]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Getting back to DISCONNECTED afer SCANNING
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
6f78f2fb 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
6fc6879b
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19#include "includes.h"
20
21#include "common.h"
22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
3ec97afe 24#include "eap_server/eap_methods.h"
6fc6879b
JM		 25#include "wpa.h"
26#include "eloop.h"
6fc6879b
JM		 27#include "config.h"
28#include "l2_packet/l2_packet.h"
29#include "wpa_supplicant_i.h"
2d5b792d 30#include "driver_i.h"
6fc6879b
JM		 31#include "ctrl_iface.h"
32#include "ctrl_iface_dbus.h"
33#include "pcsc_funcs.h"
34#include "version.h"
35#include "preauth.h"
36#include "pmksa_cache.h"
37#include "wpa_ctrl.h"
38#include "mlme.h"
39#include "ieee802_11_defs.h"
40#include "blacklist.h"
41#include "wpas_glue.h"
116654ce 42#include "wps_supplicant.h"
11ef8d35 43#include "ibss_rsn.h"
c2a04078 44#include "sme.h"
1f1b62a0 45#include "ap.h"
8bac466b 46#include "notify.h"
6fc6879b
JM		 47
48const char *wpa_supplicant_version =
49"wpa_supplicant v" VERSION_STR "\n"
6f78f2fb 50"Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 51
52const char *wpa_supplicant_license =
53"This program is free software. You can distribute it and/or modify it\n"
54"under the terms of the GNU General Public License version 2.\n"
55"\n"
56"Alternatively, this software may be distributed under the terms of the\n"
57"BSD license. See README and COPYING for more details.\n"
58#ifdef EAP_TLS_OPENSSL
59"\nThis product includes software developed by the OpenSSL Project\n"
60"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
61#endif /* EAP_TLS_OPENSSL */
62;
63
64#ifndef CONFIG_NO_STDOUT_DEBUG
65/* Long text divided into parts in order to fit in C89 strings size limits. */
66const char *wpa_supplicant_full_license1 =
67"This program is free software; you can redistribute it and/or modify\n"
68"it under the terms of the GNU General Public License version 2 as\n"
69"published by the Free Software Foundation.\n"
70"\n"
71"This program is distributed in the hope that it will be useful,\n"
72"but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
73"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
74"GNU General Public License for more details.\n"
75"\n";
76const char *wpa_supplicant_full_license2 =
77"You should have received a copy of the GNU General Public License\n"
78"along with this program; if not, write to the Free Software\n"
79"Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
80"\n"
81"Alternatively, this software may be distributed under the terms of the\n"
82"BSD license.\n"
83"\n"
84"Redistribution and use in source and binary forms, with or without\n"
85"modification, are permitted provided that the following conditions are\n"
86"met:\n"
87"\n";
88const char *wpa_supplicant_full_license3 =
89"1. Redistributions of source code must retain the above copyright\n"
90" notice, this list of conditions and the following disclaimer.\n"
91"\n"
92"2. Redistributions in binary form must reproduce the above copyright\n"
93" notice, this list of conditions and the following disclaimer in the\n"
94" documentation and/or other materials provided with the distribution.\n"
95"\n";
96const char *wpa_supplicant_full_license4 =
97"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
98" names of its contributors may be used to endorse or promote products\n"
99" derived from this software without specific prior written permission.\n"
100"\n"
101"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
102"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
103"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
104"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
105const char *wpa_supplicant_full_license5 =
106"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
107"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
108"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
109"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
110"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
111"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
112"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
113"\n";
114#endif /* CONFIG_NO_STDOUT_DEBUG */
115
6fc6879b
JM		 116extern int wpa_debug_level;
117extern int wpa_debug_show_keys;
118extern int wpa_debug_timestamp;
c5121837 119extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 120
121/* Configure default/group WEP keys for static WEP */
122static int wpa_set_wep_keys(struct wpa_supplicant *wpa_s,
123 struct wpa_ssid *ssid)
124{
125 int i, set = 0;
126
127 for (i = 0; i < NUM_WEP_KEYS; i++) {
128 if (ssid->wep_key_len[i] == 0)
129 continue;
130
131 set = 1;
132 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
133 (u8 *) "\xff\xff\xff\xff\xff\xff",
134 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
135 ssid->wep_key[i], ssid->wep_key_len[i]);
136 }
137
138 return set;
139}
140
141
142static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
143 struct wpa_ssid *ssid)
144{
145 u8 key[32];
146 size_t keylen;
147 wpa_alg alg;
148 u8 seq[6] = { 0 };
149
150 /* IBSS/WPA-None uses only one key (Group) for both receiving and
151 * sending unicast and multicast packets. */
152
153 if (ssid->mode != IEEE80211_MODE_IBSS) {
154 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
155 "for WPA-None", ssid->mode);
156 return -1;
157 }
158
159 if (!ssid->psk_set) {
160 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
161 return -1;
162 }
163
164 switch (wpa_s->group_cipher) {
165 case WPA_CIPHER_CCMP:
166 os_memcpy(key, ssid->psk, 16);
167 keylen = 16;
168 alg = WPA_ALG_CCMP;
169 break;
170 case WPA_CIPHER_TKIP:
171 /* WPA-None uses the same Michael MIC key for both TX and RX */
172 os_memcpy(key, ssid->psk, 16 + 8);
173 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
174 keylen = 32;
175 alg = WPA_ALG_TKIP;
176 break;
177 default:
178 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
179 "WPA-None", wpa_s->group_cipher);
180 return -1;
181 }
182
183 /* TODO: should actually remember the previously used seq#, both for TX
184 * and RX from each STA.. */
185
186 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
187 0, 1, seq, 6, key, keylen);
188}
189
190
191static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
192{
193 struct wpa_supplicant *wpa_s = eloop_ctx;
194 const u8 *bssid = wpa_s->bssid;
a8e16edc 195 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 196 bssid = wpa_s->pending_bssid;
197 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
198 MAC2STR(bssid));
199 wpa_blacklist_add(wpa_s, bssid);
200 wpa_sm_notify_disassoc(wpa_s->wpa);
201 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
202 wpa_s->reassociate = 1;
203 wpa_supplicant_req_scan(wpa_s, 0, 0);
204}
205
206
207/**
208 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
209 * @wpa_s: Pointer to wpa_supplicant data
210 * @sec: Number of seconds after which to time out authentication
211 * @usec: Number of microseconds after which to time out authentication
212 *
213 * This function is used to schedule a timeout for the current authentication
214 * attempt.
215 */
216void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
217 int sec, int usec)
218{
c2a04078
JM		 219 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
220 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 221 return;
222
223 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
224 "%d usec", sec, usec);
225 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
226 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
227}
228
229
230/**
231 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
232 * @wpa_s: Pointer to wpa_supplicant data
233 *
234 * This function is used to cancel authentication timeout scheduled with
235 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
236 * been completed.
237 */
238void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
239{
240 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
241 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
242 wpa_blacklist_del(wpa_s, wpa_s->bssid);
243}
244
245
246/**
247 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
248 * @wpa_s: Pointer to wpa_supplicant data
249 *
250 * This function is used to configure EAPOL state machine based on the selected
251 * authentication mode.
252 */
253void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
254{
255#ifdef IEEE8021X_EAPOL
256 struct eapol_config eapol_conf;
257 struct wpa_ssid *ssid = wpa_s->current_ssid;
258
53895c3b
JM		 259#ifdef CONFIG_IBSS_RSN
260 if (ssid->mode == IEEE80211_MODE_IBSS &&
261 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
263 /*
264 * RSN IBSS authentication is per-STA and we can disable the
265 * per-BSSID EAPOL authentication.
266 */
267 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
268 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
270 return;
271 }
272#endif /* CONFIG_IBSS_RSN */
273
0a40ec6a
JM		 274 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
275 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
276
6fc6879b
JM		 277 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
278 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
279 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
280 else
281 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
282
283 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
285 eapol_conf.accept_802_1x_keys = 1;
286 eapol_conf.required_keys = 0;
287 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
288 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
289 }
290 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
291 eapol_conf.required_keys |=
292 EAPOL_REQUIRE_KEY_BROADCAST;
293 }
294
c2a04078 295 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 296 eapol_conf.required_keys = 0;
6fc6879b
JM		 297 }
298 if (wpa_s->conf)
299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
300 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 305 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
306#endif /* IEEE8021X_EAPOL */
307}
308
309
310/**
311 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
312 * @wpa_s: Pointer to wpa_supplicant data
313 * @ssid: Configuration data for the network
314 *
315 * This function is used to configure WPA state machine and related parameters
316 * to a mode where WPA is not enabled. This is called as part of the
317 * authentication configuration when the selected network does not use WPA.
318 */
319void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
320 struct wpa_ssid *ssid)
321{
322 int i;
323
ad08c363
JM		 324 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
325 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
326 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 327 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
328 else
329 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
330 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
331 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
333 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
334 wpa_s->group_cipher = WPA_CIPHER_NONE;
335 wpa_s->mgmt_group_cipher = 0;
336
337 for (i = 0; i < NUM_WEP_KEYS; i++) {
338 if (ssid->wep_key_len[i] > 5) {
339 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
340 wpa_s->group_cipher = WPA_CIPHER_WEP104;
341 break;
342 } else if (ssid->wep_key_len[i] > 0) {
343 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
344 wpa_s->group_cipher = WPA_CIPHER_WEP40;
345 break;
346 }
347 }
348
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
352 wpa_s->pairwise_cipher);
353 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
354#ifdef CONFIG_IEEE80211W
355 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
356 wpa_s->mgmt_group_cipher);
357#endif /* CONFIG_IEEE80211W */
358
359 pmksa_cache_clear_current(wpa_s->wpa);
360}
361
362
363static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
364{
365 scard_deinit(wpa_s->scard);
366 wpa_s->scard = NULL;
367 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
368 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
369 l2_packet_deinit(wpa_s->l2);
370 wpa_s->l2 = NULL;
371 if (wpa_s->l2_br) {
372 l2_packet_deinit(wpa_s->l2_br);
373 wpa_s->l2_br = NULL;
374 }
375
376 if (wpa_s->ctrl_iface) {
377 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
378 wpa_s->ctrl_iface = NULL;
379 }
380 if (wpa_s->conf != NULL) {
381 wpa_config_free(wpa_s->conf);
382 wpa_s->conf = NULL;
383 }
384
385 os_free(wpa_s->confname);
386 wpa_s->confname = NULL;
387
388 wpa_sm_set_eapol(wpa_s->wpa, NULL);
389 eapol_sm_deinit(wpa_s->eapol);
390 wpa_s->eapol = NULL;
391
392 rsn_preauth_deinit(wpa_s->wpa);
393
394 pmksa_candidate_free(wpa_s->wpa);
395 wpa_sm_deinit(wpa_s->wpa);
396 wpa_s->wpa = NULL;
397 wpa_blacklist_clear(wpa_s);
398
399 wpa_scan_results_free(wpa_s->scan_res);
400 wpa_s->scan_res = NULL;
401
402 wpa_supplicant_cancel_scan(wpa_s);
403 wpa_supplicant_cancel_auth_timeout(wpa_s);
404
405 ieee80211_sta_deinit(wpa_s);
116654ce
JM		 406
407 wpas_wps_deinit(wpa_s);
11ef8d35 408
1ff73338
JM		 409 wpabuf_free(wpa_s->pending_eapol_rx);
410 wpa_s->pending_eapol_rx = NULL;
411
11ef8d35
JM		 412#ifdef CONFIG_IBSS_RSN
413 ibss_rsn_deinit(wpa_s->ibss_rsn);
414 wpa_s->ibss_rsn = NULL;
415#endif /* CONFIG_IBSS_RSN */
c2a04078
JM		 416
417#ifdef CONFIG_SME
418 os_free(wpa_s->sme.ft_ies);
419 wpa_s->sme.ft_ies = NULL;
420 wpa_s->sme.ft_ies_len = 0;
421#endif /* CONFIG_SME */
2d5b792d
JM		 422
423#ifdef CONFIG_AP
424 wpa_supplicant_ap_deinit(wpa_s);
425#endif /* CONFIG_AP */
6fc6879b
JM		 426}
427
428
429/**
430 * wpa_clear_keys - Clear keys configured for the driver
431 * @wpa_s: Pointer to wpa_supplicant data
432 * @addr: Previously used BSSID or %NULL if not available
433 *
434 * This function clears the encryption keys that has been previously configured
435 * for the driver.
436 */
437void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
438{
439 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
440
441 if (wpa_s->keys_cleared) {
442 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
443 * timing issues with keys being cleared just before new keys
444 * are set or just after association or something similar. This
445 * shows up in group key handshake failing often because of the
446 * client not receiving the first encrypted packets correctly.
447 * Skipping some of the extra key clearing steps seems to help
448 * in completing group key handshake more reliably. */
449 wpa_printf(MSG_DEBUG, "No keys have been configured - "
450 "skip key clearing");
451 return;
452 }
453
454 /* MLME-DELETEKEYS.request */
455 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
456 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
457 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
458 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
459 if (addr) {
460 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
461 0);
462 /* MLME-SETPROTECTION.request(None) */
463 wpa_drv_mlme_setprotection(
464 wpa_s, addr,
465 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
466 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
467 }
468 wpa_s->keys_cleared = 1;
469}
470
471
472/**
473 * wpa_supplicant_state_txt - Get the connection state name as a text string
474 * @state: State (wpa_state; WPA_*)
475 * Returns: The state name as a printable text string
476 */
477const char * wpa_supplicant_state_txt(int state)
478{
479 switch (state) {
480 case WPA_DISCONNECTED:
481 return "DISCONNECTED";
482 case WPA_INACTIVE:
483 return "INACTIVE";
484 case WPA_SCANNING:
485 return "SCANNING";
c2a04078
JM		 486 case WPA_AUTHENTICATING:
487 return "AUTHENTICATING";
6fc6879b
JM		 488 case WPA_ASSOCIATING:
489 return "ASSOCIATING";
490 case WPA_ASSOCIATED:
491 return "ASSOCIATED";
492 case WPA_4WAY_HANDSHAKE:
493 return "4WAY_HANDSHAKE";
494 case WPA_GROUP_HANDSHAKE:
495 return "GROUP_HANDSHAKE";
496 case WPA_COMPLETED:
497 return "COMPLETED";
498 default:
499 return "UNKNOWN";
500 }
501}
502
503
504/**
505 * wpa_supplicant_set_state - Set current connection state
506 * @wpa_s: Pointer to wpa_supplicant data
507 * @state: The new connection state
508 *
509 * This function is called whenever the connection state changes, e.g.,
510 * association is completed for WPA/WPA2 4-Way Handshake is started.
511 */
512void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
513{
514 wpa_printf(MSG_DEBUG, "State: %s -> %s",
515 wpa_supplicant_state_txt(wpa_s->wpa_state),
516 wpa_supplicant_state_txt(state));
517
cb8564b1
DW		 518 if (state != WPA_SCANNING)
519 wpa_supplicant_notify_scanning(wpa_s, 0);
520
8bac466b 521 wpas_notify_state_changed(wpa_s, state, wpa_s->wpa_state);
6fc6879b
JM		 522
523 if (state == WPA_COMPLETED && wpa_s->new_connection) {
524#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
525 struct wpa_ssid *ssid = wpa_s->current_ssid;
526 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
527 MACSTR " completed %s [id=%d id_str=%s]",
528 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
529 "(reauth)" : "(auth)",
530 ssid ? ssid->id : -1,
531 ssid && ssid->id_str ? ssid->id_str : "");
532#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
533 wpa_s->new_connection = 0;
534 wpa_s->reassociated_connection = 1;
535 wpa_drv_set_operstate(wpa_s, 1);
536 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
537 state == WPA_ASSOCIATED) {
538 wpa_s->new_connection = 1;
539 wpa_drv_set_operstate(wpa_s, 0);
540 }
541 wpa_s->wpa_state = state;
542}
543
544
545static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
546 void *signal_ctx)
547{
548 struct wpa_global *global = eloop_ctx;
549 struct wpa_supplicant *wpa_s;
550 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
551 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
552 "received", sig);
553 }
554 eloop_terminate();
555}
556
557
558static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
559{
8bac466b 560 wpa_states old_state = wpa_s->wpa_state;
6fc6879b
JM		 561 wpa_s->pairwise_cipher = 0;
562 wpa_s->group_cipher = 0;
563 wpa_s->mgmt_group_cipher = 0;
564 wpa_s->key_mgmt = 0;
565 wpa_s->wpa_state = WPA_DISCONNECTED;
8bac466b 566 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 567}
568
569
570/**
571 * wpa_supplicant_reload_configuration - Reload configuration data
572 * @wpa_s: Pointer to wpa_supplicant data
573 * Returns: 0 on success or -1 if configuration parsing failed
574 *
575 * This function can be used to request that the configuration data is reloaded
576 * (e.g., after configuration file change). This function is reloading
577 * configuration only for one interface, so this may need to be called multiple
578 * times if %wpa_supplicant is controlling multiple interfaces and all
579 * interfaces need reconfiguration.
580 */
581int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
582{
583 struct wpa_config *conf;
8bac466b 584 struct wpa_ssid *old_ssid;
6fc6879b 585 int reconf_ctrl;
8bac466b
JM		 586 int old_ap_scan;
587
6fc6879b
JM		 588 if (wpa_s->confname == NULL)
589 return -1;
590 conf = wpa_config_read(wpa_s->confname);
591 if (conf == NULL) {
592 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
593 "file '%s' - exiting", wpa_s->confname);
594 return -1;
595 }
596
597 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
598 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
599 os_strcmp(conf->ctrl_interface,
600 wpa_s->conf->ctrl_interface) != 0);
601
602 if (reconf_ctrl && wpa_s->ctrl_iface) {
603 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
604 wpa_s->ctrl_iface = NULL;
605 }
606
607 eapol_sm_invalidate_cached_session(wpa_s->eapol);
8bac466b 608 old_ssid = wpa_s->current_ssid;
6fc6879b 609 wpa_s->current_ssid = NULL;
8bac466b
JM		 610 if (old_ssid != wpa_s->current_ssid)
611 wpas_notify_network_changed(wpa_s);
612
6fc6879b
JM		 613 /*
614 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
615 * pkcs11_engine_path, pkcs11_module_path.
616 */
56586197 617 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 618 /*
619 * Clear forced success to clear EAP state for next
620 * authentication.
621 */
622 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
623 }
624 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
625 wpa_sm_set_config(wpa_s->wpa, NULL);
626 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
627 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 628
629 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 630 wpa_config_free(wpa_s->conf);
631 wpa_s->conf = conf;
8bac466b
JM		 632 if (old_ap_scan != wpa_s->conf->ap_scan)
633 wpas_notify_ap_scan_changed(wpa_s);
634
6fc6879b
JM		 635 if (reconf_ctrl)
636 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
637
638 wpa_supplicant_clear_status(wpa_s);
639 wpa_s->reassociate = 1;
640 wpa_supplicant_req_scan(wpa_s, 0, 0);
641 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
642 return 0;
643}
644
645
646static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
647 void *signal_ctx)
648{
649 struct wpa_global *global = eloop_ctx;
650 struct wpa_supplicant *wpa_s;
651 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
652 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
653 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
654 eloop_terminate();
655 }
656 }
657}
658
659
660static wpa_cipher cipher_suite2driver(int cipher)
661{
662 switch (cipher) {
663 case WPA_CIPHER_NONE:
664 return CIPHER_NONE;
665 case WPA_CIPHER_WEP40:
666 return CIPHER_WEP40;
667 case WPA_CIPHER_WEP104:
668 return CIPHER_WEP104;
669 case WPA_CIPHER_CCMP:
670 return CIPHER_CCMP;
671 case WPA_CIPHER_TKIP:
672 default:
673 return CIPHER_TKIP;
674 }
675}
676
677
678static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
679{
680 switch (key_mgmt) {
681 case WPA_KEY_MGMT_NONE:
682 return KEY_MGMT_NONE;
683 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
684 return KEY_MGMT_802_1X_NO_WPA;
685 case WPA_KEY_MGMT_IEEE8021X:
686 return KEY_MGMT_802_1X;
687 case WPA_KEY_MGMT_WPA_NONE:
688 return KEY_MGMT_WPA_NONE;
689 case WPA_KEY_MGMT_FT_IEEE8021X:
690 return KEY_MGMT_FT_802_1X;
691 case WPA_KEY_MGMT_FT_PSK:
692 return KEY_MGMT_FT_PSK;
56586197
JM		 693 case WPA_KEY_MGMT_IEEE8021X_SHA256:
694 return KEY_MGMT_802_1X_SHA256;
695 case WPA_KEY_MGMT_PSK_SHA256:
696 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 697 case WPA_KEY_MGMT_WPS:
698 return KEY_MGMT_WPS;
6fc6879b
JM		 699 case WPA_KEY_MGMT_PSK:
700 default:
701 return KEY_MGMT_PSK;
702 }
703}
704
705
706static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
707 struct wpa_ssid *ssid,
708 struct wpa_ie_data *ie)
709{
710 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
711 if (ret) {
712 if (ret == -2) {
713 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
714 "from association info");
715 }
716 return -1;
717 }
718
719 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
720 "suites");
721 if (!(ie->group_cipher & ssid->group_cipher)) {
722 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
723 "cipher 0x%x (mask 0x%x) - reject",
724 ie->group_cipher, ssid->group_cipher);
725 return -1;
726 }
727 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
728 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
729 "cipher 0x%x (mask 0x%x) - reject",
730 ie->pairwise_cipher, ssid->pairwise_cipher);
731 return -1;
732 }
733 if (!(ie->key_mgmt & ssid->key_mgmt)) {
734 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
735 "management 0x%x (mask 0x%x) - reject",
736 ie->key_mgmt, ssid->key_mgmt);
737 return -1;
738 }
739
740#ifdef CONFIG_IEEE80211W
0b60b0aa 741 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
6fc6879b
JM		 742 ssid->ieee80211w == IEEE80211W_REQUIRED) {
743 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
744 "that does not support management frame protection - "
745 "reject");
746 return -1;
747 }
748#endif /* CONFIG_IEEE80211W */
749
750 return 0;
751}
752
753
754/**
755 * wpa_supplicant_set_suites - Set authentication and encryption parameters
756 * @wpa_s: Pointer to wpa_supplicant data
757 * @bss: Scan results for the selected BSS, or %NULL if not available
758 * @ssid: Configuration data for the selected network
759 * @wpa_ie: Buffer for the WPA/RSN IE
760 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
761 * used buffer length in case the functions returns success.
762 * Returns: 0 on success or -1 on failure
763 *
764 * This function is used to configure authentication and encryption parameters
765 * based on the network configuration and scan result for the selected BSS (if
766 * available).
767 */
768int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
769 struct wpa_scan_res *bss,
770 struct wpa_ssid *ssid,
771 u8 *wpa_ie, size_t *wpa_ie_len)
772{
773 struct wpa_ie_data ie;
774 int sel, proto;
775 const u8 *bss_wpa, *bss_rsn;
776
777 if (bss) {
778 bss_wpa = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
779 bss_rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
780 } else
781 bss_wpa = bss_rsn = NULL;
782
783 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
784 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
785 (ie.group_cipher & ssid->group_cipher) &&
786 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
787 (ie.key_mgmt & ssid->key_mgmt)) {
788 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
789 proto = WPA_PROTO_RSN;
790 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
791 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
792 (ie.group_cipher & ssid->group_cipher) &&
793 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
794 (ie.key_mgmt & ssid->key_mgmt)) {
795 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
796 proto = WPA_PROTO_WPA;
797 } else if (bss) {
798 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
799 return -1;
800 } else {
801 if (ssid->proto & WPA_PROTO_RSN)
802 proto = WPA_PROTO_RSN;
803 else
804 proto = WPA_PROTO_WPA;
805 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
806 os_memset(&ie, 0, sizeof(ie));
807 ie.group_cipher = ssid->group_cipher;
808 ie.pairwise_cipher = ssid->pairwise_cipher;
809 ie.key_mgmt = ssid->key_mgmt;
810#ifdef CONFIG_IEEE80211W
811 ie.mgmt_group_cipher =
812 ssid->ieee80211w != NO_IEEE80211W ?
813 WPA_CIPHER_AES_128_CMAC : 0;
814#endif /* CONFIG_IEEE80211W */
815 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
816 "on configuration");
817 } else
818 proto = ie.proto;
819 }
820
821 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
822 "pairwise %d key_mgmt %d proto %d",
823 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
824#ifdef CONFIG_IEEE80211W
825 if (ssid->ieee80211w) {
826 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
827 ie.mgmt_group_cipher);
828 }
829#endif /* CONFIG_IEEE80211W */
830
831 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
832 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
833 !!(ssid->proto & WPA_PROTO_RSN));
834
835 if (bss || !wpa_s->ap_ies_from_associnfo) {
836 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
837 bss_wpa ? 2 + bss_wpa[1] : 0) ||
838 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
839 bss_rsn ? 2 + bss_rsn[1] : 0))
840 return -1;
841 }
842
843 sel = ie.group_cipher & ssid->group_cipher;
844 if (sel & WPA_CIPHER_CCMP) {
845 wpa_s->group_cipher = WPA_CIPHER_CCMP;
846 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
847 } else if (sel & WPA_CIPHER_TKIP) {
848 wpa_s->group_cipher = WPA_CIPHER_TKIP;
849 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
850 } else if (sel & WPA_CIPHER_WEP104) {
851 wpa_s->group_cipher = WPA_CIPHER_WEP104;
852 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
853 } else if (sel & WPA_CIPHER_WEP40) {
854 wpa_s->group_cipher = WPA_CIPHER_WEP40;
855 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
856 } else {
857 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
858 return -1;
859 }
860
861 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
862 if (sel & WPA_CIPHER_CCMP) {
863 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
864 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
865 } else if (sel & WPA_CIPHER_TKIP) {
866 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
867 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
868 } else if (sel & WPA_CIPHER_NONE) {
869 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
870 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
871 } else {
872 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
873 "cipher.");
874 return -1;
875 }
876
877 sel = ie.key_mgmt & ssid->key_mgmt;
878 if (0) {
879#ifdef CONFIG_IEEE80211R
880 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
881 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
882 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
883 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
884 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
885 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
886#endif /* CONFIG_IEEE80211R */
56586197
JM		 887#ifdef CONFIG_IEEE80211W
888 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
889 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
890 wpa_msg(wpa_s, MSG_DEBUG,
891 "WPA: using KEY_MGMT 802.1X with SHA256");
892 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
893 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
894 wpa_msg(wpa_s, MSG_DEBUG,
895 "WPA: using KEY_MGMT PSK with SHA256");
896#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 897 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
898 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
899 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
900 } else if (sel & WPA_KEY_MGMT_PSK) {
901 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
902 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
903 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
904 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
905 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
906 } else {
907 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
908 "key management type.");
909 return -1;
910 }
911
912 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
913 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
914 wpa_s->pairwise_cipher);
915 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
916
917#ifdef CONFIG_IEEE80211W
918 sel = ie.mgmt_group_cipher;
919 if (ssid->ieee80211w == NO_IEEE80211W ||
0b60b0aa 920 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 921 sel = 0;
922 if (sel & WPA_CIPHER_AES_128_CMAC) {
923 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
924 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
925 "AES-128-CMAC");
926 } else {
927 wpa_s->mgmt_group_cipher = 0;
928 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
929 }
930 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
931 wpa_s->mgmt_group_cipher);
932#endif /* CONFIG_IEEE80211W */
933
934 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
935 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
936 return -1;
937 }
938
56586197
JM		 939 if (ssid->key_mgmt &
940 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
6fc6879b
JM		 941 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
942 else
943 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
944
945 return 0;
946}
947
948
949/**
950 * wpa_supplicant_associate - Request association
951 * @wpa_s: Pointer to wpa_supplicant data
952 * @bss: Scan results for the selected BSS, or %NULL if not available
953 * @ssid: Configuration data for the selected network
954 *
955 * This function is used to request %wpa_supplicant to associate with a BSS.
956 */
957void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
958 struct wpa_scan_res *bss, struct wpa_ssid *ssid)
959{
960 u8 wpa_ie[80];
961 size_t wpa_ie_len;
8bac466b 962 int use_crypt, ret, i, bssid_changed;
6fc6879b
JM		 963 int algs = AUTH_ALG_OPEN_SYSTEM;
964 wpa_cipher cipher_pairwise, cipher_group;
965 struct wpa_driver_associate_params params;
966 int wep_keys_set = 0;
967 struct wpa_driver_capa capa;
968 int assoc_failed = 0;
8bac466b 969 struct wpa_ssid *old_ssid;
6fc6879b 970
1581b38b
JM		 971 if (ssid->mode == 2) {
972#ifdef CONFIG_AP
973 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
974 wpa_printf(MSG_INFO, "Driver does not support AP "
975 "mode");
976 return;
977 }
978 wpa_supplicant_create_ap(wpa_s, ssid);
979#else /* CONFIG_AP */
980 wpa_printf(MSG_ERROR, "AP mode support not included in the "
981 "build");
982#endif /* CONFIG_AP */
983 return;
984 }
985
c2a04078
JM		 986 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) {
987 sme_authenticate(wpa_s, bss, ssid);
988 return;
989 }
990
6fc6879b
JM		 991 wpa_s->reassociate = 0;
992 if (bss) {
993#ifdef CONFIG_IEEE80211R
994 const u8 *md = NULL;
995#endif /* CONFIG_IEEE80211R */
996 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
997 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
998 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
999 ie ? wpa_ssid_txt(ie + 2, ie[1]) : "", bss->freq);
8bac466b 1000 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1001 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1002 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1003 if (bssid_changed)
1004 wpas_notify_bssid_changed(wpa_s);
6fc6879b
JM		 1005#ifdef CONFIG_IEEE80211R
1006 ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1007 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1008 md = ie + 2;
1009 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
91a05482
JM		 1010 if (md) {
1011 /* Prepare for the next transition */
1012 wpa_ft_prepare_auth_request(wpa_s->wpa);
1013 }
6fc6879b 1014#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1015#ifdef CONFIG_WPS
1016 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1017 wpa_s->conf->ap_scan == 2 &&
1018 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1019 /* Use ap_scan==1 style network selection to find the network
1020 */
1021 wpa_s->scan_req = 2;
1022 wpa_s->reassociate = 1;
1023 wpa_supplicant_req_scan(wpa_s, 0, 0);
1024 return;
1025#endif /* CONFIG_WPS */
6fc6879b
JM		 1026 } else {
1027 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1028 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1029 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1030 }
1031 wpa_supplicant_cancel_scan(wpa_s);
1032
1033 /* Starting new association, so clear the possibly used WPA IE from the
1034 * previous association. */
1035 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1036
ec5f180a
DW		 1037 if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
1038 wpa_printf(MSG_WARNING, "Failed to set operating mode");
1039 assoc_failed = 1;
1040 }
1041
6fc6879b
JM		 1042#ifdef IEEE8021X_EAPOL
1043 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1044 if (ssid->leap) {
1045 if (ssid->non_leap == 0)
1046 algs = AUTH_ALG_LEAP;
1047 else
1048 algs |= AUTH_ALG_LEAP;
1049 }
1050 }
1051#endif /* IEEE8021X_EAPOL */
1052 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1053 if (ssid->auth_alg) {
1054 algs = 0;
1055 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
1056 algs |= AUTH_ALG_OPEN_SYSTEM;
1057 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
1058 algs |= AUTH_ALG_SHARED_KEY;
1059 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
1060 algs |= AUTH_ALG_LEAP;
1061 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1062 algs);
1063 }
1064 wpa_drv_set_auth_alg(wpa_s, algs);
1065
1066 if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1067 wpa_scan_get_ie(bss, WLAN_EID_RSN)) &&
1068 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1069 WPA_KEY_MGMT_FT_IEEE8021X |
56586197
JM		 1070 WPA_KEY_MGMT_FT_PSK |
1071 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1072 WPA_KEY_MGMT_PSK_SHA256))) {
6fc6879b
JM		 1073 int try_opportunistic;
1074 try_opportunistic = ssid->proactive_key_caching &&
1075 (ssid->proto & WPA_PROTO_RSN);
1076 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1077 wpa_s->current_ssid,
1078 try_opportunistic) == 0)
1079 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1080 wpa_ie_len = sizeof(wpa_ie);
1081 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1082 wpa_ie, &wpa_ie_len)) {
1083 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1084 "management and encryption suites");
1085 return;
1086 }
1087 } else if (ssid->key_mgmt &
1088 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1089 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
56586197
JM		 1090 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1091 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
6fc6879b
JM		 1092 wpa_ie_len = sizeof(wpa_ie);
1093 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1094 wpa_ie, &wpa_ie_len)) {
1095 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1096 "management and encryption suites (no scan "
1097 "results)");
1098 return;
1099 }
ad08c363
JM		 1100#ifdef CONFIG_WPS
1101 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1102 struct wpabuf *wps_ie;
1103 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1104 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1105 wpa_ie_len = wpabuf_len(wps_ie);
1106 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1107 } else
1108 wpa_ie_len = 0;
ad08c363
JM		 1109 wpabuf_free(wps_ie);
1110 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1111#endif /* CONFIG_WPS */
6fc6879b
JM		 1112 } else {
1113 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1114 wpa_ie_len = 0;
1115 }
1116
1117 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1118 use_crypt = 1;
1119 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1120 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1121 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1122 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1123 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1124 use_crypt = 0;
1125 if (wpa_set_wep_keys(wpa_s, ssid)) {
1126 use_crypt = 1;
1127 wep_keys_set = 1;
1128 }
1129 }
ad08c363
JM		 1130 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1131 use_crypt = 0;
6fc6879b
JM		 1132
1133#ifdef IEEE8021X_EAPOL
1134 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1135 if ((ssid->eapol_flags &
1136 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1137 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1138 !wep_keys_set) {
1139 use_crypt = 0;
1140 } else {
1141 /* Assume that dynamic WEP-104 keys will be used and
1142 * set cipher suites in order for drivers to expect
1143 * encryption. */
1144 cipher_pairwise = cipher_group = CIPHER_WEP104;
1145 }
1146 }
1147#endif /* IEEE8021X_EAPOL */
1148
1149 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1150 /* Set the key before (and later after) association */
1151 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1152 }
1153
1154 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
1155 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1156 os_memset(&params, 0, sizeof(params));
1157 if (bss) {
1158 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
1159 params.bssid = bss->bssid;
1160 params.ssid = ie ? ie + 2 : (u8 *) "";
1161 params.ssid_len = ie ? ie[1] : 0;
1162 params.freq = bss->freq;
1163 } else {
1164 params.ssid = ssid->ssid;
1165 params.ssid_len = ssid->ssid_len;
1166 }
1167 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0)
1168 params.freq = ssid->frequency; /* Initial channel for IBSS */
1169 params.wpa_ie = wpa_ie;
1170 params.wpa_ie_len = wpa_ie_len;
1171 params.pairwise_suite = cipher_pairwise;
1172 params.group_suite = cipher_group;
1173 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1174 params.auth_alg = algs;
1175 params.mode = ssid->mode;
1176 for (i = 0; i < NUM_WEP_KEYS; i++) {
1177 if (ssid->wep_key_len[i])
1178 params.wep_key[i] = ssid->wep_key[i];
1179 params.wep_key_len[i] = ssid->wep_key_len[i];
1180 }
1181 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1182
c2a04078 1183 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1184 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1185 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1186 params.passphrase = ssid->passphrase;
1187 if (ssid->psk_set)
1188 params.psk = ssid->psk;
1189 }
1190
36b15723
JM		 1191 params.drop_unencrypted = use_crypt;
1192
6fc6879b
JM		 1193#ifdef CONFIG_IEEE80211W
1194 switch (ssid->ieee80211w) {
1195 case NO_IEEE80211W:
1196 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
1197 break;
1198 case IEEE80211W_OPTIONAL:
1199 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
1200 break;
1201 case IEEE80211W_REQUIRED:
1202 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
1203 break;
1204 }
97d3497e
JM		 1205 if (ssid->ieee80211w != NO_IEEE80211W && bss) {
1206 const u8 *rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
1207 struct wpa_ie_data ie;
1208 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1209 ie.capabilities &
1210 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1211 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1212 "require MFP");
1213 params.mgmt_frame_protection =
1214 MGMT_FRAME_PROTECTION_REQUIRED;
1215 }
1216 }
6fc6879b
JM		 1217#endif /* CONFIG_IEEE80211W */
1218
c2a04078 1219 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1220 ret = ieee80211_sta_associate(wpa_s, &params);
1221 else
1222 ret = wpa_drv_associate(wpa_s, &params);
1223 if (ret < 0) {
1224 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1225 "failed");
1226 /* try to continue anyway; new association will be tried again
1227 * after timeout */
1228 assoc_failed = 1;
1229 }
1230
1231 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1232 /* Set the key after the association just in case association
1233 * cleared the previously configured key. */
1234 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1235 /* No need to timeout authentication since there is no key
1236 * management. */
1237 wpa_supplicant_cancel_auth_timeout(wpa_s);
1238 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b
JM		 1239#ifdef CONFIG_IBSS_RSN
1240 } else if (ssid->mode == IEEE80211_MODE_IBSS &&
1241 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1242 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
b9a2e577 1243 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
53895c3b
JM		 1244 /*
1245 * RSN IBSS authentication is per-STA and we can disable the
1246 * per-BSSID authentication.
1247 */
1248 wpa_supplicant_cancel_auth_timeout(wpa_s);
1249 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1250#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1251 } else {
1252 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1253 int timeout = 60;
1254
1255 if (assoc_failed) {
1256 /* give IBSS a bit more time */
1257 timeout = ssid->mode ? 10 : 5;
1258 } else if (wpa_s->conf->ap_scan == 1) {
1259 /* give IBSS a bit more time */
1260 timeout = ssid->mode ? 20 : 10;
1261 }
6fc6879b
JM		 1262 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1263 }
1264
1265 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1266 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1267 /* Set static WEP keys again */
1268 wpa_set_wep_keys(wpa_s, ssid);
1269 }
1270
1271 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1272 /*
1273 * Do not allow EAP session resumption between different
1274 * network configurations.
1275 */
1276 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1277 }
8bac466b 1278 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 1279 wpa_s->current_ssid = ssid;
1280 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1281 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1282 if (old_ssid != wpa_s->current_ssid)
1283 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1284}
1285
1286
1287/**
1288 * wpa_supplicant_disassociate - Disassociate the current connection
1289 * @wpa_s: Pointer to wpa_supplicant data
1290 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1291 *
1292 * This function is used to request %wpa_supplicant to disassociate with the
1293 * current AP.
1294 */
1295void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1296 int reason_code)
1297{
8bac466b 1298 struct wpa_ssid *old_ssid;
6fc6879b 1299 u8 *addr = NULL;
8bac466b 1300
a8e16edc 1301 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1302 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1303 ieee80211_sta_disassociate(wpa_s, reason_code);
1304 else
1305 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1306 addr = wpa_s->bssid;
1307 }
1308 wpa_clear_keys(wpa_s, addr);
1309 wpa_supplicant_mark_disassoc(wpa_s);
8bac466b 1310 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 1311 wpa_s->current_ssid = NULL;
1312 wpa_sm_set_config(wpa_s->wpa, NULL);
1313 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
8bac466b
JM		 1314 if (old_ssid != wpa_s->current_ssid)
1315 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1316}
1317
1318
1319/**
1320 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1321 * @wpa_s: Pointer to wpa_supplicant data
1322 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1323 *
073ab58f 1324 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1325 * current AP.
1326 */
1327void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1328 int reason_code)
1329{
8bac466b 1330 struct wpa_ssid *old_ssid;
6fc6879b 1331 u8 *addr = NULL;
8bac466b 1332
a8e16edc 1333 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1334 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1335 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1336 else
1337 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1338 reason_code);
1339 addr = wpa_s->bssid;
1340 }
1341 wpa_clear_keys(wpa_s, addr);
c3dc92e8 1342 wpa_supplicant_mark_disassoc(wpa_s);
8bac466b 1343 old_ssid = wpa_s->current_ssid;
6fc6879b
JM		 1344 wpa_s->current_ssid = NULL;
1345 wpa_sm_set_config(wpa_s->wpa, NULL);
1346 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
8bac466b
JM		 1347 if (old_ssid != wpa_s->current_ssid)
1348 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1349}
1350
1351
86b89452
WS		 1352/**
1353 * wpa_supplicant_enable_network - Mark a configured network as enabled
1354 * @wpa_s: wpa_supplicant structure for a network interface
1355 * @ssid: wpa_ssid structure for a configured network or %NULL
1356 *
1357 * Enables the specified network or all networks if no network specified.
1358 */
1359void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1360 struct wpa_ssid *ssid)
1361{
1362 struct wpa_ssid *other_ssid;
1363 int was_disabled;
1364
1365 if (ssid == NULL) {
1366 other_ssid = wpa_s->conf->ssid;
1367 while (other_ssid) {
1368 if (other_ssid == wpa_s->current_ssid &&
1369 other_ssid->disabled)
1370 wpa_s->reassociate = 1;
1371
1372 was_disabled = other_ssid->disabled;
1373
1374 other_ssid->disabled = 0;
1375
1376 if (was_disabled != other_ssid->disabled)
1377 wpas_notify_network_enabled_changed(
1378 wpa_s, other_ssid);
1379
1380 other_ssid = other_ssid->next;
1381 }
1382 if (wpa_s->reassociate)
1383 wpa_supplicant_req_scan(wpa_s, 0, 0);
1384 } else if (wpa_s->current_ssid == NULL && ssid->disabled) {
1385 /*
1386 * Try to reassociate since there is no current configuration
1387 * and a new network was made available.
1388 */
1389 wpa_s->reassociate = 1;
1390 wpa_supplicant_req_scan(wpa_s, 0, 0);
1391
1392 was_disabled = ssid->disabled;
1393
1394 ssid->disabled = 0;
1395
1396 if (was_disabled != ssid->disabled)
1397 wpas_notify_network_enabled_changed(wpa_s, ssid);
1398 }
1399}
1400
1401
1402/**
1403 * wpa_supplicant_disable_network - Mark a configured network as disabled
1404 * @wpa_s: wpa_supplicant structure for a network interface
1405 * @ssid: wpa_ssid structure for a configured network or %NULL
1406 *
1407 * Disables the specified network or all networks if no network specified.
1408 */
1409void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1410 struct wpa_ssid *ssid)
1411{
1412 struct wpa_ssid *other_ssid;
1413 int was_disabled;
1414
1415 if (ssid == NULL) {
1416 other_ssid = wpa_s->conf->ssid;
1417 while (other_ssid) {
1418 was_disabled = other_ssid->disabled;
1419
1420 other_ssid->disabled = 1;
1421
1422 if (was_disabled != other_ssid->disabled)
1423 wpas_notify_network_enabled_changed(
1424 wpa_s, other_ssid);
1425
1426 other_ssid = other_ssid->next;
1427 }
1428 if (wpa_s->current_ssid)
1429 wpa_supplicant_disassociate(
1430 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1431 } else {
1432 if (ssid == wpa_s->current_ssid)
1433 wpa_supplicant_disassociate(
1434 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1435
1436 was_disabled = ssid->disabled;
1437
1438 ssid->disabled = 1;
1439
1440 if (was_disabled != ssid->disabled)
1441 wpas_notify_network_enabled_changed(wpa_s, ssid);
1442 }
1443}
1444
1445
1446/**
1447 * wpa_supplicant_select_network - Attempt association with a network
1448 * @wpa_s: wpa_supplicant structure for a network interface
1449 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1450 */
1451void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1452 struct wpa_ssid *ssid)
1453{
1454
1455 struct wpa_ssid *other_ssid;
1456
1457 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1458 wpa_supplicant_disassociate(
1459 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1460
1461 /*
1462 * Mark all other networks disabled or mark all networks enabled if no
1463 * network specified.
1464 */
1465 other_ssid = wpa_s->conf->ssid;
1466 while (other_ssid) {
1467 int was_disabled = other_ssid->disabled;
1468
1469 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1470
1471 if (was_disabled != other_ssid->disabled)
1472 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1473
1474 other_ssid = other_ssid->next;
1475 }
1476 wpa_s->disconnected = 0;
1477 wpa_s->reassociate = 1;
1478 wpa_supplicant_req_scan(wpa_s, 0, 0);
1479
1480 wpas_notify_network_selected(wpa_s, ssid);
1481}
1482
1483
1484/**
1485 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1486 * @wpa_s: wpa_supplicant structure for a network interface
1487 * @ap_scan: AP scan mode
1488 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1489 *
1490 */
1491int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1492{
1493
1494 int old_ap_scan;
1495
1496 if (ap_scan < 0 || ap_scan > 2)
1497 return -1;
1498
1499 old_ap_scan = wpa_s->conf->ap_scan;
1500 wpa_s->conf->ap_scan = ap_scan;
1501
1502 if (old_ap_scan != wpa_s->conf->ap_scan)
1503 wpas_notify_ap_scan_changed(wpa_s);
1504
1505 return 0;
1506}
1507
1508
1509/**
1510 * wpa_supplicant_set_debug_params - Set global debug params
1511 * @global: wpa_global structure
1512 * @debug_level: debug level
1513 * @debug_timestamp: determines if show timestamp in debug data
1514 * @debug_show_keys: determines if show keys in debug data
1515 * Returns: 0 if succeed or -1 if debug_level has wrong value
1516 */
1517int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1518 int debug_timestamp, int debug_show_keys)
1519{
1520
1521 int old_level, old_timestamp, old_show_keys;
1522
1523 /* check for allowed debuglevels */
1524 if (debug_level != MSG_MSGDUMP &&
1525 debug_level != MSG_DEBUG &&
1526 debug_level != MSG_INFO &&
1527 debug_level != MSG_WARNING &&
1528 debug_level != MSG_ERROR)
1529 return -1;
1530
1531 old_level = wpa_debug_level;
1532 old_timestamp = wpa_debug_timestamp;
1533 old_show_keys = wpa_debug_show_keys;
1534
1535 wpa_debug_level = debug_level;
1536 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1537 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1538
1539 if (wpa_debug_level != old_level ||
1540 wpa_debug_timestamp != old_timestamp ||
1541 wpa_debug_show_keys != old_show_keys)
1542 wpas_notify_debug_params_changed(global);
1543
1544 return 0;
1545}
1546
1547
3e53b314
WS		 1548static struct wpa_scan_results * wpa_supplicant_get_scan_results_old(
1549 struct wpa_supplicant *wpa_s)
6fc6879b
JM		 1550{
1551#define SCAN_AP_LIMIT 128
1552 struct wpa_scan_result *results;
1553 int num, i;
1554 struct wpa_scan_results *res;
1555
1556 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
1557 if (results == NULL) {
1558 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
1559 "results");
3e53b314 1560 return NULL;
6fc6879b
JM		 1561 }
1562
1563 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
1564 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
1565 if (num < 0) {
1566 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1567 os_free(results);
3e53b314 1568 return NULL;
6fc6879b
JM		 1569 }
1570 if (num > SCAN_AP_LIMIT) {
1571 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
1572 num, SCAN_AP_LIMIT);
1573 num = SCAN_AP_LIMIT;
1574 }
1575
6fc6879b
JM		 1576 /* Convert old scan result data structure to the new one */
1577 res = os_zalloc(sizeof(*res));
1578 if (res == NULL) {
1579 os_free(results);
3e53b314 1580 return NULL;
6fc6879b
JM		 1581 }
1582 res->res = os_zalloc(num * sizeof(struct wpa_scan_res *));
1583 if (res->res == NULL) {
1584 os_free(results);
1585 os_free(res);
3e53b314 1586 return NULL;
6fc6879b
JM		 1587 }
1588
1589 for (i = 0; i < num; i++) {
1590 struct wpa_scan_result *bss = &results[i];
1591 struct wpa_scan_res *r;
1592 size_t ie_len;
1593 u8 *pos;
1594
1595 ie_len = 2 + bss->ssid_len + bss->rsn_ie_len + bss->wpa_ie_len;
1596 if (bss->maxrate)
1597 ie_len += 3;
1598 if (bss->mdie_present)
1599 ie_len += 5;
1600
1601 r = os_zalloc(sizeof(*r) + ie_len);
1602 if (r == NULL)
1603 break;
1604
1605 os_memcpy(r->bssid, bss->bssid, ETH_ALEN);
1606 r->freq = bss->freq;
1607 r->caps = bss->caps;
1608 r->qual = bss->qual;
1609 r->noise = bss->noise;
1610 r->level = bss->level;
1611 r->tsf = bss->tsf;
1612 r->ie_len = ie_len;
1613
1614 pos = (u8 *) (r + 1);
1615
1616 /* SSID IE */
1617 *pos++ = WLAN_EID_SSID;
1618 *pos++ = bss->ssid_len;
1619 os_memcpy(pos, bss->ssid, bss->ssid_len);
1620 pos += bss->ssid_len;
1621
1622 if (bss->maxrate) {
1623 /* Fake Supported Rate IE to include max rate */
1624 *pos++ = WLAN_EID_SUPP_RATES;
1625 *pos++ = 1;
1626 *pos++ = bss->maxrate;
1627 }
1628
1629 if (bss->rsn_ie_len) {
1630 os_memcpy(pos, bss->rsn_ie, bss->rsn_ie_len);
1631 pos += bss->rsn_ie_len;
1632 }
1633
1634 if (bss->mdie_present) {
1635 os_memcpy(pos, bss->mdie, 5);
1636 pos += 5;
1637 }
1638
1639 if (bss->wpa_ie_len) {
1640 os_memcpy(pos, bss->wpa_ie, bss->wpa_ie_len);
1641 pos += bss->wpa_ie_len;
1642 }
1643
1644 res->res[res->num++] = r;
1645 }
1646
1647 os_free(results);
6fc6879b 1648
3e53b314 1649 return res;
6fc6879b
JM		 1650}
1651
1652
1653/**
1654 * wpa_supplicant_get_scan_results - Get scan results
1655 * @wpa_s: Pointer to wpa_supplicant data
1656 * Returns: 0 on success, -1 on failure
1657 *
1658 * This function is request the current scan results from the driver and stores
1659 * a local copy of the results in wpa_s->scan_res.
1660 */
1661int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
1662{
1663 int ret;
1664
3e53b314
WS		 1665 wpa_scan_results_free(wpa_s->scan_res);
1666 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b 1667 wpa_s->scan_res = ieee80211_sta_get_scan_results(wpa_s);
3e53b314
WS		 1668 else if (wpa_s->driver->get_scan_results2 == NULL)
1669 wpa_s->scan_res = wpa_supplicant_get_scan_results_old(wpa_s);
1670 else
6fc6879b 1671 wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
3e53b314
WS		 1672 if (wpa_s->scan_res == NULL) {
1673 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1674 ret = -1;
1675 } else {
1676 ret = 0;
6fc6879b 1677 wpa_scan_sort_results(wpa_s->scan_res);
3e53b314 1678 }
6fc6879b
JM		 1679
1680 return ret;
1681}
1682
1683
1684/**
1685 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1686 * @wpa_s: Pointer to wpa_supplicant data
1687 * Returns: A pointer to the current network structure or %NULL on failure
1688 */
1689struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1690{
1691 struct wpa_ssid *entry;
1692 u8 ssid[MAX_SSID_LEN];
1693 int res;
1694 size_t ssid_len;
1695 u8 bssid[ETH_ALEN];
1696 int wired;
1697
c2a04078 1698 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 1699 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1700 wpa_printf(MSG_WARNING, "Could not read SSID from "
1701 "MLME.");
1702 return NULL;
1703 }
1704 } else {
1705 res = wpa_drv_get_ssid(wpa_s, ssid);
1706 if (res < 0) {
1707 wpa_printf(MSG_WARNING, "Could not read SSID from "
1708 "driver.");
1709 return NULL;
1710 }
1711 ssid_len = res;
1712 }
1713
c2a04078 1714 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1715 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1716 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1717 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1718 return NULL;
1719 }
1720
c2a04078
JM		 1721 wired = wpa_s->conf->ap_scan == 0 &&
1722 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 1723
1724 entry = wpa_s->conf->ssid;
1725 while (entry) {
1726 if (!entry->disabled &&
1727 ((ssid_len == entry->ssid_len &&
1728 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1729 (!entry->bssid_set ||
1730 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1731 return entry;
24c23d1b
JM		 1732#ifdef CONFIG_WPS
1733 if (!entry->disabled &&
1734 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1735 (entry->ssid == NULL || entry->ssid_len == 0) &&
1736 (!entry->bssid_set ||
1737 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1738 return entry;
1739#endif /* CONFIG_WPS */
6fc6879b
JM		 1740 entry = entry->next;
1741 }
1742
1743 return NULL;
1744}
1745
1746
1747static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1748 const char *name)
1749{
1750 int i;
362f781e
JM		 1751 size_t len;
1752 const char *pos;
6fc6879b
JM		 1753
1754 if (wpa_s == NULL)
1755 return -1;
1756
c5121837 1757 if (wpa_drivers[0] == NULL) {
6fc6879b
JM		 1758 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1759 "wpa_supplicant.");
1760 return -1;
1761 }
1762
1763 if (name == NULL) {
1764 /* default to first driver in the list */
c5121837 1765 wpa_s->driver = wpa_drivers[0];
6fc6879b
JM		 1766 return 0;
1767 }
1768
362f781e
JM		 1769 pos = os_strchr(name, ',');
1770 if (pos)
1771 len = pos - name;
1772 else
1773 len = os_strlen(name);
c5121837
JM		 1774 for (i = 0; wpa_drivers[i]; i++) {
1775 if (os_strlen(wpa_drivers[i]->name) == len &&
1776 os_strncmp(name, wpa_drivers[i]->name, len) ==
362f781e 1777 0) {
c5121837 1778 wpa_s->driver = wpa_drivers[i];
6fc6879b
JM		 1779 return 0;
1780 }
1781 }
1782
362f781e 1783 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.", name);
6fc6879b
JM		 1784 return -1;
1785}
1786
1787
1788void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1789 const u8 *buf, size_t len)
1790{
1791 struct wpa_supplicant *wpa_s = ctx;
1792
1793 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1794 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1795
1ff73338
JM		 1796 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1797 /*
1798 * There is possible race condition between receiving the
1799 * association event and the EAPOL frame since they are coming
1800 * through different paths from the driver. In order to avoid
1801 * issues in trying to process the EAPOL frame before receiving
1802 * association information, lets queue it for processing until
1803 * the association event is received.
1804 */
1805 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of "
1806 "received EAPOL frame");
1807 wpabuf_free(wpa_s->pending_eapol_rx);
1808 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1809 if (wpa_s->pending_eapol_rx) {
1810 os_get_time(&wpa_s->pending_eapol_rx_time);
1811 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1812 ETH_ALEN);
1813 }
1814 return;
1815 }
1816
db149ac9
JM		 1817#ifdef CONFIG_AP
1818 if (wpa_s->ap_iface) {
1819 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1820 return;
1821 }
1822#endif /* CONFIG_AP */
1823
6fc6879b
JM		 1824 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1825 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1826 "no key management is configured");
1827 return;
1828 }
1829
1830 if (wpa_s->eapol_received == 0 &&
c2a04078 1831 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 1832 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
6fc6879b
JM		 1833 wpa_s->wpa_state != WPA_COMPLETED)) {
1834 /* Timeout for completing IEEE 802.1X and WPA authentication */
1835 wpa_supplicant_req_auth_timeout(
1836 wpa_s,
56586197 1837 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 1838 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1839 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 1840 70 : 10, 0);
1841 }
1842 wpa_s->eapol_received++;
1843
1844 if (wpa_s->countermeasures) {
1845 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1846 "packet");
1847 return;
1848 }
1849
8be18440
JM		 1850#ifdef CONFIG_IBSS_RSN
1851 if (wpa_s->current_ssid &&
1852 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS) {
1853 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1854 return;
1855 }
1856#endif /* CONFIG_IBSS_RSN */
1857
6fc6879b
JM		 1858 /* Source address of the incoming EAPOL frame could be compared to the
1859 * current BSSID. However, it is possible that a centralized
1860 * Authenticator could be using another MAC address than the BSSID of
1861 * an AP, so just allow any address to be used for now. The replies are
1862 * still sent to the current BSSID (if available), though. */
1863
1864 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 1865 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 1866 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1867 return;
1868 wpa_drv_poll(wpa_s);
c2a04078 1869 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 1870 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 1871 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 1872 /*
1873 * Set portValid = TRUE here since we are going to skip 4-way
1874 * handshake processing which would normally set portValid. We
1875 * need this to allow the EAPOL state machines to be completed
1876 * without going through EAPOL-Key handshake.
1877 */
1878 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1879 }
1880}
1881
1882
6fc6879b
JM		 1883void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len,
1884 struct ieee80211_rx_status *rx_status)
1885{
1886 struct wpa_supplicant *wpa_s = ctx;
1887 ieee80211_sta_rx(wpa_s, buf, len, rx_status);
1888}
1889
1890
1891/**
1892 * wpa_supplicant_driver_init - Initialize driver interface parameters
1893 * @wpa_s: Pointer to wpa_supplicant data
1894 * Returns: 0 on success, -1 on failure
1895 *
1896 * This function is called to initialize driver interface parameters.
1897 * wpa_drv_init() must have been called before this function to initialize the
1898 * driver interface.
1899 */
1900int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1901{
1902 static int interface_count = 0;
1903
1904 if (wpa_s->driver->send_eapol) {
1905 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1906 if (addr)
1907 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1908 } else {
1909 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1910 wpa_drv_get_mac_addr(wpa_s),
1911 ETH_P_EAPOL,
1912 wpa_supplicant_rx_eapol, wpa_s, 0);
1913 if (wpa_s->l2 == NULL)
1914 return -1;
1915 }
1916
1917 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1918 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1919 return -1;
1920 }
1921
1922 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1923 MAC2STR(wpa_s->own_addr));
1924
1925 if (wpa_s->bridge_ifname[0]) {
1926 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1927 " '%s'", wpa_s->bridge_ifname);
1928 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1929 wpa_s->own_addr,
1930 ETH_P_EAPOL,
1931 wpa_supplicant_rx_eapol, wpa_s,
1932 0);
1933 if (wpa_s->l2_br == NULL) {
1934 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1935 "connection for the bridge interface '%s'",
1936 wpa_s->bridge_ifname);
1937 return -1;
1938 }
1939 }
1940
1941 /* Backwards compatibility call to set_wpa() handler. This is called
1942 * only just after init and just before deinit, so these handler can be
1943 * used to implement same functionality. */
1944 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
1945 struct wpa_driver_capa capa;
1946 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
1947 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1948 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
1949 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
1950 /* Continue to allow non-WPA modes to be used. */
1951 } else {
1952 wpa_printf(MSG_ERROR, "Failed to enable WPA in the "
1953 "driver.");
1954 return -1;
1955 }
1956 }
1957
1958 wpa_clear_keys(wpa_s, NULL);
1959
1960 /* Make sure that TKIP countermeasures are not left enabled (could
1961 * happen if wpa_supplicant is killed during countermeasures. */
1962 wpa_drv_set_countermeasures(wpa_s, 0);
1963
1964 wpa_drv_set_drop_unencrypted(wpa_s, 1);
1965
1966 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1967 wpa_drv_flush_pmkid(wpa_s);
1968
ba2a573c 1969 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
6fc6879b
JM		 1970 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1971 interface_count++;
1972
1973 return 0;
1974}
1975
1976
1977static int wpa_supplicant_daemon(const char *pid_file)
1978{
1979 wpa_printf(MSG_DEBUG, "Daemonize..");
1980 return os_daemonize(pid_file);
1981}
1982
1983
1984static struct wpa_supplicant * wpa_supplicant_alloc(void)
1985{
1986 struct wpa_supplicant *wpa_s;
1987
1988 wpa_s = os_zalloc(sizeof(*wpa_s));
1989 if (wpa_s == NULL)
1990 return NULL;
1991 wpa_s->scan_req = 1;
1992
1993 return wpa_s;
1994}
1995
1996
1997static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1998 struct wpa_interface *iface)
1999{
362f781e
JM		 2000 const char *ifname, *driver;
2001 struct wpa_driver_capa capa;
2002
6fc6879b
JM		 2003 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2004 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2005 iface->confname ? iface->confname : "N/A",
2006 iface->driver ? iface->driver : "default",
2007 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2008 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2009
6fc6879b
JM		 2010 if (iface->confname) {
2011#ifdef CONFIG_BACKEND_FILE
2012 wpa_s->confname = os_rel2abs_path(iface->confname);
2013 if (wpa_s->confname == NULL) {
2014 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2015 "for configuration file '%s'.",
2016 iface->confname);
2017 return -1;
2018 }
2019 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2020 iface->confname, wpa_s->confname);
2021#else /* CONFIG_BACKEND_FILE */
2022 wpa_s->confname = os_strdup(iface->confname);
2023#endif /* CONFIG_BACKEND_FILE */
2024 wpa_s->conf = wpa_config_read(wpa_s->confname);
2025 if (wpa_s->conf == NULL) {
2026 wpa_printf(MSG_ERROR, "Failed to read or parse "
2027 "configuration '%s'.", wpa_s->confname);
2028 return -1;
2029 }
2030
2031 /*
2032 * Override ctrl_interface and driver_param if set on command
2033 * line.
2034 */
2035 if (iface->ctrl_interface) {
2036 os_free(wpa_s->conf->ctrl_interface);
2037 wpa_s->conf->ctrl_interface =
2038 os_strdup(iface->ctrl_interface);
2039 }
2040
2041 if (iface->driver_param) {
2042 os_free(wpa_s->conf->driver_param);
2043 wpa_s->conf->driver_param =
2044 os_strdup(iface->driver_param);
2045 }
2046 } else
2047 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2048 iface->driver_param);
2049
2050 if (wpa_s->conf == NULL) {
2051 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2052 return -1;
2053 }
2054
2055 if (iface->ifname == NULL) {
2056 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2057 return -1;
2058 }
2059 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2060 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2061 iface->ifname);
2062 return -1;
2063 }
2064 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2065
2066 if (iface->bridge_ifname) {
2067 if (os_strlen(iface->bridge_ifname) >=
2068 sizeof(wpa_s->bridge_ifname)) {
2069 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2070 "name '%s'.", iface->bridge_ifname);
2071 return -1;
2072 }
2073 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2074 sizeof(wpa_s->bridge_ifname));
2075 }
2076
6fc6879b
JM		 2077 /* RSNA Supplicant Key Management - INITIALIZE */
2078 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2079 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2080
2081 /* Initialize driver interface and register driver event handler before
2082 * L2 receive handler so that association events are processed before
2083 * EAPOL-Key packets if both become available for the same select()
2084 * call. */
362f781e
JM		 2085 driver = iface->driver;
2086next_driver:
2087 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2088 return -1;
2089
6fc6879b
JM		 2090 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2091 if (wpa_s->drv_priv == NULL) {
362f781e
JM		 2092 const char *pos;
2093 pos = os_strchr(driver, ',');
2094 if (pos) {
2095 wpa_printf(MSG_DEBUG, "Failed to initialize driver "
2096 "interface - try next driver wrapper");
2097 driver = pos + 1;
2098 goto next_driver;
2099 }
6fc6879b
JM		 2100 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
2101 return -1;
2102 }
2103 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2104 wpa_printf(MSG_ERROR, "Driver interface rejected "
2105 "driver_param '%s'", wpa_s->conf->driver_param);
2106 return -1;
2107 }
2108
2109 ifname = wpa_drv_get_ifname(wpa_s);
2110 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2111 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
2112 "name with '%s'", ifname);
2113 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2114 }
2115
2116 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2117 return -1;
2118
2119 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2120 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2121 NULL);
2122 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2123
2124 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2125 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2126 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2127 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2128 "dot11RSNAConfigPMKLifetime");
2129 return -1;
2130 }
2131
2132 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2133 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2134 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2135 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2136 "dot11RSNAConfigPMKReauthThreshold");
2137 return -1;
2138 }
2139
2140 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2141 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2142 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2143 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2144 "dot11RSNAConfigSATimeout");
2145 return -1;
2146 }
2147
2148 if (wpa_supplicant_driver_init(wpa_s) < 0)
2149 return -1;
2150
315ce40a
JM		 2151 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2152 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6d158490
LR		 2153 wpa_printf(MSG_DEBUG, "Failed to set country");
2154 return -1;
2155 }
2156
6fc6879b
JM		 2157 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2158
116654ce
JM		 2159 if (wpas_wps_init(wpa_s))
2160 return -1;
2161
6fc6879b
JM		 2162 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2163 return -1;
2164 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2165
2166 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2167 if (wpa_s->ctrl_iface == NULL) {
2168 wpa_printf(MSG_ERROR,
2169 "Failed to initialize control interface '%s'.\n"
2170 "You may have another wpa_supplicant process "
2171 "already running or the file was\n"
2172 "left by an unclean termination of wpa_supplicant "
2173 "in which case you will need\n"
2174 "to manually remove this file before starting "
2175 "wpa_supplicant again.\n",
2176 wpa_s->conf->ctrl_interface);
2177 return -1;
2178 }
2179
2180 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c2a04078 2181 wpa_s->drv_flags = capa.flags;
6fc6879b 2182 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 2183 if (ieee80211_sta_init(wpa_s))
2184 return -1;
2185 }
80bc75f1 2186 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6fc6879b
JM		 2187 }
2188
11ef8d35
JM		 2189#ifdef CONFIG_IBSS_RSN
2190 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2191 if (!wpa_s->ibss_rsn) {
2192 wpa_printf(MSG_DEBUG, "Failed to init IBSS RSN");
2193 return -1;
2194 }
2195#endif /* CONFIG_IBSS_RSN */
2196
6fc6879b
JM		 2197 return 0;
2198}
2199
2200
2201static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
2202{
2203 if (wpa_s->drv_priv) {
2204 wpa_supplicant_deauthenticate(wpa_s,
2205 WLAN_REASON_DEAUTH_LEAVING);
2206
2207 /* Backwards compatibility call to set_wpa() handler. This is
2208 * called only just after init and just before deinit, so these
2209 * handler can be used to implement same functionality. */
2210 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
2211 wpa_printf(MSG_ERROR, "Failed to disable WPA in the "
2212 "driver.");
2213 }
2214
2215 wpa_drv_set_drop_unencrypted(wpa_s, 0);
2216 wpa_drv_set_countermeasures(wpa_s, 0);
2217 wpa_clear_keys(wpa_s, NULL);
2218 }
2219
8bac466b 2220 wpas_notify_unregister_interface(wpa_s);
6fc6879b
JM		 2221
2222 wpa_supplicant_cleanup(wpa_s);
2223
2224 if (wpa_s->drv_priv)
2225 wpa_drv_deinit(wpa_s);
2226}
2227
2228
2229/**
2230 * wpa_supplicant_add_iface - Add a new network interface
2231 * @global: Pointer to global data from wpa_supplicant_init()
2232 * @iface: Interface configuration options
2233 * Returns: Pointer to the created interface or %NULL on failure
2234 *
2235 * This function is used to add new network interfaces for %wpa_supplicant.
2236 * This can be called before wpa_supplicant_run() to add interfaces before the
2237 * main event loop has been started. In addition, new interfaces can be added
2238 * dynamically while %wpa_supplicant is already running. This could happen,
2239 * e.g., when a hotplug network adapter is inserted.
2240 */
2241struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2242 struct wpa_interface *iface)
2243{
2244 struct wpa_supplicant *wpa_s;
2245
2246 if (global == NULL || iface == NULL)
2247 return NULL;
2248
2249 wpa_s = wpa_supplicant_alloc();
2250 if (wpa_s == NULL)
2251 return NULL;
2252
362f781e 2253 if (wpa_supplicant_init_iface(wpa_s, iface)) {
6fc6879b
JM		 2254 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2255 iface->ifname);
2256 wpa_supplicant_deinit_iface(wpa_s);
2257 os_free(wpa_s);
2258 return NULL;
2259 }
2260
2261 wpa_s->global = global;
2262
2263 /* Register the interface with the dbus control interface */
2264 if (wpas_dbus_register_iface(wpa_s)) {
2265 wpa_supplicant_deinit_iface(wpa_s);
2266 os_free(wpa_s);
2267 return NULL;
2268 }
1bd3f426 2269
6fc6879b
JM		 2270 wpa_s->next = global->ifaces;
2271 global->ifaces = wpa_s;
2272
2273 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2274
2275 return wpa_s;
2276}
2277
2278
2279/**
2280 * wpa_supplicant_remove_iface - Remove a network interface
2281 * @global: Pointer to global data from wpa_supplicant_init()
2282 * @wpa_s: Pointer to the network interface to be removed
2283 * Returns: 0 if interface was removed, -1 if interface was not found
2284 *
2285 * This function can be used to dynamically remove network interfaces from
2286 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2287 * addition, this function is used to remove all remaining interfaces when
2288 * %wpa_supplicant is terminated.
2289 */
2290int wpa_supplicant_remove_iface(struct wpa_global *global,
2291 struct wpa_supplicant *wpa_s)
2292{
2293 struct wpa_supplicant *prev;
2294
2295 /* Remove interface from the global list of interfaces */
2296 prev = global->ifaces;
2297 if (prev == wpa_s) {
2298 global->ifaces = wpa_s->next;
2299 } else {
2300 while (prev && prev->next != wpa_s)
2301 prev = prev->next;
2302 if (prev == NULL)
2303 return -1;
2304 prev->next = wpa_s->next;
2305 }
2306
2307 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2308
2309 wpa_supplicant_deinit_iface(wpa_s);
2310 os_free(wpa_s);
2311
2312 return 0;
2313}
2314
2315
2316/**
2317 * wpa_supplicant_get_iface - Get a new network interface
2318 * @global: Pointer to global data from wpa_supplicant_init()
2319 * @ifname: Interface name
2320 * Returns: Pointer to the interface or %NULL if not found
2321 */
2322struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2323 const char *ifname)
2324{
2325 struct wpa_supplicant *wpa_s;
2326
2327 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2328 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2329 return wpa_s;
2330 }
2331 return NULL;
2332}
2333
2334
2335/**
2336 * wpa_supplicant_init - Initialize %wpa_supplicant
2337 * @params: Parameters for %wpa_supplicant
2338 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2339 *
2340 * This function is used to initialize %wpa_supplicant. After successful
2341 * initialization, the returned data pointer can be used to add and remove
2342 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2343 */
2344struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2345{
2346 struct wpa_global *global;
ac305589 2347 int ret, i;
6fc6879b
JM		 2348
2349 if (params == NULL)
2350 return NULL;
2351
2352 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 2353 if (params->wpa_debug_syslog)
2354 wpa_debug_open_syslog();
6fc6879b
JM		 2355
2356 ret = eap_peer_register_methods();
2357 if (ret) {
2358 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2359 if (ret == -2)
2360 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2361 "the same EAP type.");
2362 return NULL;
2363 }
2364
3ec97afe
JM		 2365#ifdef CONFIG_AP
2366 ret = eap_server_register_methods();
2367 if (ret) {
2368 wpa_printf(MSG_ERROR, "Failed to register EAP server methods");
2369 if (ret == -2)
2370 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2371 "the same EAP type.");
2372 return NULL;
2373 }
2374#endif /* CONFIG_AP */
2375
6fc6879b
JM		 2376 global = os_zalloc(sizeof(*global));
2377 if (global == NULL)
2378 return NULL;
2379 global->params.daemonize = params->daemonize;
2380 global->params.wait_for_monitor = params->wait_for_monitor;
2381 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2382 if (params->pid_file)
2383 global->params.pid_file = os_strdup(params->pid_file);
2384 if (params->ctrl_interface)
2385 global->params.ctrl_interface =
2386 os_strdup(params->ctrl_interface);
2387 wpa_debug_level = global->params.wpa_debug_level =
2388 params->wpa_debug_level;
2389 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2390 params->wpa_debug_show_keys;
2391 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2392 params->wpa_debug_timestamp;
2393
2394 if (eloop_init(global)) {
2395 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2396 wpa_supplicant_deinit(global);
2397 return NULL;
2398 }
2399
2400 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2401 if (global->ctrl_iface == NULL) {
2402 wpa_supplicant_deinit(global);
2403 return NULL;
2404 }
2405
2406 if (global->params.dbus_ctrl_interface) {
2407 global->dbus_ctrl_iface =
2408 wpa_supplicant_dbus_ctrl_iface_init(global);
2409 if (global->dbus_ctrl_iface == NULL) {
2410 wpa_supplicant_deinit(global);
2411 return NULL;
2412 }
2413 }
2414
c5121837 2415 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 2416 global->drv_count++;
2417 if (global->drv_count == 0) {
2418 wpa_printf(MSG_ERROR, "No drivers enabled");
2419 wpa_supplicant_deinit(global);
2420 return NULL;
2421 }
2422 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2423 if (global->drv_priv == NULL) {
2424 wpa_supplicant_deinit(global);
2425 return NULL;
2426 }
c5121837
JM		 2427 for (i = 0; wpa_drivers[i]; i++) {
2428 if (!wpa_drivers[i]->global_init)
ac305589 2429 continue;
c5121837 2430 global->drv_priv[i] = wpa_drivers[i]->global_init();
ac305589
JM		 2431 if (global->drv_priv[i] == NULL) {
2432 wpa_printf(MSG_ERROR, "Failed to initialize driver "
c5121837 2433 "'%s'", wpa_drivers[i]->name);
ac305589
JM		 2434 wpa_supplicant_deinit(global);
2435 return NULL;
2436 }
2437 }
2438
6fc6879b
JM		 2439 return global;
2440}
2441
2442
2443/**
2444 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2445 * @global: Pointer to global data from wpa_supplicant_init()
2446 * Returns: 0 after successful event loop run, -1 on failure
2447 *
2448 * This function starts the main event loop and continues running as long as
2449 * there are any remaining events. In most cases, this function is running as
2450 * long as the %wpa_supplicant process in still in use.
2451 */
2452int wpa_supplicant_run(struct wpa_global *global)
2453{
2454 struct wpa_supplicant *wpa_s;
2455
2456 if (global->params.daemonize &&
2457 wpa_supplicant_daemon(global->params.pid_file))
2458 return -1;
2459
2460 if (global->params.wait_for_monitor) {
2461 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2462 if (wpa_s->ctrl_iface)
2463 wpa_supplicant_ctrl_iface_wait(
2464 wpa_s->ctrl_iface);
2465 }
2466
2467 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL);
2468 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL);
2469
2470 eloop_run();
2471
2472 return 0;
2473}
2474
2475
2476/**
2477 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2478 * @global: Pointer to global data from wpa_supplicant_init()
2479 *
2480 * This function is called to deinitialize %wpa_supplicant and to free all
2481 * allocated resources. Remaining network interfaces will also be removed.
2482 */
2483void wpa_supplicant_deinit(struct wpa_global *global)
2484{
ac305589
JM		 2485 int i;
2486
6fc6879b
JM		 2487 if (global == NULL)
2488 return;
2489
2490 while (global->ifaces)
2491 wpa_supplicant_remove_iface(global, global->ifaces);
2492
2493 if (global->ctrl_iface)
2494 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2495 if (global->dbus_ctrl_iface)
2496 wpa_supplicant_dbus_ctrl_iface_deinit(global->dbus_ctrl_iface);
2497
2498 eap_peer_unregister_methods();
3ec97afe
JM		 2499#ifdef CONFIG_AP
2500 eap_server_unregister_methods();
2501#endif /* CONFIG_AP */
6fc6879b 2502
c5121837 2503 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 2504 if (!global->drv_priv[i])
2505 continue;
c5121837 2506 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 2507 }
2508 os_free(global->drv_priv);
2509
6fc6879b
JM		 2510 eloop_destroy();
2511
2512 if (global->params.pid_file) {
2513 os_daemonize_terminate(global->params.pid_file);
2514 os_free(global->params.pid_file);
2515 }
2516 os_free(global->params.ctrl_interface);
2517
2518 os_free(global);
daa70d49 2519 wpa_debug_close_syslog();
6fc6879b
JM		 2520 wpa_debug_close_file();
2521}
Unnamed repository; edit this file 'description' to name the repository.