]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
HT: Remove SMPS in AP mode
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
cc58a357 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
cfde99a8 39#include "common/ieee802_11_common.h"
90973fb2 40#include "common/ieee802_11_defs.h"
6b8b0774 41#include "common/hw_features_common.h"
461d39af 42#include "common/gas_server.h"
10ec6a5f 43#include "common/dpp.h"
72044390 44#include "p2p/p2p.h"
b36a3a65 45#include "fst/fst.h"
6fc6879b
JM		 46#include "blacklist.h"
47#include "wpas_glue.h"
116654ce 48#include "wps_supplicant.h"
11ef8d35 49#include "ibss_rsn.h"
c2a04078 50#include "sme.h"
04ea7b79 51#include "gas_query.h"
1f1b62a0 52#include "ap.h"
b22128ef 53#include "p2p_supplicant.h"
9675ce35 54#include "wifi_display.h"
8bac466b 55#include "notify.h"
60b94c98 56#include "bgscan.h"
7c865c68 57#include "autoscan.h"
83922c2d 58#include "bss.h"
9ba9fa07 59#include "scan.h"
24f6497c 60#include "offchannel.h"
cb418324 61#include "hs20_supplicant.h"
e27d20bb 62#include "wnm_sta.h"
dd10abcc 63#include "wpas_kay.h"
603a3f34 64#include "mesh.h"
be27e185 65#include "dpp_supplicant.h"
a39b040b
SB		 66#ifdef CONFIG_MESH
67#include "ap/ap_config.h"
68#include "ap/hostapd.h"
69#endif /* CONFIG_MESH */
6fc6879b 70
8b423edb 71const char *const wpa_supplicant_version =
6fc6879b 72"wpa_supplicant v" VERSION_STR "\n"
cc58a357 73"Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 74
8b423edb 75const char *const wpa_supplicant_license =
331f89ff
JM		 76"This software may be distributed under the terms of the BSD license.\n"
77"See README for more details.\n"
6fc6879b
JM		 78#ifdef EAP_TLS_OPENSSL
79"\nThis product includes software developed by the OpenSSL Project\n"
80"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81#endif /* EAP_TLS_OPENSSL */
82;
83
84#ifndef CONFIG_NO_STDOUT_DEBUG
85/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 86const char *const wpa_supplicant_full_license1 =
331f89ff 87"";
8b423edb 88const char *const wpa_supplicant_full_license2 =
331f89ff 89"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 90"\n"
91"Redistribution and use in source and binary forms, with or without\n"
92"modification, are permitted provided that the following conditions are\n"
93"met:\n"
94"\n";
8b423edb 95const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 96"1. Redistributions of source code must retain the above copyright\n"
97" notice, this list of conditions and the following disclaimer.\n"
98"\n"
99"2. Redistributions in binary form must reproduce the above copyright\n"
100" notice, this list of conditions and the following disclaimer in the\n"
101" documentation and/or other materials provided with the distribution.\n"
102"\n";
8b423edb 103const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 104"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105" names of its contributors may be used to endorse or promote products\n"
106" derived from this software without specific prior written permission.\n"
107"\n"
108"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 112const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 113"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120"\n";
121#endif /* CONFIG_NO_STDOUT_DEBUG */
122
b04854ce
AP		 123
124static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 125#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 128#ifdef CONFIG_OWE
129static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130#endif /* CONFIG_OWE */
b04854ce
AP		 131
132
6fc6879b 133/* Configure default/group WEP keys for static WEP */
0194fedb 134int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 135{
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
0382097e 143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 144 i, i == ssid->wep_tx_keyidx, NULL, 0,
a919a260
AW		 145 ssid->wep_key[i], ssid->wep_key_len[i],
146 i == ssid->wep_tx_keyidx ?
147 KEY_FLAG_GROUP_RX_TX_DEFAULT :
148 KEY_FLAG_GROUP_RX_TX);
6fc6879b
JM		 149 }
150
151 return set;
152}
153
154
6ea1f413
JM		 155int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
156 struct wpa_ssid *ssid)
6fc6879b
JM		 157{
158 u8 key[32];
159 size_t keylen;
71934751 160 enum wpa_alg alg;
6fc6879b 161 u8 seq[6] = { 0 };
658da804 162 int ret;
6fc6879b
JM		 163
164 /* IBSS/WPA-None uses only one key (Group) for both receiving and
165 * sending unicast and multicast packets. */
166
d7dcba70 167 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
169 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 170 return -1;
171 }
172
173 if (!ssid->psk_set) {
f049052b
BG		 174 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
175 "WPA-None");
6fc6879b
JM		 176 return -1;
177 }
178
179 switch (wpa_s->group_cipher) {
180 case WPA_CIPHER_CCMP:
181 os_memcpy(key, ssid->psk, 16);
182 keylen = 16;
183 alg = WPA_ALG_CCMP;
184 break;
eb7719ff
JM		 185 case WPA_CIPHER_GCMP:
186 os_memcpy(key, ssid->psk, 16);
187 keylen = 16;
188 alg = WPA_ALG_GCMP;
189 break;
6fc6879b
JM		 190 case WPA_CIPHER_TKIP:
191 /* WPA-None uses the same Michael MIC key for both TX and RX */
192 os_memcpy(key, ssid->psk, 16 + 8);
193 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
194 keylen = 32;
195 alg = WPA_ALG_TKIP;
196 break;
197 default:
f049052b
BG		 198 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
199 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 200 return -1;
201 }
202
203 /* TODO: should actually remember the previously used seq#, both for TX
204 * and RX from each STA.. */
205
a919a260
AW		 206 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
207 KEY_FLAG_GROUP_RX_TX_DEFAULT);
658da804
JM		 208 os_memset(key, 0, sizeof(key));
209 return ret;
6fc6879b
JM		 210}
211
212
213static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
214{
215 struct wpa_supplicant *wpa_s = eloop_ctx;
216 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 217 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
218 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
219 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 220 bssid = wpa_s->pending_bssid;
221 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
222 MAC2STR(bssid));
223 wpa_blacklist_add(wpa_s, bssid);
224 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 225 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 226 wpa_s->reassociate = 1;
48b84f18
BG		 227
228 /*
229 * If we timed out, the AP or the local radio may be busy.
230 * So, wait a second until scanning again.
231 */
232 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 233}
234
235
236/**
237 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
238 * @wpa_s: Pointer to wpa_supplicant data
239 * @sec: Number of seconds after which to time out authentication
240 * @usec: Number of microseconds after which to time out authentication
241 *
242 * This function is used to schedule a timeout for the current authentication
243 * attempt.
244 */
245void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
246 int sec, int usec)
247{
a2a535f8 248 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 249 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 250 return;
251
f049052b 252 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 253 "%d usec", sec, usec);
254 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 255 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 256 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
257}
258
259
37547ad6
DL		 260/*
261 * wpas_auth_timeout_restart - Restart and change timeout for authentication
262 * @wpa_s: Pointer to wpa_supplicant data
263 * @sec_diff: difference in seconds applied to original timeout value
264 */
265void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
266{
267 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
268
269 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
270 wpa_dbg(wpa_s, MSG_DEBUG,
271 "Authentication timeout restart: %d sec", new_sec);
272 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
273 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
274 wpa_s, NULL);
275 }
276}
277
278
6fc6879b
JM		 279/**
280 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
281 * @wpa_s: Pointer to wpa_supplicant data
282 *
283 * This function is used to cancel authentication timeout scheduled with
284 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
285 * been completed.
286 */
287void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
288{
f049052b 289 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 290 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
291 wpa_blacklist_del(wpa_s, wpa_s->bssid);
af835d75
AB		 292 os_free(wpa_s->last_con_fail_realm);
293 wpa_s->last_con_fail_realm = NULL;
294 wpa_s->last_con_fail_realm_len = 0;
6fc6879b
JM		 295}
296
297
298/**
299 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
300 * @wpa_s: Pointer to wpa_supplicant data
301 *
302 * This function is used to configure EAPOL state machine based on the selected
303 * authentication mode.
304 */
305void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
306{
307#ifdef IEEE8021X_EAPOL
308 struct eapol_config eapol_conf;
309 struct wpa_ssid *ssid = wpa_s->current_ssid;
310
53895c3b 311#ifdef CONFIG_IBSS_RSN
d7dcba70 312 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 313 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
314 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
315 /*
316 * RSN IBSS authentication is per-STA and we can disable the
317 * per-BSSID EAPOL authentication.
318 */
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
321 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
322 return;
323 }
324#endif /* CONFIG_IBSS_RSN */
325
0a40ec6a
JM		 326 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
328
6fc6879b
JM		 329 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
330 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
331 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
332 else
333 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
334
335 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
337 eapol_conf.accept_802_1x_keys = 1;
338 eapol_conf.required_keys = 0;
339 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
340 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
341 }
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
343 eapol_conf.required_keys |=
344 EAPOL_REQUIRE_KEY_BROADCAST;
345 }
346
a2a535f8 347 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 348 eapol_conf.required_keys = 0;
6fc6879b 349 }
a2a535f8 350 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 351 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 352 eapol_conf.eap_disabled =
353 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 354 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
355 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 356 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 357
358#ifdef CONFIG_WPS
359 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
360 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
361 if (wpa_s->current_bss) {
362 struct wpabuf *ie;
363 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
364 WPS_IE_VENDOR_TYPE);
365 if (ie) {
366 if (wps_is_20(ie))
367 eapol_conf.wps |=
368 EAPOL_PEER_IS_WPS20_AP;
369 wpabuf_free(ie);
370 }
371 }
372 }
373#endif /* CONFIG_WPS */
374
6fc6879b 375 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 376
ad51731a
SD		 377#ifdef CONFIG_MACSEC
378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
379 ieee802_1x_create_preshared_mka(wpa_s, ssid);
380 else
381 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
382#endif /* CONFIG_MACSEC */
cd3153a9 383#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 384}
385
386
387/**
388 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
389 * @wpa_s: Pointer to wpa_supplicant data
390 * @ssid: Configuration data for the network
391 *
392 * This function is used to configure WPA state machine and related parameters
393 * to a mode where WPA is not enabled. This is called as part of the
394 * authentication configuration when the selected network does not use WPA.
395 */
396void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
397 struct wpa_ssid *ssid)
398{
399 int i;
400
ad08c363
JM		 401 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
402 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
403 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 404 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
405 else
406 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
407 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
408 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
146889e3 409 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
6fc6879b 410 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 411 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
412 wpa_s->rsnxe_len = 0;
6fc6879b
JM		 413 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
414 wpa_s->group_cipher = WPA_CIPHER_NONE;
415 wpa_s->mgmt_group_cipher = 0;
416
417 for (i = 0; i < NUM_WEP_KEYS; i++) {
418 if (ssid->wep_key_len[i] > 5) {
419 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
420 wpa_s->group_cipher = WPA_CIPHER_WEP104;
421 break;
422 } else if (ssid->wep_key_len[i] > 0) {
423 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
424 wpa_s->group_cipher = WPA_CIPHER_WEP40;
425 break;
426 }
427 }
428
429 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
431 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
432 wpa_s->pairwise_cipher);
433 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
6fc6879b
JM		 434 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
435 wpa_s->mgmt_group_cipher);
6fc6879b
JM		 436
437 pmksa_cache_clear_current(wpa_s->wpa);
438}
439
440
6979582c 441void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 442{
443 int i;
444 if (wpa_s->hw.modes == NULL)
445 return;
446
447 for (i = 0; i < wpa_s->hw.num_modes; i++) {
448 os_free(wpa_s->hw.modes[i].channels);
449 os_free(wpa_s->hw.modes[i].rates);
450 }
451
452 os_free(wpa_s->hw.modes);
453 wpa_s->hw.modes = NULL;
454}
455
456
19677b77 457void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
dd599908
AS		 458{
459 struct wpa_bss_tmp_disallowed *bss, *prev;
460
461 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
462 struct wpa_bss_tmp_disallowed, list) {
b04854ce 463 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 464 dl_list_del(&bss->list);
465 os_free(bss);
466 }
467}
468
469
5732b770
JM		 470void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
471{
472 struct fils_hlp_req *req;
473
474 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
475 list)) != NULL) {
476 dl_list_del(&req->list);
477 wpabuf_free(req->pkt);
478 os_free(req);
479 }
480}
481
482
ad2f0966
JM		 483void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
484{
485 struct wpa_supplicant *wpa_s = eloop_ctx;
486
487 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
488 return;
489 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
490 wpa_bss_flush(wpa_s);
491}
492
493
6c570193
JM		 494#ifdef CONFIG_TESTING_OPTIONS
495void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
496{
497 struct driver_signal_override *dso;
498
499 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
500 struct driver_signal_override, list))) {
501 dl_list_del(&dso->list);
502 os_free(dso);
503 }
504}
505#endif /* CONFIG_TESTING_OPTIONS */
506
507
6fc6879b
JM		 508static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
509{
86bd36f0
JM		 510 int i;
511
60b94c98 512 bgscan_deinit(wpa_s);
7c865c68 513 autoscan_deinit(wpa_s);
6fc6879b
JM		 514 scard_deinit(wpa_s->scard);
515 wpa_s->scard = NULL;
516 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
517 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
518 l2_packet_deinit(wpa_s->l2);
519 wpa_s->l2 = NULL;
520 if (wpa_s->l2_br) {
521 l2_packet_deinit(wpa_s->l2_br);
522 wpa_s->l2_br = NULL;
523 }
4a6cc862
JM		 524#ifdef CONFIG_TESTING_OPTIONS
525 l2_packet_deinit(wpa_s->l2_test);
526 wpa_s->l2_test = NULL;
c06fca04
JM		 527 os_free(wpa_s->get_pref_freq_list_override);
528 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 529 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
530 wpa_s->last_assoc_req_wpa_ie = NULL;
b834e970
JM		 531 os_free(wpa_s->extra_sae_rejected_groups);
532 wpa_s->extra_sae_rejected_groups = NULL;
13256553
JM		 533 wpabuf_free(wpa_s->rsnxe_override_assoc);
534 wpa_s->rsnxe_override_assoc = NULL;
535 wpabuf_free(wpa_s->rsnxe_override_eapol);
536 wpa_s->rsnxe_override_eapol = NULL;
6c570193 537 wpas_clear_driver_signal_override(wpa_s);
4a6cc862 538#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 539
6fc6879b 540 if (wpa_s->conf != NULL) {
8e56d189
JM		 541 struct wpa_ssid *ssid;
542 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
543 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 544 }
545
546 os_free(wpa_s->confname);
547 wpa_s->confname = NULL;
548
e6304cad
DS		 549 os_free(wpa_s->confanother);
550 wpa_s->confanother = NULL;
551
af835d75
AB		 552 os_free(wpa_s->last_con_fail_realm);
553 wpa_s->last_con_fail_realm = NULL;
554 wpa_s->last_con_fail_realm_len = 0;
555
6fc6879b
JM		 556 wpa_sm_set_eapol(wpa_s->wpa, NULL);
557 eapol_sm_deinit(wpa_s->eapol);
558 wpa_s->eapol = NULL;
559
560 rsn_preauth_deinit(wpa_s->wpa);
561
281ff0aa
GP		 562#ifdef CONFIG_TDLS
563 wpa_tdls_deinit(wpa_s->wpa);
564#endif /* CONFIG_TDLS */
565
8c42b369 566 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 567 pmksa_candidate_free(wpa_s->wpa);
568 wpa_sm_deinit(wpa_s->wpa);
569 wpa_s->wpa = NULL;
570 wpa_blacklist_clear(wpa_s);
571
83922c2d 572 wpa_bss_deinit(wpa_s);
6fc6879b 573
831770bf 574 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 575 wpa_supplicant_cancel_scan(wpa_s);
576 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 577 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
578#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
579 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
580 wpa_s, NULL);
581#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 582
9bd566a3 583 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
ad2f0966 584 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
9bd566a3 585
116654ce 586 wpas_wps_deinit(wpa_s);
11ef8d35 587
1ff73338
JM		 588 wpabuf_free(wpa_s->pending_eapol_rx);
589 wpa_s->pending_eapol_rx = NULL;
590
11ef8d35
JM		 591#ifdef CONFIG_IBSS_RSN
592 ibss_rsn_deinit(wpa_s->ibss_rsn);
593 wpa_s->ibss_rsn = NULL;
594#endif /* CONFIG_IBSS_RSN */
c2a04078 595
e29853bb 596 sme_deinit(wpa_s);
2d5b792d
JM		 597
598#ifdef CONFIG_AP
599 wpa_supplicant_ap_deinit(wpa_s);
600#endif /* CONFIG_AP */
b22128ef 601
b22128ef 602 wpas_p2p_deinit(wpa_s);
f47d639d 603
24f6497c
JM		 604#ifdef CONFIG_OFFCHANNEL
605 offchannel_deinit(wpa_s);
606#endif /* CONFIG_OFFCHANNEL */
607
a4cba8f1
LC		 608 wpa_supplicant_cancel_sched_scan(wpa_s);
609
f47d639d
JM		 610 os_free(wpa_s->next_scan_freqs);
611 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 612
613 os_free(wpa_s->manual_scan_freqs);
614 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 615 os_free(wpa_s->select_network_scan_freqs);
616 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 617
d3c9c35f
DS		 618 os_free(wpa_s->manual_sched_scan_freqs);
619 wpa_s->manual_sched_scan_freqs = NULL;
620
56c76fa5
IP		 621 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
622
57e832de
IP		 623 /*
624 * Need to remove any pending gas-query radio work before the
625 * gas_query_deinit() call because gas_query::work has not yet been set
626 * for works that have not been started. gas_query_free() will be unable
627 * to cancel such pending radio works and once the pending gas-query
628 * radio work eventually gets removed, the deinit notification call to
629 * gas_query_start_cb() would result in dereferencing freed memory.
630 */
631 if (wpa_s->radio)
632 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 633 gas_query_deinit(wpa_s->gas);
634 wpa_s->gas = NULL;
461d39af
JM		 635 gas_server_deinit(wpa_s->gas_server);
636 wpa_s->gas_server = NULL;
6bf731e8
CL		 637
638 free_hw_features(wpa_s);
d445a5cd 639
dd10abcc
HW		 640 ieee802_1x_dealloc_kay_sm(wpa_s);
641
d445a5cd
JM		 642 os_free(wpa_s->bssid_filter);
643 wpa_s->bssid_filter = NULL;
b6668734 644
6407f413
JM		 645 os_free(wpa_s->disallow_aps_bssid);
646 wpa_s->disallow_aps_bssid = NULL;
647 os_free(wpa_s->disallow_aps_ssid);
648 wpa_s->disallow_aps_ssid = NULL;
649
b6668734 650 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 651#ifdef CONFIG_WNM
652 wnm_deallocate_memory(wpa_s);
653#endif /* CONFIG_WNM */
306ae225
JM		 654
655 ext_password_deinit(wpa_s->ext_pw);
656 wpa_s->ext_pw = NULL;
b1f12296
JM		 657
658 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 659 wpa_s->last_gas_resp = NULL;
660 wpabuf_free(wpa_s->prev_gas_resp);
661 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 662
663 os_free(wpa_s->last_scan_res);
664 wpa_s->last_scan_res = NULL;
b572df86
JM		 665
666#ifdef CONFIG_HS20
ece4ac5f
MG		 667 if (wpa_s->drv_priv)
668 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 669 hs20_deinit(wpa_s);
b572df86 670#endif /* CONFIG_HS20 */
86bd36f0
JM		 671
672 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
673 wpabuf_free(wpa_s->vendor_elem[i]);
674 wpa_s->vendor_elem[i] = NULL;
675 }
3882a708
JM		 676
677 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 678
679 wpa_s->sched_scan_plans_num = 0;
680 os_free(wpa_s->sched_scan_plans);
681 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 682
683#ifdef CONFIG_MBO
684 wpa_s->non_pref_chan_num = 0;
685 os_free(wpa_s->non_pref_chan);
686 wpa_s->non_pref_chan = NULL;
687#endif /* CONFIG_MBO */
dd599908
AS		 688
689 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 690
691 wpabuf_free(wpa_s->lci);
692 wpa_s->lci = NULL;
76196ddb 693 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 694
695#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
696#ifdef CONFIG_MESH
697 {
698 struct external_pmksa_cache *entry;
699
700 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
701 struct external_pmksa_cache,
702 list)) != NULL) {
703 dl_list_del(&entry->list);
704 os_free(entry->pmksa_cache);
705 os_free(entry);
706 }
707 }
708#endif /* CONFIG_MESH */
709#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 710
711 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 712
713 wpabuf_free(wpa_s->ric_ies);
714 wpa_s->ric_ies = NULL;
be27e185
JM		 715
716#ifdef CONFIG_DPP
717 wpas_dpp_deinit(wpa_s);
87d8435c
JM		 718 dpp_global_deinit(wpa_s->dpp);
719 wpa_s->dpp = NULL;
be27e185 720#endif /* CONFIG_DPP */
6fc6879b
JM		 721}
722
723
724/**
725 * wpa_clear_keys - Clear keys configured for the driver
726 * @wpa_s: Pointer to wpa_supplicant data
727 * @addr: Previously used BSSID or %NULL if not available
728 *
729 * This function clears the encryption keys that has been previously configured
730 * for the driver.
731 */
732void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
733{
7d2ed8ba 734 int i, max = 6;
2f30cac3
JM		 735
736 /* MLME-DELETEKEYS.request */
737 for (i = 0; i < max; i++) {
738 if (wpa_s->keys_cleared & BIT(i))
739 continue;
740 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
a919a260 741 NULL, 0, KEY_FLAG_GROUP);
2f30cac3
JM		 742 }
743 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
744 !is_zero_ether_addr(addr)) {
6fc6879b 745 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
a919a260 746 0, KEY_FLAG_PAIRWISE);
6fc6879b
JM		 747 /* MLME-SETPROTECTION.request(None) */
748 wpa_drv_mlme_setprotection(
749 wpa_s, addr,
750 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
751 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
752 }
2f30cac3 753 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 754}
755
756
757/**
758 * wpa_supplicant_state_txt - Get the connection state name as a text string
759 * @state: State (wpa_state; WPA_*)
760 * Returns: The state name as a printable text string
761 */
71934751 762const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 763{
764 switch (state) {
765 case WPA_DISCONNECTED:
766 return "DISCONNECTED";
767 case WPA_INACTIVE:
768 return "INACTIVE";
8401a6b0
JM		 769 case WPA_INTERFACE_DISABLED:
770 return "INTERFACE_DISABLED";
6fc6879b
JM		 771 case WPA_SCANNING:
772 return "SCANNING";
c2a04078
JM		 773 case WPA_AUTHENTICATING:
774 return "AUTHENTICATING";
6fc6879b
JM		 775 case WPA_ASSOCIATING:
776 return "ASSOCIATING";
777 case WPA_ASSOCIATED:
778 return "ASSOCIATED";
779 case WPA_4WAY_HANDSHAKE:
780 return "4WAY_HANDSHAKE";
781 case WPA_GROUP_HANDSHAKE:
782 return "GROUP_HANDSHAKE";
783 case WPA_COMPLETED:
784 return "COMPLETED";
785 default:
786 return "UNKNOWN";
787 }
788}
789
790
cfe53c9a
PS		 791#ifdef CONFIG_BGSCAN
792
793static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
794{
31392709
HD		 795 const char *name;
796
797 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
798 name = wpa_s->current_ssid->bgscan;
799 else
800 name = wpa_s->conf->bgscan;
268043d5 801 if (name == NULL || name[0] == '\0')
31392709 802 return;
0096c427
JM		 803 if (wpas_driver_bss_selection(wpa_s))
804 return;
cfe53c9a
PS		 805 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
806 return;
aa109830
DS		 807#ifdef CONFIG_P2P
808 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
809 return;
810#endif /* CONFIG_P2P */
cfe53c9a
PS		 811
812 bgscan_deinit(wpa_s);
31392709
HD		 813 if (wpa_s->current_ssid) {
814 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
816 "bgscan");
817 /*
818 * Live without bgscan; it is only used as a roaming
819 * optimization, so the initial connection is not
820 * affected.
821 */
6409b7a7
YD		 822 } else {
823 struct wpa_scan_results *scan_res;
cfe53c9a 824 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 825 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
826 0);
827 if (scan_res) {
828 bgscan_notify_scan(wpa_s, scan_res);
829 wpa_scan_results_free(scan_res);
830 }
831 }
cfe53c9a
PS		 832 } else
833 wpa_s->bgscan_ssid = NULL;
834}
835
836
837static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
838{
839 if (wpa_s->bgscan_ssid != NULL) {
840 bgscan_deinit(wpa_s);
841 wpa_s->bgscan_ssid = NULL;
842 }
843}
844
845#endif /* CONFIG_BGSCAN */
846
847
7c865c68
TB		 848static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
849{
99218999 850 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 851 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
852}
853
854
855static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
856{
857 autoscan_deinit(wpa_s);
858}
859
860
c3d12238
JM		 861void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
862{
863 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
864 wpa_s->wpa_state == WPA_SCANNING) {
865 autoscan_deinit(wpa_s);
866 wpa_supplicant_start_autoscan(wpa_s);
867 }
868}
869
870
6fc6879b
JM		 871/**
872 * wpa_supplicant_set_state - Set current connection state
873 * @wpa_s: Pointer to wpa_supplicant data
874 * @state: The new connection state
875 *
876 * This function is called whenever the connection state changes, e.g.,
877 * association is completed for WPA/WPA2 4-Way Handshake is started.
878 */
71934751
JM		 879void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
880 enum wpa_states state)
6fc6879b 881{
27f43d8d 882 enum wpa_states old_state = wpa_s->wpa_state;
a8bfc6ff
AB		 883#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
884 Boolean update_fils_connect_params = FALSE;
885#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
27f43d8d 886
f049052b
BG		 887 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
888 wpa_supplicant_state_txt(wpa_s->wpa_state),
889 wpa_supplicant_state_txt(state));
6fc6879b 890
2bbad1c7
MW		 891 if (state == WPA_COMPLETED &&
892 os_reltime_initialized(&wpa_s->roam_start)) {
893 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
894 wpa_s->roam_start.sec = 0;
895 wpa_s->roam_start.usec = 0;
896 wpas_notify_auth_changed(wpa_s);
897 wpas_notify_roam_time(wpa_s);
898 wpas_notify_roam_complete(wpa_s);
899 } else if (state == WPA_DISCONNECTED &&
900 os_reltime_initialized(&wpa_s->roam_start)) {
901 wpa_s->roam_start.sec = 0;
902 wpa_s->roam_start.usec = 0;
903 wpa_s->roam_time.sec = 0;
904 wpa_s->roam_time.usec = 0;
905 wpas_notify_roam_complete(wpa_s);
906 }
907
5ddd07cb
AS		 908 if (state == WPA_INTERFACE_DISABLED) {
909 /* Assure normal scan when interface is restored */
910 wpa_s->normal_scans = 0;
911 }
912
0cf24fda 913 if (state == WPA_COMPLETED) {
6ac4b15e 914 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 915 /* Reinitialize normal_scan counter */
916 wpa_s->normal_scans = 0;
917 }
6ac4b15e 918
07c1e987
MS		 919#ifdef CONFIG_P2P
920 /*
921 * P2PS client has to reply to Probe Request frames received on the
922 * group operating channel. Enable Probe Request frame reporting for
923 * P2P connected client in case p2p_cli_probe configuration property is
924 * set to 1.
925 */
926 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
927 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
928 wpa_s->current_ssid->p2p_group) {
929 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
930 wpa_dbg(wpa_s, MSG_DEBUG,
931 "P2P: Enable CLI Probe Request RX reporting");
932 wpa_s->p2p_cli_probe =
933 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
934 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
935 wpa_dbg(wpa_s, MSG_DEBUG,
936 "P2P: Disable CLI Probe Request RX reporting");
937 wpa_s->p2p_cli_probe = 0;
938 wpa_drv_probe_req_report(wpa_s, 0);
939 }
940 }
941#endif /* CONFIG_P2P */
942
cb8564b1
DW		 943 if (state != WPA_SCANNING)
944 wpa_supplicant_notify_scanning(wpa_s, 0);
945
6fc6879b 946 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 947 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 948 int fils_hlp_sent = 0;
949
950#ifdef CONFIG_SME
951 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
952 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
953 fils_hlp_sent = 1;
954#endif /* CONFIG_SME */
955 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
956 wpa_auth_alg_fils(wpa_s->auth_alg))
957 fils_hlp_sent = 1;
958
7d37a357 959#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 960 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 961 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 962 MAC2STR(wpa_s->bssid),
6fc6879b 963 ssid ? ssid->id : -1,
da6a28ba
VK		 964 ssid && ssid->id_str ? ssid->id_str : "",
965 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 966#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 967 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 968 wpa_blacklist_clear(wpa_s);
f1a52633 969 wpa_s->extra_blacklist_count = 0;
6fc6879b 970 wpa_s->new_connection = 0;
6fc6879b 971 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 972#ifndef IEEE8021X_EAPOL
973 wpa_drv_set_supp_port(wpa_s, 1);
974#endif /* IEEE8021X_EAPOL */
17a4734d 975 wpa_s->after_wps = 0;
4d9fb08d 976 wpa_s->known_wps_freq = 0;
b22128ef 977 wpas_p2p_completed(wpa_s);
c3701c66
RM		 978
979 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 980
981#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
982 if (!fils_hlp_sent && ssid && ssid->eap.erp)
a8bfc6ff 983 update_fils_connect_params = TRUE;
6338c99e 984#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 985#ifdef CONFIG_OWE
986 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
987 wpas_update_owe_connect_params(wpa_s);
988#endif /* CONFIG_OWE */
6fc6879b
JM		 989 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
990 state == WPA_ASSOCIATED) {
991 wpa_s->new_connection = 1;
992 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 993#ifndef IEEE8021X_EAPOL
994 wpa_drv_set_supp_port(wpa_s, 0);
995#endif /* IEEE8021X_EAPOL */
c3701c66 996 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 997 }
998 wpa_s->wpa_state = state;
27f43d8d 999
cfe53c9a
PS		 1000#ifdef CONFIG_BGSCAN
1001 if (state == WPA_COMPLETED)
1002 wpa_supplicant_start_bgscan(wpa_s);
37271232 1003 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 1004 wpa_supplicant_stop_bgscan(wpa_s);
1005#endif /* CONFIG_BGSCAN */
1006
bce3d4f7 1007 if (state > WPA_SCANNING)
7c865c68
TB		 1008 wpa_supplicant_stop_autoscan(wpa_s);
1009
1010 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1011 wpa_supplicant_start_autoscan(wpa_s);
1012
fecc2bb5
EP		 1013 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1014 wmm_ac_notify_disassoc(wpa_s);
1015
5bbf9f10 1016 if (wpa_s->wpa_state != old_state) {
27f43d8d 1017 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 1018
e3bd6e9d
IP		 1019 /*
1020 * Notify the P2P Device interface about a state change in one
1021 * of the interfaces.
1022 */
1023 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 1024
5bbf9f10
PS		 1025 if (wpa_s->wpa_state == WPA_COMPLETED ||
1026 old_state == WPA_COMPLETED)
1027 wpas_notify_auth_changed(wpa_s);
16ef233b
JM		 1028#ifdef CONFIG_DPP2
1029 if (wpa_s->wpa_state == WPA_COMPLETED)
1030 wpas_dpp_connected(wpa_s);
1031#endif /* CONFIG_DPP2 */
5bbf9f10 1032 }
a8bfc6ff
AB		 1033#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1034 if (update_fils_connect_params)
1035 wpas_update_fils_connect_params(wpa_s);
1036#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 1037}
1038
1039
1a1bf008
JM		 1040void wpa_supplicant_terminate_proc(struct wpa_global *global)
1041{
1042 int pending = 0;
1043#ifdef CONFIG_WPS
1044 struct wpa_supplicant *wpa_s = global->ifaces;
1045 while (wpa_s) {
ab41595f 1046 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 1047 if (wpas_wps_terminate_pending(wpa_s) == 1)
1048 pending = 1;
20625e97
JM		 1049#ifdef CONFIG_P2P
1050 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1051 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1052 wpas_p2p_disconnect(wpa_s);
1053#endif /* CONFIG_P2P */
ab41595f 1054 wpa_s = next;
1a1bf008
JM		 1055 }
1056#endif /* CONFIG_WPS */
1057 if (pending)
1058 return;
1059 eloop_terminate();
1060}
1061
1062
0456ea16 1063static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 1064{
0456ea16 1065 struct wpa_global *global = signal_ctx;
1a1bf008 1066 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1067}
1068
1069
b22128ef 1070void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 1071{
71934751 1072 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 1073
6fc6879b
JM		 1074 wpa_s->pairwise_cipher = 0;
1075 wpa_s->group_cipher = 0;
1076 wpa_s->mgmt_group_cipher = 0;
1077 wpa_s->key_mgmt = 0;
8401a6b0 1078 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1079 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1080
1081 if (wpa_s->wpa_state != old_state)
1082 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1083}
1084
1085
1086/**
1087 * wpa_supplicant_reload_configuration - Reload configuration data
1088 * @wpa_s: Pointer to wpa_supplicant data
1089 * Returns: 0 on success or -1 if configuration parsing failed
1090 *
1091 * This function can be used to request that the configuration data is reloaded
1092 * (e.g., after configuration file change). This function is reloading
1093 * configuration only for one interface, so this may need to be called multiple
1094 * times if %wpa_supplicant is controlling multiple interfaces and all
1095 * interfaces need reconfiguration.
1096 */
1097int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1098{
1099 struct wpa_config *conf;
1100 int reconf_ctrl;
8bac466b
JM		 1101 int old_ap_scan;
1102
6fc6879b
JM		 1103 if (wpa_s->confname == NULL)
1104 return -1;
e6304cad 1105 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1106 if (conf == NULL) {
1107 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1108 "file '%s' - exiting", wpa_s->confname);
1109 return -1;
1110 }
3bd35b68
JM		 1111 if (wpa_s->confanother &&
1112 !wpa_config_read(wpa_s->confanother, conf)) {
1113 wpa_msg(wpa_s, MSG_ERROR,
1114 "Failed to parse the configuration file '%s' - exiting",
1115 wpa_s->confanother);
1116 return -1;
1117 }
e6304cad 1118
611aea7d 1119 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1120
1121 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1122 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1123 os_strcmp(conf->ctrl_interface,
1124 wpa_s->conf->ctrl_interface) != 0);
1125
1126 if (reconf_ctrl && wpa_s->ctrl_iface) {
1127 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1128 wpa_s->ctrl_iface = NULL;
1129 }
1130
1131 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1132 if (wpa_s->current_ssid) {
e66bcedd
JM		 1133 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1134 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1135 wpa_supplicant_deauthenticate(wpa_s,
1136 WLAN_REASON_DEAUTH_LEAVING);
1137 }
8bac466b 1138
6fc6879b
JM		 1139 /*
1140 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1141 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1142 */
a1ea1b45 1143 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1144 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1145 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1146 /*
1147 * Clear forced success to clear EAP state for next
1148 * authentication.
1149 */
1150 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1151 }
1152 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1153 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1154 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1155 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1156 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1157
1158 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1159 wpa_config_free(wpa_s->conf);
1160 wpa_s->conf = conf;
8bac466b
JM		 1161 if (old_ap_scan != wpa_s->conf->ap_scan)
1162 wpas_notify_ap_scan_changed(wpa_s);
1163
6fc6879b
JM		 1164 if (reconf_ctrl)
1165 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1166
611aea7d
JM		 1167 wpa_supplicant_update_config(wpa_s);
1168
6fc6879b 1169 wpa_supplicant_clear_status(wpa_s);
349493bd 1170 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1171 wpa_s->reassociate = 1;
1172 wpa_supplicant_req_scan(wpa_s, 0, 0);
1173 }
f049052b 1174 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1175 return 0;
1176}
1177
1178
0456ea16 1179static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1180{
0456ea16 1181 struct wpa_global *global = signal_ctx;
6fc6879b 1182 struct wpa_supplicant *wpa_s;
6fc6879b 1183 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1184 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1185 sig);
6fc6879b 1186 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1187 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1188 }
1189 }
1248e584
LR		 1190
1191 if (wpa_debug_reopen_file() < 0) {
1192 /* Ignore errors since we cannot really do much to fix this */
1193 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1194 }
6fc6879b
JM		 1195}
1196
1197
6fc6879b
JM		 1198static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1199 struct wpa_ssid *ssid,
1200 struct wpa_ie_data *ie)
1201{
1202 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1203 if (ret) {
1204 if (ret == -2) {
1205 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1206 "from association info");
1207 }
1208 return -1;
1209 }
1210
f049052b
BG		 1211 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1212 "cipher suites");
6fc6879b
JM		 1213 if (!(ie->group_cipher & ssid->group_cipher)) {
1214 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1215 "cipher 0x%x (mask 0x%x) - reject",
1216 ie->group_cipher, ssid->group_cipher);
1217 return -1;
1218 }
1219 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1220 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1221 "cipher 0x%x (mask 0x%x) - reject",
1222 ie->pairwise_cipher, ssid->pairwise_cipher);
1223 return -1;
1224 }
1225 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1226 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1227 "management 0x%x (mask 0x%x) - reject",
1228 ie->key_mgmt, ssid->key_mgmt);
1229 return -1;
1230 }
1231
0b60b0aa 1232 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1233 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1234 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1235 "that does not support management frame protection - "
1236 "reject");
1237 return -1;
1238 }
6fc6879b
JM		 1239
1240 return 0;
1241}
1242
1243
2c129a1b
LD		 1244static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1245 int freq)
1246{
1247 if (!ie->has_group)
1248 ie->group_cipher = wpa_default_rsn_cipher(freq);
1249 if (!ie->has_pairwise)
1250 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1251 return (ie->group_cipher & ssid->group_cipher) &&
1252 (ie->pairwise_cipher & ssid->pairwise_cipher);
1253}
1254
1255
6fc6879b
JM		 1256/**
1257 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1258 * @wpa_s: Pointer to wpa_supplicant data
1259 * @bss: Scan results for the selected BSS, or %NULL if not available
1260 * @ssid: Configuration data for the selected network
1261 * @wpa_ie: Buffer for the WPA/RSN IE
1262 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1263 * used buffer length in case the functions returns success.
1264 * Returns: 0 on success or -1 on failure
1265 *
1266 * This function is used to configure authentication and encryption parameters
1267 * based on the network configuration and scan result for the selected BSS (if
1268 * available).
1269 */
1270int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1271 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1272 u8 *wpa_ie, size_t *wpa_ie_len)
1273{
1274 struct wpa_ie_data ie;
e36a5894 1275 int sel, proto, sae_pwe;
146889e3 1276 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
6fc6879b
JM		 1277
1278 if (bss) {
6fa81a3b
JM		 1279 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1280 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
146889e3 1281 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
df0f01d9 1282 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
146889e3
JM		 1283 } else {
1284 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1285 }
6fc6879b
JM		 1286
1287 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1288 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
2c129a1b 1289 matching_ciphers(ssid, &ie, bss->freq) &&
6fc6879b 1290 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1291 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1292 proto = WPA_PROTO_RSN;
1293 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1294 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1295 (ie.group_cipher & ssid->group_cipher) &&
1296 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1297 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1298 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1299 proto = WPA_PROTO_WPA;
df0f01d9 1300#ifdef CONFIG_HS20
dc673aec
JM		 1301 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1302 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1303 (ie.group_cipher & ssid->group_cipher) &&
1304 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1305 (ie.key_mgmt & ssid->key_mgmt)) {
df0f01d9 1306 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
df0f01d9 1307 proto = WPA_PROTO_OSEN;
f5a60216
JM		 1308 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1309 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1310 (ie.group_cipher & ssid->group_cipher) &&
1311 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1312 (ie.key_mgmt & ssid->key_mgmt)) {
1313 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1314 proto = WPA_PROTO_RSN;
df0f01d9 1315#endif /* CONFIG_HS20 */
6fc6879b
JM		 1316 } else if (bss) {
1317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1318 wpa_dbg(wpa_s, MSG_DEBUG,
1319 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1320 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1321 ssid->key_mgmt);
1322 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1323 MAC2STR(bss->bssid),
1324 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1325 bss_wpa ? " WPA" : "",
1326 bss_rsn ? " RSN" : "",
1327 bss_osen ? " OSEN" : "");
1328 if (bss_rsn) {
1329 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1330 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1331 wpa_dbg(wpa_s, MSG_DEBUG,
1332 "Could not parse RSN element");
1333 } else {
1334 wpa_dbg(wpa_s, MSG_DEBUG,
1335 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1336 ie.pairwise_cipher, ie.group_cipher,
1337 ie.key_mgmt);
1338 }
1339 }
1340 if (bss_wpa) {
1341 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1342 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1343 wpa_dbg(wpa_s, MSG_DEBUG,
1344 "Could not parse WPA element");
1345 } else {
1346 wpa_dbg(wpa_s, MSG_DEBUG,
1347 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1348 ie.pairwise_cipher, ie.group_cipher,
1349 ie.key_mgmt);
1350 }
1351 }
6fc6879b
JM		 1352 return -1;
1353 } else {
df0f01d9
JM		 1354 if (ssid->proto & WPA_PROTO_OSEN)
1355 proto = WPA_PROTO_OSEN;
1356 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1357 proto = WPA_PROTO_RSN;
1358 else
1359 proto = WPA_PROTO_WPA;
1360 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1361 os_memset(&ie, 0, sizeof(ie));
1362 ie.group_cipher = ssid->group_cipher;
1363 ie.pairwise_cipher = ssid->pairwise_cipher;
1364 ie.key_mgmt = ssid->key_mgmt;
61a56c14
JM		 1365 ie.mgmt_group_cipher = 0;
1366 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1367 if (ssid->group_mgmt_cipher &
1368 WPA_CIPHER_BIP_GMAC_256)
1369 ie.mgmt_group_cipher =
1370 WPA_CIPHER_BIP_GMAC_256;
1371 else if (ssid->group_mgmt_cipher &
1372 WPA_CIPHER_BIP_CMAC_256)
1373 ie.mgmt_group_cipher =
1374 WPA_CIPHER_BIP_CMAC_256;
1375 else if (ssid->group_mgmt_cipher &
1376 WPA_CIPHER_BIP_GMAC_128)
1377 ie.mgmt_group_cipher =
1378 WPA_CIPHER_BIP_GMAC_128;
1379 else
1380 ie.mgmt_group_cipher =
1381 WPA_CIPHER_AES_128_CMAC;
1382 }
c1790a5f
JM		 1383#ifdef CONFIG_OWE
1384 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1385 !ssid->owe_only &&
1386 !bss_wpa && !bss_rsn && !bss_osen) {
1387 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1388 wpa_s->wpa_proto = 0;
9f8d459d 1389 *wpa_ie_len = 0;
c1790a5f
JM		 1390 return 0;
1391 }
1392#endif /* CONFIG_OWE */
f049052b
BG		 1393 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1394 "based on configuration");
6fc6879b
JM		 1395 } else
1396 proto = ie.proto;
1397 }
1398
f049052b
BG		 1399 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1400 "pairwise %d key_mgmt %d proto %d",
1401 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b 1402 if (ssid->ieee80211w) {
f049052b
BG		 1403 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1404 ie.mgmt_group_cipher);
6fc6879b 1405 }
6fc6879b 1406
64fa840a 1407 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1408 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1409 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1410 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1411
1412 if (bss || !wpa_s->ap_ies_from_associnfo) {
1413 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1414 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1415 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
146889e3
JM		 1416 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1417 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1418 bss_rsnx ? 2 + bss_rsnx[1] : 0))
6fc6879b
JM		 1419 return -1;
1420 }
1421
9e68742e
JM		 1422#ifdef CONFIG_NO_WPA
1423 wpa_s->group_cipher = WPA_CIPHER_NONE;
1424 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1425#else /* CONFIG_NO_WPA */
6fc6879b 1426 sel = ie.group_cipher & ssid->group_cipher;
853bd19f
JM		 1427 wpa_dbg(wpa_s, MSG_DEBUG,
1428 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1429 ie.group_cipher, ssid->group_cipher, sel);
edbd2a19
JM		 1430 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1431 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1432 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1433 "cipher");
6fc6879b
JM		 1434 return -1;
1435 }
edbd2a19
JM		 1436 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1437 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1438
1439 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
853bd19f
JM		 1440 wpa_dbg(wpa_s, MSG_DEBUG,
1441 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1442 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
edbd2a19
JM		 1443 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1444 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1445 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1446 "cipher");
6fc6879b
JM		 1447 return -1;
1448 }
edbd2a19
JM		 1449 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1450 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1451#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1452
1453 sel = ie.key_mgmt & ssid->key_mgmt;
853bd19f
JM		 1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1456 ie.key_mgmt, ssid->key_mgmt, sel);
c10347f2
JM		 1457#ifdef CONFIG_SAE
1458 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1459 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1460#endif /* CONFIG_SAE */
23dc196f
MW		 1461#ifdef CONFIG_IEEE80211R
1462 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1463 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1464 sel &= ~WPA_KEY_MGMT_FT;
1465#endif /* CONFIG_IEEE80211R */
6fc6879b 1466 if (0) {
6d77014e
JM		 1467#ifdef CONFIG_IEEE80211R
1468#ifdef CONFIG_SHA384
dd0153fc
MW		 1469 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1470 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6d77014e
JM		 1471 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1472 wpa_dbg(wpa_s, MSG_DEBUG,
1473 "WPA: using KEY_MGMT FT/802.1X-SHA384");
9083ef13
JM		 1474 if (!ssid->ft_eap_pmksa_caching &&
1475 pmksa_cache_get_current(wpa_s->wpa)) {
1476 /* PMKSA caching with FT may have interoperability
1477 * issues, so disable that case by default for now. */
6d77014e
JM		 1478 wpa_dbg(wpa_s, MSG_DEBUG,
1479 "WPA: Disable PMKSA caching for FT/802.1X connection");
1480 pmksa_cache_clear_current(wpa_s->wpa);
1481 }
1482#endif /* CONFIG_SHA384 */
1483#endif /* CONFIG_IEEE80211R */
5e3b5197
JM		 1484#ifdef CONFIG_SUITEB192
1485 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1486 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1487 wpa_dbg(wpa_s, MSG_DEBUG,
1488 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1489#endif /* CONFIG_SUITEB192 */
1490#ifdef CONFIG_SUITEB
666497c8
JM		 1491 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1492 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1493 wpa_dbg(wpa_s, MSG_DEBUG,
1494 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1495#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1496#ifdef CONFIG_FILS
1497#ifdef CONFIG_IEEE80211R
1498 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1499 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1500 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1501 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1502 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1503 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1504#endif /* CONFIG_IEEE80211R */
1505 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1506 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1507 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1508 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1509 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1510 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1511#endif /* CONFIG_FILS */
6fc6879b 1512#ifdef CONFIG_IEEE80211R
dd0153fc
MW		 1513 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1514 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6fc6879b 1515 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1516 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
9083ef13
JM		 1517 if (!ssid->ft_eap_pmksa_caching &&
1518 pmksa_cache_get_current(wpa_s->wpa)) {
1519 /* PMKSA caching with FT may have interoperability
1520 * issues, so disable that case by default for now. */
833bb2ab
JM		 1521 wpa_dbg(wpa_s, MSG_DEBUG,
1522 "WPA: Disable PMKSA caching for FT/802.1X connection");
1523 pmksa_cache_clear_current(wpa_s->wpa);
1524 }
6fc6879b 1525#endif /* CONFIG_IEEE80211R */
dd6c5980
JM		 1526#ifdef CONFIG_DPP
1527 } else if (sel & WPA_KEY_MGMT_DPP) {
1528 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1529 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1530#endif /* CONFIG_DPP */
c10347f2 1531#ifdef CONFIG_SAE
c10347f2
JM		 1532 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1533 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1534 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
76fd782a
JM		 1535 } else if (sel & WPA_KEY_MGMT_SAE) {
1536 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1537 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
c10347f2 1538#endif /* CONFIG_SAE */
9af1eea3
JM		 1539#ifdef CONFIG_IEEE80211R
1540 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1541 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1542 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1543#endif /* CONFIG_IEEE80211R */
56586197
JM		 1544 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1545 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1546 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1547 "WPA: using KEY_MGMT 802.1X with SHA256");
1548 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1549 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1550 wpa_dbg(wpa_s, MSG_DEBUG,
56586197 1551 "WPA: using KEY_MGMT PSK with SHA256");
6fc6879b
JM		 1552 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1553 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1554 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1555 } else if (sel & WPA_KEY_MGMT_PSK) {
1556 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1557 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1558 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1559 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1560 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1561#ifdef CONFIG_HS20
1562 } else if (sel & WPA_KEY_MGMT_OSEN) {
1563 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1564 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1565#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1566#ifdef CONFIG_OWE
1567 } else if (sel & WPA_KEY_MGMT_OWE) {
1568 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1569 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1570#endif /* CONFIG_OWE */
6fc6879b 1571 } else {
f049052b
BG		 1572 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1573 "authenticated key management type");
6fc6879b
JM		 1574 return -1;
1575 }
1576
1577 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1578 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1579 wpa_s->pairwise_cipher);
1580 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1581
ae05b6a2
JM		 1582 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1583 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1584 wpa_msg(wpa_s, MSG_INFO,
1585 "RSN: Management frame protection required but the selected AP does not enable it");
1586 return -1;
1587 }
1588
6fc6879b 1589 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1590 if (ssid->group_mgmt_cipher)
1591 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1592 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1593 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b 1594 sel = 0;
853bd19f
JM		 1595 wpa_dbg(wpa_s, MSG_DEBUG,
1596 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1597 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
6fc6879b
JM		 1598 if (sel & WPA_CIPHER_AES_128_CMAC) {
1599 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1600 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1601 "AES-128-CMAC");
8dd9f9cd
JM		 1602 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1603 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1604 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1605 "BIP-GMAC-128");
1606 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1607 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1608 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1609 "BIP-GMAC-256");
1610 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1611 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1612 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1613 "BIP-CMAC-256");
6fc6879b
JM		 1614 } else {
1615 wpa_s->mgmt_group_cipher = 0;
f049052b 1616 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1617 }
1618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1619 wpa_s->mgmt_group_cipher);
62d49803 1620 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1621 wpas_get_ssid_pmf(wpa_s, ssid));
55c12f5d
MV		 1622#ifdef CONFIG_OCV
1623 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1624#endif /* CONFIG_OCV */
e36a5894 1625 sae_pwe = wpa_s->conf->sae_pwe;
641d79f1 1626 if (ssid->sae_password_id && sae_pwe != 3)
e36a5894
JM		 1627 sae_pwe = 1;
1628 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
6fc6879b
JM		 1629
1630 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1631 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1632 return -1;
1633 }
1634
6d6c8877
JM		 1635 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1636 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1637 &wpa_s->rsnxe_len)) {
1638 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1639 return -1;
1640 }
1641
dd6c5980
JM		 1642 if (0) {
1643#ifdef CONFIG_DPP
1644 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1645 /* Use PMK from DPP network introduction (PMKSA entry) */
1646 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1647#endif /* CONFIG_DPP */
1648 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1649 int psk_set = 0;
06b1a104 1650 int sae_only;
a52410c2 1651
06b1a104
JM		 1652 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1653 WPA_KEY_MGMT_FT_PSK |
1654 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1655
1656 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1657 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1658 ssid->psk, PMK_LEN);
70c93963
MH		 1659 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1660 NULL);
a52410c2
JM		 1661 psk_set = 1;
1662 }
a34ca59e 1663
06b1a104
JM		 1664 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1665 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1666 psk_set = 1;
1667
7d232e23
ZC		 1668#ifndef CONFIG_NO_PBKDF2
1669 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1670 ssid->passphrase && !sae_only) {
7d232e23 1671 u8 psk[PMK_LEN];
986de33d
JM		 1672 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1673 4096, psk, PMK_LEN);
7d232e23
ZC		 1674 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1675 psk, PMK_LEN);
70c93963 1676 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1677 psk_set = 1;
e886c88e 1678 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1679 }
1680#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1681#ifdef CONFIG_EXT_PASSWORD
06b1a104 1682 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1683 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1684 ssid->ext_psk);
1685 char pw_str[64 + 1];
1686 u8 psk[PMK_LEN];
1687
1688 if (pw == NULL) {
1689 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1690 "found from external storage");
1691 return -1;
1692 }
1693
1694 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1695 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1696 "PSK length %d in external storage",
1697 (int) wpabuf_len(pw));
1698 ext_password_free(pw);
1699 return -1;
1700 }
1701
1702 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1703 pw_str[wpabuf_len(pw)] = '\0';
1704
1705#ifndef CONFIG_NO_PBKDF2
1706 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1707 {
986de33d
JM		 1708 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1709 4096, psk, PMK_LEN);
9173b16f
JM		 1710 os_memset(pw_str, 0, sizeof(pw_str));
1711 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1712 "external passphrase)",
1713 psk, PMK_LEN);
70c93963
MH		 1714 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1715 NULL);
a52410c2 1716 psk_set = 1;
e886c88e 1717 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1718 } else
1719#endif /* CONFIG_NO_PBKDF2 */
1720 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1721 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1722 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1723 "Invalid PSK hex string");
1724 os_memset(pw_str, 0, sizeof(pw_str));
1725 ext_password_free(pw);
1726 return -1;
1727 }
66dbc8d9
JM		 1728 wpa_hexdump_key(MSG_MSGDUMP,
1729 "PSK (from external PSK)",
1730 psk, PMK_LEN);
70c93963
MH		 1731 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1732 NULL);
a52410c2 1733 psk_set = 1;
e886c88e 1734 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1735 } else {
1736 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1737 "PSK available");
1738 os_memset(pw_str, 0, sizeof(pw_str));
1739 ext_password_free(pw);
1740 return -1;
1741 }
1742
1743 os_memset(pw_str, 0, sizeof(pw_str));
1744 ext_password_free(pw);
1745 }
1746#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1747
1748 if (!psk_set) {
1749 wpa_msg(wpa_s, MSG_INFO,
1750 "No PSK available for association");
06b1a104 1751 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1752 return -1;
1753 }
675112df
JM		 1754#ifdef CONFIG_OWE
1755 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1756 /* OWE Diffie-Hellman exchange in (Re)Association
1757 * Request/Response frames set the PMK, so do not override it
1758 * here. */
1759#endif /* CONFIG_OWE */
7d232e23 1760 } else
6fc6879b
JM		 1761 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1762
1763 return 0;
1764}
1765
1766
8cd6b7bc 1767static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1768{
8cd6b7bc 1769 *pos = 0x00;
03e47c9c 1770
8cd6b7bc
JB		 1771 switch (idx) {
1772 case 0: /* Bits 0-7 */
1773 break;
1774 case 1: /* Bits 8-15 */
d514b502
JM		 1775 if (wpa_s->conf->coloc_intf_reporting) {
1776 /* Bit 13 - Collocated Interference Reporting */
1777 *pos |= 0x20;
1778 }
8cd6b7bc
JB		 1779 break;
1780 case 2: /* Bits 16-23 */
1781#ifdef CONFIG_WNM
1782 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2e06cef8 1783 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
ef59f987 1784 *pos |= 0x08; /* Bit 19 - BSS Transition */
8cd6b7bc
JB		 1785#endif /* CONFIG_WNM */
1786 break;
1787 case 3: /* Bits 24-31 */
1788#ifdef CONFIG_WNM
1789 *pos |= 0x02; /* Bit 25 - SSID List */
1790#endif /* CONFIG_WNM */
03e47c9c 1791#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1792 if (wpa_s->conf->interworking)
1793 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1794#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1795 break;
1796 case 4: /* Bits 32-39 */
56f5af48 1797#ifdef CONFIG_INTERWORKING
1e1245bc 1798 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
429dd9af 1799 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1800#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1801 break;
1802 case 5: /* Bits 40-47 */
95a3ea94
JM		 1803#ifdef CONFIG_HS20
1804 if (wpa_s->conf->hs20)
1805 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1806#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1807#ifdef CONFIG_MBO
1808 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1809#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1810 break;
1811 case 6: /* Bits 48-55 */
1812 break;
d1723c55
LD		 1813 case 7: /* Bits 56-63 */
1814 break;
1815 case 8: /* Bits 64-71 */
1816 if (wpa_s->conf->ftm_responder)
1817 *pos |= 0x40; /* Bit 70 - FTM responder */
1818 if (wpa_s->conf->ftm_initiator)
1819 *pos |= 0x80; /* Bit 71 - FTM initiator */
1820 break;
e4d2ce1b
JM		 1821 case 9: /* Bits 72-79 */
1822#ifdef CONFIG_FILS
d98038bb 1823 if (!wpa_s->disable_fils)
1824 *pos |= 0x01;
e4d2ce1b
JM		 1825#endif /* CONFIG_FILS */
1826 break;
8cd6b7bc
JB		 1827 }
1828}
03e47c9c 1829
03e47c9c 1830
0bbaa9b9 1831int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1832{
1833 u8 *pos = buf;
e4d2ce1b 1834 u8 len = 10, i;
8cd6b7bc
JB		 1835
1836 if (len < wpa_s->extended_capa_len)
1837 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1838 if (buflen < (size_t) len + 2) {
1839 wpa_printf(MSG_INFO,
1840 "Not enough room for building extended capabilities element");
1841 return -1;
1842 }
03e47c9c
JM		 1843
1844 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1845 *pos++ = len;
1846 for (i = 0; i < len; i++, pos++) {
1847 wpas_ext_capab_byte(wpa_s, pos, i);
1848
1849 if (i < wpa_s->extended_capa_len) {
1850 *pos &= ~wpa_s->extended_capa_mask[i];
1851 *pos |= wpa_s->extended_capa[i];
1852 }
1853 }
03e47c9c 1854
3db5439a
JM		 1855 while (len > 0 && buf[1 + len] == 0) {
1856 len--;
1857 buf[1] = len;
1858 }
1859 if (len == 0)
1860 return 0;
1861
1862 return 2 + len;
03e47c9c
JM		 1863}
1864
1865
6ac4b15e
JM		 1866static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1867 struct wpa_bss *test_bss)
1868{
1869 struct wpa_bss *bss;
1870
1871 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1872 if (bss == test_bss)
1873 return 1;
1874 }
1875
1876 return 0;
1877}
1878
1879
1880static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1881 struct wpa_ssid *test_ssid)
1882{
1883 struct wpa_ssid *ssid;
1884
1885 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1886 if (ssid == test_ssid)
1887 return 1;
1888 }
1889
1890 return 0;
1891}
1892
1893
1894int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1895 struct wpa_ssid *test_ssid)
1896{
1897 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1898 return 0;
1899
1900 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1901}
1902
1903
1904void wpas_connect_work_free(struct wpa_connect_work *cwork)
1905{
1906 if (cwork == NULL)
1907 return;
1908 os_free(cwork);
1909}
1910
1911
1912void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1913{
1914 struct wpa_connect_work *cwork;
1915 struct wpa_radio_work *work = wpa_s->connect_work;
1916
1917 if (!work)
1918 return;
1919
1920 wpa_s->connect_work = NULL;
1921 cwork = work->ctx;
1922 work->ctx = NULL;
1923 wpas_connect_work_free(cwork);
1924 radio_work_done(work);
1925}
1926
1927
a313d17d 1928int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1929{
1930 struct os_reltime now;
1931 u8 addr[ETH_ALEN];
1932
1933 os_get_reltime(&now);
a313d17d
JM		 1934 if (wpa_s->last_mac_addr_style == style &&
1935 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1936 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1937 wpa_s->conf->rand_addr_lifetime)) {
1938 wpa_msg(wpa_s, MSG_DEBUG,
1939 "Previously selected random MAC address has not yet expired");
1940 return 0;
1941 }
1942
a313d17d
JM		 1943 switch (style) {
1944 case 1:
1945 if (random_mac_addr(addr) < 0)
1946 return -1;
1947 break;
1948 case 2:
1949 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1950 if (random_mac_addr_keep_oui(addr) < 0)
1951 return -1;
1952 break;
1953 default:
c267753b 1954 return -1;
a313d17d 1955 }
c267753b
JM		 1956
1957 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1958 wpa_msg(wpa_s, MSG_INFO,
1959 "Failed to set random MAC address");
1960 return -1;
1961 }
1962
1963 os_get_reltime(&wpa_s->last_mac_addr_change);
1964 wpa_s->mac_addr_changed = 1;
a313d17d 1965 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1966
1967 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1968 wpa_msg(wpa_s, MSG_INFO,
1969 "Could not update MAC address information");
1970 return -1;
1971 }
1972
1973 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1974 MAC2STR(addr));
1975
1976 return 0;
1977}
1978
1979
1980int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1981{
1982 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1983 !wpa_s->conf->preassoc_mac_addr)
1984 return 0;
1985
a313d17d 1986 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1987}
1988
1989
05a2fb0d
JM		 1990static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
1991{
1992#ifdef CONFIG_SAE
1993 int *groups = conf->sae_groups;
1994 int default_groups[] = { 19, 20, 21, 0 };
1995 const char *password;
1996
1997 if (!groups || groups[0] <= 0)
1998 groups = default_groups;
1999
2000 password = ssid->sae_password;
2001 if (!password)
2002 password = ssid->passphrase;
2003
641d79f1
JM		 2004 if ((conf->sae_pwe == 0 && !ssid->sae_password_id) || !password ||
2005 conf->sae_pwe == 3) {
05a2fb0d
JM		 2006 /* PT derivation not needed */
2007 sae_deinit_pt(ssid->pt);
2008 ssid->pt = NULL;
2009 return;
2010 }
2011
2012 if (ssid->pt)
2013 return; /* PT already derived */
2014 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2015 (const u8 *) password, os_strlen(password),
2016 ssid->sae_password_id);
2017#endif /* CONFIG_SAE */
2018}
2019
2020
b834e970
JM		 2021static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2022{
2023#if defined(CONFIG_SAE) && defined(CONFIG_SME)
2024 os_free(wpa_s->sme.sae_rejected_groups);
2025 wpa_s->sme.sae_rejected_groups = NULL;
2026#ifdef CONFIG_TESTING_OPTIONS
2027 if (wpa_s->extra_sae_rejected_groups) {
2028 int i, *groups = wpa_s->extra_sae_rejected_groups;
2029
2030 for (i = 0; groups[i]; i++) {
2031 wpa_printf(MSG_DEBUG,
2032 "TESTING: Indicate rejection of an extra SAE group %d",
2033 groups[i]);
2034 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2035 groups[i]);
2036 }
2037 }
2038#endif /* CONFIG_TESTING_OPTIONS */
2039#endif /* CONFIG_SAE && CONFIG_SME */
2040}
2041
2042
6ac4b15e
JM		 2043static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2044
6fc6879b
JM		 2045/**
2046 * wpa_supplicant_associate - Request association
2047 * @wpa_s: Pointer to wpa_supplicant data
2048 * @bss: Scan results for the selected BSS, or %NULL if not available
2049 * @ssid: Configuration data for the selected network
2050 *
2051 * This function is used to request %wpa_supplicant to associate with a BSS.
2052 */
2053void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 2054 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 2055{
6ac4b15e 2056 struct wpa_connect_work *cwork;
a313d17d
JM		 2057 int rand_style;
2058
a8412ec9
JM		 2059 wpa_s->own_disconnect_req = 0;
2060
e7160bd8
JM		 2061 /*
2062 * If we are starting a new connection, any previously pending EAPOL
2063 * RX cannot be valid anymore.
2064 */
2065 wpabuf_free(wpa_s->pending_eapol_rx);
2066 wpa_s->pending_eapol_rx = NULL;
2067
a313d17d
JM		 2068 if (ssid->mac_addr == -1)
2069 rand_style = wpa_s->conf->mac_addr;
2070 else
2071 rand_style = ssid->mac_addr;
6fc6879b 2072
8c42b369
EP		 2073 wmm_ac_clear_saved_tspecs(wpa_s);
2074 wpa_s->reassoc_same_bss = 0;
6a5ee810 2075 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 2076#ifdef CONFIG_TESTING_OPTIONS
2077 wpa_s->testing_resend_assoc = 0;
2078#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 2079
c267753b
JM		 2080 if (wpa_s->last_ssid == ssid) {
2081 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 2082 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 2083 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2084 wmm_ac_save_tspecs(wpa_s);
2085 wpa_s->reassoc_same_bss = 1;
2bbad1c7
MW		 2086 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2087 os_get_reltime(&wpa_s->roam_start);
8c42b369 2088 }
05a2fb0d
JM		 2089 } else {
2090#ifdef CONFIG_SAE
b834e970 2091 wpa_s_clear_sae_rejected(wpa_s);
05a2fb0d
JM		 2092 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2093#endif /* CONFIG_SAE */
5d30f927
BR		 2094 }
2095
2096 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 2097 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 2098 return;
2099 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 2100 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 2101 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2102 wpa_msg(wpa_s, MSG_INFO,
2103 "Could not restore permanent MAC address");
2104 return;
2105 }
2106 wpa_s->mac_addr_changed = 0;
2107 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2108 wpa_msg(wpa_s, MSG_INFO,
2109 "Could not update MAC address information");
2110 return;
2111 }
2112 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2113 }
2114 wpa_s->last_ssid = ssid;
2115
78177a00
JM		 2116#ifdef CONFIG_IBSS_RSN
2117 ibss_rsn_deinit(wpa_s->ibss_rsn);
2118 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 2119#else /* CONFIG_IBSS_RSN */
2120 if (ssid->mode == WPAS_MODE_IBSS &&
2121 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2122 wpa_msg(wpa_s, MSG_INFO,
2123 "IBSS RSN not supported in the build");
2124 return;
2125 }
78177a00
JM		 2126#endif /* CONFIG_IBSS_RSN */
2127
2c5d725c
JM		 2128 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2129 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 2130#ifdef CONFIG_AP
2131 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 2132 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2133 "mode");
1581b38b
JM		 2134 return;
2135 }
8c981d17
DW		 2136 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2137 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 2138 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2139 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 2140 return;
2141 }
8f770587 2142 wpa_s->current_bss = bss;
1581b38b 2143#else /* CONFIG_AP */
f049052b
BG		 2144 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2145 "the build");
1581b38b
JM		 2146#endif /* CONFIG_AP */
2147 return;
2148 }
2149
603a3f34
JL		 2150 if (ssid->mode == WPAS_MODE_MESH) {
2151#ifdef CONFIG_MESH
2152 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2153 wpa_msg(wpa_s, MSG_INFO,
2154 "Driver does not support mesh mode");
2155 return;
2156 }
2157 if (bss)
2158 ssid->frequency = bss->freq;
2159 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2160 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2161 return;
2162 }
2163 wpa_s->current_bss = bss;
6174de66
JM		 2164 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2165 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2166 ssid->id);
89e9cd25 2167 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 2168#else /* CONFIG_MESH */
2169 wpa_msg(wpa_s, MSG_ERROR,
2170 "mesh mode support not included in the build");
2171#endif /* CONFIG_MESH */
2172 return;
2173 }
2174
2efc6720
JM		 2175 /*
2176 * Set WPA state machine configuration to match the selected network now
2177 * so that the information is available before wpas_start_assoc_cb()
2178 * gets called. This is needed at least for RSN pre-authentication where
2179 * candidate APs are added to a list based on scan result processing
2180 * before completion of the first association.
2181 */
2182 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2183
a0d5c56f
JM		 2184#ifdef CONFIG_DPP
2185 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2186 return;
2187#endif /* CONFIG_DPP */
2188
52c9e6f3 2189#ifdef CONFIG_TDLS
95cb2d88
JM		 2190 if (bss)
2191 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2192 bss->ie_len);
52c9e6f3
JM		 2193#endif /* CONFIG_TDLS */
2194
2e06cef8
VK		 2195#ifdef CONFIG_MBO
2196 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2197#endif /* CONFIG_MBO */
2198
5cc4d64b 2199 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
f74618cb 2200 ssid->mode == WPAS_MODE_INFRA) {
c2a04078
JM		 2201 sme_authenticate(wpa_s, bss, ssid);
2202 return;
2203 }
2204
6ac4b15e
JM		 2205 if (wpa_s->connect_work) {
2206 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2207 return;
2208 }
2209
f0e30c84
JM		 2210 if (radio_work_pending(wpa_s, "connect")) {
2211 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2212 return;
2213 }
2214
a1836de6
JM		 2215#ifdef CONFIG_SME
2216 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2217 /* Clear possibly set auth_alg, if any, from last attempt. */
2218 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2219 }
2220#endif /* CONFIG_SME */
2221
4ead7cfd
KV		 2222 wpas_abort_ongoing_scan(wpa_s);
2223
6ac4b15e
JM		 2224 cwork = os_zalloc(sizeof(*cwork));
2225 if (cwork == NULL)
2226 return;
2227
2228 cwork->bss = bss;
2229 cwork->ssid = ssid;
2230
2231 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2232 wpas_start_assoc_cb, cwork) < 0) {
2233 os_free(cwork);
2234 }
2235}
2236
2237
98479dc9
JD		 2238static int bss_is_ibss(struct wpa_bss *bss)
2239{
2240 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2241 IEEE80211_CAP_IBSS;
2242}
2243
2244
a65efbfb
PO		 2245static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2246 const struct wpa_ssid *ssid)
2247{
2248 enum hostapd_hw_mode hw_mode;
2249 struct hostapd_hw_modes *mode = NULL;
2250 u8 channel;
2251 int i;
2252
a65efbfb
PO		 2253 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2254 if (hw_mode == NUM_HOSTAPD_MODES)
2255 return 0;
2256 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2257 if (wpa_s->hw.modes[i].mode == hw_mode) {
2258 mode = &wpa_s->hw.modes[i];
2259 break;
2260 }
2261 }
2262
2263 if (!mode)
2264 return 0;
2265
2266 return mode->vht_capab != 0;
2267}
2268
2269
54fe48b9
JM		 2270void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2271 const struct wpa_ssid *ssid,
2272 struct hostapd_freq_params *freq)
1830817e 2273{
3459c54a 2274 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
1830817e
JD		 2275 enum hostapd_hw_mode hw_mode;
2276 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2277 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2278 184, 192 };
563ee183 2279 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2280 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2281 u8 channel;
98479dc9 2282 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2283 unsigned int j, k;
563ee183 2284 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2285 int chwidth, seg0, seg1;
2286 u32 vht_caps = 0;
6e711e7a 2287 int is_24ghz;
1830817e
JD		 2288
2289 freq->freq = ssid->frequency;
2290
98479dc9
JD		 2291 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2292 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2293
2294 if (ssid->mode != WPAS_MODE_IBSS)
2295 break;
2296
2297 /* Don't adjust control freq in case of fixed_freq */
2298 if (ssid->fixed_freq)
2299 break;
2300
2301 if (!bss_is_ibss(bss))
2302 continue;
2303
2304 if (ssid->ssid_len == bss->ssid_len &&
2305 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2306 wpa_printf(MSG_DEBUG,
2307 "IBSS already found in scan results, adjust control freq: %d",
2308 bss->freq);
2309 freq->freq = bss->freq;
2310 obss_scan = 0;
2311 break;
2312 }
2313 }
2314
1830817e
JD		 2315 /* For IBSS check HT_IBSS flag */
2316 if (ssid->mode == WPAS_MODE_IBSS &&
2317 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2318 return;
2319
d9a9bc04
JD		 2320 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2321 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2322 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2323 wpa_printf(MSG_DEBUG,
2324 "IBSS: WEP/TKIP detected, do not try to enable HT");
2325 return;
2326 }
2327
98479dc9 2328 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2329 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2330 if (wpa_s->hw.modes[i].mode == hw_mode) {
2331 mode = &wpa_s->hw.modes[i];
2332 break;
2333 }
2334 }
2335
2336 if (!mode)
2337 return;
2338
6e711e7a
SE		 2339 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2340 hw_mode == HOSTAPD_MODE_IEEE80211B;
3459c54a 2341
3388e7b9
MH		 2342#ifdef CONFIG_HT_OVERRIDES
2343 if (ssid->disable_ht) {
2344 freq->ht_enabled = 0;
2345 return;
2346 }
2347#endif /* CONFIG_HT_OVERRIDES */
2348
1830817e 2349 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2350 if (!freq->ht_enabled)
2351 return;
2352
6e711e7a
SE		 2353 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2354 if (is_24ghz)
2355 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2356
6b8b0774
JD		 2357 /* Setup higher BW only for 5 GHz */
2358 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2359 return;
2360
2361 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2362 pri_chan = &mode->channels[chan_idx];
2363 if (pri_chan->chan == channel)
2364 break;
2365 pri_chan = NULL;
2366 }
2367 if (!pri_chan)
2368 return;
2369
2370 /* Check primary channel flags */
2371 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2372 return;
2373
e5a9b1e8
PO		 2374 freq->channel = pri_chan->chan;
2375
05aed438 2376#ifdef CONFIG_HT_OVERRIDES
e5a9b1e8
PO		 2377 if (ssid->disable_ht40) {
2378 if (ssid->disable_vht)
2379 return;
2380 goto skip_ht40;
2381 }
05aed438
MH		 2382#endif /* CONFIG_HT_OVERRIDES */
2383
6b8b0774
JD		 2384 /* Check/setup HT40+/HT40- */
2385 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2386 if (ht40plus[j] == channel) {
2387 ht40 = 1;
2388 break;
2389 }
2390 }
2391
2392 /* Find secondary channel */
2393 for (i = 0; i < mode->num_channels; i++) {
2394 sec_chan = &mode->channels[i];
2395 if (sec_chan->chan == channel + ht40 * 4)
2396 break;
2397 sec_chan = NULL;
2398 }
2399 if (!sec_chan)
2400 return;
2401
2402 /* Check secondary channel flags */
2403 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2404 return;
2405
ecba4509 2406 if (ht40 == -1) {
6b8b0774
JD		 2407 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2408 return;
ecba4509 2409 } else {
6b8b0774
JD		 2410 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2411 return;
6b8b0774 2412 }
ecba4509 2413 freq->sec_channel_offset = ht40;
6b8b0774 2414
ecba4509 2415 if (obss_scan) {
6b8b0774
JD		 2416 struct wpa_scan_results *scan_res;
2417
2418 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2419 if (scan_res == NULL) {
2420 /* Back to HT20 */
2421 freq->sec_channel_offset = 0;
2422 return;
2423 }
2424
5f9b4afd 2425 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
6b8b0774
JD		 2426 switch (res) {
2427 case 0:
2428 /* Back to HT20 */
2429 freq->sec_channel_offset = 0;
2430 break;
2431 case 1:
2432 /* Configuration allowed */
2433 break;
2434 case 2:
2435 /* Switch pri/sec channels */
2436 freq->freq = hw_get_freq(mode, sec_chan->chan);
2437 freq->sec_channel_offset = -freq->sec_channel_offset;
2438 freq->channel = sec_chan->chan;
2439 break;
2440 default:
2441 freq->sec_channel_offset = 0;
2442 break;
2443 }
2444
2445 wpa_scan_results_free(scan_res);
2446 }
2447
e5a9b1e8
PO		 2448#ifdef CONFIG_HT_OVERRIDES
2449skip_ht40:
2450#endif /* CONFIG_HT_OVERRIDES */
6b8b0774
JD		 2451 wpa_printf(MSG_DEBUG,
2452 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2453 freq->channel, freq->sec_channel_offset);
563ee183 2454
a65efbfb 2455 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2456 return;
2457
2458 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2459 if (ssid->mode == WPAS_MODE_IBSS &&
2460 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2461 return;
2462
2463 vht_freq = *freq;
2464
b301f54e
JM		 2465#ifdef CONFIG_VHT_OVERRIDES
2466 if (ssid->disable_vht) {
2467 freq->vht_enabled = 0;
2468 return;
2469 }
2470#endif /* CONFIG_VHT_OVERRIDES */
2471
563ee183
JD		 2472 vht_freq.vht_enabled = vht_supported(mode);
2473 if (!vht_freq.vht_enabled)
2474 return;
2475
6e711e7a
SE		 2476 /* Enable HE for VHT */
2477 vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2478
563ee183
JD		 2479 /* setup center_freq1, bandwidth */
2480 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2481 if (freq->channel >= vht80[j] &&
2482 freq->channel < vht80[j] + 16)
2483 break;
2484 }
2485
2486 if (j == ARRAY_SIZE(vht80))
2487 return;
2488
2489 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2490 struct hostapd_channel_data *chan;
2491
2492 chan = hw_get_channel_chan(mode, i, NULL);
2493 if (!chan)
2494 return;
2495
2496 /* Back to HT configuration if channel not usable */
2497 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2498 return;
2499 }
2500
464dcfd0 2501 chwidth = CHANWIDTH_80MHZ;
0f29bc68
AK		 2502 seg0 = vht80[j] + 6;
2503 seg1 = 0;
2504
464dcfd0 2505 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
0f29bc68
AK		 2506 /* setup center_freq2, bandwidth */
2507 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2508 /* Only accept 80 MHz segments separated by a gap */
2509 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2510 continue;
2511 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2512 struct hostapd_channel_data *chan;
2513
2514 chan = hw_get_channel_chan(mode, i, NULL);
2515 if (!chan)
2516 continue;
2517
2518 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2519 HOSTAPD_CHAN_NO_IR |
2520 HOSTAPD_CHAN_RADAR))
2521 continue;
2522
2523 /* Found a suitable second segment for 80+80 */
464dcfd0 2524 chwidth = CHANWIDTH_80P80MHZ;
0f29bc68
AK		 2525 vht_caps |=
2526 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2527 seg1 = vht80[k] + 6;
2528 }
2529
464dcfd0 2530 if (chwidth == CHANWIDTH_80P80MHZ)
0f29bc68
AK		 2531 break;
2532 }
464dcfd0 2533 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
331f0774 2534 if (freq->freq == 5180) {
464dcfd0 2535 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2536 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2537 seg0 = 50;
2538 } else if (freq->freq == 5520) {
464dcfd0 2539 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2540 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2541 seg0 = 114;
2542 }
464dcfd0
JC		 2543 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2544 chwidth = CHANWIDTH_USE_HT;
806db174 2545 seg0 = vht80[j] + 2;
e5a9b1e8
PO		 2546#ifdef CONFIG_HT_OVERRIDES
2547 if (ssid->disable_ht40)
2548 seg0 = 0;
2549#endif /* CONFIG_HT_OVERRIDES */
0f29bc68
AK		 2550 }
2551
563ee183 2552 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
bebd91e9
AAL		 2553 freq->channel, ssid->enable_edmg,
2554 ssid->edmg_channel, freq->ht_enabled,
3459c54a 2555 vht_freq.vht_enabled, freq->he_enabled,
563ee183 2556 freq->sec_channel_offset,
3459c54a
SE		 2557 chwidth, seg0, seg1, vht_caps,
2558 &mode->he_capab[ieee80211_mode]) != 0)
563ee183
JD		 2559 return;
2560
2561 *freq = vht_freq;
2562
2563 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2564 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2565}
2566
2567
a38090b1
VK		 2568#ifdef CONFIG_FILS
2569static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2570 size_t ie_buf_len)
2571{
2572 struct fils_hlp_req *req;
2573 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2574 const u8 *pos;
2575 u8 *buf = ie_buf;
2576
2577 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2578 list) {
2579 rem_len = ie_buf_len - ie_len;
2580 pos = wpabuf_head(req->pkt);
2581 hdr_len = 1 + 2 * ETH_ALEN + 6;
2582 hlp_len = wpabuf_len(req->pkt);
2583
2584 if (rem_len < 2 + hdr_len + hlp_len) {
2585 wpa_printf(MSG_ERROR,
2586 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2587 (unsigned long) rem_len,
2588 (unsigned long) (2 + hdr_len + hlp_len));
2589 break;
2590 }
2591
2592 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2593 /* Element ID */
2594 *buf++ = WLAN_EID_EXTENSION;
2595 /* Length */
2596 *buf++ = len;
2597 /* Element ID Extension */
2598 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2599 /* Destination MAC address */
2600 os_memcpy(buf, req->dst, ETH_ALEN);
2601 buf += ETH_ALEN;
2602 /* Source MAC address */
2603 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2604 buf += ETH_ALEN;
2605 /* LLC/SNAP Header */
2606 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2607 buf += 6;
2608 /* HLP Packet */
2609 os_memcpy(buf, pos, len - hdr_len);
2610 buf += len - hdr_len;
2611 pos += len - hdr_len;
2612
2613 hlp_len -= len - hdr_len;
2614 ie_len += 2 + len;
2615 rem_len -= 2 + len;
2616
2617 while (hlp_len) {
2618 len = (hlp_len > 255) ? 255 : hlp_len;
2619 if (rem_len < 2 + len)
2620 break;
2621 *buf++ = WLAN_EID_FRAGMENT;
2622 *buf++ = len;
2623 os_memcpy(buf, pos, len);
2624 buf += len;
2625 pos += len;
2626
2627 hlp_len -= len;
2628 ie_len += 2 + len;
2629 rem_len -= 2 + len;
2630 }
2631 }
2632
2633 return ie_len;
2634}
e4802127
MH		 2635
2636
2637int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2638{
2639 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2640 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2641 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2642 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2643}
2644
2645
2646int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2647{
2648#ifdef CONFIG_FILS_SK_PFS
2649 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2650 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2651#else /* CONFIG_FILS_SK_PFS */
2652 return 0;
2653#endif /* CONFIG_FILS_SK_PFS */
2654}
2655
a38090b1
VK		 2656#endif /* CONFIG_FILS */
2657
2658
d2ba0d71
VK		 2659static u8 * wpas_populate_assoc_ies(
2660 struct wpa_supplicant *wpa_s,
2661 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2662 struct wpa_driver_associate_params *params,
2663 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2664{
1e6780bd 2665 u8 *wpa_ie;
10970465 2666 size_t max_wpa_ie_len = 500;
6ac4b15e 2667 size_t wpa_ie_len;
6ac4b15e 2668 int algs = WPA_AUTH_ALG_OPEN;
077232f6
BL		 2669#ifdef CONFIG_MBO
2670 const u8 *mbo_ie;
2671#endif
eb3234c0
SM		 2672#ifdef CONFIG_SAE
2673 int sae_pmksa_cached = 0;
2674#endif /* CONFIG_SAE */
8b0a6dba
VK		 2675#ifdef CONFIG_FILS
2676 const u8 *realm, *username, *rrk;
2677 size_t realm_len, username_len, rrk_len;
2678 u16 next_seq_num;
b377ec25 2679 struct fils_hlp_req *req;
6fc6879b 2680
b377ec25
VK		 2681 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2682 list) {
2683 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2684 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2685 }
2686#endif /* CONFIG_FILS */
8b0a6dba 2687
1e6780bd
VK		 2688 wpa_ie = os_malloc(max_wpa_ie_len);
2689 if (!wpa_ie) {
2690 wpa_printf(MSG_ERROR,
2691 "Failed to allocate connect IE buffer for %lu bytes",
2692 (unsigned long) max_wpa_ie_len);
d2ba0d71 2693 return NULL;
1e6780bd
VK		 2694 }
2695
6fa81a3b
JM		 2696 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2697 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2698 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2699 int try_opportunistic;
79f3121b
VK		 2700 const u8 *cache_id = NULL;
2701
6e202021
JM		 2702 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2703 wpa_s->conf->okc :
2704 ssid->proactive_key_caching) &&
6fc6879b 2705 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2706#ifdef CONFIG_FILS
2707 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2708 cache_id = wpa_bss_get_fils_cache_id(bss);
2709#endif /* CONFIG_FILS */
6fc6879b 2710 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2711 ssid, try_opportunistic,
eb3234c0 2712 cache_id, 0) == 0) {
ba422613 2713 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
eb3234c0
SM		 2714#ifdef CONFIG_SAE
2715 sae_pmksa_cached = 1;
2716#endif /* CONFIG_SAE */
2717 }
1e6780bd 2718 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2719 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2720 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2721 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2722 "key management and encryption suites");
1e6780bd 2723 os_free(wpa_ie);
d2ba0d71 2724 return NULL;
6fc6879b 2725 }
dc673aec
JM		 2726#ifdef CONFIG_HS20
2727 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2728 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2729 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2730 wpa_ie_len = max_wpa_ie_len;
2731 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2732 wpa_ie, &wpa_ie_len)) {
2733 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2734 "key management and encryption suites");
2735 os_free(wpa_ie);
2736 return NULL;
2737 }
2738#endif /* CONFIG_HS20 */
a3f7e518
JM		 2739 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2740 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2741 /*
2742 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2743 * use non-WPA since the scan results did not indicate that the
2744 * AP is using WPA or WPA2.
2745 */
2746 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2747 wpa_ie_len = 0;
2748 wpa_s->wpa_proto = 0;
0bf927a0 2749 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2750 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2751 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2752 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2753 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2754 "key management and encryption suites (no "
2755 "scan results)");
1e6780bd 2756 os_free(wpa_ie);
d2ba0d71 2757 return NULL;
6fc6879b 2758 }
ad08c363
JM		 2759#ifdef CONFIG_WPS
2760 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2761 struct wpabuf *wps_ie;
2762 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2763 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2764 wpa_ie_len = wpabuf_len(wps_ie);
2765 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2766 } else
2767 wpa_ie_len = 0;
ad08c363
JM		 2768 wpabuf_free(wps_ie);
2769 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2770 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2771 params->wps = WPS_MODE_PRIVACY;
0c80427d 2772 else
d2ba0d71 2773 params->wps = WPS_MODE_OPEN;
cf546f1a 2774 wpa_s->wpa_proto = 0;
ad08c363 2775#endif /* CONFIG_WPS */
6fc6879b
JM		 2776 } else {
2777 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2778 wpa_ie_len = 0;
cf546f1a 2779 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2780 }
2781
b377ec25
VK		 2782#ifdef IEEE8021X_EAPOL
2783 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2784 if (ssid->leap) {
2785 if (ssid->non_leap == 0)
2786 algs = WPA_AUTH_ALG_LEAP;
2787 else
2788 algs |= WPA_AUTH_ALG_LEAP;
2789 }
2790 }
2791
2792#ifdef CONFIG_FILS
2793 /* Clear FILS association */
2794 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2795
2796 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2797 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2798 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2799 &username_len, &realm, &realm_len,
af835d75
AB		 2800 &next_seq_num, &rrk, &rrk_len) == 0 &&
2801 (!wpa_s->last_con_fail_realm ||
2802 wpa_s->last_con_fail_realm_len != realm_len ||
2803 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
b377ec25 2804 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2805 params->fils_erp_username = username;
2806 params->fils_erp_username_len = username_len;
2807 params->fils_erp_realm = realm;
2808 params->fils_erp_realm_len = realm_len;
2809 params->fils_erp_next_seq_num = next_seq_num;
2810 params->fils_erp_rrk = rrk;
2811 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2812
2813 if (mask)
2814 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2815 }
2816#endif /* CONFIG_FILS */
2817#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2818#ifdef CONFIG_SAE
2819 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2820 algs = WPA_AUTH_ALG_SAE;
2821#endif /* CONFIG_SAE */
b377ec25
VK		 2822
2823 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2824 if (ssid->auth_alg) {
2825 algs = ssid->auth_alg;
2826 wpa_dbg(wpa_s, MSG_DEBUG,
2827 "Overriding auth_alg selection: 0x%x", algs);
2828 }
2829
eb3234c0
SM		 2830#ifdef CONFIG_SAE
2831 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2832 wpa_dbg(wpa_s, MSG_DEBUG,
2833 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2834 algs = WPA_AUTH_ALG_OPEN;
2835 }
2836#endif /* CONFIG_SAE */
2837
5f3a6aa0
JM		 2838#ifdef CONFIG_P2P
2839 if (wpa_s->global->p2p) {
2840 u8 *pos;
2841 size_t len;
2842 int res;
5f3a6aa0 2843 pos = wpa_ie + wpa_ie_len;
1e6780bd 2844 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2845 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2846 ssid->p2p_group);
5f3a6aa0
JM		 2847 if (res >= 0)
2848 wpa_ie_len += res;
2849 }
72044390
JM		 2850
2851 wpa_s->cross_connect_disallowed = 0;
2852 if (bss) {
2853 struct wpabuf *p2p;
2854 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2855 if (p2p) {
2856 wpa_s->cross_connect_disallowed =
2857 p2p_get_cross_connect_disallowed(p2p);
2858 wpabuf_free(p2p);
f049052b
BG		 2859 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2860 "connection",
2861 wpa_s->cross_connect_disallowed ?
2862 "disallows" : "allows");
72044390
JM		 2863 }
2864 }
25ef8529
JM		 2865
2866 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2867#endif /* CONFIG_P2P */
2868
5e57ba25 2869 if (bss) {
cb828507 2870 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
065c029a 2871 wpa_ie + wpa_ie_len,
1e6780bd 2872 max_wpa_ie_len -
065c029a 2873 wpa_ie_len);
5e57ba25 2874 }
5e57ba25 2875
8b3b803a
AH		 2876 /*
2877 * Workaround: Add Extended Capabilities element only if the AP
2878 * included this element in Beacon/Probe Response frames. Some older
2879 * APs seem to have interoperability issues if this element is
2880 * included, so while the standard may require us to include the
2881 * element in all cases, it is justifiable to skip it to avoid
2882 * interoperability issues.
2883 */
cc9a2575
KV		 2884 if (ssid->p2p_group)
2885 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2886 else
2887 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2888
8b3b803a 2889 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2890 u8 ext_capab[18];
8b3b803a 2891 int ext_capab_len;
0bbaa9b9
JM		 2892 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2893 sizeof(ext_capab));
2c66c7d1
AA		 2894 if (ext_capab_len > 0 &&
2895 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2896 u8 *pos = wpa_ie;
2897 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2898 pos += 2 + pos[1];
2899 os_memmove(pos + ext_capab_len, pos,
2900 wpa_ie_len - (pos - wpa_ie));
2901 wpa_ie_len += ext_capab_len;
2902 os_memcpy(pos, ext_capab, ext_capab_len);
2903 }
92cbcf91 2904 }
92cbcf91 2905
c484b198
AS		 2906#ifdef CONFIG_HS20
2907 if (is_hs20_network(wpa_s, ssid, bss)) {
2908 struct wpabuf *hs20;
2909
4204669c 2910 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2911 if (hs20) {
2912 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2913 size_t len;
2914
ec2cf403
JM		 2915 wpas_hs20_add_indication(hs20, pps_mo_id,
2916 get_hs20_version(bss));
4204669c 2917 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2918 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2919 if (wpabuf_len(hs20) <= len) {
2920 os_memcpy(wpa_ie + wpa_ie_len,
2921 wpabuf_head(hs20), wpabuf_len(hs20));
2922 wpa_ie_len += wpabuf_len(hs20);
2923 }
2924 wpabuf_free(hs20);
ece4ac5f
MG		 2925
2926 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2927 }
2928 }
2929#endif /* CONFIG_HS20 */
2930
d29fa3a7
JM		 2931 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2932 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2933 size_t len;
2934
1e6780bd 2935 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2936 if (wpabuf_len(buf) <= len) {
2937 os_memcpy(wpa_ie + wpa_ie_len,
2938 wpabuf_head(buf), wpabuf_len(buf));
2939 wpa_ie_len += wpabuf_len(buf);
2940 }
2941 }
2942
b36a3a65
AN		 2943#ifdef CONFIG_FST
2944 if (wpa_s->fst_ies) {
2945 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2946
1e6780bd 2947 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2948 os_memcpy(wpa_ie + wpa_ie_len,
2949 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2950 wpa_ie_len += fst_ies_len;
2951 }
2952 }
2953#endif /* CONFIG_FST */
2954
92c6e2e3 2955#ifdef CONFIG_MBO
077232f6 2956 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2e06cef8 2957 if (!wpa_s->disable_mbo_oce && mbo_ie) {
5e57ba25 2958 int len;
92c6e2e3 2959
5e57ba25 2960 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
077232f6
BL		 2961 max_wpa_ie_len - wpa_ie_len,
2962 !!mbo_attr_from_mbo_ie(mbo_ie,
2963 OCE_ATTR_ID_CAPA_IND));
5e57ba25
AS		 2964 if (len >= 0)
2965 wpa_ie_len += len;
92c6e2e3
DS		 2966 }
2967#endif /* CONFIG_MBO */
2968
a38090b1
VK		 2969#ifdef CONFIG_FILS
2970 if (algs == WPA_AUTH_ALG_FILS) {
2971 size_t len;
2972
2973 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2974 max_wpa_ie_len - wpa_ie_len);
2975 wpa_ie_len += len;
2976 }
2977#endif /* CONFIG_FILS */
2978
10970465 2979#ifdef CONFIG_OWE
5f30b69c
JM		 2980#ifdef CONFIG_TESTING_OPTIONS
2981 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2982 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2983 } else
2984#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2985 if (algs == WPA_AUTH_ALG_OPEN &&
2986 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2987 struct wpabuf *owe_ie;
2cb40e9f 2988 u16 group;
10970465 2989
2cb40e9f 2990 if (ssid->owe_group) {
10970465 2991 group = ssid->owe_group;
698c9e20
AK		 2992 } else if (wpa_s->assoc_status_code ==
2993 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2cb40e9f
JM		 2994 if (wpa_s->last_owe_group == 19)
2995 group = 20;
2996 else if (wpa_s->last_owe_group == 20)
2997 group = 21;
2998 else
2999 group = OWE_DH_GROUP;
698c9e20
AK		 3000 } else {
3001 group = OWE_DH_GROUP;
2cb40e9f 3002 }
698c9e20 3003
2cb40e9f
JM		 3004 wpa_s->last_owe_group = group;
3005 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 3006 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3007 if (owe_ie &&
3008 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3009 os_memcpy(wpa_ie + wpa_ie_len,
3010 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3011 wpa_ie_len += wpabuf_len(owe_ie);
10970465 3012 }
04879671 3013 wpabuf_free(owe_ie);
10970465
JM		 3014 }
3015#endif /* CONFIG_OWE */
3016
10ec6a5f
JM		 3017#ifdef CONFIG_DPP2
3018 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3019 ssid->dpp_netaccesskey) {
3020 dpp_pfs_free(wpa_s->dpp_pfs);
3021 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3022 ssid->dpp_netaccesskey_len);
3023 if (!wpa_s->dpp_pfs) {
3024 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3025 /* Try to continue without PFS */
3026 goto pfs_fail;
3027 }
3028 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3029 max_wpa_ie_len - wpa_ie_len) {
3030 os_memcpy(wpa_ie + wpa_ie_len,
3031 wpabuf_head(wpa_s->dpp_pfs->ie),
3032 wpabuf_len(wpa_s->dpp_pfs->ie));
3033 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3034 }
3035 }
3036pfs_fail:
3037#endif /* CONFIG_DPP2 */
3038
3dc3afe2
AM		 3039#ifdef CONFIG_IEEE80211R
3040 /*
3041 * Add MDIE under these conditions: the network profile allows FT,
3042 * the AP supports FT, and the mobility domain ID matches.
3043 */
88bf44be 3044 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3dc3afe2
AM		 3045 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3046
3047 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 3048 size_t len = 0;
3dc3afe2
AM		 3049 const u8 *md = mdie + 2;
3050 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3051
3052 if (os_memcmp(md, wpa_md,
3053 MOBILITY_DOMAIN_ID_LEN) == 0) {
3054 /* Add mobility domain IE */
86c998d3 3055 len = wpa_ft_add_mdie(
3dc3afe2
AM		 3056 wpa_s->wpa, wpa_ie + wpa_ie_len,
3057 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 3058 wpa_ie_len += len;
3dc3afe2 3059 }
86c998d3
AM		 3060#ifdef CONFIG_SME
3061 if (len > 0 && wpa_s->sme.ft_used &&
3062 wpa_sm_has_ptk(wpa_s->wpa)) {
3063 wpa_dbg(wpa_s, MSG_DEBUG,
3064 "SME: Trying to use FT over-the-air");
3065 algs |= WPA_AUTH_ALG_FT;
3066 }
3067#endif /* CONFIG_SME */
3dc3afe2
AM		 3068 }
3069 }
3070#endif /* CONFIG_IEEE80211R */
3071
13256553
JM		 3072#ifdef CONFIG_TESTING_OPTIONS
3073 if (wpa_s->rsnxe_override_assoc &&
3074 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3075 max_wpa_ie_len - wpa_ie_len) {
3076 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3077 os_memcpy(wpa_ie + wpa_ie_len,
3078 wpabuf_head(wpa_s->rsnxe_override_assoc),
3079 wpabuf_len(wpa_s->rsnxe_override_assoc));
3080 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3081 } else
3082#endif /* CONFIG_TESTING_OPTIONS */
6d6c8877
JM		 3083 if (wpa_s->rsnxe_len > 0 &&
3084 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3085 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3086 wpa_ie_len += wpa_s->rsnxe_len;
3087 }
3088
5abc7823
VN		 3089 if (ssid->multi_ap_backhaul_sta) {
3090 size_t multi_ap_ie_len;
3091
3092 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3093 max_wpa_ie_len - wpa_ie_len,
3094 MULTI_AP_BACKHAUL_STA);
3095 if (multi_ap_ie_len == 0) {
3096 wpa_printf(MSG_ERROR,
3097 "Multi-AP: Failed to build Multi-AP IE");
3098 os_free(wpa_ie);
3099 return NULL;
3100 }
3101 wpa_ie_len += multi_ap_ie_len;
3102 }
3103
d2ba0d71
VK		 3104 params->wpa_ie = wpa_ie;
3105 params->wpa_ie_len = wpa_ie_len;
3106 params->auth_alg = algs;
6338c99e
VK		 3107 if (mask)
3108 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 3109
3110 return wpa_ie;
3111}
3112
3113
e0b331d8
SD		 3114#ifdef CONFIG_OWE
3115static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3116{
3117 struct wpa_driver_associate_params params;
3118 u8 *wpa_ie;
3119
3120 os_memset(&params, 0, sizeof(params));
3121 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3122 wpa_s->current_ssid, &params, NULL);
3123 if (!wpa_ie)
3124 return;
3125
3126 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3127 os_free(wpa_ie);
3128}
3129#endif /* CONFIG_OWE */
3130
3131
6338c99e
VK		 3132#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3133static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3134{
3135 struct wpa_driver_associate_params params;
3136 enum wpa_drv_update_connect_params_mask mask = 0;
3137 u8 *wpa_ie;
3138
3139 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3140 return; /* nothing to do */
3141
3142 os_memset(&params, 0, sizeof(params));
3143 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3144 wpa_s->current_ssid, &params, &mask);
3145 if (!wpa_ie)
3146 return;
3147
3148 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3149 os_free(wpa_ie);
3150 return;
3151 }
3152
3153 wpa_s->auth_alg = params.auth_alg;
3154 wpa_drv_update_connect_params(wpa_s, &params, mask);
3155 os_free(wpa_ie);
3156}
3157#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3158
3159
a82aee1f
AAL		 3160static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3161{
3162 if (!edmg_ie || edmg_ie[1] < 6)
3163 return 0;
3164 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3165}
3166
3167
3168static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3169{
3170 if (!edmg_ie || edmg_ie[1] < 6)
3171 return 0;
3172 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3173}
3174
3175
3176/* Returns the intersection of two EDMG configurations.
3177 * Note: The current implementation is limited to CB2 only (CB1 included),
3178 * i.e., the implementation supports up to 2 contiguous channels.
3179 * For supporting non-contiguous (aggregated) channels and for supporting
3180 * CB3 and above, this function will need to be extended.
3181 */
3182static struct ieee80211_edmg_config
3183get_edmg_intersection(struct ieee80211_edmg_config a,
3184 struct ieee80211_edmg_config b,
3185 u8 primary_channel)
3186{
3187 struct ieee80211_edmg_config result;
3188 int i, contiguous = 0;
3189 int max_contiguous = 0;
3190
3191 result.channels = b.channels & a.channels;
3192 if (!result.channels) {
3193 wpa_printf(MSG_DEBUG,
3194 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3195 a.channels, b.channels);
3196 goto fail;
3197 }
3198
3199 if (!(result.channels & BIT(primary_channel - 1))) {
3200 wpa_printf(MSG_DEBUG,
3201 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3202 primary_channel, result.channels);
3203 goto fail;
3204 }
3205
3206 /* Find max contiguous channels */
3207 for (i = 0; i < 6; i++) {
3208 if (result.channels & BIT(i))
3209 contiguous++;
3210 else
3211 contiguous = 0;
3212
3213 if (contiguous > max_contiguous)
3214 max_contiguous = contiguous;
3215 }
3216
3217 /* Assuming AP and STA supports ONLY contiguous channels,
3218 * bw configuration can have value between 4-7.
3219 */
3220 if ((b.bw_config < a.bw_config))
3221 result.bw_config = b.bw_config;
3222 else
3223 result.bw_config = a.bw_config;
3224
3225 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3226 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3227 wpa_printf(MSG_DEBUG,
3228 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3229 max_contiguous);
3230 goto fail;
3231 }
3232
3233 return result;
3234
3235fail:
3236 result.channels = 0;
3237 result.bw_config = 0;
3238 return result;
3239}
3240
3241
3242static struct ieee80211_edmg_config
3243get_supported_edmg(struct wpa_supplicant *wpa_s,
3244 struct hostapd_freq_params *freq,
3245 struct ieee80211_edmg_config request_edmg)
3246{
3247 enum hostapd_hw_mode hw_mode;
3248 struct hostapd_hw_modes *mode = NULL;
3249 u8 primary_channel;
3250
3251 if (!wpa_s->hw.modes)
3252 goto fail;
3253
3254 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3255 if (hw_mode == NUM_HOSTAPD_MODES)
3256 goto fail;
3257
d0e116f6 3258 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, 0);
a82aee1f
AAL		 3259 if (!mode)
3260 goto fail;
3261
3262 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3263
3264fail:
3265 request_edmg.channels = 0;
3266 request_edmg.bw_config = 0;
3267 return request_edmg;
3268}
3269
3270
822c756e
AB		 3271#ifdef CONFIG_MBO
3272void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3273{
3274 struct wpa_driver_associate_params params;
3275 u8 *wpa_ie;
3276
3277 /*
3278 * Update MBO connect params only in case of change of MBO attributes
3279 * when connected, if the AP support MBO.
3280 */
3281
3282 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3283 !wpa_s->current_bss ||
3284 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3285 return;
3286
3287 os_memset(&params, 0, sizeof(params));
3288 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3289 wpa_s->current_ssid, &params, NULL);
3290 if (!wpa_ie)
3291 return;
3292
3293 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3294 os_free(wpa_ie);
3295}
3296#endif /* CONFIG_MBO */
3297
3298
d2ba0d71
VK		 3299static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3300{
3301 struct wpa_connect_work *cwork = work->ctx;
3302 struct wpa_bss *bss = cwork->bss;
3303 struct wpa_ssid *ssid = cwork->ssid;
3304 struct wpa_supplicant *wpa_s = work->wpa_s;
3305 u8 *wpa_ie;
a82aee1f 3306 const u8 *edmg_ie_oper;
d2ba0d71
VK		 3307 int use_crypt, ret, i, bssid_changed;
3308 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3309 struct wpa_driver_associate_params params;
3310 int wep_keys_set = 0;
3311 int assoc_failed = 0;
3312 struct wpa_ssid *old_ssid;
3313 u8 prev_bssid[ETH_ALEN];
3314#ifdef CONFIG_HT_OVERRIDES
3315 struct ieee80211_ht_capabilities htcaps;
3316 struct ieee80211_ht_capabilities htcaps_mask;
3317#endif /* CONFIG_HT_OVERRIDES */
3318#ifdef CONFIG_VHT_OVERRIDES
3319 struct ieee80211_vht_capabilities vhtcaps;
3320 struct ieee80211_vht_capabilities vhtcaps_mask;
3321#endif /* CONFIG_VHT_OVERRIDES */
3322
3323 if (deinit) {
3324 if (work->started) {
3325 wpa_s->connect_work = NULL;
3326
3327 /* cancel possible auth. timeout */
3328 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3329 NULL);
3330 }
3331 wpas_connect_work_free(cwork);
3332 return;
3333 }
3334
3335 wpa_s->connect_work = work;
3336
3337 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3338 wpas_network_disabled(wpa_s, ssid)) {
3339 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3340 wpas_connect_work_done(wpa_s);
3341 return;
3342 }
3343
3344 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3345 os_memset(&params, 0, sizeof(params));
3346 wpa_s->reassociate = 0;
3347 wpa_s->eap_expected_failure = 0;
3348 if (bss &&
3349 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3350#ifdef CONFIG_IEEE80211R
3351 const u8 *ie, *md = NULL;
3352#endif /* CONFIG_IEEE80211R */
3353 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3354 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3355 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3356 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3357 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3358 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3359 if (bssid_changed)
3360 wpas_notify_bssid_changed(wpa_s);
3361#ifdef CONFIG_IEEE80211R
3362 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3363 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3364 md = ie + 2;
3365 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3366 if (md) {
3367 /* Prepare for the next transition */
3368 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3369 }
3370#endif /* CONFIG_IEEE80211R */
3371#ifdef CONFIG_WPS
3372 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3373 wpa_s->conf->ap_scan == 2 &&
3374 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3375 /* Use ap_scan==1 style network selection to find the network
3376 */
3377 wpas_connect_work_done(wpa_s);
3378 wpa_s->scan_req = MANUAL_SCAN_REQ;
3379 wpa_s->reassociate = 1;
3380 wpa_supplicant_req_scan(wpa_s, 0, 0);
3381 return;
3382#endif /* CONFIG_WPS */
3383 } else {
3384 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3385 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3386 if (bss)
3387 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3388 else
3389 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3390 }
3391 if (!wpa_s->pno)
3392 wpa_supplicant_cancel_sched_scan(wpa_s);
3393
3394 wpa_supplicant_cancel_scan(wpa_s);
3395
3396 /* Starting new association, so clear the possibly used WPA IE from the
3397 * previous association. */
3398 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 3399 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3400 wpa_s->rsnxe_len = 0;
d2ba0d71 3401
6338c99e 3402 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 3403 if (!wpa_ie) {
3404 wpas_connect_work_done(wpa_s);
3405 return;
3406 }
3407
6fc6879b
JM		 3408 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3409 use_crypt = 1;
4848a38d
JM		 3410 cipher_pairwise = wpa_s->pairwise_cipher;
3411 cipher_group = wpa_s->group_cipher;
61a56c14 3412 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 3413 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3414 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3415 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3416 use_crypt = 0;
3417 if (wpa_set_wep_keys(wpa_s, ssid)) {
3418 use_crypt = 1;
3419 wep_keys_set = 1;
3420 }
3421 }
ad08c363
JM		 3422 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3423 use_crypt = 0;
6fc6879b
JM		 3424
3425#ifdef IEEE8021X_EAPOL
3426 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3427 if ((ssid->eapol_flags &
3428 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3429 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3430 !wep_keys_set) {
3431 use_crypt = 0;
3432 } else {
3433 /* Assume that dynamic WEP-104 keys will be used and
3434 * set cipher suites in order for drivers to expect
3435 * encryption. */
4848a38d 3436 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 3437 }
3438 }
3439#endif /* IEEE8021X_EAPOL */
3440
3441 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3442 /* Set the key before (and later after) association */
3443 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3444 }
3445
6fc6879b 3446 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 3447 if (bss) {
6fa81a3b
JM		 3448 params.ssid = bss->ssid;
3449 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 3450 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3451 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 3452 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3453 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 3454 "(bssid_set=%d wps=%d)",
f15854d1 3455 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 3456 ssid->bssid_set,
3457 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 3458 params.bssid = bss->bssid;
4ec68377 3459 params.freq.freq = bss->freq;
22628eca 3460 }
7ac7fd43
DS		 3461 params.bssid_hint = bss->bssid;
3462 params.freq_hint = bss->freq;
b9074912 3463 params.pbss = bss_is_pbss(bss);
6fc6879b 3464 } else {
43a356b2
PK		 3465 if (ssid->bssid_hint_set)
3466 params.bssid_hint = ssid->bssid_hint;
3467
6fc6879b
JM		 3468 params.ssid = ssid->ssid;
3469 params.ssid_len = ssid->ssid_len;
90f14962 3470 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 3471 }
9e2af29f
NC		 3472
3473 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3474 wpa_s->conf->ap_scan == 2) {
3475 params.bssid = ssid->bssid;
3476 params.fixed_bssid = 1;
3477 }
3478
603a3f34
JL		 3479 /* Initial frequency for IBSS/mesh */
3480 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 3481 ssid->frequency > 0 && params.freq.freq == 0)
3482 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 3483
8f05577d 3484 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 3485 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 3486 if (ssid->beacon_int)
3487 params.beacon_int = ssid->beacon_int;
3488 else
3489 params.beacon_int = wpa_s->conf->beacon_int;
3490 }
3491
a82aee1f
AAL		 3492 if (bss && ssid->enable_edmg)
3493 edmg_ie_oper = get_ie_ext((const u8 *) (bss + 1), bss->ie_len,
3494 WLAN_EID_EXT_EDMG_OPERATION);
3495 else
3496 edmg_ie_oper = NULL;
3497
3498 if (edmg_ie_oper) {
3499 params.freq.edmg.channels =
3500 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3501 params.freq.edmg.bw_config =
3502 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3503 wpa_printf(MSG_DEBUG,
3504 "AP supports EDMG channels 0x%x, bw_config %d",
3505 params.freq.edmg.channels,
3506 params.freq.edmg.bw_config);
3507
3508 /* User may ask for specific EDMG channel for EDMG connection
3509 * (must be supported by AP)
3510 */
3511 if (ssid->edmg_channel) {
3512 struct ieee80211_edmg_config configured_edmg;
3513 enum hostapd_hw_mode hw_mode;
3514 u8 primary_channel;
3515
3516 hw_mode = ieee80211_freq_to_chan(bss->freq,
3517 &primary_channel);
3518 if (hw_mode == NUM_HOSTAPD_MODES)
3519 goto edmg_fail;
3520
3521 hostapd_encode_edmg_chan(ssid->enable_edmg,
3522 ssid->edmg_channel,
3523 primary_channel,
3524 &configured_edmg);
3525
3526 if (ieee802_edmg_is_allowed(params.freq.edmg,
3527 configured_edmg)) {
3528 params.freq.edmg = configured_edmg;
3529 wpa_printf(MSG_DEBUG,
3530 "Use EDMG channel %d for connection",
3531 ssid->edmg_channel);
3532 } else {
3533 edmg_fail:
3534 params.freq.edmg.channels = 0;
3535 params.freq.edmg.bw_config = 0;
3536 wpa_printf(MSG_WARNING,
3537 "EDMG channel %d not supported by AP, fallback to DMG",
3538 ssid->edmg_channel);
3539 }
3540 }
3541
3542 if (params.freq.edmg.channels) {
3543 wpa_printf(MSG_DEBUG,
3544 "EDMG before: channels 0x%x, bw_config %d",
3545 params.freq.edmg.channels,
3546 params.freq.edmg.bw_config);
3547 params.freq.edmg = get_supported_edmg(wpa_s,
3548 &params.freq,
3549 params.freq.edmg);
3550 wpa_printf(MSG_DEBUG,
3551 "EDMG after: channels 0x%x, bw_config %d",
3552 params.freq.edmg.channels,
3553 params.freq.edmg.bw_config);
3554 }
3555 }
3556
6fc6879b
JM		 3557 params.pairwise_suite = cipher_pairwise;
3558 params.group_suite = cipher_group;
61a56c14 3559 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 3560 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 3561 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 3562 wpa_s->auth_alg = params.auth_alg;
6fc6879b 3563 params.mode = ssid->mode;
1f6c0ab8 3564 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 3565 for (i = 0; i < NUM_WEP_KEYS; i++) {
3566 if (ssid->wep_key_len[i])
3567 params.wep_key[i] = ssid->wep_key[i];
3568 params.wep_key_len[i] = ssid->wep_key_len[i];
3569 }
3570 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3571
436ee2fd 3572 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4848a38d
JM		 3573 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3574 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3575 params.passphrase = ssid->passphrase;
3576 if (ssid->psk_set)
3577 params.psk = ssid->psk;
b41f2684
CL		 3578 }
3579
d896874f
AS		 3580 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3581 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3582 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3583 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3584 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
cb28bd52 3585 params.req_handshake_offload = 1;
d896874f 3586
b41f2684
CL		 3587 if (wpa_s->conf->key_mgmt_offload) {
3588 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3589 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3590 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3591 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3592 params.req_key_mgmt_offload =
3593 ssid->proactive_key_caching < 0 ?
3594 wpa_s->conf->okc : ssid->proactive_key_caching;
3595 else
3596 params.req_key_mgmt_offload = 1;
3597
3598 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3599 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3600 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3601 ssid->psk_set)
3602 params.psk = ssid->psk;
6fc6879b
JM		 3603 }
3604
36b15723
JM		 3605 params.drop_unencrypted = use_crypt;
3606
3f56a2b7 3607 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3608 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3609 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3610 struct wpa_ie_data ie;
3611 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3612 ie.capabilities &
3613 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3614 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3615 "MFP: require MFP");
97d3497e
JM		 3616 params.mgmt_frame_protection =
3617 MGMT_FRAME_PROTECTION_REQUIRED;
cf94626c
PK		 3618#ifdef CONFIG_OWE
3619 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3620 !ssid->owe_only) {
3621 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3622#endif /* CONFIG_OWE */
97d3497e
JM		 3623 }
3624 }
6fc6879b 3625
ffad8858 3626 params.p2p = ssid->p2p_group;
6e3f4b89 3627
ba307f85
LD		 3628 if (wpa_s->p2pdev->set_sta_uapsd)
3629 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3630 else
3631 params.uapsd = -1;
3632
80e8a5ee
BG		 3633#ifdef CONFIG_HT_OVERRIDES
3634 os_memset(&htcaps, 0, sizeof(htcaps));
3635 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3636 params.htcaps = (u8 *) &htcaps;
3637 params.htcaps_mask = (u8 *) &htcaps_mask;
3638 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3639#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3640#ifdef CONFIG_VHT_OVERRIDES
3641 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3642 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3643 params.vhtcaps = &vhtcaps;
3644 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3645 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3646#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3647
8567866d
JJ		 3648#ifdef CONFIG_P2P
3649 /*
3650 * If multi-channel concurrency is not supported, check for any
3651 * frequency conflict. In case of any frequency conflict, remove the
3652 * least prioritized connection.
3653 */
3654 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3655 int freq, num;
3656 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3657 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3658 wpa_printf(MSG_DEBUG,
3659 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3660 freq, params.freq.freq);
3661 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3662 wpa_s, params.freq.freq, ssid) < 0) {
3663 wpas_connect_work_done(wpa_s);
1e6780bd 3664 os_free(wpa_ie);
8567866d 3665 return;
74656400 3666 }
8567866d
JJ		 3667 }
3668 }
3669#endif /* CONFIG_P2P */
3670
6a5ee810
JM		 3671 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3672 wpa_s->current_ssid)
3673 params.prev_bssid = prev_bssid;
3674
17fbb751 3675 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3676 os_free(wpa_ie);
6fc6879b
JM		 3677 if (ret < 0) {
3678 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3679 "failed");
871f4dd0
JM		 3680 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3681 /*
3682 * The driver is known to mean what is saying, so we
3683 * can stop right here; the association will not
3684 * succeed.
3685 */
3686 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3687 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3688 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3689 return;
3690 }
6fc6879b
JM		 3691 /* try to continue anyway; new association will be tried again
3692 * after timeout */
3693 assoc_failed = 1;
3694 }
3695
3696 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3697 /* Set the key after the association just in case association
3698 * cleared the previously configured key. */
3699 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3700 /* No need to timeout authentication since there is no key
3701 * management. */
3702 wpa_supplicant_cancel_auth_timeout(wpa_s);
3703 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3704#ifdef CONFIG_IBSS_RSN
d7dcba70 3705 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3706 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3707 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3708 /*
3709 * RSN IBSS authentication is per-STA and we can disable the
3710 * per-BSSID authentication.
3711 */
3712 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3713#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3714 } else {
3715 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3716 int timeout = 60;
3717
3718 if (assoc_failed) {
3719 /* give IBSS a bit more time */
d7dcba70 3720 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3721 } else if (wpa_s->conf->ap_scan == 1) {
3722 /* give IBSS a bit more time */
d7dcba70 3723 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3724 }
6fc6879b
JM		 3725 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3726 }
3727
66562e9c
JM		 3728 if (wep_keys_set &&
3729 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3730 /* Set static WEP keys again */
3731 wpa_set_wep_keys(wpa_s, ssid);
3732 }
3733
3734 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3735 /*
3736 * Do not allow EAP session resumption between different
3737 * network configurations.
3738 */
3739 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3740 }
8bac466b 3741 old_ssid = wpa_s->current_ssid;
6fc6879b 3742 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3743
3744 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3745 wpa_s->current_bss = bss;
ece4ac5f
MG		 3746#ifdef CONFIG_HS20
3747 hs20_configure_frame_filters(wpa_s);
3748#endif /* CONFIG_HS20 */
3749 }
3750
6fc6879b
JM		 3751 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3752 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3753 if (old_ssid != wpa_s->current_ssid)
3754 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3755}
3756
3757
09f58c09
JM		 3758static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3759 const u8 *addr)
3760{
3761 struct wpa_ssid *old_ssid;
3762
c155305f 3763 wpas_connect_work_done(wpa_s);
09f58c09 3764 wpa_clear_keys(wpa_s, addr);
09f58c09 3765 old_ssid = wpa_s->current_ssid;
0d30cc24 3766 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3767 wpa_sm_set_config(wpa_s->wpa, NULL);
3768 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3769 if (old_ssid != wpa_s->current_ssid)
3770 wpas_notify_network_changed(wpa_s);
3771 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3772}
3773
3774
6fc6879b
JM		 3775/**
3776 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3777 * @wpa_s: Pointer to wpa_supplicant data
3778 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3779 *
073ab58f 3780 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3781 * current AP.
3782 */
3783void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4be17ffb 3784 u16 reason_code)
6fc6879b
JM		 3785{
3786 u8 *addr = NULL;
ef48ff94 3787 union wpa_event_data event;
42d23547 3788 int zero_addr = 0;
8bac466b 3789
42d23547 3790 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
cfde99a8 3791 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
42d23547 3792 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
cfde99a8
AK		 3793 reason_code, reason2str(reason_code),
3794 wpa_supplicant_state_txt(wpa_s->wpa_state));
42d23547 3795
04e3d815
MK		 3796 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3797 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3798 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3799 addr = wpa_s->pending_bssid;
04e3d815
MK		 3800 else if (!is_zero_ether_addr(wpa_s->bssid))
3801 addr = wpa_s->bssid;
42d23547
JM		 3802 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3803 /*
3804 * When using driver-based BSS selection, we may not know the
3805 * BSSID with which we are currently trying to associate. We
3806 * need to notify the driver of this disconnection even in such
3807 * a case, so use the all zeros address here.
3808 */
6fc6879b 3809 addr = wpa_s->bssid;
42d23547
JM		 3810 zero_addr = 1;
3811 }
3812
5abc7823
VN		 3813 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3814 wpa_s->enabled_4addr_mode = 0;
3815
7b44ff2c
SD		 3816#ifdef CONFIG_TDLS
3817 wpa_tdls_teardown_peers(wpa_s->wpa);
3818#endif /* CONFIG_TDLS */
3819
603a3f34
JL		 3820#ifdef CONFIG_MESH
3821 if (wpa_s->ifmsh) {
a39b040b
SB		 3822 struct mesh_conf *mconf;
3823
3824 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3825 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3826 wpa_s->ifname);
a39b040b
SB		 3827 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3828 mconf->meshid_len, reason_code);
603a3f34
JL		 3829 wpa_supplicant_leave_mesh(wpa_s);
3830 }
3831#endif /* CONFIG_MESH */
3832
42d23547
JM		 3833 if (addr) {
3834 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94 3835 os_memset(&event, 0, sizeof(event));
4be17ffb 3836 event.deauth_info.reason_code = reason_code;
ef48ff94
JM		 3837 event.deauth_info.locally_generated = 1;
3838 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3839 if (zero_addr)
3840 addr = NULL;
6fc6879b 3841 }
09f58c09
JM		 3842
3843 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3844}
3845
dca1a511
DS		 3846static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3847 struct wpa_ssid *ssid)
3848{
3849 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3850 return;
3851
3852 ssid->disabled = 0;
91073cca 3853 ssid->owe_transition_bss_select_count = 0;
dca1a511
DS		 3854 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3855 wpas_notify_network_enabled_changed(wpa_s, ssid);
3856
3857 /*
3858 * Try to reassociate since there is no current configuration and a new
3859 * network was made available.
3860 */
d2592497 3861 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3862 wpa_s->reassociate = 1;
3863}
3864
6fc6879b 3865
d015bb05
RP		 3866/**
3867 * wpa_supplicant_add_network - Add a new network
3868 * @wpa_s: wpa_supplicant structure for a network interface
3869 * Returns: The new network configuration or %NULL if operation failed
3870 *
3871 * This function performs the following operations:
3872 * 1. Adds a new network.
3873 * 2. Send network addition notification.
3874 * 3. Marks the network disabled.
3875 * 4. Set network default parameters.
3876 */
3877struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3878{
3879 struct wpa_ssid *ssid;
3880
3881 ssid = wpa_config_add_network(wpa_s->conf);
3882 if (!ssid)
3883 return NULL;
3884 wpas_notify_network_added(wpa_s, ssid);
3885 ssid->disabled = 1;
3886 wpa_config_set_network_defaults(ssid);
3887
3888 return ssid;
3889}
3890
3891
3892/**
3893 * wpa_supplicant_remove_network - Remove a configured network based on id
3894 * @wpa_s: wpa_supplicant structure for a network interface
3895 * @id: Unique network id to search for
3896 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3897 * could not be removed
3898 *
3899 * This function performs the following operations:
3900 * 1. Removes the network.
3901 * 2. Send network removal notification.
3902 * 3. Update internal state machines.
3903 * 4. Stop any running sched scans.
3904 */
3905int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3906{
3907 struct wpa_ssid *ssid;
3908 int was_disabled;
3909
3910 ssid = wpa_config_get_network(wpa_s->conf, id);
3911 if (!ssid)
3912 return -1;
3913 wpas_notify_network_removed(wpa_s, ssid);
3914
3915 if (wpa_s->last_ssid == ssid)
3916 wpa_s->last_ssid = NULL;
3917
3918 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3919#ifdef CONFIG_SME
3920 wpa_s->sme.prev_bssid_set = 0;
3921#endif /* CONFIG_SME */
3922 /*
3923 * Invalidate the EAP session cache if the current or
3924 * previously used network is removed.
3925 */
3926 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3927 }
3928
3929 if (ssid == wpa_s->current_ssid) {
3930 wpa_sm_set_config(wpa_s->wpa, NULL);
3931 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3932
3933 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3934 wpa_s->own_disconnect_req = 1;
3935 wpa_supplicant_deauthenticate(wpa_s,
3936 WLAN_REASON_DEAUTH_LEAVING);
3937 }
3938
3939 was_disabled = ssid->disabled;
3940
3941 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3942 return -2;
3943
3944 if (!was_disabled && wpa_s->sched_scanning) {
3945 wpa_printf(MSG_DEBUG,
3946 "Stop ongoing sched_scan to remove network from filters");
3947 wpa_supplicant_cancel_sched_scan(wpa_s);
3948 wpa_supplicant_req_scan(wpa_s, 0, 0);
3949 }
3950
3951 return 0;
3952}
3953
3954
86b89452
WS		 3955/**
3956 * wpa_supplicant_enable_network - Mark a configured network as enabled
3957 * @wpa_s: wpa_supplicant structure for a network interface
3958 * @ssid: wpa_ssid structure for a configured network or %NULL
3959 *
3960 * Enables the specified network or all networks if no network specified.
3961 */
3962void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3963 struct wpa_ssid *ssid)
3964{
86b89452 3965 if (ssid == NULL) {
14f79078
JM		 3966 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3967 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3968 } else
3969 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3970
5a1d9d1a
JM		 3971 if (wpa_s->reassociate && !wpa_s->disconnected &&
3972 (!wpa_s->current_ssid ||
3973 wpa_s->wpa_state == WPA_DISCONNECTED ||
3974 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3975 if (wpa_s->sched_scanning) {
3976 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3977 "new network to scan filters");
3978 wpa_supplicant_cancel_sched_scan(wpa_s);
3979 }
86b89452 3980
35d40309
JM		 3981 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3982 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3983 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3984 }
86b89452
WS		 3985 }
3986}
3987
3988
3989/**
3990 * wpa_supplicant_disable_network - Mark a configured network as disabled
3991 * @wpa_s: wpa_supplicant structure for a network interface
3992 * @ssid: wpa_ssid structure for a configured network or %NULL
3993 *
3994 * Disables the specified network or all networks if no network specified.
3995 */
3996void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3997 struct wpa_ssid *ssid)
3998{
3999 struct wpa_ssid *other_ssid;
4000 int was_disabled;
4001
4002 if (ssid == NULL) {
725fc39e
DS		 4003 if (wpa_s->sched_scanning)
4004 wpa_supplicant_cancel_sched_scan(wpa_s);
4005
4dac0245
JM		 4006 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4007 other_ssid = other_ssid->next) {
86b89452 4008 was_disabled = other_ssid->disabled;
4dac0245
JM		 4009 if (was_disabled == 2)
4010 continue; /* do not change persistent P2P group
4011 * data */
86b89452
WS		 4012
4013 other_ssid->disabled = 1;
4014
4015 if (was_disabled != other_ssid->disabled)
4016 wpas_notify_network_enabled_changed(
4017 wpa_s, other_ssid);
86b89452 4018 }
0661163e
SD		 4019 if (wpa_s->current_ssid) {
4020 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4021 wpa_s->own_disconnect_req = 1;
07783eaa 4022 wpa_supplicant_deauthenticate(
86b89452 4023 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4024 }
4dac0245 4025 } else if (ssid->disabled != 2) {
0661163e
SD		 4026 if (ssid == wpa_s->current_ssid) {
4027 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4028 wpa_s->own_disconnect_req = 1;
07783eaa 4029 wpa_supplicant_deauthenticate(
86b89452 4030 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4031 }
86b89452
WS		 4032
4033 was_disabled = ssid->disabled;
4034
4035 ssid->disabled = 1;
4036
725fc39e 4037 if (was_disabled != ssid->disabled) {
86b89452 4038 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 4039 if (wpa_s->sched_scanning) {
4040 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4041 "to remove network from filters");
4042 wpa_supplicant_cancel_sched_scan(wpa_s);
4043 wpa_supplicant_req_scan(wpa_s, 0, 0);
4044 }
4045 }
86b89452
WS		 4046 }
4047}
4048
4049
4050/**
4051 * wpa_supplicant_select_network - Attempt association with a network
4052 * @wpa_s: wpa_supplicant structure for a network interface
4053 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4054 */
4055void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4056 struct wpa_ssid *ssid)
4057{
4058
4059 struct wpa_ssid *other_ssid;
d93dfbd5 4060 int disconnected = 0;
86b89452 4061
d93dfbd5 4062 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 4063 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4064 wpa_s->own_disconnect_req = 1;
07783eaa 4065 wpa_supplicant_deauthenticate(
86b89452 4066 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 4067 disconnected = 1;
4068 }
86b89452 4069
00e5e3d5
JM		 4070 if (ssid)
4071 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4072
86b89452
WS		 4073 /*
4074 * Mark all other networks disabled or mark all networks enabled if no
4075 * network specified.
4076 */
4dac0245
JM		 4077 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4078 other_ssid = other_ssid->next) {
86b89452 4079 int was_disabled = other_ssid->disabled;
4dac0245
JM		 4080 if (was_disabled == 2)
4081 continue; /* do not change persistent P2P group data */
86b89452
WS		 4082
4083 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 4084 if (was_disabled && !other_ssid->disabled)
4085 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 4086
4087 if (was_disabled != other_ssid->disabled)
4088 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 4089 }
2a6f78fb 4090
d38c7be0
JM		 4091 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4092 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 4093 /* We are already associated with the selected network */
4094 wpa_printf(MSG_DEBUG, "Already associated with the "
4095 "selected network - do nothing");
4096 return;
4097 }
4098
25a8f9e3 4099 if (ssid) {
96efeeb6 4100 wpa_s->current_ssid = ssid;
25a8f9e3 4101 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 4102 wpa_s->connect_without_scan =
4103 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 4104
4105 /*
4106 * Don't optimize next scan freqs since a new ESS has been
4107 * selected.
4108 */
4109 os_free(wpa_s->next_scan_freqs);
4110 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 4111 } else {
4112 wpa_s->connect_without_scan = NULL;
25a8f9e3 4113 }
603a3f34 4114
86b89452
WS		 4115 wpa_s->disconnected = 0;
4116 wpa_s->reassociate = 1;
b834e970 4117 wpa_s_clear_sae_rejected(wpa_s);
2cb40e9f 4118 wpa_s->last_owe_group = 0;
05a2fb0d 4119 if (ssid) {
91073cca 4120 ssid->owe_transition_bss_select_count = 0;
05a2fb0d
JM		 4121 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4122 }
cecdddc1 4123
e4a35f07 4124 if (wpa_s->connect_without_scan ||
35d40309
JM		 4125 wpa_supplicant_fast_associate(wpa_s) != 1) {
4126 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 4127 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 4128 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 4129 }
86b89452 4130
a1641d26
JM		 4131 if (ssid)
4132 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 4133}
4134
4135
bdec7ee5
MS		 4136/**
4137 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4138 * @wpa_s: wpa_supplicant structure for a network interface
4139 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4140 * @pkcs11_module_path: PKCS #11 module path or NULL
4141 * Returns: 0 on success; -1 on failure
4142 *
4143 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4144 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4145 * module path fails the paths will be reset to the default value (NULL).
4146 */
4147int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4148 const char *pkcs11_engine_path,
4149 const char *pkcs11_module_path)
4150{
4151 char *pkcs11_engine_path_copy = NULL;
4152 char *pkcs11_module_path_copy = NULL;
4153
4154 if (pkcs11_engine_path != NULL) {
4155 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4156 if (pkcs11_engine_path_copy == NULL)
4157 return -1;
4158 }
4159 if (pkcs11_module_path != NULL) {
4160 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 4161 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 4162 os_free(pkcs11_engine_path_copy);
4163 return -1;
4164 }
4165 }
4166
4167 os_free(wpa_s->conf->pkcs11_engine_path);
4168 os_free(wpa_s->conf->pkcs11_module_path);
4169 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4170 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4171
4172 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4173 eapol_sm_deinit(wpa_s->eapol);
4174 wpa_s->eapol = NULL;
4175 if (wpa_supplicant_init_eapol(wpa_s)) {
4176 /* Error -> Reset paths to the default value (NULL) once. */
4177 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4178 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4179 NULL);
4180
4181 return -1;
4182 }
4183 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4184
4185 return 0;
4186}
4187
4188
86b89452
WS		 4189/**
4190 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4191 * @wpa_s: wpa_supplicant structure for a network interface
4192 * @ap_scan: AP scan mode
4193 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4194 *
4195 */
4196int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4197{
4198
4199 int old_ap_scan;
4200
4201 if (ap_scan < 0 || ap_scan > 2)
4202 return -1;
4203
8406cd35
JM		 4204 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4205 wpa_printf(MSG_INFO,
4206 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4207 }
4208
48f8e036
DS		 4209#ifdef ANDROID
4210 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4211 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4212 wpa_s->wpa_state < WPA_COMPLETED) {
4213 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4214 "associating", wpa_s->conf->ap_scan, ap_scan);
4215 return 0;
4216 }
4217#endif /* ANDROID */
4218
86b89452
WS		 4219 old_ap_scan = wpa_s->conf->ap_scan;
4220 wpa_s->conf->ap_scan = ap_scan;
4221
4222 if (old_ap_scan != wpa_s->conf->ap_scan)
4223 wpas_notify_ap_scan_changed(wpa_s);
4224
4225 return 0;
4226}
4227
4228
78633c37
SL		 4229/**
4230 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4231 * @wpa_s: wpa_supplicant structure for a network interface
4232 * @expire_age: Expiration age in seconds
4233 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4234 *
4235 */
4236int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4237 unsigned int bss_expire_age)
4238{
4239 if (bss_expire_age < 10) {
4240 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4241 bss_expire_age);
4242 return -1;
4243 }
4244 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4245 bss_expire_age);
4246 wpa_s->conf->bss_expiration_age = bss_expire_age;
4247
4248 return 0;
4249}
4250
4251
4252/**
4253 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4254 * @wpa_s: wpa_supplicant structure for a network interface
4255 * @expire_count: number of scans after which an unseen BSS is reclaimed
4256 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4257 *
4258 */
4259int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4260 unsigned int bss_expire_count)
4261{
4262 if (bss_expire_count < 1) {
4263 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4264 bss_expire_count);
4265 return -1;
4266 }
4267 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4268 bss_expire_count);
4269 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4270
4271 return 0;
4272}
4273
4274
c6e86b63
MA		 4275/**
4276 * wpa_supplicant_set_scan_interval - Set scan interval
4277 * @wpa_s: wpa_supplicant structure for a network interface
4278 * @scan_interval: scan interval in seconds
4279 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4280 *
4281 */
4282int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4283 int scan_interval)
4284{
4285 if (scan_interval < 0) {
4286 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4287 scan_interval);
4288 return -1;
4289 }
4290 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4291 scan_interval);
9e737f08 4292 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 4293
4294 return 0;
4295}
4296
4297
86b89452
WS		 4298/**
4299 * wpa_supplicant_set_debug_params - Set global debug params
4300 * @global: wpa_global structure
4301 * @debug_level: debug level
4302 * @debug_timestamp: determines if show timestamp in debug data
4303 * @debug_show_keys: determines if show keys in debug data
4304 * Returns: 0 if succeed or -1 if debug_level has wrong value
4305 */
4306int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4307 int debug_timestamp, int debug_show_keys)
4308{
4309
4310 int old_level, old_timestamp, old_show_keys;
4311
4312 /* check for allowed debuglevels */
14dc0011
PS		 4313 if (debug_level != MSG_EXCESSIVE &&
4314 debug_level != MSG_MSGDUMP &&
86b89452
WS		 4315 debug_level != MSG_DEBUG &&
4316 debug_level != MSG_INFO &&
4317 debug_level != MSG_WARNING &&
4318 debug_level != MSG_ERROR)
4319 return -1;
4320
4321 old_level = wpa_debug_level;
4322 old_timestamp = wpa_debug_timestamp;
4323 old_show_keys = wpa_debug_show_keys;
4324
4325 wpa_debug_level = debug_level;
4326 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4327 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4328
db9133ac
WS		 4329 if (wpa_debug_level != old_level)
4330 wpas_notify_debug_level_changed(global);
4331 if (wpa_debug_timestamp != old_timestamp)
4332 wpas_notify_debug_timestamp_changed(global);
4333 if (wpa_debug_show_keys != old_show_keys)
4334 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 4335
4336 return 0;
4337}
4338
4339
e8b96490
JM		 4340#ifdef CONFIG_OWE
4341static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4342 const u8 *entry_ssid, size_t entry_ssid_len)
4343{
4344 const u8 *owe, *pos, *end;
4345 u8 ssid_len;
4346 struct wpa_bss *bss;
4347
4348 /* Check network profile SSID aganst the SSID in the
4349 * OWE Transition Mode element. */
4350
4351 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4352 if (!bss)
4353 return 0;
4354
4355 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4356 if (!owe)
4357 return 0;
4358
4359 pos = owe + 6;
4360 end = owe + 2 + owe[1];
4361
4362 if (end - pos < ETH_ALEN + 1)
4363 return 0;
4364 pos += ETH_ALEN;
4365 ssid_len = *pos++;
4366 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4367 return 0;
4368
4369 return entry_ssid_len == ssid_len &&
4370 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4371}
4372#endif /* CONFIG_OWE */
4373
4374
6fc6879b
JM		 4375/**
4376 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4377 * @wpa_s: Pointer to wpa_supplicant data
4378 * Returns: A pointer to the current network structure or %NULL on failure
4379 */
4380struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4381{
4382 struct wpa_ssid *entry;
eaa8eefe 4383 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 4384 int res;
4385 size_t ssid_len;
4386 u8 bssid[ETH_ALEN];
4387 int wired;
4388
17fbb751
JM		 4389 res = wpa_drv_get_ssid(wpa_s, ssid);
4390 if (res < 0) {
4391 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4392 "driver");
4393 return NULL;
6fc6879b 4394 }
17fbb751 4395 ssid_len = res;
6fc6879b 4396
17fbb751 4397 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 4398 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4399 "driver");
6fc6879b
JM		 4400 return NULL;
4401 }
4402
c2a04078
JM		 4403 wired = wpa_s->conf->ap_scan == 0 &&
4404 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 4405
4406 entry = wpa_s->conf->ssid;
4407 while (entry) {
349493bd 4408 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b 4409 ((ssid_len == entry->ssid_len &&
c4fccfc7
JM		 4410 (!entry->ssid ||
4411 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4412 wired) &&
6fc6879b
JM		 4413 (!entry->bssid_set ||
4414 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4415 return entry;
24c23d1b 4416#ifdef CONFIG_WPS
349493bd 4417 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 4418 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4419 (entry->ssid == NULL || entry->ssid_len == 0) &&
4420 (!entry->bssid_set ||
4421 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4422 return entry;
4423#endif /* CONFIG_WPS */
7d232e23 4424
e8b96490
JM		 4425#ifdef CONFIG_OWE
4426 if (!wpas_network_disabled(wpa_s, entry) &&
4427 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4428 entry->ssid_len) &&
4429 (!entry->bssid_set ||
4430 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4431 return entry;
4432#endif /* CONFIG_OWE */
4433
349493bd 4434 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 4435 entry->ssid_len == 0 &&
4436 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4437 return entry;
4438
6fc6879b
JM		 4439 entry = entry->next;
4440 }
4441
4442 return NULL;
4443}
4444
4445
7756114f
JM		 4446static int select_driver(struct wpa_supplicant *wpa_s, int i)
4447{
4448 struct wpa_global *global = wpa_s->global;
4449
4450 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 4451 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 4452 if (global->drv_priv[i] == NULL) {
4453 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4454 "'%s'", wpa_drivers[i]->name);
4455 return -1;
4456 }
4457 }
4458
4459 wpa_s->driver = wpa_drivers[i];
4460 wpa_s->global_drv_priv = global->drv_priv[i];
4461
4462 return 0;
4463}
4464
4465
6fc6879b
JM		 4466static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4467 const char *name)
4468{
4469 int i;
362f781e 4470 size_t len;
74b1c84a 4471 const char *pos, *driver = name;
6fc6879b
JM		 4472
4473 if (wpa_s == NULL)
4474 return -1;
4475
c5121837 4476 if (wpa_drivers[0] == NULL) {
f049052b
BG		 4477 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4478 "wpa_supplicant");
6fc6879b
JM		 4479 return -1;
4480 }
4481
4482 if (name == NULL) {
4483 /* default to first driver in the list */
7756114f 4484 return select_driver(wpa_s, 0);
6fc6879b
JM		 4485 }
4486
74b1c84a
SO		 4487 do {
4488 pos = os_strchr(driver, ',');
4489 if (pos)
4490 len = pos - driver;
4491 else
4492 len = os_strlen(driver);
4493
4494 for (i = 0; wpa_drivers[i]; i++) {
4495 if (os_strlen(wpa_drivers[i]->name) == len &&
4496 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 4497 0) {
4498 /* First driver that succeeds wins */
4499 if (select_driver(wpa_s, i) == 0)
4500 return 0;
4501 }
6fc6879b 4502 }
74b1c84a
SO		 4503
4504 driver = pos + 1;
4505 } while (pos);
6fc6879b 4506
f049052b 4507 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 4508 return -1;
4509}
4510
4511
a8e0505b
JM		 4512/**
4513 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4514 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4515 * with struct wpa_driver_ops::init()
4516 * @src_addr: Source address of the EAPOL frame
4517 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4518 * @len: Length of the EAPOL data
4519 *
4520 * This function is called for each received EAPOL frame. Most driver
4521 * interfaces rely on more generic OS mechanism for receiving frames through
4522 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4523 * take care of received EAPOL frames and deliver them to the core supplicant
4524 * code by calling this function.
4525 */
6fc6879b
JM		 4526void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4527 const u8 *buf, size_t len)
4528{
4529 struct wpa_supplicant *wpa_s = ctx;
4530
f049052b 4531 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 4532 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4533
02adead5
MK		 4534#ifdef CONFIG_TESTING_OPTIONS
4535 if (wpa_s->ignore_auth_resp) {
4536 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4537 return;
4538 }
4539#endif /* CONFIG_TESTING_OPTIONS */
4540
3ab35a66
JM		 4541 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4542 (wpa_s->last_eapol_matches_bssid &&
4543#ifdef CONFIG_AP
4544 !wpa_s->ap_iface &&
4545#endif /* CONFIG_AP */
4546 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 4547 /*
4548 * There is possible race condition between receiving the
4549 * association event and the EAPOL frame since they are coming
4550 * through different paths from the driver. In order to avoid
4551 * issues in trying to process the EAPOL frame before receiving
4552 * association information, lets queue it for processing until
3ab35a66
JM		 4553 * the association event is received. This may also be needed in
4554 * driver-based roaming case, so also use src_addr != BSSID as a
4555 * trigger if we have previously confirmed that the
4556 * Authenticator uses BSSID as the src_addr (which is not the
4557 * case with wired IEEE 802.1X).
1ff73338 4558 */
f049052b 4559 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 4560 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4561 wpa_supplicant_state_txt(wpa_s->wpa_state),
4562 MAC2STR(wpa_s->bssid));
1ff73338
JM		 4563 wpabuf_free(wpa_s->pending_eapol_rx);
4564 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4565 if (wpa_s->pending_eapol_rx) {
c2be937c 4566 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 4567 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4568 ETH_ALEN);
4569 }
4570 return;
4571 }
4572
3ab35a66
JM		 4573 wpa_s->last_eapol_matches_bssid =
4574 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4575
db149ac9
JM		 4576#ifdef CONFIG_AP
4577 if (wpa_s->ap_iface) {
4578 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4579 return;
4580 }
4581#endif /* CONFIG_AP */
4582
6fc6879b 4583 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 4584 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4585 "no key management is configured");
6fc6879b
JM		 4586 return;
4587 }
4588
4589 if (wpa_s->eapol_received == 0 &&
436ee2fd 4590 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
56586197 4591 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4592 wpa_s->wpa_state != WPA_COMPLETED) &&
4593 (wpa_s->current_ssid == NULL ||
f74618cb 4594 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
6fc6879b 4595 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4596 int timeout = 10;
4597
4598 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4599 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4600 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4601 /* Use longer timeout for IEEE 802.1X/EAP */
4602 timeout = 70;
4603 }
4604
c7dafdf9 4605#ifdef CONFIG_WPS
5add4101
JM		 4606 if (wpa_s->current_ssid && wpa_s->current_bss &&
4607 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4608 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4609 /*
4610 * Use shorter timeout if going through WPS AP iteration
4611 * for PIN config method with an AP that does not
4612 * advertise Selected Registrar.
4613 */
4614 struct wpabuf *wps_ie;
4615
4616 wps_ie = wpa_bss_get_vendor_ie_multi(
4617 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4618 if (wps_ie &&
4619 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4620 timeout = 10;
4621 wpabuf_free(wps_ie);
4622 }
c7dafdf9 4623#endif /* CONFIG_WPS */
5add4101
JM		 4624
4625 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4626 }
4627 wpa_s->eapol_received++;
4628
4629 if (wpa_s->countermeasures) {
f049052b
BG		 4630 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4631 "EAPOL packet");
6fc6879b
JM		 4632 return;
4633 }
4634
8be18440
JM		 4635#ifdef CONFIG_IBSS_RSN
4636 if (wpa_s->current_ssid &&
d7dcba70 4637 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4638 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4639 return;
4640 }
4641#endif /* CONFIG_IBSS_RSN */
4642
6fc6879b
JM		 4643 /* Source address of the incoming EAPOL frame could be compared to the
4644 * current BSSID. However, it is possible that a centralized
4645 * Authenticator could be using another MAC address than the BSSID of
4646 * an AP, so just allow any address to be used for now. The replies are
4647 * still sent to the current BSSID (if available), though. */
4648
4649 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4650 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4651 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4652 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4653 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4654 return;
4655 wpa_drv_poll(wpa_s);
436ee2fd 4656 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
6fc6879b 4657 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4658 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4659 /*
4660 * Set portValid = TRUE here since we are going to skip 4-way
4661 * handshake processing which would normally set portValid. We
4662 * need this to allow the EAPOL state machines to be completed
4663 * without going through EAPOL-Key handshake.
4664 */
4665 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4666 }
4667}
4668
4669
bfba8deb 4670int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4671{
2961bfa8
JM		 4672 if ((!wpa_s->p2p_mgmt ||
4673 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4674 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4675 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4676 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4677 wpa_drv_get_mac_addr(wpa_s),
4678 ETH_P_EAPOL,
4679 wpa_supplicant_rx_eapol, wpa_s, 0);
4680 if (wpa_s->l2 == NULL)
4681 return -1;
d89edb61
DC		 4682
4683 if (l2_packet_set_packet_filter(wpa_s->l2,
4684 L2_PACKET_FILTER_PKTTYPE))
4685 wpa_dbg(wpa_s, MSG_DEBUG,
4686 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4687 } else {
4688 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4689 if (addr)
4690 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4691 }
4692
4693 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4694 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4695 return -1;
4696 }
4697
c267753b 4698 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
8788a314 4699 wpas_wps_update_mac_addr(wpa_s);
c267753b 4700
cdb5774f
DL		 4701#ifdef CONFIG_FST
4702 if (wpa_s->fst)
4703 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4704#endif /* CONFIG_FST */
4705
bfba8deb
JM		 4706 return 0;
4707}
4708
4709
25f839c6
JM		 4710static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4711 const u8 *buf, size_t len)
4712{
4713 struct wpa_supplicant *wpa_s = ctx;
4714 const struct l2_ethhdr *eth;
4715
4716 if (len < sizeof(*eth))
4717 return;
4718 eth = (const struct l2_ethhdr *) buf;
4719
4720 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4721 !(eth->h_dest[0] & 0x01)) {
4722 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4723 " (bridge - not for this interface - ignore)",
4724 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4725 return;
4726 }
4727
4728 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4729 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4730 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4731 len - sizeof(*eth));
4732}
4733
4734
bfba8deb
JM		 4735/**
4736 * wpa_supplicant_driver_init - Initialize driver interface parameters
4737 * @wpa_s: Pointer to wpa_supplicant data
4738 * Returns: 0 on success, -1 on failure
4739 *
4740 * This function is called to initialize driver interface parameters.
4741 * wpa_drv_init() must have been called before this function to initialize the
4742 * driver interface.
4743 */
4744int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4745{
4746 static int interface_count = 0;
4747
4748 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4749 return -1;
4750
c68f6200
AS		 4751 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4752 MAC2STR(wpa_s->own_addr));
a313d17d 4753 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4754 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4755
6fc6879b 4756 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4757 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4758 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4759 wpa_s->l2_br = l2_packet_init_bridge(
4760 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4761 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4762 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4763 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4764 "connection for the bridge interface '%s'",
4765 wpa_s->bridge_ifname);
6fc6879b
JM		 4766 return -1;
4767 }
4768 }
4769
8406cd35
JM		 4770 if (wpa_s->conf->ap_scan == 2 &&
4771 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4772 wpa_printf(MSG_INFO,
4773 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4774 }
4775
6fc6879b
JM		 4776 wpa_clear_keys(wpa_s, NULL);
4777
4778 /* Make sure that TKIP countermeasures are not left enabled (could
4779 * happen if wpa_supplicant is killed during countermeasures. */
4780 wpa_drv_set_countermeasures(wpa_s, 0);
4781
f049052b 4782 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4783 wpa_drv_flush_pmkid(wpa_s);
4784
ba2a573c 4785 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4786 wpa_s->prev_scan_wildcard = 0;
4787
349493bd 4788 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4789 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4790 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4791 interface_count = 0;
4792 }
ee82e33d 4793#ifndef ANDROID
3a94adbf 4794 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4795 wpa_supplicant_delayed_sched_scan(wpa_s,
4796 interface_count % 3,
6a90053c 4797 100000))
5d0d72a3 4798 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4799 100000);
ee82e33d 4800#endif /* ANDROID */
74e259ec
JM		 4801 interface_count++;
4802 } else
4803 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4804
4805 return 0;
4806}
4807
4808
4809static int wpa_supplicant_daemon(const char *pid_file)
4810{
4811 wpa_printf(MSG_DEBUG, "Daemonize..");
4812 return os_daemonize(pid_file);
4813}
4814
4815
1772d348
JM		 4816static struct wpa_supplicant *
4817wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4818{
4819 struct wpa_supplicant *wpa_s;
4820
4821 wpa_s = os_zalloc(sizeof(*wpa_s));
4822 if (wpa_s == NULL)
4823 return NULL;
4115303b 4824 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4825 wpa_s->scan_interval = 5;
c302f207 4826 wpa_s->new_connection = 1;
1772d348 4827 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4828 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4829 wpa_s->sched_scanning = 0;
6fc6879b 4830
dd599908 4831 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4832 dl_list_init(&wpa_s->fils_hlp_req);
6c570193
JM		 4833#ifdef CONFIG_TESTING_OPTIONS
4834 dl_list_init(&wpa_s->drv_signal_override);
4835#endif /* CONFIG_TESTING_OPTIONS */
dd599908 4836
6fc6879b
JM		 4837 return wpa_s;
4838}
4839
4840
80e8a5ee
BG		 4841#ifdef CONFIG_HT_OVERRIDES
4842
4843static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4844 struct ieee80211_ht_capabilities *htcaps,
4845 struct ieee80211_ht_capabilities *htcaps_mask,
4846 const char *ht_mcs)
4847{
4848 /* parse ht_mcs into hex array */
4849 int i;
4850 const char *tmp = ht_mcs;
4851 char *end = NULL;
4852
4853 /* If ht_mcs is null, do not set anything */
4854 if (!ht_mcs)
4855 return 0;
4856
4857 /* This is what we are setting in the kernel */
4858 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4859
4860 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4861
4862 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4863 long v;
4864
80e8a5ee 4865 errno = 0;
30eddf35
JB		 4866 v = strtol(tmp, &end, 16);
4867
80e8a5ee
BG		 4868 if (errno == 0) {
4869 wpa_msg(wpa_s, MSG_DEBUG,
4870 "htcap value[%i]: %ld end: %p tmp: %p",
4871 i, v, end, tmp);
4872 if (end == tmp)
4873 break;
4874
4875 htcaps->supported_mcs_set[i] = v;
4876 tmp = end;
4877 } else {
4878 wpa_msg(wpa_s, MSG_ERROR,
4879 "Failed to parse ht-mcs: %s, error: %s\n",
4880 ht_mcs, strerror(errno));
4881 return -1;
4882 }
4883 }
4884
4885 /*
4886 * If we were able to parse any values, then set mask for the MCS set.
4887 */
4888 if (i) {
4889 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4890 IEEE80211_HT_MCS_MASK_LEN - 1);
4891 /* skip the 3 reserved bits */
4892 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4893 0x1f;
4894 }
4895
4896 return 0;
4897}
4898
4899
4900static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4901 struct ieee80211_ht_capabilities *htcaps,
4902 struct ieee80211_ht_capabilities *htcaps_mask,
4903 int disabled)
4904{
5bc28571 4905 le16 msk;
80e8a5ee 4906
80e8a5ee
BG		 4907 if (disabled == -1)
4908 return 0;
4909
bbdb5014
JM		 4910 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4911
80e8a5ee
BG		 4912 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4913 htcaps_mask->ht_capabilities_info |= msk;
4914 if (disabled)
4915 htcaps->ht_capabilities_info &= msk;
4916 else
4917 htcaps->ht_capabilities_info |= msk;
4918
4919 return 0;
4920}
4921
4922
4923static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4924 struct ieee80211_ht_capabilities *htcaps,
4925 struct ieee80211_ht_capabilities *htcaps_mask,
4926 int factor)
4927{
80e8a5ee
BG		 4928 if (factor == -1)
4929 return 0;
4930
bbdb5014
JM		 4931 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4932
80e8a5ee
BG		 4933 if (factor < 0 || factor > 3) {
4934 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4935 "Must be 0-3 or -1", factor);
4936 return -EINVAL;
4937 }
4938
4939 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4940 htcaps->a_mpdu_params &= ~0x3;
4941 htcaps->a_mpdu_params |= factor & 0x3;
4942
4943 return 0;
4944}
4945
4946
4947static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4948 struct ieee80211_ht_capabilities *htcaps,
4949 struct ieee80211_ht_capabilities *htcaps_mask,
4950 int density)
4951{
80e8a5ee
BG		 4952 if (density == -1)
4953 return 0;
4954
bbdb5014
JM		 4955 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4956
80e8a5ee
BG		 4957 if (density < 0 || density > 7) {
4958 wpa_msg(wpa_s, MSG_ERROR,
4959 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4960 density);
4961 return -EINVAL;
4962 }
4963
4964 htcaps_mask->a_mpdu_params |= 0x1C;
4965 htcaps->a_mpdu_params &= ~(0x1C);
4966 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4967
4968 return 0;
4969}
4970
4971
4972static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4973 struct ieee80211_ht_capabilities *htcaps,
4974 struct ieee80211_ht_capabilities *htcaps_mask,
4975 int disabled)
4976{
bbdb5014
JM		 4977 if (disabled)
4978 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
80e8a5ee 4979
9eb5757a
MH		 4980 set_disable_ht40(htcaps, disabled);
4981 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4982
4983 return 0;
4984}
4985
4986
a90497f8
BG		 4987static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4988 struct ieee80211_ht_capabilities *htcaps,
4989 struct ieee80211_ht_capabilities *htcaps_mask,
4990 int disabled)
4991{
4992 /* Masking these out disables SGI */
5bc28571
JM		 4993 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4994 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8 4995
bbdb5014
JM		 4996 if (disabled)
4997 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
a90497f8
BG		 4998
4999 if (disabled)
5000 htcaps->ht_capabilities_info &= ~msk;
5001 else
5002 htcaps->ht_capabilities_info |= msk;
5003
5004 htcaps_mask->ht_capabilities_info |= msk;
5005
5006 return 0;
5007}
5008
5009
39a5800f
PK		 5010static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5011 struct ieee80211_ht_capabilities *htcaps,
5012 struct ieee80211_ht_capabilities *htcaps_mask,
5013 int disabled)
5014{
5015 /* Masking these out disables LDPC */
5bc28571 5016 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f 5017
bbdb5014
JM		 5018 if (disabled)
5019 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
39a5800f
PK		 5020
5021 if (disabled)
5022 htcaps->ht_capabilities_info &= ~msk;
5023 else
5024 htcaps->ht_capabilities_info |= msk;
5025
5026 htcaps_mask->ht_capabilities_info |= msk;
5027
5028 return 0;
5029}
5030
5031
cdeea70f
SM		 5032static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5033 struct ieee80211_ht_capabilities *htcaps,
5034 struct ieee80211_ht_capabilities *htcaps_mask,
5035 int tx_stbc)
5036{
5037 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5038
cdeea70f
SM		 5039 if (tx_stbc == -1)
5040 return 0;
5041
bbdb5014
JM		 5042 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5043
cdeea70f
SM		 5044 if (tx_stbc < 0 || tx_stbc > 1) {
5045 wpa_msg(wpa_s, MSG_ERROR,
5046 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5047 return -EINVAL;
5048 }
5049
5050 htcaps_mask->ht_capabilities_info |= msk;
5051 htcaps->ht_capabilities_info &= ~msk;
5052 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5053
5054 return 0;
5055}
5056
5057
5058static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5059 struct ieee80211_ht_capabilities *htcaps,
5060 struct ieee80211_ht_capabilities *htcaps_mask,
5061 int rx_stbc)
5062{
5063 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5064
cdeea70f
SM		 5065 if (rx_stbc == -1)
5066 return 0;
5067
bbdb5014
JM		 5068 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5069
cdeea70f
SM		 5070 if (rx_stbc < 0 || rx_stbc > 3) {
5071 wpa_msg(wpa_s, MSG_ERROR,
5072 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5073 return -EINVAL;
5074 }
5075
5076 htcaps_mask->ht_capabilities_info |= msk;
5077 htcaps->ht_capabilities_info &= ~msk;
5078 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5079
5080 return 0;
5081}
5082
5083
80e8a5ee
BG		 5084void wpa_supplicant_apply_ht_overrides(
5085 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5086 struct wpa_driver_associate_params *params)
5087{
5088 struct ieee80211_ht_capabilities *htcaps;
5089 struct ieee80211_ht_capabilities *htcaps_mask;
5090
5091 if (!ssid)
5092 return;
5093
5094 params->disable_ht = ssid->disable_ht;
5095 if (!params->htcaps || !params->htcaps_mask)
5096 return;
5097
5098 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5099 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5100 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5101 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5102 ssid->disable_max_amsdu);
5103 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5104 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5105 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 5106 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 5107 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
cdeea70f
SM		 5108 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5109 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
d41cc8cc
JM		 5110
5111 if (ssid->ht40_intolerant) {
5bc28571 5112 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 5113 htcaps->ht_capabilities_info |= bit;
5114 htcaps_mask->ht_capabilities_info |= bit;
5115 }
80e8a5ee
BG		 5116}
5117
5118#endif /* CONFIG_HT_OVERRIDES */
5119
5120
e9ee8dc3
JB		 5121#ifdef CONFIG_VHT_OVERRIDES
5122void wpa_supplicant_apply_vht_overrides(
5123 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5124 struct wpa_driver_associate_params *params)
5125{
5126 struct ieee80211_vht_capabilities *vhtcaps;
5127 struct ieee80211_vht_capabilities *vhtcaps_mask;
5128
5129 if (!ssid)
5130 return;
5131
5132 params->disable_vht = ssid->disable_vht;
5133
5134 vhtcaps = (void *) params->vhtcaps;
5135 vhtcaps_mask = (void *) params->vhtcaps_mask;
5136
5137 if (!vhtcaps || !vhtcaps_mask)
5138 return;
5139
4d8d710f
JM		 5140 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5141 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 5142
4f560cde 5143#ifdef CONFIG_HT_OVERRIDES
fd83a808
BG		 5144 if (ssid->disable_sgi) {
5145 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5146 VHT_CAP_SHORT_GI_160);
5147 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5148 VHT_CAP_SHORT_GI_160);
5149 wpa_msg(wpa_s, MSG_DEBUG,
5150 "disable-sgi override specified, vht-caps: 0x%x",
5151 vhtcaps->vht_capabilities_info);
5152 }
5153
4f560cde 5154 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 5155 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5156 int max_ampdu;
5157
5158 max_ampdu = (ssid->vht_capa &
5159 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5160 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 5161
5162 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5163 wpa_set_ampdu_factor(wpa_s,
5164 (void *) params->htcaps,
5165 (void *) params->htcaps_mask,
5166 max_ampdu);
5167 }
5168#endif /* CONFIG_HT_OVERRIDES */
5169
e9ee8dc3
JB		 5170#define OVERRIDE_MCS(i) \
5171 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5172 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 5173 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5174 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 5175 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5176 2 * (i - 1)); \
e9ee8dc3
JB		 5177 } \
5178 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5179 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 5180 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5181 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 5182 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5183 2 * (i - 1)); \
e9ee8dc3
JB		 5184 }
5185
5186 OVERRIDE_MCS(1);
5187 OVERRIDE_MCS(2);
5188 OVERRIDE_MCS(3);
5189 OVERRIDE_MCS(4);
5190 OVERRIDE_MCS(5);
5191 OVERRIDE_MCS(6);
5192 OVERRIDE_MCS(7);
5193 OVERRIDE_MCS(8);
5194}
5195#endif /* CONFIG_VHT_OVERRIDES */
5196
5197
f64adcd7
JM		 5198static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5199{
5200#ifdef PCSC_FUNCS
5201 size_t len;
5202
5203 if (!wpa_s->conf->pcsc_reader)
5204 return 0;
5205
22cf7d73 5206 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 5207 if (!wpa_s->scard)
5208 return 1;
5209
5210 if (wpa_s->conf->pcsc_pin &&
5211 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5212 scard_deinit(wpa_s->scard);
5213 wpa_s->scard = NULL;
5214 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5215 return -1;
5216 }
5217
5218 len = sizeof(wpa_s->imsi) - 1;
5219 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5220 scard_deinit(wpa_s->scard);
5221 wpa_s->scard = NULL;
5222 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5223 return -1;
5224 }
5225 wpa_s->imsi[len] = '\0';
5226
5227 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5228
5229 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5230 wpa_s->imsi, wpa_s->mnc_len);
5231
5232 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5233 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5234#endif /* PCSC_FUNCS */
5235
5236 return 0;
5237}
5238
5239
306ae225
JM		 5240int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5241{
5242 char *val, *pos;
5243
5244 ext_password_deinit(wpa_s->ext_pw);
5245 wpa_s->ext_pw = NULL;
5246 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5247
5248 if (!wpa_s->conf->ext_password_backend)
5249 return 0;
5250
5251 val = os_strdup(wpa_s->conf->ext_password_backend);
5252 if (val == NULL)
5253 return -1;
5254 pos = os_strchr(val, ':');
5255 if (pos)
5256 *pos++ = '\0';
5257
5258 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5259
5260 wpa_s->ext_pw = ext_password_init(val, pos);
5261 os_free(val);
5262 if (wpa_s->ext_pw == NULL) {
5263 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5264 return -1;
5265 }
5266 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5267
5268 return 0;
5269}
5270
5271
b36a3a65
AN		 5272#ifdef CONFIG_FST
5273
5274static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5275{
5276 struct wpa_supplicant *wpa_s = ctx;
5277
5278 return (is_zero_ether_addr(wpa_s->bssid) ||
5279 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5280}
5281
5282
5283static void wpas_fst_get_channel_info_cb(void *ctx,
5284 enum hostapd_hw_mode *hw_mode,
5285 u8 *channel)
5286{
5287 struct wpa_supplicant *wpa_s = ctx;
5288
5289 if (wpa_s->current_bss) {
5290 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5291 channel);
5292 } else if (wpa_s->hw.num_modes) {
5293 *hw_mode = wpa_s->hw.modes[0].mode;
5294 } else {
5295 WPA_ASSERT(0);
5296 *hw_mode = 0;
5297 }
5298}
5299
5300
5301static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5302{
5303 struct wpa_supplicant *wpa_s = ctx;
5304
5305 *modes = wpa_s->hw.modes;
5306 return wpa_s->hw.num_modes;
5307}
5308
5309
84bcb4e7 5310static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 5311{
5312 struct wpa_supplicant *wpa_s = ctx;
5313
b7a07937 5314 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 5315 wpa_s->fst_ies = fst_ies;
5316}
5317
5318
5319static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5320{
5321 struct wpa_supplicant *wpa_s = ctx;
5322
0da35523
JM		 5323 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5324 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5325 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5326 return -1;
5327 }
b36a3a65 5328 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 5329 wpa_s->own_addr, wpa_s->bssid,
5330 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 5331 0);
5332}
5333
5334
a0f04da5 5335static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 5336{
5337 struct wpa_supplicant *wpa_s = ctx;
5338
5339 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5340 return wpa_s->received_mb_ies;
5341}
5342
5343
5344static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5345 const u8 *buf, size_t size)
5346{
5347 struct wpa_supplicant *wpa_s = ctx;
5348 struct mb_ies_info info;
5349
5350 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5351
5352 if (!mb_ies_info_by_ies(&info, buf, size)) {
5353 wpabuf_free(wpa_s->received_mb_ies);
5354 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5355 }
5356}
5357
5358
39cdd3a0
JM		 5359static const u8 * wpas_fst_get_peer_first(void *ctx,
5360 struct fst_get_peer_ctx **get_ctx,
5361 Boolean mb_only)
b36a3a65
AN		 5362{
5363 struct wpa_supplicant *wpa_s = ctx;
5364
5365 *get_ctx = NULL;
5366 if (!is_zero_ether_addr(wpa_s->bssid))
5367 return (wpa_s->received_mb_ies || !mb_only) ?
5368 wpa_s->bssid : NULL;
5369 return NULL;
5370}
5371
5372
39cdd3a0
JM		 5373static const u8 * wpas_fst_get_peer_next(void *ctx,
5374 struct fst_get_peer_ctx **get_ctx,
5375 Boolean mb_only)
b36a3a65
AN		 5376{
5377 return NULL;
5378}
5379
5380void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5381 struct fst_wpa_obj *iface_obj)
5382{
5383 iface_obj->ctx = wpa_s;
5384 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5385 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5386 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5387 iface_obj->set_ies = wpas_fst_set_ies_cb;
5388 iface_obj->send_action = wpas_fst_send_action_cb;
5389 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5390 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5391 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5392 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5393}
5394#endif /* CONFIG_FST */
5395
a520bf4a 5396static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 5397 const struct wpa_driver_capa *capa)
e4fa8b12 5398{
88cb27c7
DS		 5399 struct wowlan_triggers *triggers;
5400 int ret = 0;
e4fa8b12
EP		 5401
5402 if (!wpa_s->conf->wowlan_triggers)
5403 return 0;
5404
88cb27c7
DS		 5405 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5406 if (triggers) {
5407 ret = wpa_drv_wowlan(wpa_s, triggers);
5408 os_free(triggers);
e4fa8b12 5409 }
e4fa8b12
EP		 5410 return ret;
5411}
5412
5413
2b6e9f91 5414enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 5415{
5416 if (freq < 3000)
5417 return BAND_2_4_GHZ;
5418 if (freq > 50000)
5419 return BAND_60_GHZ;
5420 return BAND_5_GHZ;
5421}
5422
5423
2b6e9f91 5424unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 5425{
5426 int i;
5427 unsigned int band = 0;
5428
5429 if (freqs) {
5430 /* freqs are specified for the radio work */
5431 for (i = 0; freqs[i]; i++)
5432 band |= wpas_freq_to_band(freqs[i]);
5433 } else {
5434 /*
5435 * freqs are not specified, implies all
5436 * the supported freqs by HW
5437 */
5438 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5439 if (wpa_s->hw.modes[i].num_channels != 0) {
5440 if (wpa_s->hw.modes[i].mode ==
5441 HOSTAPD_MODE_IEEE80211B ||
5442 wpa_s->hw.modes[i].mode ==
5443 HOSTAPD_MODE_IEEE80211G)
5444 band |= BAND_2_4_GHZ;
5445 else if (wpa_s->hw.modes[i].mode ==
5446 HOSTAPD_MODE_IEEE80211A)
5447 band |= BAND_5_GHZ;
5448 else if (wpa_s->hw.modes[i].mode ==
5449 HOSTAPD_MODE_IEEE80211AD)
5450 band |= BAND_60_GHZ;
5451 else if (wpa_s->hw.modes[i].mode ==
5452 HOSTAPD_MODE_IEEE80211ANY)
5453 band = BAND_2_4_GHZ | BAND_5_GHZ |
5454 BAND_60_GHZ;
5455 }
5456 }
5457 }
5458
5459 return band;
5460}
5461
5462
202dec2a
JM		 5463static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5464 const char *rn)
5465{
5466 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5467 struct wpa_radio *radio;
5468
5469 while (rn && iface) {
5470 radio = iface->radio;
5471 if (radio && os_strcmp(rn, radio->name) == 0) {
5472 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5473 wpa_s->ifname, rn);
5474 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5475 return radio;
5476 }
b154a24e
TB		 5477
5478 iface = iface->next;
202dec2a
JM		 5479 }
5480
5481 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5482 wpa_s->ifname, rn ? rn : "N/A");
5483 radio = os_zalloc(sizeof(*radio));
5484 if (radio == NULL)
5485 return NULL;
5486
5487 if (rn)
5488 os_strlcpy(radio->name, rn, sizeof(radio->name));
5489 dl_list_init(&radio->ifaces);
b1ae396f 5490 dl_list_init(&radio->work);
202dec2a
JM		 5491 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5492
5493 return radio;
5494}
5495
5496
b1ae396f
JM		 5497static void radio_work_free(struct wpa_radio_work *work)
5498{
d12a51b5
JM		 5499 if (work->wpa_s->scan_work == work) {
5500 /* This should not really happen. */
5501 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5502 work->type, work, work->started);
5503 work->wpa_s->scan_work = NULL;
5504 }
5505
1b5d4714
JM		 5506#ifdef CONFIG_P2P
5507 if (work->wpa_s->p2p_scan_work == work) {
5508 /* This should not really happen. */
5509 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5510 work->type, work, work->started);
5511 work->wpa_s->p2p_scan_work = NULL;
5512 }
5513#endif /* CONFIG_P2P */
5514
e903d32d
KV		 5515 if (work->started) {
5516 work->wpa_s->radio->num_active_works--;
5517 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 5518 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 5519 work->type, work,
5520 work->wpa_s->radio->num_active_works);
5521 }
5522
b1ae396f
JM		 5523 dl_list_del(&work->list);
5524 os_free(work);
5525}
5526
5527
4c6f450c
JM		 5528static int radio_work_is_connect(struct wpa_radio_work *work)
5529{
5530 return os_strcmp(work->type, "sme-connect") == 0 ||
5531 os_strcmp(work->type, "connect") == 0;
5532}
5533
5534
85b6b6b6
SD		 5535static int radio_work_is_scan(struct wpa_radio_work *work)
5536{
5537 return os_strcmp(work->type, "scan") == 0 ||
5538 os_strcmp(work->type, "p2p-scan") == 0;
5539}
5540
5541
e903d32d
KV		 5542static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5543{
5544 struct wpa_radio_work *active_work = NULL;
5545 struct wpa_radio_work *tmp;
5546
5547 /* Get the active work to know the type and band. */
5548 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5549 if (tmp->started) {
5550 active_work = tmp;
5551 break;
5552 }
5553 }
5554
5555 if (!active_work) {
5556 /* No active work, start one */
5557 radio->num_active_works = 0;
5558 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5559 list) {
5560 if (os_strcmp(tmp->type, "scan") == 0 &&
5561 radio->external_scan_running &&
5562 (((struct wpa_driver_scan_params *)
5563 tmp->ctx)->only_new_results ||
5564 tmp->wpa_s->clear_driver_scan_cache))
5565 continue;
5566 return tmp;
5567 }
5568 return NULL;
5569 }
5570
4c6f450c 5571 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 5572 /*
5573 * If the active work is either connect or sme-connect,
5574 * do not parallelize them with other radio works.
5575 */
5576 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5577 "Do not parallelize radio work with %s",
5578 active_work->type);
5579 return NULL;
5580 }
5581
5582 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5583 if (tmp->started)
5584 continue;
5585
5586 /*
5587 * If connect or sme-connect are enqueued, parallelize only
5588 * those operations ahead of them in the queue.
5589 */
4c6f450c 5590 if (radio_work_is_connect(tmp))
e903d32d
KV		 5591 break;
5592
85b6b6b6
SD		 5593 /* Serialize parallel scan and p2p_scan operations on the same
5594 * interface since the driver_nl80211 mechanism for tracking
5595 * scan cookies does not yet have support for this. */
5596 if (active_work->wpa_s == tmp->wpa_s &&
5597 radio_work_is_scan(active_work) &&
5598 radio_work_is_scan(tmp)) {
5599 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5600 "Do not start work '%s' when another work '%s' is already scheduled",
5601 tmp->type, active_work->type);
5602 continue;
5603 }
e903d32d
KV		 5604 /*
5605 * Check that the radio works are distinct and
5606 * on different bands.
5607 */
5608 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5609 (active_work->bands != tmp->bands)) {
5610 /*
5611 * If a scan has to be scheduled through nl80211 scan
5612 * interface and if an external scan is already running,
5613 * do not schedule the scan since it is likely to get
5614 * rejected by kernel.
5615 */
5616 if (os_strcmp(tmp->type, "scan") == 0 &&
5617 radio->external_scan_running &&
5618 (((struct wpa_driver_scan_params *)
5619 tmp->ctx)->only_new_results ||
5620 tmp->wpa_s->clear_driver_scan_cache))
5621 continue;
5622
5623 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5624 "active_work:%s new_work:%s",
5625 active_work->type, tmp->type);
5626 return tmp;
5627 }
5628 }
5629
5630 /* Did not find a radio work to schedule in parallel. */
5631 return NULL;
5632}
5633
5634
b1ae396f
JM		 5635static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5636{
5637 struct wpa_radio *radio = eloop_ctx;
5638 struct wpa_radio_work *work;
5639 struct os_reltime now, diff;
6428d0a7 5640 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 5641
5642 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 5643 if (work == NULL) {
5644 radio->num_active_works = 0;
b1ae396f 5645 return;
e903d32d 5646 }
b1ae396f 5647
6428d0a7
JM		 5648 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5649 radio_list);
e903d32d
KV		 5650
5651 if (!(wpa_s &&
5652 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5653 if (work->started)
5654 return; /* already started and still in progress */
5655
5656 if (wpa_s && wpa_s->radio->external_scan_running) {
5657 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5658 return;
5659 }
5660 } else {
5661 work = NULL;
5662 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5663 /* get the work to schedule next */
5664 work = radio_work_get_next_work(radio);
5665 }
5666 if (!work)
5667 return;
6428d0a7
JM		 5668 }
5669
e903d32d 5670 wpa_s = work->wpa_s;
b1ae396f
JM		 5671 os_get_reltime(&now);
5672 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5673 wpa_dbg(wpa_s, MSG_DEBUG,
5674 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5675 work->type, work, diff.sec, diff.usec);
5676 work->started = 1;
5677 work->time = now;
e903d32d
KV		 5678 radio->num_active_works++;
5679
b1ae396f 5680 work->cb(work, 0);
e903d32d
KV		 5681
5682 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5683 radio->num_active_works < MAX_ACTIVE_WORKS)
5684 radio_work_check_next(wpa_s);
b1ae396f
JM		 5685}
5686
5687
b3253ebb
AO		 5688/*
5689 * This function removes both started and pending radio works running on
5690 * the provided interface's radio.
5691 * Prior to the removal of the radio work, its callback (cb) is called with
5692 * deinit set to be 1. Each work's callback is responsible for clearing its
5693 * internal data and restoring to a correct state.
5694 * @wpa_s: wpa_supplicant data
5695 * @type: type of works to be removed
5696 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5697 * this interface's works.
5698 */
5699void radio_remove_works(struct wpa_supplicant *wpa_s,
5700 const char *type, int remove_all)
b1ae396f
JM		 5701{
5702 struct wpa_radio_work *work, *tmp;
5703 struct wpa_radio *radio = wpa_s->radio;
5704
5705 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5706 list) {
b3253ebb 5707 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5708 continue;
b3253ebb
AO		 5709
5710 /* skip other ifaces' works */
5711 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5712 continue;
b3253ebb
AO		 5713
5714 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5715 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5716 work->cb(work, 1);
5717 radio_work_free(work);
5718 }
b3253ebb
AO		 5719
5720 /* in case we removed the started work */
5721 radio_work_check_next(wpa_s);
b1ae396f
JM		 5722}
5723
5724
6a252ece
JM		 5725void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5726{
5727 struct wpa_radio_work *work;
5728 struct wpa_radio *radio = wpa_s->radio;
5729
5730 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5731 if (work->ctx != ctx)
5732 continue;
5733 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5734 work->type, work, work->started ? " (started)" : "");
5735 radio_work_free(work);
5736 break;
5737 }
5738}
5739
5740
202dec2a
JM		 5741static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5742{
5743 struct wpa_radio *radio = wpa_s->radio;
5744
5745 if (!radio)
5746 return;
5747
5748 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5749 wpa_s->ifname, radio->name);
5750 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5751 radio_remove_works(wpa_s, NULL, 0);
5752 wpa_s->radio = NULL;
5753 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5754 return; /* Interfaces remain for this radio */
5755
5756 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5757 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5758 os_free(radio);
5759}
5760
5761
6428d0a7 5762void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5763{
5764 struct wpa_radio *radio = wpa_s->radio;
5765
5766 if (dl_list_empty(&radio->work))
5767 return;
e3745228
JM		 5768 if (wpa_s->ext_work_in_progress) {
5769 wpa_printf(MSG_DEBUG,
5770 "External radio work in progress - delay start of pending item");
5771 return;
5772 }
b1ae396f
JM		 5773 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5774 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5775}
5776
5777
5778/**
5779 * radio_add_work - Add a radio work item
5780 * @wpa_s: Pointer to wpa_supplicant data
5781 * @freq: Frequency of the offchannel operation in MHz or 0
5782 * @type: Unique identifier for each type of work
5783 * @next: Force as the next work to be executed
5784 * @cb: Callback function for indicating when radio is available
5785 * @ctx: Context pointer for the work (work->ctx in cb())
5786 * Returns: 0 on success, -1 on failure
5787 *
5788 * This function is used to request time for an operation that requires
5789 * exclusive radio control. Once the radio is available, the registered callback
5790 * function will be called. radio_work_done() must be called once the exclusive
5791 * radio operation has been completed, so that the radio is freed for other
5792 * operations. The special case of deinit=1 is used to free the context data
5793 * during interface removal. That does not allow the callback function to start
5794 * the radio operation, i.e., it must free any resources allocated for the radio
5795 * work and return.
5796 *
5797 * The @freq parameter can be used to indicate a single channel on which the
5798 * offchannel operation will occur. This may allow multiple radio work
5799 * operations to be performed in parallel if they apply for the same channel.
5800 * Setting this to 0 indicates that the work item may use multiple channels or
5801 * requires exclusive control of the radio.
5802 */
5803int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5804 const char *type, int next,
5805 void (*cb)(struct wpa_radio_work *work, int deinit),
5806 void *ctx)
5807{
e903d32d 5808 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5809 struct wpa_radio_work *work;
5810 int was_empty;
5811
5812 work = os_zalloc(sizeof(*work));
5813 if (work == NULL)
5814 return -1;
5815 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5816 os_get_reltime(&work->time);
5817 work->freq = freq;
5818 work->type = type;
5819 work->wpa_s = wpa_s;
5820 work->cb = cb;
5821 work->ctx = ctx;
5822
e903d32d
KV		 5823 if (freq)
5824 work->bands = wpas_freq_to_band(freq);
5825 else if (os_strcmp(type, "scan") == 0 ||
5826 os_strcmp(type, "p2p-scan") == 0)
5827 work->bands = wpas_get_bands(wpa_s,
5828 ((struct wpa_driver_scan_params *)
5829 ctx)->freqs);
5830 else
5831 work->bands = wpas_get_bands(wpa_s, NULL);
5832
b1ae396f
JM		 5833 was_empty = dl_list_empty(&wpa_s->radio->work);
5834 if (next)
5835 dl_list_add(&wpa_s->radio->work, &work->list);
5836 else
5837 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5838 if (was_empty) {
5839 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5840 radio_work_check_next(wpa_s);
e903d32d
KV		 5841 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5842 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5843 wpa_dbg(wpa_s, MSG_DEBUG,
5844 "Try to schedule a radio work (num_active_works=%u)",
5845 radio->num_active_works);
5846 radio_work_check_next(wpa_s);
b1ae396f
JM		 5847 }
5848
5849 return 0;
5850}
5851
5852
5853/**
5854 * radio_work_done - Indicate that a radio work item has been completed
5855 * @work: Completed work
5856 *
5857 * This function is called once the callback function registered with
5858 * radio_add_work() has completed its work.
5859 */
5860void radio_work_done(struct wpa_radio_work *work)
5861{
5862 struct wpa_supplicant *wpa_s = work->wpa_s;
5863 struct os_reltime now, diff;
1f965e62 5864 unsigned int started = work->started;
b1ae396f
JM		 5865
5866 os_get_reltime(&now);
5867 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5868 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5869 work->type, work, started ? "done" : "canceled",
5870 diff.sec, diff.usec);
b1ae396f 5871 radio_work_free(work);
1f965e62
JM		 5872 if (started)
5873 radio_work_check_next(wpa_s);
b1ae396f
JM		 5874}
5875
5876
a7f5271d
JM		 5877struct wpa_radio_work *
5878radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5879{
5880 struct wpa_radio_work *work;
5881 struct wpa_radio *radio = wpa_s->radio;
5882
5883 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5884 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5885 return work;
f0e30c84
JM		 5886 }
5887
a7f5271d 5888 return NULL;
f0e30c84
JM		 5889}
5890
5891
73c00fd7 5892static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5893 const struct wpa_interface *iface)
73c00fd7 5894{
202dec2a 5895 const char *ifname, *driver, *rn;
73c00fd7
JM		 5896
5897 driver = iface->driver;
5898next_driver:
5899 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5900 return -1;
5901
5902 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5903 if (wpa_s->drv_priv == NULL) {
5904 const char *pos;
5905 pos = driver ? os_strchr(driver, ',') : NULL;
5906 if (pos) {
5907 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5908 "driver interface - try next driver wrapper");
5909 driver = pos + 1;
5910 goto next_driver;
5911 }
5912 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5913 "interface");
5914 return -1;
5915 }
5916 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5917 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5918 "driver_param '%s'", wpa_s->conf->driver_param);
5919 return -1;
5920 }
5921
5922 ifname = wpa_drv_get_ifname(wpa_s);
5923 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5924 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5925 "interface name with '%s'", ifname);
5926 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5927 }
5928
95bf699f 5929 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5930 if (rn && rn[0] == '\0')
5931 rn = NULL;
5932
5933 wpa_s->radio = radio_add_interface(wpa_s, rn);
5934 if (wpa_s->radio == NULL)
5935 return -1;
5936
73c00fd7
JM		 5937 return 0;
5938}
5939
5940
461d39af
JM		 5941#ifdef CONFIG_GAS_SERVER
5942
5943static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5944 unsigned int freq, const u8 *dst,
5945 const u8 *src, const u8 *bssid,
5946 const u8 *data, size_t data_len,
5947 enum offchannel_send_action_result result)
5948{
5949 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5950 " result=%s",
5951 freq, MAC2STR(dst),
5952 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5953 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5954 "FAILED"));
5955 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5956 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5957}
5958
5959
5960static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5961 struct wpabuf *buf, unsigned int wait_time)
5962{
5963 struct wpa_supplicant *wpa_s = ctx;
5964 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5965
5966 if (wait_time > wpa_s->max_remain_on_chan)
5967 wait_time = wpa_s->max_remain_on_chan;
5968
5969 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5970 wpabuf_head(buf), wpabuf_len(buf),
5971 wait_time, wpas_gas_server_tx_status, 0);
5972}
5973
5974#endif /* CONFIG_GAS_SERVER */
5975
6fc6879b 5976static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5977 const struct wpa_interface *iface)
6fc6879b 5978{
362f781e 5979 struct wpa_driver_capa capa;
6cbdb0c5 5980 int capa_res;
aa56e36d 5981 u8 dfs_domain;
362f781e 5982
6fc6879b
JM		 5983 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5984 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5985 iface->confname ? iface->confname : "N/A",
5986 iface->driver ? iface->driver : "default",
5987 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5988 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5989
6fc6879b
JM		 5990 if (iface->confname) {
5991#ifdef CONFIG_BACKEND_FILE
5992 wpa_s->confname = os_rel2abs_path(iface->confname);
5993 if (wpa_s->confname == NULL) {
5994 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5995 "for configuration file '%s'.",
5996 iface->confname);
5997 return -1;
5998 }
5999 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
6000 iface->confname, wpa_s->confname);
6001#else /* CONFIG_BACKEND_FILE */
6002 wpa_s->confname = os_strdup(iface->confname);
6003#endif /* CONFIG_BACKEND_FILE */
e6304cad 6004 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 6005 if (wpa_s->conf == NULL) {
6006 wpa_printf(MSG_ERROR, "Failed to read or parse "
6007 "configuration '%s'.", wpa_s->confname);
6008 return -1;
6009 }
e6304cad 6010 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 6011 if (wpa_s->confanother &&
6012 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6013 wpa_printf(MSG_ERROR,
6014 "Failed to read or parse configuration '%s'.",
6015 wpa_s->confanother);
6016 return -1;
6017 }
6fc6879b
JM		 6018
6019 /*
6020 * Override ctrl_interface and driver_param if set on command
6021 * line.
6022 */
6023 if (iface->ctrl_interface) {
6024 os_free(wpa_s->conf->ctrl_interface);
6025 wpa_s->conf->ctrl_interface =
6026 os_strdup(iface->ctrl_interface);
6027 }
6028
6029 if (iface->driver_param) {
6030 os_free(wpa_s->conf->driver_param);
6031 wpa_s->conf->driver_param =
6032 os_strdup(iface->driver_param);
6033 }
78f79fe5
JM		 6034
6035 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6036 os_free(wpa_s->conf->ctrl_interface);
6037 wpa_s->conf->ctrl_interface = NULL;
6038 }
6fc6879b
JM		 6039 } else
6040 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6041 iface->driver_param);
6042
6043 if (wpa_s->conf == NULL) {
6044 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6045 return -1;
6046 }
6047
6048 if (iface->ifname == NULL) {
6049 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6050 return -1;
6051 }
6052 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6053 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6054 iface->ifname);
6055 return -1;
6056 }
6057 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6058
6059 if (iface->bridge_ifname) {
6060 if (os_strlen(iface->bridge_ifname) >=
6061 sizeof(wpa_s->bridge_ifname)) {
6062 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6063 "name '%s'.", iface->bridge_ifname);
6064 return -1;
6065 }
6066 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6067 sizeof(wpa_s->bridge_ifname));
6068 }
6069
6fc6879b
JM		 6070 /* RSNA Supplicant Key Management - INITIALIZE */
6071 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
6072 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
6073
6074 /* Initialize driver interface and register driver event handler before
6075 * L2 receive handler so that association events are processed before
6076 * EAPOL-Key packets if both become available for the same select()
6077 * call. */
73c00fd7 6078 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 6079 return -1;
6080
6fc6879b
JM		 6081 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6082 return -1;
6083
6084 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6085 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6086 NULL);
6087 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6088
6089 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6090 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6091 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 6092 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6093 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 6094 return -1;
6095 }
6096
6097 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6098 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6099 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 6100 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 6101 "dot11RSNAConfigPMKReauthThreshold");
6102 return -1;
6103 }
6104
6105 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6106 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6107 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 6108 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6109 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 6110 return -1;
6111 }
6112
6bf731e8
CL		 6113 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6114 &wpa_s->hw.num_modes,
aa56e36d
VT		 6115 &wpa_s->hw.flags,
6116 &dfs_domain);
a1b790eb
JM		 6117 if (wpa_s->hw.modes) {
6118 u16 i;
6119
6120 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6121 if (wpa_s->hw.modes[i].vht_capab) {
6122 wpa_s->hw_capab = CAPAB_VHT;
6123 break;
6124 }
6125
6126 if (wpa_s->hw.modes[i].ht_capab &
6127 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6128 wpa_s->hw_capab = CAPAB_HT40;
6129 else if (wpa_s->hw.modes[i].ht_capab &&
6130 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6131 wpa_s->hw_capab = CAPAB_HT;
6132 }
6133 }
6bf731e8 6134
6cbdb0c5
JM		 6135 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6136 if (capa_res == 0) {
c58ab8f2 6137 wpa_s->drv_capa_known = 1;
814782b9 6138 wpa_s->drv_flags = capa.flags;
349493bd 6139 wpa_s->drv_enc = capa.enc;
f936b73c 6140 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 6141 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 6142 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 6143 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 6144 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6145 wpa_s->max_sched_scan_plan_interval =
6146 capa.max_sched_scan_plan_interval;
6147 wpa_s->max_sched_scan_plan_iterations =
6148 capa.max_sched_scan_plan_iterations;
cbdf3507 6149 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 6150 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 6151 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 6152 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 6153 wpa_s->extended_capa = capa.extended_capa;
6154 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6155 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 6156 wpa_s->num_multichan_concurrent =
6157 capa.num_multichan_concurrent;
471cd6e1 6158 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 6159
6160 if (capa.mac_addr_rand_scan_supported)
6161 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6162 if (wpa_s->sched_scan_supported &&
6163 capa.mac_addr_rand_sched_scan_supported)
6164 wpa_s->mac_addr_rand_supported |=
6165 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
2a93ecc8
JM		 6166
6167 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6168 if (wpa_s->extended_capa &&
6169 wpa_s->extended_capa_len >= 3 &&
6170 wpa_s->extended_capa[2] & 0x40)
6171 wpa_s->multi_bss_support = 1;
814782b9
JM		 6172 }
6173 if (wpa_s->max_remain_on_chan == 0)
6174 wpa_s->max_remain_on_chan = 1000;
6175
c68f6200
AS		 6176 /*
6177 * Only take p2p_mgmt parameters when P2P Device is supported.
6178 * Doing it here as it determines whether l2_packet_init() will be done
6179 * during wpa_supplicant_driver_init().
6180 */
6181 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6182 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 6183
4752147d
IP		 6184 if (wpa_s->num_multichan_concurrent == 0)
6185 wpa_s->num_multichan_concurrent = 1;
6186
6fc6879b
JM		 6187 if (wpa_supplicant_driver_init(wpa_s) < 0)
6188 return -1;
6189
281ff0aa 6190#ifdef CONFIG_TDLS
8fb2b357 6191 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 6192 return -1;
6193#endif /* CONFIG_TDLS */
6194
315ce40a
JM		 6195 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6196 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 6197 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 6198 return -1;
6199 }
6200
b36a3a65
AN		 6201#ifdef CONFIG_FST
6202 if (wpa_s->conf->fst_group_id) {
6203 struct fst_iface_cfg cfg;
6204 struct fst_wpa_obj iface_obj;
6205
6206 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6207 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6208 sizeof(cfg.group_id));
6209 cfg.priority = wpa_s->conf->fst_priority;
6210 cfg.llt = wpa_s->conf->fst_llt;
6211
6212 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6213 &iface_obj, &cfg);
6214 if (!wpa_s->fst) {
6215 wpa_msg(wpa_s, MSG_ERROR,
6216 "FST: Cannot attach iface %s to group %s",
6217 wpa_s->ifname, cfg.group_id);
6218 return -1;
6219 }
6220 }
6221#endif /* CONFIG_FST */
6222
116654ce
JM		 6223 if (wpas_wps_init(wpa_s))
6224 return -1;
6225
461d39af
JM		 6226#ifdef CONFIG_GAS_SERVER
6227 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6228 if (!wpa_s->gas_server) {
6229 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6230 return -1;
6231 }
6232#endif /* CONFIG_GAS_SERVER */
6233
be27e185
JM		 6234#ifdef CONFIG_DPP
6235 if (wpas_dpp_init(wpa_s) < 0)
6236 return -1;
6237#endif /* CONFIG_DPP */
6238
6fc6879b
JM		 6239 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6240 return -1;
6241 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6242
6243 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6244 if (wpa_s->ctrl_iface == NULL) {
6245 wpa_printf(MSG_ERROR,
6246 "Failed to initialize control interface '%s'.\n"
6247 "You may have another wpa_supplicant process "
6248 "already running or the file was\n"
6249 "left by an unclean termination of wpa_supplicant "
6250 "in which case you will need\n"
6251 "to manually remove this file before starting "
6252 "wpa_supplicant again.\n",
6253 wpa_s->conf->ctrl_interface);
6254 return -1;
6255 }
6256
04ea7b79
JM		 6257 wpa_s->gas = gas_query_init(wpa_s);
6258 if (wpa_s->gas == NULL) {
6259 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6260 return -1;
6261 }
6262
8fb2b357
VV		 6263 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6264 wpa_s->p2p_mgmt) &&
6265 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 6266 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 6267 return -1;
6268 }
b22128ef 6269
83922c2d
JM		 6270 if (wpa_bss_init(wpa_s) < 0)
6271 return -1;
83922c2d 6272
4d77d80e
MH		 6273#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6274#ifdef CONFIG_MESH
6275 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6276#endif /* CONFIG_MESH */
6277#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6278
e4fa8b12
EP		 6279 /*
6280 * Set Wake-on-WLAN triggers, if configured.
6281 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6282 * have effect anyway when the interface is down).
6283 */
6cbdb0c5 6284 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 6285 return -1;
6286
ec7b97ab
JM		 6287#ifdef CONFIG_EAP_PROXY
6288{
6289 size_t len;
b5db6e5d
VK		 6290 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6291 wpa_s->imsi, &len);
ec7b97ab
JM		 6292 if (wpa_s->mnc_len > 0) {
6293 wpa_s->imsi[len] = '\0';
6294 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6295 wpa_s->imsi, wpa_s->mnc_len);
6296 } else {
6297 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6298 }
6299}
6300#endif /* CONFIG_EAP_PROXY */
6301
f64adcd7
JM		 6302 if (pcsc_reader_init(wpa_s) < 0)
6303 return -1;
6304
306ae225
JM		 6305 if (wpas_init_ext_pw(wpa_s) < 0)
6306 return -1;
6307
b361d580
AK		 6308 wpas_rrm_reset(wpa_s);
6309
32c02261
AS		 6310 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6311
ca9968a0
JM		 6312#ifdef CONFIG_HS20
6313 hs20_init(wpa_s);
6314#endif /* CONFIG_HS20 */
92c6e2e3 6315#ifdef CONFIG_MBO
2e06cef8 6316 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
332aadb8
AP		 6317 if ((wpa_s->conf->oce & OCE_STA) &&
6318 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6319 wpa_s->enable_oce = OCE_STA;
6320 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6321 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6322 /* TODO: Need to add STA-CFON support */
6323 wpa_printf(MSG_ERROR,
6324 "OCE STA-CFON feature is not yet supported");
6325 }
6326 }
92c6e2e3
DS		 6327 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6328#endif /* CONFIG_MBO */
ca9968a0 6329
cc9985d1 6330 wpa_supplicant_set_default_scan_ies(wpa_s);
6331
6fc6879b
JM		 6332 return 0;
6333}
6334
6335
2ee055b3 6336static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 6337 int notify, int terminate)
6fc6879b 6338{
26fc96e8
JM		 6339 struct wpa_global *global = wpa_s->global;
6340 struct wpa_supplicant *iface, *prev;
6341
6342 if (wpa_s == wpa_s->parent)
6343 wpas_p2p_group_remove(wpa_s, "*");
6344
6345 iface = global->ifaces;
6346 while (iface) {
96a26ab7
LD		 6347 if (iface->p2pdev == wpa_s)
6348 iface->p2pdev = iface->parent;
26fc96e8
JM		 6349 if (iface == wpa_s || iface->parent != wpa_s) {
6350 iface = iface->next;
6351 continue;
6352 }
6353 wpa_printf(MSG_DEBUG,
6354 "Remove remaining child interface %s from parent %s",
6355 iface->ifname, wpa_s->ifname);
6356 prev = iface;
6357 iface = iface->next;
6358 wpa_supplicant_remove_iface(global, prev, terminate);
6359 }
6360
e679f140 6361 wpa_s->disconnected = 1;
6fc6879b 6362 if (wpa_s->drv_priv) {
02c21c02
ASB		 6363 /* Don't deauthenticate if WoWLAN is enabled */
6364 if (!wpa_drv_get_wowlan(wpa_s)) {
6365 wpa_supplicant_deauthenticate(
6366 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 6367
02c21c02
ASB		 6368 wpa_drv_set_countermeasures(wpa_s, 0);
6369 wpa_clear_keys(wpa_s, NULL);
6370 } else {
6371 wpa_msg(wpa_s, MSG_INFO,
6372 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6373 }
6fc6879b
JM		 6374 }
6375
8e56d189 6376 wpa_supplicant_cleanup(wpa_s);
bd10d938 6377 wpas_p2p_deinit_iface(wpa_s);
ab28911d 6378
1f965e62 6379 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 6380 radio_remove_interface(wpa_s);
6381
b36a3a65
AN		 6382#ifdef CONFIG_FST
6383 if (wpa_s->fst) {
6384 fst_detach(wpa_s->fst);
6385 wpa_s->fst = NULL;
6386 }
6387 if (wpa_s->received_mb_ies) {
6388 wpabuf_free(wpa_s->received_mb_ies);
6389 wpa_s->received_mb_ies = NULL;
6390 }
6391#endif /* CONFIG_FST */
6392
6fc6879b
JM		 6393 if (wpa_s->drv_priv)
6394 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 6395
6396 if (notify)
6397 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 6398
6399 if (terminate)
6400 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6401
6402 if (wpa_s->ctrl_iface) {
6403 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6404 wpa_s->ctrl_iface = NULL;
6405 }
6406
603a3f34
JL		 6407#ifdef CONFIG_MESH
6408 if (wpa_s->ifmsh) {
6409 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6410 wpa_s->ifmsh = NULL;
6411 }
6412#endif /* CONFIG_MESH */
6413
f0811516
DS		 6414 if (wpa_s->conf != NULL) {
6415 wpa_config_free(wpa_s->conf);
6416 wpa_s->conf = NULL;
6417 }
18e00b5e 6418
a80651d0 6419 os_free(wpa_s->ssids_from_scan_req);
16ef233b 6420 os_free(wpa_s->last_scan_freqs);
a80651d0 6421
18e00b5e 6422 os_free(wpa_s);
6fc6879b
JM		 6423}
6424
6425
2e997eec
RM		 6426#ifdef CONFIG_MATCH_IFACE
6427
6428/**
6429 * wpa_supplicant_match_iface - Match an interface description to a name
6430 * @global: Pointer to global data from wpa_supplicant_init()
6431 * @ifname: Name of the interface to match
6432 * Returns: Pointer to the created interface description or %NULL on failure
6433 */
6434struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6435 const char *ifname)
6436{
6437 int i;
6438 struct wpa_interface *iface, *miface;
6439
6440 for (i = 0; i < global->params.match_iface_count; i++) {
6441 miface = &global->params.match_ifaces[i];
6442 if (!miface->ifname ||
6443 fnmatch(miface->ifname, ifname, 0) == 0) {
6444 iface = os_zalloc(sizeof(*iface));
6445 if (!iface)
6446 return NULL;
6447 *iface = *miface;
6448 iface->ifname = ifname;
6449 return iface;
6450 }
6451 }
6452
6453 return NULL;
6454}
6455
6456
6457/**
6458 * wpa_supplicant_match_existing - Match existing interfaces
6459 * @global: Pointer to global data from wpa_supplicant_init()
6460 * Returns: 0 on success, -1 on failure
6461 */
6462static int wpa_supplicant_match_existing(struct wpa_global *global)
6463{
6464 struct if_nameindex *ifi, *ifp;
6465 struct wpa_supplicant *wpa_s;
6466 struct wpa_interface *iface;
6467
6468 ifp = if_nameindex();
6469 if (!ifp) {
6470 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6471 return -1;
6472 }
6473
6474 for (ifi = ifp; ifi->if_name; ifi++) {
6475 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6476 if (wpa_s)
6477 continue;
6478 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6479 if (iface) {
6480 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6481 os_free(iface);
6482 if (wpa_s)
6483 wpa_s->matched = 1;
6484 }
6485 }
6486
6487 if_freenameindex(ifp);
6488 return 0;
6489}
6490
6491#endif /* CONFIG_MATCH_IFACE */
6492
6493
6fc6879b
JM		 6494/**
6495 * wpa_supplicant_add_iface - Add a new network interface
6496 * @global: Pointer to global data from wpa_supplicant_init()
6497 * @iface: Interface configuration options
1772d348 6498 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 6499 * Returns: Pointer to the created interface or %NULL on failure
6500 *
6501 * This function is used to add new network interfaces for %wpa_supplicant.
6502 * This can be called before wpa_supplicant_run() to add interfaces before the
6503 * main event loop has been started. In addition, new interfaces can be added
6504 * dynamically while %wpa_supplicant is already running. This could happen,
6505 * e.g., when a hotplug network adapter is inserted.
6506 */
6507struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 6508 struct wpa_interface *iface,
6509 struct wpa_supplicant *parent)
6fc6879b
JM		 6510{
6511 struct wpa_supplicant *wpa_s;
d27df100 6512 struct wpa_interface t_iface;
8e56d189 6513 struct wpa_ssid *ssid;
6fc6879b
JM		 6514
6515 if (global == NULL || iface == NULL)
6516 return NULL;
6517
1772d348 6518 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 6519 if (wpa_s == NULL)
6520 return NULL;
6521
d8222ae3
JM		 6522 wpa_s->global = global;
6523
d27df100
JM		 6524 t_iface = *iface;
6525 if (global->params.override_driver) {
6526 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6527 "('%s' -> '%s')",
6528 iface->driver, global->params.override_driver);
6529 t_iface.driver = global->params.override_driver;
6530 }
6531 if (global->params.override_ctrl_interface) {
6532 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6533 "ctrl_interface ('%s' -> '%s')",
6534 iface->ctrl_interface,
6535 global->params.override_ctrl_interface);
6536 t_iface.ctrl_interface =
6537 global->params.override_ctrl_interface;
6538 }
6539 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 6540 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6541 iface->ifname);
df509539 6542 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 6543 return NULL;
6544 }
6545
21efc940
TB		 6546 if (iface->p2p_mgmt == 0) {
6547 /* Notify the control interfaces about new iface */
6548 if (wpas_notify_iface_added(wpa_s)) {
6549 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6550 return NULL;
6551 }
1bd3f426 6552
21efc940
TB		 6553 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6554 wpas_notify_network_added(wpa_s, ssid);
6555 }
8e56d189 6556
6fc6879b
JM		 6557 wpa_s->next = global->ifaces;
6558 global->ifaces = wpa_s;
6559
f049052b 6560 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 6561 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 6562
c3c4b3ed
JM		 6563#ifdef CONFIG_P2P
6564 if (wpa_s->global->p2p == NULL &&
74802c09 6565 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 6566 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 6567 wpas_p2p_add_p2pdev_interface(
6568 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 6569 wpa_printf(MSG_INFO,
6570 "P2P: Failed to enable P2P Device interface");
6571 /* Try to continue without. P2P will be disabled. */
6572 }
6573#endif /* CONFIG_P2P */
6574
6fc6879b
JM		 6575 return wpa_s;
6576}
6577
6578
6579/**
6580 * wpa_supplicant_remove_iface - Remove a network interface
6581 * @global: Pointer to global data from wpa_supplicant_init()
6582 * @wpa_s: Pointer to the network interface to be removed
6583 * Returns: 0 if interface was removed, -1 if interface was not found
6584 *
6585 * This function can be used to dynamically remove network interfaces from
6586 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6587 * addition, this function is used to remove all remaining interfaces when
6588 * %wpa_supplicant is terminated.
6589 */
6590int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 6591 struct wpa_supplicant *wpa_s,
6592 int terminate)
6fc6879b
JM		 6593{
6594 struct wpa_supplicant *prev;
5b78493f
MH		 6595#ifdef CONFIG_MESH
6596 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6597 char *ifname = NULL;
9b170991 6598 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 6599#endif /* CONFIG_MESH */
6fc6879b
JM		 6600
6601 /* Remove interface from the global list of interfaces */
6602 prev = global->ifaces;
6603 if (prev == wpa_s) {
6604 global->ifaces = wpa_s->next;
6605 } else {
6606 while (prev && prev->next != wpa_s)
6607 prev = prev->next;
6608 if (prev == NULL)
6609 return -1;
6610 prev->next = wpa_s->next;
6611 }
6612
f049052b 6613 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 6614
5b78493f
MH		 6615#ifdef CONFIG_MESH
6616 if (mesh_if_created) {
6617 ifname = os_strdup(wpa_s->ifname);
6618 if (ifname == NULL) {
6619 wpa_dbg(wpa_s, MSG_ERROR,
6620 "mesh: Failed to malloc ifname");
6621 return -1;
6622 }
6623 }
6624#endif /* CONFIG_MESH */
6625
b22128ef
JM		 6626 if (global->p2p_group_formation == wpa_s)
6627 global->p2p_group_formation = NULL;
dbca75f8
JM		 6628 if (global->p2p_invite_group == wpa_s)
6629 global->p2p_invite_group = NULL;
df509539 6630 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 6631
5b78493f
MH		 6632#ifdef CONFIG_MESH
6633 if (mesh_if_created) {
9b170991 6634 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 6635 os_free(ifname);
6636 }
6637#endif /* CONFIG_MESH */
6638
6fc6879b
JM		 6639 return 0;
6640}
6641
6642
cf83fb0b
PS		 6643/**
6644 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6645 * @wpa_s: Pointer to the network interface
6646 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6647 */
6648const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6649{
6650 const char *eapol_method;
6651
6652 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6653 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6654 return "NO-EAP";
6655 }
6656
6657 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6658 if (eapol_method == NULL)
6659 return "UNKNOWN-EAP";
6660
6661 return eapol_method;
6662}
6663
6664
6fc6879b
JM		 6665/**
6666 * wpa_supplicant_get_iface - Get a new network interface
6667 * @global: Pointer to global data from wpa_supplicant_init()
6668 * @ifname: Interface name
6669 * Returns: Pointer to the interface or %NULL if not found
6670 */
6671struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6672 const char *ifname)
6673{
6674 struct wpa_supplicant *wpa_s;
6675
6676 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6677 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6678 return wpa_s;
6679 }
6680 return NULL;
6681}
6682
6683
50b16da1 6684#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6685static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6686{
6687 struct wpa_supplicant *wpa_s = ctx;
6688 if (wpa_s == NULL)
6689 return NULL;
6690 return wpa_s->ifname;
6691}
50b16da1 6692#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6693
6694
8c0d0ff2
JM		 6695#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6696#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6697#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6698
6699/* Periodic cleanup tasks */
6700static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6701{
6702 struct wpa_global *global = eloop_ctx;
6703 struct wpa_supplicant *wpa_s;
6704
6705 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6706 wpas_periodic, global, NULL);
6707
6708#ifdef CONFIG_P2P
6709 if (global->p2p)
6710 p2p_expire_peers(global->p2p);
6711#endif /* CONFIG_P2P */
6712
3188aaba 6713 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6714 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6715#ifdef CONFIG_AP
6716 ap_periodic(wpa_s);
6717#endif /* CONFIG_AP */
6718 }
8c0d0ff2
JM		 6719}
6720
6721
6fc6879b
JM		 6722/**
6723 * wpa_supplicant_init - Initialize %wpa_supplicant
6724 * @params: Parameters for %wpa_supplicant
6725 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6726 *
6727 * This function is used to initialize %wpa_supplicant. After successful
6728 * initialization, the returned data pointer can be used to add and remove
6729 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6730 */
6731struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6732{
6733 struct wpa_global *global;
ac305589 6734 int ret, i;
6fc6879b
JM		 6735
6736 if (params == NULL)
6737 return NULL;
6738
39e7d718
JM		 6739#ifdef CONFIG_DRIVER_NDIS
6740 {
6741 void driver_ndis_init_ops(void);
6742 driver_ndis_init_ops();
6743 }
6744#endif /* CONFIG_DRIVER_NDIS */
6745
50b16da1 6746#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6747 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6748#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6749
f4637fe0
JM		 6750 if (params->wpa_debug_file_path)
6751 wpa_debug_open_file(params->wpa_debug_file_path);
53661e3a 6752 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
f4637fe0 6753 wpa_debug_setup_stdout();
daa70d49
SL		 6754 if (params->wpa_debug_syslog)
6755 wpa_debug_open_syslog();
4f68895e
JB		 6756 if (params->wpa_debug_tracing) {
6757 ret = wpa_debug_open_linux_tracing();
6758 if (ret) {
6759 wpa_printf(MSG_ERROR,
6760 "Failed to enable trace logging");
6761 return NULL;
6762 }
6763 }
6fc6879b 6764
12760815 6765 ret = eap_register_methods();
6fc6879b
JM		 6766 if (ret) {
6767 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6768 if (ret == -2)
6769 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6770 "the same EAP type.");
6771 return NULL;
6772 }
6773
6774 global = os_zalloc(sizeof(*global));
6775 if (global == NULL)
6776 return NULL;
b22128ef
JM		 6777 dl_list_init(&global->p2p_srv_bonjour);
6778 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6779 global->params.daemonize = params->daemonize;
6780 global->params.wait_for_monitor = params->wait_for_monitor;
6781 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6782 if (params->pid_file)
6783 global->params.pid_file = os_strdup(params->pid_file);
6784 if (params->ctrl_interface)
6785 global->params.ctrl_interface =
6786 os_strdup(params->ctrl_interface);
29257565
JM		 6787 if (params->ctrl_interface_group)
6788 global->params.ctrl_interface_group =
6789 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6790 if (params->override_driver)
6791 global->params.override_driver =
6792 os_strdup(params->override_driver);
6793 if (params->override_ctrl_interface)
6794 global->params.override_ctrl_interface =
6795 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6796#ifdef CONFIG_MATCH_IFACE
6797 global->params.match_iface_count = params->match_iface_count;
6798 if (params->match_iface_count) {
6799 global->params.match_ifaces =
6800 os_calloc(params->match_iface_count,
6801 sizeof(struct wpa_interface));
6802 os_memcpy(global->params.match_ifaces,
6803 params->match_ifaces,
6804 params->match_iface_count *
6805 sizeof(struct wpa_interface));
6806 }
6807#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6808#ifdef CONFIG_P2P
6809 if (params->conf_p2p_dev)
6810 global->params.conf_p2p_dev =
6811 os_strdup(params->conf_p2p_dev);
6812#endif /* CONFIG_P2P */
6fc6879b
JM		 6813 wpa_debug_level = global->params.wpa_debug_level =
6814 params->wpa_debug_level;
6815 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6816 params->wpa_debug_show_keys;
6817 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6818 params->wpa_debug_timestamp;
6819
f19858f5
JM		 6820 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6821
0456ea16 6822 if (eloop_init()) {
6fc6879b
JM		 6823 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6824 wpa_supplicant_deinit(global);
6825 return NULL;
6826 }
6827
38e24575 6828 random_init(params->entropy_file);
d47fa330 6829
6fc6879b
JM		 6830 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6831 if (global->ctrl_iface == NULL) {
6832 wpa_supplicant_deinit(global);
6833 return NULL;
6834 }
6835
dc461de4
WS		 6836 if (wpas_notify_supplicant_initialized(global)) {
6837 wpa_supplicant_deinit(global);
6838 return NULL;
6fc6879b
JM		 6839 }
6840
c5121837 6841 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6842 global->drv_count++;
6843 if (global->drv_count == 0) {
6844 wpa_printf(MSG_ERROR, "No drivers enabled");
6845 wpa_supplicant_deinit(global);
6846 return NULL;
6847 }
faebdeaa 6848 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6849 if (global->drv_priv == NULL) {
6850 wpa_supplicant_deinit(global);
6851 return NULL;
6852 }
ac305589 6853
9675ce35
JM		 6854#ifdef CONFIG_WIFI_DISPLAY
6855 if (wifi_display_init(global) < 0) {
6856 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6857 wpa_supplicant_deinit(global);
6858 return NULL;
6859 }
6860#endif /* CONFIG_WIFI_DISPLAY */
6861
8c0d0ff2
JM		 6862 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6863 wpas_periodic, global, NULL);
6864
6fc6879b
JM		 6865 return global;
6866}
6867
6868
6869/**
6870 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6871 * @global: Pointer to global data from wpa_supplicant_init()
6872 * Returns: 0 after successful event loop run, -1 on failure
6873 *
6874 * This function starts the main event loop and continues running as long as
6875 * there are any remaining events. In most cases, this function is running as
6876 * long as the %wpa_supplicant process in still in use.
6877 */
6878int wpa_supplicant_run(struct wpa_global *global)
6879{
6880 struct wpa_supplicant *wpa_s;
6881
6882 if (global->params.daemonize &&
2e69bdd1
RM		 6883 (wpa_supplicant_daemon(global->params.pid_file) ||
6884 eloop_sock_requeue()))
6fc6879b
JM		 6885 return -1;
6886
2e997eec
RM		 6887#ifdef CONFIG_MATCH_IFACE
6888 if (wpa_supplicant_match_existing(global))
6889 return -1;
6890#endif
6891
6fc6879b
JM		 6892 if (global->params.wait_for_monitor) {
6893 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6894 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6895 wpa_supplicant_ctrl_iface_wait(
6896 wpa_s->ctrl_iface);
6897 }
6898
0456ea16
JM		 6899 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6900 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6901
6902 eloop_run();
6903
6904 return 0;
6905}
6906
6907
6908/**
6909 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6910 * @global: Pointer to global data from wpa_supplicant_init()
6911 *
6912 * This function is called to deinitialize %wpa_supplicant and to free all
6913 * allocated resources. Remaining network interfaces will also be removed.
6914 */
6915void wpa_supplicant_deinit(struct wpa_global *global)
6916{
ac305589
JM		 6917 int i;
6918
6fc6879b
JM		 6919 if (global == NULL)
6920 return;
6921
8c0d0ff2
JM		 6922 eloop_cancel_timeout(wpas_periodic, global, NULL);
6923
9675ce35
JM		 6924#ifdef CONFIG_WIFI_DISPLAY
6925 wifi_display_deinit(global);
6926#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6927
6fc6879b 6928 while (global->ifaces)
df509539 6929 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6930
6931 if (global->ctrl_iface)
6932 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6933
6934 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6935
6936 eap_peer_unregister_methods();
3ec97afe
JM		 6937#ifdef CONFIG_AP
6938 eap_server_unregister_methods();
6939#endif /* CONFIG_AP */
6fc6879b 6940
c5121837 6941 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6942 if (!global->drv_priv[i])
6943 continue;
c5121837 6944 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6945 }
6946 os_free(global->drv_priv);
6947
d47fa330
JM		 6948 random_deinit();
6949
6fc6879b
JM		 6950 eloop_destroy();
6951
6952 if (global->params.pid_file) {
6953 os_daemonize_terminate(global->params.pid_file);
6954 os_free(global->params.pid_file);
6955 }
6956 os_free(global->params.ctrl_interface);
29257565 6957 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6958 os_free(global->params.override_driver);
6959 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6960#ifdef CONFIG_MATCH_IFACE
6961 os_free(global->params.match_ifaces);
6962#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6963#ifdef CONFIG_P2P
6964 os_free(global->params.conf_p2p_dev);
6965#endif /* CONFIG_P2P */
6fc6879b 6966
af8a827b 6967 os_free(global->p2p_disallow_freq.range);
253f2e37 6968 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6969 os_free(global->add_psk);
6f3bc72b 6970
6fc6879b 6971 os_free(global);
daa70d49 6972 wpa_debug_close_syslog();
6fc6879b 6973 wpa_debug_close_file();
4f68895e 6974 wpa_debug_close_linux_tracing();
6fc6879b 6975}
611aea7d
JM		 6976
6977
6978void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6979{
849b5dc7
JM		 6980 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6981 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6982 char country[3];
6983 country[0] = wpa_s->conf->country[0];
6984 country[1] = wpa_s->conf->country[1];
6985 country[2] = '\0';
6986 if (wpa_drv_set_country(wpa_s, country) < 0) {
6987 wpa_printf(MSG_ERROR, "Failed to set country code "
6988 "'%s'", country);
6989 }
6990 }
6991
306ae225
JM		 6992 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6993 wpas_init_ext_pw(wpa_s);
6994
bea48f77
JM		 6995 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6996 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6997
3c7863f8
LD		 6998 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6999 struct wpa_driver_capa capa;
7000 int res = wpa_drv_get_capa(wpa_s, &capa);
7001
7002 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7003 wpa_printf(MSG_ERROR,
7004 "Failed to update wowlan_triggers to '%s'",
7005 wpa_s->conf->wowlan_triggers);
7006 }
7007
ef59f987
AB		 7008 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7009 wpa_supplicant_set_default_scan_ies(wpa_s);
7010
611aea7d
JM		 7011#ifdef CONFIG_WPS
7012 wpas_wps_update_config(wpa_s);
7013#endif /* CONFIG_WPS */
b22128ef 7014 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 7015 wpa_s->conf->changed_parameters = 0;
7016}
2f9c6aa6
JM		 7017
7018
e1117c1c 7019void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 7020{
7021 int i;
7022
7023 for (i = 0; i < *num_freqs; i++) {
7024 if (freqs[i] == freq)
7025 return;
7026 }
7027
7028 freqs[*num_freqs] = freq;
7029 (*num_freqs)++;
7030}
7031
7032
7033static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7034{
7035 struct wpa_bss *bss, *cbss;
7036 const int max_freqs = 10;
7037 int *freqs;
7038 int num_freqs = 0;
7039
faebdeaa 7040 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 7041 if (freqs == NULL)
7042 return NULL;
7043
7044 cbss = wpa_s->current_bss;
7045
7046 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7047 if (bss == cbss)
7048 continue;
7049 if (bss->ssid_len == cbss->ssid_len &&
7050 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7051 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
7052 add_freq(freqs, &num_freqs, bss->freq);
7053 if (num_freqs == max_freqs)
7054 break;
7055 }
7056 }
7057
7058 if (num_freqs == 0) {
7059 os_free(freqs);
7060 freqs = NULL;
7061 }
7062
7063 return freqs;
7064}
7065
7066
7067void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7068{
7069 int timeout;
7070 int count;
7071 int *freqs = NULL;
7072
6ac4b15e
JM		 7073 wpas_connect_work_done(wpa_s);
7074
5fd9fb27
JM		 7075 /*
7076 * Remove possible authentication timeout since the connection failed.
7077 */
7078 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7079
c2805909
JM		 7080 /*
7081 * There is no point in blacklisting the AP if this event is
7082 * generated based on local request to disconnect.
7083 */
7084 if (wpa_s->own_disconnect_req) {
7085 wpa_s->own_disconnect_req = 0;
7086 wpa_dbg(wpa_s, MSG_DEBUG,
7087 "Ignore connection failure due to local request to disconnect");
7088 return;
7089 }
0cdb93fe 7090 if (wpa_s->disconnected) {
0cdb93fe
JM		 7091 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7092 "indication since interface has been put into "
7093 "disconnected state");
7094 return;
7095 }
7096
0fb337c1
JM		 7097 /*
7098 * Add the failed BSSID into the blacklist and speed up next scan
7099 * attempt if there could be other APs that could accept association.
7100 * The current blacklist count indicates how many times we have tried
7101 * connecting to this AP and multiple attempts mean that other APs are
7102 * either not available or has already been tried, so that we can start
7103 * increasing the delay here to avoid constant scanning.
7104 */
7105 count = wpa_blacklist_add(wpa_s, bssid);
7106 if (count == 1 && wpa_s->current_bss) {
7107 /*
7108 * This BSS was not in the blacklist before. If there is
7109 * another BSS available for the same ESS, we should try that
7110 * next. Otherwise, we may as well try this one once more
7111 * before allowing other, likely worse, ESSes to be considered.
7112 */
7113 freqs = get_bss_freqs_in_ess(wpa_s);
7114 if (freqs) {
f049052b
BG		 7115 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7116 "has been seen; try it next");
0fb337c1
JM		 7117 wpa_blacklist_add(wpa_s, bssid);
7118 /*
7119 * On the next scan, go through only the known channels
7120 * used in this ESS based on previous scans to speed up
7121 * common load balancing use case.
7122 */
7123 os_free(wpa_s->next_scan_freqs);
7124 wpa_s->next_scan_freqs = freqs;
7125 }
7126 }
7127
f1a52633
JM		 7128 /*
7129 * Add previous failure count in case the temporary blacklist was
7130 * cleared due to no other BSSes being available.
7131 */
7132 count += wpa_s->extra_blacklist_count;
7133
dd579704
JM		 7134 if (count > 3 && wpa_s->current_ssid) {
7135 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7136 "consider temporary network disabling");
b19c098e 7137 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 7138 }
7139
0fb337c1
JM		 7140 switch (count) {
7141 case 1:
7142 timeout = 100;
7143 break;
7144 case 2:
7145 timeout = 500;
7146 break;
7147 case 3:
7148 timeout = 1000;
7149 break;
f1a52633 7150 case 4:
0fb337c1 7151 timeout = 5000;
f1a52633
JM		 7152 break;
7153 default:
7154 timeout = 10000;
7155 break;
0fb337c1
JM		 7156 }
7157
f1a52633
JM		 7158 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
7159 "ms", count, timeout);
7160
0fb337c1
JM		 7161 /*
7162 * TODO: if more than one possible AP is available in scan results,
7163 * could try the other ones before requesting a new scan.
7164 */
0a42f1ed
IP		 7165
7166 /* speed up the connection attempt with normal scan */
7167 wpa_s->normal_scans = 0;
0fb337c1
JM		 7168 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7169 1000 * (timeout % 1000));
7170}
22628eca
JM		 7171
7172
af835d75
AB		 7173#ifdef CONFIG_FILS
7174void fils_connection_failure(struct wpa_supplicant *wpa_s)
7175{
7176 struct wpa_ssid *ssid = wpa_s->current_ssid;
7177 const u8 *realm, *username, *rrk;
7178 size_t realm_len, username_len, rrk_len;
7179 u16 next_seq_num;
7180
7181 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7182 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7183 &username, &username_len,
7184 &realm, &realm_len, &next_seq_num,
7185 &rrk, &rrk_len) != 0 ||
7186 !realm)
7187 return;
7188
7189 wpa_hexdump_ascii(MSG_DEBUG,
7190 "FILS: Store last connection failure realm",
7191 realm, realm_len);
7192 os_free(wpa_s->last_con_fail_realm);
7193 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7194 if (wpa_s->last_con_fail_realm) {
7195 wpa_s->last_con_fail_realm_len = realm_len;
7196 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7197 }
7198}
7199#endif /* CONFIG_FILS */
7200
7201
22628eca
JM		 7202int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7203{
7204 return wpa_s->conf->ap_scan == 2 ||
7205 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7206}
d2118814
JM		 7207
7208
7209#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
7210int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7211 struct wpa_ssid *ssid,
7212 const char *field,
7213 const char *value)
7214{
7215#ifdef IEEE8021X_EAPOL
7216 struct eap_peer_config *eap = &ssid->eap;
7217
7218 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7219 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7220 (const u8 *) value, os_strlen(value));
7221
7222 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7223 case WPA_CTRL_REQ_EAP_IDENTITY:
7224 os_free(eap->identity);
7225 eap->identity = (u8 *) os_strdup(value);
7226 eap->identity_len = os_strlen(value);
7227 eap->pending_req_identity = 0;
7228 if (ssid == wpa_s->current_ssid)
7229 wpa_s->reassociate = 1;
7230 break;
7231 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 7232 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 7233 eap->password = (u8 *) os_strdup(value);
7234 eap->password_len = os_strlen(value);
7235 eap->pending_req_password = 0;
7236 if (ssid == wpa_s->current_ssid)
7237 wpa_s->reassociate = 1;
7238 break;
7239 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 7240 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 7241 eap->new_password = (u8 *) os_strdup(value);
7242 eap->new_password_len = os_strlen(value);
7243 eap->pending_req_new_password = 0;
7244 if (ssid == wpa_s->current_ssid)
7245 wpa_s->reassociate = 1;
7246 break;
7247 case WPA_CTRL_REQ_EAP_PIN:
b99c4cad
JM		 7248 str_clear_free(eap->cert.pin);
7249 eap->cert.pin = os_strdup(value);
d2118814
JM		 7250 eap->pending_req_pin = 0;
7251 if (ssid == wpa_s->current_ssid)
7252 wpa_s->reassociate = 1;
7253 break;
7254 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 7255 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 7256 eap->otp = (u8 *) os_strdup(value);
7257 eap->otp_len = os_strlen(value);
7258 os_free(eap->pending_req_otp);
7259 eap->pending_req_otp = NULL;
7260 eap->pending_req_otp_len = 0;
7261 break;
7262 case WPA_CTRL_REQ_EAP_PASSPHRASE:
b99c4cad
JM		 7263 str_clear_free(eap->cert.private_key_passwd);
7264 eap->cert.private_key_passwd = os_strdup(value);
d2118814
JM		 7265 eap->pending_req_passphrase = 0;
7266 if (ssid == wpa_s->current_ssid)
7267 wpa_s->reassociate = 1;
7268 break;
a5d44ac0 7269 case WPA_CTRL_REQ_SIM:
19c48da0 7270 str_clear_free(eap->external_sim_resp);
a5d44ac0 7271 eap->external_sim_resp = os_strdup(value);
ed9b1c16 7272 eap->pending_req_sim = 0;
a5d44ac0 7273 break;
a52410c2
JM		 7274 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7275 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7276 return -1;
7277 ssid->mem_only_psk = 1;
7278 if (ssid->passphrase)
7279 wpa_config_update_psk(ssid);
7280 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7281 wpa_supplicant_req_scan(wpa_s, 0, 0);
7282 break;
3c108b75
JM		 7283 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7284 if (eap->pending_ext_cert_check != PENDING_CHECK)
7285 return -1;
7286 if (os_strcmp(value, "good") == 0)
7287 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7288 else if (os_strcmp(value, "bad") == 0)
7289 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7290 else
7291 return -1;
7292 break;
d2118814
JM		 7293 default:
7294 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7295 return -1;
7296 }
7297
7298 return 0;
7299#else /* IEEE8021X_EAPOL */
7300 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7301 return -1;
7302#endif /* IEEE8021X_EAPOL */
7303}
7304#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 7305
7306
7307int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7308{
7309 int i;
7310 unsigned int drv_enc;
7311
44b9ea5b
JM		 7312 if (wpa_s->p2p_mgmt)
7313 return 1; /* no normal network profiles on p2p_mgmt interface */
7314
349493bd
JM		 7315 if (ssid == NULL)
7316 return 1;
7317
7318 if (ssid->disabled)
7319 return 1;
7320
9feadba1 7321 if (wpa_s->drv_capa_known)
349493bd
JM		 7322 drv_enc = wpa_s->drv_enc;
7323 else
7324 drv_enc = (unsigned int) -1;
7325
7326 for (i = 0; i < NUM_WEP_KEYS; i++) {
7327 size_t len = ssid->wep_key_len[i];
7328 if (len == 0)
7329 continue;
7330 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7331 continue;
7332 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7333 continue;
7334 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7335 continue;
7336 return 1; /* invalid WEP key */
7337 }
7338
9173b16f 7339 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 7340 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 7341 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 7342 !ssid->mem_only_psk)
2518aad3
JM		 7343 return 1;
7344
349493bd
JM		 7345 return 0;
7346}
b9cfc09a
JJ		 7347
7348
3f56a2b7
JM		 7349int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7350{
3f56a2b7
JM		 7351 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7352 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7353 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7354 /*
7355 * Driver does not support BIP -- ignore pmf=1 default
7356 * since the connection with PMF would fail and the
7357 * configuration does not require PMF to be enabled.
7358 */
7359 return NO_MGMT_FRAME_PROTECTION;
7360 }
7361
22950049
JM		 7362 if (ssid &&
7363 (ssid->key_mgmt &
7364 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7365 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7366 /*
7367 * Do not use the default PMF value for non-RSN networks
7368 * since PMF is available only with RSN and pmf=2
7369 * configuration would otherwise prevent connections to
7370 * all open networks.
7371 */
7372 return NO_MGMT_FRAME_PROTECTION;
7373 }
7374
3f56a2b7
JM		 7375 return wpa_s->conf->pmf;
7376 }
7377
7378 return ssid->ieee80211w;
3f56a2b7
JM		 7379}
7380
7381
b9cfc09a
JJ		 7382int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7383{
7384 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7385 return 1;
7386 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7387 return 0;
7388 return -1;
7389}
00e5e3d5
JM		 7390
7391
b19c098e 7392void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 7393{
7394 struct wpa_ssid *ssid = wpa_s->current_ssid;
7395 int dur;
4e1eae1d 7396 struct os_reltime now;
00e5e3d5
JM		 7397
7398 if (ssid == NULL) {
7399 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7400 "SSID block");
7401 return;
7402 }
7403
7404 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7405 return;
7406
7407 ssid->auth_failures++;
cbf41ca7
SL		 7408
7409#ifdef CONFIG_P2P
7410 if (ssid->p2p_group &&
7411 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7412 /*
7413 * Skip the wait time since there is a short timeout on the
7414 * connection to a P2P group.
7415 */
7416 return;
7417 }
7418#endif /* CONFIG_P2P */
7419
00e5e3d5
JM		 7420 if (ssid->auth_failures > 50)
7421 dur = 300;
00e5e3d5 7422 else if (ssid->auth_failures > 10)
8a77f1be 7423 dur = 120;
00e5e3d5 7424 else if (ssid->auth_failures > 5)
8a77f1be
JM		 7425 dur = 90;
7426 else if (ssid->auth_failures > 3)
7427 dur = 60;
7428 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 7429 dur = 30;
7430 else if (ssid->auth_failures > 1)
7431 dur = 20;
7432 else
7433 dur = 10;
7434
8a77f1be
JM		 7435 if (ssid->auth_failures > 1 &&
7436 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7437 dur += os_random() % (ssid->auth_failures * 10);
7438
4e1eae1d 7439 os_get_reltime(&now);
00e5e3d5
JM		 7440 if (now.sec + dur <= ssid->disabled_until.sec)
7441 return;
7442
7443 ssid->disabled_until.sec = now.sec + dur;
7444
7445 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 7446 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 7447 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 7448 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 7449}
7450
7451
7452void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7453 struct wpa_ssid *ssid, int clear_failures)
7454{
7455 if (ssid == NULL)
7456 return;
7457
7458 if (ssid->disabled_until.sec) {
7459 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7460 "id=%d ssid=\"%s\"",
7461 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7462 }
7463 ssid->disabled_until.sec = 0;
7464 ssid->disabled_until.usec = 0;
7465 if (clear_failures)
7466 ssid->auth_failures = 0;
7467}
6407f413
JM		 7468
7469
7470int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7471{
7472 size_t i;
7473
7474 if (wpa_s->disallow_aps_bssid == NULL)
7475 return 0;
7476
7477 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7478 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7479 bssid, ETH_ALEN) == 0)
7480 return 1;
7481 }
7482
7483 return 0;
7484}
7485
7486
7487int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7488 size_t ssid_len)
7489{
7490 size_t i;
7491
7492 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7493 return 0;
7494
7495 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7496 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7497 if (ssid_len == s->ssid_len &&
7498 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7499 return 1;
7500 }
7501
7502 return 0;
7503}
9796a86c
JM		 7504
7505
7506/**
7507 * wpas_request_connection - Request a new connection
7508 * @wpa_s: Pointer to the network interface
7509 *
7510 * This function is used to request a new connection to be found. It will mark
7511 * the interface to allow reassociation and request a new scan to find a
7512 * suitable network to connect to.
7513 */
7514void wpas_request_connection(struct wpa_supplicant *wpa_s)
7515{
7516 wpa_s->normal_scans = 0;
5214f4fa 7517 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 7518 wpa_supplicant_reinit_autoscan(wpa_s);
7519 wpa_s->extra_blacklist_count = 0;
7520 wpa_s->disconnected = 0;
7521 wpa_s->reassociate = 1;
2cb40e9f 7522 wpa_s->last_owe_group = 0;
5e24beae
MH		 7523
7524 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7525 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 7526 else
7527 wpa_s->reattach = 0;
9796a86c 7528}
36b9883d
DG		 7529
7530
5f040be4
RP		 7531/**
7532 * wpas_request_disconnection - Request disconnection
7533 * @wpa_s: Pointer to the network interface
7534 *
7535 * This function is used to request disconnection from the currently connected
7536 * network. This will stop any ongoing scans and initiate deauthentication.
7537 */
7538void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7539{
7540#ifdef CONFIG_SME
7541 wpa_s->sme.prev_bssid_set = 0;
7542#endif /* CONFIG_SME */
7543 wpa_s->reassociate = 0;
7544 wpa_s->disconnected = 1;
7545 wpa_supplicant_cancel_sched_scan(wpa_s);
7546 wpa_supplicant_cancel_scan(wpa_s);
7547 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7548 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
f5db7750
JM		 7549 radio_remove_works(wpa_s, "connect", 0);
7550 radio_remove_works(wpa_s, "sme-connect", 0);
5f040be4
RP		 7551}
7552
7553
a0c90bb0
IP		 7554void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7555 struct wpa_used_freq_data *freqs_data,
7556 unsigned int len)
7557{
7558 unsigned int i;
7559
7560 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7561 len, title);
7562 for (i = 0; i < len; i++) {
7563 struct wpa_used_freq_data *cur = &freqs_data[i];
7564 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7565 i, cur->freq, cur->flags);
7566 }
7567}
7568
7569
53c5dfc2
IP		 7570/*
7571 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 7572 * are using the same radio as the current interface, and in addition, get
7573 * information about the interface types that are using the frequency.
53c5dfc2 7574 */
a0c90bb0
IP		 7575int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7576 struct wpa_used_freq_data *freqs_data,
7577 unsigned int len)
53c5dfc2 7578{
53c5dfc2
IP		 7579 struct wpa_supplicant *ifs;
7580 u8 bssid[ETH_ALEN];
7581 int freq;
7582 unsigned int idx = 0, i;
7583
217cf499
JM		 7584 wpa_dbg(wpa_s, MSG_DEBUG,
7585 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 7586 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 7587
0ad3b9c4
JM		 7588 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7589 radio_list) {
a0c90bb0
IP		 7590 if (idx == len)
7591 break;
7592
53c5dfc2
IP		 7593 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7594 continue;
7595
7596 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 7597 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7598 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 7599 freq = ifs->current_ssid->frequency;
7600 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7601 freq = ifs->assoc_freq;
7602 else
7603 continue;
7604
7605 /* Hold only distinct freqs */
7606 for (i = 0; i < idx; i++)
a0c90bb0 7607 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 7608 break;
7609
7610 if (i == idx)
a0c90bb0
IP		 7611 freqs_data[idx++].freq = freq;
7612
7613 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 7614 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 7615 WPA_FREQ_USED_BY_P2P_CLIENT :
7616 WPA_FREQ_USED_BY_INFRA_STATION;
7617 }
53c5dfc2 7618 }
217cf499 7619
a0c90bb0 7620 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 7621 return idx;
7622}
a0c90bb0
IP		 7623
7624
7625/*
7626 * Find the operating frequencies of any of the virtual interfaces that
7627 * are using the same radio as the current interface.
7628 */
7629int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7630 int *freq_array, unsigned int len)
7631{
7632 struct wpa_used_freq_data *freqs_data;
7633 int num, i;
7634
7635 os_memset(freq_array, 0, sizeof(int) * len);
7636
7637 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7638 if (!freqs_data)
7639 return -1;
7640
7641 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7642 for (i = 0; i < num; i++)
7643 freq_array[i] = freqs_data[i].freq;
7644
7645 os_free(freqs_data);
7646
7647 return num;
7648}
b361d580
AK		 7649
7650
af041f99
AA		 7651struct wpa_supplicant *
7652wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7653{
7654 switch (frame) {
7655#ifdef CONFIG_P2P
7656 case VENDOR_ELEM_PROBE_REQ_P2P:
7657 case VENDOR_ELEM_PROBE_RESP_P2P:
7658 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7659 case VENDOR_ELEM_BEACON_P2P_GO:
7660 case VENDOR_ELEM_P2P_PD_REQ:
7661 case VENDOR_ELEM_P2P_PD_RESP:
7662 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7663 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7664 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7665 case VENDOR_ELEM_P2P_INV_REQ:
7666 case VENDOR_ELEM_P2P_INV_RESP:
7667 case VENDOR_ELEM_P2P_ASSOC_REQ:
7668 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 7669 return wpa_s->p2pdev;
af041f99
AA		 7670#endif /* CONFIG_P2P */
7671 default:
7672 return wpa_s;
7673 }
7674}
7675
7676
7677void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7678{
7679 unsigned int i;
7680 char buf[30];
7681
7682 wpa_printf(MSG_DEBUG, "Update vendor elements");
7683
7684 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7685 if (wpa_s->vendor_elem[i]) {
7686 int res;
7687
7688 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7689 if (!os_snprintf_error(sizeof(buf), res)) {
7690 wpa_hexdump_buf(MSG_DEBUG, buf,
7691 wpa_s->vendor_elem[i]);
7692 }
7693 }
7694 }
7695
7696#ifdef CONFIG_P2P
7697 if (wpa_s->parent == wpa_s &&
7698 wpa_s->global->p2p &&
7699 !wpa_s->global->p2p_disabled)
7700 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7701#endif /* CONFIG_P2P */
7702}
7703
7704
7705int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7706 const u8 *elem, size_t len)
7707{
7708 u8 *ie, *end;
7709
7710 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7711 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7712
7713 for (; ie + 1 < end; ie += 2 + ie[1]) {
7714 if (ie + len > end)
7715 break;
7716 if (os_memcmp(ie, elem, len) != 0)
7717 continue;
7718
7719 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7720 wpabuf_free(wpa_s->vendor_elem[frame]);
7721 wpa_s->vendor_elem[frame] = NULL;
7722 } else {
7723 os_memmove(ie, ie + len, end - (ie + len));
7724 wpa_s->vendor_elem[frame]->used -= len;
7725 }
7726 wpas_vendor_elem_update(wpa_s);
7727 return 0;
7728 }
7729
7730 return -1;
7731}
ea69d973
AS		 7732
7733
7734struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
d0e116f6
VK		 7735 u16 num_modes, enum hostapd_hw_mode mode,
7736 int is_6ghz)
ea69d973
AS		 7737{
7738 u16 i;
7739
7740 for (i = 0; i < num_modes; i++) {
d0e116f6
VK		 7741 if (modes[i].mode != mode ||
7742 !modes[i].num_channels || !modes[i].channels)
7743 continue;
7744 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
7745 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
ea69d973
AS		 7746 return &modes[i];
7747 }
7748
7749 return NULL;
7750}
dd599908
AS		 7751
7752
7753static struct
7754wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7755 const u8 *bssid)
7756{
7757 struct wpa_bss_tmp_disallowed *bss;
7758
7759 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7760 struct wpa_bss_tmp_disallowed, list) {
7761 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7762 return bss;
7763 }
7764
7765 return NULL;
7766}
7767
7768
b04854ce
AP		 7769static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7770{
7771 struct wpa_bss_tmp_disallowed *tmp;
7772 unsigned int num_bssid = 0;
7773 u8 *bssids;
7774 int ret;
7775
7776 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7777 if (!bssids)
7778 return -1;
7779 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7780 struct wpa_bss_tmp_disallowed, list) {
7781 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7782 ETH_ALEN);
7783 num_bssid++;
7784 }
7785 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7786 os_free(bssids);
7787 return ret;
7788}
7789
7790
7791static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7792{
7793 struct wpa_supplicant *wpa_s = eloop_ctx;
7794 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7795
7796 /* Make sure the bss is not already freed */
7797 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7798 struct wpa_bss_tmp_disallowed, list) {
7799 if (bss == tmp) {
7800 dl_list_del(&tmp->list);
7801 os_free(tmp);
7802 wpa_set_driver_tmp_disallow_list(wpa_s);
7803 break;
7804 }
7805 }
7806}
7807
7808
dd599908 7809void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
19677b77 7810 unsigned int sec, int rssi_threshold)
dd599908
AS		 7811{
7812 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7813
7814 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7815 if (bss) {
b04854ce 7816 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
19677b77 7817 goto finish;
dd599908
AS		 7818 }
7819
7820 bss = os_malloc(sizeof(*bss));
7821 if (!bss) {
7822 wpa_printf(MSG_DEBUG,
7823 "Failed to allocate memory for temp disallow BSS");
7824 return;
7825 }
7826
dd599908
AS		 7827 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7828 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce 7829 wpa_set_driver_tmp_disallow_list(wpa_s);
19677b77
BL		 7830
7831finish:
7832 bss->rssi_threshold = rssi_threshold;
b04854ce
AP		 7833 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7834 wpa_s, bss);
dd599908
AS		 7835}
7836
7837
19677b77
BL		 7838int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7839 struct wpa_bss *bss)
dd599908 7840{
19677b77 7841 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
dd599908 7842
d010048c
JM		 7843 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7844 struct wpa_bss_tmp_disallowed, list) {
19677b77
BL		 7845 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7846 disallowed = tmp;
d010048c
JM		 7847 break;
7848 }
7849 }
19677b77
BL		 7850 if (!disallowed)
7851 return 0;
7852
7853 if (disallowed->rssi_threshold != 0 &&
7854 bss->level > disallowed->rssi_threshold)
dd599908
AS		 7855 return 0;
7856
d010048c 7857 return 1;
dd599908 7858}
91b6eba7
EC		 7859
7860
7861int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7862 unsigned int type, const u8 *addr,
7863 const u8 *mask)
7864{
7865 if ((addr && !mask) || (!addr && mask)) {
7866 wpa_printf(MSG_INFO,
7867 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7868 return -1;
7869 }
7870
7871 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7872 wpa_printf(MSG_INFO,
7873 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7874 return -1;
7875 }
7876
7877 if (type & MAC_ADDR_RAND_SCAN) {
7878 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7879 addr, mask))
7880 return -1;
7881 }
7882
7883 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7884 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7885 addr, mask))
7886 return -1;
7887
7888 if (wpa_s->sched_scanning && !wpa_s->pno)
7889 wpas_scan_restart_sched_scan(wpa_s);
7890 }
7891
7892 if (type & MAC_ADDR_RAND_PNO) {
7893 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7894 addr, mask))
7895 return -1;
7896
7897 if (wpa_s->pno) {
7898 wpas_stop_pno(wpa_s);
7899 wpas_start_pno(wpa_s);
7900 }
7901 }
7902
7903 return 0;
7904}
7905
7906
7907int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7908 unsigned int type)
7909{
7910 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7911 if (wpa_s->pno) {
7912 if (type & MAC_ADDR_RAND_PNO) {
7913 wpas_stop_pno(wpa_s);
7914 wpas_start_pno(wpa_s);
7915 }
7916 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7917 wpas_scan_restart_sched_scan(wpa_s);
7918 }
7919
7920 return 0;
7921}
6c570193
JM		 7922
7923
7924int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
7925 struct wpa_signal_info *si)
7926{
7927 int res;
7928
7929 if (!wpa_s->driver->signal_poll)
7930 return -1;
7931
7932 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
7933
7934#ifdef CONFIG_TESTING_OPTIONS
7935 if (res == 0) {
7936 struct driver_signal_override *dso;
7937
7938 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7939 struct driver_signal_override, list) {
7940 if (os_memcmp(wpa_s->bssid, dso->bssid,
7941 ETH_ALEN) != 0)
7942 continue;
7943 wpa_printf(MSG_DEBUG,
7944 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
7945 si->current_signal,
7946 dso->si_current_signal,
7947 si->avg_signal,
7948 dso->si_avg_signal,
7949 si->avg_beacon_signal,
7950 dso->si_avg_beacon_signal,
7951 si->current_noise,
7952 dso->si_current_noise);
7953 si->current_signal = dso->si_current_signal;
7954 si->avg_signal = dso->si_avg_signal;
7955 si->avg_beacon_signal = dso->si_avg_beacon_signal;
7956 si->current_noise = dso->si_current_noise;
7957 break;
7958 }
7959 }
7960#endif /* CONFIG_TESTING_OPTIONS */
7961
7962 return res;
7963}
7964
7965
7966struct wpa_scan_results *
7967wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
7968{
7969 struct wpa_scan_results *scan_res;
7970#ifdef CONFIG_TESTING_OPTIONS
7971 size_t idx;
7972#endif /* CONFIG_TESTING_OPTIONS */
7973
7974 if (!wpa_s->driver->get_scan_results2)
7975 return NULL;
7976
7977 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
7978
7979#ifdef CONFIG_TESTING_OPTIONS
7980 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
7981 struct driver_signal_override *dso;
7982 struct wpa_scan_res *res = scan_res->res[idx];
7983
7984 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7985 struct driver_signal_override, list) {
7986 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
7987 continue;
7988 wpa_printf(MSG_DEBUG,
7989 "Override driver scan signal level %d->%d for "
7990 MACSTR,
7991 res->level, dso->scan_level,
7992 MAC2STR(res->bssid));
7993 res->flags |= WPA_SCAN_QUAL_INVALID;
7994 if (dso->scan_level < 0)
7995 res->flags |= WPA_SCAN_LEVEL_DBM;
7996 else
7997 res->flags &= ~WPA_SCAN_LEVEL_DBM;
7998 res->level = dso->scan_level;
7999 break;
8000 }
8001 }
8002#endif /* CONFIG_TESTING_OPTIONS */
8003
8004 return scan_res;
8005}
Unnamed repository; edit this file 'description' to name the repository.