0 && params.freq.freq == 0)
2204 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
2205
2206 if (ssid->mode == WPAS_MODE_IBSS) {
2207 params.fixed_freq = ssid->fixed_freq;
2208 if (ssid->beacon_int)
2209 params.beacon_int = ssid->beacon_int;
2210 else
2211 params.beacon_int = wpa_s->conf->beacon_int;
2212 }
2213
2214 params.wpa_ie = wpa_ie;
2215 params.wpa_ie_len = wpa_ie_len;
2216 params.pairwise_suite = cipher_pairwise;
2217 params.group_suite = cipher_group;
2218 params.key_mgmt_suite = wpa_s->key_mgmt;
2219 params.wpa_proto = wpa_s->wpa_proto;
2220 params.auth_alg = algs;
2221 params.mode = ssid->mode;
2222 params.bg_scan_period = ssid->bg_scan_period;
2223 for (i = 0; i < NUM_WEP_KEYS; i++) {
2224 if (ssid->wep_key_len[i])
2225 params.wep_key[i] = ssid->wep_key[i];
2226 params.wep_key_len[i] = ssid->wep_key_len[i];
2227 }
2228 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2229
2230 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2231 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2232 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2233 params.passphrase = ssid->passphrase;
2234 if (ssid->psk_set)
2235 params.psk = ssid->psk;
2236 }
2237
2238 if (wpa_s->conf->key_mgmt_offload) {
2239 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2240 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2241 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2242 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2243 params.req_key_mgmt_offload =
2244 ssid->proactive_key_caching < 0 ?
2245 wpa_s->conf->okc : ssid->proactive_key_caching;
2246 else
2247 params.req_key_mgmt_offload = 1;
2248
2249 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2250 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2251 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2252 ssid->psk_set)
2253 params.psk = ssid->psk;
2254 }
2255
2256 params.drop_unencrypted = use_crypt;
2257
2258 #ifdef CONFIG_IEEE80211W
2259 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2260 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2261 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2262 struct wpa_ie_data ie;
2263 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2264 ie.capabilities &
2265 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2266 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2267 "MFP: require MFP");
2268 params.mgmt_frame_protection =
2269 MGMT_FRAME_PROTECTION_REQUIRED;
2270 }
2271 }
2272 #endif /* CONFIG_IEEE80211W */
2273
2274 params.p2p = ssid->p2p_group;
2275
2276 if (wpa_s->parent->set_sta_uapsd)
2277 params.uapsd = wpa_s->parent->sta_uapsd;
2278 else
2279 params.uapsd = -1;
2280
2281 #ifdef CONFIG_HT_OVERRIDES
2282 os_memset(&htcaps, 0, sizeof(htcaps));
2283 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2284 params.htcaps = (u8 *) &htcaps;
2285 params.htcaps_mask = (u8 *) &htcaps_mask;
2286 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
2287 #endif /* CONFIG_HT_OVERRIDES */
2288 #ifdef CONFIG_VHT_OVERRIDES
2289 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2290 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2291 params.vhtcaps = &vhtcaps;
2292 params.vhtcaps_mask = &vhtcaps_mask;
2293 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
2294 #endif /* CONFIG_VHT_OVERRIDES */
2295
2296 #ifdef CONFIG_P2P
2297 /*
2298 * If multi-channel concurrency is not supported, check for any
2299 * frequency conflict. In case of any frequency conflict, remove the
2300 * least prioritized connection.
2301 */
2302 if (wpa_s->num_multichan_concurrent < 2) {
2303 int freq, num;
2304 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2305 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2306 wpa_printf(MSG_DEBUG,
2307 "Assoc conflicting freq found (%d != %d)",
2308 freq, params.freq.freq);
2309 if (wpas_p2p_handle_frequency_conflicts(
2310 wpa_s, params.freq.freq, ssid) < 0) {
2311 wpas_connect_work_done(wpa_s);
2312 return;
2313 }
2314 }
2315 }
2316 #endif /* CONFIG_P2P */
2317
2318 ret = wpa_drv_associate(wpa_s, &params);
2319 if (ret < 0) {
2320 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2321 "failed");
2322 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2323 /*
2324 * The driver is known to mean what is saying, so we
2325 * can stop right here; the association will not
2326 * succeed.
2327 */
2328 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2329 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2330 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2331 return;
2332 }
2333 /* try to continue anyway; new association will be tried again
2334 * after timeout */
2335 assoc_failed = 1;
2336 }
2337
2338 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2339 /* Set the key after the association just in case association
2340 * cleared the previously configured key. */
2341 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2342 /* No need to timeout authentication since there is no key
2343 * management. */
2344 wpa_supplicant_cancel_auth_timeout(wpa_s);
2345 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2346 #ifdef CONFIG_IBSS_RSN
2347 } else if (ssid->mode == WPAS_MODE_IBSS &&
2348 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2349 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2350 /*
2351 * RSN IBSS authentication is per-STA and we can disable the
2352 * per-BSSID authentication.
2353 */
2354 wpa_supplicant_cancel_auth_timeout(wpa_s);
2355 #endif /* CONFIG_IBSS_RSN */
2356 } else {
2357 /* Timeout for IEEE 802.11 authentication and association */
2358 int timeout = 60;
2359
2360 if (assoc_failed) {
2361 /* give IBSS a bit more time */
2362 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2363 } else if (wpa_s->conf->ap_scan == 1) {
2364 /* give IBSS a bit more time */
2365 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2366 }
2367 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2368 }
2369
2370 if (wep_keys_set &&
2371 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2372 /* Set static WEP keys again */
2373 wpa_set_wep_keys(wpa_s, ssid);
2374 }
2375
2376 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2377 /*
2378 * Do not allow EAP session resumption between different
2379 * network configurations.
2380 */
2381 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2382 }
2383 old_ssid = wpa_s->current_ssid;
2384 wpa_s->current_ssid = ssid;
2385 wpa_s->current_bss = bss;
2386 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2387 wpa_supplicant_initiate_eapol(wpa_s);
2388 if (old_ssid != wpa_s->current_ssid)
2389 wpas_notify_network_changed(wpa_s);
2390 }
2391
2392
2393 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2394 const u8 *addr)
2395 {
2396 struct wpa_ssid *old_ssid;
2397
2398 wpas_connect_work_done(wpa_s);
2399 wpa_clear_keys(wpa_s, addr);
2400 old_ssid = wpa_s->current_ssid;
2401 wpa_supplicant_mark_disassoc(wpa_s);
2402 wpa_sm_set_config(wpa_s->wpa, NULL);
2403 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2404 if (old_ssid != wpa_s->current_ssid)
2405 wpas_notify_network_changed(wpa_s);
2406 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2407 }
2408
2409
2410 /**
2411 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2412 * @wpa_s: Pointer to wpa_supplicant data
2413 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2414 *
2415 * This function is used to request %wpa_supplicant to deauthenticate from the
2416 * current AP.
2417 */
2418 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2419 int reason_code)
2420 {
2421 u8 *addr = NULL;
2422 union wpa_event_data event;
2423 int zero_addr = 0;
2424
2425 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2426 " pending_bssid=" MACSTR " reason=%d state=%s",
2427 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2428 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2429
2430 if (!is_zero_ether_addr(wpa_s->bssid))
2431 addr = wpa_s->bssid;
2432 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2433 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2434 wpa_s->wpa_state == WPA_ASSOCIATING))
2435 addr = wpa_s->pending_bssid;
2436 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2437 /*
2438 * When using driver-based BSS selection, we may not know the
2439 * BSSID with which we are currently trying to associate. We
2440 * need to notify the driver of this disconnection even in such
2441 * a case, so use the all zeros address here.
2442 */
2443 addr = wpa_s->bssid;
2444 zero_addr = 1;
2445 }
2446
2447 #ifdef CONFIG_TDLS
2448 wpa_tdls_teardown_peers(wpa_s->wpa);
2449 #endif /* CONFIG_TDLS */
2450
2451 #ifdef CONFIG_MESH
2452 if (wpa_s->ifmsh) {
2453 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2454 wpa_s->ifname);
2455 wpa_supplicant_leave_mesh(wpa_s);
2456 }
2457 #endif /* CONFIG_MESH */
2458
2459 if (addr) {
2460 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2461 os_memset(&event, 0, sizeof(event));
2462 event.deauth_info.reason_code = (u16) reason_code;
2463 event.deauth_info.locally_generated = 1;
2464 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2465 if (zero_addr)
2466 addr = NULL;
2467 }
2468
2469 wpa_supplicant_clear_connection(wpa_s, addr);
2470 }
2471
2472 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2473 struct wpa_ssid *ssid)
2474 {
2475 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2476 return;
2477
2478 ssid->disabled = 0;
2479 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2480 wpas_notify_network_enabled_changed(wpa_s, ssid);
2481
2482 /*
2483 * Try to reassociate since there is no current configuration and a new
2484 * network was made available.
2485 */
2486 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2487 wpa_s->reassociate = 1;
2488 }
2489
2490
2491 /**
2492 * wpa_supplicant_enable_network - Mark a configured network as enabled
2493 * @wpa_s: wpa_supplicant structure for a network interface
2494 * @ssid: wpa_ssid structure for a configured network or %NULL
2495 *
2496 * Enables the specified network or all networks if no network specified.
2497 */
2498 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2499 struct wpa_ssid *ssid)
2500 {
2501 if (ssid == NULL) {
2502 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2503 wpa_supplicant_enable_one_network(wpa_s, ssid);
2504 } else
2505 wpa_supplicant_enable_one_network(wpa_s, ssid);
2506
2507 if (wpa_s->reassociate && !wpa_s->disconnected) {
2508 if (wpa_s->sched_scanning) {
2509 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2510 "new network to scan filters");
2511 wpa_supplicant_cancel_sched_scan(wpa_s);
2512 }
2513
2514 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2515 wpa_supplicant_req_scan(wpa_s, 0, 0);
2516 }
2517 }
2518
2519
2520 /**
2521 * wpa_supplicant_disable_network - Mark a configured network as disabled
2522 * @wpa_s: wpa_supplicant structure for a network interface
2523 * @ssid: wpa_ssid structure for a configured network or %NULL
2524 *
2525 * Disables the specified network or all networks if no network specified.
2526 */
2527 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2528 struct wpa_ssid *ssid)
2529 {
2530 struct wpa_ssid *other_ssid;
2531 int was_disabled;
2532
2533 if (ssid == NULL) {
2534 if (wpa_s->sched_scanning)
2535 wpa_supplicant_cancel_sched_scan(wpa_s);
2536
2537 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2538 other_ssid = other_ssid->next) {
2539 was_disabled = other_ssid->disabled;
2540 if (was_disabled == 2)
2541 continue; /* do not change persistent P2P group
2542 * data */
2543
2544 other_ssid->disabled = 1;
2545
2546 if (was_disabled != other_ssid->disabled)
2547 wpas_notify_network_enabled_changed(
2548 wpa_s, other_ssid);
2549 }
2550 if (wpa_s->current_ssid)
2551 wpa_supplicant_deauthenticate(
2552 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2553 } else if (ssid->disabled != 2) {
2554 if (ssid == wpa_s->current_ssid)
2555 wpa_supplicant_deauthenticate(
2556 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2557
2558 was_disabled = ssid->disabled;
2559
2560 ssid->disabled = 1;
2561
2562 if (was_disabled != ssid->disabled) {
2563 wpas_notify_network_enabled_changed(wpa_s, ssid);
2564 if (wpa_s->sched_scanning) {
2565 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2566 "to remove network from filters");
2567 wpa_supplicant_cancel_sched_scan(wpa_s);
2568 wpa_supplicant_req_scan(wpa_s, 0, 0);
2569 }
2570 }
2571 }
2572 }
2573
2574
2575 /**
2576 * wpa_supplicant_select_network - Attempt association with a network
2577 * @wpa_s: wpa_supplicant structure for a network interface
2578 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2579 */
2580 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2581 struct wpa_ssid *ssid)
2582 {
2583
2584 struct wpa_ssid *other_ssid;
2585 int disconnected = 0;
2586
2587 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2588 wpa_supplicant_deauthenticate(
2589 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2590 disconnected = 1;
2591 }
2592
2593 if (ssid)
2594 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2595
2596 /*
2597 * Mark all other networks disabled or mark all networks enabled if no
2598 * network specified.
2599 */
2600 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2601 other_ssid = other_ssid->next) {
2602 int was_disabled = other_ssid->disabled;
2603 if (was_disabled == 2)
2604 continue; /* do not change persistent P2P group data */
2605
2606 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2607 if (was_disabled && !other_ssid->disabled)
2608 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2609
2610 if (was_disabled != other_ssid->disabled)
2611 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2612 }
2613
2614 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2615 /* We are already associated with the selected network */
2616 wpa_printf(MSG_DEBUG, "Already associated with the "
2617 "selected network - do nothing");
2618 return;
2619 }
2620
2621 if (ssid) {
2622 wpa_s->current_ssid = ssid;
2623 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2624 wpa_s->connect_without_scan =
2625 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2626 } else {
2627 wpa_s->connect_without_scan = NULL;
2628 }
2629
2630 wpa_s->disconnected = 0;
2631 wpa_s->reassociate = 1;
2632
2633 if (wpa_s->connect_without_scan ||
2634 wpa_supplicant_fast_associate(wpa_s) != 1)
2635 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2636
2637 if (ssid)
2638 wpas_notify_network_selected(wpa_s, ssid);
2639 }
2640
2641
2642 /**
2643 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2644 * @wpa_s: wpa_supplicant structure for a network interface
2645 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2646 * @pkcs11_module_path: PKCS #11 module path or NULL
2647 * Returns: 0 on success; -1 on failure
2648 *
2649 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2650 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2651 * module path fails the paths will be reset to the default value (NULL).
2652 */
2653 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2654 const char *pkcs11_engine_path,
2655 const char *pkcs11_module_path)
2656 {
2657 char *pkcs11_engine_path_copy = NULL;
2658 char *pkcs11_module_path_copy = NULL;
2659
2660 if (pkcs11_engine_path != NULL) {
2661 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2662 if (pkcs11_engine_path_copy == NULL)
2663 return -1;
2664 }
2665 if (pkcs11_module_path != NULL) {
2666 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2667 if (pkcs11_module_path_copy == NULL) {
2668 os_free(pkcs11_engine_path_copy);
2669 return -1;
2670 }
2671 }
2672
2673 os_free(wpa_s->conf->pkcs11_engine_path);
2674 os_free(wpa_s->conf->pkcs11_module_path);
2675 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2676 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2677
2678 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2679 eapol_sm_deinit(wpa_s->eapol);
2680 wpa_s->eapol = NULL;
2681 if (wpa_supplicant_init_eapol(wpa_s)) {
2682 /* Error -> Reset paths to the default value (NULL) once. */
2683 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2684 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2685 NULL);
2686
2687 return -1;
2688 }
2689 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2690
2691 return 0;
2692 }
2693
2694
2695 /**
2696 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2697 * @wpa_s: wpa_supplicant structure for a network interface
2698 * @ap_scan: AP scan mode
2699 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2700 *
2701 */
2702 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2703 {
2704
2705 int old_ap_scan;
2706
2707 if (ap_scan < 0 || ap_scan > 2)
2708 return -1;
2709
2710 #ifdef ANDROID
2711 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2712 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2713 wpa_s->wpa_state < WPA_COMPLETED) {
2714 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2715 "associating", wpa_s->conf->ap_scan, ap_scan);
2716 return 0;
2717 }
2718 #endif /* ANDROID */
2719
2720 old_ap_scan = wpa_s->conf->ap_scan;
2721 wpa_s->conf->ap_scan = ap_scan;
2722
2723 if (old_ap_scan != wpa_s->conf->ap_scan)
2724 wpas_notify_ap_scan_changed(wpa_s);
2725
2726 return 0;
2727 }
2728
2729
2730 /**
2731 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2732 * @wpa_s: wpa_supplicant structure for a network interface
2733 * @expire_age: Expiration age in seconds
2734 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2735 *
2736 */
2737 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2738 unsigned int bss_expire_age)
2739 {
2740 if (bss_expire_age < 10) {
2741 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2742 bss_expire_age);
2743 return -1;
2744 }
2745 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2746 bss_expire_age);
2747 wpa_s->conf->bss_expiration_age = bss_expire_age;
2748
2749 return 0;
2750 }
2751
2752
2753 /**
2754 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2755 * @wpa_s: wpa_supplicant structure for a network interface
2756 * @expire_count: number of scans after which an unseen BSS is reclaimed
2757 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2758 *
2759 */
2760 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2761 unsigned int bss_expire_count)
2762 {
2763 if (bss_expire_count < 1) {
2764 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2765 bss_expire_count);
2766 return -1;
2767 }
2768 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2769 bss_expire_count);
2770 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2771
2772 return 0;
2773 }
2774
2775
2776 /**
2777 * wpa_supplicant_set_scan_interval - Set scan interval
2778 * @wpa_s: wpa_supplicant structure for a network interface
2779 * @scan_interval: scan interval in seconds
2780 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2781 *
2782 */
2783 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2784 int scan_interval)
2785 {
2786 if (scan_interval < 0) {
2787 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2788 scan_interval);
2789 return -1;
2790 }
2791 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2792 scan_interval);
2793 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2794
2795 return 0;
2796 }
2797
2798
2799 /**
2800 * wpa_supplicant_set_debug_params - Set global debug params
2801 * @global: wpa_global structure
2802 * @debug_level: debug level
2803 * @debug_timestamp: determines if show timestamp in debug data
2804 * @debug_show_keys: determines if show keys in debug data
2805 * Returns: 0 if succeed or -1 if debug_level has wrong value
2806 */
2807 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2808 int debug_timestamp, int debug_show_keys)
2809 {
2810
2811 int old_level, old_timestamp, old_show_keys;
2812
2813 /* check for allowed debuglevels */
2814 if (debug_level != MSG_EXCESSIVE &&
2815 debug_level != MSG_MSGDUMP &&
2816 debug_level != MSG_DEBUG &&
2817 debug_level != MSG_INFO &&
2818 debug_level != MSG_WARNING &&
2819 debug_level != MSG_ERROR)
2820 return -1;
2821
2822 old_level = wpa_debug_level;
2823 old_timestamp = wpa_debug_timestamp;
2824 old_show_keys = wpa_debug_show_keys;
2825
2826 wpa_debug_level = debug_level;
2827 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2828 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2829
2830 if (wpa_debug_level != old_level)
2831 wpas_notify_debug_level_changed(global);
2832 if (wpa_debug_timestamp != old_timestamp)
2833 wpas_notify_debug_timestamp_changed(global);
2834 if (wpa_debug_show_keys != old_show_keys)
2835 wpas_notify_debug_show_keys_changed(global);
2836
2837 return 0;
2838 }
2839
2840
2841 /**
2842 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2843 * @wpa_s: Pointer to wpa_supplicant data
2844 * Returns: A pointer to the current network structure or %NULL on failure
2845 */
2846 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2847 {
2848 struct wpa_ssid *entry;
2849 u8 ssid[MAX_SSID_LEN];
2850 int res;
2851 size_t ssid_len;
2852 u8 bssid[ETH_ALEN];
2853 int wired;
2854
2855 res = wpa_drv_get_ssid(wpa_s, ssid);
2856 if (res < 0) {
2857 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2858 "driver");
2859 return NULL;
2860 }
2861 ssid_len = res;
2862
2863 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2864 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2865 "driver");
2866 return NULL;
2867 }
2868
2869 wired = wpa_s->conf->ap_scan == 0 &&
2870 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2871
2872 entry = wpa_s->conf->ssid;
2873 while (entry) {
2874 if (!wpas_network_disabled(wpa_s, entry) &&
2875 ((ssid_len == entry->ssid_len &&
2876 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2877 (!entry->bssid_set ||
2878 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2879 return entry;
2880 #ifdef CONFIG_WPS
2881 if (!wpas_network_disabled(wpa_s, entry) &&
2882 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2883 (entry->ssid == NULL || entry->ssid_len == 0) &&
2884 (!entry->bssid_set ||
2885 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2886 return entry;
2887 #endif /* CONFIG_WPS */
2888
2889 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2890 entry->ssid_len == 0 &&
2891 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2892 return entry;
2893
2894 entry = entry->next;
2895 }
2896
2897 return NULL;
2898 }
2899
2900
2901 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2902 {
2903 struct wpa_global *global = wpa_s->global;
2904
2905 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2906 global->drv_priv[i] = wpa_drivers[i]->global_init();
2907 if (global->drv_priv[i] == NULL) {
2908 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2909 "'%s'", wpa_drivers[i]->name);
2910 return -1;
2911 }
2912 }
2913
2914 wpa_s->driver = wpa_drivers[i];
2915 wpa_s->global_drv_priv = global->drv_priv[i];
2916
2917 return 0;
2918 }
2919
2920
2921 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2922 const char *name)
2923 {
2924 int i;
2925 size_t len;
2926 const char *pos, *driver = name;
2927
2928 if (wpa_s == NULL)
2929 return -1;
2930
2931 if (wpa_drivers[0] == NULL) {
2932 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2933 "wpa_supplicant");
2934 return -1;
2935 }
2936
2937 if (name == NULL) {
2938 /* default to first driver in the list */
2939 return select_driver(wpa_s, 0);
2940 }
2941
2942 do {
2943 pos = os_strchr(driver, ',');
2944 if (pos)
2945 len = pos - driver;
2946 else
2947 len = os_strlen(driver);
2948
2949 for (i = 0; wpa_drivers[i]; i++) {
2950 if (os_strlen(wpa_drivers[i]->name) == len &&
2951 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2952 0) {
2953 /* First driver that succeeds wins */
2954 if (select_driver(wpa_s, i) == 0)
2955 return 0;
2956 }
2957 }
2958
2959 driver = pos + 1;
2960 } while (pos);
2961
2962 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2963 return -1;
2964 }
2965
2966
2967 /**
2968 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2969 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2970 * with struct wpa_driver_ops::init()
2971 * @src_addr: Source address of the EAPOL frame
2972 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2973 * @len: Length of the EAPOL data
2974 *
2975 * This function is called for each received EAPOL frame. Most driver
2976 * interfaces rely on more generic OS mechanism for receiving frames through
2977 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2978 * take care of received EAPOL frames and deliver them to the core supplicant
2979 * code by calling this function.
2980 */
2981 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2982 const u8 *buf, size_t len)
2983 {
2984 struct wpa_supplicant *wpa_s = ctx;
2985
2986 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2987 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2988
2989 #ifdef CONFIG_PEERKEY
2990 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2991 wpa_s->current_ssid->peerkey &&
2992 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2993 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2994 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2995 return;
2996 }
2997 #endif /* CONFIG_PEERKEY */
2998
2999 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3000 (wpa_s->last_eapol_matches_bssid &&
3001 #ifdef CONFIG_AP
3002 !wpa_s->ap_iface &&
3003 #endif /* CONFIG_AP */
3004 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3005 /*
3006 * There is possible race condition between receiving the
3007 * association event and the EAPOL frame since they are coming
3008 * through different paths from the driver. In order to avoid
3009 * issues in trying to process the EAPOL frame before receiving
3010 * association information, lets queue it for processing until
3011 * the association event is received. This may also be needed in
3012 * driver-based roaming case, so also use src_addr != BSSID as a
3013 * trigger if we have previously confirmed that the
3014 * Authenticator uses BSSID as the src_addr (which is not the
3015 * case with wired IEEE 802.1X).
3016 */
3017 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3018 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3019 wpa_supplicant_state_txt(wpa_s->wpa_state),
3020 MAC2STR(wpa_s->bssid));
3021 wpabuf_free(wpa_s->pending_eapol_rx);
3022 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3023 if (wpa_s->pending_eapol_rx) {
3024 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3025 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3026 ETH_ALEN);
3027 }
3028 return;
3029 }
3030
3031 wpa_s->last_eapol_matches_bssid =
3032 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3033
3034 #ifdef CONFIG_AP
3035 if (wpa_s->ap_iface) {
3036 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3037 return;
3038 }
3039 #endif /* CONFIG_AP */
3040
3041 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3042 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3043 "no key management is configured");
3044 return;
3045 }
3046
3047 if (wpa_s->eapol_received == 0 &&
3048 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3049 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3050 wpa_s->wpa_state != WPA_COMPLETED) &&
3051 (wpa_s->current_ssid == NULL ||
3052 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3053 /* Timeout for completing IEEE 802.1X and WPA authentication */
3054 wpa_supplicant_req_auth_timeout(
3055 wpa_s,
3056 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3057 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3058 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
3059 70 : 10, 0);
3060 }
3061 wpa_s->eapol_received++;
3062
3063 if (wpa_s->countermeasures) {
3064 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3065 "EAPOL packet");
3066 return;
3067 }
3068
3069 #ifdef CONFIG_IBSS_RSN
3070 if (wpa_s->current_ssid &&
3071 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3072 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3073 return;
3074 }
3075 #endif /* CONFIG_IBSS_RSN */
3076
3077 /* Source address of the incoming EAPOL frame could be compared to the
3078 * current BSSID. However, it is possible that a centralized
3079 * Authenticator could be using another MAC address than the BSSID of
3080 * an AP, so just allow any address to be used for now. The replies are
3081 * still sent to the current BSSID (if available), though. */
3082
3083 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3084 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3085 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3086 return;
3087 wpa_drv_poll(wpa_s);
3088 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3089 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3090 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3091 /*
3092 * Set portValid = TRUE here since we are going to skip 4-way
3093 * handshake processing which would normally set portValid. We
3094 * need this to allow the EAPOL state machines to be completed
3095 * without going through EAPOL-Key handshake.
3096 */
3097 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3098 }
3099 }
3100
3101
3102 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3103 {
3104 if ((!wpa_s->p2p_mgmt ||
3105 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3106 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3107 l2_packet_deinit(wpa_s->l2);
3108 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3109 wpa_drv_get_mac_addr(wpa_s),
3110 ETH_P_EAPOL,
3111 wpa_supplicant_rx_eapol, wpa_s, 0);
3112 if (wpa_s->l2 == NULL)
3113 return -1;
3114 } else {
3115 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3116 if (addr)
3117 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3118 }
3119
3120 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3121 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3122 return -1;
3123 }
3124
3125 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3126
3127 return 0;
3128 }
3129
3130
3131 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3132 const u8 *buf, size_t len)
3133 {
3134 struct wpa_supplicant *wpa_s = ctx;
3135 const struct l2_ethhdr *eth;
3136
3137 if (len < sizeof(*eth))
3138 return;
3139 eth = (const struct l2_ethhdr *) buf;
3140
3141 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3142 !(eth->h_dest[0] & 0x01)) {
3143 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3144 " (bridge - not for this interface - ignore)",
3145 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3146 return;
3147 }
3148
3149 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3150 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3151 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3152 len - sizeof(*eth));
3153 }
3154
3155
3156 /**
3157 * wpa_supplicant_driver_init - Initialize driver interface parameters
3158 * @wpa_s: Pointer to wpa_supplicant data
3159 * Returns: 0 on success, -1 on failure
3160 *
3161 * This function is called to initialize driver interface parameters.
3162 * wpa_drv_init() must have been called before this function to initialize the
3163 * driver interface.
3164 */
3165 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3166 {
3167 static int interface_count = 0;
3168
3169 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3170 return -1;
3171
3172 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3173 MAC2STR(wpa_s->own_addr));
3174 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3175 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3176
3177 if (wpa_s->bridge_ifname[0]) {
3178 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3179 "interface '%s'", wpa_s->bridge_ifname);
3180 wpa_s->l2_br = l2_packet_init_bridge(
3181 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3182 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3183 if (wpa_s->l2_br == NULL) {
3184 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3185 "connection for the bridge interface '%s'",
3186 wpa_s->bridge_ifname);
3187 return -1;
3188 }
3189 }
3190
3191 wpa_clear_keys(wpa_s, NULL);
3192
3193 /* Make sure that TKIP countermeasures are not left enabled (could
3194 * happen if wpa_supplicant is killed during countermeasures. */
3195 wpa_drv_set_countermeasures(wpa_s, 0);
3196
3197 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3198 wpa_drv_flush_pmkid(wpa_s);
3199
3200 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3201 wpa_s->prev_scan_wildcard = 0;
3202
3203 if (wpa_supplicant_enabled_networks(wpa_s)) {
3204 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3205 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3206 interface_count = 0;
3207 }
3208 #ifndef ANDROID
3209 if (!wpa_s->p2p_mgmt &&
3210 wpa_supplicant_delayed_sched_scan(wpa_s,
3211 interface_count % 3,
3212 100000))
3213 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3214 100000);
3215 #endif /* ANDROID */
3216 interface_count++;
3217 } else
3218 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3219
3220 return 0;
3221 }
3222
3223
3224 static int wpa_supplicant_daemon(const char *pid_file)
3225 {
3226 wpa_printf(MSG_DEBUG, "Daemonize..");
3227 return os_daemonize(pid_file);
3228 }
3229
3230
3231 static struct wpa_supplicant * wpa_supplicant_alloc(void)
3232 {
3233 struct wpa_supplicant *wpa_s;
3234
3235 wpa_s = os_zalloc(sizeof(*wpa_s));
3236 if (wpa_s == NULL)
3237 return NULL;
3238 wpa_s->scan_req = INITIAL_SCAN_REQ;
3239 wpa_s->scan_interval = 5;
3240 wpa_s->new_connection = 1;
3241 wpa_s->parent = wpa_s;
3242 wpa_s->sched_scanning = 0;
3243
3244 return wpa_s;
3245 }
3246
3247
3248 #ifdef CONFIG_HT_OVERRIDES
3249
3250 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3251 struct ieee80211_ht_capabilities *htcaps,
3252 struct ieee80211_ht_capabilities *htcaps_mask,
3253 const char *ht_mcs)
3254 {
3255 /* parse ht_mcs into hex array */
3256 int i;
3257 const char *tmp = ht_mcs;
3258 char *end = NULL;
3259
3260 /* If ht_mcs is null, do not set anything */
3261 if (!ht_mcs)
3262 return 0;
3263
3264 /* This is what we are setting in the kernel */
3265 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3266
3267 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3268
3269 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3270 errno = 0;
3271 long v = strtol(tmp, &end, 16);
3272 if (errno == 0) {
3273 wpa_msg(wpa_s, MSG_DEBUG,
3274 "htcap value[%i]: %ld end: %p tmp: %p",
3275 i, v, end, tmp);
3276 if (end == tmp)
3277 break;
3278
3279 htcaps->supported_mcs_set[i] = v;
3280 tmp = end;
3281 } else {
3282 wpa_msg(wpa_s, MSG_ERROR,
3283 "Failed to parse ht-mcs: %s, error: %s\n",
3284 ht_mcs, strerror(errno));
3285 return -1;
3286 }
3287 }
3288
3289 /*
3290 * If we were able to parse any values, then set mask for the MCS set.
3291 */
3292 if (i) {
3293 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3294 IEEE80211_HT_MCS_MASK_LEN - 1);
3295 /* skip the 3 reserved bits */
3296 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3297 0x1f;
3298 }
3299
3300 return 0;
3301 }
3302
3303
3304 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3305 struct ieee80211_ht_capabilities *htcaps,
3306 struct ieee80211_ht_capabilities *htcaps_mask,
3307 int disabled)
3308 {
3309 le16 msk;
3310
3311 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3312
3313 if (disabled == -1)
3314 return 0;
3315
3316 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3317 htcaps_mask->ht_capabilities_info |= msk;
3318 if (disabled)
3319 htcaps->ht_capabilities_info &= msk;
3320 else
3321 htcaps->ht_capabilities_info |= msk;
3322
3323 return 0;
3324 }
3325
3326
3327 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3328 struct ieee80211_ht_capabilities *htcaps,
3329 struct ieee80211_ht_capabilities *htcaps_mask,
3330 int factor)
3331 {
3332 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3333
3334 if (factor == -1)
3335 return 0;
3336
3337 if (factor < 0 || factor > 3) {
3338 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3339 "Must be 0-3 or -1", factor);
3340 return -EINVAL;
3341 }
3342
3343 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3344 htcaps->a_mpdu_params &= ~0x3;
3345 htcaps->a_mpdu_params |= factor & 0x3;
3346
3347 return 0;
3348 }
3349
3350
3351 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3352 struct ieee80211_ht_capabilities *htcaps,
3353 struct ieee80211_ht_capabilities *htcaps_mask,
3354 int density)
3355 {
3356 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3357
3358 if (density == -1)
3359 return 0;
3360
3361 if (density < 0 || density > 7) {
3362 wpa_msg(wpa_s, MSG_ERROR,
3363 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3364 density);
3365 return -EINVAL;
3366 }
3367
3368 htcaps_mask->a_mpdu_params |= 0x1C;
3369 htcaps->a_mpdu_params &= ~(0x1C);
3370 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3371
3372 return 0;
3373 }
3374
3375
3376 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3377 struct ieee80211_ht_capabilities *htcaps,
3378 struct ieee80211_ht_capabilities *htcaps_mask,
3379 int disabled)
3380 {
3381 /* Masking these out disables HT40 */
3382 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3383 HT_CAP_INFO_SHORT_GI40MHZ);
3384
3385 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3386
3387 if (disabled)
3388 htcaps->ht_capabilities_info &= ~msk;
3389 else
3390 htcaps->ht_capabilities_info |= msk;
3391
3392 htcaps_mask->ht_capabilities_info |= msk;
3393
3394 return 0;
3395 }
3396
3397
3398 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3399 struct ieee80211_ht_capabilities *htcaps,
3400 struct ieee80211_ht_capabilities *htcaps_mask,
3401 int disabled)
3402 {
3403 /* Masking these out disables SGI */
3404 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3405 HT_CAP_INFO_SHORT_GI40MHZ);
3406
3407 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3408
3409 if (disabled)
3410 htcaps->ht_capabilities_info &= ~msk;
3411 else
3412 htcaps->ht_capabilities_info |= msk;
3413
3414 htcaps_mask->ht_capabilities_info |= msk;
3415
3416 return 0;
3417 }
3418
3419
3420 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3421 struct ieee80211_ht_capabilities *htcaps,
3422 struct ieee80211_ht_capabilities *htcaps_mask,
3423 int disabled)
3424 {
3425 /* Masking these out disables LDPC */
3426 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3427
3428 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3429
3430 if (disabled)
3431 htcaps->ht_capabilities_info &= ~msk;
3432 else
3433 htcaps->ht_capabilities_info |= msk;
3434
3435 htcaps_mask->ht_capabilities_info |= msk;
3436
3437 return 0;
3438 }
3439
3440
3441 void wpa_supplicant_apply_ht_overrides(
3442 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3443 struct wpa_driver_associate_params *params)
3444 {
3445 struct ieee80211_ht_capabilities *htcaps;
3446 struct ieee80211_ht_capabilities *htcaps_mask;
3447
3448 if (!ssid)
3449 return;
3450
3451 params->disable_ht = ssid->disable_ht;
3452 if (!params->htcaps || !params->htcaps_mask)
3453 return;
3454
3455 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3456 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3457 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3458 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3459 ssid->disable_max_amsdu);
3460 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3461 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3462 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3463 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3464 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3465
3466 if (ssid->ht40_intolerant) {
3467 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3468 htcaps->ht_capabilities_info |= bit;
3469 htcaps_mask->ht_capabilities_info |= bit;
3470 }
3471 }
3472
3473 #endif /* CONFIG_HT_OVERRIDES */
3474
3475
3476 #ifdef CONFIG_VHT_OVERRIDES
3477 void wpa_supplicant_apply_vht_overrides(
3478 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3479 struct wpa_driver_associate_params *params)
3480 {
3481 struct ieee80211_vht_capabilities *vhtcaps;
3482 struct ieee80211_vht_capabilities *vhtcaps_mask;
3483
3484 if (!ssid)
3485 return;
3486
3487 params->disable_vht = ssid->disable_vht;
3488
3489 vhtcaps = (void *) params->vhtcaps;
3490 vhtcaps_mask = (void *) params->vhtcaps_mask;
3491
3492 if (!vhtcaps || !vhtcaps_mask)
3493 return;
3494
3495 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3496 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3497
3498 #ifdef CONFIG_HT_OVERRIDES
3499 /* if max ampdu is <= 3, we have to make the HT cap the same */
3500 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3501 int max_ampdu;
3502
3503 max_ampdu = (ssid->vht_capa &
3504 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3505 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3506
3507 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3508 wpa_set_ampdu_factor(wpa_s,
3509 (void *) params->htcaps,
3510 (void *) params->htcaps_mask,
3511 max_ampdu);
3512 }
3513 #endif /* CONFIG_HT_OVERRIDES */
3514
3515 #define OVERRIDE_MCS(i) \
3516 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3517 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3518 3 << 2 * (i - 1); \
3519 vhtcaps->vht_supported_mcs_set.tx_map |= \
3520 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3521 } \
3522 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3523 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3524 3 << 2 * (i - 1); \
3525 vhtcaps->vht_supported_mcs_set.rx_map |= \
3526 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3527 }
3528
3529 OVERRIDE_MCS(1);
3530 OVERRIDE_MCS(2);
3531 OVERRIDE_MCS(3);
3532 OVERRIDE_MCS(4);
3533 OVERRIDE_MCS(5);
3534 OVERRIDE_MCS(6);
3535 OVERRIDE_MCS(7);
3536 OVERRIDE_MCS(8);
3537 }
3538 #endif /* CONFIG_VHT_OVERRIDES */
3539
3540
3541 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3542 {
3543 #ifdef PCSC_FUNCS
3544 size_t len;
3545
3546 if (!wpa_s->conf->pcsc_reader)
3547 return 0;
3548
3549 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3550 if (!wpa_s->scard)
3551 return 1;
3552
3553 if (wpa_s->conf->pcsc_pin &&
3554 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3555 scard_deinit(wpa_s->scard);
3556 wpa_s->scard = NULL;
3557 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3558 return -1;
3559 }
3560
3561 len = sizeof(wpa_s->imsi) - 1;
3562 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3563 scard_deinit(wpa_s->scard);
3564 wpa_s->scard = NULL;
3565 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3566 return -1;
3567 }
3568 wpa_s->imsi[len] = '\0';
3569
3570 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3571
3572 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3573 wpa_s->imsi, wpa_s->mnc_len);
3574
3575 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3576 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3577 #endif /* PCSC_FUNCS */
3578
3579 return 0;
3580 }
3581
3582
3583 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3584 {
3585 char *val, *pos;
3586
3587 ext_password_deinit(wpa_s->ext_pw);
3588 wpa_s->ext_pw = NULL;
3589 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3590
3591 if (!wpa_s->conf->ext_password_backend)
3592 return 0;
3593
3594 val = os_strdup(wpa_s->conf->ext_password_backend);
3595 if (val == NULL)
3596 return -1;
3597 pos = os_strchr(val, ':');
3598 if (pos)
3599 *pos++ = '\0';
3600
3601 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3602
3603 wpa_s->ext_pw = ext_password_init(val, pos);
3604 os_free(val);
3605 if (wpa_s->ext_pw == NULL) {
3606 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3607 return -1;
3608 }
3609 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3610
3611 return 0;
3612 }
3613
3614
3615 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3616 const struct wpa_driver_capa *capa)
3617 {
3618 struct wowlan_triggers *triggers;
3619 int ret = 0;
3620
3621 if (!wpa_s->conf->wowlan_triggers)
3622 return 0;
3623
3624 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
3625 if (triggers) {
3626 ret = wpa_drv_wowlan(wpa_s, triggers);
3627 os_free(triggers);
3628 }
3629 return ret;
3630 }
3631
3632
3633 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3634 const char *rn)
3635 {
3636 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3637 struct wpa_radio *radio;
3638
3639 while (rn && iface) {
3640 radio = iface->radio;
3641 if (radio && os_strcmp(rn, radio->name) == 0) {
3642 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3643 wpa_s->ifname, rn);
3644 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3645 return radio;
3646 }
3647
3648 iface = iface->next;
3649 }
3650
3651 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3652 wpa_s->ifname, rn ? rn : "N/A");
3653 radio = os_zalloc(sizeof(*radio));
3654 if (radio == NULL)
3655 return NULL;
3656
3657 if (rn)
3658 os_strlcpy(radio->name, rn, sizeof(radio->name));
3659 dl_list_init(&radio->ifaces);
3660 dl_list_init(&radio->work);
3661 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3662
3663 return radio;
3664 }
3665
3666
3667 static void radio_work_free(struct wpa_radio_work *work)
3668 {
3669 if (work->wpa_s->scan_work == work) {
3670 /* This should not really happen. */
3671 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3672 work->type, work, work->started);
3673 work->wpa_s->scan_work = NULL;
3674 }
3675
3676 #ifdef CONFIG_P2P
3677 if (work->wpa_s->p2p_scan_work == work) {
3678 /* This should not really happen. */
3679 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3680 work->type, work, work->started);
3681 work->wpa_s->p2p_scan_work = NULL;
3682 }
3683 #endif /* CONFIG_P2P */
3684
3685 dl_list_del(&work->list);
3686 os_free(work);
3687 }
3688
3689
3690 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3691 {
3692 struct wpa_radio *radio = eloop_ctx;
3693 struct wpa_radio_work *work;
3694 struct os_reltime now, diff;
3695 struct wpa_supplicant *wpa_s;
3696
3697 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3698 if (work == NULL)
3699 return;
3700
3701 if (work->started)
3702 return; /* already started and still in progress */
3703
3704 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3705 radio_list);
3706 if (wpa_s && wpa_s->radio->external_scan_running) {
3707 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3708 return;
3709 }
3710
3711 os_get_reltime(&now);
3712 os_reltime_sub(&now, &work->time, &diff);
3713 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3714 work->type, work, diff.sec, diff.usec);
3715 work->started = 1;
3716 work->time = now;
3717 work->cb(work, 0);
3718 }
3719
3720
3721 /*
3722 * This function removes both started and pending radio works running on
3723 * the provided interface's radio.
3724 * Prior to the removal of the radio work, its callback (cb) is called with
3725 * deinit set to be 1. Each work's callback is responsible for clearing its
3726 * internal data and restoring to a correct state.
3727 * @wpa_s: wpa_supplicant data
3728 * @type: type of works to be removed
3729 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3730 * this interface's works.
3731 */
3732 void radio_remove_works(struct wpa_supplicant *wpa_s,
3733 const char *type, int remove_all)
3734 {
3735 struct wpa_radio_work *work, *tmp;
3736 struct wpa_radio *radio = wpa_s->radio;
3737
3738 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3739 list) {
3740 if (type && os_strcmp(type, work->type) != 0)
3741 continue;
3742
3743 /* skip other ifaces' works */
3744 if (!remove_all && work->wpa_s != wpa_s)
3745 continue;
3746
3747 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3748 work->type, work, work->started ? " (started)" : "");
3749 work->cb(work, 1);
3750 radio_work_free(work);
3751 }
3752
3753 /* in case we removed the started work */
3754 radio_work_check_next(wpa_s);
3755 }
3756
3757
3758 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3759 {
3760 struct wpa_radio *radio = wpa_s->radio;
3761
3762 if (!radio)
3763 return;
3764
3765 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3766 wpa_s->ifname, radio->name);
3767 dl_list_del(&wpa_s->radio_list);
3768 radio_remove_works(wpa_s, NULL, 0);
3769 wpa_s->radio = NULL;
3770 if (!dl_list_empty(&radio->ifaces))
3771 return; /* Interfaces remain for this radio */
3772
3773 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3774 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3775 os_free(radio);
3776 }
3777
3778
3779 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3780 {
3781 struct wpa_radio *radio = wpa_s->radio;
3782
3783 if (dl_list_empty(&radio->work))
3784 return;
3785 if (wpa_s->ext_work_in_progress) {
3786 wpa_printf(MSG_DEBUG,
3787 "External radio work in progress - delay start of pending item");
3788 return;
3789 }
3790 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3791 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3792 }
3793
3794
3795 /**
3796 * radio_add_work - Add a radio work item
3797 * @wpa_s: Pointer to wpa_supplicant data
3798 * @freq: Frequency of the offchannel operation in MHz or 0
3799 * @type: Unique identifier for each type of work
3800 * @next: Force as the next work to be executed
3801 * @cb: Callback function for indicating when radio is available
3802 * @ctx: Context pointer for the work (work->ctx in cb())
3803 * Returns: 0 on success, -1 on failure
3804 *
3805 * This function is used to request time for an operation that requires
3806 * exclusive radio control. Once the radio is available, the registered callback
3807 * function will be called. radio_work_done() must be called once the exclusive
3808 * radio operation has been completed, so that the radio is freed for other
3809 * operations. The special case of deinit=1 is used to free the context data
3810 * during interface removal. That does not allow the callback function to start
3811 * the radio operation, i.e., it must free any resources allocated for the radio
3812 * work and return.
3813 *
3814 * The @freq parameter can be used to indicate a single channel on which the
3815 * offchannel operation will occur. This may allow multiple radio work
3816 * operations to be performed in parallel if they apply for the same channel.
3817 * Setting this to 0 indicates that the work item may use multiple channels or
3818 * requires exclusive control of the radio.
3819 */
3820 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3821 const char *type, int next,
3822 void (*cb)(struct wpa_radio_work *work, int deinit),
3823 void *ctx)
3824 {
3825 struct wpa_radio_work *work;
3826 int was_empty;
3827
3828 work = os_zalloc(sizeof(*work));
3829 if (work == NULL)
3830 return -1;
3831 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3832 os_get_reltime(&work->time);
3833 work->freq = freq;
3834 work->type = type;
3835 work->wpa_s = wpa_s;
3836 work->cb = cb;
3837 work->ctx = ctx;
3838
3839 was_empty = dl_list_empty(&wpa_s->radio->work);
3840 if (next)
3841 dl_list_add(&wpa_s->radio->work, &work->list);
3842 else
3843 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3844 if (was_empty) {
3845 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3846 radio_work_check_next(wpa_s);
3847 }
3848
3849 return 0;
3850 }
3851
3852
3853 /**
3854 * radio_work_done - Indicate that a radio work item has been completed
3855 * @work: Completed work
3856 *
3857 * This function is called once the callback function registered with
3858 * radio_add_work() has completed its work.
3859 */
3860 void radio_work_done(struct wpa_radio_work *work)
3861 {
3862 struct wpa_supplicant *wpa_s = work->wpa_s;
3863 struct os_reltime now, diff;
3864 unsigned int started = work->started;
3865
3866 os_get_reltime(&now);
3867 os_reltime_sub(&now, &work->time, &diff);
3868 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3869 work->type, work, started ? "done" : "canceled",
3870 diff.sec, diff.usec);
3871 radio_work_free(work);
3872 if (started)
3873 radio_work_check_next(wpa_s);
3874 }
3875
3876
3877 struct wpa_radio_work *
3878 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3879 {
3880 struct wpa_radio_work *work;
3881 struct wpa_radio *radio = wpa_s->radio;
3882
3883 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3884 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3885 return work;
3886 }
3887
3888 return NULL;
3889 }
3890
3891
3892 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3893 struct wpa_interface *iface)
3894 {
3895 const char *ifname, *driver, *rn;
3896
3897 driver = iface->driver;
3898 next_driver:
3899 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3900 return -1;
3901
3902 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3903 if (wpa_s->drv_priv == NULL) {
3904 const char *pos;
3905 pos = driver ? os_strchr(driver, ',') : NULL;
3906 if (pos) {
3907 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3908 "driver interface - try next driver wrapper");
3909 driver = pos + 1;
3910 goto next_driver;
3911 }
3912 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3913 "interface");
3914 return -1;
3915 }
3916 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3917 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3918 "driver_param '%s'", wpa_s->conf->driver_param);
3919 return -1;
3920 }
3921
3922 ifname = wpa_drv_get_ifname(wpa_s);
3923 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3924 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3925 "interface name with '%s'", ifname);
3926 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3927 }
3928
3929 rn = wpa_driver_get_radio_name(wpa_s);
3930 if (rn && rn[0] == '\0')
3931 rn = NULL;
3932
3933 wpa_s->radio = radio_add_interface(wpa_s, rn);
3934 if (wpa_s->radio == NULL)
3935 return -1;
3936
3937 return 0;
3938 }
3939
3940
3941 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3942 struct wpa_interface *iface)
3943 {
3944 struct wpa_driver_capa capa;
3945 int capa_res;
3946
3947 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3948 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3949 iface->confname ? iface->confname : "N/A",
3950 iface->driver ? iface->driver : "default",
3951 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3952 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3953
3954 if (iface->confname) {
3955 #ifdef CONFIG_BACKEND_FILE
3956 wpa_s->confname = os_rel2abs_path(iface->confname);
3957 if (wpa_s->confname == NULL) {
3958 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3959 "for configuration file '%s'.",
3960 iface->confname);
3961 return -1;
3962 }
3963 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3964 iface->confname, wpa_s->confname);
3965 #else /* CONFIG_BACKEND_FILE */
3966 wpa_s->confname = os_strdup(iface->confname);
3967 #endif /* CONFIG_BACKEND_FILE */
3968 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3969 if (wpa_s->conf == NULL) {
3970 wpa_printf(MSG_ERROR, "Failed to read or parse "
3971 "configuration '%s'.", wpa_s->confname);
3972 return -1;
3973 }
3974 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3975 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3976
3977 /*
3978 * Override ctrl_interface and driver_param if set on command
3979 * line.
3980 */
3981 if (iface->ctrl_interface) {
3982 os_free(wpa_s->conf->ctrl_interface);
3983 wpa_s->conf->ctrl_interface =
3984 os_strdup(iface->ctrl_interface);
3985 }
3986
3987 if (iface->driver_param) {
3988 os_free(wpa_s->conf->driver_param);
3989 wpa_s->conf->driver_param =
3990 os_strdup(iface->driver_param);
3991 }
3992
3993 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3994 os_free(wpa_s->conf->ctrl_interface);
3995 wpa_s->conf->ctrl_interface = NULL;
3996 }
3997 } else
3998 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3999 iface->driver_param);
4000
4001 if (wpa_s->conf == NULL) {
4002 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4003 return -1;
4004 }
4005
4006 if (iface->ifname == NULL) {
4007 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4008 return -1;
4009 }
4010 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4011 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4012 iface->ifname);
4013 return -1;
4014 }
4015 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4016
4017 if (iface->bridge_ifname) {
4018 if (os_strlen(iface->bridge_ifname) >=
4019 sizeof(wpa_s->bridge_ifname)) {
4020 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4021 "name '%s'.", iface->bridge_ifname);
4022 return -1;
4023 }
4024 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4025 sizeof(wpa_s->bridge_ifname));
4026 }
4027
4028 /* RSNA Supplicant Key Management - INITIALIZE */
4029 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4030 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4031
4032 /* Initialize driver interface and register driver event handler before
4033 * L2 receive handler so that association events are processed before
4034 * EAPOL-Key packets if both become available for the same select()
4035 * call. */
4036 if (wpas_init_driver(wpa_s, iface) < 0)
4037 return -1;
4038
4039 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4040 return -1;
4041
4042 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4043 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4044 NULL);
4045 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4046
4047 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4048 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4049 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4050 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4051 "dot11RSNAConfigPMKLifetime");
4052 return -1;
4053 }
4054
4055 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4056 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4057 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4058 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4059 "dot11RSNAConfigPMKReauthThreshold");
4060 return -1;
4061 }
4062
4063 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4064 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4065 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4066 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4067 "dot11RSNAConfigSATimeout");
4068 return -1;
4069 }
4070
4071 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4072 &wpa_s->hw.num_modes,
4073 &wpa_s->hw.flags);
4074
4075 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4076 if (capa_res == 0) {
4077 wpa_s->drv_capa_known = 1;
4078 wpa_s->drv_flags = capa.flags;
4079 wpa_s->drv_enc = capa.enc;
4080 wpa_s->drv_smps_modes = capa.smps_modes;
4081 wpa_s->drv_rrm_flags = capa.rrm_flags;
4082 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4083 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4084 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4085 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4086 wpa_s->max_match_sets = capa.max_match_sets;
4087 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4088 wpa_s->max_stations = capa.max_stations;
4089 wpa_s->extended_capa = capa.extended_capa;
4090 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4091 wpa_s->extended_capa_len = capa.extended_capa_len;
4092 wpa_s->num_multichan_concurrent =
4093 capa.num_multichan_concurrent;
4094 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4095
4096 if (capa.mac_addr_rand_scan_supported)
4097 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4098 if (wpa_s->sched_scan_supported &&
4099 capa.mac_addr_rand_sched_scan_supported)
4100 wpa_s->mac_addr_rand_supported |=
4101 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4102 }
4103 if (wpa_s->max_remain_on_chan == 0)
4104 wpa_s->max_remain_on_chan = 1000;
4105
4106 /*
4107 * Only take p2p_mgmt parameters when P2P Device is supported.
4108 * Doing it here as it determines whether l2_packet_init() will be done
4109 * during wpa_supplicant_driver_init().
4110 */
4111 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4112 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4113 else
4114 iface->p2p_mgmt = 1;
4115
4116 if (wpa_s->num_multichan_concurrent == 0)
4117 wpa_s->num_multichan_concurrent = 1;
4118
4119 if (wpa_supplicant_driver_init(wpa_s) < 0)
4120 return -1;
4121
4122 #ifdef CONFIG_TDLS
4123 if ((!iface->p2p_mgmt ||
4124 !(wpa_s->drv_flags &
4125 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4126 wpa_tdls_init(wpa_s->wpa))
4127 return -1;
4128 #endif /* CONFIG_TDLS */
4129
4130 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4131 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4132 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4133 return -1;
4134 }
4135
4136 if (wpas_wps_init(wpa_s))
4137 return -1;
4138
4139 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4140 return -1;
4141 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4142
4143 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4144 if (wpa_s->ctrl_iface == NULL) {
4145 wpa_printf(MSG_ERROR,
4146 "Failed to initialize control interface '%s'.\n"
4147 "You may have another wpa_supplicant process "
4148 "already running or the file was\n"
4149 "left by an unclean termination of wpa_supplicant "
4150 "in which case you will need\n"
4151 "to manually remove this file before starting "
4152 "wpa_supplicant again.\n",
4153 wpa_s->conf->ctrl_interface);
4154 return -1;
4155 }
4156
4157 wpa_s->gas = gas_query_init(wpa_s);
4158 if (wpa_s->gas == NULL) {
4159 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4160 return -1;
4161 }
4162
4163 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4164 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4165 return -1;
4166 }
4167
4168 if (wpa_bss_init(wpa_s) < 0)
4169 return -1;
4170
4171 /*
4172 * Set Wake-on-WLAN triggers, if configured.
4173 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4174 * have effect anyway when the interface is down).
4175 */
4176 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4177 return -1;
4178
4179 #ifdef CONFIG_EAP_PROXY
4180 {
4181 size_t len;
4182 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4183 &len);
4184 if (wpa_s->mnc_len > 0) {
4185 wpa_s->imsi[len] = '\0';
4186 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4187 wpa_s->imsi, wpa_s->mnc_len);
4188 } else {
4189 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4190 }
4191 }
4192 #endif /* CONFIG_EAP_PROXY */
4193
4194 if (pcsc_reader_init(wpa_s) < 0)
4195 return -1;
4196
4197 if (wpas_init_ext_pw(wpa_s) < 0)
4198 return -1;
4199
4200 wpas_rrm_reset(wpa_s);
4201
4202 return 0;
4203 }
4204
4205
4206 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4207 int notify, int terminate)
4208 {
4209 struct wpa_global *global = wpa_s->global;
4210 struct wpa_supplicant *iface, *prev;
4211
4212 if (wpa_s == wpa_s->parent)
4213 wpas_p2p_group_remove(wpa_s, "*");
4214
4215 iface = global->ifaces;
4216 while (iface) {
4217 if (iface == wpa_s || iface->parent != wpa_s) {
4218 iface = iface->next;
4219 continue;
4220 }
4221 wpa_printf(MSG_DEBUG,
4222 "Remove remaining child interface %s from parent %s",
4223 iface->ifname, wpa_s->ifname);
4224 prev = iface;
4225 iface = iface->next;
4226 wpa_supplicant_remove_iface(global, prev, terminate);
4227 }
4228
4229 wpa_s->disconnected = 1;
4230 if (wpa_s->drv_priv) {
4231 wpa_supplicant_deauthenticate(wpa_s,
4232 WLAN_REASON_DEAUTH_LEAVING);
4233
4234 wpa_drv_set_countermeasures(wpa_s, 0);
4235 wpa_clear_keys(wpa_s, NULL);
4236 }
4237
4238 wpa_supplicant_cleanup(wpa_s);
4239 wpas_p2p_deinit_iface(wpa_s);
4240
4241 wpas_ctrl_radio_work_flush(wpa_s);
4242 radio_remove_interface(wpa_s);
4243
4244 if (wpa_s->drv_priv)
4245 wpa_drv_deinit(wpa_s);
4246
4247 if (notify)
4248 wpas_notify_iface_removed(wpa_s);
4249
4250 if (terminate)
4251 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4252
4253 if (wpa_s->ctrl_iface) {
4254 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4255 wpa_s->ctrl_iface = NULL;
4256 }
4257
4258 #ifdef CONFIG_MESH
4259 if (wpa_s->ifmsh) {
4260 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4261 wpa_s->ifmsh = NULL;
4262 }
4263 #endif /* CONFIG_MESH */
4264
4265 if (wpa_s->conf != NULL) {
4266 wpa_config_free(wpa_s->conf);
4267 wpa_s->conf = NULL;
4268 }
4269
4270 os_free(wpa_s);
4271 }
4272
4273
4274 /**
4275 * wpa_supplicant_add_iface - Add a new network interface
4276 * @global: Pointer to global data from wpa_supplicant_init()
4277 * @iface: Interface configuration options
4278 * Returns: Pointer to the created interface or %NULL on failure
4279 *
4280 * This function is used to add new network interfaces for %wpa_supplicant.
4281 * This can be called before wpa_supplicant_run() to add interfaces before the
4282 * main event loop has been started. In addition, new interfaces can be added
4283 * dynamically while %wpa_supplicant is already running. This could happen,
4284 * e.g., when a hotplug network adapter is inserted.
4285 */
4286 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
4287 struct wpa_interface *iface)
4288 {
4289 struct wpa_supplicant *wpa_s;
4290 struct wpa_interface t_iface;
4291 struct wpa_ssid *ssid;
4292
4293 if (global == NULL || iface == NULL)
4294 return NULL;
4295
4296 wpa_s = wpa_supplicant_alloc();
4297 if (wpa_s == NULL)
4298 return NULL;
4299
4300 wpa_s->global = global;
4301
4302 t_iface = *iface;
4303 if (global->params.override_driver) {
4304 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
4305 "('%s' -> '%s')",
4306 iface->driver, global->params.override_driver);
4307 t_iface.driver = global->params.override_driver;
4308 }
4309 if (global->params.override_ctrl_interface) {
4310 wpa_printf(MSG_DEBUG, "Override interface parameter: "
4311 "ctrl_interface ('%s' -> '%s')",
4312 iface->ctrl_interface,
4313 global->params.override_ctrl_interface);
4314 t_iface.ctrl_interface =
4315 global->params.override_ctrl_interface;
4316 }
4317 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
4318 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
4319 iface->ifname);
4320 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
4321 return NULL;
4322 }
4323
4324 if (iface->p2p_mgmt == 0) {
4325 /* Notify the control interfaces about new iface */
4326 if (wpas_notify_iface_added(wpa_s)) {
4327 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
4328 return NULL;
4329 }
4330
4331 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4332 wpas_notify_network_added(wpa_s, ssid);
4333 }
4334
4335 wpa_s->next = global->ifaces;
4336 global->ifaces = wpa_s;
4337
4338 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
4339 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4340
4341 #ifdef CONFIG_P2P
4342 if (wpa_s->global->p2p == NULL &&
4343 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
4344 wpas_p2p_add_p2pdev_interface(wpa_s, iface->conf_p2p_dev) < 0) {
4345 wpa_printf(MSG_INFO,
4346 "P2P: Failed to enable P2P Device interface");
4347 /* Try to continue without. P2P will be disabled. */
4348 }
4349 #endif /* CONFIG_P2P */
4350
4351 return wpa_s;
4352 }
4353
4354
4355 /**
4356 * wpa_supplicant_remove_iface - Remove a network interface
4357 * @global: Pointer to global data from wpa_supplicant_init()
4358 * @wpa_s: Pointer to the network interface to be removed
4359 * Returns: 0 if interface was removed, -1 if interface was not found
4360 *
4361 * This function can be used to dynamically remove network interfaces from
4362 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
4363 * addition, this function is used to remove all remaining interfaces when
4364 * %wpa_supplicant is terminated.
4365 */
4366 int wpa_supplicant_remove_iface(struct wpa_global *global,
4367 struct wpa_supplicant *wpa_s,
4368 int terminate)
4369 {
4370 struct wpa_supplicant *prev;
4371 #ifdef CONFIG_MESH
4372 unsigned int mesh_if_created = wpa_s->mesh_if_created;
4373 char *ifname = NULL;
4374 #endif /* CONFIG_MESH */
4375
4376 /* Remove interface from the global list of interfaces */
4377 prev = global->ifaces;
4378 if (prev == wpa_s) {
4379 global->ifaces = wpa_s->next;
4380 } else {
4381 while (prev && prev->next != wpa_s)
4382 prev = prev->next;
4383 if (prev == NULL)
4384 return -1;
4385 prev->next = wpa_s->next;
4386 }
4387
4388 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
4389
4390 #ifdef CONFIG_MESH
4391 if (mesh_if_created) {
4392 ifname = os_strdup(wpa_s->ifname);
4393 if (ifname == NULL) {
4394 wpa_dbg(wpa_s, MSG_ERROR,
4395 "mesh: Failed to malloc ifname");
4396 return -1;
4397 }
4398 }
4399 #endif /* CONFIG_MESH */
4400
4401 if (global->p2p_group_formation == wpa_s)
4402 global->p2p_group_formation = NULL;
4403 if (global->p2p_invite_group == wpa_s)
4404 global->p2p_invite_group = NULL;
4405 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
4406
4407 #ifdef CONFIG_MESH
4408 if (mesh_if_created) {
4409 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
4410 os_free(ifname);
4411 }
4412 #endif /* CONFIG_MESH */
4413
4414 return 0;
4415 }
4416
4417
4418 /**
4419 * wpa_supplicant_get_eap_mode - Get the current EAP mode
4420 * @wpa_s: Pointer to the network interface
4421 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
4422 */
4423 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
4424 {
4425 const char *eapol_method;
4426
4427 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
4428 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4429 return "NO-EAP";
4430 }
4431
4432 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
4433 if (eapol_method == NULL)
4434 return "UNKNOWN-EAP";
4435
4436 return eapol_method;
4437 }
4438
4439
4440 /**
4441 * wpa_supplicant_get_iface - Get a new network interface
4442 * @global: Pointer to global data from wpa_supplicant_init()
4443 * @ifname: Interface name
4444 * Returns: Pointer to the interface or %NULL if not found
4445 */
4446 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
4447 const char *ifname)
4448 {
4449 struct wpa_supplicant *wpa_s;
4450
4451 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4452 if (os_strcmp(wpa_s->ifname, ifname) == 0)
4453 return wpa_s;
4454 }
4455 return NULL;
4456 }
4457
4458
4459 #ifndef CONFIG_NO_WPA_MSG
4460 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
4461 {
4462 struct wpa_supplicant *wpa_s = ctx;
4463 if (wpa_s == NULL)
4464 return NULL;
4465 return wpa_s->ifname;
4466 }
4467 #endif /* CONFIG_NO_WPA_MSG */
4468
4469
4470 /**
4471 * wpa_supplicant_init - Initialize %wpa_supplicant
4472 * @params: Parameters for %wpa_supplicant
4473 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
4474 *
4475 * This function is used to initialize %wpa_supplicant. After successful
4476 * initialization, the returned data pointer can be used to add and remove
4477 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
4478 */
4479 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
4480 {
4481 struct wpa_global *global;
4482 int ret, i;
4483
4484 if (params == NULL)
4485 return NULL;
4486
4487 #ifdef CONFIG_DRIVER_NDIS
4488 {
4489 void driver_ndis_init_ops(void);
4490 driver_ndis_init_ops();
4491 }
4492 #endif /* CONFIG_DRIVER_NDIS */
4493
4494 #ifndef CONFIG_NO_WPA_MSG
4495 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4496 #endif /* CONFIG_NO_WPA_MSG */
4497
4498 if (params->wpa_debug_file_path)
4499 wpa_debug_open_file(params->wpa_debug_file_path);
4500 else
4501 wpa_debug_setup_stdout();
4502 if (params->wpa_debug_syslog)
4503 wpa_debug_open_syslog();
4504 if (params->wpa_debug_tracing) {
4505 ret = wpa_debug_open_linux_tracing();
4506 if (ret) {
4507 wpa_printf(MSG_ERROR,
4508 "Failed to enable trace logging");
4509 return NULL;
4510 }
4511 }
4512
4513 ret = eap_register_methods();
4514 if (ret) {
4515 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4516 if (ret == -2)
4517 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4518 "the same EAP type.");
4519 return NULL;
4520 }
4521
4522 global = os_zalloc(sizeof(*global));
4523 if (global == NULL)
4524 return NULL;
4525 dl_list_init(&global->p2p_srv_bonjour);
4526 dl_list_init(&global->p2p_srv_upnp);
4527 global->params.daemonize = params->daemonize;
4528 global->params.wait_for_monitor = params->wait_for_monitor;
4529 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4530 if (params->pid_file)
4531 global->params.pid_file = os_strdup(params->pid_file);
4532 if (params->ctrl_interface)
4533 global->params.ctrl_interface =
4534 os_strdup(params->ctrl_interface);
4535 if (params->ctrl_interface_group)
4536 global->params.ctrl_interface_group =
4537 os_strdup(params->ctrl_interface_group);
4538 if (params->override_driver)
4539 global->params.override_driver =
4540 os_strdup(params->override_driver);
4541 if (params->override_ctrl_interface)
4542 global->params.override_ctrl_interface =
4543 os_strdup(params->override_ctrl_interface);
4544 wpa_debug_level = global->params.wpa_debug_level =
4545 params->wpa_debug_level;
4546 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4547 params->wpa_debug_show_keys;
4548 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4549 params->wpa_debug_timestamp;
4550
4551 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4552
4553 if (eloop_init()) {
4554 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4555 wpa_supplicant_deinit(global);
4556 return NULL;
4557 }
4558
4559 random_init(params->entropy_file);
4560
4561 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4562 if (global->ctrl_iface == NULL) {
4563 wpa_supplicant_deinit(global);
4564 return NULL;
4565 }
4566
4567 if (wpas_notify_supplicant_initialized(global)) {
4568 wpa_supplicant_deinit(global);
4569 return NULL;
4570 }
4571
4572 for (i = 0; wpa_drivers[i]; i++)
4573 global->drv_count++;
4574 if (global->drv_count == 0) {
4575 wpa_printf(MSG_ERROR, "No drivers enabled");
4576 wpa_supplicant_deinit(global);
4577 return NULL;
4578 }
4579 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
4580 if (global->drv_priv == NULL) {
4581 wpa_supplicant_deinit(global);
4582 return NULL;
4583 }
4584
4585 #ifdef CONFIG_WIFI_DISPLAY
4586 if (wifi_display_init(global) < 0) {
4587 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4588 wpa_supplicant_deinit(global);
4589 return NULL;
4590 }
4591 #endif /* CONFIG_WIFI_DISPLAY */
4592
4593 return global;
4594 }
4595
4596
4597 /**
4598 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4599 * @global: Pointer to global data from wpa_supplicant_init()
4600 * Returns: 0 after successful event loop run, -1 on failure
4601 *
4602 * This function starts the main event loop and continues running as long as
4603 * there are any remaining events. In most cases, this function is running as
4604 * long as the %wpa_supplicant process in still in use.
4605 */
4606 int wpa_supplicant_run(struct wpa_global *global)
4607 {
4608 struct wpa_supplicant *wpa_s;
4609
4610 if (global->params.daemonize &&
4611 wpa_supplicant_daemon(global->params.pid_file))
4612 return -1;
4613
4614 if (global->params.wait_for_monitor) {
4615 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4616 if (wpa_s->ctrl_iface)
4617 wpa_supplicant_ctrl_iface_wait(
4618 wpa_s->ctrl_iface);
4619 }
4620
4621 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4622 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4623
4624 eloop_run();
4625
4626 return 0;
4627 }
4628
4629
4630 /**
4631 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4632 * @global: Pointer to global data from wpa_supplicant_init()
4633 *
4634 * This function is called to deinitialize %wpa_supplicant and to free all
4635 * allocated resources. Remaining network interfaces will also be removed.
4636 */
4637 void wpa_supplicant_deinit(struct wpa_global *global)
4638 {
4639 int i;
4640
4641 if (global == NULL)
4642 return;
4643
4644 #ifdef CONFIG_WIFI_DISPLAY
4645 wifi_display_deinit(global);
4646 #endif /* CONFIG_WIFI_DISPLAY */
4647
4648 while (global->ifaces)
4649 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4650
4651 if (global->ctrl_iface)
4652 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4653
4654 wpas_notify_supplicant_deinitialized(global);
4655
4656 eap_peer_unregister_methods();
4657 #ifdef CONFIG_AP
4658 eap_server_unregister_methods();
4659 #endif /* CONFIG_AP */
4660
4661 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4662 if (!global->drv_priv[i])
4663 continue;
4664 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4665 }
4666 os_free(global->drv_priv);
4667
4668 random_deinit();
4669
4670 eloop_destroy();
4671
4672 if (global->params.pid_file) {
4673 os_daemonize_terminate(global->params.pid_file);
4674 os_free(global->params.pid_file);
4675 }
4676 os_free(global->params.ctrl_interface);
4677 os_free(global->params.ctrl_interface_group);
4678 os_free(global->params.override_driver);
4679 os_free(global->params.override_ctrl_interface);
4680
4681 os_free(global->p2p_disallow_freq.range);
4682 os_free(global->p2p_go_avoid_freq.range);
4683 os_free(global->add_psk);
4684
4685 os_free(global);
4686 wpa_debug_close_syslog();
4687 wpa_debug_close_file();
4688 wpa_debug_close_linux_tracing();
4689 }
4690
4691
4692 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4693 {
4694 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4695 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4696 char country[3];
4697 country[0] = wpa_s->conf->country[0];
4698 country[1] = wpa_s->conf->country[1];
4699 country[2] = '\0';
4700 if (wpa_drv_set_country(wpa_s, country) < 0) {
4701 wpa_printf(MSG_ERROR, "Failed to set country code "
4702 "'%s'", country);
4703 }
4704 }
4705
4706 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4707 wpas_init_ext_pw(wpa_s);
4708
4709 #ifdef CONFIG_WPS
4710 wpas_wps_update_config(wpa_s);
4711 #endif /* CONFIG_WPS */
4712 wpas_p2p_update_config(wpa_s);
4713 wpa_s->conf->changed_parameters = 0;
4714 }
4715
4716
4717 void add_freq(int *freqs, int *num_freqs, int freq)
4718 {
4719 int i;
4720
4721 for (i = 0; i < *num_freqs; i++) {
4722 if (freqs[i] == freq)
4723 return;
4724 }
4725
4726 freqs[*num_freqs] = freq;
4727 (*num_freqs)++;
4728 }
4729
4730
4731 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4732 {
4733 struct wpa_bss *bss, *cbss;
4734 const int max_freqs = 10;
4735 int *freqs;
4736 int num_freqs = 0;
4737
4738 freqs = os_calloc(max_freqs + 1, sizeof(int));
4739 if (freqs == NULL)
4740 return NULL;
4741
4742 cbss = wpa_s->current_bss;
4743
4744 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4745 if (bss == cbss)
4746 continue;
4747 if (bss->ssid_len == cbss->ssid_len &&
4748 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4749 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4750 add_freq(freqs, &num_freqs, bss->freq);
4751 if (num_freqs == max_freqs)
4752 break;
4753 }
4754 }
4755
4756 if (num_freqs == 0) {
4757 os_free(freqs);
4758 freqs = NULL;
4759 }
4760
4761 return freqs;
4762 }
4763
4764
4765 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4766 {
4767 int timeout;
4768 int count;
4769 int *freqs = NULL;
4770
4771 wpas_connect_work_done(wpa_s);
4772
4773 /*
4774 * Remove possible authentication timeout since the connection failed.
4775 */
4776 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4777
4778 if (wpa_s->disconnected) {
4779 /*
4780 * There is no point in blacklisting the AP if this event is
4781 * generated based on local request to disconnect.
4782 */
4783 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4784 "indication since interface has been put into "
4785 "disconnected state");
4786 return;
4787 }
4788
4789 /*
4790 * Add the failed BSSID into the blacklist and speed up next scan
4791 * attempt if there could be other APs that could accept association.
4792 * The current blacklist count indicates how many times we have tried
4793 * connecting to this AP and multiple attempts mean that other APs are
4794 * either not available or has already been tried, so that we can start
4795 * increasing the delay here to avoid constant scanning.
4796 */
4797 count = wpa_blacklist_add(wpa_s, bssid);
4798 if (count == 1 && wpa_s->current_bss) {
4799 /*
4800 * This BSS was not in the blacklist before. If there is
4801 * another BSS available for the same ESS, we should try that
4802 * next. Otherwise, we may as well try this one once more
4803 * before allowing other, likely worse, ESSes to be considered.
4804 */
4805 freqs = get_bss_freqs_in_ess(wpa_s);
4806 if (freqs) {
4807 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4808 "has been seen; try it next");
4809 wpa_blacklist_add(wpa_s, bssid);
4810 /*
4811 * On the next scan, go through only the known channels
4812 * used in this ESS based on previous scans to speed up
4813 * common load balancing use case.
4814 */
4815 os_free(wpa_s->next_scan_freqs);
4816 wpa_s->next_scan_freqs = freqs;
4817 }
4818 }
4819
4820 /*
4821 * Add previous failure count in case the temporary blacklist was
4822 * cleared due to no other BSSes being available.
4823 */
4824 count += wpa_s->extra_blacklist_count;
4825
4826 if (count > 3 && wpa_s->current_ssid) {
4827 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4828 "consider temporary network disabling");
4829 wpas_auth_failed(wpa_s, "CONN_FAILED");
4830 }
4831
4832 switch (count) {
4833 case 1:
4834 timeout = 100;
4835 break;
4836 case 2:
4837 timeout = 500;
4838 break;
4839 case 3:
4840 timeout = 1000;
4841 break;
4842 case 4:
4843 timeout = 5000;
4844 break;
4845 default:
4846 timeout = 10000;
4847 break;
4848 }
4849
4850 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4851 "ms", count, timeout);
4852
4853 /*
4854 * TODO: if more than one possible AP is available in scan results,
4855 * could try the other ones before requesting a new scan.
4856 */
4857 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4858 1000 * (timeout % 1000));
4859 }
4860
4861
4862 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4863 {
4864 return wpa_s->conf->ap_scan == 2 ||
4865 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4866 }
4867
4868
4869 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4870 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4871 struct wpa_ssid *ssid,
4872 const char *field,
4873 const char *value)
4874 {
4875 #ifdef IEEE8021X_EAPOL
4876 struct eap_peer_config *eap = &ssid->eap;
4877
4878 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4879 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4880 (const u8 *) value, os_strlen(value));
4881
4882 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4883 case WPA_CTRL_REQ_EAP_IDENTITY:
4884 os_free(eap->identity);
4885 eap->identity = (u8 *) os_strdup(value);
4886 eap->identity_len = os_strlen(value);
4887 eap->pending_req_identity = 0;
4888 if (ssid == wpa_s->current_ssid)
4889 wpa_s->reassociate = 1;
4890 break;
4891 case WPA_CTRL_REQ_EAP_PASSWORD:
4892 bin_clear_free(eap->password, eap->password_len);
4893 eap->password = (u8 *) os_strdup(value);
4894 eap->password_len = os_strlen(value);
4895 eap->pending_req_password = 0;
4896 if (ssid == wpa_s->current_ssid)
4897 wpa_s->reassociate = 1;
4898 break;
4899 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4900 bin_clear_free(eap->new_password, eap->new_password_len);
4901 eap->new_password = (u8 *) os_strdup(value);
4902 eap->new_password_len = os_strlen(value);
4903 eap->pending_req_new_password = 0;
4904 if (ssid == wpa_s->current_ssid)
4905 wpa_s->reassociate = 1;
4906 break;
4907 case WPA_CTRL_REQ_EAP_PIN:
4908 str_clear_free(eap->pin);
4909 eap->pin = os_strdup(value);
4910 eap->pending_req_pin = 0;
4911 if (ssid == wpa_s->current_ssid)
4912 wpa_s->reassociate = 1;
4913 break;
4914 case WPA_CTRL_REQ_EAP_OTP:
4915 bin_clear_free(eap->otp, eap->otp_len);
4916 eap->otp = (u8 *) os_strdup(value);
4917 eap->otp_len = os_strlen(value);
4918 os_free(eap->pending_req_otp);
4919 eap->pending_req_otp = NULL;
4920 eap->pending_req_otp_len = 0;
4921 break;
4922 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4923 str_clear_free(eap->private_key_passwd);
4924 eap->private_key_passwd = os_strdup(value);
4925 eap->pending_req_passphrase = 0;
4926 if (ssid == wpa_s->current_ssid)
4927 wpa_s->reassociate = 1;
4928 break;
4929 case WPA_CTRL_REQ_SIM:
4930 str_clear_free(eap->external_sim_resp);
4931 eap->external_sim_resp = os_strdup(value);
4932 break;
4933 default:
4934 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4935 return -1;
4936 }
4937
4938 return 0;
4939 #else /* IEEE8021X_EAPOL */
4940 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4941 return -1;
4942 #endif /* IEEE8021X_EAPOL */
4943 }
4944 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4945
4946
4947 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4948 {
4949 int i;
4950 unsigned int drv_enc;
4951
4952 if (ssid == NULL)
4953 return 1;
4954
4955 if (ssid->disabled)
4956 return 1;
4957
4958 if (wpa_s && wpa_s->drv_capa_known)
4959 drv_enc = wpa_s->drv_enc;
4960 else
4961 drv_enc = (unsigned int) -1;
4962
4963 for (i = 0; i < NUM_WEP_KEYS; i++) {
4964 size_t len = ssid->wep_key_len[i];
4965 if (len == 0)
4966 continue;
4967 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4968 continue;
4969 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4970 continue;
4971 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4972 continue;
4973 return 1; /* invalid WEP key */
4974 }
4975
4976 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4977 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4978 return 1;
4979
4980 return 0;
4981 }
4982
4983
4984 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4985 {
4986 #ifdef CONFIG_IEEE80211W
4987 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
4988 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
4989 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
4990 /*
4991 * Driver does not support BIP -- ignore pmf=1 default
4992 * since the connection with PMF would fail and the
4993 * configuration does not require PMF to be enabled.
4994 */
4995 return NO_MGMT_FRAME_PROTECTION;
4996 }
4997
4998 return wpa_s->conf->pmf;
4999 }
5000
5001 return ssid->ieee80211w;
5002 #else /* CONFIG_IEEE80211W */
5003 return NO_MGMT_FRAME_PROTECTION;
5004 #endif /* CONFIG_IEEE80211W */
5005 }
5006
5007
5008 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5009 {
5010 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5011 return 1;
5012 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5013 return 0;
5014 return -1;
5015 }
5016
5017
5018 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5019 {
5020 struct wpa_ssid *ssid = wpa_s->current_ssid;
5021 int dur;
5022 struct os_reltime now;
5023
5024 if (ssid == NULL) {
5025 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5026 "SSID block");
5027 return;
5028 }
5029
5030 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5031 return;
5032
5033 ssid->auth_failures++;
5034
5035 #ifdef CONFIG_P2P
5036 if (ssid->p2p_group &&
5037 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5038 /*
5039 * Skip the wait time since there is a short timeout on the
5040 * connection to a P2P group.
5041 */
5042 return;
5043 }
5044 #endif /* CONFIG_P2P */
5045
5046 if (ssid->auth_failures > 50)
5047 dur = 300;
5048 else if (ssid->auth_failures > 10)
5049 dur = 120;
5050 else if (ssid->auth_failures > 5)
5051 dur = 90;
5052 else if (ssid->auth_failures > 3)
5053 dur = 60;
5054 else if (ssid->auth_failures > 2)
5055 dur = 30;
5056 else if (ssid->auth_failures > 1)
5057 dur = 20;
5058 else
5059 dur = 10;
5060
5061 if (ssid->auth_failures > 1 &&
5062 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5063 dur += os_random() % (ssid->auth_failures * 10);
5064
5065 os_get_reltime(&now);
5066 if (now.sec + dur <= ssid->disabled_until.sec)
5067 return;
5068
5069 ssid->disabled_until.sec = now.sec + dur;
5070
5071 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5072 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5073 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5074 ssid->auth_failures, dur, reason);
5075 }
5076
5077
5078 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5079 struct wpa_ssid *ssid, int clear_failures)
5080 {
5081 if (ssid == NULL)
5082 return;
5083
5084 if (ssid->disabled_until.sec) {
5085 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5086 "id=%d ssid=\"%s\"",
5087 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5088 }
5089 ssid->disabled_until.sec = 0;
5090 ssid->disabled_until.usec = 0;
5091 if (clear_failures)
5092 ssid->auth_failures = 0;
5093 }
5094
5095
5096 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5097 {
5098 size_t i;
5099
5100 if (wpa_s->disallow_aps_bssid == NULL)
5101 return 0;
5102
5103 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5104 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5105 bssid, ETH_ALEN) == 0)
5106 return 1;
5107 }
5108
5109 return 0;
5110 }
5111
5112
5113 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5114 size_t ssid_len)
5115 {
5116 size_t i;
5117
5118 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5119 return 0;
5120
5121 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5122 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5123 if (ssid_len == s->ssid_len &&
5124 os_memcmp(ssid, s->ssid, ssid_len) == 0)
5125 return 1;
5126 }
5127
5128 return 0;
5129 }
5130
5131
5132 /**
5133 * wpas_request_connection - Request a new connection
5134 * @wpa_s: Pointer to the network interface
5135 *
5136 * This function is used to request a new connection to be found. It will mark
5137 * the interface to allow reassociation and request a new scan to find a
5138 * suitable network to connect to.
5139 */
5140 void wpas_request_connection(struct wpa_supplicant *wpa_s)
5141 {
5142 wpa_s->normal_scans = 0;
5143 wpa_s->scan_req = NORMAL_SCAN_REQ;
5144 wpa_supplicant_reinit_autoscan(wpa_s);
5145 wpa_s->extra_blacklist_count = 0;
5146 wpa_s->disconnected = 0;
5147 wpa_s->reassociate = 1;
5148
5149 if (wpa_supplicant_fast_associate(wpa_s) != 1)
5150 wpa_supplicant_req_scan(wpa_s, 0, 0);
5151 else
5152 wpa_s->reattach = 0;
5153 }
5154
5155
5156 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
5157 struct wpa_used_freq_data *freqs_data,
5158 unsigned int len)
5159 {
5160 unsigned int i;
5161
5162 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
5163 len, title);
5164 for (i = 0; i < len; i++) {
5165 struct wpa_used_freq_data *cur = &freqs_data[i];
5166 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
5167 i, cur->freq, cur->flags);
5168 }
5169 }
5170
5171
5172 /*
5173 * Find the operating frequencies of any of the virtual interfaces that
5174 * are using the same radio as the current interface, and in addition, get
5175 * information about the interface types that are using the frequency.
5176 */
5177 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
5178 struct wpa_used_freq_data *freqs_data,
5179 unsigned int len)
5180 {
5181 struct wpa_supplicant *ifs;
5182 u8 bssid[ETH_ALEN];
5183 int freq;
5184 unsigned int idx = 0, i;
5185
5186 wpa_dbg(wpa_s, MSG_DEBUG,
5187 "Determining shared radio frequencies (max len %u)", len);
5188 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
5189
5190 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
5191 radio_list) {
5192 if (idx == len)
5193 break;
5194
5195 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
5196 continue;
5197
5198 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
5199 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
5200 freq = ifs->current_ssid->frequency;
5201 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
5202 freq = ifs->assoc_freq;
5203 else
5204 continue;
5205
5206 /* Hold only distinct freqs */
5207 for (i = 0; i < idx; i++)
5208 if (freqs_data[i].freq == freq)
5209 break;
5210
5211 if (i == idx)
5212 freqs_data[idx++].freq = freq;
5213
5214 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
5215 freqs_data[i].flags = ifs->current_ssid->p2p_group ?
5216 WPA_FREQ_USED_BY_P2P_CLIENT :
5217 WPA_FREQ_USED_BY_INFRA_STATION;
5218 }
5219 }
5220
5221 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
5222 return idx;
5223 }
5224
5225
5226 /*
5227 * Find the operating frequencies of any of the virtual interfaces that
5228 * are using the same radio as the current interface.
5229 */
5230 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
5231 int *freq_array, unsigned int len)
5232 {
5233 struct wpa_used_freq_data *freqs_data;
5234 int num, i;
5235
5236 os_memset(freq_array, 0, sizeof(int) * len);
5237
5238 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
5239 if (!freqs_data)
5240 return -1;
5241
5242 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
5243 for (i = 0; i < num; i++)
5244 freq_array[i] = freqs_data[i].freq;
5245
5246 os_free(freqs_data);
5247
5248 return num;
5249 }
5250
5251
5252 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
5253 {
5254 struct rrm_data *rrm = data;
5255
5256 if (!rrm->notify_neighbor_rep) {
5257 wpa_printf(MSG_ERROR,
5258 "RRM: Unexpected neighbor report timeout");
5259 return;
5260 }
5261
5262 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
5263 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
5264
5265 rrm->notify_neighbor_rep = NULL;
5266 rrm->neighbor_rep_cb_ctx = NULL;
5267 }
5268
5269
5270 /*
5271 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
5272 * @wpa_s: Pointer to wpa_supplicant
5273 */
5274 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
5275 {
5276 wpa_s->rrm.rrm_used = 0;
5277
5278 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5279 NULL);
5280 if (wpa_s->rrm.notify_neighbor_rep)
5281 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
5282 wpa_s->rrm.next_neighbor_rep_token = 1;
5283 }
5284
5285
5286 /*
5287 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
5288 * @wpa_s: Pointer to wpa_supplicant
5289 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
5290 * @report_len: Length of neighbor report buffer
5291 */
5292 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
5293 const u8 *report, size_t report_len)
5294 {
5295 struct wpabuf *neighbor_rep;
5296
5297 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
5298 if (report_len < 1)
5299 return;
5300
5301 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
5302 wpa_printf(MSG_DEBUG,
5303 "RRM: Discarding neighbor report with token %d (expected %d)",
5304 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
5305 return;
5306 }
5307
5308 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5309 NULL);
5310
5311 if (!wpa_s->rrm.notify_neighbor_rep) {
5312 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
5313 return;
5314 }
5315
5316 /* skipping the first byte, which is only an id (dialog token) */
5317 neighbor_rep = wpabuf_alloc(report_len - 1);
5318 if (neighbor_rep == NULL)
5319 return;
5320 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
5321 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
5322 report[0]);
5323 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
5324 neighbor_rep);
5325 wpa_s->rrm.notify_neighbor_rep = NULL;
5326 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
5327 }
5328
5329
5330 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
5331 /* Workaround different, undefined for Windows, error codes used here */
5332 #define ENOTCONN -1
5333 #define EOPNOTSUPP -1
5334 #define ECANCELED -1
5335 #endif
5336
5337 /**
5338 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
5339 * @wpa_s: Pointer to wpa_supplicant
5340 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
5341 * is sent in the request.
5342 * @cb: Callback function to be called once the requested report arrives, or
5343 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
5344 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
5345 * the requester's responsibility to free it.
5346 * In the latter case NULL will be sent in 'neighbor_rep'.
5347 * @cb_ctx: Context value to send the callback function
5348 * Returns: 0 in case of success, negative error code otherwise
5349 *
5350 * In case there is a previous request which has not been answered yet, the
5351 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
5352 * Request must contain a callback function.
5353 */
5354 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
5355 const struct wpa_ssid *ssid,
5356 void (*cb)(void *ctx,
5357 struct wpabuf *neighbor_rep),
5358 void *cb_ctx)
5359 {
5360 struct wpabuf *buf;
5361 const u8 *rrm_ie;
5362
5363 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
5364 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
5365 return -ENOTCONN;
5366 }
5367
5368 if (!wpa_s->rrm.rrm_used) {
5369 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
5370 return -EOPNOTSUPP;
5371 }
5372
5373 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
5374 WLAN_EID_RRM_ENABLED_CAPABILITIES);
5375 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
5376 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
5377 wpa_printf(MSG_DEBUG,
5378 "RRM: No network support for Neighbor Report.");
5379 return -EOPNOTSUPP;
5380 }
5381
5382 if (!cb) {
5383 wpa_printf(MSG_DEBUG,
5384 "RRM: Neighbor Report request must provide a callback.");
5385 return -EINVAL;
5386 }
5387
5388 /* Refuse if there's a live request */
5389 if (wpa_s->rrm.notify_neighbor_rep) {
5390 wpa_printf(MSG_DEBUG,
5391 "RRM: Currently handling previous Neighbor Report.");
5392 return -EBUSY;
5393 }
5394
5395 /* 3 = action category + action code + dialog token */
5396 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
5397 if (buf == NULL) {
5398 wpa_printf(MSG_DEBUG,
5399 "RRM: Failed to allocate Neighbor Report Request");
5400 return -ENOMEM;
5401 }
5402
5403 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
5404 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
5405 wpa_s->rrm.next_neighbor_rep_token);
5406
5407 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5408 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
5409 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
5410 if (ssid) {
5411 wpabuf_put_u8(buf, WLAN_EID_SSID);
5412 wpabuf_put_u8(buf, ssid->ssid_len);
5413 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
5414 }
5415
5416 wpa_s->rrm.next_neighbor_rep_token++;
5417
5418 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5419 wpa_s->own_addr, wpa_s->bssid,
5420 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
5421 wpa_printf(MSG_DEBUG,
5422 "RRM: Failed to send Neighbor Report Request");
5423 wpabuf_free(buf);
5424 return -ECANCELED;
5425 }
5426
5427 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
5428 wpa_s->rrm.notify_neighbor_rep = cb;
5429 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
5430 wpas_rrm_neighbor_rep_timeout_handler,
5431 &wpa_s->rrm, NULL);
5432
5433 wpabuf_free(buf);
5434 return 0;
5435 }
5436
5437
5438 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
5439 const u8 *src,
5440 const u8 *frame, size_t len,
5441 int rssi)
5442 {
5443 struct wpabuf *buf;
5444 const struct rrm_link_measurement_request *req;
5445 struct rrm_link_measurement_report report;
5446
5447 if (wpa_s->wpa_state != WPA_COMPLETED) {
5448 wpa_printf(MSG_INFO,
5449 "RRM: Ignoring link measurement request. Not associated");
5450 return;
5451 }
5452
5453 if (!wpa_s->rrm.rrm_used) {
5454 wpa_printf(MSG_INFO,
5455 "RRM: Ignoring link measurement request. Not RRM network");
5456 return;
5457 }
5458
5459 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
5460 wpa_printf(MSG_INFO,
5461 "RRM: Measurement report failed. TX power insertion not supported");
5462 return;
5463 }
5464
5465 req = (const struct rrm_link_measurement_request *) frame;
5466 if (len < sizeof(*req)) {
5467 wpa_printf(MSG_INFO,
5468 "RRM: Link measurement report failed. Request too short");
5469 return;
5470 }
5471
5472 os_memset(&report, 0, sizeof(report));
5473 report.tpc.eid = WLAN_EID_TPC_REPORT;
5474 report.tpc.len = 2;
5475 report.rsni = 255; /* 255 indicates that RSNI is not available */
5476 report.dialog_token = req->dialog_token;
5477
5478 /*
5479 * It's possible to estimate RCPI based on RSSI in dBm. This
5480 * calculation will not reflect the correct value for high rates,
5481 * but it's good enough for Action frames which are transmitted
5482 * with up to 24 Mbps rates.
5483 */
5484 if (!rssi)
5485 report.rcpi = 255; /* not available */
5486 else if (rssi < -110)
5487 report.rcpi = 0;
5488 else if (rssi > 0)
5489 report.rcpi = 220;
5490 else
5491 report.rcpi = (rssi + 110) * 2;
5492
5493 /* action_category + action_code */
5494 buf = wpabuf_alloc(2 + sizeof(report));
5495 if (buf == NULL) {
5496 wpa_printf(MSG_ERROR,
5497 "RRM: Link measurement report failed. Buffer allocation failed");
5498 return;
5499 }
5500
5501 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5502 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
5503 wpabuf_put_data(buf, &report, sizeof(report));
5504 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
5505 wpabuf_head(buf), wpabuf_len(buf));
5506
5507 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
5508 wpa_s->own_addr, wpa_s->bssid,
5509 wpabuf_head(buf), wpabuf_len(buf), 0)) {
5510 wpa_printf(MSG_ERROR,
5511 "RRM: Link measurement report failed. Send action failed");
5512 }
5513 wpabuf_free(buf);
5514 }
Unnamed repository; edit this file 'description' to name the repository.