]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
EAP: Increase the maximum number of message exchanges
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
cc58a357 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
cfde99a8 39#include "common/ieee802_11_common.h"
90973fb2 40#include "common/ieee802_11_defs.h"
6b8b0774 41#include "common/hw_features_common.h"
461d39af 42#include "common/gas_server.h"
10ec6a5f 43#include "common/dpp.h"
72044390 44#include "p2p/p2p.h"
b36a3a65 45#include "fst/fst.h"
6fc6879b
JM		 46#include "blacklist.h"
47#include "wpas_glue.h"
116654ce 48#include "wps_supplicant.h"
11ef8d35 49#include "ibss_rsn.h"
c2a04078 50#include "sme.h"
04ea7b79 51#include "gas_query.h"
1f1b62a0 52#include "ap.h"
b22128ef 53#include "p2p_supplicant.h"
9675ce35 54#include "wifi_display.h"
8bac466b 55#include "notify.h"
60b94c98 56#include "bgscan.h"
7c865c68 57#include "autoscan.h"
83922c2d 58#include "bss.h"
9ba9fa07 59#include "scan.h"
24f6497c 60#include "offchannel.h"
cb418324 61#include "hs20_supplicant.h"
e27d20bb 62#include "wnm_sta.h"
dd10abcc 63#include "wpas_kay.h"
603a3f34 64#include "mesh.h"
be27e185 65#include "dpp_supplicant.h"
a39b040b
SB		 66#ifdef CONFIG_MESH
67#include "ap/ap_config.h"
68#include "ap/hostapd.h"
69#endif /* CONFIG_MESH */
6fc6879b 70
8b423edb 71const char *const wpa_supplicant_version =
6fc6879b 72"wpa_supplicant v" VERSION_STR "\n"
cc58a357 73"Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 74
8b423edb 75const char *const wpa_supplicant_license =
331f89ff
JM		 76"This software may be distributed under the terms of the BSD license.\n"
77"See README for more details.\n"
6fc6879b
JM		 78#ifdef EAP_TLS_OPENSSL
79"\nThis product includes software developed by the OpenSSL Project\n"
80"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81#endif /* EAP_TLS_OPENSSL */
82;
83
84#ifndef CONFIG_NO_STDOUT_DEBUG
85/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 86const char *const wpa_supplicant_full_license1 =
331f89ff 87"";
8b423edb 88const char *const wpa_supplicant_full_license2 =
331f89ff 89"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 90"\n"
91"Redistribution and use in source and binary forms, with or without\n"
92"modification, are permitted provided that the following conditions are\n"
93"met:\n"
94"\n";
8b423edb 95const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 96"1. Redistributions of source code must retain the above copyright\n"
97" notice, this list of conditions and the following disclaimer.\n"
98"\n"
99"2. Redistributions in binary form must reproduce the above copyright\n"
100" notice, this list of conditions and the following disclaimer in the\n"
101" documentation and/or other materials provided with the distribution.\n"
102"\n";
8b423edb 103const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 104"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105" names of its contributors may be used to endorse or promote products\n"
106" derived from this software without specific prior written permission.\n"
107"\n"
108"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 112const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 113"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120"\n";
121#endif /* CONFIG_NO_STDOUT_DEBUG */
122
b04854ce
AP		 123
124static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 125#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 128#ifdef CONFIG_OWE
129static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130#endif /* CONFIG_OWE */
b04854ce
AP		 131
132
6fc6879b 133/* Configure default/group WEP keys for static WEP */
0194fedb 134int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 135{
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
0382097e 143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 144 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 145 ssid->wep_key[i], ssid->wep_key_len[i]);
146 }
147
148 return set;
149}
150
151
6ea1f413
JM		 152int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
153 struct wpa_ssid *ssid)
6fc6879b
JM		 154{
155 u8 key[32];
156 size_t keylen;
71934751 157 enum wpa_alg alg;
6fc6879b 158 u8 seq[6] = { 0 };
658da804 159 int ret;
6fc6879b
JM		 160
161 /* IBSS/WPA-None uses only one key (Group) for both receiving and
162 * sending unicast and multicast packets. */
163
d7dcba70 164 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 165 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
166 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 167 return -1;
168 }
169
170 if (!ssid->psk_set) {
f049052b
BG		 171 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
172 "WPA-None");
6fc6879b
JM		 173 return -1;
174 }
175
176 switch (wpa_s->group_cipher) {
177 case WPA_CIPHER_CCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_CCMP;
181 break;
eb7719ff
JM		 182 case WPA_CIPHER_GCMP:
183 os_memcpy(key, ssid->psk, 16);
184 keylen = 16;
185 alg = WPA_ALG_GCMP;
186 break;
6fc6879b
JM		 187 case WPA_CIPHER_TKIP:
188 /* WPA-None uses the same Michael MIC key for both TX and RX */
189 os_memcpy(key, ssid->psk, 16 + 8);
190 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
191 keylen = 32;
192 alg = WPA_ALG_TKIP;
193 break;
194 default:
f049052b
BG		 195 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
196 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 197 return -1;
198 }
199
200 /* TODO: should actually remember the previously used seq#, both for TX
201 * and RX from each STA.. */
202
658da804
JM		 203 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
204 os_memset(key, 0, sizeof(key));
205 return ret;
6fc6879b
JM		 206}
207
208
209static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
210{
211 struct wpa_supplicant *wpa_s = eloop_ctx;
212 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 213 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
214 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
215 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 216 bssid = wpa_s->pending_bssid;
217 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
218 MAC2STR(bssid));
219 wpa_blacklist_add(wpa_s, bssid);
220 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 221 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 222 wpa_s->reassociate = 1;
48b84f18
BG		 223
224 /*
225 * If we timed out, the AP or the local radio may be busy.
226 * So, wait a second until scanning again.
227 */
228 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 229}
230
231
232/**
233 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
234 * @wpa_s: Pointer to wpa_supplicant data
235 * @sec: Number of seconds after which to time out authentication
236 * @usec: Number of microseconds after which to time out authentication
237 *
238 * This function is used to schedule a timeout for the current authentication
239 * attempt.
240 */
241void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
242 int sec, int usec)
243{
a2a535f8 244 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 245 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 246 return;
247
f049052b 248 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 249 "%d usec", sec, usec);
250 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 251 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 252 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
253}
254
255
37547ad6
DL		 256/*
257 * wpas_auth_timeout_restart - Restart and change timeout for authentication
258 * @wpa_s: Pointer to wpa_supplicant data
259 * @sec_diff: difference in seconds applied to original timeout value
260 */
261void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
262{
263 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
264
265 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
266 wpa_dbg(wpa_s, MSG_DEBUG,
267 "Authentication timeout restart: %d sec", new_sec);
268 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
269 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
270 wpa_s, NULL);
271 }
272}
273
274
6fc6879b
JM		 275/**
276 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
277 * @wpa_s: Pointer to wpa_supplicant data
278 *
279 * This function is used to cancel authentication timeout scheduled with
280 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
281 * been completed.
282 */
283void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
284{
f049052b 285 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 286 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
287 wpa_blacklist_del(wpa_s, wpa_s->bssid);
af835d75
AB		 288 os_free(wpa_s->last_con_fail_realm);
289 wpa_s->last_con_fail_realm = NULL;
290 wpa_s->last_con_fail_realm_len = 0;
6fc6879b
JM		 291}
292
293
294/**
295 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
296 * @wpa_s: Pointer to wpa_supplicant data
297 *
298 * This function is used to configure EAPOL state machine based on the selected
299 * authentication mode.
300 */
301void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
302{
303#ifdef IEEE8021X_EAPOL
304 struct eapol_config eapol_conf;
305 struct wpa_ssid *ssid = wpa_s->current_ssid;
306
53895c3b 307#ifdef CONFIG_IBSS_RSN
d7dcba70 308 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 309 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
311 /*
312 * RSN IBSS authentication is per-STA and we can disable the
313 * per-BSSID EAPOL authentication.
314 */
315 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
316 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
317 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
318 return;
319 }
320#endif /* CONFIG_IBSS_RSN */
321
0a40ec6a
JM		 322 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
323 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
324
6fc6879b
JM		 325 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
326 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
327 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
328 else
329 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
330
331 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
332 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
333 eapol_conf.accept_802_1x_keys = 1;
334 eapol_conf.required_keys = 0;
335 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
336 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
337 }
338 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
339 eapol_conf.required_keys |=
340 EAPOL_REQUIRE_KEY_BROADCAST;
341 }
342
a2a535f8 343 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 344 eapol_conf.required_keys = 0;
6fc6879b 345 }
a2a535f8 346 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 347 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 348 eapol_conf.eap_disabled =
349 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 350 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
351 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 352 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 353
354#ifdef CONFIG_WPS
355 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
356 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
357 if (wpa_s->current_bss) {
358 struct wpabuf *ie;
359 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
360 WPS_IE_VENDOR_TYPE);
361 if (ie) {
362 if (wps_is_20(ie))
363 eapol_conf.wps |=
364 EAPOL_PEER_IS_WPS20_AP;
365 wpabuf_free(ie);
366 }
367 }
368 }
369#endif /* CONFIG_WPS */
370
6fc6879b 371 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 372
ad51731a
SD		 373#ifdef CONFIG_MACSEC
374 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
375 ieee802_1x_create_preshared_mka(wpa_s, ssid);
376 else
377 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
378#endif /* CONFIG_MACSEC */
cd3153a9 379#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 380}
381
382
383/**
384 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
385 * @wpa_s: Pointer to wpa_supplicant data
386 * @ssid: Configuration data for the network
387 *
388 * This function is used to configure WPA state machine and related parameters
389 * to a mode where WPA is not enabled. This is called as part of the
390 * authentication configuration when the selected network does not use WPA.
391 */
392void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
393 struct wpa_ssid *ssid)
394{
395 int i;
396
ad08c363
JM		 397 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
398 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
399 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 400 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
401 else
402 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
403 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
404 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
405 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
406 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
407 wpa_s->group_cipher = WPA_CIPHER_NONE;
408 wpa_s->mgmt_group_cipher = 0;
409
410 for (i = 0; i < NUM_WEP_KEYS; i++) {
411 if (ssid->wep_key_len[i] > 5) {
412 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
413 wpa_s->group_cipher = WPA_CIPHER_WEP104;
414 break;
415 } else if (ssid->wep_key_len[i] > 0) {
416 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
417 wpa_s->group_cipher = WPA_CIPHER_WEP40;
418 break;
419 }
420 }
421
422 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
423 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
424 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
425 wpa_s->pairwise_cipher);
426 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
427#ifdef CONFIG_IEEE80211W
428 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
429 wpa_s->mgmt_group_cipher);
430#endif /* CONFIG_IEEE80211W */
431
432 pmksa_cache_clear_current(wpa_s->wpa);
433}
434
435
6979582c 436void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 437{
438 int i;
439 if (wpa_s->hw.modes == NULL)
440 return;
441
442 for (i = 0; i < wpa_s->hw.num_modes; i++) {
443 os_free(wpa_s->hw.modes[i].channels);
444 os_free(wpa_s->hw.modes[i].rates);
445 }
446
447 os_free(wpa_s->hw.modes);
448 wpa_s->hw.modes = NULL;
449}
450
451
19677b77 452void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
dd599908
AS		 453{
454 struct wpa_bss_tmp_disallowed *bss, *prev;
455
456 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
457 struct wpa_bss_tmp_disallowed, list) {
b04854ce 458 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 459 dl_list_del(&bss->list);
460 os_free(bss);
461 }
462}
463
464
5732b770
JM		 465void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
466{
467 struct fils_hlp_req *req;
468
469 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
470 list)) != NULL) {
471 dl_list_del(&req->list);
472 wpabuf_free(req->pkt);
473 os_free(req);
474 }
475}
476
477
6fc6879b
JM		 478static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
479{
86bd36f0
JM		 480 int i;
481
60b94c98 482 bgscan_deinit(wpa_s);
7c865c68 483 autoscan_deinit(wpa_s);
6fc6879b
JM		 484 scard_deinit(wpa_s->scard);
485 wpa_s->scard = NULL;
486 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
487 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
488 l2_packet_deinit(wpa_s->l2);
489 wpa_s->l2 = NULL;
490 if (wpa_s->l2_br) {
491 l2_packet_deinit(wpa_s->l2_br);
492 wpa_s->l2_br = NULL;
493 }
4a6cc862
JM		 494#ifdef CONFIG_TESTING_OPTIONS
495 l2_packet_deinit(wpa_s->l2_test);
496 wpa_s->l2_test = NULL;
c06fca04
JM		 497 os_free(wpa_s->get_pref_freq_list_override);
498 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 499 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
500 wpa_s->last_assoc_req_wpa_ie = NULL;
4a6cc862 501#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 502
6fc6879b 503 if (wpa_s->conf != NULL) {
8e56d189
JM		 504 struct wpa_ssid *ssid;
505 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
506 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 507 }
508
509 os_free(wpa_s->confname);
510 wpa_s->confname = NULL;
511
e6304cad
DS		 512 os_free(wpa_s->confanother);
513 wpa_s->confanother = NULL;
514
af835d75
AB		 515 os_free(wpa_s->last_con_fail_realm);
516 wpa_s->last_con_fail_realm = NULL;
517 wpa_s->last_con_fail_realm_len = 0;
518
6fc6879b
JM		 519 wpa_sm_set_eapol(wpa_s->wpa, NULL);
520 eapol_sm_deinit(wpa_s->eapol);
521 wpa_s->eapol = NULL;
522
523 rsn_preauth_deinit(wpa_s->wpa);
524
281ff0aa
GP		 525#ifdef CONFIG_TDLS
526 wpa_tdls_deinit(wpa_s->wpa);
527#endif /* CONFIG_TDLS */
528
8c42b369 529 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 530 pmksa_candidate_free(wpa_s->wpa);
531 wpa_sm_deinit(wpa_s->wpa);
532 wpa_s->wpa = NULL;
533 wpa_blacklist_clear(wpa_s);
534
83922c2d 535 wpa_bss_deinit(wpa_s);
6fc6879b 536
831770bf 537 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 538 wpa_supplicant_cancel_scan(wpa_s);
539 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 540 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
541#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
542 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
543 wpa_s, NULL);
544#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 545
9bd566a3
AS		 546 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
547
116654ce 548 wpas_wps_deinit(wpa_s);
11ef8d35 549
1ff73338
JM		 550 wpabuf_free(wpa_s->pending_eapol_rx);
551 wpa_s->pending_eapol_rx = NULL;
552
11ef8d35
JM		 553#ifdef CONFIG_IBSS_RSN
554 ibss_rsn_deinit(wpa_s->ibss_rsn);
555 wpa_s->ibss_rsn = NULL;
556#endif /* CONFIG_IBSS_RSN */
c2a04078 557
e29853bb 558 sme_deinit(wpa_s);
2d5b792d
JM		 559
560#ifdef CONFIG_AP
561 wpa_supplicant_ap_deinit(wpa_s);
562#endif /* CONFIG_AP */
b22128ef 563
b22128ef 564 wpas_p2p_deinit(wpa_s);
f47d639d 565
24f6497c
JM		 566#ifdef CONFIG_OFFCHANNEL
567 offchannel_deinit(wpa_s);
568#endif /* CONFIG_OFFCHANNEL */
569
a4cba8f1
LC		 570 wpa_supplicant_cancel_sched_scan(wpa_s);
571
f47d639d
JM		 572 os_free(wpa_s->next_scan_freqs);
573 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 574
575 os_free(wpa_s->manual_scan_freqs);
576 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 577 os_free(wpa_s->select_network_scan_freqs);
578 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 579
d3c9c35f
DS		 580 os_free(wpa_s->manual_sched_scan_freqs);
581 wpa_s->manual_sched_scan_freqs = NULL;
582
56c76fa5
IP		 583 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
584
57e832de
IP		 585 /*
586 * Need to remove any pending gas-query radio work before the
587 * gas_query_deinit() call because gas_query::work has not yet been set
588 * for works that have not been started. gas_query_free() will be unable
589 * to cancel such pending radio works and once the pending gas-query
590 * radio work eventually gets removed, the deinit notification call to
591 * gas_query_start_cb() would result in dereferencing freed memory.
592 */
593 if (wpa_s->radio)
594 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 595 gas_query_deinit(wpa_s->gas);
596 wpa_s->gas = NULL;
461d39af
JM		 597 gas_server_deinit(wpa_s->gas_server);
598 wpa_s->gas_server = NULL;
6bf731e8
CL		 599
600 free_hw_features(wpa_s);
d445a5cd 601
dd10abcc
HW		 602 ieee802_1x_dealloc_kay_sm(wpa_s);
603
d445a5cd
JM		 604 os_free(wpa_s->bssid_filter);
605 wpa_s->bssid_filter = NULL;
b6668734 606
6407f413
JM		 607 os_free(wpa_s->disallow_aps_bssid);
608 wpa_s->disallow_aps_bssid = NULL;
609 os_free(wpa_s->disallow_aps_ssid);
610 wpa_s->disallow_aps_ssid = NULL;
611
b6668734 612 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 613#ifdef CONFIG_WNM
614 wnm_deallocate_memory(wpa_s);
615#endif /* CONFIG_WNM */
306ae225
JM		 616
617 ext_password_deinit(wpa_s->ext_pw);
618 wpa_s->ext_pw = NULL;
b1f12296
JM		 619
620 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 621 wpa_s->last_gas_resp = NULL;
622 wpabuf_free(wpa_s->prev_gas_resp);
623 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 624
625 os_free(wpa_s->last_scan_res);
626 wpa_s->last_scan_res = NULL;
b572df86
JM		 627
628#ifdef CONFIG_HS20
ece4ac5f
MG		 629 if (wpa_s->drv_priv)
630 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 631 hs20_deinit(wpa_s);
b572df86 632#endif /* CONFIG_HS20 */
86bd36f0
JM		 633
634 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
635 wpabuf_free(wpa_s->vendor_elem[i]);
636 wpa_s->vendor_elem[i] = NULL;
637 }
3882a708
JM		 638
639 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 640
641 wpa_s->sched_scan_plans_num = 0;
642 os_free(wpa_s->sched_scan_plans);
643 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 644
645#ifdef CONFIG_MBO
646 wpa_s->non_pref_chan_num = 0;
647 os_free(wpa_s->non_pref_chan);
648 wpa_s->non_pref_chan = NULL;
649#endif /* CONFIG_MBO */
dd599908
AS		 650
651 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 652
653 wpabuf_free(wpa_s->lci);
654 wpa_s->lci = NULL;
76196ddb 655 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 656
657#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
658#ifdef CONFIG_MESH
659 {
660 struct external_pmksa_cache *entry;
661
662 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
663 struct external_pmksa_cache,
664 list)) != NULL) {
665 dl_list_del(&entry->list);
666 os_free(entry->pmksa_cache);
667 os_free(entry);
668 }
669 }
670#endif /* CONFIG_MESH */
671#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 672
673 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 674
675 wpabuf_free(wpa_s->ric_ies);
676 wpa_s->ric_ies = NULL;
be27e185
JM		 677
678#ifdef CONFIG_DPP
679 wpas_dpp_deinit(wpa_s);
87d8435c
JM		 680 dpp_global_deinit(wpa_s->dpp);
681 wpa_s->dpp = NULL;
be27e185 682#endif /* CONFIG_DPP */
6fc6879b
JM		 683}
684
685
686/**
687 * wpa_clear_keys - Clear keys configured for the driver
688 * @wpa_s: Pointer to wpa_supplicant data
689 * @addr: Previously used BSSID or %NULL if not available
690 *
691 * This function clears the encryption keys that has been previously configured
692 * for the driver.
693 */
694void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
695{
2f30cac3 696 int i, max;
6fc6879b 697
0e27f655 698#ifdef CONFIG_IEEE80211W
2f30cac3
JM		 699 max = 6;
700#else /* CONFIG_IEEE80211W */
701 max = 4;
0e27f655 702#endif /* CONFIG_IEEE80211W */
2f30cac3
JM		 703
704 /* MLME-DELETEKEYS.request */
705 for (i = 0; i < max; i++) {
706 if (wpa_s->keys_cleared & BIT(i))
707 continue;
708 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
709 NULL, 0);
710 }
711 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
712 !is_zero_ether_addr(addr)) {
6fc6879b
JM		 713 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
714 0);
715 /* MLME-SETPROTECTION.request(None) */
716 wpa_drv_mlme_setprotection(
717 wpa_s, addr,
718 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
719 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
720 }
2f30cac3 721 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 722}
723
724
725/**
726 * wpa_supplicant_state_txt - Get the connection state name as a text string
727 * @state: State (wpa_state; WPA_*)
728 * Returns: The state name as a printable text string
729 */
71934751 730const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 731{
732 switch (state) {
733 case WPA_DISCONNECTED:
734 return "DISCONNECTED";
735 case WPA_INACTIVE:
736 return "INACTIVE";
8401a6b0
JM		 737 case WPA_INTERFACE_DISABLED:
738 return "INTERFACE_DISABLED";
6fc6879b
JM		 739 case WPA_SCANNING:
740 return "SCANNING";
c2a04078
JM		 741 case WPA_AUTHENTICATING:
742 return "AUTHENTICATING";
6fc6879b
JM		 743 case WPA_ASSOCIATING:
744 return "ASSOCIATING";
745 case WPA_ASSOCIATED:
746 return "ASSOCIATED";
747 case WPA_4WAY_HANDSHAKE:
748 return "4WAY_HANDSHAKE";
749 case WPA_GROUP_HANDSHAKE:
750 return "GROUP_HANDSHAKE";
751 case WPA_COMPLETED:
752 return "COMPLETED";
753 default:
754 return "UNKNOWN";
755 }
756}
757
758
cfe53c9a
PS		 759#ifdef CONFIG_BGSCAN
760
761static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
762{
31392709
HD		 763 const char *name;
764
765 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
766 name = wpa_s->current_ssid->bgscan;
767 else
768 name = wpa_s->conf->bgscan;
268043d5 769 if (name == NULL || name[0] == '\0')
31392709 770 return;
0096c427
JM		 771 if (wpas_driver_bss_selection(wpa_s))
772 return;
cfe53c9a
PS		 773 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
774 return;
aa109830
DS		 775#ifdef CONFIG_P2P
776 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
777 return;
778#endif /* CONFIG_P2P */
cfe53c9a
PS		 779
780 bgscan_deinit(wpa_s);
31392709
HD		 781 if (wpa_s->current_ssid) {
782 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 783 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
784 "bgscan");
785 /*
786 * Live without bgscan; it is only used as a roaming
787 * optimization, so the initial connection is not
788 * affected.
789 */
6409b7a7
YD		 790 } else {
791 struct wpa_scan_results *scan_res;
cfe53c9a 792 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 793 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
794 0);
795 if (scan_res) {
796 bgscan_notify_scan(wpa_s, scan_res);
797 wpa_scan_results_free(scan_res);
798 }
799 }
cfe53c9a
PS		 800 } else
801 wpa_s->bgscan_ssid = NULL;
802}
803
804
805static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
806{
807 if (wpa_s->bgscan_ssid != NULL) {
808 bgscan_deinit(wpa_s);
809 wpa_s->bgscan_ssid = NULL;
810 }
811}
812
813#endif /* CONFIG_BGSCAN */
814
815
7c865c68
TB		 816static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
817{
99218999 818 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 819 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
820}
821
822
823static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
824{
825 autoscan_deinit(wpa_s);
826}
827
828
c3d12238
JM		 829void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
830{
831 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
832 wpa_s->wpa_state == WPA_SCANNING) {
833 autoscan_deinit(wpa_s);
834 wpa_supplicant_start_autoscan(wpa_s);
835 }
836}
837
838
6fc6879b
JM		 839/**
840 * wpa_supplicant_set_state - Set current connection state
841 * @wpa_s: Pointer to wpa_supplicant data
842 * @state: The new connection state
843 *
844 * This function is called whenever the connection state changes, e.g.,
845 * association is completed for WPA/WPA2 4-Way Handshake is started.
846 */
71934751
JM		 847void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
848 enum wpa_states state)
6fc6879b 849{
27f43d8d
MH		 850 enum wpa_states old_state = wpa_s->wpa_state;
851
f049052b
BG		 852 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
853 wpa_supplicant_state_txt(wpa_s->wpa_state),
854 wpa_supplicant_state_txt(state));
6fc6879b 855
2bbad1c7
MW		 856 if (state == WPA_COMPLETED &&
857 os_reltime_initialized(&wpa_s->roam_start)) {
858 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
859 wpa_s->roam_start.sec = 0;
860 wpa_s->roam_start.usec = 0;
861 wpas_notify_auth_changed(wpa_s);
862 wpas_notify_roam_time(wpa_s);
863 wpas_notify_roam_complete(wpa_s);
864 } else if (state == WPA_DISCONNECTED &&
865 os_reltime_initialized(&wpa_s->roam_start)) {
866 wpa_s->roam_start.sec = 0;
867 wpa_s->roam_start.usec = 0;
868 wpa_s->roam_time.sec = 0;
869 wpa_s->roam_time.usec = 0;
870 wpas_notify_roam_complete(wpa_s);
871 }
872
5ddd07cb
AS		 873 if (state == WPA_INTERFACE_DISABLED) {
874 /* Assure normal scan when interface is restored */
875 wpa_s->normal_scans = 0;
876 }
877
0cf24fda 878 if (state == WPA_COMPLETED) {
6ac4b15e 879 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 880 /* Reinitialize normal_scan counter */
881 wpa_s->normal_scans = 0;
882 }
6ac4b15e 883
07c1e987
MS		 884#ifdef CONFIG_P2P
885 /*
886 * P2PS client has to reply to Probe Request frames received on the
887 * group operating channel. Enable Probe Request frame reporting for
888 * P2P connected client in case p2p_cli_probe configuration property is
889 * set to 1.
890 */
891 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
892 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
893 wpa_s->current_ssid->p2p_group) {
894 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
895 wpa_dbg(wpa_s, MSG_DEBUG,
896 "P2P: Enable CLI Probe Request RX reporting");
897 wpa_s->p2p_cli_probe =
898 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
899 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
900 wpa_dbg(wpa_s, MSG_DEBUG,
901 "P2P: Disable CLI Probe Request RX reporting");
902 wpa_s->p2p_cli_probe = 0;
903 wpa_drv_probe_req_report(wpa_s, 0);
904 }
905 }
906#endif /* CONFIG_P2P */
907
cb8564b1
DW		 908 if (state != WPA_SCANNING)
909 wpa_supplicant_notify_scanning(wpa_s, 0);
910
6fc6879b 911 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 912 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 913 int fils_hlp_sent = 0;
914
915#ifdef CONFIG_SME
916 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
917 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
918 fils_hlp_sent = 1;
919#endif /* CONFIG_SME */
920 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
921 wpa_auth_alg_fils(wpa_s->auth_alg))
922 fils_hlp_sent = 1;
923
7d37a357 924#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 925 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 926 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 927 MAC2STR(wpa_s->bssid),
6fc6879b 928 ssid ? ssid->id : -1,
da6a28ba
VK		 929 ssid && ssid->id_str ? ssid->id_str : "",
930 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 931#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 932 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 933 wpa_blacklist_clear(wpa_s);
f1a52633 934 wpa_s->extra_blacklist_count = 0;
6fc6879b 935 wpa_s->new_connection = 0;
6fc6879b 936 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 937#ifndef IEEE8021X_EAPOL
938 wpa_drv_set_supp_port(wpa_s, 1);
939#endif /* IEEE8021X_EAPOL */
17a4734d 940 wpa_s->after_wps = 0;
4d9fb08d 941 wpa_s->known_wps_freq = 0;
b22128ef 942 wpas_p2p_completed(wpa_s);
c3701c66
RM		 943
944 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 945
946#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
947 if (!fils_hlp_sent && ssid && ssid->eap.erp)
948 wpas_update_fils_connect_params(wpa_s);
949#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 950#ifdef CONFIG_OWE
951 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
952 wpas_update_owe_connect_params(wpa_s);
953#endif /* CONFIG_OWE */
6fc6879b
JM		 954 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
955 state == WPA_ASSOCIATED) {
956 wpa_s->new_connection = 1;
957 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 958#ifndef IEEE8021X_EAPOL
959 wpa_drv_set_supp_port(wpa_s, 0);
960#endif /* IEEE8021X_EAPOL */
c3701c66 961 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 962 }
963 wpa_s->wpa_state = state;
27f43d8d 964
cfe53c9a
PS		 965#ifdef CONFIG_BGSCAN
966 if (state == WPA_COMPLETED)
967 wpa_supplicant_start_bgscan(wpa_s);
37271232 968 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 969 wpa_supplicant_stop_bgscan(wpa_s);
970#endif /* CONFIG_BGSCAN */
971
bce3d4f7 972 if (state > WPA_SCANNING)
7c865c68
TB		 973 wpa_supplicant_stop_autoscan(wpa_s);
974
975 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
976 wpa_supplicant_start_autoscan(wpa_s);
977
fecc2bb5
EP		 978 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
979 wmm_ac_notify_disassoc(wpa_s);
980
5bbf9f10 981 if (wpa_s->wpa_state != old_state) {
27f43d8d 982 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 983
e3bd6e9d
IP		 984 /*
985 * Notify the P2P Device interface about a state change in one
986 * of the interfaces.
987 */
988 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 989
5bbf9f10
PS		 990 if (wpa_s->wpa_state == WPA_COMPLETED ||
991 old_state == WPA_COMPLETED)
992 wpas_notify_auth_changed(wpa_s);
993 }
6fc6879b
JM		 994}
995
996
1a1bf008
JM		 997void wpa_supplicant_terminate_proc(struct wpa_global *global)
998{
999 int pending = 0;
1000#ifdef CONFIG_WPS
1001 struct wpa_supplicant *wpa_s = global->ifaces;
1002 while (wpa_s) {
ab41595f 1003 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 1004 if (wpas_wps_terminate_pending(wpa_s) == 1)
1005 pending = 1;
20625e97
JM		 1006#ifdef CONFIG_P2P
1007 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1008 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1009 wpas_p2p_disconnect(wpa_s);
1010#endif /* CONFIG_P2P */
ab41595f 1011 wpa_s = next;
1a1bf008
JM		 1012 }
1013#endif /* CONFIG_WPS */
1014 if (pending)
1015 return;
1016 eloop_terminate();
1017}
1018
1019
0456ea16 1020static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 1021{
0456ea16 1022 struct wpa_global *global = signal_ctx;
1a1bf008 1023 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1024}
1025
1026
b22128ef 1027void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 1028{
71934751 1029 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 1030
6fc6879b
JM		 1031 wpa_s->pairwise_cipher = 0;
1032 wpa_s->group_cipher = 0;
1033 wpa_s->mgmt_group_cipher = 0;
1034 wpa_s->key_mgmt = 0;
8401a6b0 1035 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1036 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1037
1038 if (wpa_s->wpa_state != old_state)
1039 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1040}
1041
1042
1043/**
1044 * wpa_supplicant_reload_configuration - Reload configuration data
1045 * @wpa_s: Pointer to wpa_supplicant data
1046 * Returns: 0 on success or -1 if configuration parsing failed
1047 *
1048 * This function can be used to request that the configuration data is reloaded
1049 * (e.g., after configuration file change). This function is reloading
1050 * configuration only for one interface, so this may need to be called multiple
1051 * times if %wpa_supplicant is controlling multiple interfaces and all
1052 * interfaces need reconfiguration.
1053 */
1054int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1055{
1056 struct wpa_config *conf;
1057 int reconf_ctrl;
8bac466b
JM		 1058 int old_ap_scan;
1059
6fc6879b
JM		 1060 if (wpa_s->confname == NULL)
1061 return -1;
e6304cad 1062 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1063 if (conf == NULL) {
1064 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1065 "file '%s' - exiting", wpa_s->confname);
1066 return -1;
1067 }
3bd35b68
JM		 1068 if (wpa_s->confanother &&
1069 !wpa_config_read(wpa_s->confanother, conf)) {
1070 wpa_msg(wpa_s, MSG_ERROR,
1071 "Failed to parse the configuration file '%s' - exiting",
1072 wpa_s->confanother);
1073 return -1;
1074 }
e6304cad 1075
611aea7d 1076 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1077
1078 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1079 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1080 os_strcmp(conf->ctrl_interface,
1081 wpa_s->conf->ctrl_interface) != 0);
1082
1083 if (reconf_ctrl && wpa_s->ctrl_iface) {
1084 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1085 wpa_s->ctrl_iface = NULL;
1086 }
1087
1088 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1089 if (wpa_s->current_ssid) {
e66bcedd
JM		 1090 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1091 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1092 wpa_supplicant_deauthenticate(wpa_s,
1093 WLAN_REASON_DEAUTH_LEAVING);
1094 }
8bac466b 1095
6fc6879b
JM		 1096 /*
1097 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1098 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1099 */
a1ea1b45 1100 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1101 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1102 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1103 /*
1104 * Clear forced success to clear EAP state for next
1105 * authentication.
1106 */
1107 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1108 }
1109 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1110 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1111 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1112 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1113 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1114
1115 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1116 wpa_config_free(wpa_s->conf);
1117 wpa_s->conf = conf;
8bac466b
JM		 1118 if (old_ap_scan != wpa_s->conf->ap_scan)
1119 wpas_notify_ap_scan_changed(wpa_s);
1120
6fc6879b
JM		 1121 if (reconf_ctrl)
1122 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1123
611aea7d
JM		 1124 wpa_supplicant_update_config(wpa_s);
1125
6fc6879b 1126 wpa_supplicant_clear_status(wpa_s);
349493bd 1127 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1128 wpa_s->reassociate = 1;
1129 wpa_supplicant_req_scan(wpa_s, 0, 0);
1130 }
f049052b 1131 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1132 return 0;
1133}
1134
1135
0456ea16 1136static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1137{
0456ea16 1138 struct wpa_global *global = signal_ctx;
6fc6879b 1139 struct wpa_supplicant *wpa_s;
6fc6879b 1140 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1141 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1142 sig);
6fc6879b 1143 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1144 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1145 }
1146 }
1248e584
LR		 1147
1148 if (wpa_debug_reopen_file() < 0) {
1149 /* Ignore errors since we cannot really do much to fix this */
1150 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1151 }
6fc6879b
JM		 1152}
1153
1154
6fc6879b
JM		 1155static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1156 struct wpa_ssid *ssid,
1157 struct wpa_ie_data *ie)
1158{
1159 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1160 if (ret) {
1161 if (ret == -2) {
1162 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1163 "from association info");
1164 }
1165 return -1;
1166 }
1167
f049052b
BG		 1168 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1169 "cipher suites");
6fc6879b
JM		 1170 if (!(ie->group_cipher & ssid->group_cipher)) {
1171 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1172 "cipher 0x%x (mask 0x%x) - reject",
1173 ie->group_cipher, ssid->group_cipher);
1174 return -1;
1175 }
1176 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1177 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1178 "cipher 0x%x (mask 0x%x) - reject",
1179 ie->pairwise_cipher, ssid->pairwise_cipher);
1180 return -1;
1181 }
1182 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1183 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1184 "management 0x%x (mask 0x%x) - reject",
1185 ie->key_mgmt, ssid->key_mgmt);
1186 return -1;
1187 }
1188
1189#ifdef CONFIG_IEEE80211W
0b60b0aa 1190 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1191 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1192 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1193 "that does not support management frame protection - "
1194 "reject");
1195 return -1;
1196 }
1197#endif /* CONFIG_IEEE80211W */
1198
1199 return 0;
1200}
1201
1202
2c129a1b
LD		 1203static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1204 int freq)
1205{
1206 if (!ie->has_group)
1207 ie->group_cipher = wpa_default_rsn_cipher(freq);
1208 if (!ie->has_pairwise)
1209 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1210 return (ie->group_cipher & ssid->group_cipher) &&
1211 (ie->pairwise_cipher & ssid->pairwise_cipher);
1212}
1213
1214
6fc6879b
JM		 1215/**
1216 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1217 * @wpa_s: Pointer to wpa_supplicant data
1218 * @bss: Scan results for the selected BSS, or %NULL if not available
1219 * @ssid: Configuration data for the selected network
1220 * @wpa_ie: Buffer for the WPA/RSN IE
1221 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1222 * used buffer length in case the functions returns success.
1223 * Returns: 0 on success or -1 on failure
1224 *
1225 * This function is used to configure authentication and encryption parameters
1226 * based on the network configuration and scan result for the selected BSS (if
1227 * available).
1228 */
1229int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1230 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1231 u8 *wpa_ie, size_t *wpa_ie_len)
1232{
1233 struct wpa_ie_data ie;
1234 int sel, proto;
df0f01d9 1235 const u8 *bss_wpa, *bss_rsn, *bss_osen;
6fc6879b
JM		 1236
1237 if (bss) {
6fa81a3b
JM		 1238 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1239 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
df0f01d9 1240 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
6fc6879b 1241 } else
df0f01d9 1242 bss_wpa = bss_rsn = bss_osen = NULL;
6fc6879b
JM		 1243
1244 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1245 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
2c129a1b 1246 matching_ciphers(ssid, &ie, bss->freq) &&
6fc6879b 1247 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1248 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1249 proto = WPA_PROTO_RSN;
1250 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1251 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1252 (ie.group_cipher & ssid->group_cipher) &&
1253 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1254 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1255 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1256 proto = WPA_PROTO_WPA;
df0f01d9 1257#ifdef CONFIG_HS20
dc673aec
JM		 1258 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1259 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1260 (ie.group_cipher & ssid->group_cipher) &&
1261 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1262 (ie.key_mgmt & ssid->key_mgmt)) {
df0f01d9 1263 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
df0f01d9 1264 proto = WPA_PROTO_OSEN;
f5a60216
JM		 1265 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1266 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1267 (ie.group_cipher & ssid->group_cipher) &&
1268 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1269 (ie.key_mgmt & ssid->key_mgmt)) {
1270 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1271 proto = WPA_PROTO_RSN;
df0f01d9 1272#endif /* CONFIG_HS20 */
6fc6879b
JM		 1273 } else if (bss) {
1274 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1275 wpa_dbg(wpa_s, MSG_DEBUG,
1276 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1277 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1278 ssid->key_mgmt);
1279 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1280 MAC2STR(bss->bssid),
1281 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1282 bss_wpa ? " WPA" : "",
1283 bss_rsn ? " RSN" : "",
1284 bss_osen ? " OSEN" : "");
1285 if (bss_rsn) {
1286 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1287 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1288 wpa_dbg(wpa_s, MSG_DEBUG,
1289 "Could not parse RSN element");
1290 } else {
1291 wpa_dbg(wpa_s, MSG_DEBUG,
1292 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1293 ie.pairwise_cipher, ie.group_cipher,
1294 ie.key_mgmt);
1295 }
1296 }
1297 if (bss_wpa) {
1298 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1299 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1300 wpa_dbg(wpa_s, MSG_DEBUG,
1301 "Could not parse WPA element");
1302 } else {
1303 wpa_dbg(wpa_s, MSG_DEBUG,
1304 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1305 ie.pairwise_cipher, ie.group_cipher,
1306 ie.key_mgmt);
1307 }
1308 }
6fc6879b
JM		 1309 return -1;
1310 } else {
df0f01d9
JM		 1311 if (ssid->proto & WPA_PROTO_OSEN)
1312 proto = WPA_PROTO_OSEN;
1313 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1314 proto = WPA_PROTO_RSN;
1315 else
1316 proto = WPA_PROTO_WPA;
1317 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1318 os_memset(&ie, 0, sizeof(ie));
1319 ie.group_cipher = ssid->group_cipher;
1320 ie.pairwise_cipher = ssid->pairwise_cipher;
1321 ie.key_mgmt = ssid->key_mgmt;
1322#ifdef CONFIG_IEEE80211W
61a56c14
JM		 1323 ie.mgmt_group_cipher = 0;
1324 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1325 if (ssid->group_mgmt_cipher &
1326 WPA_CIPHER_BIP_GMAC_256)
1327 ie.mgmt_group_cipher =
1328 WPA_CIPHER_BIP_GMAC_256;
1329 else if (ssid->group_mgmt_cipher &
1330 WPA_CIPHER_BIP_CMAC_256)
1331 ie.mgmt_group_cipher =
1332 WPA_CIPHER_BIP_CMAC_256;
1333 else if (ssid->group_mgmt_cipher &
1334 WPA_CIPHER_BIP_GMAC_128)
1335 ie.mgmt_group_cipher =
1336 WPA_CIPHER_BIP_GMAC_128;
1337 else
1338 ie.mgmt_group_cipher =
1339 WPA_CIPHER_AES_128_CMAC;
1340 }
6fc6879b 1341#endif /* CONFIG_IEEE80211W */
c1790a5f
JM		 1342#ifdef CONFIG_OWE
1343 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1344 !ssid->owe_only &&
1345 !bss_wpa && !bss_rsn && !bss_osen) {
1346 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1347 wpa_s->wpa_proto = 0;
9f8d459d 1348 *wpa_ie_len = 0;
c1790a5f
JM		 1349 return 0;
1350 }
1351#endif /* CONFIG_OWE */
f049052b
BG		 1352 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1353 "based on configuration");
6fc6879b
JM		 1354 } else
1355 proto = ie.proto;
1356 }
1357
f049052b
BG		 1358 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1359 "pairwise %d key_mgmt %d proto %d",
1360 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1361#ifdef CONFIG_IEEE80211W
1362 if (ssid->ieee80211w) {
f049052b
BG		 1363 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1364 ie.mgmt_group_cipher);
6fc6879b
JM		 1365 }
1366#endif /* CONFIG_IEEE80211W */
1367
64fa840a 1368 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1369 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1370 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1371 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1372
1373 if (bss || !wpa_s->ap_ies_from_associnfo) {
1374 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1375 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1376 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1377 bss_rsn ? 2 + bss_rsn[1] : 0))
1378 return -1;
1379 }
1380
9e68742e
JM		 1381#ifdef CONFIG_NO_WPA
1382 wpa_s->group_cipher = WPA_CIPHER_NONE;
1383 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1384#else /* CONFIG_NO_WPA */
6fc6879b 1385 sel = ie.group_cipher & ssid->group_cipher;
853bd19f
JM		 1386 wpa_dbg(wpa_s, MSG_DEBUG,
1387 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1388 ie.group_cipher, ssid->group_cipher, sel);
edbd2a19
JM		 1389 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1390 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1391 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1392 "cipher");
6fc6879b
JM		 1393 return -1;
1394 }
edbd2a19
JM		 1395 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1396 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1397
1398 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
853bd19f
JM		 1399 wpa_dbg(wpa_s, MSG_DEBUG,
1400 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1401 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
edbd2a19
JM		 1402 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1403 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1404 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1405 "cipher");
6fc6879b
JM		 1406 return -1;
1407 }
edbd2a19
JM		 1408 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1409 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1410#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1411
1412 sel = ie.key_mgmt & ssid->key_mgmt;
853bd19f
JM		 1413 wpa_dbg(wpa_s, MSG_DEBUG,
1414 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1415 ie.key_mgmt, ssid->key_mgmt, sel);
c10347f2
JM		 1416#ifdef CONFIG_SAE
1417 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1418 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1419#endif /* CONFIG_SAE */
6fc6879b 1420 if (0) {
6d77014e
JM		 1421#ifdef CONFIG_IEEE80211R
1422#ifdef CONFIG_SHA384
dd0153fc
MW		 1423 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1424 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6d77014e
JM		 1425 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1426 wpa_dbg(wpa_s, MSG_DEBUG,
1427 "WPA: using KEY_MGMT FT/802.1X-SHA384");
9083ef13
JM		 1428 if (!ssid->ft_eap_pmksa_caching &&
1429 pmksa_cache_get_current(wpa_s->wpa)) {
1430 /* PMKSA caching with FT may have interoperability
1431 * issues, so disable that case by default for now. */
6d77014e
JM		 1432 wpa_dbg(wpa_s, MSG_DEBUG,
1433 "WPA: Disable PMKSA caching for FT/802.1X connection");
1434 pmksa_cache_clear_current(wpa_s->wpa);
1435 }
1436#endif /* CONFIG_SHA384 */
1437#endif /* CONFIG_IEEE80211R */
5e3b5197
JM		 1438#ifdef CONFIG_SUITEB192
1439 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1440 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1441 wpa_dbg(wpa_s, MSG_DEBUG,
1442 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1443#endif /* CONFIG_SUITEB192 */
1444#ifdef CONFIG_SUITEB
666497c8
JM		 1445 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1446 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1447 wpa_dbg(wpa_s, MSG_DEBUG,
1448 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1449#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1450#ifdef CONFIG_FILS
1451#ifdef CONFIG_IEEE80211R
1452 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1453 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1454 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1455 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1456 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1457 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1458#endif /* CONFIG_IEEE80211R */
1459 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1460 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1461 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1462 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1463 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1464 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1465#endif /* CONFIG_FILS */
6fc6879b 1466#ifdef CONFIG_IEEE80211R
dd0153fc
MW		 1467 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1468 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6fc6879b 1469 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1470 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
9083ef13
JM		 1471 if (!ssid->ft_eap_pmksa_caching &&
1472 pmksa_cache_get_current(wpa_s->wpa)) {
1473 /* PMKSA caching with FT may have interoperability
1474 * issues, so disable that case by default for now. */
833bb2ab
JM		 1475 wpa_dbg(wpa_s, MSG_DEBUG,
1476 "WPA: Disable PMKSA caching for FT/802.1X connection");
1477 pmksa_cache_clear_current(wpa_s->wpa);
1478 }
6fc6879b 1479#endif /* CONFIG_IEEE80211R */
dd6c5980
JM		 1480#ifdef CONFIG_DPP
1481 } else if (sel & WPA_KEY_MGMT_DPP) {
1482 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1483 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1484#endif /* CONFIG_DPP */
c10347f2 1485#ifdef CONFIG_SAE
c10347f2
JM		 1486 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1487 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1488 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
76fd782a
JM		 1489 } else if (sel & WPA_KEY_MGMT_SAE) {
1490 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1491 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
c10347f2 1492#endif /* CONFIG_SAE */
9af1eea3
JM		 1493#ifdef CONFIG_IEEE80211R
1494 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1495 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1496 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1497#endif /* CONFIG_IEEE80211R */
56586197
JM		 1498#ifdef CONFIG_IEEE80211W
1499 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1500 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1501 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1502 "WPA: using KEY_MGMT 802.1X with SHA256");
1503 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1504 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1505 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1506 "WPA: using KEY_MGMT PSK with SHA256");
1507#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1508 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1509 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1510 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1511 } else if (sel & WPA_KEY_MGMT_PSK) {
1512 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1513 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1514 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1515 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1516 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1517#ifdef CONFIG_HS20
1518 } else if (sel & WPA_KEY_MGMT_OSEN) {
1519 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1520 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1521#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1522#ifdef CONFIG_OWE
1523 } else if (sel & WPA_KEY_MGMT_OWE) {
1524 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1525 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1526#endif /* CONFIG_OWE */
6fc6879b 1527 } else {
f049052b
BG		 1528 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1529 "authenticated key management type");
6fc6879b
JM		 1530 return -1;
1531 }
1532
1533 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1534 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1535 wpa_s->pairwise_cipher);
1536 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1537
1538#ifdef CONFIG_IEEE80211W
ae05b6a2
JM		 1539 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1540 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1541 wpa_msg(wpa_s, MSG_INFO,
1542 "RSN: Management frame protection required but the selected AP does not enable it");
1543 return -1;
1544 }
1545
6fc6879b 1546 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1547 if (ssid->group_mgmt_cipher)
1548 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1549 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1550 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b 1551 sel = 0;
853bd19f
JM		 1552 wpa_dbg(wpa_s, MSG_DEBUG,
1553 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1554 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
6fc6879b
JM		 1555 if (sel & WPA_CIPHER_AES_128_CMAC) {
1556 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1557 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1558 "AES-128-CMAC");
8dd9f9cd
JM		 1559 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1560 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1561 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1562 "BIP-GMAC-128");
1563 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1564 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1565 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1566 "BIP-GMAC-256");
1567 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1568 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1569 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1570 "BIP-CMAC-256");
6fc6879b
JM		 1571 } else {
1572 wpa_s->mgmt_group_cipher = 0;
f049052b 1573 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1574 }
1575 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1576 wpa_s->mgmt_group_cipher);
62d49803 1577 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1578 wpas_get_ssid_pmf(wpa_s, ssid));
6fc6879b 1579#endif /* CONFIG_IEEE80211W */
55c12f5d
MV		 1580#ifdef CONFIG_OCV
1581 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1582#endif /* CONFIG_OCV */
6fc6879b
JM		 1583
1584 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1585 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1586 return -1;
1587 }
1588
dd6c5980
JM		 1589 if (0) {
1590#ifdef CONFIG_DPP
1591 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1592 /* Use PMK from DPP network introduction (PMKSA entry) */
1593 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1594#endif /* CONFIG_DPP */
1595 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1596 int psk_set = 0;
06b1a104 1597 int sae_only;
a52410c2 1598
06b1a104
JM		 1599 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1600 WPA_KEY_MGMT_FT_PSK |
1601 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1602
1603 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1604 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1605 ssid->psk, PMK_LEN);
70c93963
MH		 1606 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1607 NULL);
a52410c2
JM		 1608 psk_set = 1;
1609 }
a34ca59e 1610
06b1a104
JM		 1611 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1612 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1613 psk_set = 1;
1614
7d232e23
ZC		 1615#ifndef CONFIG_NO_PBKDF2
1616 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1617 ssid->passphrase && !sae_only) {
7d232e23 1618 u8 psk[PMK_LEN];
986de33d
JM		 1619 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1620 4096, psk, PMK_LEN);
7d232e23
ZC		 1621 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1622 psk, PMK_LEN);
70c93963 1623 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1624 psk_set = 1;
e886c88e 1625 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1626 }
1627#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1628#ifdef CONFIG_EXT_PASSWORD
06b1a104 1629 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1630 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1631 ssid->ext_psk);
1632 char pw_str[64 + 1];
1633 u8 psk[PMK_LEN];
1634
1635 if (pw == NULL) {
1636 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1637 "found from external storage");
1638 return -1;
1639 }
1640
1641 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1642 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1643 "PSK length %d in external storage",
1644 (int) wpabuf_len(pw));
1645 ext_password_free(pw);
1646 return -1;
1647 }
1648
1649 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1650 pw_str[wpabuf_len(pw)] = '\0';
1651
1652#ifndef CONFIG_NO_PBKDF2
1653 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1654 {
986de33d
JM		 1655 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1656 4096, psk, PMK_LEN);
9173b16f
JM		 1657 os_memset(pw_str, 0, sizeof(pw_str));
1658 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1659 "external passphrase)",
1660 psk, PMK_LEN);
70c93963
MH		 1661 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1662 NULL);
a52410c2 1663 psk_set = 1;
e886c88e 1664 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1665 } else
1666#endif /* CONFIG_NO_PBKDF2 */
1667 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1668 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1669 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1670 "Invalid PSK hex string");
1671 os_memset(pw_str, 0, sizeof(pw_str));
1672 ext_password_free(pw);
1673 return -1;
1674 }
66dbc8d9
JM		 1675 wpa_hexdump_key(MSG_MSGDUMP,
1676 "PSK (from external PSK)",
1677 psk, PMK_LEN);
70c93963
MH		 1678 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1679 NULL);
a52410c2 1680 psk_set = 1;
e886c88e 1681 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1682 } else {
1683 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1684 "PSK available");
1685 os_memset(pw_str, 0, sizeof(pw_str));
1686 ext_password_free(pw);
1687 return -1;
1688 }
1689
1690 os_memset(pw_str, 0, sizeof(pw_str));
1691 ext_password_free(pw);
1692 }
1693#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1694
1695 if (!psk_set) {
1696 wpa_msg(wpa_s, MSG_INFO,
1697 "No PSK available for association");
06b1a104 1698 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1699 return -1;
1700 }
675112df
JM		 1701#ifdef CONFIG_OWE
1702 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1703 /* OWE Diffie-Hellman exchange in (Re)Association
1704 * Request/Response frames set the PMK, so do not override it
1705 * here. */
1706#endif /* CONFIG_OWE */
7d232e23 1707 } else
6fc6879b
JM		 1708 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1709
1710 return 0;
1711}
1712
1713
8cd6b7bc 1714static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1715{
8cd6b7bc 1716 *pos = 0x00;
03e47c9c 1717
8cd6b7bc
JB		 1718 switch (idx) {
1719 case 0: /* Bits 0-7 */
1720 break;
1721 case 1: /* Bits 8-15 */
d514b502
JM		 1722 if (wpa_s->conf->coloc_intf_reporting) {
1723 /* Bit 13 - Collocated Interference Reporting */
1724 *pos |= 0x20;
1725 }
8cd6b7bc
JB		 1726 break;
1727 case 2: /* Bits 16-23 */
1728#ifdef CONFIG_WNM
1729 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
ef59f987
AB		 1730 if (!wpa_s->conf->disable_btm)
1731 *pos |= 0x08; /* Bit 19 - BSS Transition */
8cd6b7bc
JB		 1732#endif /* CONFIG_WNM */
1733 break;
1734 case 3: /* Bits 24-31 */
1735#ifdef CONFIG_WNM
1736 *pos |= 0x02; /* Bit 25 - SSID List */
1737#endif /* CONFIG_WNM */
03e47c9c 1738#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1739 if (wpa_s->conf->interworking)
1740 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1741#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1742 break;
1743 case 4: /* Bits 32-39 */
56f5af48 1744#ifdef CONFIG_INTERWORKING
1e1245bc 1745 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
429dd9af 1746 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1747#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1748 break;
1749 case 5: /* Bits 40-47 */
95a3ea94
JM		 1750#ifdef CONFIG_HS20
1751 if (wpa_s->conf->hs20)
1752 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1753#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1754#ifdef CONFIG_MBO
1755 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1756#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1757 break;
1758 case 6: /* Bits 48-55 */
1759 break;
d1723c55
LD		 1760 case 7: /* Bits 56-63 */
1761 break;
1762 case 8: /* Bits 64-71 */
1763 if (wpa_s->conf->ftm_responder)
1764 *pos |= 0x40; /* Bit 70 - FTM responder */
1765 if (wpa_s->conf->ftm_initiator)
1766 *pos |= 0x80; /* Bit 71 - FTM initiator */
1767 break;
e4d2ce1b
JM		 1768 case 9: /* Bits 72-79 */
1769#ifdef CONFIG_FILS
d98038bb 1770 if (!wpa_s->disable_fils)
1771 *pos |= 0x01;
e4d2ce1b
JM		 1772#endif /* CONFIG_FILS */
1773 break;
8cd6b7bc
JB		 1774 }
1775}
03e47c9c 1776
03e47c9c 1777
0bbaa9b9 1778int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1779{
1780 u8 *pos = buf;
e4d2ce1b 1781 u8 len = 10, i;
8cd6b7bc
JB		 1782
1783 if (len < wpa_s->extended_capa_len)
1784 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1785 if (buflen < (size_t) len + 2) {
1786 wpa_printf(MSG_INFO,
1787 "Not enough room for building extended capabilities element");
1788 return -1;
1789 }
03e47c9c
JM		 1790
1791 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1792 *pos++ = len;
1793 for (i = 0; i < len; i++, pos++) {
1794 wpas_ext_capab_byte(wpa_s, pos, i);
1795
1796 if (i < wpa_s->extended_capa_len) {
1797 *pos &= ~wpa_s->extended_capa_mask[i];
1798 *pos |= wpa_s->extended_capa[i];
1799 }
1800 }
03e47c9c 1801
3db5439a
JM		 1802 while (len > 0 && buf[1 + len] == 0) {
1803 len--;
1804 buf[1] = len;
1805 }
1806 if (len == 0)
1807 return 0;
1808
1809 return 2 + len;
03e47c9c
JM		 1810}
1811
1812
6ac4b15e
JM		 1813static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1814 struct wpa_bss *test_bss)
1815{
1816 struct wpa_bss *bss;
1817
1818 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1819 if (bss == test_bss)
1820 return 1;
1821 }
1822
1823 return 0;
1824}
1825
1826
1827static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1828 struct wpa_ssid *test_ssid)
1829{
1830 struct wpa_ssid *ssid;
1831
1832 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1833 if (ssid == test_ssid)
1834 return 1;
1835 }
1836
1837 return 0;
1838}
1839
1840
1841int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1842 struct wpa_ssid *test_ssid)
1843{
1844 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1845 return 0;
1846
1847 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1848}
1849
1850
1851void wpas_connect_work_free(struct wpa_connect_work *cwork)
1852{
1853 if (cwork == NULL)
1854 return;
1855 os_free(cwork);
1856}
1857
1858
1859void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1860{
1861 struct wpa_connect_work *cwork;
1862 struct wpa_radio_work *work = wpa_s->connect_work;
1863
1864 if (!work)
1865 return;
1866
1867 wpa_s->connect_work = NULL;
1868 cwork = work->ctx;
1869 work->ctx = NULL;
1870 wpas_connect_work_free(cwork);
1871 radio_work_done(work);
1872}
1873
1874
a313d17d 1875int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1876{
1877 struct os_reltime now;
1878 u8 addr[ETH_ALEN];
1879
1880 os_get_reltime(&now);
a313d17d
JM		 1881 if (wpa_s->last_mac_addr_style == style &&
1882 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1883 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1884 wpa_s->conf->rand_addr_lifetime)) {
1885 wpa_msg(wpa_s, MSG_DEBUG,
1886 "Previously selected random MAC address has not yet expired");
1887 return 0;
1888 }
1889
a313d17d
JM		 1890 switch (style) {
1891 case 1:
1892 if (random_mac_addr(addr) < 0)
1893 return -1;
1894 break;
1895 case 2:
1896 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1897 if (random_mac_addr_keep_oui(addr) < 0)
1898 return -1;
1899 break;
1900 default:
c267753b 1901 return -1;
a313d17d 1902 }
c267753b
JM		 1903
1904 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1905 wpa_msg(wpa_s, MSG_INFO,
1906 "Failed to set random MAC address");
1907 return -1;
1908 }
1909
1910 os_get_reltime(&wpa_s->last_mac_addr_change);
1911 wpa_s->mac_addr_changed = 1;
a313d17d 1912 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1913
1914 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1915 wpa_msg(wpa_s, MSG_INFO,
1916 "Could not update MAC address information");
1917 return -1;
1918 }
1919
1920 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1921 MAC2STR(addr));
1922
1923 return 0;
1924}
1925
1926
1927int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1928{
1929 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1930 !wpa_s->conf->preassoc_mac_addr)
1931 return 0;
1932
a313d17d 1933 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1934}
1935
1936
6ac4b15e
JM		 1937static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1938
6fc6879b
JM		 1939/**
1940 * wpa_supplicant_associate - Request association
1941 * @wpa_s: Pointer to wpa_supplicant data
1942 * @bss: Scan results for the selected BSS, or %NULL if not available
1943 * @ssid: Configuration data for the selected network
1944 *
1945 * This function is used to request %wpa_supplicant to associate with a BSS.
1946 */
1947void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1948 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1949{
6ac4b15e 1950 struct wpa_connect_work *cwork;
a313d17d
JM		 1951 int rand_style;
1952
a8412ec9
JM		 1953 wpa_s->own_disconnect_req = 0;
1954
e7160bd8
JM		 1955 /*
1956 * If we are starting a new connection, any previously pending EAPOL
1957 * RX cannot be valid anymore.
1958 */
1959 wpabuf_free(wpa_s->pending_eapol_rx);
1960 wpa_s->pending_eapol_rx = NULL;
1961
a313d17d
JM		 1962 if (ssid->mac_addr == -1)
1963 rand_style = wpa_s->conf->mac_addr;
1964 else
1965 rand_style = ssid->mac_addr;
6fc6879b 1966
8c42b369
EP		 1967 wmm_ac_clear_saved_tspecs(wpa_s);
1968 wpa_s->reassoc_same_bss = 0;
6a5ee810 1969 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 1970#ifdef CONFIG_TESTING_OPTIONS
1971 wpa_s->testing_resend_assoc = 0;
1972#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 1973
c267753b
JM		 1974 if (wpa_s->last_ssid == ssid) {
1975 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 1976 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 1977 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1978 wmm_ac_save_tspecs(wpa_s);
1979 wpa_s->reassoc_same_bss = 1;
2bbad1c7
MW		 1980 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
1981 os_get_reltime(&wpa_s->roam_start);
8c42b369 1982 }
5d30f927
BR		 1983 }
1984
1985 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 1986 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 1987 return;
1988 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 1989 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 1990 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1991 wpa_msg(wpa_s, MSG_INFO,
1992 "Could not restore permanent MAC address");
1993 return;
1994 }
1995 wpa_s->mac_addr_changed = 0;
1996 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1997 wpa_msg(wpa_s, MSG_INFO,
1998 "Could not update MAC address information");
1999 return;
2000 }
2001 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2002 }
2003 wpa_s->last_ssid = ssid;
2004
78177a00
JM		 2005#ifdef CONFIG_IBSS_RSN
2006 ibss_rsn_deinit(wpa_s->ibss_rsn);
2007 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 2008#else /* CONFIG_IBSS_RSN */
2009 if (ssid->mode == WPAS_MODE_IBSS &&
2010 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2011 wpa_msg(wpa_s, MSG_INFO,
2012 "IBSS RSN not supported in the build");
2013 return;
2014 }
78177a00
JM		 2015#endif /* CONFIG_IBSS_RSN */
2016
2c5d725c
JM		 2017 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2018 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 2019#ifdef CONFIG_AP
2020 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 2021 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2022 "mode");
1581b38b
JM		 2023 return;
2024 }
8c981d17
DW		 2025 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2026 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 2027 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2028 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 2029 return;
2030 }
8f770587 2031 wpa_s->current_bss = bss;
1581b38b 2032#else /* CONFIG_AP */
f049052b
BG		 2033 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2034 "the build");
1581b38b
JM		 2035#endif /* CONFIG_AP */
2036 return;
2037 }
2038
603a3f34
JL		 2039 if (ssid->mode == WPAS_MODE_MESH) {
2040#ifdef CONFIG_MESH
2041 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2042 wpa_msg(wpa_s, MSG_INFO,
2043 "Driver does not support mesh mode");
2044 return;
2045 }
2046 if (bss)
2047 ssid->frequency = bss->freq;
2048 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2049 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2050 return;
2051 }
2052 wpa_s->current_bss = bss;
6174de66
JM		 2053 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2054 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2055 ssid->id);
89e9cd25 2056 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 2057#else /* CONFIG_MESH */
2058 wpa_msg(wpa_s, MSG_ERROR,
2059 "mesh mode support not included in the build");
2060#endif /* CONFIG_MESH */
2061 return;
2062 }
2063
2efc6720
JM		 2064 /*
2065 * Set WPA state machine configuration to match the selected network now
2066 * so that the information is available before wpas_start_assoc_cb()
2067 * gets called. This is needed at least for RSN pre-authentication where
2068 * candidate APs are added to a list based on scan result processing
2069 * before completion of the first association.
2070 */
2071 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2072
a0d5c56f
JM		 2073#ifdef CONFIG_DPP
2074 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2075 return;
2076#endif /* CONFIG_DPP */
2077
52c9e6f3 2078#ifdef CONFIG_TDLS
95cb2d88
JM		 2079 if (bss)
2080 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2081 bss->ie_len);
52c9e6f3
JM		 2082#endif /* CONFIG_TDLS */
2083
5cc4d64b 2084 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
f74618cb 2085 ssid->mode == WPAS_MODE_INFRA) {
c2a04078
JM		 2086 sme_authenticate(wpa_s, bss, ssid);
2087 return;
2088 }
2089
6ac4b15e
JM		 2090 if (wpa_s->connect_work) {
2091 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2092 return;
2093 }
2094
f0e30c84
JM		 2095 if (radio_work_pending(wpa_s, "connect")) {
2096 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2097 return;
2098 }
2099
a1836de6
JM		 2100#ifdef CONFIG_SME
2101 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2102 /* Clear possibly set auth_alg, if any, from last attempt. */
2103 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2104 }
2105#endif /* CONFIG_SME */
2106
4ead7cfd
KV		 2107 wpas_abort_ongoing_scan(wpa_s);
2108
6ac4b15e
JM		 2109 cwork = os_zalloc(sizeof(*cwork));
2110 if (cwork == NULL)
2111 return;
2112
2113 cwork->bss = bss;
2114 cwork->ssid = ssid;
2115
2116 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2117 wpas_start_assoc_cb, cwork) < 0) {
2118 os_free(cwork);
2119 }
2120}
2121
2122
98479dc9
JD		 2123static int bss_is_ibss(struct wpa_bss *bss)
2124{
2125 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2126 IEEE80211_CAP_IBSS;
2127}
2128
2129
a65efbfb
PO		 2130static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2131 const struct wpa_ssid *ssid)
2132{
2133 enum hostapd_hw_mode hw_mode;
2134 struct hostapd_hw_modes *mode = NULL;
2135 u8 channel;
2136 int i;
2137
a65efbfb
PO		 2138 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2139 if (hw_mode == NUM_HOSTAPD_MODES)
2140 return 0;
2141 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2142 if (wpa_s->hw.modes[i].mode == hw_mode) {
2143 mode = &wpa_s->hw.modes[i];
2144 break;
2145 }
2146 }
2147
2148 if (!mode)
2149 return 0;
2150
2151 return mode->vht_capab != 0;
2152}
2153
2154
54fe48b9
JM		 2155void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2156 const struct wpa_ssid *ssid,
2157 struct hostapd_freq_params *freq)
1830817e 2158{
3459c54a 2159 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
1830817e
JD		 2160 enum hostapd_hw_mode hw_mode;
2161 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2162 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2163 184, 192 };
563ee183 2164 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2165 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2166 u8 channel;
98479dc9 2167 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2168 unsigned int j, k;
563ee183 2169 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2170 int chwidth, seg0, seg1;
2171 u32 vht_caps = 0;
1830817e
JD		 2172
2173 freq->freq = ssid->frequency;
2174
98479dc9
JD		 2175 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2176 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2177
2178 if (ssid->mode != WPAS_MODE_IBSS)
2179 break;
2180
2181 /* Don't adjust control freq in case of fixed_freq */
2182 if (ssid->fixed_freq)
2183 break;
2184
2185 if (!bss_is_ibss(bss))
2186 continue;
2187
2188 if (ssid->ssid_len == bss->ssid_len &&
2189 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2190 wpa_printf(MSG_DEBUG,
2191 "IBSS already found in scan results, adjust control freq: %d",
2192 bss->freq);
2193 freq->freq = bss->freq;
2194 obss_scan = 0;
2195 break;
2196 }
2197 }
2198
1830817e
JD		 2199 /* For IBSS check HT_IBSS flag */
2200 if (ssid->mode == WPAS_MODE_IBSS &&
2201 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2202 return;
2203
d9a9bc04
JD		 2204 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2205 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2206 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2207 wpa_printf(MSG_DEBUG,
2208 "IBSS: WEP/TKIP detected, do not try to enable HT");
2209 return;
2210 }
2211
98479dc9 2212 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2213 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2214 if (wpa_s->hw.modes[i].mode == hw_mode) {
2215 mode = &wpa_s->hw.modes[i];
2216 break;
2217 }
2218 }
2219
2220 if (!mode)
2221 return;
2222
3459c54a
SE		 2223 /* HE can work without HT + VHT */
2224 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2225
3388e7b9
MH		 2226#ifdef CONFIG_HT_OVERRIDES
2227 if (ssid->disable_ht) {
2228 freq->ht_enabled = 0;
2229 return;
2230 }
2231#endif /* CONFIG_HT_OVERRIDES */
2232
1830817e 2233 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2234 if (!freq->ht_enabled)
2235 return;
2236
2237 /* Setup higher BW only for 5 GHz */
2238 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2239 return;
2240
2241 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2242 pri_chan = &mode->channels[chan_idx];
2243 if (pri_chan->chan == channel)
2244 break;
2245 pri_chan = NULL;
2246 }
2247 if (!pri_chan)
2248 return;
2249
2250 /* Check primary channel flags */
2251 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2252 return;
2253
e5a9b1e8
PO		 2254 freq->channel = pri_chan->chan;
2255
05aed438 2256#ifdef CONFIG_HT_OVERRIDES
e5a9b1e8
PO		 2257 if (ssid->disable_ht40) {
2258 if (ssid->disable_vht)
2259 return;
2260 goto skip_ht40;
2261 }
05aed438
MH		 2262#endif /* CONFIG_HT_OVERRIDES */
2263
6b8b0774
JD		 2264 /* Check/setup HT40+/HT40- */
2265 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2266 if (ht40plus[j] == channel) {
2267 ht40 = 1;
2268 break;
2269 }
2270 }
2271
2272 /* Find secondary channel */
2273 for (i = 0; i < mode->num_channels; i++) {
2274 sec_chan = &mode->channels[i];
2275 if (sec_chan->chan == channel + ht40 * 4)
2276 break;
2277 sec_chan = NULL;
2278 }
2279 if (!sec_chan)
2280 return;
2281
2282 /* Check secondary channel flags */
2283 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2284 return;
2285
ecba4509 2286 if (ht40 == -1) {
6b8b0774
JD		 2287 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2288 return;
ecba4509 2289 } else {
6b8b0774
JD		 2290 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2291 return;
6b8b0774 2292 }
ecba4509 2293 freq->sec_channel_offset = ht40;
6b8b0774 2294
ecba4509 2295 if (obss_scan) {
6b8b0774
JD		 2296 struct wpa_scan_results *scan_res;
2297
2298 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2299 if (scan_res == NULL) {
2300 /* Back to HT20 */
2301 freq->sec_channel_offset = 0;
2302 return;
2303 }
2304
2305 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2306 sec_chan->chan);
2307 switch (res) {
2308 case 0:
2309 /* Back to HT20 */
2310 freq->sec_channel_offset = 0;
2311 break;
2312 case 1:
2313 /* Configuration allowed */
2314 break;
2315 case 2:
2316 /* Switch pri/sec channels */
2317 freq->freq = hw_get_freq(mode, sec_chan->chan);
2318 freq->sec_channel_offset = -freq->sec_channel_offset;
2319 freq->channel = sec_chan->chan;
2320 break;
2321 default:
2322 freq->sec_channel_offset = 0;
2323 break;
2324 }
2325
2326 wpa_scan_results_free(scan_res);
2327 }
2328
e5a9b1e8
PO		 2329#ifdef CONFIG_HT_OVERRIDES
2330skip_ht40:
2331#endif /* CONFIG_HT_OVERRIDES */
6b8b0774
JD		 2332 wpa_printf(MSG_DEBUG,
2333 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2334 freq->channel, freq->sec_channel_offset);
563ee183 2335
a65efbfb 2336 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2337 return;
2338
2339 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2340 if (ssid->mode == WPAS_MODE_IBSS &&
2341 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2342 return;
2343
2344 vht_freq = *freq;
2345
b301f54e
JM		 2346#ifdef CONFIG_VHT_OVERRIDES
2347 if (ssid->disable_vht) {
2348 freq->vht_enabled = 0;
2349 return;
2350 }
2351#endif /* CONFIG_VHT_OVERRIDES */
2352
563ee183
JD		 2353 vht_freq.vht_enabled = vht_supported(mode);
2354 if (!vht_freq.vht_enabled)
2355 return;
2356
2357 /* setup center_freq1, bandwidth */
2358 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2359 if (freq->channel >= vht80[j] &&
2360 freq->channel < vht80[j] + 16)
2361 break;
2362 }
2363
2364 if (j == ARRAY_SIZE(vht80))
2365 return;
2366
2367 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2368 struct hostapd_channel_data *chan;
2369
2370 chan = hw_get_channel_chan(mode, i, NULL);
2371 if (!chan)
2372 return;
2373
2374 /* Back to HT configuration if channel not usable */
2375 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2376 return;
2377 }
2378
464dcfd0 2379 chwidth = CHANWIDTH_80MHZ;
0f29bc68
AK		 2380 seg0 = vht80[j] + 6;
2381 seg1 = 0;
2382
464dcfd0 2383 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
0f29bc68
AK		 2384 /* setup center_freq2, bandwidth */
2385 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2386 /* Only accept 80 MHz segments separated by a gap */
2387 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2388 continue;
2389 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2390 struct hostapd_channel_data *chan;
2391
2392 chan = hw_get_channel_chan(mode, i, NULL);
2393 if (!chan)
2394 continue;
2395
2396 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2397 HOSTAPD_CHAN_NO_IR |
2398 HOSTAPD_CHAN_RADAR))
2399 continue;
2400
2401 /* Found a suitable second segment for 80+80 */
464dcfd0 2402 chwidth = CHANWIDTH_80P80MHZ;
0f29bc68
AK		 2403 vht_caps |=
2404 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2405 seg1 = vht80[k] + 6;
2406 }
2407
464dcfd0 2408 if (chwidth == CHANWIDTH_80P80MHZ)
0f29bc68
AK		 2409 break;
2410 }
464dcfd0 2411 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
331f0774 2412 if (freq->freq == 5180) {
464dcfd0 2413 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2414 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2415 seg0 = 50;
2416 } else if (freq->freq == 5520) {
464dcfd0 2417 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2418 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2419 seg0 = 114;
2420 }
464dcfd0
JC		 2421 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2422 chwidth = CHANWIDTH_USE_HT;
806db174 2423 seg0 = vht80[j] + 2;
e5a9b1e8
PO		 2424#ifdef CONFIG_HT_OVERRIDES
2425 if (ssid->disable_ht40)
2426 seg0 = 0;
2427#endif /* CONFIG_HT_OVERRIDES */
0f29bc68
AK		 2428 }
2429
563ee183
JD		 2430 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2431 freq->channel, freq->ht_enabled,
3459c54a 2432 vht_freq.vht_enabled, freq->he_enabled,
563ee183 2433 freq->sec_channel_offset,
3459c54a
SE		 2434 chwidth, seg0, seg1, vht_caps,
2435 &mode->he_capab[ieee80211_mode]) != 0)
563ee183
JD		 2436 return;
2437
2438 *freq = vht_freq;
2439
2440 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2441 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2442}
2443
2444
a38090b1
VK		 2445#ifdef CONFIG_FILS
2446static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2447 size_t ie_buf_len)
2448{
2449 struct fils_hlp_req *req;
2450 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2451 const u8 *pos;
2452 u8 *buf = ie_buf;
2453
2454 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2455 list) {
2456 rem_len = ie_buf_len - ie_len;
2457 pos = wpabuf_head(req->pkt);
2458 hdr_len = 1 + 2 * ETH_ALEN + 6;
2459 hlp_len = wpabuf_len(req->pkt);
2460
2461 if (rem_len < 2 + hdr_len + hlp_len) {
2462 wpa_printf(MSG_ERROR,
2463 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2464 (unsigned long) rem_len,
2465 (unsigned long) (2 + hdr_len + hlp_len));
2466 break;
2467 }
2468
2469 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2470 /* Element ID */
2471 *buf++ = WLAN_EID_EXTENSION;
2472 /* Length */
2473 *buf++ = len;
2474 /* Element ID Extension */
2475 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2476 /* Destination MAC address */
2477 os_memcpy(buf, req->dst, ETH_ALEN);
2478 buf += ETH_ALEN;
2479 /* Source MAC address */
2480 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2481 buf += ETH_ALEN;
2482 /* LLC/SNAP Header */
2483 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2484 buf += 6;
2485 /* HLP Packet */
2486 os_memcpy(buf, pos, len - hdr_len);
2487 buf += len - hdr_len;
2488 pos += len - hdr_len;
2489
2490 hlp_len -= len - hdr_len;
2491 ie_len += 2 + len;
2492 rem_len -= 2 + len;
2493
2494 while (hlp_len) {
2495 len = (hlp_len > 255) ? 255 : hlp_len;
2496 if (rem_len < 2 + len)
2497 break;
2498 *buf++ = WLAN_EID_FRAGMENT;
2499 *buf++ = len;
2500 os_memcpy(buf, pos, len);
2501 buf += len;
2502 pos += len;
2503
2504 hlp_len -= len;
2505 ie_len += 2 + len;
2506 rem_len -= 2 + len;
2507 }
2508 }
2509
2510 return ie_len;
2511}
e4802127
MH		 2512
2513
2514int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2515{
2516 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2517 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2518 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2519 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2520}
2521
2522
2523int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2524{
2525#ifdef CONFIG_FILS_SK_PFS
2526 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2527 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2528#else /* CONFIG_FILS_SK_PFS */
2529 return 0;
2530#endif /* CONFIG_FILS_SK_PFS */
2531}
2532
a38090b1
VK		 2533#endif /* CONFIG_FILS */
2534
2535
d2ba0d71
VK		 2536static u8 * wpas_populate_assoc_ies(
2537 struct wpa_supplicant *wpa_s,
2538 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2539 struct wpa_driver_associate_params *params,
2540 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2541{
1e6780bd 2542 u8 *wpa_ie;
10970465 2543 size_t max_wpa_ie_len = 500;
6ac4b15e 2544 size_t wpa_ie_len;
6ac4b15e 2545 int algs = WPA_AUTH_ALG_OPEN;
077232f6
BL		 2546#ifdef CONFIG_MBO
2547 const u8 *mbo_ie;
2548#endif
eb3234c0
SM		 2549#ifdef CONFIG_SAE
2550 int sae_pmksa_cached = 0;
2551#endif /* CONFIG_SAE */
8b0a6dba
VK		 2552#ifdef CONFIG_FILS
2553 const u8 *realm, *username, *rrk;
2554 size_t realm_len, username_len, rrk_len;
2555 u16 next_seq_num;
b377ec25 2556 struct fils_hlp_req *req;
6fc6879b 2557
b377ec25
VK		 2558 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2559 list) {
2560 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2561 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2562 }
2563#endif /* CONFIG_FILS */
8b0a6dba 2564
1e6780bd
VK		 2565 wpa_ie = os_malloc(max_wpa_ie_len);
2566 if (!wpa_ie) {
2567 wpa_printf(MSG_ERROR,
2568 "Failed to allocate connect IE buffer for %lu bytes",
2569 (unsigned long) max_wpa_ie_len);
d2ba0d71 2570 return NULL;
1e6780bd
VK		 2571 }
2572
6fa81a3b
JM		 2573 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2574 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2575 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2576 int try_opportunistic;
79f3121b
VK		 2577 const u8 *cache_id = NULL;
2578
6e202021
JM		 2579 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2580 wpa_s->conf->okc :
2581 ssid->proactive_key_caching) &&
6fc6879b 2582 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2583#ifdef CONFIG_FILS
2584 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2585 cache_id = wpa_bss_get_fils_cache_id(bss);
2586#endif /* CONFIG_FILS */
6fc6879b 2587 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2588 ssid, try_opportunistic,
eb3234c0 2589 cache_id, 0) == 0) {
ba422613 2590 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
eb3234c0
SM		 2591#ifdef CONFIG_SAE
2592 sae_pmksa_cached = 1;
2593#endif /* CONFIG_SAE */
2594 }
1e6780bd 2595 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2596 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2597 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2598 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2599 "key management and encryption suites");
1e6780bd 2600 os_free(wpa_ie);
d2ba0d71 2601 return NULL;
6fc6879b 2602 }
dc673aec
JM		 2603#ifdef CONFIG_HS20
2604 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2605 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2606 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2607 wpa_ie_len = max_wpa_ie_len;
2608 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2609 wpa_ie, &wpa_ie_len)) {
2610 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2611 "key management and encryption suites");
2612 os_free(wpa_ie);
2613 return NULL;
2614 }
2615#endif /* CONFIG_HS20 */
a3f7e518
JM		 2616 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2617 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2618 /*
2619 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2620 * use non-WPA since the scan results did not indicate that the
2621 * AP is using WPA or WPA2.
2622 */
2623 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2624 wpa_ie_len = 0;
2625 wpa_s->wpa_proto = 0;
0bf927a0 2626 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2627 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2628 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2629 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2630 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2631 "key management and encryption suites (no "
2632 "scan results)");
1e6780bd 2633 os_free(wpa_ie);
d2ba0d71 2634 return NULL;
6fc6879b 2635 }
ad08c363
JM		 2636#ifdef CONFIG_WPS
2637 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2638 struct wpabuf *wps_ie;
2639 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2640 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2641 wpa_ie_len = wpabuf_len(wps_ie);
2642 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2643 } else
2644 wpa_ie_len = 0;
ad08c363
JM		 2645 wpabuf_free(wps_ie);
2646 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2647 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2648 params->wps = WPS_MODE_PRIVACY;
0c80427d 2649 else
d2ba0d71 2650 params->wps = WPS_MODE_OPEN;
cf546f1a 2651 wpa_s->wpa_proto = 0;
ad08c363 2652#endif /* CONFIG_WPS */
6fc6879b
JM		 2653 } else {
2654 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2655 wpa_ie_len = 0;
cf546f1a 2656 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2657 }
2658
b377ec25
VK		 2659#ifdef IEEE8021X_EAPOL
2660 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2661 if (ssid->leap) {
2662 if (ssid->non_leap == 0)
2663 algs = WPA_AUTH_ALG_LEAP;
2664 else
2665 algs |= WPA_AUTH_ALG_LEAP;
2666 }
2667 }
2668
2669#ifdef CONFIG_FILS
2670 /* Clear FILS association */
2671 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2672
2673 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2674 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2675 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2676 &username_len, &realm, &realm_len,
af835d75
AB		 2677 &next_seq_num, &rrk, &rrk_len) == 0 &&
2678 (!wpa_s->last_con_fail_realm ||
2679 wpa_s->last_con_fail_realm_len != realm_len ||
2680 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
b377ec25 2681 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2682 params->fils_erp_username = username;
2683 params->fils_erp_username_len = username_len;
2684 params->fils_erp_realm = realm;
2685 params->fils_erp_realm_len = realm_len;
2686 params->fils_erp_next_seq_num = next_seq_num;
2687 params->fils_erp_rrk = rrk;
2688 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2689
2690 if (mask)
2691 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2692 }
2693#endif /* CONFIG_FILS */
2694#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2695#ifdef CONFIG_SAE
2696 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2697 algs = WPA_AUTH_ALG_SAE;
2698#endif /* CONFIG_SAE */
b377ec25
VK		 2699
2700 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2701 if (ssid->auth_alg) {
2702 algs = ssid->auth_alg;
2703 wpa_dbg(wpa_s, MSG_DEBUG,
2704 "Overriding auth_alg selection: 0x%x", algs);
2705 }
2706
eb3234c0
SM		 2707#ifdef CONFIG_SAE
2708 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2709 wpa_dbg(wpa_s, MSG_DEBUG,
2710 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2711 algs = WPA_AUTH_ALG_OPEN;
2712 }
2713#endif /* CONFIG_SAE */
2714
5f3a6aa0
JM		 2715#ifdef CONFIG_P2P
2716 if (wpa_s->global->p2p) {
2717 u8 *pos;
2718 size_t len;
2719 int res;
5f3a6aa0 2720 pos = wpa_ie + wpa_ie_len;
1e6780bd 2721 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2722 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2723 ssid->p2p_group);
5f3a6aa0
JM		 2724 if (res >= 0)
2725 wpa_ie_len += res;
2726 }
72044390
JM		 2727
2728 wpa_s->cross_connect_disallowed = 0;
2729 if (bss) {
2730 struct wpabuf *p2p;
2731 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2732 if (p2p) {
2733 wpa_s->cross_connect_disallowed =
2734 p2p_get_cross_connect_disallowed(p2p);
2735 wpabuf_free(p2p);
f049052b
BG		 2736 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2737 "connection",
2738 wpa_s->cross_connect_disallowed ?
2739 "disallows" : "allows");
72044390
JM		 2740 }
2741 }
25ef8529
JM		 2742
2743 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2744#endif /* CONFIG_P2P */
2745
5e57ba25 2746 if (bss) {
cb828507 2747 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
065c029a 2748 wpa_ie + wpa_ie_len,
1e6780bd 2749 max_wpa_ie_len -
065c029a 2750 wpa_ie_len);
5e57ba25 2751 }
5e57ba25 2752
8b3b803a
AH		 2753 /*
2754 * Workaround: Add Extended Capabilities element only if the AP
2755 * included this element in Beacon/Probe Response frames. Some older
2756 * APs seem to have interoperability issues if this element is
2757 * included, so while the standard may require us to include the
2758 * element in all cases, it is justifiable to skip it to avoid
2759 * interoperability issues.
2760 */
cc9a2575
KV		 2761 if (ssid->p2p_group)
2762 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2763 else
2764 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2765
8b3b803a 2766 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2767 u8 ext_capab[18];
8b3b803a 2768 int ext_capab_len;
0bbaa9b9
JM		 2769 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2770 sizeof(ext_capab));
2c66c7d1
AA		 2771 if (ext_capab_len > 0 &&
2772 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2773 u8 *pos = wpa_ie;
2774 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2775 pos += 2 + pos[1];
2776 os_memmove(pos + ext_capab_len, pos,
2777 wpa_ie_len - (pos - wpa_ie));
2778 wpa_ie_len += ext_capab_len;
2779 os_memcpy(pos, ext_capab, ext_capab_len);
2780 }
92cbcf91 2781 }
92cbcf91 2782
c484b198
AS		 2783#ifdef CONFIG_HS20
2784 if (is_hs20_network(wpa_s, ssid, bss)) {
2785 struct wpabuf *hs20;
2786
4204669c 2787 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2788 if (hs20) {
2789 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2790 size_t len;
2791
ec2cf403
JM		 2792 wpas_hs20_add_indication(hs20, pps_mo_id,
2793 get_hs20_version(bss));
4204669c 2794 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2795 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2796 if (wpabuf_len(hs20) <= len) {
2797 os_memcpy(wpa_ie + wpa_ie_len,
2798 wpabuf_head(hs20), wpabuf_len(hs20));
2799 wpa_ie_len += wpabuf_len(hs20);
2800 }
2801 wpabuf_free(hs20);
ece4ac5f
MG		 2802
2803 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2804 }
2805 }
2806#endif /* CONFIG_HS20 */
2807
d29fa3a7
JM		 2808 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2809 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2810 size_t len;
2811
1e6780bd 2812 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2813 if (wpabuf_len(buf) <= len) {
2814 os_memcpy(wpa_ie + wpa_ie_len,
2815 wpabuf_head(buf), wpabuf_len(buf));
2816 wpa_ie_len += wpabuf_len(buf);
2817 }
2818 }
2819
b36a3a65
AN		 2820#ifdef CONFIG_FST
2821 if (wpa_s->fst_ies) {
2822 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2823
1e6780bd 2824 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2825 os_memcpy(wpa_ie + wpa_ie_len,
2826 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2827 wpa_ie_len += fst_ies_len;
2828 }
2829 }
2830#endif /* CONFIG_FST */
2831
92c6e2e3 2832#ifdef CONFIG_MBO
077232f6
BL		 2833 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2834 if (mbo_ie) {
5e57ba25 2835 int len;
92c6e2e3 2836
5e57ba25 2837 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
077232f6
BL		 2838 max_wpa_ie_len - wpa_ie_len,
2839 !!mbo_attr_from_mbo_ie(mbo_ie,
2840 OCE_ATTR_ID_CAPA_IND));
5e57ba25
AS		 2841 if (len >= 0)
2842 wpa_ie_len += len;
92c6e2e3
DS		 2843 }
2844#endif /* CONFIG_MBO */
2845
a38090b1
VK		 2846#ifdef CONFIG_FILS
2847 if (algs == WPA_AUTH_ALG_FILS) {
2848 size_t len;
2849
2850 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2851 max_wpa_ie_len - wpa_ie_len);
2852 wpa_ie_len += len;
2853 }
2854#endif /* CONFIG_FILS */
2855
10970465 2856#ifdef CONFIG_OWE
5f30b69c
JM		 2857#ifdef CONFIG_TESTING_OPTIONS
2858 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2859 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2860 } else
2861#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2862 if (algs == WPA_AUTH_ALG_OPEN &&
2863 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2864 struct wpabuf *owe_ie;
2cb40e9f 2865 u16 group;
10970465 2866
2cb40e9f 2867 if (ssid->owe_group) {
10970465 2868 group = ssid->owe_group;
698c9e20
AK		 2869 } else if (wpa_s->assoc_status_code ==
2870 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2cb40e9f
JM		 2871 if (wpa_s->last_owe_group == 19)
2872 group = 20;
2873 else if (wpa_s->last_owe_group == 20)
2874 group = 21;
2875 else
2876 group = OWE_DH_GROUP;
698c9e20
AK		 2877 } else {
2878 group = OWE_DH_GROUP;
2cb40e9f 2879 }
698c9e20 2880
2cb40e9f
JM		 2881 wpa_s->last_owe_group = group;
2882 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 2883 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2884 if (owe_ie &&
2885 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2886 os_memcpy(wpa_ie + wpa_ie_len,
2887 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2888 wpa_ie_len += wpabuf_len(owe_ie);
10970465 2889 }
04879671 2890 wpabuf_free(owe_ie);
10970465
JM		 2891 }
2892#endif /* CONFIG_OWE */
2893
10ec6a5f
JM		 2894#ifdef CONFIG_DPP2
2895 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
2896 ssid->dpp_netaccesskey) {
2897 dpp_pfs_free(wpa_s->dpp_pfs);
2898 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
2899 ssid->dpp_netaccesskey_len);
2900 if (!wpa_s->dpp_pfs) {
2901 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
2902 /* Try to continue without PFS */
2903 goto pfs_fail;
2904 }
2905 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
2906 max_wpa_ie_len - wpa_ie_len) {
2907 os_memcpy(wpa_ie + wpa_ie_len,
2908 wpabuf_head(wpa_s->dpp_pfs->ie),
2909 wpabuf_len(wpa_s->dpp_pfs->ie));
2910 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
2911 }
2912 }
2913pfs_fail:
2914#endif /* CONFIG_DPP2 */
2915
3dc3afe2
AM		 2916#ifdef CONFIG_IEEE80211R
2917 /*
2918 * Add MDIE under these conditions: the network profile allows FT,
2919 * the AP supports FT, and the mobility domain ID matches.
2920 */
88bf44be 2921 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3dc3afe2
AM		 2922 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2923
2924 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 2925 size_t len = 0;
3dc3afe2
AM		 2926 const u8 *md = mdie + 2;
2927 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
2928
2929 if (os_memcmp(md, wpa_md,
2930 MOBILITY_DOMAIN_ID_LEN) == 0) {
2931 /* Add mobility domain IE */
86c998d3 2932 len = wpa_ft_add_mdie(
3dc3afe2
AM		 2933 wpa_s->wpa, wpa_ie + wpa_ie_len,
2934 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 2935 wpa_ie_len += len;
3dc3afe2 2936 }
86c998d3
AM		 2937#ifdef CONFIG_SME
2938 if (len > 0 && wpa_s->sme.ft_used &&
2939 wpa_sm_has_ptk(wpa_s->wpa)) {
2940 wpa_dbg(wpa_s, MSG_DEBUG,
2941 "SME: Trying to use FT over-the-air");
2942 algs |= WPA_AUTH_ALG_FT;
2943 }
2944#endif /* CONFIG_SME */
3dc3afe2
AM		 2945 }
2946 }
2947#endif /* CONFIG_IEEE80211R */
2948
5abc7823
VN		 2949 if (ssid->multi_ap_backhaul_sta) {
2950 size_t multi_ap_ie_len;
2951
2952 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
2953 max_wpa_ie_len - wpa_ie_len,
2954 MULTI_AP_BACKHAUL_STA);
2955 if (multi_ap_ie_len == 0) {
2956 wpa_printf(MSG_ERROR,
2957 "Multi-AP: Failed to build Multi-AP IE");
2958 os_free(wpa_ie);
2959 return NULL;
2960 }
2961 wpa_ie_len += multi_ap_ie_len;
2962 }
2963
d2ba0d71
VK		 2964 params->wpa_ie = wpa_ie;
2965 params->wpa_ie_len = wpa_ie_len;
2966 params->auth_alg = algs;
6338c99e
VK		 2967 if (mask)
2968 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 2969
2970 return wpa_ie;
2971}
2972
2973
e0b331d8
SD		 2974#ifdef CONFIG_OWE
2975static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
2976{
2977 struct wpa_driver_associate_params params;
2978 u8 *wpa_ie;
2979
2980 os_memset(&params, 0, sizeof(params));
2981 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
2982 wpa_s->current_ssid, &params, NULL);
2983 if (!wpa_ie)
2984 return;
2985
2986 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
2987 os_free(wpa_ie);
2988}
2989#endif /* CONFIG_OWE */
2990
2991
6338c99e
VK		 2992#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2993static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
2994{
2995 struct wpa_driver_associate_params params;
2996 enum wpa_drv_update_connect_params_mask mask = 0;
2997 u8 *wpa_ie;
2998
2999 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3000 return; /* nothing to do */
3001
3002 os_memset(&params, 0, sizeof(params));
3003 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3004 wpa_s->current_ssid, &params, &mask);
3005 if (!wpa_ie)
3006 return;
3007
3008 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3009 os_free(wpa_ie);
3010 return;
3011 }
3012
3013 wpa_s->auth_alg = params.auth_alg;
3014 wpa_drv_update_connect_params(wpa_s, &params, mask);
3015 os_free(wpa_ie);
3016}
3017#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3018
3019
822c756e
AB		 3020#ifdef CONFIG_MBO
3021void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3022{
3023 struct wpa_driver_associate_params params;
3024 u8 *wpa_ie;
3025
3026 /*
3027 * Update MBO connect params only in case of change of MBO attributes
3028 * when connected, if the AP support MBO.
3029 */
3030
3031 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3032 !wpa_s->current_bss ||
3033 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3034 return;
3035
3036 os_memset(&params, 0, sizeof(params));
3037 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3038 wpa_s->current_ssid, &params, NULL);
3039 if (!wpa_ie)
3040 return;
3041
3042 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3043 os_free(wpa_ie);
3044}
3045#endif /* CONFIG_MBO */
3046
3047
d2ba0d71
VK		 3048static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3049{
3050 struct wpa_connect_work *cwork = work->ctx;
3051 struct wpa_bss *bss = cwork->bss;
3052 struct wpa_ssid *ssid = cwork->ssid;
3053 struct wpa_supplicant *wpa_s = work->wpa_s;
3054 u8 *wpa_ie;
3055 int use_crypt, ret, i, bssid_changed;
3056 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3057 struct wpa_driver_associate_params params;
3058 int wep_keys_set = 0;
3059 int assoc_failed = 0;
3060 struct wpa_ssid *old_ssid;
3061 u8 prev_bssid[ETH_ALEN];
3062#ifdef CONFIG_HT_OVERRIDES
3063 struct ieee80211_ht_capabilities htcaps;
3064 struct ieee80211_ht_capabilities htcaps_mask;
3065#endif /* CONFIG_HT_OVERRIDES */
3066#ifdef CONFIG_VHT_OVERRIDES
3067 struct ieee80211_vht_capabilities vhtcaps;
3068 struct ieee80211_vht_capabilities vhtcaps_mask;
3069#endif /* CONFIG_VHT_OVERRIDES */
3070
3071 if (deinit) {
3072 if (work->started) {
3073 wpa_s->connect_work = NULL;
3074
3075 /* cancel possible auth. timeout */
3076 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3077 NULL);
3078 }
3079 wpas_connect_work_free(cwork);
3080 return;
3081 }
3082
3083 wpa_s->connect_work = work;
3084
3085 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3086 wpas_network_disabled(wpa_s, ssid)) {
3087 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3088 wpas_connect_work_done(wpa_s);
3089 return;
3090 }
3091
3092 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3093 os_memset(&params, 0, sizeof(params));
3094 wpa_s->reassociate = 0;
3095 wpa_s->eap_expected_failure = 0;
3096 if (bss &&
3097 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3098#ifdef CONFIG_IEEE80211R
3099 const u8 *ie, *md = NULL;
3100#endif /* CONFIG_IEEE80211R */
3101 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3102 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3103 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3104 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3105 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3106 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3107 if (bssid_changed)
3108 wpas_notify_bssid_changed(wpa_s);
3109#ifdef CONFIG_IEEE80211R
3110 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3111 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3112 md = ie + 2;
3113 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3114 if (md) {
3115 /* Prepare for the next transition */
3116 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3117 }
3118#endif /* CONFIG_IEEE80211R */
3119#ifdef CONFIG_WPS
3120 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3121 wpa_s->conf->ap_scan == 2 &&
3122 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3123 /* Use ap_scan==1 style network selection to find the network
3124 */
3125 wpas_connect_work_done(wpa_s);
3126 wpa_s->scan_req = MANUAL_SCAN_REQ;
3127 wpa_s->reassociate = 1;
3128 wpa_supplicant_req_scan(wpa_s, 0, 0);
3129 return;
3130#endif /* CONFIG_WPS */
3131 } else {
3132 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3133 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3134 if (bss)
3135 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3136 else
3137 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3138 }
3139 if (!wpa_s->pno)
3140 wpa_supplicant_cancel_sched_scan(wpa_s);
3141
3142 wpa_supplicant_cancel_scan(wpa_s);
3143
3144 /* Starting new association, so clear the possibly used WPA IE from the
3145 * previous association. */
3146 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3147
6338c99e 3148 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 3149 if (!wpa_ie) {
3150 wpas_connect_work_done(wpa_s);
3151 return;
3152 }
3153
6fc6879b
JM		 3154 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3155 use_crypt = 1;
4848a38d
JM		 3156 cipher_pairwise = wpa_s->pairwise_cipher;
3157 cipher_group = wpa_s->group_cipher;
61a56c14 3158 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 3159 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3160 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3161 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3162 use_crypt = 0;
3163 if (wpa_set_wep_keys(wpa_s, ssid)) {
3164 use_crypt = 1;
3165 wep_keys_set = 1;
3166 }
3167 }
ad08c363
JM		 3168 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3169 use_crypt = 0;
6fc6879b
JM		 3170
3171#ifdef IEEE8021X_EAPOL
3172 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3173 if ((ssid->eapol_flags &
3174 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3175 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3176 !wep_keys_set) {
3177 use_crypt = 0;
3178 } else {
3179 /* Assume that dynamic WEP-104 keys will be used and
3180 * set cipher suites in order for drivers to expect
3181 * encryption. */
4848a38d 3182 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 3183 }
3184 }
3185#endif /* IEEE8021X_EAPOL */
3186
3187 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3188 /* Set the key before (and later after) association */
3189 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3190 }
3191
6fc6879b 3192 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 3193 if (bss) {
6fa81a3b
JM		 3194 params.ssid = bss->ssid;
3195 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 3196 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3197 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 3198 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3199 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 3200 "(bssid_set=%d wps=%d)",
f15854d1 3201 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 3202 ssid->bssid_set,
3203 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 3204 params.bssid = bss->bssid;
4ec68377 3205 params.freq.freq = bss->freq;
22628eca 3206 }
7ac7fd43
DS		 3207 params.bssid_hint = bss->bssid;
3208 params.freq_hint = bss->freq;
b9074912 3209 params.pbss = bss_is_pbss(bss);
6fc6879b 3210 } else {
43a356b2
PK		 3211 if (ssid->bssid_hint_set)
3212 params.bssid_hint = ssid->bssid_hint;
3213
6fc6879b
JM		 3214 params.ssid = ssid->ssid;
3215 params.ssid_len = ssid->ssid_len;
90f14962 3216 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 3217 }
9e2af29f
NC		 3218
3219 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3220 wpa_s->conf->ap_scan == 2) {
3221 params.bssid = ssid->bssid;
3222 params.fixed_bssid = 1;
3223 }
3224
603a3f34
JL		 3225 /* Initial frequency for IBSS/mesh */
3226 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 3227 ssid->frequency > 0 && params.freq.freq == 0)
3228 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 3229
8f05577d 3230 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 3231 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 3232 if (ssid->beacon_int)
3233 params.beacon_int = ssid->beacon_int;
3234 else
3235 params.beacon_int = wpa_s->conf->beacon_int;
3236 }
3237
6fc6879b
JM		 3238 params.pairwise_suite = cipher_pairwise;
3239 params.group_suite = cipher_group;
61a56c14 3240 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 3241 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 3242 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 3243 wpa_s->auth_alg = params.auth_alg;
6fc6879b 3244 params.mode = ssid->mode;
1f6c0ab8 3245 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 3246 for (i = 0; i < NUM_WEP_KEYS; i++) {
3247 if (ssid->wep_key_len[i])
3248 params.wep_key[i] = ssid->wep_key[i];
3249 params.wep_key_len[i] = ssid->wep_key_len[i];
3250 }
3251 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3252
436ee2fd 3253 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4848a38d
JM		 3254 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3255 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3256 params.passphrase = ssid->passphrase;
3257 if (ssid->psk_set)
3258 params.psk = ssid->psk;
b41f2684
CL		 3259 }
3260
d896874f
AS		 3261 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3262 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3263 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3264 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3265 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
cb28bd52 3266 params.req_handshake_offload = 1;
d896874f 3267
b41f2684
CL		 3268 if (wpa_s->conf->key_mgmt_offload) {
3269 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3270 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3271 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3272 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3273 params.req_key_mgmt_offload =
3274 ssid->proactive_key_caching < 0 ?
3275 wpa_s->conf->okc : ssid->proactive_key_caching;
3276 else
3277 params.req_key_mgmt_offload = 1;
3278
3279 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3280 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3281 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3282 ssid->psk_set)
3283 params.psk = ssid->psk;
6fc6879b
JM		 3284 }
3285
36b15723
JM		 3286 params.drop_unencrypted = use_crypt;
3287
6fc6879b 3288#ifdef CONFIG_IEEE80211W
3f56a2b7 3289 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3290 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3291 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3292 struct wpa_ie_data ie;
3293 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3294 ie.capabilities &
3295 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3296 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3297 "MFP: require MFP");
97d3497e
JM		 3298 params.mgmt_frame_protection =
3299 MGMT_FRAME_PROTECTION_REQUIRED;
cf94626c
PK		 3300#ifdef CONFIG_OWE
3301 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3302 !ssid->owe_only) {
3303 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3304#endif /* CONFIG_OWE */
97d3497e
JM		 3305 }
3306 }
6fc6879b
JM		 3307#endif /* CONFIG_IEEE80211W */
3308
ffad8858 3309 params.p2p = ssid->p2p_group;
6e3f4b89 3310
ba307f85
LD		 3311 if (wpa_s->p2pdev->set_sta_uapsd)
3312 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3313 else
3314 params.uapsd = -1;
3315
80e8a5ee
BG		 3316#ifdef CONFIG_HT_OVERRIDES
3317 os_memset(&htcaps, 0, sizeof(htcaps));
3318 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3319 params.htcaps = (u8 *) &htcaps;
3320 params.htcaps_mask = (u8 *) &htcaps_mask;
3321 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3322#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3323#ifdef CONFIG_VHT_OVERRIDES
3324 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3325 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3326 params.vhtcaps = &vhtcaps;
3327 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3328 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3329#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3330
8567866d
JJ		 3331#ifdef CONFIG_P2P
3332 /*
3333 * If multi-channel concurrency is not supported, check for any
3334 * frequency conflict. In case of any frequency conflict, remove the
3335 * least prioritized connection.
3336 */
3337 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3338 int freq, num;
3339 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3340 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3341 wpa_printf(MSG_DEBUG,
3342 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3343 freq, params.freq.freq);
3344 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3345 wpa_s, params.freq.freq, ssid) < 0) {
3346 wpas_connect_work_done(wpa_s);
1e6780bd 3347 os_free(wpa_ie);
8567866d 3348 return;
74656400 3349 }
8567866d
JJ		 3350 }
3351 }
3352#endif /* CONFIG_P2P */
3353
6a5ee810
JM		 3354 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3355 wpa_s->current_ssid)
3356 params.prev_bssid = prev_bssid;
3357
17fbb751 3358 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3359 os_free(wpa_ie);
6fc6879b
JM		 3360 if (ret < 0) {
3361 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3362 "failed");
871f4dd0
JM		 3363 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3364 /*
3365 * The driver is known to mean what is saying, so we
3366 * can stop right here; the association will not
3367 * succeed.
3368 */
3369 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3370 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3371 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3372 return;
3373 }
6fc6879b
JM		 3374 /* try to continue anyway; new association will be tried again
3375 * after timeout */
3376 assoc_failed = 1;
3377 }
3378
3379 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3380 /* Set the key after the association just in case association
3381 * cleared the previously configured key. */
3382 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3383 /* No need to timeout authentication since there is no key
3384 * management. */
3385 wpa_supplicant_cancel_auth_timeout(wpa_s);
3386 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3387#ifdef CONFIG_IBSS_RSN
d7dcba70 3388 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3389 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3390 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3391 /*
3392 * RSN IBSS authentication is per-STA and we can disable the
3393 * per-BSSID authentication.
3394 */
3395 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3396#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3397 } else {
3398 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3399 int timeout = 60;
3400
3401 if (assoc_failed) {
3402 /* give IBSS a bit more time */
d7dcba70 3403 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3404 } else if (wpa_s->conf->ap_scan == 1) {
3405 /* give IBSS a bit more time */
d7dcba70 3406 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3407 }
6fc6879b
JM		 3408 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3409 }
3410
66562e9c
JM		 3411 if (wep_keys_set &&
3412 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3413 /* Set static WEP keys again */
3414 wpa_set_wep_keys(wpa_s, ssid);
3415 }
3416
3417 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3418 /*
3419 * Do not allow EAP session resumption between different
3420 * network configurations.
3421 */
3422 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3423 }
8bac466b 3424 old_ssid = wpa_s->current_ssid;
6fc6879b 3425 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3426
3427 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3428 wpa_s->current_bss = bss;
ece4ac5f
MG		 3429#ifdef CONFIG_HS20
3430 hs20_configure_frame_filters(wpa_s);
3431#endif /* CONFIG_HS20 */
3432 }
3433
6fc6879b
JM		 3434 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3435 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3436 if (old_ssid != wpa_s->current_ssid)
3437 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3438}
3439
3440
09f58c09
JM		 3441static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3442 const u8 *addr)
3443{
3444 struct wpa_ssid *old_ssid;
3445
c155305f 3446 wpas_connect_work_done(wpa_s);
09f58c09 3447 wpa_clear_keys(wpa_s, addr);
09f58c09 3448 old_ssid = wpa_s->current_ssid;
0d30cc24 3449 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3450 wpa_sm_set_config(wpa_s->wpa, NULL);
3451 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3452 if (old_ssid != wpa_s->current_ssid)
3453 wpas_notify_network_changed(wpa_s);
3454 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3455}
3456
3457
6fc6879b
JM		 3458/**
3459 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3460 * @wpa_s: Pointer to wpa_supplicant data
3461 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3462 *
073ab58f 3463 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3464 * current AP.
3465 */
3466void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4be17ffb 3467 u16 reason_code)
6fc6879b
JM		 3468{
3469 u8 *addr = NULL;
ef48ff94 3470 union wpa_event_data event;
42d23547 3471 int zero_addr = 0;
8bac466b 3472
42d23547 3473 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
cfde99a8 3474 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
42d23547 3475 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
cfde99a8
AK		 3476 reason_code, reason2str(reason_code),
3477 wpa_supplicant_state_txt(wpa_s->wpa_state));
42d23547 3478
04e3d815
MK		 3479 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3480 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3481 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3482 addr = wpa_s->pending_bssid;
04e3d815
MK		 3483 else if (!is_zero_ether_addr(wpa_s->bssid))
3484 addr = wpa_s->bssid;
42d23547
JM		 3485 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3486 /*
3487 * When using driver-based BSS selection, we may not know the
3488 * BSSID with which we are currently trying to associate. We
3489 * need to notify the driver of this disconnection even in such
3490 * a case, so use the all zeros address here.
3491 */
6fc6879b 3492 addr = wpa_s->bssid;
42d23547
JM		 3493 zero_addr = 1;
3494 }
3495
5abc7823
VN		 3496 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3497 wpa_s->enabled_4addr_mode = 0;
3498
7b44ff2c
SD		 3499#ifdef CONFIG_TDLS
3500 wpa_tdls_teardown_peers(wpa_s->wpa);
3501#endif /* CONFIG_TDLS */
3502
603a3f34
JL		 3503#ifdef CONFIG_MESH
3504 if (wpa_s->ifmsh) {
a39b040b
SB		 3505 struct mesh_conf *mconf;
3506
3507 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3508 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3509 wpa_s->ifname);
a39b040b
SB		 3510 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3511 mconf->meshid_len, reason_code);
603a3f34
JL		 3512 wpa_supplicant_leave_mesh(wpa_s);
3513 }
3514#endif /* CONFIG_MESH */
3515
42d23547
JM		 3516 if (addr) {
3517 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94 3518 os_memset(&event, 0, sizeof(event));
4be17ffb 3519 event.deauth_info.reason_code = reason_code;
ef48ff94
JM		 3520 event.deauth_info.locally_generated = 1;
3521 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3522 if (zero_addr)
3523 addr = NULL;
6fc6879b 3524 }
09f58c09
JM		 3525
3526 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3527}
3528
dca1a511
DS		 3529static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3530 struct wpa_ssid *ssid)
3531{
3532 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3533 return;
3534
3535 ssid->disabled = 0;
91073cca 3536 ssid->owe_transition_bss_select_count = 0;
dca1a511
DS		 3537 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3538 wpas_notify_network_enabled_changed(wpa_s, ssid);
3539
3540 /*
3541 * Try to reassociate since there is no current configuration and a new
3542 * network was made available.
3543 */
d2592497 3544 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3545 wpa_s->reassociate = 1;
3546}
3547
6fc6879b 3548
d015bb05
RP		 3549/**
3550 * wpa_supplicant_add_network - Add a new network
3551 * @wpa_s: wpa_supplicant structure for a network interface
3552 * Returns: The new network configuration or %NULL if operation failed
3553 *
3554 * This function performs the following operations:
3555 * 1. Adds a new network.
3556 * 2. Send network addition notification.
3557 * 3. Marks the network disabled.
3558 * 4. Set network default parameters.
3559 */
3560struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3561{
3562 struct wpa_ssid *ssid;
3563
3564 ssid = wpa_config_add_network(wpa_s->conf);
3565 if (!ssid)
3566 return NULL;
3567 wpas_notify_network_added(wpa_s, ssid);
3568 ssid->disabled = 1;
3569 wpa_config_set_network_defaults(ssid);
3570
3571 return ssid;
3572}
3573
3574
3575/**
3576 * wpa_supplicant_remove_network - Remove a configured network based on id
3577 * @wpa_s: wpa_supplicant structure for a network interface
3578 * @id: Unique network id to search for
3579 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3580 * could not be removed
3581 *
3582 * This function performs the following operations:
3583 * 1. Removes the network.
3584 * 2. Send network removal notification.
3585 * 3. Update internal state machines.
3586 * 4. Stop any running sched scans.
3587 */
3588int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3589{
3590 struct wpa_ssid *ssid;
3591 int was_disabled;
3592
3593 ssid = wpa_config_get_network(wpa_s->conf, id);
3594 if (!ssid)
3595 return -1;
3596 wpas_notify_network_removed(wpa_s, ssid);
3597
3598 if (wpa_s->last_ssid == ssid)
3599 wpa_s->last_ssid = NULL;
3600
3601 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3602#ifdef CONFIG_SME
3603 wpa_s->sme.prev_bssid_set = 0;
3604#endif /* CONFIG_SME */
3605 /*
3606 * Invalidate the EAP session cache if the current or
3607 * previously used network is removed.
3608 */
3609 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3610 }
3611
3612 if (ssid == wpa_s->current_ssid) {
3613 wpa_sm_set_config(wpa_s->wpa, NULL);
3614 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3615
3616 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3617 wpa_s->own_disconnect_req = 1;
3618 wpa_supplicant_deauthenticate(wpa_s,
3619 WLAN_REASON_DEAUTH_LEAVING);
3620 }
3621
3622 was_disabled = ssid->disabled;
3623
3624 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3625 return -2;
3626
3627 if (!was_disabled && wpa_s->sched_scanning) {
3628 wpa_printf(MSG_DEBUG,
3629 "Stop ongoing sched_scan to remove network from filters");
3630 wpa_supplicant_cancel_sched_scan(wpa_s);
3631 wpa_supplicant_req_scan(wpa_s, 0, 0);
3632 }
3633
3634 return 0;
3635}
3636
3637
86b89452
WS		 3638/**
3639 * wpa_supplicant_enable_network - Mark a configured network as enabled
3640 * @wpa_s: wpa_supplicant structure for a network interface
3641 * @ssid: wpa_ssid structure for a configured network or %NULL
3642 *
3643 * Enables the specified network or all networks if no network specified.
3644 */
3645void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3646 struct wpa_ssid *ssid)
3647{
86b89452 3648 if (ssid == NULL) {
14f79078
JM		 3649 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3650 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3651 } else
3652 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3653
5a1d9d1a
JM		 3654 if (wpa_s->reassociate && !wpa_s->disconnected &&
3655 (!wpa_s->current_ssid ||
3656 wpa_s->wpa_state == WPA_DISCONNECTED ||
3657 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3658 if (wpa_s->sched_scanning) {
3659 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3660 "new network to scan filters");
3661 wpa_supplicant_cancel_sched_scan(wpa_s);
3662 }
86b89452 3663
35d40309
JM		 3664 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3665 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3666 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3667 }
86b89452
WS		 3668 }
3669}
3670
3671
3672/**
3673 * wpa_supplicant_disable_network - Mark a configured network as disabled
3674 * @wpa_s: wpa_supplicant structure for a network interface
3675 * @ssid: wpa_ssid structure for a configured network or %NULL
3676 *
3677 * Disables the specified network or all networks if no network specified.
3678 */
3679void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3680 struct wpa_ssid *ssid)
3681{
3682 struct wpa_ssid *other_ssid;
3683 int was_disabled;
3684
3685 if (ssid == NULL) {
725fc39e
DS		 3686 if (wpa_s->sched_scanning)
3687 wpa_supplicant_cancel_sched_scan(wpa_s);
3688
4dac0245
JM		 3689 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3690 other_ssid = other_ssid->next) {
86b89452 3691 was_disabled = other_ssid->disabled;
4dac0245
JM		 3692 if (was_disabled == 2)
3693 continue; /* do not change persistent P2P group
3694 * data */
86b89452
WS		 3695
3696 other_ssid->disabled = 1;
3697
3698 if (was_disabled != other_ssid->disabled)
3699 wpas_notify_network_enabled_changed(
3700 wpa_s, other_ssid);
86b89452 3701 }
0661163e
SD		 3702 if (wpa_s->current_ssid) {
3703 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3704 wpa_s->own_disconnect_req = 1;
07783eaa 3705 wpa_supplicant_deauthenticate(
86b89452 3706 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3707 }
4dac0245 3708 } else if (ssid->disabled != 2) {
0661163e
SD		 3709 if (ssid == wpa_s->current_ssid) {
3710 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3711 wpa_s->own_disconnect_req = 1;
07783eaa 3712 wpa_supplicant_deauthenticate(
86b89452 3713 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3714 }
86b89452
WS		 3715
3716 was_disabled = ssid->disabled;
3717
3718 ssid->disabled = 1;
3719
725fc39e 3720 if (was_disabled != ssid->disabled) {
86b89452 3721 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 3722 if (wpa_s->sched_scanning) {
3723 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3724 "to remove network from filters");
3725 wpa_supplicant_cancel_sched_scan(wpa_s);
3726 wpa_supplicant_req_scan(wpa_s, 0, 0);
3727 }
3728 }
86b89452
WS		 3729 }
3730}
3731
3732
3733/**
3734 * wpa_supplicant_select_network - Attempt association with a network
3735 * @wpa_s: wpa_supplicant structure for a network interface
3736 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3737 */
3738void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3739 struct wpa_ssid *ssid)
3740{
3741
3742 struct wpa_ssid *other_ssid;
d93dfbd5 3743 int disconnected = 0;
86b89452 3744
d93dfbd5 3745 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 3746 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3747 wpa_s->own_disconnect_req = 1;
07783eaa 3748 wpa_supplicant_deauthenticate(
86b89452 3749 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 3750 disconnected = 1;
3751 }
86b89452 3752
00e5e3d5
JM		 3753 if (ssid)
3754 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3755
86b89452
WS		 3756 /*
3757 * Mark all other networks disabled or mark all networks enabled if no
3758 * network specified.
3759 */
4dac0245
JM		 3760 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3761 other_ssid = other_ssid->next) {
86b89452 3762 int was_disabled = other_ssid->disabled;
4dac0245
JM		 3763 if (was_disabled == 2)
3764 continue; /* do not change persistent P2P group data */
86b89452
WS		 3765
3766 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 3767 if (was_disabled && !other_ssid->disabled)
3768 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 3769
3770 if (was_disabled != other_ssid->disabled)
3771 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 3772 }
2a6f78fb 3773
d38c7be0
JM		 3774 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3775 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 3776 /* We are already associated with the selected network */
3777 wpa_printf(MSG_DEBUG, "Already associated with the "
3778 "selected network - do nothing");
3779 return;
3780 }
3781
25a8f9e3 3782 if (ssid) {
96efeeb6 3783 wpa_s->current_ssid = ssid;
25a8f9e3 3784 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 3785 wpa_s->connect_without_scan =
3786 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 3787
3788 /*
3789 * Don't optimize next scan freqs since a new ESS has been
3790 * selected.
3791 */
3792 os_free(wpa_s->next_scan_freqs);
3793 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 3794 } else {
3795 wpa_s->connect_without_scan = NULL;
25a8f9e3 3796 }
603a3f34 3797
86b89452
WS		 3798 wpa_s->disconnected = 0;
3799 wpa_s->reassociate = 1;
2cb40e9f 3800 wpa_s->last_owe_group = 0;
91073cca
SD		 3801 if (ssid)
3802 ssid->owe_transition_bss_select_count = 0;
cecdddc1 3803
e4a35f07 3804 if (wpa_s->connect_without_scan ||
35d40309
JM		 3805 wpa_supplicant_fast_associate(wpa_s) != 1) {
3806 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 3807 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 3808 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 3809 }
86b89452 3810
a1641d26
JM		 3811 if (ssid)
3812 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 3813}
3814
3815
bdec7ee5
MS		 3816/**
3817 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3818 * @wpa_s: wpa_supplicant structure for a network interface
3819 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3820 * @pkcs11_module_path: PKCS #11 module path or NULL
3821 * Returns: 0 on success; -1 on failure
3822 *
3823 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3824 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3825 * module path fails the paths will be reset to the default value (NULL).
3826 */
3827int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3828 const char *pkcs11_engine_path,
3829 const char *pkcs11_module_path)
3830{
3831 char *pkcs11_engine_path_copy = NULL;
3832 char *pkcs11_module_path_copy = NULL;
3833
3834 if (pkcs11_engine_path != NULL) {
3835 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3836 if (pkcs11_engine_path_copy == NULL)
3837 return -1;
3838 }
3839 if (pkcs11_module_path != NULL) {
3840 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 3841 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 3842 os_free(pkcs11_engine_path_copy);
3843 return -1;
3844 }
3845 }
3846
3847 os_free(wpa_s->conf->pkcs11_engine_path);
3848 os_free(wpa_s->conf->pkcs11_module_path);
3849 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3850 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3851
3852 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3853 eapol_sm_deinit(wpa_s->eapol);
3854 wpa_s->eapol = NULL;
3855 if (wpa_supplicant_init_eapol(wpa_s)) {
3856 /* Error -> Reset paths to the default value (NULL) once. */
3857 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3858 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3859 NULL);
3860
3861 return -1;
3862 }
3863 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3864
3865 return 0;
3866}
3867
3868
86b89452
WS		 3869/**
3870 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3871 * @wpa_s: wpa_supplicant structure for a network interface
3872 * @ap_scan: AP scan mode
3873 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3874 *
3875 */
3876int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3877{
3878
3879 int old_ap_scan;
3880
3881 if (ap_scan < 0 || ap_scan > 2)
3882 return -1;
3883
8406cd35
JM		 3884 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3885 wpa_printf(MSG_INFO,
3886 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3887 }
3888
48f8e036
DS		 3889#ifdef ANDROID
3890 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3891 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3892 wpa_s->wpa_state < WPA_COMPLETED) {
3893 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3894 "associating", wpa_s->conf->ap_scan, ap_scan);
3895 return 0;
3896 }
3897#endif /* ANDROID */
3898
86b89452
WS		 3899 old_ap_scan = wpa_s->conf->ap_scan;
3900 wpa_s->conf->ap_scan = ap_scan;
3901
3902 if (old_ap_scan != wpa_s->conf->ap_scan)
3903 wpas_notify_ap_scan_changed(wpa_s);
3904
3905 return 0;
3906}
3907
3908
78633c37
SL		 3909/**
3910 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3911 * @wpa_s: wpa_supplicant structure for a network interface
3912 * @expire_age: Expiration age in seconds
3913 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3914 *
3915 */
3916int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3917 unsigned int bss_expire_age)
3918{
3919 if (bss_expire_age < 10) {
3920 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3921 bss_expire_age);
3922 return -1;
3923 }
3924 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3925 bss_expire_age);
3926 wpa_s->conf->bss_expiration_age = bss_expire_age;
3927
3928 return 0;
3929}
3930
3931
3932/**
3933 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3934 * @wpa_s: wpa_supplicant structure for a network interface
3935 * @expire_count: number of scans after which an unseen BSS is reclaimed
3936 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3937 *
3938 */
3939int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3940 unsigned int bss_expire_count)
3941{
3942 if (bss_expire_count < 1) {
3943 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3944 bss_expire_count);
3945 return -1;
3946 }
3947 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3948 bss_expire_count);
3949 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3950
3951 return 0;
3952}
3953
3954
c6e86b63
MA		 3955/**
3956 * wpa_supplicant_set_scan_interval - Set scan interval
3957 * @wpa_s: wpa_supplicant structure for a network interface
3958 * @scan_interval: scan interval in seconds
3959 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3960 *
3961 */
3962int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3963 int scan_interval)
3964{
3965 if (scan_interval < 0) {
3966 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3967 scan_interval);
3968 return -1;
3969 }
3970 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3971 scan_interval);
9e737f08 3972 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 3973
3974 return 0;
3975}
3976
3977
86b89452
WS		 3978/**
3979 * wpa_supplicant_set_debug_params - Set global debug params
3980 * @global: wpa_global structure
3981 * @debug_level: debug level
3982 * @debug_timestamp: determines if show timestamp in debug data
3983 * @debug_show_keys: determines if show keys in debug data
3984 * Returns: 0 if succeed or -1 if debug_level has wrong value
3985 */
3986int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3987 int debug_timestamp, int debug_show_keys)
3988{
3989
3990 int old_level, old_timestamp, old_show_keys;
3991
3992 /* check for allowed debuglevels */
14dc0011
PS		 3993 if (debug_level != MSG_EXCESSIVE &&
3994 debug_level != MSG_MSGDUMP &&
86b89452
WS		 3995 debug_level != MSG_DEBUG &&
3996 debug_level != MSG_INFO &&
3997 debug_level != MSG_WARNING &&
3998 debug_level != MSG_ERROR)
3999 return -1;
4000
4001 old_level = wpa_debug_level;
4002 old_timestamp = wpa_debug_timestamp;
4003 old_show_keys = wpa_debug_show_keys;
4004
4005 wpa_debug_level = debug_level;
4006 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4007 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4008
db9133ac
WS		 4009 if (wpa_debug_level != old_level)
4010 wpas_notify_debug_level_changed(global);
4011 if (wpa_debug_timestamp != old_timestamp)
4012 wpas_notify_debug_timestamp_changed(global);
4013 if (wpa_debug_show_keys != old_show_keys)
4014 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 4015
4016 return 0;
4017}
4018
4019
e8b96490
JM		 4020#ifdef CONFIG_OWE
4021static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4022 const u8 *entry_ssid, size_t entry_ssid_len)
4023{
4024 const u8 *owe, *pos, *end;
4025 u8 ssid_len;
4026 struct wpa_bss *bss;
4027
4028 /* Check network profile SSID aganst the SSID in the
4029 * OWE Transition Mode element. */
4030
4031 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4032 if (!bss)
4033 return 0;
4034
4035 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4036 if (!owe)
4037 return 0;
4038
4039 pos = owe + 6;
4040 end = owe + 2 + owe[1];
4041
4042 if (end - pos < ETH_ALEN + 1)
4043 return 0;
4044 pos += ETH_ALEN;
4045 ssid_len = *pos++;
4046 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4047 return 0;
4048
4049 return entry_ssid_len == ssid_len &&
4050 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4051}
4052#endif /* CONFIG_OWE */
4053
4054
6fc6879b
JM		 4055/**
4056 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4057 * @wpa_s: Pointer to wpa_supplicant data
4058 * Returns: A pointer to the current network structure or %NULL on failure
4059 */
4060struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4061{
4062 struct wpa_ssid *entry;
eaa8eefe 4063 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 4064 int res;
4065 size_t ssid_len;
4066 u8 bssid[ETH_ALEN];
4067 int wired;
4068
17fbb751
JM		 4069 res = wpa_drv_get_ssid(wpa_s, ssid);
4070 if (res < 0) {
4071 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4072 "driver");
4073 return NULL;
6fc6879b 4074 }
17fbb751 4075 ssid_len = res;
6fc6879b 4076
17fbb751 4077 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 4078 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4079 "driver");
6fc6879b
JM		 4080 return NULL;
4081 }
4082
c2a04078
JM		 4083 wired = wpa_s->conf->ap_scan == 0 &&
4084 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 4085
4086 entry = wpa_s->conf->ssid;
4087 while (entry) {
349493bd 4088 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b 4089 ((ssid_len == entry->ssid_len &&
c4fccfc7
JM		 4090 (!entry->ssid ||
4091 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4092 wired) &&
6fc6879b
JM		 4093 (!entry->bssid_set ||
4094 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4095 return entry;
24c23d1b 4096#ifdef CONFIG_WPS
349493bd 4097 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 4098 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4099 (entry->ssid == NULL || entry->ssid_len == 0) &&
4100 (!entry->bssid_set ||
4101 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4102 return entry;
4103#endif /* CONFIG_WPS */
7d232e23 4104
e8b96490
JM		 4105#ifdef CONFIG_OWE
4106 if (!wpas_network_disabled(wpa_s, entry) &&
4107 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4108 entry->ssid_len) &&
4109 (!entry->bssid_set ||
4110 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4111 return entry;
4112#endif /* CONFIG_OWE */
4113
349493bd 4114 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 4115 entry->ssid_len == 0 &&
4116 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4117 return entry;
4118
6fc6879b
JM		 4119 entry = entry->next;
4120 }
4121
4122 return NULL;
4123}
4124
4125
7756114f
JM		 4126static int select_driver(struct wpa_supplicant *wpa_s, int i)
4127{
4128 struct wpa_global *global = wpa_s->global;
4129
4130 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 4131 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 4132 if (global->drv_priv[i] == NULL) {
4133 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4134 "'%s'", wpa_drivers[i]->name);
4135 return -1;
4136 }
4137 }
4138
4139 wpa_s->driver = wpa_drivers[i];
4140 wpa_s->global_drv_priv = global->drv_priv[i];
4141
4142 return 0;
4143}
4144
4145
6fc6879b
JM		 4146static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4147 const char *name)
4148{
4149 int i;
362f781e 4150 size_t len;
74b1c84a 4151 const char *pos, *driver = name;
6fc6879b
JM		 4152
4153 if (wpa_s == NULL)
4154 return -1;
4155
c5121837 4156 if (wpa_drivers[0] == NULL) {
f049052b
BG		 4157 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4158 "wpa_supplicant");
6fc6879b
JM		 4159 return -1;
4160 }
4161
4162 if (name == NULL) {
4163 /* default to first driver in the list */
7756114f 4164 return select_driver(wpa_s, 0);
6fc6879b
JM		 4165 }
4166
74b1c84a
SO		 4167 do {
4168 pos = os_strchr(driver, ',');
4169 if (pos)
4170 len = pos - driver;
4171 else
4172 len = os_strlen(driver);
4173
4174 for (i = 0; wpa_drivers[i]; i++) {
4175 if (os_strlen(wpa_drivers[i]->name) == len &&
4176 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 4177 0) {
4178 /* First driver that succeeds wins */
4179 if (select_driver(wpa_s, i) == 0)
4180 return 0;
4181 }
6fc6879b 4182 }
74b1c84a
SO		 4183
4184 driver = pos + 1;
4185 } while (pos);
6fc6879b 4186
f049052b 4187 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 4188 return -1;
4189}
4190
4191
a8e0505b
JM		 4192/**
4193 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4194 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4195 * with struct wpa_driver_ops::init()
4196 * @src_addr: Source address of the EAPOL frame
4197 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4198 * @len: Length of the EAPOL data
4199 *
4200 * This function is called for each received EAPOL frame. Most driver
4201 * interfaces rely on more generic OS mechanism for receiving frames through
4202 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4203 * take care of received EAPOL frames and deliver them to the core supplicant
4204 * code by calling this function.
4205 */
6fc6879b
JM		 4206void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4207 const u8 *buf, size_t len)
4208{
4209 struct wpa_supplicant *wpa_s = ctx;
4210
f049052b 4211 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 4212 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4213
02adead5
MK		 4214#ifdef CONFIG_TESTING_OPTIONS
4215 if (wpa_s->ignore_auth_resp) {
4216 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4217 return;
4218 }
4219#endif /* CONFIG_TESTING_OPTIONS */
4220
3ab35a66
JM		 4221 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4222 (wpa_s->last_eapol_matches_bssid &&
4223#ifdef CONFIG_AP
4224 !wpa_s->ap_iface &&
4225#endif /* CONFIG_AP */
4226 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 4227 /*
4228 * There is possible race condition between receiving the
4229 * association event and the EAPOL frame since they are coming
4230 * through different paths from the driver. In order to avoid
4231 * issues in trying to process the EAPOL frame before receiving
4232 * association information, lets queue it for processing until
3ab35a66
JM		 4233 * the association event is received. This may also be needed in
4234 * driver-based roaming case, so also use src_addr != BSSID as a
4235 * trigger if we have previously confirmed that the
4236 * Authenticator uses BSSID as the src_addr (which is not the
4237 * case with wired IEEE 802.1X).
1ff73338 4238 */
f049052b 4239 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 4240 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4241 wpa_supplicant_state_txt(wpa_s->wpa_state),
4242 MAC2STR(wpa_s->bssid));
1ff73338
JM		 4243 wpabuf_free(wpa_s->pending_eapol_rx);
4244 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4245 if (wpa_s->pending_eapol_rx) {
c2be937c 4246 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 4247 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4248 ETH_ALEN);
4249 }
4250 return;
4251 }
4252
3ab35a66
JM		 4253 wpa_s->last_eapol_matches_bssid =
4254 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4255
db149ac9
JM		 4256#ifdef CONFIG_AP
4257 if (wpa_s->ap_iface) {
4258 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4259 return;
4260 }
4261#endif /* CONFIG_AP */
4262
6fc6879b 4263 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 4264 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4265 "no key management is configured");
6fc6879b
JM		 4266 return;
4267 }
4268
4269 if (wpa_s->eapol_received == 0 &&
436ee2fd 4270 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
56586197 4271 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4272 wpa_s->wpa_state != WPA_COMPLETED) &&
4273 (wpa_s->current_ssid == NULL ||
f74618cb 4274 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
6fc6879b 4275 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4276 int timeout = 10;
4277
4278 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4279 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4280 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4281 /* Use longer timeout for IEEE 802.1X/EAP */
4282 timeout = 70;
4283 }
4284
c7dafdf9 4285#ifdef CONFIG_WPS
5add4101
JM		 4286 if (wpa_s->current_ssid && wpa_s->current_bss &&
4287 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4288 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4289 /*
4290 * Use shorter timeout if going through WPS AP iteration
4291 * for PIN config method with an AP that does not
4292 * advertise Selected Registrar.
4293 */
4294 struct wpabuf *wps_ie;
4295
4296 wps_ie = wpa_bss_get_vendor_ie_multi(
4297 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4298 if (wps_ie &&
4299 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4300 timeout = 10;
4301 wpabuf_free(wps_ie);
4302 }
c7dafdf9 4303#endif /* CONFIG_WPS */
5add4101
JM		 4304
4305 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4306 }
4307 wpa_s->eapol_received++;
4308
4309 if (wpa_s->countermeasures) {
f049052b
BG		 4310 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4311 "EAPOL packet");
6fc6879b
JM		 4312 return;
4313 }
4314
8be18440
JM		 4315#ifdef CONFIG_IBSS_RSN
4316 if (wpa_s->current_ssid &&
d7dcba70 4317 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4318 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4319 return;
4320 }
4321#endif /* CONFIG_IBSS_RSN */
4322
6fc6879b
JM		 4323 /* Source address of the incoming EAPOL frame could be compared to the
4324 * current BSSID. However, it is possible that a centralized
4325 * Authenticator could be using another MAC address than the BSSID of
4326 * an AP, so just allow any address to be used for now. The replies are
4327 * still sent to the current BSSID (if available), though. */
4328
4329 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4330 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4331 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4332 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4333 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4334 return;
4335 wpa_drv_poll(wpa_s);
436ee2fd 4336 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
6fc6879b 4337 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4338 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4339 /*
4340 * Set portValid = TRUE here since we are going to skip 4-way
4341 * handshake processing which would normally set portValid. We
4342 * need this to allow the EAPOL state machines to be completed
4343 * without going through EAPOL-Key handshake.
4344 */
4345 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4346 }
4347}
4348
4349
bfba8deb 4350int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4351{
2961bfa8
JM		 4352 if ((!wpa_s->p2p_mgmt ||
4353 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4354 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4355 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4356 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4357 wpa_drv_get_mac_addr(wpa_s),
4358 ETH_P_EAPOL,
4359 wpa_supplicant_rx_eapol, wpa_s, 0);
4360 if (wpa_s->l2 == NULL)
4361 return -1;
d89edb61
DC		 4362
4363 if (l2_packet_set_packet_filter(wpa_s->l2,
4364 L2_PACKET_FILTER_PKTTYPE))
4365 wpa_dbg(wpa_s, MSG_DEBUG,
4366 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4367 } else {
4368 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4369 if (addr)
4370 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4371 }
4372
4373 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4374 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4375 return -1;
4376 }
4377
c267753b
JM		 4378 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4379
bfba8deb
JM		 4380 return 0;
4381}
4382
4383
25f839c6
JM		 4384static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4385 const u8 *buf, size_t len)
4386{
4387 struct wpa_supplicant *wpa_s = ctx;
4388 const struct l2_ethhdr *eth;
4389
4390 if (len < sizeof(*eth))
4391 return;
4392 eth = (const struct l2_ethhdr *) buf;
4393
4394 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4395 !(eth->h_dest[0] & 0x01)) {
4396 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4397 " (bridge - not for this interface - ignore)",
4398 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4399 return;
4400 }
4401
4402 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4403 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4404 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4405 len - sizeof(*eth));
4406}
4407
4408
bfba8deb
JM		 4409/**
4410 * wpa_supplicant_driver_init - Initialize driver interface parameters
4411 * @wpa_s: Pointer to wpa_supplicant data
4412 * Returns: 0 on success, -1 on failure
4413 *
4414 * This function is called to initialize driver interface parameters.
4415 * wpa_drv_init() must have been called before this function to initialize the
4416 * driver interface.
4417 */
4418int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4419{
4420 static int interface_count = 0;
4421
4422 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4423 return -1;
4424
c68f6200
AS		 4425 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4426 MAC2STR(wpa_s->own_addr));
a313d17d 4427 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4428 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4429
6fc6879b 4430 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4431 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4432 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4433 wpa_s->l2_br = l2_packet_init_bridge(
4434 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4435 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4436 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4437 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4438 "connection for the bridge interface '%s'",
4439 wpa_s->bridge_ifname);
6fc6879b
JM		 4440 return -1;
4441 }
4442 }
4443
8406cd35
JM		 4444 if (wpa_s->conf->ap_scan == 2 &&
4445 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4446 wpa_printf(MSG_INFO,
4447 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4448 }
4449
6fc6879b
JM		 4450 wpa_clear_keys(wpa_s, NULL);
4451
4452 /* Make sure that TKIP countermeasures are not left enabled (could
4453 * happen if wpa_supplicant is killed during countermeasures. */
4454 wpa_drv_set_countermeasures(wpa_s, 0);
4455
f049052b 4456 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4457 wpa_drv_flush_pmkid(wpa_s);
4458
ba2a573c 4459 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4460 wpa_s->prev_scan_wildcard = 0;
4461
349493bd 4462 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4463 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4464 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4465 interface_count = 0;
4466 }
ee82e33d 4467#ifndef ANDROID
3a94adbf 4468 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4469 wpa_supplicant_delayed_sched_scan(wpa_s,
4470 interface_count % 3,
6a90053c 4471 100000))
5d0d72a3 4472 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4473 100000);
ee82e33d 4474#endif /* ANDROID */
74e259ec
JM		 4475 interface_count++;
4476 } else
4477 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4478
4479 return 0;
4480}
4481
4482
4483static int wpa_supplicant_daemon(const char *pid_file)
4484{
4485 wpa_printf(MSG_DEBUG, "Daemonize..");
4486 return os_daemonize(pid_file);
4487}
4488
4489
1772d348
JM		 4490static struct wpa_supplicant *
4491wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4492{
4493 struct wpa_supplicant *wpa_s;
4494
4495 wpa_s = os_zalloc(sizeof(*wpa_s));
4496 if (wpa_s == NULL)
4497 return NULL;
4115303b 4498 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4499 wpa_s->scan_interval = 5;
c302f207 4500 wpa_s->new_connection = 1;
1772d348 4501 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4502 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4503 wpa_s->sched_scanning = 0;
6fc6879b 4504
dd599908 4505 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4506 dl_list_init(&wpa_s->fils_hlp_req);
dd599908 4507
6fc6879b
JM		 4508 return wpa_s;
4509}
4510
4511
80e8a5ee
BG		 4512#ifdef CONFIG_HT_OVERRIDES
4513
4514static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4515 struct ieee80211_ht_capabilities *htcaps,
4516 struct ieee80211_ht_capabilities *htcaps_mask,
4517 const char *ht_mcs)
4518{
4519 /* parse ht_mcs into hex array */
4520 int i;
4521 const char *tmp = ht_mcs;
4522 char *end = NULL;
4523
4524 /* If ht_mcs is null, do not set anything */
4525 if (!ht_mcs)
4526 return 0;
4527
4528 /* This is what we are setting in the kernel */
4529 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4530
4531 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4532
4533 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4534 long v;
4535
80e8a5ee 4536 errno = 0;
30eddf35
JB		 4537 v = strtol(tmp, &end, 16);
4538
80e8a5ee
BG		 4539 if (errno == 0) {
4540 wpa_msg(wpa_s, MSG_DEBUG,
4541 "htcap value[%i]: %ld end: %p tmp: %p",
4542 i, v, end, tmp);
4543 if (end == tmp)
4544 break;
4545
4546 htcaps->supported_mcs_set[i] = v;
4547 tmp = end;
4548 } else {
4549 wpa_msg(wpa_s, MSG_ERROR,
4550 "Failed to parse ht-mcs: %s, error: %s\n",
4551 ht_mcs, strerror(errno));
4552 return -1;
4553 }
4554 }
4555
4556 /*
4557 * If we were able to parse any values, then set mask for the MCS set.
4558 */
4559 if (i) {
4560 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4561 IEEE80211_HT_MCS_MASK_LEN - 1);
4562 /* skip the 3 reserved bits */
4563 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4564 0x1f;
4565 }
4566
4567 return 0;
4568}
4569
4570
4571static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4572 struct ieee80211_ht_capabilities *htcaps,
4573 struct ieee80211_ht_capabilities *htcaps_mask,
4574 int disabled)
4575{
5bc28571 4576 le16 msk;
80e8a5ee 4577
80e8a5ee
BG		 4578 if (disabled == -1)
4579 return 0;
4580
bbdb5014
JM		 4581 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4582
80e8a5ee
BG		 4583 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4584 htcaps_mask->ht_capabilities_info |= msk;
4585 if (disabled)
4586 htcaps->ht_capabilities_info &= msk;
4587 else
4588 htcaps->ht_capabilities_info |= msk;
4589
4590 return 0;
4591}
4592
4593
4594static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4595 struct ieee80211_ht_capabilities *htcaps,
4596 struct ieee80211_ht_capabilities *htcaps_mask,
4597 int factor)
4598{
80e8a5ee
BG		 4599 if (factor == -1)
4600 return 0;
4601
bbdb5014
JM		 4602 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4603
80e8a5ee
BG		 4604 if (factor < 0 || factor > 3) {
4605 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4606 "Must be 0-3 or -1", factor);
4607 return -EINVAL;
4608 }
4609
4610 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4611 htcaps->a_mpdu_params &= ~0x3;
4612 htcaps->a_mpdu_params |= factor & 0x3;
4613
4614 return 0;
4615}
4616
4617
4618static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4619 struct ieee80211_ht_capabilities *htcaps,
4620 struct ieee80211_ht_capabilities *htcaps_mask,
4621 int density)
4622{
80e8a5ee
BG		 4623 if (density == -1)
4624 return 0;
4625
bbdb5014
JM		 4626 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4627
80e8a5ee
BG		 4628 if (density < 0 || density > 7) {
4629 wpa_msg(wpa_s, MSG_ERROR,
4630 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4631 density);
4632 return -EINVAL;
4633 }
4634
4635 htcaps_mask->a_mpdu_params |= 0x1C;
4636 htcaps->a_mpdu_params &= ~(0x1C);
4637 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4638
4639 return 0;
4640}
4641
4642
4643static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4644 struct ieee80211_ht_capabilities *htcaps,
4645 struct ieee80211_ht_capabilities *htcaps_mask,
4646 int disabled)
4647{
bbdb5014
JM		 4648 if (disabled)
4649 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
80e8a5ee 4650
9eb5757a
MH		 4651 set_disable_ht40(htcaps, disabled);
4652 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4653
4654 return 0;
4655}
4656
4657
a90497f8
BG		 4658static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4659 struct ieee80211_ht_capabilities *htcaps,
4660 struct ieee80211_ht_capabilities *htcaps_mask,
4661 int disabled)
4662{
4663 /* Masking these out disables SGI */
5bc28571
JM		 4664 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4665 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8 4666
bbdb5014
JM		 4667 if (disabled)
4668 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
a90497f8
BG		 4669
4670 if (disabled)
4671 htcaps->ht_capabilities_info &= ~msk;
4672 else
4673 htcaps->ht_capabilities_info |= msk;
4674
4675 htcaps_mask->ht_capabilities_info |= msk;
4676
4677 return 0;
4678}
4679
4680
39a5800f
PK		 4681static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4682 struct ieee80211_ht_capabilities *htcaps,
4683 struct ieee80211_ht_capabilities *htcaps_mask,
4684 int disabled)
4685{
4686 /* Masking these out disables LDPC */
5bc28571 4687 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f 4688
bbdb5014
JM		 4689 if (disabled)
4690 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
39a5800f
PK		 4691
4692 if (disabled)
4693 htcaps->ht_capabilities_info &= ~msk;
4694 else
4695 htcaps->ht_capabilities_info |= msk;
4696
4697 htcaps_mask->ht_capabilities_info |= msk;
4698
4699 return 0;
4700}
4701
4702
cdeea70f
SM		 4703static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
4704 struct ieee80211_ht_capabilities *htcaps,
4705 struct ieee80211_ht_capabilities *htcaps_mask,
4706 int tx_stbc)
4707{
4708 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
4709
cdeea70f
SM		 4710 if (tx_stbc == -1)
4711 return 0;
4712
bbdb5014
JM		 4713 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
4714
cdeea70f
SM		 4715 if (tx_stbc < 0 || tx_stbc > 1) {
4716 wpa_msg(wpa_s, MSG_ERROR,
4717 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
4718 return -EINVAL;
4719 }
4720
4721 htcaps_mask->ht_capabilities_info |= msk;
4722 htcaps->ht_capabilities_info &= ~msk;
4723 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
4724
4725 return 0;
4726}
4727
4728
4729static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
4730 struct ieee80211_ht_capabilities *htcaps,
4731 struct ieee80211_ht_capabilities *htcaps_mask,
4732 int rx_stbc)
4733{
4734 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
4735
cdeea70f
SM		 4736 if (rx_stbc == -1)
4737 return 0;
4738
bbdb5014
JM		 4739 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
4740
cdeea70f
SM		 4741 if (rx_stbc < 0 || rx_stbc > 3) {
4742 wpa_msg(wpa_s, MSG_ERROR,
4743 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
4744 return -EINVAL;
4745 }
4746
4747 htcaps_mask->ht_capabilities_info |= msk;
4748 htcaps->ht_capabilities_info &= ~msk;
4749 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
4750
4751 return 0;
4752}
4753
4754
80e8a5ee
BG		 4755void wpa_supplicant_apply_ht_overrides(
4756 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4757 struct wpa_driver_associate_params *params)
4758{
4759 struct ieee80211_ht_capabilities *htcaps;
4760 struct ieee80211_ht_capabilities *htcaps_mask;
4761
4762 if (!ssid)
4763 return;
4764
4765 params->disable_ht = ssid->disable_ht;
4766 if (!params->htcaps || !params->htcaps_mask)
4767 return;
4768
4769 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4770 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4771 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4772 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4773 ssid->disable_max_amsdu);
4774 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4775 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4776 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 4777 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 4778 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
cdeea70f
SM		 4779 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
4780 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
d41cc8cc
JM		 4781
4782 if (ssid->ht40_intolerant) {
5bc28571 4783 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 4784 htcaps->ht_capabilities_info |= bit;
4785 htcaps_mask->ht_capabilities_info |= bit;
4786 }
80e8a5ee
BG		 4787}
4788
4789#endif /* CONFIG_HT_OVERRIDES */
4790
4791
e9ee8dc3
JB		 4792#ifdef CONFIG_VHT_OVERRIDES
4793void wpa_supplicant_apply_vht_overrides(
4794 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4795 struct wpa_driver_associate_params *params)
4796{
4797 struct ieee80211_vht_capabilities *vhtcaps;
4798 struct ieee80211_vht_capabilities *vhtcaps_mask;
4799
4800 if (!ssid)
4801 return;
4802
4803 params->disable_vht = ssid->disable_vht;
4804
4805 vhtcaps = (void *) params->vhtcaps;
4806 vhtcaps_mask = (void *) params->vhtcaps_mask;
4807
4808 if (!vhtcaps || !vhtcaps_mask)
4809 return;
4810
4d8d710f
JM		 4811 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4812 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 4813
4f560cde 4814#ifdef CONFIG_HT_OVERRIDES
fd83a808
BG		 4815 if (ssid->disable_sgi) {
4816 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
4817 VHT_CAP_SHORT_GI_160);
4818 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
4819 VHT_CAP_SHORT_GI_160);
4820 wpa_msg(wpa_s, MSG_DEBUG,
4821 "disable-sgi override specified, vht-caps: 0x%x",
4822 vhtcaps->vht_capabilities_info);
4823 }
4824
4f560cde 4825 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 4826 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4827 int max_ampdu;
4828
4829 max_ampdu = (ssid->vht_capa &
4830 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4831 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 4832
4833 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4834 wpa_set_ampdu_factor(wpa_s,
4835 (void *) params->htcaps,
4836 (void *) params->htcaps_mask,
4837 max_ampdu);
4838 }
4839#endif /* CONFIG_HT_OVERRIDES */
4840
e9ee8dc3
JB		 4841#define OVERRIDE_MCS(i) \
4842 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4843 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 4844 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4845 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 4846 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4847 2 * (i - 1)); \
e9ee8dc3
JB		 4848 } \
4849 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4850 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 4851 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4852 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 4853 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4854 2 * (i - 1)); \
e9ee8dc3
JB		 4855 }
4856
4857 OVERRIDE_MCS(1);
4858 OVERRIDE_MCS(2);
4859 OVERRIDE_MCS(3);
4860 OVERRIDE_MCS(4);
4861 OVERRIDE_MCS(5);
4862 OVERRIDE_MCS(6);
4863 OVERRIDE_MCS(7);
4864 OVERRIDE_MCS(8);
4865}
4866#endif /* CONFIG_VHT_OVERRIDES */
4867
4868
f64adcd7
JM		 4869static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4870{
4871#ifdef PCSC_FUNCS
4872 size_t len;
4873
4874 if (!wpa_s->conf->pcsc_reader)
4875 return 0;
4876
22cf7d73 4877 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 4878 if (!wpa_s->scard)
4879 return 1;
4880
4881 if (wpa_s->conf->pcsc_pin &&
4882 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4883 scard_deinit(wpa_s->scard);
4884 wpa_s->scard = NULL;
4885 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4886 return -1;
4887 }
4888
4889 len = sizeof(wpa_s->imsi) - 1;
4890 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4891 scard_deinit(wpa_s->scard);
4892 wpa_s->scard = NULL;
4893 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4894 return -1;
4895 }
4896 wpa_s->imsi[len] = '\0';
4897
4898 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4899
4900 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4901 wpa_s->imsi, wpa_s->mnc_len);
4902
4903 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4904 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4905#endif /* PCSC_FUNCS */
4906
4907 return 0;
4908}
4909
4910
306ae225
JM		 4911int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4912{
4913 char *val, *pos;
4914
4915 ext_password_deinit(wpa_s->ext_pw);
4916 wpa_s->ext_pw = NULL;
4917 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4918
4919 if (!wpa_s->conf->ext_password_backend)
4920 return 0;
4921
4922 val = os_strdup(wpa_s->conf->ext_password_backend);
4923 if (val == NULL)
4924 return -1;
4925 pos = os_strchr(val, ':');
4926 if (pos)
4927 *pos++ = '\0';
4928
4929 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4930
4931 wpa_s->ext_pw = ext_password_init(val, pos);
4932 os_free(val);
4933 if (wpa_s->ext_pw == NULL) {
4934 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4935 return -1;
4936 }
4937 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4938
4939 return 0;
4940}
4941
4942
b36a3a65
AN		 4943#ifdef CONFIG_FST
4944
4945static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4946{
4947 struct wpa_supplicant *wpa_s = ctx;
4948
4949 return (is_zero_ether_addr(wpa_s->bssid) ||
4950 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4951}
4952
4953
4954static void wpas_fst_get_channel_info_cb(void *ctx,
4955 enum hostapd_hw_mode *hw_mode,
4956 u8 *channel)
4957{
4958 struct wpa_supplicant *wpa_s = ctx;
4959
4960 if (wpa_s->current_bss) {
4961 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4962 channel);
4963 } else if (wpa_s->hw.num_modes) {
4964 *hw_mode = wpa_s->hw.modes[0].mode;
4965 } else {
4966 WPA_ASSERT(0);
4967 *hw_mode = 0;
4968 }
4969}
4970
4971
4972static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4973{
4974 struct wpa_supplicant *wpa_s = ctx;
4975
4976 *modes = wpa_s->hw.modes;
4977 return wpa_s->hw.num_modes;
4978}
4979
4980
84bcb4e7 4981static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 4982{
4983 struct wpa_supplicant *wpa_s = ctx;
4984
b7a07937 4985 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 4986 wpa_s->fst_ies = fst_ies;
4987}
4988
4989
4990static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4991{
4992 struct wpa_supplicant *wpa_s = ctx;
4993
0da35523
JM		 4994 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4995 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4996 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4997 return -1;
4998 }
b36a3a65 4999 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 5000 wpa_s->own_addr, wpa_s->bssid,
5001 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 5002 0);
5003}
5004
5005
a0f04da5 5006static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 5007{
5008 struct wpa_supplicant *wpa_s = ctx;
5009
5010 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5011 return wpa_s->received_mb_ies;
5012}
5013
5014
5015static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5016 const u8 *buf, size_t size)
5017{
5018 struct wpa_supplicant *wpa_s = ctx;
5019 struct mb_ies_info info;
5020
5021 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5022
5023 if (!mb_ies_info_by_ies(&info, buf, size)) {
5024 wpabuf_free(wpa_s->received_mb_ies);
5025 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5026 }
5027}
5028
5029
39cdd3a0
JM		 5030static const u8 * wpas_fst_get_peer_first(void *ctx,
5031 struct fst_get_peer_ctx **get_ctx,
5032 Boolean mb_only)
b36a3a65
AN		 5033{
5034 struct wpa_supplicant *wpa_s = ctx;
5035
5036 *get_ctx = NULL;
5037 if (!is_zero_ether_addr(wpa_s->bssid))
5038 return (wpa_s->received_mb_ies || !mb_only) ?
5039 wpa_s->bssid : NULL;
5040 return NULL;
5041}
5042
5043
39cdd3a0
JM		 5044static const u8 * wpas_fst_get_peer_next(void *ctx,
5045 struct fst_get_peer_ctx **get_ctx,
5046 Boolean mb_only)
b36a3a65
AN		 5047{
5048 return NULL;
5049}
5050
5051void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5052 struct fst_wpa_obj *iface_obj)
5053{
5054 iface_obj->ctx = wpa_s;
5055 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5056 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5057 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5058 iface_obj->set_ies = wpas_fst_set_ies_cb;
5059 iface_obj->send_action = wpas_fst_send_action_cb;
5060 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5061 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5062 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5063 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5064}
5065#endif /* CONFIG_FST */
5066
a520bf4a 5067static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 5068 const struct wpa_driver_capa *capa)
e4fa8b12 5069{
88cb27c7
DS		 5070 struct wowlan_triggers *triggers;
5071 int ret = 0;
e4fa8b12
EP		 5072
5073 if (!wpa_s->conf->wowlan_triggers)
5074 return 0;
5075
88cb27c7
DS		 5076 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5077 if (triggers) {
5078 ret = wpa_drv_wowlan(wpa_s, triggers);
5079 os_free(triggers);
e4fa8b12 5080 }
e4fa8b12
EP		 5081 return ret;
5082}
5083
5084
2b6e9f91 5085enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 5086{
5087 if (freq < 3000)
5088 return BAND_2_4_GHZ;
5089 if (freq > 50000)
5090 return BAND_60_GHZ;
5091 return BAND_5_GHZ;
5092}
5093
5094
2b6e9f91 5095unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 5096{
5097 int i;
5098 unsigned int band = 0;
5099
5100 if (freqs) {
5101 /* freqs are specified for the radio work */
5102 for (i = 0; freqs[i]; i++)
5103 band |= wpas_freq_to_band(freqs[i]);
5104 } else {
5105 /*
5106 * freqs are not specified, implies all
5107 * the supported freqs by HW
5108 */
5109 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5110 if (wpa_s->hw.modes[i].num_channels != 0) {
5111 if (wpa_s->hw.modes[i].mode ==
5112 HOSTAPD_MODE_IEEE80211B ||
5113 wpa_s->hw.modes[i].mode ==
5114 HOSTAPD_MODE_IEEE80211G)
5115 band |= BAND_2_4_GHZ;
5116 else if (wpa_s->hw.modes[i].mode ==
5117 HOSTAPD_MODE_IEEE80211A)
5118 band |= BAND_5_GHZ;
5119 else if (wpa_s->hw.modes[i].mode ==
5120 HOSTAPD_MODE_IEEE80211AD)
5121 band |= BAND_60_GHZ;
5122 else if (wpa_s->hw.modes[i].mode ==
5123 HOSTAPD_MODE_IEEE80211ANY)
5124 band = BAND_2_4_GHZ | BAND_5_GHZ |
5125 BAND_60_GHZ;
5126 }
5127 }
5128 }
5129
5130 return band;
5131}
5132
5133
202dec2a
JM		 5134static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5135 const char *rn)
5136{
5137 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5138 struct wpa_radio *radio;
5139
5140 while (rn && iface) {
5141 radio = iface->radio;
5142 if (radio && os_strcmp(rn, radio->name) == 0) {
5143 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5144 wpa_s->ifname, rn);
5145 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5146 return radio;
5147 }
b154a24e
TB		 5148
5149 iface = iface->next;
202dec2a
JM		 5150 }
5151
5152 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5153 wpa_s->ifname, rn ? rn : "N/A");
5154 radio = os_zalloc(sizeof(*radio));
5155 if (radio == NULL)
5156 return NULL;
5157
5158 if (rn)
5159 os_strlcpy(radio->name, rn, sizeof(radio->name));
5160 dl_list_init(&radio->ifaces);
b1ae396f 5161 dl_list_init(&radio->work);
202dec2a
JM		 5162 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5163
5164 return radio;
5165}
5166
5167
b1ae396f
JM		 5168static void radio_work_free(struct wpa_radio_work *work)
5169{
d12a51b5
JM		 5170 if (work->wpa_s->scan_work == work) {
5171 /* This should not really happen. */
5172 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5173 work->type, work, work->started);
5174 work->wpa_s->scan_work = NULL;
5175 }
5176
1b5d4714
JM		 5177#ifdef CONFIG_P2P
5178 if (work->wpa_s->p2p_scan_work == work) {
5179 /* This should not really happen. */
5180 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5181 work->type, work, work->started);
5182 work->wpa_s->p2p_scan_work = NULL;
5183 }
5184#endif /* CONFIG_P2P */
5185
e903d32d
KV		 5186 if (work->started) {
5187 work->wpa_s->radio->num_active_works--;
5188 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 5189 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 5190 work->type, work,
5191 work->wpa_s->radio->num_active_works);
5192 }
5193
b1ae396f
JM		 5194 dl_list_del(&work->list);
5195 os_free(work);
5196}
5197
5198
4c6f450c
JM		 5199static int radio_work_is_connect(struct wpa_radio_work *work)
5200{
5201 return os_strcmp(work->type, "sme-connect") == 0 ||
5202 os_strcmp(work->type, "connect") == 0;
5203}
5204
5205
85b6b6b6
SD		 5206static int radio_work_is_scan(struct wpa_radio_work *work)
5207{
5208 return os_strcmp(work->type, "scan") == 0 ||
5209 os_strcmp(work->type, "p2p-scan") == 0;
5210}
5211
5212
e903d32d
KV		 5213static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5214{
5215 struct wpa_radio_work *active_work = NULL;
5216 struct wpa_radio_work *tmp;
5217
5218 /* Get the active work to know the type and band. */
5219 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5220 if (tmp->started) {
5221 active_work = tmp;
5222 break;
5223 }
5224 }
5225
5226 if (!active_work) {
5227 /* No active work, start one */
5228 radio->num_active_works = 0;
5229 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5230 list) {
5231 if (os_strcmp(tmp->type, "scan") == 0 &&
5232 radio->external_scan_running &&
5233 (((struct wpa_driver_scan_params *)
5234 tmp->ctx)->only_new_results ||
5235 tmp->wpa_s->clear_driver_scan_cache))
5236 continue;
5237 return tmp;
5238 }
5239 return NULL;
5240 }
5241
4c6f450c 5242 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 5243 /*
5244 * If the active work is either connect or sme-connect,
5245 * do not parallelize them with other radio works.
5246 */
5247 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5248 "Do not parallelize radio work with %s",
5249 active_work->type);
5250 return NULL;
5251 }
5252
5253 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5254 if (tmp->started)
5255 continue;
5256
5257 /*
5258 * If connect or sme-connect are enqueued, parallelize only
5259 * those operations ahead of them in the queue.
5260 */
4c6f450c 5261 if (radio_work_is_connect(tmp))
e903d32d
KV		 5262 break;
5263
85b6b6b6
SD		 5264 /* Serialize parallel scan and p2p_scan operations on the same
5265 * interface since the driver_nl80211 mechanism for tracking
5266 * scan cookies does not yet have support for this. */
5267 if (active_work->wpa_s == tmp->wpa_s &&
5268 radio_work_is_scan(active_work) &&
5269 radio_work_is_scan(tmp)) {
5270 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5271 "Do not start work '%s' when another work '%s' is already scheduled",
5272 tmp->type, active_work->type);
5273 continue;
5274 }
e903d32d
KV		 5275 /*
5276 * Check that the radio works are distinct and
5277 * on different bands.
5278 */
5279 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5280 (active_work->bands != tmp->bands)) {
5281 /*
5282 * If a scan has to be scheduled through nl80211 scan
5283 * interface and if an external scan is already running,
5284 * do not schedule the scan since it is likely to get
5285 * rejected by kernel.
5286 */
5287 if (os_strcmp(tmp->type, "scan") == 0 &&
5288 radio->external_scan_running &&
5289 (((struct wpa_driver_scan_params *)
5290 tmp->ctx)->only_new_results ||
5291 tmp->wpa_s->clear_driver_scan_cache))
5292 continue;
5293
5294 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5295 "active_work:%s new_work:%s",
5296 active_work->type, tmp->type);
5297 return tmp;
5298 }
5299 }
5300
5301 /* Did not find a radio work to schedule in parallel. */
5302 return NULL;
5303}
5304
5305
b1ae396f
JM		 5306static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5307{
5308 struct wpa_radio *radio = eloop_ctx;
5309 struct wpa_radio_work *work;
5310 struct os_reltime now, diff;
6428d0a7 5311 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 5312
5313 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 5314 if (work == NULL) {
5315 radio->num_active_works = 0;
b1ae396f 5316 return;
e903d32d 5317 }
b1ae396f 5318
6428d0a7
JM		 5319 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5320 radio_list);
e903d32d
KV		 5321
5322 if (!(wpa_s &&
5323 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5324 if (work->started)
5325 return; /* already started and still in progress */
5326
5327 if (wpa_s && wpa_s->radio->external_scan_running) {
5328 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5329 return;
5330 }
5331 } else {
5332 work = NULL;
5333 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5334 /* get the work to schedule next */
5335 work = radio_work_get_next_work(radio);
5336 }
5337 if (!work)
5338 return;
6428d0a7
JM		 5339 }
5340
e903d32d 5341 wpa_s = work->wpa_s;
b1ae396f
JM		 5342 os_get_reltime(&now);
5343 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5344 wpa_dbg(wpa_s, MSG_DEBUG,
5345 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5346 work->type, work, diff.sec, diff.usec);
5347 work->started = 1;
5348 work->time = now;
e903d32d
KV		 5349 radio->num_active_works++;
5350
b1ae396f 5351 work->cb(work, 0);
e903d32d
KV		 5352
5353 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5354 radio->num_active_works < MAX_ACTIVE_WORKS)
5355 radio_work_check_next(wpa_s);
b1ae396f
JM		 5356}
5357
5358
b3253ebb
AO		 5359/*
5360 * This function removes both started and pending radio works running on
5361 * the provided interface's radio.
5362 * Prior to the removal of the radio work, its callback (cb) is called with
5363 * deinit set to be 1. Each work's callback is responsible for clearing its
5364 * internal data and restoring to a correct state.
5365 * @wpa_s: wpa_supplicant data
5366 * @type: type of works to be removed
5367 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5368 * this interface's works.
5369 */
5370void radio_remove_works(struct wpa_supplicant *wpa_s,
5371 const char *type, int remove_all)
b1ae396f
JM		 5372{
5373 struct wpa_radio_work *work, *tmp;
5374 struct wpa_radio *radio = wpa_s->radio;
5375
5376 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5377 list) {
b3253ebb 5378 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5379 continue;
b3253ebb
AO		 5380
5381 /* skip other ifaces' works */
5382 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5383 continue;
b3253ebb
AO		 5384
5385 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5386 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5387 work->cb(work, 1);
5388 radio_work_free(work);
5389 }
b3253ebb
AO		 5390
5391 /* in case we removed the started work */
5392 radio_work_check_next(wpa_s);
b1ae396f
JM		 5393}
5394
5395
6a252ece
JM		 5396void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5397{
5398 struct wpa_radio_work *work;
5399 struct wpa_radio *radio = wpa_s->radio;
5400
5401 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5402 if (work->ctx != ctx)
5403 continue;
5404 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5405 work->type, work, work->started ? " (started)" : "");
5406 radio_work_free(work);
5407 break;
5408 }
5409}
5410
5411
202dec2a
JM		 5412static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5413{
5414 struct wpa_radio *radio = wpa_s->radio;
5415
5416 if (!radio)
5417 return;
5418
5419 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5420 wpa_s->ifname, radio->name);
5421 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5422 radio_remove_works(wpa_s, NULL, 0);
5423 wpa_s->radio = NULL;
5424 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5425 return; /* Interfaces remain for this radio */
5426
5427 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5428 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5429 os_free(radio);
5430}
5431
5432
6428d0a7 5433void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5434{
5435 struct wpa_radio *radio = wpa_s->radio;
5436
5437 if (dl_list_empty(&radio->work))
5438 return;
e3745228
JM		 5439 if (wpa_s->ext_work_in_progress) {
5440 wpa_printf(MSG_DEBUG,
5441 "External radio work in progress - delay start of pending item");
5442 return;
5443 }
b1ae396f
JM		 5444 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5445 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5446}
5447
5448
5449/**
5450 * radio_add_work - Add a radio work item
5451 * @wpa_s: Pointer to wpa_supplicant data
5452 * @freq: Frequency of the offchannel operation in MHz or 0
5453 * @type: Unique identifier for each type of work
5454 * @next: Force as the next work to be executed
5455 * @cb: Callback function for indicating when radio is available
5456 * @ctx: Context pointer for the work (work->ctx in cb())
5457 * Returns: 0 on success, -1 on failure
5458 *
5459 * This function is used to request time for an operation that requires
5460 * exclusive radio control. Once the radio is available, the registered callback
5461 * function will be called. radio_work_done() must be called once the exclusive
5462 * radio operation has been completed, so that the radio is freed for other
5463 * operations. The special case of deinit=1 is used to free the context data
5464 * during interface removal. That does not allow the callback function to start
5465 * the radio operation, i.e., it must free any resources allocated for the radio
5466 * work and return.
5467 *
5468 * The @freq parameter can be used to indicate a single channel on which the
5469 * offchannel operation will occur. This may allow multiple radio work
5470 * operations to be performed in parallel if they apply for the same channel.
5471 * Setting this to 0 indicates that the work item may use multiple channels or
5472 * requires exclusive control of the radio.
5473 */
5474int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5475 const char *type, int next,
5476 void (*cb)(struct wpa_radio_work *work, int deinit),
5477 void *ctx)
5478{
e903d32d 5479 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5480 struct wpa_radio_work *work;
5481 int was_empty;
5482
5483 work = os_zalloc(sizeof(*work));
5484 if (work == NULL)
5485 return -1;
5486 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5487 os_get_reltime(&work->time);
5488 work->freq = freq;
5489 work->type = type;
5490 work->wpa_s = wpa_s;
5491 work->cb = cb;
5492 work->ctx = ctx;
5493
e903d32d
KV		 5494 if (freq)
5495 work->bands = wpas_freq_to_band(freq);
5496 else if (os_strcmp(type, "scan") == 0 ||
5497 os_strcmp(type, "p2p-scan") == 0)
5498 work->bands = wpas_get_bands(wpa_s,
5499 ((struct wpa_driver_scan_params *)
5500 ctx)->freqs);
5501 else
5502 work->bands = wpas_get_bands(wpa_s, NULL);
5503
b1ae396f
JM		 5504 was_empty = dl_list_empty(&wpa_s->radio->work);
5505 if (next)
5506 dl_list_add(&wpa_s->radio->work, &work->list);
5507 else
5508 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5509 if (was_empty) {
5510 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5511 radio_work_check_next(wpa_s);
e903d32d
KV		 5512 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5513 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5514 wpa_dbg(wpa_s, MSG_DEBUG,
5515 "Try to schedule a radio work (num_active_works=%u)",
5516 radio->num_active_works);
5517 radio_work_check_next(wpa_s);
b1ae396f
JM		 5518 }
5519
5520 return 0;
5521}
5522
5523
5524/**
5525 * radio_work_done - Indicate that a radio work item has been completed
5526 * @work: Completed work
5527 *
5528 * This function is called once the callback function registered with
5529 * radio_add_work() has completed its work.
5530 */
5531void radio_work_done(struct wpa_radio_work *work)
5532{
5533 struct wpa_supplicant *wpa_s = work->wpa_s;
5534 struct os_reltime now, diff;
1f965e62 5535 unsigned int started = work->started;
b1ae396f
JM		 5536
5537 os_get_reltime(&now);
5538 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5539 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5540 work->type, work, started ? "done" : "canceled",
5541 diff.sec, diff.usec);
b1ae396f 5542 radio_work_free(work);
1f965e62
JM		 5543 if (started)
5544 radio_work_check_next(wpa_s);
b1ae396f
JM		 5545}
5546
5547
a7f5271d
JM		 5548struct wpa_radio_work *
5549radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5550{
5551 struct wpa_radio_work *work;
5552 struct wpa_radio *radio = wpa_s->radio;
5553
5554 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5555 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5556 return work;
f0e30c84
JM		 5557 }
5558
a7f5271d 5559 return NULL;
f0e30c84
JM		 5560}
5561
5562
73c00fd7 5563static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5564 const struct wpa_interface *iface)
73c00fd7 5565{
202dec2a 5566 const char *ifname, *driver, *rn;
73c00fd7
JM		 5567
5568 driver = iface->driver;
5569next_driver:
5570 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5571 return -1;
5572
5573 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5574 if (wpa_s->drv_priv == NULL) {
5575 const char *pos;
5576 pos = driver ? os_strchr(driver, ',') : NULL;
5577 if (pos) {
5578 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5579 "driver interface - try next driver wrapper");
5580 driver = pos + 1;
5581 goto next_driver;
5582 }
5583 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5584 "interface");
5585 return -1;
5586 }
5587 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5588 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5589 "driver_param '%s'", wpa_s->conf->driver_param);
5590 return -1;
5591 }
5592
5593 ifname = wpa_drv_get_ifname(wpa_s);
5594 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5595 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5596 "interface name with '%s'", ifname);
5597 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5598 }
5599
95bf699f 5600 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5601 if (rn && rn[0] == '\0')
5602 rn = NULL;
5603
5604 wpa_s->radio = radio_add_interface(wpa_s, rn);
5605 if (wpa_s->radio == NULL)
5606 return -1;
5607
73c00fd7
JM		 5608 return 0;
5609}
5610
5611
461d39af
JM		 5612#ifdef CONFIG_GAS_SERVER
5613
5614static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5615 unsigned int freq, const u8 *dst,
5616 const u8 *src, const u8 *bssid,
5617 const u8 *data, size_t data_len,
5618 enum offchannel_send_action_result result)
5619{
5620 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5621 " result=%s",
5622 freq, MAC2STR(dst),
5623 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5624 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5625 "FAILED"));
5626 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5627 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5628}
5629
5630
5631static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5632 struct wpabuf *buf, unsigned int wait_time)
5633{
5634 struct wpa_supplicant *wpa_s = ctx;
5635 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5636
5637 if (wait_time > wpa_s->max_remain_on_chan)
5638 wait_time = wpa_s->max_remain_on_chan;
5639
5640 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5641 wpabuf_head(buf), wpabuf_len(buf),
5642 wait_time, wpas_gas_server_tx_status, 0);
5643}
5644
5645#endif /* CONFIG_GAS_SERVER */
5646
6fc6879b 5647static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5648 const struct wpa_interface *iface)
6fc6879b 5649{
362f781e 5650 struct wpa_driver_capa capa;
6cbdb0c5 5651 int capa_res;
aa56e36d 5652 u8 dfs_domain;
362f781e 5653
6fc6879b
JM		 5654 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5655 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5656 iface->confname ? iface->confname : "N/A",
5657 iface->driver ? iface->driver : "default",
5658 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5659 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5660
6fc6879b
JM		 5661 if (iface->confname) {
5662#ifdef CONFIG_BACKEND_FILE
5663 wpa_s->confname = os_rel2abs_path(iface->confname);
5664 if (wpa_s->confname == NULL) {
5665 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5666 "for configuration file '%s'.",
5667 iface->confname);
5668 return -1;
5669 }
5670 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5671 iface->confname, wpa_s->confname);
5672#else /* CONFIG_BACKEND_FILE */
5673 wpa_s->confname = os_strdup(iface->confname);
5674#endif /* CONFIG_BACKEND_FILE */
e6304cad 5675 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 5676 if (wpa_s->conf == NULL) {
5677 wpa_printf(MSG_ERROR, "Failed to read or parse "
5678 "configuration '%s'.", wpa_s->confname);
5679 return -1;
5680 }
e6304cad 5681 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 5682 if (wpa_s->confanother &&
5683 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5684 wpa_printf(MSG_ERROR,
5685 "Failed to read or parse configuration '%s'.",
5686 wpa_s->confanother);
5687 return -1;
5688 }
6fc6879b
JM		 5689
5690 /*
5691 * Override ctrl_interface and driver_param if set on command
5692 * line.
5693 */
5694 if (iface->ctrl_interface) {
5695 os_free(wpa_s->conf->ctrl_interface);
5696 wpa_s->conf->ctrl_interface =
5697 os_strdup(iface->ctrl_interface);
5698 }
5699
5700 if (iface->driver_param) {
5701 os_free(wpa_s->conf->driver_param);
5702 wpa_s->conf->driver_param =
5703 os_strdup(iface->driver_param);
5704 }
78f79fe5
JM		 5705
5706 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5707 os_free(wpa_s->conf->ctrl_interface);
5708 wpa_s->conf->ctrl_interface = NULL;
5709 }
6fc6879b
JM		 5710 } else
5711 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5712 iface->driver_param);
5713
5714 if (wpa_s->conf == NULL) {
5715 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5716 return -1;
5717 }
5718
5719 if (iface->ifname == NULL) {
5720 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5721 return -1;
5722 }
5723 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5724 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5725 iface->ifname);
5726 return -1;
5727 }
5728 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5729
5730 if (iface->bridge_ifname) {
5731 if (os_strlen(iface->bridge_ifname) >=
5732 sizeof(wpa_s->bridge_ifname)) {
5733 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5734 "name '%s'.", iface->bridge_ifname);
5735 return -1;
5736 }
5737 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5738 sizeof(wpa_s->bridge_ifname));
5739 }
5740
6fc6879b
JM		 5741 /* RSNA Supplicant Key Management - INITIALIZE */
5742 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5743 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5744
5745 /* Initialize driver interface and register driver event handler before
5746 * L2 receive handler so that association events are processed before
5747 * EAPOL-Key packets if both become available for the same select()
5748 * call. */
73c00fd7 5749 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 5750 return -1;
5751
6fc6879b
JM		 5752 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5753 return -1;
5754
5755 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5756 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5757 NULL);
5758 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5759
5760 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5761 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5762 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 5763 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5764 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 5765 return -1;
5766 }
5767
5768 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5769 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5770 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 5771 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 5772 "dot11RSNAConfigPMKReauthThreshold");
5773 return -1;
5774 }
5775
5776 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5777 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5778 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 5779 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5780 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 5781 return -1;
5782 }
5783
6bf731e8
CL		 5784 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5785 &wpa_s->hw.num_modes,
aa56e36d
VT		 5786 &wpa_s->hw.flags,
5787 &dfs_domain);
a1b790eb
JM		 5788 if (wpa_s->hw.modes) {
5789 u16 i;
5790
5791 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5792 if (wpa_s->hw.modes[i].vht_capab) {
5793 wpa_s->hw_capab = CAPAB_VHT;
5794 break;
5795 }
5796
5797 if (wpa_s->hw.modes[i].ht_capab &
5798 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5799 wpa_s->hw_capab = CAPAB_HT40;
5800 else if (wpa_s->hw.modes[i].ht_capab &&
5801 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5802 wpa_s->hw_capab = CAPAB_HT;
5803 }
5804 }
6bf731e8 5805
6cbdb0c5
JM		 5806 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5807 if (capa_res == 0) {
c58ab8f2 5808 wpa_s->drv_capa_known = 1;
814782b9 5809 wpa_s->drv_flags = capa.flags;
349493bd 5810 wpa_s->drv_enc = capa.enc;
04ee647d 5811 wpa_s->drv_smps_modes = capa.smps_modes;
f936b73c 5812 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 5813 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 5814 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 5815 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 5816 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5817 wpa_s->max_sched_scan_plan_interval =
5818 capa.max_sched_scan_plan_interval;
5819 wpa_s->max_sched_scan_plan_iterations =
5820 capa.max_sched_scan_plan_iterations;
cbdf3507 5821 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 5822 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 5823 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 5824 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 5825 wpa_s->extended_capa = capa.extended_capa;
5826 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5827 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 5828 wpa_s->num_multichan_concurrent =
5829 capa.num_multichan_concurrent;
471cd6e1 5830 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 5831
5832 if (capa.mac_addr_rand_scan_supported)
5833 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5834 if (wpa_s->sched_scan_supported &&
5835 capa.mac_addr_rand_sched_scan_supported)
5836 wpa_s->mac_addr_rand_supported |=
5837 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
2a93ecc8
JM		 5838
5839 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
5840 if (wpa_s->extended_capa &&
5841 wpa_s->extended_capa_len >= 3 &&
5842 wpa_s->extended_capa[2] & 0x40)
5843 wpa_s->multi_bss_support = 1;
814782b9
JM		 5844 }
5845 if (wpa_s->max_remain_on_chan == 0)
5846 wpa_s->max_remain_on_chan = 1000;
5847
c68f6200
AS		 5848 /*
5849 * Only take p2p_mgmt parameters when P2P Device is supported.
5850 * Doing it here as it determines whether l2_packet_init() will be done
5851 * during wpa_supplicant_driver_init().
5852 */
5853 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5854 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 5855
4752147d
IP		 5856 if (wpa_s->num_multichan_concurrent == 0)
5857 wpa_s->num_multichan_concurrent = 1;
5858
6fc6879b
JM		 5859 if (wpa_supplicant_driver_init(wpa_s) < 0)
5860 return -1;
5861
281ff0aa 5862#ifdef CONFIG_TDLS
8fb2b357 5863 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 5864 return -1;
5865#endif /* CONFIG_TDLS */
5866
315ce40a
JM		 5867 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5868 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 5869 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 5870 return -1;
5871 }
5872
b36a3a65
AN		 5873#ifdef CONFIG_FST
5874 if (wpa_s->conf->fst_group_id) {
5875 struct fst_iface_cfg cfg;
5876 struct fst_wpa_obj iface_obj;
5877
5878 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5879 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5880 sizeof(cfg.group_id));
5881 cfg.priority = wpa_s->conf->fst_priority;
5882 cfg.llt = wpa_s->conf->fst_llt;
5883
5884 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5885 &iface_obj, &cfg);
5886 if (!wpa_s->fst) {
5887 wpa_msg(wpa_s, MSG_ERROR,
5888 "FST: Cannot attach iface %s to group %s",
5889 wpa_s->ifname, cfg.group_id);
5890 return -1;
5891 }
5892 }
5893#endif /* CONFIG_FST */
5894
116654ce
JM		 5895 if (wpas_wps_init(wpa_s))
5896 return -1;
5897
461d39af
JM		 5898#ifdef CONFIG_GAS_SERVER
5899 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5900 if (!wpa_s->gas_server) {
5901 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5902 return -1;
5903 }
5904#endif /* CONFIG_GAS_SERVER */
5905
be27e185
JM		 5906#ifdef CONFIG_DPP
5907 if (wpas_dpp_init(wpa_s) < 0)
5908 return -1;
5909#endif /* CONFIG_DPP */
5910
6fc6879b
JM		 5911 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5912 return -1;
5913 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5914
5915 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5916 if (wpa_s->ctrl_iface == NULL) {
5917 wpa_printf(MSG_ERROR,
5918 "Failed to initialize control interface '%s'.\n"
5919 "You may have another wpa_supplicant process "
5920 "already running or the file was\n"
5921 "left by an unclean termination of wpa_supplicant "
5922 "in which case you will need\n"
5923 "to manually remove this file before starting "
5924 "wpa_supplicant again.\n",
5925 wpa_s->conf->ctrl_interface);
5926 return -1;
5927 }
5928
04ea7b79
JM		 5929 wpa_s->gas = gas_query_init(wpa_s);
5930 if (wpa_s->gas == NULL) {
5931 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5932 return -1;
5933 }
5934
8fb2b357
VV		 5935 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
5936 wpa_s->p2p_mgmt) &&
5937 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 5938 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 5939 return -1;
5940 }
b22128ef 5941
83922c2d
JM		 5942 if (wpa_bss_init(wpa_s) < 0)
5943 return -1;
83922c2d 5944
4d77d80e
MH		 5945#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5946#ifdef CONFIG_MESH
5947 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5948#endif /* CONFIG_MESH */
5949#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5950
e4fa8b12
EP		 5951 /*
5952 * Set Wake-on-WLAN triggers, if configured.
5953 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5954 * have effect anyway when the interface is down).
5955 */
6cbdb0c5 5956 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 5957 return -1;
5958
ec7b97ab
JM		 5959#ifdef CONFIG_EAP_PROXY
5960{
5961 size_t len;
b5db6e5d
VK		 5962 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5963 wpa_s->imsi, &len);
ec7b97ab
JM		 5964 if (wpa_s->mnc_len > 0) {
5965 wpa_s->imsi[len] = '\0';
5966 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5967 wpa_s->imsi, wpa_s->mnc_len);
5968 } else {
5969 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5970 }
5971}
5972#endif /* CONFIG_EAP_PROXY */
5973
f64adcd7
JM		 5974 if (pcsc_reader_init(wpa_s) < 0)
5975 return -1;
5976
306ae225
JM		 5977 if (wpas_init_ext_pw(wpa_s) < 0)
5978 return -1;
5979
b361d580
AK		 5980 wpas_rrm_reset(wpa_s);
5981
32c02261
AS		 5982 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5983
ca9968a0
JM		 5984#ifdef CONFIG_HS20
5985 hs20_init(wpa_s);
5986#endif /* CONFIG_HS20 */
92c6e2e3 5987#ifdef CONFIG_MBO
332aadb8
AP		 5988 if (wpa_s->conf->oce) {
5989 if ((wpa_s->conf->oce & OCE_STA) &&
5990 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5991 wpa_s->enable_oce = OCE_STA;
5992 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5993 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5994 /* TODO: Need to add STA-CFON support */
5995 wpa_printf(MSG_ERROR,
5996 "OCE STA-CFON feature is not yet supported");
5997 }
5998 }
92c6e2e3
DS		 5999 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6000#endif /* CONFIG_MBO */
ca9968a0 6001
cc9985d1 6002 wpa_supplicant_set_default_scan_ies(wpa_s);
6003
6fc6879b
JM		 6004 return 0;
6005}
6006
6007
2ee055b3 6008static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 6009 int notify, int terminate)
6fc6879b 6010{
26fc96e8
JM		 6011 struct wpa_global *global = wpa_s->global;
6012 struct wpa_supplicant *iface, *prev;
6013
6014 if (wpa_s == wpa_s->parent)
6015 wpas_p2p_group_remove(wpa_s, "*");
6016
6017 iface = global->ifaces;
6018 while (iface) {
96a26ab7
LD		 6019 if (iface->p2pdev == wpa_s)
6020 iface->p2pdev = iface->parent;
26fc96e8
JM		 6021 if (iface == wpa_s || iface->parent != wpa_s) {
6022 iface = iface->next;
6023 continue;
6024 }
6025 wpa_printf(MSG_DEBUG,
6026 "Remove remaining child interface %s from parent %s",
6027 iface->ifname, wpa_s->ifname);
6028 prev = iface;
6029 iface = iface->next;
6030 wpa_supplicant_remove_iface(global, prev, terminate);
6031 }
6032
e679f140 6033 wpa_s->disconnected = 1;
6fc6879b
JM		 6034 if (wpa_s->drv_priv) {
6035 wpa_supplicant_deauthenticate(wpa_s,
6036 WLAN_REASON_DEAUTH_LEAVING);
6037
6fc6879b
JM		 6038 wpa_drv_set_countermeasures(wpa_s, 0);
6039 wpa_clear_keys(wpa_s, NULL);
6040 }
6041
8e56d189 6042 wpa_supplicant_cleanup(wpa_s);
bd10d938 6043 wpas_p2p_deinit_iface(wpa_s);
ab28911d 6044
1f965e62 6045 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 6046 radio_remove_interface(wpa_s);
6047
b36a3a65
AN		 6048#ifdef CONFIG_FST
6049 if (wpa_s->fst) {
6050 fst_detach(wpa_s->fst);
6051 wpa_s->fst = NULL;
6052 }
6053 if (wpa_s->received_mb_ies) {
6054 wpabuf_free(wpa_s->received_mb_ies);
6055 wpa_s->received_mb_ies = NULL;
6056 }
6057#endif /* CONFIG_FST */
6058
6fc6879b
JM		 6059 if (wpa_s->drv_priv)
6060 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 6061
6062 if (notify)
6063 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 6064
6065 if (terminate)
6066 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6067
6068 if (wpa_s->ctrl_iface) {
6069 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6070 wpa_s->ctrl_iface = NULL;
6071 }
6072
603a3f34
JL		 6073#ifdef CONFIG_MESH
6074 if (wpa_s->ifmsh) {
6075 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6076 wpa_s->ifmsh = NULL;
6077 }
6078#endif /* CONFIG_MESH */
6079
f0811516
DS		 6080 if (wpa_s->conf != NULL) {
6081 wpa_config_free(wpa_s->conf);
6082 wpa_s->conf = NULL;
6083 }
18e00b5e 6084
a80651d0
KV		 6085 os_free(wpa_s->ssids_from_scan_req);
6086
18e00b5e 6087 os_free(wpa_s);
6fc6879b
JM		 6088}
6089
6090
2e997eec
RM		 6091#ifdef CONFIG_MATCH_IFACE
6092
6093/**
6094 * wpa_supplicant_match_iface - Match an interface description to a name
6095 * @global: Pointer to global data from wpa_supplicant_init()
6096 * @ifname: Name of the interface to match
6097 * Returns: Pointer to the created interface description or %NULL on failure
6098 */
6099struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6100 const char *ifname)
6101{
6102 int i;
6103 struct wpa_interface *iface, *miface;
6104
6105 for (i = 0; i < global->params.match_iface_count; i++) {
6106 miface = &global->params.match_ifaces[i];
6107 if (!miface->ifname ||
6108 fnmatch(miface->ifname, ifname, 0) == 0) {
6109 iface = os_zalloc(sizeof(*iface));
6110 if (!iface)
6111 return NULL;
6112 *iface = *miface;
6113 iface->ifname = ifname;
6114 return iface;
6115 }
6116 }
6117
6118 return NULL;
6119}
6120
6121
6122/**
6123 * wpa_supplicant_match_existing - Match existing interfaces
6124 * @global: Pointer to global data from wpa_supplicant_init()
6125 * Returns: 0 on success, -1 on failure
6126 */
6127static int wpa_supplicant_match_existing(struct wpa_global *global)
6128{
6129 struct if_nameindex *ifi, *ifp;
6130 struct wpa_supplicant *wpa_s;
6131 struct wpa_interface *iface;
6132
6133 ifp = if_nameindex();
6134 if (!ifp) {
6135 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6136 return -1;
6137 }
6138
6139 for (ifi = ifp; ifi->if_name; ifi++) {
6140 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6141 if (wpa_s)
6142 continue;
6143 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6144 if (iface) {
6145 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6146 os_free(iface);
6147 if (wpa_s)
6148 wpa_s->matched = 1;
6149 }
6150 }
6151
6152 if_freenameindex(ifp);
6153 return 0;
6154}
6155
6156#endif /* CONFIG_MATCH_IFACE */
6157
6158
6fc6879b
JM		 6159/**
6160 * wpa_supplicant_add_iface - Add a new network interface
6161 * @global: Pointer to global data from wpa_supplicant_init()
6162 * @iface: Interface configuration options
1772d348 6163 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 6164 * Returns: Pointer to the created interface or %NULL on failure
6165 *
6166 * This function is used to add new network interfaces for %wpa_supplicant.
6167 * This can be called before wpa_supplicant_run() to add interfaces before the
6168 * main event loop has been started. In addition, new interfaces can be added
6169 * dynamically while %wpa_supplicant is already running. This could happen,
6170 * e.g., when a hotplug network adapter is inserted.
6171 */
6172struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 6173 struct wpa_interface *iface,
6174 struct wpa_supplicant *parent)
6fc6879b
JM		 6175{
6176 struct wpa_supplicant *wpa_s;
d27df100 6177 struct wpa_interface t_iface;
8e56d189 6178 struct wpa_ssid *ssid;
6fc6879b
JM		 6179
6180 if (global == NULL || iface == NULL)
6181 return NULL;
6182
1772d348 6183 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 6184 if (wpa_s == NULL)
6185 return NULL;
6186
d8222ae3
JM		 6187 wpa_s->global = global;
6188
d27df100
JM		 6189 t_iface = *iface;
6190 if (global->params.override_driver) {
6191 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6192 "('%s' -> '%s')",
6193 iface->driver, global->params.override_driver);
6194 t_iface.driver = global->params.override_driver;
6195 }
6196 if (global->params.override_ctrl_interface) {
6197 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6198 "ctrl_interface ('%s' -> '%s')",
6199 iface->ctrl_interface,
6200 global->params.override_ctrl_interface);
6201 t_iface.ctrl_interface =
6202 global->params.override_ctrl_interface;
6203 }
6204 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 6205 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6206 iface->ifname);
df509539 6207 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 6208 return NULL;
6209 }
6210
21efc940
TB		 6211 if (iface->p2p_mgmt == 0) {
6212 /* Notify the control interfaces about new iface */
6213 if (wpas_notify_iface_added(wpa_s)) {
6214 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6215 return NULL;
6216 }
1bd3f426 6217
21efc940
TB		 6218 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6219 wpas_notify_network_added(wpa_s, ssid);
6220 }
8e56d189 6221
6fc6879b
JM		 6222 wpa_s->next = global->ifaces;
6223 global->ifaces = wpa_s;
6224
f049052b 6225 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 6226 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 6227
c3c4b3ed
JM		 6228#ifdef CONFIG_P2P
6229 if (wpa_s->global->p2p == NULL &&
74802c09 6230 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 6231 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 6232 wpas_p2p_add_p2pdev_interface(
6233 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 6234 wpa_printf(MSG_INFO,
6235 "P2P: Failed to enable P2P Device interface");
6236 /* Try to continue without. P2P will be disabled. */
6237 }
6238#endif /* CONFIG_P2P */
6239
6fc6879b
JM		 6240 return wpa_s;
6241}
6242
6243
6244/**
6245 * wpa_supplicant_remove_iface - Remove a network interface
6246 * @global: Pointer to global data from wpa_supplicant_init()
6247 * @wpa_s: Pointer to the network interface to be removed
6248 * Returns: 0 if interface was removed, -1 if interface was not found
6249 *
6250 * This function can be used to dynamically remove network interfaces from
6251 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6252 * addition, this function is used to remove all remaining interfaces when
6253 * %wpa_supplicant is terminated.
6254 */
6255int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 6256 struct wpa_supplicant *wpa_s,
6257 int terminate)
6fc6879b
JM		 6258{
6259 struct wpa_supplicant *prev;
5b78493f
MH		 6260#ifdef CONFIG_MESH
6261 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6262 char *ifname = NULL;
9b170991 6263 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 6264#endif /* CONFIG_MESH */
6fc6879b
JM		 6265
6266 /* Remove interface from the global list of interfaces */
6267 prev = global->ifaces;
6268 if (prev == wpa_s) {
6269 global->ifaces = wpa_s->next;
6270 } else {
6271 while (prev && prev->next != wpa_s)
6272 prev = prev->next;
6273 if (prev == NULL)
6274 return -1;
6275 prev->next = wpa_s->next;
6276 }
6277
f049052b 6278 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 6279
5b78493f
MH		 6280#ifdef CONFIG_MESH
6281 if (mesh_if_created) {
6282 ifname = os_strdup(wpa_s->ifname);
6283 if (ifname == NULL) {
6284 wpa_dbg(wpa_s, MSG_ERROR,
6285 "mesh: Failed to malloc ifname");
6286 return -1;
6287 }
6288 }
6289#endif /* CONFIG_MESH */
6290
b22128ef
JM		 6291 if (global->p2p_group_formation == wpa_s)
6292 global->p2p_group_formation = NULL;
dbca75f8
JM		 6293 if (global->p2p_invite_group == wpa_s)
6294 global->p2p_invite_group = NULL;
df509539 6295 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 6296
5b78493f
MH		 6297#ifdef CONFIG_MESH
6298 if (mesh_if_created) {
9b170991 6299 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 6300 os_free(ifname);
6301 }
6302#endif /* CONFIG_MESH */
6303
6fc6879b
JM		 6304 return 0;
6305}
6306
6307
cf83fb0b
PS		 6308/**
6309 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6310 * @wpa_s: Pointer to the network interface
6311 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6312 */
6313const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6314{
6315 const char *eapol_method;
6316
6317 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6318 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6319 return "NO-EAP";
6320 }
6321
6322 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6323 if (eapol_method == NULL)
6324 return "UNKNOWN-EAP";
6325
6326 return eapol_method;
6327}
6328
6329
6fc6879b
JM		 6330/**
6331 * wpa_supplicant_get_iface - Get a new network interface
6332 * @global: Pointer to global data from wpa_supplicant_init()
6333 * @ifname: Interface name
6334 * Returns: Pointer to the interface or %NULL if not found
6335 */
6336struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6337 const char *ifname)
6338{
6339 struct wpa_supplicant *wpa_s;
6340
6341 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6342 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6343 return wpa_s;
6344 }
6345 return NULL;
6346}
6347
6348
50b16da1 6349#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6350static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6351{
6352 struct wpa_supplicant *wpa_s = ctx;
6353 if (wpa_s == NULL)
6354 return NULL;
6355 return wpa_s->ifname;
6356}
50b16da1 6357#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6358
6359
8c0d0ff2
JM		 6360#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6361#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6362#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6363
6364/* Periodic cleanup tasks */
6365static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6366{
6367 struct wpa_global *global = eloop_ctx;
6368 struct wpa_supplicant *wpa_s;
6369
6370 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6371 wpas_periodic, global, NULL);
6372
6373#ifdef CONFIG_P2P
6374 if (global->p2p)
6375 p2p_expire_peers(global->p2p);
6376#endif /* CONFIG_P2P */
6377
3188aaba 6378 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6379 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6380#ifdef CONFIG_AP
6381 ap_periodic(wpa_s);
6382#endif /* CONFIG_AP */
6383 }
8c0d0ff2
JM		 6384}
6385
6386
6fc6879b
JM		 6387/**
6388 * wpa_supplicant_init - Initialize %wpa_supplicant
6389 * @params: Parameters for %wpa_supplicant
6390 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6391 *
6392 * This function is used to initialize %wpa_supplicant. After successful
6393 * initialization, the returned data pointer can be used to add and remove
6394 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6395 */
6396struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6397{
6398 struct wpa_global *global;
ac305589 6399 int ret, i;
6fc6879b
JM		 6400
6401 if (params == NULL)
6402 return NULL;
6403
39e7d718
JM		 6404#ifdef CONFIG_DRIVER_NDIS
6405 {
6406 void driver_ndis_init_ops(void);
6407 driver_ndis_init_ops();
6408 }
6409#endif /* CONFIG_DRIVER_NDIS */
6410
50b16da1 6411#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6412 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6413#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6414
f4637fe0
JM		 6415 if (params->wpa_debug_file_path)
6416 wpa_debug_open_file(params->wpa_debug_file_path);
6417 else
6418 wpa_debug_setup_stdout();
daa70d49
SL		 6419 if (params->wpa_debug_syslog)
6420 wpa_debug_open_syslog();
4f68895e
JB		 6421 if (params->wpa_debug_tracing) {
6422 ret = wpa_debug_open_linux_tracing();
6423 if (ret) {
6424 wpa_printf(MSG_ERROR,
6425 "Failed to enable trace logging");
6426 return NULL;
6427 }
6428 }
6fc6879b 6429
12760815 6430 ret = eap_register_methods();
6fc6879b
JM		 6431 if (ret) {
6432 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6433 if (ret == -2)
6434 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6435 "the same EAP type.");
6436 return NULL;
6437 }
6438
6439 global = os_zalloc(sizeof(*global));
6440 if (global == NULL)
6441 return NULL;
b22128ef
JM		 6442 dl_list_init(&global->p2p_srv_bonjour);
6443 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6444 global->params.daemonize = params->daemonize;
6445 global->params.wait_for_monitor = params->wait_for_monitor;
6446 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6447 if (params->pid_file)
6448 global->params.pid_file = os_strdup(params->pid_file);
6449 if (params->ctrl_interface)
6450 global->params.ctrl_interface =
6451 os_strdup(params->ctrl_interface);
29257565
JM		 6452 if (params->ctrl_interface_group)
6453 global->params.ctrl_interface_group =
6454 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6455 if (params->override_driver)
6456 global->params.override_driver =
6457 os_strdup(params->override_driver);
6458 if (params->override_ctrl_interface)
6459 global->params.override_ctrl_interface =
6460 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6461#ifdef CONFIG_MATCH_IFACE
6462 global->params.match_iface_count = params->match_iface_count;
6463 if (params->match_iface_count) {
6464 global->params.match_ifaces =
6465 os_calloc(params->match_iface_count,
6466 sizeof(struct wpa_interface));
6467 os_memcpy(global->params.match_ifaces,
6468 params->match_ifaces,
6469 params->match_iface_count *
6470 sizeof(struct wpa_interface));
6471 }
6472#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6473#ifdef CONFIG_P2P
6474 if (params->conf_p2p_dev)
6475 global->params.conf_p2p_dev =
6476 os_strdup(params->conf_p2p_dev);
6477#endif /* CONFIG_P2P */
6fc6879b
JM		 6478 wpa_debug_level = global->params.wpa_debug_level =
6479 params->wpa_debug_level;
6480 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6481 params->wpa_debug_show_keys;
6482 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6483 params->wpa_debug_timestamp;
6484
f19858f5
JM		 6485 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6486
0456ea16 6487 if (eloop_init()) {
6fc6879b
JM		 6488 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6489 wpa_supplicant_deinit(global);
6490 return NULL;
6491 }
6492
38e24575 6493 random_init(params->entropy_file);
d47fa330 6494
6fc6879b
JM		 6495 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6496 if (global->ctrl_iface == NULL) {
6497 wpa_supplicant_deinit(global);
6498 return NULL;
6499 }
6500
dc461de4
WS		 6501 if (wpas_notify_supplicant_initialized(global)) {
6502 wpa_supplicant_deinit(global);
6503 return NULL;
6fc6879b
JM		 6504 }
6505
c5121837 6506 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6507 global->drv_count++;
6508 if (global->drv_count == 0) {
6509 wpa_printf(MSG_ERROR, "No drivers enabled");
6510 wpa_supplicant_deinit(global);
6511 return NULL;
6512 }
faebdeaa 6513 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6514 if (global->drv_priv == NULL) {
6515 wpa_supplicant_deinit(global);
6516 return NULL;
6517 }
ac305589 6518
9675ce35
JM		 6519#ifdef CONFIG_WIFI_DISPLAY
6520 if (wifi_display_init(global) < 0) {
6521 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6522 wpa_supplicant_deinit(global);
6523 return NULL;
6524 }
6525#endif /* CONFIG_WIFI_DISPLAY */
6526
8c0d0ff2
JM		 6527 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6528 wpas_periodic, global, NULL);
6529
6fc6879b
JM		 6530 return global;
6531}
6532
6533
6534/**
6535 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6536 * @global: Pointer to global data from wpa_supplicant_init()
6537 * Returns: 0 after successful event loop run, -1 on failure
6538 *
6539 * This function starts the main event loop and continues running as long as
6540 * there are any remaining events. In most cases, this function is running as
6541 * long as the %wpa_supplicant process in still in use.
6542 */
6543int wpa_supplicant_run(struct wpa_global *global)
6544{
6545 struct wpa_supplicant *wpa_s;
6546
6547 if (global->params.daemonize &&
2e69bdd1
RM		 6548 (wpa_supplicant_daemon(global->params.pid_file) ||
6549 eloop_sock_requeue()))
6fc6879b
JM		 6550 return -1;
6551
2e997eec
RM		 6552#ifdef CONFIG_MATCH_IFACE
6553 if (wpa_supplicant_match_existing(global))
6554 return -1;
6555#endif
6556
6fc6879b
JM		 6557 if (global->params.wait_for_monitor) {
6558 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6559 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6560 wpa_supplicant_ctrl_iface_wait(
6561 wpa_s->ctrl_iface);
6562 }
6563
0456ea16
JM		 6564 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6565 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6566
6567 eloop_run();
6568
6569 return 0;
6570}
6571
6572
6573/**
6574 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6575 * @global: Pointer to global data from wpa_supplicant_init()
6576 *
6577 * This function is called to deinitialize %wpa_supplicant and to free all
6578 * allocated resources. Remaining network interfaces will also be removed.
6579 */
6580void wpa_supplicant_deinit(struct wpa_global *global)
6581{
ac305589
JM		 6582 int i;
6583
6fc6879b
JM		 6584 if (global == NULL)
6585 return;
6586
8c0d0ff2
JM		 6587 eloop_cancel_timeout(wpas_periodic, global, NULL);
6588
9675ce35
JM		 6589#ifdef CONFIG_WIFI_DISPLAY
6590 wifi_display_deinit(global);
6591#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6592
6fc6879b 6593 while (global->ifaces)
df509539 6594 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6595
6596 if (global->ctrl_iface)
6597 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6598
6599 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6600
6601 eap_peer_unregister_methods();
3ec97afe
JM		 6602#ifdef CONFIG_AP
6603 eap_server_unregister_methods();
6604#endif /* CONFIG_AP */
6fc6879b 6605
c5121837 6606 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6607 if (!global->drv_priv[i])
6608 continue;
c5121837 6609 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6610 }
6611 os_free(global->drv_priv);
6612
d47fa330
JM		 6613 random_deinit();
6614
6fc6879b
JM		 6615 eloop_destroy();
6616
6617 if (global->params.pid_file) {
6618 os_daemonize_terminate(global->params.pid_file);
6619 os_free(global->params.pid_file);
6620 }
6621 os_free(global->params.ctrl_interface);
29257565 6622 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6623 os_free(global->params.override_driver);
6624 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6625#ifdef CONFIG_MATCH_IFACE
6626 os_free(global->params.match_ifaces);
6627#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6628#ifdef CONFIG_P2P
6629 os_free(global->params.conf_p2p_dev);
6630#endif /* CONFIG_P2P */
6fc6879b 6631
af8a827b 6632 os_free(global->p2p_disallow_freq.range);
253f2e37 6633 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6634 os_free(global->add_psk);
6f3bc72b 6635
6fc6879b 6636 os_free(global);
daa70d49 6637 wpa_debug_close_syslog();
6fc6879b 6638 wpa_debug_close_file();
4f68895e 6639 wpa_debug_close_linux_tracing();
6fc6879b 6640}
611aea7d
JM		 6641
6642
6643void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6644{
849b5dc7
JM		 6645 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6646 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6647 char country[3];
6648 country[0] = wpa_s->conf->country[0];
6649 country[1] = wpa_s->conf->country[1];
6650 country[2] = '\0';
6651 if (wpa_drv_set_country(wpa_s, country) < 0) {
6652 wpa_printf(MSG_ERROR, "Failed to set country code "
6653 "'%s'", country);
6654 }
6655 }
6656
306ae225
JM		 6657 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6658 wpas_init_ext_pw(wpa_s);
6659
bea48f77
JM		 6660 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6661 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6662
3c7863f8
LD		 6663 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6664 struct wpa_driver_capa capa;
6665 int res = wpa_drv_get_capa(wpa_s, &capa);
6666
6667 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6668 wpa_printf(MSG_ERROR,
6669 "Failed to update wowlan_triggers to '%s'",
6670 wpa_s->conf->wowlan_triggers);
6671 }
6672
ef59f987
AB		 6673 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
6674 wpa_supplicant_set_default_scan_ies(wpa_s);
6675
611aea7d
JM		 6676#ifdef CONFIG_WPS
6677 wpas_wps_update_config(wpa_s);
6678#endif /* CONFIG_WPS */
b22128ef 6679 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 6680 wpa_s->conf->changed_parameters = 0;
6681}
2f9c6aa6
JM		 6682
6683
e1117c1c 6684void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 6685{
6686 int i;
6687
6688 for (i = 0; i < *num_freqs; i++) {
6689 if (freqs[i] == freq)
6690 return;
6691 }
6692
6693 freqs[*num_freqs] = freq;
6694 (*num_freqs)++;
6695}
6696
6697
6698static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6699{
6700 struct wpa_bss *bss, *cbss;
6701 const int max_freqs = 10;
6702 int *freqs;
6703 int num_freqs = 0;
6704
faebdeaa 6705 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 6706 if (freqs == NULL)
6707 return NULL;
6708
6709 cbss = wpa_s->current_bss;
6710
6711 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6712 if (bss == cbss)
6713 continue;
6714 if (bss->ssid_len == cbss->ssid_len &&
6715 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6716 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6717 add_freq(freqs, &num_freqs, bss->freq);
6718 if (num_freqs == max_freqs)
6719 break;
6720 }
6721 }
6722
6723 if (num_freqs == 0) {
6724 os_free(freqs);
6725 freqs = NULL;
6726 }
6727
6728 return freqs;
6729}
6730
6731
6732void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6733{
6734 int timeout;
6735 int count;
6736 int *freqs = NULL;
6737
6ac4b15e
JM		 6738 wpas_connect_work_done(wpa_s);
6739
5fd9fb27
JM		 6740 /*
6741 * Remove possible authentication timeout since the connection failed.
6742 */
6743 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6744
c2805909
JM		 6745 /*
6746 * There is no point in blacklisting the AP if this event is
6747 * generated based on local request to disconnect.
6748 */
6749 if (wpa_s->own_disconnect_req) {
6750 wpa_s->own_disconnect_req = 0;
6751 wpa_dbg(wpa_s, MSG_DEBUG,
6752 "Ignore connection failure due to local request to disconnect");
6753 return;
6754 }
0cdb93fe 6755 if (wpa_s->disconnected) {
0cdb93fe
JM		 6756 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6757 "indication since interface has been put into "
6758 "disconnected state");
6759 return;
6760 }
6761
0fb337c1
JM		 6762 /*
6763 * Add the failed BSSID into the blacklist and speed up next scan
6764 * attempt if there could be other APs that could accept association.
6765 * The current blacklist count indicates how many times we have tried
6766 * connecting to this AP and multiple attempts mean that other APs are
6767 * either not available or has already been tried, so that we can start
6768 * increasing the delay here to avoid constant scanning.
6769 */
6770 count = wpa_blacklist_add(wpa_s, bssid);
6771 if (count == 1 && wpa_s->current_bss) {
6772 /*
6773 * This BSS was not in the blacklist before. If there is
6774 * another BSS available for the same ESS, we should try that
6775 * next. Otherwise, we may as well try this one once more
6776 * before allowing other, likely worse, ESSes to be considered.
6777 */
6778 freqs = get_bss_freqs_in_ess(wpa_s);
6779 if (freqs) {
f049052b
BG		 6780 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6781 "has been seen; try it next");
0fb337c1
JM		 6782 wpa_blacklist_add(wpa_s, bssid);
6783 /*
6784 * On the next scan, go through only the known channels
6785 * used in this ESS based on previous scans to speed up
6786 * common load balancing use case.
6787 */
6788 os_free(wpa_s->next_scan_freqs);
6789 wpa_s->next_scan_freqs = freqs;
6790 }
6791 }
6792
f1a52633
JM		 6793 /*
6794 * Add previous failure count in case the temporary blacklist was
6795 * cleared due to no other BSSes being available.
6796 */
6797 count += wpa_s->extra_blacklist_count;
6798
dd579704
JM		 6799 if (count > 3 && wpa_s->current_ssid) {
6800 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6801 "consider temporary network disabling");
b19c098e 6802 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 6803 }
6804
0fb337c1
JM		 6805 switch (count) {
6806 case 1:
6807 timeout = 100;
6808 break;
6809 case 2:
6810 timeout = 500;
6811 break;
6812 case 3:
6813 timeout = 1000;
6814 break;
f1a52633 6815 case 4:
0fb337c1 6816 timeout = 5000;
f1a52633
JM		 6817 break;
6818 default:
6819 timeout = 10000;
6820 break;
0fb337c1
JM		 6821 }
6822
f1a52633
JM		 6823 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6824 "ms", count, timeout);
6825
0fb337c1
JM		 6826 /*
6827 * TODO: if more than one possible AP is available in scan results,
6828 * could try the other ones before requesting a new scan.
6829 */
0a42f1ed
IP		 6830
6831 /* speed up the connection attempt with normal scan */
6832 wpa_s->normal_scans = 0;
0fb337c1
JM		 6833 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6834 1000 * (timeout % 1000));
6835}
22628eca
JM		 6836
6837
af835d75
AB		 6838#ifdef CONFIG_FILS
6839void fils_connection_failure(struct wpa_supplicant *wpa_s)
6840{
6841 struct wpa_ssid *ssid = wpa_s->current_ssid;
6842 const u8 *realm, *username, *rrk;
6843 size_t realm_len, username_len, rrk_len;
6844 u16 next_seq_num;
6845
6846 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
6847 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
6848 &username, &username_len,
6849 &realm, &realm_len, &next_seq_num,
6850 &rrk, &rrk_len) != 0 ||
6851 !realm)
6852 return;
6853
6854 wpa_hexdump_ascii(MSG_DEBUG,
6855 "FILS: Store last connection failure realm",
6856 realm, realm_len);
6857 os_free(wpa_s->last_con_fail_realm);
6858 wpa_s->last_con_fail_realm = os_malloc(realm_len);
6859 if (wpa_s->last_con_fail_realm) {
6860 wpa_s->last_con_fail_realm_len = realm_len;
6861 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
6862 }
6863}
6864#endif /* CONFIG_FILS */
6865
6866
22628eca
JM		 6867int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6868{
6869 return wpa_s->conf->ap_scan == 2 ||
6870 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6871}
d2118814
JM		 6872
6873
6874#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6875int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6876 struct wpa_ssid *ssid,
6877 const char *field,
6878 const char *value)
6879{
6880#ifdef IEEE8021X_EAPOL
6881 struct eap_peer_config *eap = &ssid->eap;
6882
6883 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6884 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6885 (const u8 *) value, os_strlen(value));
6886
6887 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6888 case WPA_CTRL_REQ_EAP_IDENTITY:
6889 os_free(eap->identity);
6890 eap->identity = (u8 *) os_strdup(value);
6891 eap->identity_len = os_strlen(value);
6892 eap->pending_req_identity = 0;
6893 if (ssid == wpa_s->current_ssid)
6894 wpa_s->reassociate = 1;
6895 break;
6896 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 6897 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 6898 eap->password = (u8 *) os_strdup(value);
6899 eap->password_len = os_strlen(value);
6900 eap->pending_req_password = 0;
6901 if (ssid == wpa_s->current_ssid)
6902 wpa_s->reassociate = 1;
6903 break;
6904 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 6905 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 6906 eap->new_password = (u8 *) os_strdup(value);
6907 eap->new_password_len = os_strlen(value);
6908 eap->pending_req_new_password = 0;
6909 if (ssid == wpa_s->current_ssid)
6910 wpa_s->reassociate = 1;
6911 break;
6912 case WPA_CTRL_REQ_EAP_PIN:
19c48da0 6913 str_clear_free(eap->pin);
d2118814
JM		 6914 eap->pin = os_strdup(value);
6915 eap->pending_req_pin = 0;
6916 if (ssid == wpa_s->current_ssid)
6917 wpa_s->reassociate = 1;
6918 break;
6919 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 6920 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 6921 eap->otp = (u8 *) os_strdup(value);
6922 eap->otp_len = os_strlen(value);
6923 os_free(eap->pending_req_otp);
6924 eap->pending_req_otp = NULL;
6925 eap->pending_req_otp_len = 0;
6926 break;
6927 case WPA_CTRL_REQ_EAP_PASSPHRASE:
19c48da0
JM		 6928 str_clear_free(eap->private_key_passwd);
6929 eap->private_key_passwd = os_strdup(value);
d2118814
JM		 6930 eap->pending_req_passphrase = 0;
6931 if (ssid == wpa_s->current_ssid)
6932 wpa_s->reassociate = 1;
6933 break;
a5d44ac0 6934 case WPA_CTRL_REQ_SIM:
19c48da0 6935 str_clear_free(eap->external_sim_resp);
a5d44ac0 6936 eap->external_sim_resp = os_strdup(value);
ed9b1c16 6937 eap->pending_req_sim = 0;
a5d44ac0 6938 break;
a52410c2
JM		 6939 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6940 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6941 return -1;
6942 ssid->mem_only_psk = 1;
6943 if (ssid->passphrase)
6944 wpa_config_update_psk(ssid);
6945 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6946 wpa_supplicant_req_scan(wpa_s, 0, 0);
6947 break;
3c108b75
JM		 6948 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6949 if (eap->pending_ext_cert_check != PENDING_CHECK)
6950 return -1;
6951 if (os_strcmp(value, "good") == 0)
6952 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6953 else if (os_strcmp(value, "bad") == 0)
6954 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6955 else
6956 return -1;
6957 break;
d2118814
JM		 6958 default:
6959 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6960 return -1;
6961 }
6962
6963 return 0;
6964#else /* IEEE8021X_EAPOL */
6965 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6966 return -1;
6967#endif /* IEEE8021X_EAPOL */
6968}
6969#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 6970
6971
6972int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6973{
6974 int i;
6975 unsigned int drv_enc;
6976
44b9ea5b
JM		 6977 if (wpa_s->p2p_mgmt)
6978 return 1; /* no normal network profiles on p2p_mgmt interface */
6979
349493bd
JM		 6980 if (ssid == NULL)
6981 return 1;
6982
6983 if (ssid->disabled)
6984 return 1;
6985
9feadba1 6986 if (wpa_s->drv_capa_known)
349493bd
JM		 6987 drv_enc = wpa_s->drv_enc;
6988 else
6989 drv_enc = (unsigned int) -1;
6990
6991 for (i = 0; i < NUM_WEP_KEYS; i++) {
6992 size_t len = ssid->wep_key_len[i];
6993 if (len == 0)
6994 continue;
6995 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6996 continue;
6997 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6998 continue;
6999 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7000 continue;
7001 return 1; /* invalid WEP key */
7002 }
7003
9173b16f 7004 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 7005 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 7006 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 7007 !ssid->mem_only_psk)
2518aad3
JM		 7008 return 1;
7009
349493bd
JM		 7010 return 0;
7011}
b9cfc09a
JJ		 7012
7013
3f56a2b7
JM		 7014int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7015{
7016#ifdef CONFIG_IEEE80211W
7017 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7018 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7019 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7020 /*
7021 * Driver does not support BIP -- ignore pmf=1 default
7022 * since the connection with PMF would fail and the
7023 * configuration does not require PMF to be enabled.
7024 */
7025 return NO_MGMT_FRAME_PROTECTION;
7026 }
7027
22950049
JM		 7028 if (ssid &&
7029 (ssid->key_mgmt &
7030 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7031 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7032 /*
7033 * Do not use the default PMF value for non-RSN networks
7034 * since PMF is available only with RSN and pmf=2
7035 * configuration would otherwise prevent connections to
7036 * all open networks.
7037 */
7038 return NO_MGMT_FRAME_PROTECTION;
7039 }
7040
3f56a2b7
JM		 7041 return wpa_s->conf->pmf;
7042 }
7043
7044 return ssid->ieee80211w;
7045#else /* CONFIG_IEEE80211W */
7046 return NO_MGMT_FRAME_PROTECTION;
7047#endif /* CONFIG_IEEE80211W */
7048}
7049
7050
b9cfc09a
JJ		 7051int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7052{
7053 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7054 return 1;
7055 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7056 return 0;
7057 return -1;
7058}
00e5e3d5
JM		 7059
7060
b19c098e 7061void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 7062{
7063 struct wpa_ssid *ssid = wpa_s->current_ssid;
7064 int dur;
4e1eae1d 7065 struct os_reltime now;
00e5e3d5
JM		 7066
7067 if (ssid == NULL) {
7068 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7069 "SSID block");
7070 return;
7071 }
7072
7073 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7074 return;
7075
7076 ssid->auth_failures++;
cbf41ca7
SL		 7077
7078#ifdef CONFIG_P2P
7079 if (ssid->p2p_group &&
7080 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7081 /*
7082 * Skip the wait time since there is a short timeout on the
7083 * connection to a P2P group.
7084 */
7085 return;
7086 }
7087#endif /* CONFIG_P2P */
7088
00e5e3d5
JM		 7089 if (ssid->auth_failures > 50)
7090 dur = 300;
00e5e3d5 7091 else if (ssid->auth_failures > 10)
8a77f1be 7092 dur = 120;
00e5e3d5 7093 else if (ssid->auth_failures > 5)
8a77f1be
JM		 7094 dur = 90;
7095 else if (ssid->auth_failures > 3)
7096 dur = 60;
7097 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 7098 dur = 30;
7099 else if (ssid->auth_failures > 1)
7100 dur = 20;
7101 else
7102 dur = 10;
7103
8a77f1be
JM		 7104 if (ssid->auth_failures > 1 &&
7105 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7106 dur += os_random() % (ssid->auth_failures * 10);
7107
4e1eae1d 7108 os_get_reltime(&now);
00e5e3d5
JM		 7109 if (now.sec + dur <= ssid->disabled_until.sec)
7110 return;
7111
7112 ssid->disabled_until.sec = now.sec + dur;
7113
7114 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 7115 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 7116 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 7117 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 7118}
7119
7120
7121void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7122 struct wpa_ssid *ssid, int clear_failures)
7123{
7124 if (ssid == NULL)
7125 return;
7126
7127 if (ssid->disabled_until.sec) {
7128 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7129 "id=%d ssid=\"%s\"",
7130 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7131 }
7132 ssid->disabled_until.sec = 0;
7133 ssid->disabled_until.usec = 0;
7134 if (clear_failures)
7135 ssid->auth_failures = 0;
7136}
6407f413
JM		 7137
7138
7139int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7140{
7141 size_t i;
7142
7143 if (wpa_s->disallow_aps_bssid == NULL)
7144 return 0;
7145
7146 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7147 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7148 bssid, ETH_ALEN) == 0)
7149 return 1;
7150 }
7151
7152 return 0;
7153}
7154
7155
7156int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7157 size_t ssid_len)
7158{
7159 size_t i;
7160
7161 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7162 return 0;
7163
7164 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7165 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7166 if (ssid_len == s->ssid_len &&
7167 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7168 return 1;
7169 }
7170
7171 return 0;
7172}
9796a86c
JM		 7173
7174
7175/**
7176 * wpas_request_connection - Request a new connection
7177 * @wpa_s: Pointer to the network interface
7178 *
7179 * This function is used to request a new connection to be found. It will mark
7180 * the interface to allow reassociation and request a new scan to find a
7181 * suitable network to connect to.
7182 */
7183void wpas_request_connection(struct wpa_supplicant *wpa_s)
7184{
7185 wpa_s->normal_scans = 0;
5214f4fa 7186 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 7187 wpa_supplicant_reinit_autoscan(wpa_s);
7188 wpa_s->extra_blacklist_count = 0;
7189 wpa_s->disconnected = 0;
7190 wpa_s->reassociate = 1;
2cb40e9f 7191 wpa_s->last_owe_group = 0;
5e24beae
MH		 7192
7193 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7194 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 7195 else
7196 wpa_s->reattach = 0;
9796a86c 7197}
36b9883d
DG		 7198
7199
5f040be4
RP		 7200/**
7201 * wpas_request_disconnection - Request disconnection
7202 * @wpa_s: Pointer to the network interface
7203 *
7204 * This function is used to request disconnection from the currently connected
7205 * network. This will stop any ongoing scans and initiate deauthentication.
7206 */
7207void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7208{
7209#ifdef CONFIG_SME
7210 wpa_s->sme.prev_bssid_set = 0;
7211#endif /* CONFIG_SME */
7212 wpa_s->reassociate = 0;
7213 wpa_s->disconnected = 1;
7214 wpa_supplicant_cancel_sched_scan(wpa_s);
7215 wpa_supplicant_cancel_scan(wpa_s);
7216 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7217 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
f5db7750
JM		 7218 radio_remove_works(wpa_s, "connect", 0);
7219 radio_remove_works(wpa_s, "sme-connect", 0);
5f040be4
RP		 7220}
7221
7222
a0c90bb0
IP		 7223void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7224 struct wpa_used_freq_data *freqs_data,
7225 unsigned int len)
7226{
7227 unsigned int i;
7228
7229 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7230 len, title);
7231 for (i = 0; i < len; i++) {
7232 struct wpa_used_freq_data *cur = &freqs_data[i];
7233 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7234 i, cur->freq, cur->flags);
7235 }
7236}
7237
7238
53c5dfc2
IP		 7239/*
7240 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 7241 * are using the same radio as the current interface, and in addition, get
7242 * information about the interface types that are using the frequency.
53c5dfc2 7243 */
a0c90bb0
IP		 7244int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7245 struct wpa_used_freq_data *freqs_data,
7246 unsigned int len)
53c5dfc2 7247{
53c5dfc2
IP		 7248 struct wpa_supplicant *ifs;
7249 u8 bssid[ETH_ALEN];
7250 int freq;
7251 unsigned int idx = 0, i;
7252
217cf499
JM		 7253 wpa_dbg(wpa_s, MSG_DEBUG,
7254 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 7255 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 7256
0ad3b9c4
JM		 7257 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7258 radio_list) {
a0c90bb0
IP		 7259 if (idx == len)
7260 break;
7261
53c5dfc2
IP		 7262 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7263 continue;
7264
7265 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 7266 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7267 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 7268 freq = ifs->current_ssid->frequency;
7269 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7270 freq = ifs->assoc_freq;
7271 else
7272 continue;
7273
7274 /* Hold only distinct freqs */
7275 for (i = 0; i < idx; i++)
a0c90bb0 7276 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 7277 break;
7278
7279 if (i == idx)
a0c90bb0
IP		 7280 freqs_data[idx++].freq = freq;
7281
7282 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 7283 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 7284 WPA_FREQ_USED_BY_P2P_CLIENT :
7285 WPA_FREQ_USED_BY_INFRA_STATION;
7286 }
53c5dfc2 7287 }
217cf499 7288
a0c90bb0 7289 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 7290 return idx;
7291}
a0c90bb0
IP		 7292
7293
7294/*
7295 * Find the operating frequencies of any of the virtual interfaces that
7296 * are using the same radio as the current interface.
7297 */
7298int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7299 int *freq_array, unsigned int len)
7300{
7301 struct wpa_used_freq_data *freqs_data;
7302 int num, i;
7303
7304 os_memset(freq_array, 0, sizeof(int) * len);
7305
7306 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7307 if (!freqs_data)
7308 return -1;
7309
7310 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7311 for (i = 0; i < num; i++)
7312 freq_array[i] = freqs_data[i].freq;
7313
7314 os_free(freqs_data);
7315
7316 return num;
7317}
b361d580
AK		 7318
7319
af041f99
AA		 7320struct wpa_supplicant *
7321wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7322{
7323 switch (frame) {
7324#ifdef CONFIG_P2P
7325 case VENDOR_ELEM_PROBE_REQ_P2P:
7326 case VENDOR_ELEM_PROBE_RESP_P2P:
7327 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7328 case VENDOR_ELEM_BEACON_P2P_GO:
7329 case VENDOR_ELEM_P2P_PD_REQ:
7330 case VENDOR_ELEM_P2P_PD_RESP:
7331 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7332 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7333 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7334 case VENDOR_ELEM_P2P_INV_REQ:
7335 case VENDOR_ELEM_P2P_INV_RESP:
7336 case VENDOR_ELEM_P2P_ASSOC_REQ:
7337 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 7338 return wpa_s->p2pdev;
af041f99
AA		 7339#endif /* CONFIG_P2P */
7340 default:
7341 return wpa_s;
7342 }
7343}
7344
7345
7346void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7347{
7348 unsigned int i;
7349 char buf[30];
7350
7351 wpa_printf(MSG_DEBUG, "Update vendor elements");
7352
7353 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7354 if (wpa_s->vendor_elem[i]) {
7355 int res;
7356
7357 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7358 if (!os_snprintf_error(sizeof(buf), res)) {
7359 wpa_hexdump_buf(MSG_DEBUG, buf,
7360 wpa_s->vendor_elem[i]);
7361 }
7362 }
7363 }
7364
7365#ifdef CONFIG_P2P
7366 if (wpa_s->parent == wpa_s &&
7367 wpa_s->global->p2p &&
7368 !wpa_s->global->p2p_disabled)
7369 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7370#endif /* CONFIG_P2P */
7371}
7372
7373
7374int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7375 const u8 *elem, size_t len)
7376{
7377 u8 *ie, *end;
7378
7379 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7380 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7381
7382 for (; ie + 1 < end; ie += 2 + ie[1]) {
7383 if (ie + len > end)
7384 break;
7385 if (os_memcmp(ie, elem, len) != 0)
7386 continue;
7387
7388 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7389 wpabuf_free(wpa_s->vendor_elem[frame]);
7390 wpa_s->vendor_elem[frame] = NULL;
7391 } else {
7392 os_memmove(ie, ie + len, end - (ie + len));
7393 wpa_s->vendor_elem[frame]->used -= len;
7394 }
7395 wpas_vendor_elem_update(wpa_s);
7396 return 0;
7397 }
7398
7399 return -1;
7400}
ea69d973
AS		 7401
7402
7403struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7404 u16 num_modes, enum hostapd_hw_mode mode)
7405{
7406 u16 i;
7407
7408 for (i = 0; i < num_modes; i++) {
7409 if (modes[i].mode == mode)
7410 return &modes[i];
7411 }
7412
7413 return NULL;
7414}
dd599908
AS		 7415
7416
7417static struct
7418wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7419 const u8 *bssid)
7420{
7421 struct wpa_bss_tmp_disallowed *bss;
7422
7423 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7424 struct wpa_bss_tmp_disallowed, list) {
7425 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7426 return bss;
7427 }
7428
7429 return NULL;
7430}
7431
7432
b04854ce
AP		 7433static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7434{
7435 struct wpa_bss_tmp_disallowed *tmp;
7436 unsigned int num_bssid = 0;
7437 u8 *bssids;
7438 int ret;
7439
7440 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7441 if (!bssids)
7442 return -1;
7443 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7444 struct wpa_bss_tmp_disallowed, list) {
7445 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7446 ETH_ALEN);
7447 num_bssid++;
7448 }
7449 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7450 os_free(bssids);
7451 return ret;
7452}
7453
7454
7455static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7456{
7457 struct wpa_supplicant *wpa_s = eloop_ctx;
7458 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7459
7460 /* Make sure the bss is not already freed */
7461 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7462 struct wpa_bss_tmp_disallowed, list) {
7463 if (bss == tmp) {
7464 dl_list_del(&tmp->list);
7465 os_free(tmp);
7466 wpa_set_driver_tmp_disallow_list(wpa_s);
7467 break;
7468 }
7469 }
7470}
7471
7472
dd599908 7473void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
19677b77 7474 unsigned int sec, int rssi_threshold)
dd599908
AS		 7475{
7476 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7477
7478 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7479 if (bss) {
b04854ce 7480 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
19677b77 7481 goto finish;
dd599908
AS		 7482 }
7483
7484 bss = os_malloc(sizeof(*bss));
7485 if (!bss) {
7486 wpa_printf(MSG_DEBUG,
7487 "Failed to allocate memory for temp disallow BSS");
7488 return;
7489 }
7490
dd599908
AS		 7491 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7492 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce 7493 wpa_set_driver_tmp_disallow_list(wpa_s);
19677b77
BL		 7494
7495finish:
7496 bss->rssi_threshold = rssi_threshold;
b04854ce
AP		 7497 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7498 wpa_s, bss);
dd599908
AS		 7499}
7500
7501
19677b77
BL		 7502int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7503 struct wpa_bss *bss)
dd599908 7504{
19677b77 7505 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
dd599908 7506
d010048c
JM		 7507 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7508 struct wpa_bss_tmp_disallowed, list) {
19677b77
BL		 7509 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7510 disallowed = tmp;
d010048c
JM		 7511 break;
7512 }
7513 }
19677b77
BL		 7514 if (!disallowed)
7515 return 0;
7516
7517 if (disallowed->rssi_threshold != 0 &&
7518 bss->level > disallowed->rssi_threshold)
dd599908
AS		 7519 return 0;
7520
d010048c 7521 return 1;
dd599908 7522}
91b6eba7
EC		 7523
7524
7525int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7526 unsigned int type, const u8 *addr,
7527 const u8 *mask)
7528{
7529 if ((addr && !mask) || (!addr && mask)) {
7530 wpa_printf(MSG_INFO,
7531 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7532 return -1;
7533 }
7534
7535 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7536 wpa_printf(MSG_INFO,
7537 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7538 return -1;
7539 }
7540
7541 if (type & MAC_ADDR_RAND_SCAN) {
7542 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7543 addr, mask))
7544 return -1;
7545 }
7546
7547 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7548 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7549 addr, mask))
7550 return -1;
7551
7552 if (wpa_s->sched_scanning && !wpa_s->pno)
7553 wpas_scan_restart_sched_scan(wpa_s);
7554 }
7555
7556 if (type & MAC_ADDR_RAND_PNO) {
7557 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7558 addr, mask))
7559 return -1;
7560
7561 if (wpa_s->pno) {
7562 wpas_stop_pno(wpa_s);
7563 wpas_start_pno(wpa_s);
7564 }
7565 }
7566
7567 return 0;
7568}
7569
7570
7571int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7572 unsigned int type)
7573{
7574 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7575 if (wpa_s->pno) {
7576 if (type & MAC_ADDR_RAND_PNO) {
7577 wpas_stop_pno(wpa_s);
7578 wpas_start_pno(wpa_s);
7579 }
7580 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7581 wpas_scan_restart_sched_scan(wpa_s);
7582 }
7583
7584 return 0;
7585}
Unnamed repository; edit this file 'description' to name the repository.