]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SAE: Special test mode sae_pwe=3 for looping with password identifier
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
cc58a357 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
cfde99a8 39#include "common/ieee802_11_common.h"
90973fb2 40#include "common/ieee802_11_defs.h"
6b8b0774 41#include "common/hw_features_common.h"
461d39af 42#include "common/gas_server.h"
10ec6a5f 43#include "common/dpp.h"
72044390 44#include "p2p/p2p.h"
b36a3a65 45#include "fst/fst.h"
6fc6879b
JM		 46#include "blacklist.h"
47#include "wpas_glue.h"
116654ce 48#include "wps_supplicant.h"
11ef8d35 49#include "ibss_rsn.h"
c2a04078 50#include "sme.h"
04ea7b79 51#include "gas_query.h"
1f1b62a0 52#include "ap.h"
b22128ef 53#include "p2p_supplicant.h"
9675ce35 54#include "wifi_display.h"
8bac466b 55#include "notify.h"
60b94c98 56#include "bgscan.h"
7c865c68 57#include "autoscan.h"
83922c2d 58#include "bss.h"
9ba9fa07 59#include "scan.h"
24f6497c 60#include "offchannel.h"
cb418324 61#include "hs20_supplicant.h"
e27d20bb 62#include "wnm_sta.h"
dd10abcc 63#include "wpas_kay.h"
603a3f34 64#include "mesh.h"
be27e185 65#include "dpp_supplicant.h"
a39b040b
SB		 66#ifdef CONFIG_MESH
67#include "ap/ap_config.h"
68#include "ap/hostapd.h"
69#endif /* CONFIG_MESH */
6fc6879b 70
8b423edb 71const char *const wpa_supplicant_version =
6fc6879b 72"wpa_supplicant v" VERSION_STR "\n"
cc58a357 73"Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 74
8b423edb 75const char *const wpa_supplicant_license =
331f89ff
JM		 76"This software may be distributed under the terms of the BSD license.\n"
77"See README for more details.\n"
6fc6879b
JM		 78#ifdef EAP_TLS_OPENSSL
79"\nThis product includes software developed by the OpenSSL Project\n"
80"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81#endif /* EAP_TLS_OPENSSL */
82;
83
84#ifndef CONFIG_NO_STDOUT_DEBUG
85/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 86const char *const wpa_supplicant_full_license1 =
331f89ff 87"";
8b423edb 88const char *const wpa_supplicant_full_license2 =
331f89ff 89"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 90"\n"
91"Redistribution and use in source and binary forms, with or without\n"
92"modification, are permitted provided that the following conditions are\n"
93"met:\n"
94"\n";
8b423edb 95const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 96"1. Redistributions of source code must retain the above copyright\n"
97" notice, this list of conditions and the following disclaimer.\n"
98"\n"
99"2. Redistributions in binary form must reproduce the above copyright\n"
100" notice, this list of conditions and the following disclaimer in the\n"
101" documentation and/or other materials provided with the distribution.\n"
102"\n";
8b423edb 103const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 104"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105" names of its contributors may be used to endorse or promote products\n"
106" derived from this software without specific prior written permission.\n"
107"\n"
108"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 112const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 113"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120"\n";
121#endif /* CONFIG_NO_STDOUT_DEBUG */
122
b04854ce
AP		 123
124static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 125#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 128#ifdef CONFIG_OWE
129static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130#endif /* CONFIG_OWE */
b04854ce
AP		 131
132
6fc6879b 133/* Configure default/group WEP keys for static WEP */
0194fedb 134int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 135{
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
0382097e 143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 144 i, i == ssid->wep_tx_keyidx, NULL, 0,
a919a260
AW		 145 ssid->wep_key[i], ssid->wep_key_len[i],
146 i == ssid->wep_tx_keyidx ?
147 KEY_FLAG_GROUP_RX_TX_DEFAULT :
148 KEY_FLAG_GROUP_RX_TX);
6fc6879b
JM		 149 }
150
151 return set;
152}
153
154
6ea1f413
JM		 155int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
156 struct wpa_ssid *ssid)
6fc6879b
JM		 157{
158 u8 key[32];
159 size_t keylen;
71934751 160 enum wpa_alg alg;
6fc6879b 161 u8 seq[6] = { 0 };
658da804 162 int ret;
6fc6879b
JM		 163
164 /* IBSS/WPA-None uses only one key (Group) for both receiving and
165 * sending unicast and multicast packets. */
166
d7dcba70 167 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
169 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 170 return -1;
171 }
172
173 if (!ssid->psk_set) {
f049052b
BG		 174 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
175 "WPA-None");
6fc6879b
JM		 176 return -1;
177 }
178
179 switch (wpa_s->group_cipher) {
180 case WPA_CIPHER_CCMP:
181 os_memcpy(key, ssid->psk, 16);
182 keylen = 16;
183 alg = WPA_ALG_CCMP;
184 break;
eb7719ff
JM		 185 case WPA_CIPHER_GCMP:
186 os_memcpy(key, ssid->psk, 16);
187 keylen = 16;
188 alg = WPA_ALG_GCMP;
189 break;
6fc6879b
JM		 190 case WPA_CIPHER_TKIP:
191 /* WPA-None uses the same Michael MIC key for both TX and RX */
192 os_memcpy(key, ssid->psk, 16 + 8);
193 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
194 keylen = 32;
195 alg = WPA_ALG_TKIP;
196 break;
197 default:
f049052b
BG		 198 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
199 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 200 return -1;
201 }
202
203 /* TODO: should actually remember the previously used seq#, both for TX
204 * and RX from each STA.. */
205
a919a260
AW		 206 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
207 KEY_FLAG_GROUP_RX_TX_DEFAULT);
658da804
JM		 208 os_memset(key, 0, sizeof(key));
209 return ret;
6fc6879b
JM		 210}
211
212
213static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
214{
215 struct wpa_supplicant *wpa_s = eloop_ctx;
216 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 217 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
218 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
219 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 220 bssid = wpa_s->pending_bssid;
221 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
222 MAC2STR(bssid));
223 wpa_blacklist_add(wpa_s, bssid);
224 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 225 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 226 wpa_s->reassociate = 1;
48b84f18
BG		 227
228 /*
229 * If we timed out, the AP or the local radio may be busy.
230 * So, wait a second until scanning again.
231 */
232 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 233}
234
235
236/**
237 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
238 * @wpa_s: Pointer to wpa_supplicant data
239 * @sec: Number of seconds after which to time out authentication
240 * @usec: Number of microseconds after which to time out authentication
241 *
242 * This function is used to schedule a timeout for the current authentication
243 * attempt.
244 */
245void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
246 int sec, int usec)
247{
a2a535f8 248 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 249 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 250 return;
251
f049052b 252 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 253 "%d usec", sec, usec);
254 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 255 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 256 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
257}
258
259
37547ad6
DL		 260/*
261 * wpas_auth_timeout_restart - Restart and change timeout for authentication
262 * @wpa_s: Pointer to wpa_supplicant data
263 * @sec_diff: difference in seconds applied to original timeout value
264 */
265void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
266{
267 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
268
269 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
270 wpa_dbg(wpa_s, MSG_DEBUG,
271 "Authentication timeout restart: %d sec", new_sec);
272 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
273 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
274 wpa_s, NULL);
275 }
276}
277
278
6fc6879b
JM		 279/**
280 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
281 * @wpa_s: Pointer to wpa_supplicant data
282 *
283 * This function is used to cancel authentication timeout scheduled with
284 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
285 * been completed.
286 */
287void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
288{
f049052b 289 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 290 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
291 wpa_blacklist_del(wpa_s, wpa_s->bssid);
af835d75
AB		 292 os_free(wpa_s->last_con_fail_realm);
293 wpa_s->last_con_fail_realm = NULL;
294 wpa_s->last_con_fail_realm_len = 0;
6fc6879b
JM		 295}
296
297
298/**
299 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
300 * @wpa_s: Pointer to wpa_supplicant data
301 *
302 * This function is used to configure EAPOL state machine based on the selected
303 * authentication mode.
304 */
305void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
306{
307#ifdef IEEE8021X_EAPOL
308 struct eapol_config eapol_conf;
309 struct wpa_ssid *ssid = wpa_s->current_ssid;
310
53895c3b 311#ifdef CONFIG_IBSS_RSN
d7dcba70 312 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 313 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
314 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
315 /*
316 * RSN IBSS authentication is per-STA and we can disable the
317 * per-BSSID EAPOL authentication.
318 */
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
321 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
322 return;
323 }
324#endif /* CONFIG_IBSS_RSN */
325
0a40ec6a
JM		 326 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
328
6fc6879b
JM		 329 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
330 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
331 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
332 else
333 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
334
335 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
337 eapol_conf.accept_802_1x_keys = 1;
338 eapol_conf.required_keys = 0;
339 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
340 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
341 }
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
343 eapol_conf.required_keys |=
344 EAPOL_REQUIRE_KEY_BROADCAST;
345 }
346
a2a535f8 347 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 348 eapol_conf.required_keys = 0;
6fc6879b 349 }
a2a535f8 350 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 351 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 352 eapol_conf.eap_disabled =
353 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 354 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
355 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 356 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 357
358#ifdef CONFIG_WPS
359 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
360 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
361 if (wpa_s->current_bss) {
362 struct wpabuf *ie;
363 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
364 WPS_IE_VENDOR_TYPE);
365 if (ie) {
366 if (wps_is_20(ie))
367 eapol_conf.wps |=
368 EAPOL_PEER_IS_WPS20_AP;
369 wpabuf_free(ie);
370 }
371 }
372 }
373#endif /* CONFIG_WPS */
374
6fc6879b 375 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 376
ad51731a
SD		 377#ifdef CONFIG_MACSEC
378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
379 ieee802_1x_create_preshared_mka(wpa_s, ssid);
380 else
381 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
382#endif /* CONFIG_MACSEC */
cd3153a9 383#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 384}
385
386
387/**
388 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
389 * @wpa_s: Pointer to wpa_supplicant data
390 * @ssid: Configuration data for the network
391 *
392 * This function is used to configure WPA state machine and related parameters
393 * to a mode where WPA is not enabled. This is called as part of the
394 * authentication configuration when the selected network does not use WPA.
395 */
396void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
397 struct wpa_ssid *ssid)
398{
399 int i;
400
ad08c363
JM		 401 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
402 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
403 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 404 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
405 else
406 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
407 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
408 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
146889e3 409 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
6fc6879b 410 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 411 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
412 wpa_s->rsnxe_len = 0;
6fc6879b
JM		 413 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
414 wpa_s->group_cipher = WPA_CIPHER_NONE;
415 wpa_s->mgmt_group_cipher = 0;
416
417 for (i = 0; i < NUM_WEP_KEYS; i++) {
418 if (ssid->wep_key_len[i] > 5) {
419 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
420 wpa_s->group_cipher = WPA_CIPHER_WEP104;
421 break;
422 } else if (ssid->wep_key_len[i] > 0) {
423 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
424 wpa_s->group_cipher = WPA_CIPHER_WEP40;
425 break;
426 }
427 }
428
429 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
431 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
432 wpa_s->pairwise_cipher);
433 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
6fc6879b
JM		 434 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
435 wpa_s->mgmt_group_cipher);
6fc6879b
JM		 436
437 pmksa_cache_clear_current(wpa_s->wpa);
438}
439
440
6979582c 441void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 442{
443 int i;
444 if (wpa_s->hw.modes == NULL)
445 return;
446
447 for (i = 0; i < wpa_s->hw.num_modes; i++) {
448 os_free(wpa_s->hw.modes[i].channels);
449 os_free(wpa_s->hw.modes[i].rates);
450 }
451
452 os_free(wpa_s->hw.modes);
453 wpa_s->hw.modes = NULL;
454}
455
456
19677b77 457void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
dd599908
AS		 458{
459 struct wpa_bss_tmp_disallowed *bss, *prev;
460
461 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
462 struct wpa_bss_tmp_disallowed, list) {
b04854ce 463 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 464 dl_list_del(&bss->list);
465 os_free(bss);
466 }
467}
468
469
5732b770
JM		 470void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
471{
472 struct fils_hlp_req *req;
473
474 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
475 list)) != NULL) {
476 dl_list_del(&req->list);
477 wpabuf_free(req->pkt);
478 os_free(req);
479 }
480}
481
482
ad2f0966
JM		 483void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
484{
485 struct wpa_supplicant *wpa_s = eloop_ctx;
486
487 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
488 return;
489 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
490 wpa_bss_flush(wpa_s);
491}
492
493
6c570193
JM		 494#ifdef CONFIG_TESTING_OPTIONS
495void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
496{
497 struct driver_signal_override *dso;
498
499 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
500 struct driver_signal_override, list))) {
501 dl_list_del(&dso->list);
502 os_free(dso);
503 }
504}
505#endif /* CONFIG_TESTING_OPTIONS */
506
507
6fc6879b
JM		 508static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
509{
86bd36f0
JM		 510 int i;
511
60b94c98 512 bgscan_deinit(wpa_s);
7c865c68 513 autoscan_deinit(wpa_s);
6fc6879b
JM		 514 scard_deinit(wpa_s->scard);
515 wpa_s->scard = NULL;
516 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
517 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
518 l2_packet_deinit(wpa_s->l2);
519 wpa_s->l2 = NULL;
520 if (wpa_s->l2_br) {
521 l2_packet_deinit(wpa_s->l2_br);
522 wpa_s->l2_br = NULL;
523 }
4a6cc862
JM		 524#ifdef CONFIG_TESTING_OPTIONS
525 l2_packet_deinit(wpa_s->l2_test);
526 wpa_s->l2_test = NULL;
c06fca04
JM		 527 os_free(wpa_s->get_pref_freq_list_override);
528 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 529 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
530 wpa_s->last_assoc_req_wpa_ie = NULL;
b834e970
JM		 531 os_free(wpa_s->extra_sae_rejected_groups);
532 wpa_s->extra_sae_rejected_groups = NULL;
13256553
JM		 533 wpabuf_free(wpa_s->rsnxe_override_assoc);
534 wpa_s->rsnxe_override_assoc = NULL;
535 wpabuf_free(wpa_s->rsnxe_override_eapol);
536 wpa_s->rsnxe_override_eapol = NULL;
6c570193 537 wpas_clear_driver_signal_override(wpa_s);
4a6cc862 538#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 539
6fc6879b 540 if (wpa_s->conf != NULL) {
8e56d189
JM		 541 struct wpa_ssid *ssid;
542 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
543 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 544 }
545
546 os_free(wpa_s->confname);
547 wpa_s->confname = NULL;
548
e6304cad
DS		 549 os_free(wpa_s->confanother);
550 wpa_s->confanother = NULL;
551
af835d75
AB		 552 os_free(wpa_s->last_con_fail_realm);
553 wpa_s->last_con_fail_realm = NULL;
554 wpa_s->last_con_fail_realm_len = 0;
555
6fc6879b
JM		 556 wpa_sm_set_eapol(wpa_s->wpa, NULL);
557 eapol_sm_deinit(wpa_s->eapol);
558 wpa_s->eapol = NULL;
559
560 rsn_preauth_deinit(wpa_s->wpa);
561
281ff0aa
GP		 562#ifdef CONFIG_TDLS
563 wpa_tdls_deinit(wpa_s->wpa);
564#endif /* CONFIG_TDLS */
565
8c42b369 566 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 567 pmksa_candidate_free(wpa_s->wpa);
568 wpa_sm_deinit(wpa_s->wpa);
569 wpa_s->wpa = NULL;
570 wpa_blacklist_clear(wpa_s);
571
83922c2d 572 wpa_bss_deinit(wpa_s);
6fc6879b 573
831770bf 574 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 575 wpa_supplicant_cancel_scan(wpa_s);
576 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 577 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
578#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
579 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
580 wpa_s, NULL);
581#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 582
9bd566a3 583 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
ad2f0966 584 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
9bd566a3 585
116654ce 586 wpas_wps_deinit(wpa_s);
11ef8d35 587
1ff73338
JM		 588 wpabuf_free(wpa_s->pending_eapol_rx);
589 wpa_s->pending_eapol_rx = NULL;
590
11ef8d35
JM		 591#ifdef CONFIG_IBSS_RSN
592 ibss_rsn_deinit(wpa_s->ibss_rsn);
593 wpa_s->ibss_rsn = NULL;
594#endif /* CONFIG_IBSS_RSN */
c2a04078 595
e29853bb 596 sme_deinit(wpa_s);
2d5b792d
JM		 597
598#ifdef CONFIG_AP
599 wpa_supplicant_ap_deinit(wpa_s);
600#endif /* CONFIG_AP */
b22128ef 601
b22128ef 602 wpas_p2p_deinit(wpa_s);
f47d639d 603
24f6497c
JM		 604#ifdef CONFIG_OFFCHANNEL
605 offchannel_deinit(wpa_s);
606#endif /* CONFIG_OFFCHANNEL */
607
a4cba8f1
LC		 608 wpa_supplicant_cancel_sched_scan(wpa_s);
609
f47d639d
JM		 610 os_free(wpa_s->next_scan_freqs);
611 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 612
613 os_free(wpa_s->manual_scan_freqs);
614 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 615 os_free(wpa_s->select_network_scan_freqs);
616 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 617
d3c9c35f
DS		 618 os_free(wpa_s->manual_sched_scan_freqs);
619 wpa_s->manual_sched_scan_freqs = NULL;
620
56c76fa5
IP		 621 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
622
57e832de
IP		 623 /*
624 * Need to remove any pending gas-query radio work before the
625 * gas_query_deinit() call because gas_query::work has not yet been set
626 * for works that have not been started. gas_query_free() will be unable
627 * to cancel such pending radio works and once the pending gas-query
628 * radio work eventually gets removed, the deinit notification call to
629 * gas_query_start_cb() would result in dereferencing freed memory.
630 */
631 if (wpa_s->radio)
632 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 633 gas_query_deinit(wpa_s->gas);
634 wpa_s->gas = NULL;
461d39af
JM		 635 gas_server_deinit(wpa_s->gas_server);
636 wpa_s->gas_server = NULL;
6bf731e8
CL		 637
638 free_hw_features(wpa_s);
d445a5cd 639
dd10abcc
HW		 640 ieee802_1x_dealloc_kay_sm(wpa_s);
641
d445a5cd
JM		 642 os_free(wpa_s->bssid_filter);
643 wpa_s->bssid_filter = NULL;
b6668734 644
6407f413
JM		 645 os_free(wpa_s->disallow_aps_bssid);
646 wpa_s->disallow_aps_bssid = NULL;
647 os_free(wpa_s->disallow_aps_ssid);
648 wpa_s->disallow_aps_ssid = NULL;
649
b6668734 650 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 651#ifdef CONFIG_WNM
652 wnm_deallocate_memory(wpa_s);
653#endif /* CONFIG_WNM */
306ae225
JM		 654
655 ext_password_deinit(wpa_s->ext_pw);
656 wpa_s->ext_pw = NULL;
b1f12296
JM		 657
658 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 659 wpa_s->last_gas_resp = NULL;
660 wpabuf_free(wpa_s->prev_gas_resp);
661 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 662
663 os_free(wpa_s->last_scan_res);
664 wpa_s->last_scan_res = NULL;
b572df86
JM		 665
666#ifdef CONFIG_HS20
ece4ac5f
MG		 667 if (wpa_s->drv_priv)
668 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 669 hs20_deinit(wpa_s);
b572df86 670#endif /* CONFIG_HS20 */
86bd36f0
JM		 671
672 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
673 wpabuf_free(wpa_s->vendor_elem[i]);
674 wpa_s->vendor_elem[i] = NULL;
675 }
3882a708
JM		 676
677 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 678
679 wpa_s->sched_scan_plans_num = 0;
680 os_free(wpa_s->sched_scan_plans);
681 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 682
683#ifdef CONFIG_MBO
684 wpa_s->non_pref_chan_num = 0;
685 os_free(wpa_s->non_pref_chan);
686 wpa_s->non_pref_chan = NULL;
687#endif /* CONFIG_MBO */
dd599908
AS		 688
689 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 690
691 wpabuf_free(wpa_s->lci);
692 wpa_s->lci = NULL;
76196ddb 693 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 694
695#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
696#ifdef CONFIG_MESH
697 {
698 struct external_pmksa_cache *entry;
699
700 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
701 struct external_pmksa_cache,
702 list)) != NULL) {
703 dl_list_del(&entry->list);
704 os_free(entry->pmksa_cache);
705 os_free(entry);
706 }
707 }
708#endif /* CONFIG_MESH */
709#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 710
711 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 712
713 wpabuf_free(wpa_s->ric_ies);
714 wpa_s->ric_ies = NULL;
be27e185
JM		 715
716#ifdef CONFIG_DPP
717 wpas_dpp_deinit(wpa_s);
87d8435c
JM		 718 dpp_global_deinit(wpa_s->dpp);
719 wpa_s->dpp = NULL;
be27e185 720#endif /* CONFIG_DPP */
6fc6879b
JM		 721}
722
723
724/**
725 * wpa_clear_keys - Clear keys configured for the driver
726 * @wpa_s: Pointer to wpa_supplicant data
727 * @addr: Previously used BSSID or %NULL if not available
728 *
729 * This function clears the encryption keys that has been previously configured
730 * for the driver.
731 */
732void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
733{
7d2ed8ba 734 int i, max = 6;
2f30cac3
JM		 735
736 /* MLME-DELETEKEYS.request */
737 for (i = 0; i < max; i++) {
738 if (wpa_s->keys_cleared & BIT(i))
739 continue;
740 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
a919a260 741 NULL, 0, KEY_FLAG_GROUP);
2f30cac3
JM		 742 }
743 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
744 !is_zero_ether_addr(addr)) {
6fc6879b 745 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
a919a260 746 0, KEY_FLAG_PAIRWISE);
6fc6879b
JM		 747 /* MLME-SETPROTECTION.request(None) */
748 wpa_drv_mlme_setprotection(
749 wpa_s, addr,
750 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
751 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
752 }
2f30cac3 753 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 754}
755
756
757/**
758 * wpa_supplicant_state_txt - Get the connection state name as a text string
759 * @state: State (wpa_state; WPA_*)
760 * Returns: The state name as a printable text string
761 */
71934751 762const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 763{
764 switch (state) {
765 case WPA_DISCONNECTED:
766 return "DISCONNECTED";
767 case WPA_INACTIVE:
768 return "INACTIVE";
8401a6b0
JM		 769 case WPA_INTERFACE_DISABLED:
770 return "INTERFACE_DISABLED";
6fc6879b
JM		 771 case WPA_SCANNING:
772 return "SCANNING";
c2a04078
JM		 773 case WPA_AUTHENTICATING:
774 return "AUTHENTICATING";
6fc6879b
JM		 775 case WPA_ASSOCIATING:
776 return "ASSOCIATING";
777 case WPA_ASSOCIATED:
778 return "ASSOCIATED";
779 case WPA_4WAY_HANDSHAKE:
780 return "4WAY_HANDSHAKE";
781 case WPA_GROUP_HANDSHAKE:
782 return "GROUP_HANDSHAKE";
783 case WPA_COMPLETED:
784 return "COMPLETED";
785 default:
786 return "UNKNOWN";
787 }
788}
789
790
cfe53c9a
PS		 791#ifdef CONFIG_BGSCAN
792
793static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
794{
31392709
HD		 795 const char *name;
796
797 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
798 name = wpa_s->current_ssid->bgscan;
799 else
800 name = wpa_s->conf->bgscan;
268043d5 801 if (name == NULL || name[0] == '\0')
31392709 802 return;
0096c427
JM		 803 if (wpas_driver_bss_selection(wpa_s))
804 return;
cfe53c9a
PS		 805 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
806 return;
aa109830
DS		 807#ifdef CONFIG_P2P
808 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
809 return;
810#endif /* CONFIG_P2P */
cfe53c9a
PS		 811
812 bgscan_deinit(wpa_s);
31392709
HD		 813 if (wpa_s->current_ssid) {
814 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
816 "bgscan");
817 /*
818 * Live without bgscan; it is only used as a roaming
819 * optimization, so the initial connection is not
820 * affected.
821 */
6409b7a7
YD		 822 } else {
823 struct wpa_scan_results *scan_res;
cfe53c9a 824 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 825 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
826 0);
827 if (scan_res) {
828 bgscan_notify_scan(wpa_s, scan_res);
829 wpa_scan_results_free(scan_res);
830 }
831 }
cfe53c9a
PS		 832 } else
833 wpa_s->bgscan_ssid = NULL;
834}
835
836
837static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
838{
839 if (wpa_s->bgscan_ssid != NULL) {
840 bgscan_deinit(wpa_s);
841 wpa_s->bgscan_ssid = NULL;
842 }
843}
844
845#endif /* CONFIG_BGSCAN */
846
847
7c865c68
TB		 848static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
849{
99218999 850 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 851 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
852}
853
854
855static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
856{
857 autoscan_deinit(wpa_s);
858}
859
860
c3d12238
JM		 861void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
862{
863 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
864 wpa_s->wpa_state == WPA_SCANNING) {
865 autoscan_deinit(wpa_s);
866 wpa_supplicant_start_autoscan(wpa_s);
867 }
868}
869
870
6fc6879b
JM		 871/**
872 * wpa_supplicant_set_state - Set current connection state
873 * @wpa_s: Pointer to wpa_supplicant data
874 * @state: The new connection state
875 *
876 * This function is called whenever the connection state changes, e.g.,
877 * association is completed for WPA/WPA2 4-Way Handshake is started.
878 */
71934751
JM		 879void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
880 enum wpa_states state)
6fc6879b 881{
27f43d8d 882 enum wpa_states old_state = wpa_s->wpa_state;
a8bfc6ff
AB		 883#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
884 Boolean update_fils_connect_params = FALSE;
885#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
27f43d8d 886
f049052b
BG		 887 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
888 wpa_supplicant_state_txt(wpa_s->wpa_state),
889 wpa_supplicant_state_txt(state));
6fc6879b 890
2bbad1c7
MW		 891 if (state == WPA_COMPLETED &&
892 os_reltime_initialized(&wpa_s->roam_start)) {
893 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
894 wpa_s->roam_start.sec = 0;
895 wpa_s->roam_start.usec = 0;
896 wpas_notify_auth_changed(wpa_s);
897 wpas_notify_roam_time(wpa_s);
898 wpas_notify_roam_complete(wpa_s);
899 } else if (state == WPA_DISCONNECTED &&
900 os_reltime_initialized(&wpa_s->roam_start)) {
901 wpa_s->roam_start.sec = 0;
902 wpa_s->roam_start.usec = 0;
903 wpa_s->roam_time.sec = 0;
904 wpa_s->roam_time.usec = 0;
905 wpas_notify_roam_complete(wpa_s);
906 }
907
5ddd07cb
AS		 908 if (state == WPA_INTERFACE_DISABLED) {
909 /* Assure normal scan when interface is restored */
910 wpa_s->normal_scans = 0;
911 }
912
0cf24fda 913 if (state == WPA_COMPLETED) {
6ac4b15e 914 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 915 /* Reinitialize normal_scan counter */
916 wpa_s->normal_scans = 0;
917 }
6ac4b15e 918
07c1e987
MS		 919#ifdef CONFIG_P2P
920 /*
921 * P2PS client has to reply to Probe Request frames received on the
922 * group operating channel. Enable Probe Request frame reporting for
923 * P2P connected client in case p2p_cli_probe configuration property is
924 * set to 1.
925 */
926 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
927 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
928 wpa_s->current_ssid->p2p_group) {
929 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
930 wpa_dbg(wpa_s, MSG_DEBUG,
931 "P2P: Enable CLI Probe Request RX reporting");
932 wpa_s->p2p_cli_probe =
933 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
934 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
935 wpa_dbg(wpa_s, MSG_DEBUG,
936 "P2P: Disable CLI Probe Request RX reporting");
937 wpa_s->p2p_cli_probe = 0;
938 wpa_drv_probe_req_report(wpa_s, 0);
939 }
940 }
941#endif /* CONFIG_P2P */
942
cb8564b1
DW		 943 if (state != WPA_SCANNING)
944 wpa_supplicant_notify_scanning(wpa_s, 0);
945
6fc6879b 946 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 947 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 948 int fils_hlp_sent = 0;
949
950#ifdef CONFIG_SME
951 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
952 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
953 fils_hlp_sent = 1;
954#endif /* CONFIG_SME */
955 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
956 wpa_auth_alg_fils(wpa_s->auth_alg))
957 fils_hlp_sent = 1;
958
7d37a357 959#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 960 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 961 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 962 MAC2STR(wpa_s->bssid),
6fc6879b 963 ssid ? ssid->id : -1,
da6a28ba
VK		 964 ssid && ssid->id_str ? ssid->id_str : "",
965 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 966#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 967 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 968 wpa_blacklist_clear(wpa_s);
f1a52633 969 wpa_s->extra_blacklist_count = 0;
6fc6879b 970 wpa_s->new_connection = 0;
6fc6879b 971 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 972#ifndef IEEE8021X_EAPOL
973 wpa_drv_set_supp_port(wpa_s, 1);
974#endif /* IEEE8021X_EAPOL */
17a4734d 975 wpa_s->after_wps = 0;
4d9fb08d 976 wpa_s->known_wps_freq = 0;
b22128ef 977 wpas_p2p_completed(wpa_s);
c3701c66
RM		 978
979 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 980
981#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
982 if (!fils_hlp_sent && ssid && ssid->eap.erp)
a8bfc6ff 983 update_fils_connect_params = TRUE;
6338c99e 984#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
e0b331d8
SD		 985#ifdef CONFIG_OWE
986 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
987 wpas_update_owe_connect_params(wpa_s);
988#endif /* CONFIG_OWE */
6fc6879b
JM		 989 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
990 state == WPA_ASSOCIATED) {
991 wpa_s->new_connection = 1;
992 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 993#ifndef IEEE8021X_EAPOL
994 wpa_drv_set_supp_port(wpa_s, 0);
995#endif /* IEEE8021X_EAPOL */
c3701c66 996 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 997 }
998 wpa_s->wpa_state = state;
27f43d8d 999
cfe53c9a
PS		 1000#ifdef CONFIG_BGSCAN
1001 if (state == WPA_COMPLETED)
1002 wpa_supplicant_start_bgscan(wpa_s);
37271232 1003 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 1004 wpa_supplicant_stop_bgscan(wpa_s);
1005#endif /* CONFIG_BGSCAN */
1006
bce3d4f7 1007 if (state > WPA_SCANNING)
7c865c68
TB		 1008 wpa_supplicant_stop_autoscan(wpa_s);
1009
1010 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1011 wpa_supplicant_start_autoscan(wpa_s);
1012
fecc2bb5
EP		 1013 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1014 wmm_ac_notify_disassoc(wpa_s);
1015
5bbf9f10 1016 if (wpa_s->wpa_state != old_state) {
27f43d8d 1017 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 1018
e3bd6e9d
IP		 1019 /*
1020 * Notify the P2P Device interface about a state change in one
1021 * of the interfaces.
1022 */
1023 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 1024
5bbf9f10
PS		 1025 if (wpa_s->wpa_state == WPA_COMPLETED ||
1026 old_state == WPA_COMPLETED)
1027 wpas_notify_auth_changed(wpa_s);
16ef233b
JM		 1028#ifdef CONFIG_DPP2
1029 if (wpa_s->wpa_state == WPA_COMPLETED)
1030 wpas_dpp_connected(wpa_s);
1031#endif /* CONFIG_DPP2 */
5bbf9f10 1032 }
a8bfc6ff
AB		 1033#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1034 if (update_fils_connect_params)
1035 wpas_update_fils_connect_params(wpa_s);
1036#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 1037}
1038
1039
1a1bf008
JM		 1040void wpa_supplicant_terminate_proc(struct wpa_global *global)
1041{
1042 int pending = 0;
1043#ifdef CONFIG_WPS
1044 struct wpa_supplicant *wpa_s = global->ifaces;
1045 while (wpa_s) {
ab41595f 1046 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 1047 if (wpas_wps_terminate_pending(wpa_s) == 1)
1048 pending = 1;
20625e97
JM		 1049#ifdef CONFIG_P2P
1050 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1051 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1052 wpas_p2p_disconnect(wpa_s);
1053#endif /* CONFIG_P2P */
ab41595f 1054 wpa_s = next;
1a1bf008
JM		 1055 }
1056#endif /* CONFIG_WPS */
1057 if (pending)
1058 return;
1059 eloop_terminate();
1060}
1061
1062
0456ea16 1063static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 1064{
0456ea16 1065 struct wpa_global *global = signal_ctx;
1a1bf008 1066 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1067}
1068
1069
b22128ef 1070void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 1071{
71934751 1072 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 1073
6fc6879b
JM		 1074 wpa_s->pairwise_cipher = 0;
1075 wpa_s->group_cipher = 0;
1076 wpa_s->mgmt_group_cipher = 0;
1077 wpa_s->key_mgmt = 0;
8401a6b0 1078 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1079 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1080
1081 if (wpa_s->wpa_state != old_state)
1082 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1083}
1084
1085
1086/**
1087 * wpa_supplicant_reload_configuration - Reload configuration data
1088 * @wpa_s: Pointer to wpa_supplicant data
1089 * Returns: 0 on success or -1 if configuration parsing failed
1090 *
1091 * This function can be used to request that the configuration data is reloaded
1092 * (e.g., after configuration file change). This function is reloading
1093 * configuration only for one interface, so this may need to be called multiple
1094 * times if %wpa_supplicant is controlling multiple interfaces and all
1095 * interfaces need reconfiguration.
1096 */
1097int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1098{
1099 struct wpa_config *conf;
1100 int reconf_ctrl;
8bac466b
JM		 1101 int old_ap_scan;
1102
6fc6879b
JM		 1103 if (wpa_s->confname == NULL)
1104 return -1;
e6304cad 1105 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1106 if (conf == NULL) {
1107 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1108 "file '%s' - exiting", wpa_s->confname);
1109 return -1;
1110 }
3bd35b68
JM		 1111 if (wpa_s->confanother &&
1112 !wpa_config_read(wpa_s->confanother, conf)) {
1113 wpa_msg(wpa_s, MSG_ERROR,
1114 "Failed to parse the configuration file '%s' - exiting",
1115 wpa_s->confanother);
1116 return -1;
1117 }
e6304cad 1118
611aea7d 1119 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1120
1121 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1122 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1123 os_strcmp(conf->ctrl_interface,
1124 wpa_s->conf->ctrl_interface) != 0);
1125
1126 if (reconf_ctrl && wpa_s->ctrl_iface) {
1127 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1128 wpa_s->ctrl_iface = NULL;
1129 }
1130
1131 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1132 if (wpa_s->current_ssid) {
e66bcedd
JM		 1133 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1134 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1135 wpa_supplicant_deauthenticate(wpa_s,
1136 WLAN_REASON_DEAUTH_LEAVING);
1137 }
8bac466b 1138
6fc6879b
JM		 1139 /*
1140 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1141 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1142 */
a1ea1b45 1143 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1144 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1145 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1146 /*
1147 * Clear forced success to clear EAP state for next
1148 * authentication.
1149 */
1150 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1151 }
1152 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1153 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1154 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1155 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1156 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1157
1158 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1159 wpa_config_free(wpa_s->conf);
1160 wpa_s->conf = conf;
8bac466b
JM		 1161 if (old_ap_scan != wpa_s->conf->ap_scan)
1162 wpas_notify_ap_scan_changed(wpa_s);
1163
6fc6879b
JM		 1164 if (reconf_ctrl)
1165 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1166
611aea7d
JM		 1167 wpa_supplicant_update_config(wpa_s);
1168
6fc6879b 1169 wpa_supplicant_clear_status(wpa_s);
349493bd 1170 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1171 wpa_s->reassociate = 1;
1172 wpa_supplicant_req_scan(wpa_s, 0, 0);
1173 }
f049052b 1174 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1175 return 0;
1176}
1177
1178
0456ea16 1179static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1180{
0456ea16 1181 struct wpa_global *global = signal_ctx;
6fc6879b 1182 struct wpa_supplicant *wpa_s;
6fc6879b 1183 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1184 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1185 sig);
6fc6879b 1186 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1187 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1188 }
1189 }
1248e584
LR		 1190
1191 if (wpa_debug_reopen_file() < 0) {
1192 /* Ignore errors since we cannot really do much to fix this */
1193 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1194 }
6fc6879b
JM		 1195}
1196
1197
6fc6879b
JM		 1198static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1199 struct wpa_ssid *ssid,
1200 struct wpa_ie_data *ie)
1201{
1202 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1203 if (ret) {
1204 if (ret == -2) {
1205 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1206 "from association info");
1207 }
1208 return -1;
1209 }
1210
f049052b
BG		 1211 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1212 "cipher suites");
6fc6879b
JM		 1213 if (!(ie->group_cipher & ssid->group_cipher)) {
1214 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1215 "cipher 0x%x (mask 0x%x) - reject",
1216 ie->group_cipher, ssid->group_cipher);
1217 return -1;
1218 }
1219 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1220 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1221 "cipher 0x%x (mask 0x%x) - reject",
1222 ie->pairwise_cipher, ssid->pairwise_cipher);
1223 return -1;
1224 }
1225 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1226 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1227 "management 0x%x (mask 0x%x) - reject",
1228 ie->key_mgmt, ssid->key_mgmt);
1229 return -1;
1230 }
1231
0b60b0aa 1232 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1233 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1234 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1235 "that does not support management frame protection - "
1236 "reject");
1237 return -1;
1238 }
6fc6879b
JM		 1239
1240 return 0;
1241}
1242
1243
2c129a1b
LD		 1244static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1245 int freq)
1246{
1247 if (!ie->has_group)
1248 ie->group_cipher = wpa_default_rsn_cipher(freq);
1249 if (!ie->has_pairwise)
1250 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1251 return (ie->group_cipher & ssid->group_cipher) &&
1252 (ie->pairwise_cipher & ssid->pairwise_cipher);
1253}
1254
1255
6fc6879b
JM		 1256/**
1257 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1258 * @wpa_s: Pointer to wpa_supplicant data
1259 * @bss: Scan results for the selected BSS, or %NULL if not available
1260 * @ssid: Configuration data for the selected network
1261 * @wpa_ie: Buffer for the WPA/RSN IE
1262 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1263 * used buffer length in case the functions returns success.
1264 * Returns: 0 on success or -1 on failure
1265 *
1266 * This function is used to configure authentication and encryption parameters
1267 * based on the network configuration and scan result for the selected BSS (if
1268 * available).
1269 */
1270int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1271 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1272 u8 *wpa_ie, size_t *wpa_ie_len)
1273{
1274 struct wpa_ie_data ie;
e36a5894 1275 int sel, proto, sae_pwe;
146889e3 1276 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
6fc6879b
JM		 1277
1278 if (bss) {
6fa81a3b
JM		 1279 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1280 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
146889e3 1281 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
df0f01d9 1282 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
146889e3
JM		 1283 } else {
1284 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1285 }
6fc6879b
JM		 1286
1287 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1288 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
2c129a1b 1289 matching_ciphers(ssid, &ie, bss->freq) &&
6fc6879b 1290 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1291 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1292 proto = WPA_PROTO_RSN;
1293 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1294 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1295 (ie.group_cipher & ssid->group_cipher) &&
1296 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1297 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1298 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1299 proto = WPA_PROTO_WPA;
df0f01d9 1300#ifdef CONFIG_HS20
dc673aec
JM		 1301 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1302 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1303 (ie.group_cipher & ssid->group_cipher) &&
1304 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1305 (ie.key_mgmt & ssid->key_mgmt)) {
df0f01d9 1306 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
df0f01d9 1307 proto = WPA_PROTO_OSEN;
f5a60216
JM		 1308 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1309 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1310 (ie.group_cipher & ssid->group_cipher) &&
1311 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1312 (ie.key_mgmt & ssid->key_mgmt)) {
1313 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1314 proto = WPA_PROTO_RSN;
df0f01d9 1315#endif /* CONFIG_HS20 */
6fc6879b
JM		 1316 } else if (bss) {
1317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1318 wpa_dbg(wpa_s, MSG_DEBUG,
1319 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1320 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1321 ssid->key_mgmt);
1322 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1323 MAC2STR(bss->bssid),
1324 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1325 bss_wpa ? " WPA" : "",
1326 bss_rsn ? " RSN" : "",
1327 bss_osen ? " OSEN" : "");
1328 if (bss_rsn) {
1329 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1330 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1331 wpa_dbg(wpa_s, MSG_DEBUG,
1332 "Could not parse RSN element");
1333 } else {
1334 wpa_dbg(wpa_s, MSG_DEBUG,
1335 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1336 ie.pairwise_cipher, ie.group_cipher,
1337 ie.key_mgmt);
1338 }
1339 }
1340 if (bss_wpa) {
1341 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1342 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1343 wpa_dbg(wpa_s, MSG_DEBUG,
1344 "Could not parse WPA element");
1345 } else {
1346 wpa_dbg(wpa_s, MSG_DEBUG,
1347 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1348 ie.pairwise_cipher, ie.group_cipher,
1349 ie.key_mgmt);
1350 }
1351 }
6fc6879b
JM		 1352 return -1;
1353 } else {
df0f01d9
JM		 1354 if (ssid->proto & WPA_PROTO_OSEN)
1355 proto = WPA_PROTO_OSEN;
1356 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1357 proto = WPA_PROTO_RSN;
1358 else
1359 proto = WPA_PROTO_WPA;
1360 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1361 os_memset(&ie, 0, sizeof(ie));
1362 ie.group_cipher = ssid->group_cipher;
1363 ie.pairwise_cipher = ssid->pairwise_cipher;
1364 ie.key_mgmt = ssid->key_mgmt;
61a56c14
JM		 1365 ie.mgmt_group_cipher = 0;
1366 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1367 if (ssid->group_mgmt_cipher &
1368 WPA_CIPHER_BIP_GMAC_256)
1369 ie.mgmt_group_cipher =
1370 WPA_CIPHER_BIP_GMAC_256;
1371 else if (ssid->group_mgmt_cipher &
1372 WPA_CIPHER_BIP_CMAC_256)
1373 ie.mgmt_group_cipher =
1374 WPA_CIPHER_BIP_CMAC_256;
1375 else if (ssid->group_mgmt_cipher &
1376 WPA_CIPHER_BIP_GMAC_128)
1377 ie.mgmt_group_cipher =
1378 WPA_CIPHER_BIP_GMAC_128;
1379 else
1380 ie.mgmt_group_cipher =
1381 WPA_CIPHER_AES_128_CMAC;
1382 }
c1790a5f
JM		 1383#ifdef CONFIG_OWE
1384 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1385 !ssid->owe_only &&
1386 !bss_wpa && !bss_rsn && !bss_osen) {
1387 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1388 wpa_s->wpa_proto = 0;
9f8d459d 1389 *wpa_ie_len = 0;
c1790a5f
JM		 1390 return 0;
1391 }
1392#endif /* CONFIG_OWE */
f049052b
BG		 1393 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1394 "based on configuration");
6fc6879b
JM		 1395 } else
1396 proto = ie.proto;
1397 }
1398
f049052b
BG		 1399 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1400 "pairwise %d key_mgmt %d proto %d",
1401 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b 1402 if (ssid->ieee80211w) {
f049052b
BG		 1403 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1404 ie.mgmt_group_cipher);
6fc6879b 1405 }
6fc6879b 1406
64fa840a 1407 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1408 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1409 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1410 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1411
1412 if (bss || !wpa_s->ap_ies_from_associnfo) {
1413 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1414 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1415 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
146889e3
JM		 1416 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1417 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1418 bss_rsnx ? 2 + bss_rsnx[1] : 0))
6fc6879b
JM		 1419 return -1;
1420 }
1421
9e68742e
JM		 1422#ifdef CONFIG_NO_WPA
1423 wpa_s->group_cipher = WPA_CIPHER_NONE;
1424 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1425#else /* CONFIG_NO_WPA */
6fc6879b 1426 sel = ie.group_cipher & ssid->group_cipher;
853bd19f
JM		 1427 wpa_dbg(wpa_s, MSG_DEBUG,
1428 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1429 ie.group_cipher, ssid->group_cipher, sel);
edbd2a19
JM		 1430 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1431 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1432 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1433 "cipher");
6fc6879b
JM		 1434 return -1;
1435 }
edbd2a19
JM		 1436 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1437 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1438
1439 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
853bd19f
JM		 1440 wpa_dbg(wpa_s, MSG_DEBUG,
1441 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1442 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
edbd2a19
JM		 1443 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1444 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1445 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1446 "cipher");
6fc6879b
JM		 1447 return -1;
1448 }
edbd2a19
JM		 1449 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1450 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1451#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1452
1453 sel = ie.key_mgmt & ssid->key_mgmt;
853bd19f
JM		 1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1456 ie.key_mgmt, ssid->key_mgmt, sel);
c10347f2
JM		 1457#ifdef CONFIG_SAE
1458 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1459 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1460#endif /* CONFIG_SAE */
6fc6879b 1461 if (0) {
6d77014e
JM		 1462#ifdef CONFIG_IEEE80211R
1463#ifdef CONFIG_SHA384
dd0153fc
MW		 1464 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1465 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6d77014e
JM		 1466 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1467 wpa_dbg(wpa_s, MSG_DEBUG,
1468 "WPA: using KEY_MGMT FT/802.1X-SHA384");
9083ef13
JM		 1469 if (!ssid->ft_eap_pmksa_caching &&
1470 pmksa_cache_get_current(wpa_s->wpa)) {
1471 /* PMKSA caching with FT may have interoperability
1472 * issues, so disable that case by default for now. */
6d77014e
JM		 1473 wpa_dbg(wpa_s, MSG_DEBUG,
1474 "WPA: Disable PMKSA caching for FT/802.1X connection");
1475 pmksa_cache_clear_current(wpa_s->wpa);
1476 }
1477#endif /* CONFIG_SHA384 */
1478#endif /* CONFIG_IEEE80211R */
5e3b5197
JM		 1479#ifdef CONFIG_SUITEB192
1480 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1481 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1482 wpa_dbg(wpa_s, MSG_DEBUG,
1483 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1484#endif /* CONFIG_SUITEB192 */
1485#ifdef CONFIG_SUITEB
666497c8
JM		 1486 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1487 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1488 wpa_dbg(wpa_s, MSG_DEBUG,
1489 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1490#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1491#ifdef CONFIG_FILS
1492#ifdef CONFIG_IEEE80211R
1493 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1494 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1495 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1496 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1497 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1498 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1499#endif /* CONFIG_IEEE80211R */
1500 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1501 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1502 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1503 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1504 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1505 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1506#endif /* CONFIG_FILS */
6fc6879b 1507#ifdef CONFIG_IEEE80211R
dd0153fc
MW		 1508 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1509 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
6fc6879b 1510 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1511 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
9083ef13
JM		 1512 if (!ssid->ft_eap_pmksa_caching &&
1513 pmksa_cache_get_current(wpa_s->wpa)) {
1514 /* PMKSA caching with FT may have interoperability
1515 * issues, so disable that case by default for now. */
833bb2ab
JM		 1516 wpa_dbg(wpa_s, MSG_DEBUG,
1517 "WPA: Disable PMKSA caching for FT/802.1X connection");
1518 pmksa_cache_clear_current(wpa_s->wpa);
1519 }
6fc6879b 1520#endif /* CONFIG_IEEE80211R */
dd6c5980
JM		 1521#ifdef CONFIG_DPP
1522 } else if (sel & WPA_KEY_MGMT_DPP) {
1523 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1524 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1525#endif /* CONFIG_DPP */
c10347f2 1526#ifdef CONFIG_SAE
c10347f2
JM		 1527 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1528 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1529 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
76fd782a
JM		 1530 } else if (sel & WPA_KEY_MGMT_SAE) {
1531 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1532 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
c10347f2 1533#endif /* CONFIG_SAE */
9af1eea3
JM		 1534#ifdef CONFIG_IEEE80211R
1535 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1536 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1537 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1538#endif /* CONFIG_IEEE80211R */
56586197
JM		 1539 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1540 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1541 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1542 "WPA: using KEY_MGMT 802.1X with SHA256");
1543 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1544 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1545 wpa_dbg(wpa_s, MSG_DEBUG,
56586197 1546 "WPA: using KEY_MGMT PSK with SHA256");
6fc6879b
JM		 1547 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1548 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1549 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1550 } else if (sel & WPA_KEY_MGMT_PSK) {
1551 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1552 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1553 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1554 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1555 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1556#ifdef CONFIG_HS20
1557 } else if (sel & WPA_KEY_MGMT_OSEN) {
1558 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1559 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1560#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1561#ifdef CONFIG_OWE
1562 } else if (sel & WPA_KEY_MGMT_OWE) {
1563 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1564 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1565#endif /* CONFIG_OWE */
6fc6879b 1566 } else {
f049052b
BG		 1567 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1568 "authenticated key management type");
6fc6879b
JM		 1569 return -1;
1570 }
1571
1572 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1573 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1574 wpa_s->pairwise_cipher);
1575 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1576
ae05b6a2
JM		 1577 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1578 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1579 wpa_msg(wpa_s, MSG_INFO,
1580 "RSN: Management frame protection required but the selected AP does not enable it");
1581 return -1;
1582 }
1583
6fc6879b 1584 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1585 if (ssid->group_mgmt_cipher)
1586 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1587 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1588 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b 1589 sel = 0;
853bd19f
JM		 1590 wpa_dbg(wpa_s, MSG_DEBUG,
1591 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1592 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
6fc6879b
JM		 1593 if (sel & WPA_CIPHER_AES_128_CMAC) {
1594 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1595 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1596 "AES-128-CMAC");
8dd9f9cd
JM		 1597 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1598 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1599 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1600 "BIP-GMAC-128");
1601 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1602 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1603 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1604 "BIP-GMAC-256");
1605 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1606 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1607 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1608 "BIP-CMAC-256");
6fc6879b
JM		 1609 } else {
1610 wpa_s->mgmt_group_cipher = 0;
f049052b 1611 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1612 }
1613 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1614 wpa_s->mgmt_group_cipher);
62d49803 1615 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1616 wpas_get_ssid_pmf(wpa_s, ssid));
55c12f5d
MV		 1617#ifdef CONFIG_OCV
1618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1619#endif /* CONFIG_OCV */
e36a5894 1620 sae_pwe = wpa_s->conf->sae_pwe;
641d79f1 1621 if (ssid->sae_password_id && sae_pwe != 3)
e36a5894
JM		 1622 sae_pwe = 1;
1623 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
6fc6879b
JM		 1624
1625 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1626 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1627 return -1;
1628 }
1629
6d6c8877
JM		 1630 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1631 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1632 &wpa_s->rsnxe_len)) {
1633 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1634 return -1;
1635 }
1636
dd6c5980
JM		 1637 if (0) {
1638#ifdef CONFIG_DPP
1639 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1640 /* Use PMK from DPP network introduction (PMKSA entry) */
1641 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1642#endif /* CONFIG_DPP */
1643 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1644 int psk_set = 0;
06b1a104 1645 int sae_only;
a52410c2 1646
06b1a104
JM		 1647 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1648 WPA_KEY_MGMT_FT_PSK |
1649 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1650
1651 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1652 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1653 ssid->psk, PMK_LEN);
70c93963
MH		 1654 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1655 NULL);
a52410c2
JM		 1656 psk_set = 1;
1657 }
a34ca59e 1658
06b1a104
JM		 1659 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1660 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1661 psk_set = 1;
1662
7d232e23
ZC		 1663#ifndef CONFIG_NO_PBKDF2
1664 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1665 ssid->passphrase && !sae_only) {
7d232e23 1666 u8 psk[PMK_LEN];
986de33d
JM		 1667 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1668 4096, psk, PMK_LEN);
7d232e23
ZC		 1669 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1670 psk, PMK_LEN);
70c93963 1671 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1672 psk_set = 1;
e886c88e 1673 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1674 }
1675#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1676#ifdef CONFIG_EXT_PASSWORD
06b1a104 1677 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1678 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1679 ssid->ext_psk);
1680 char pw_str[64 + 1];
1681 u8 psk[PMK_LEN];
1682
1683 if (pw == NULL) {
1684 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1685 "found from external storage");
1686 return -1;
1687 }
1688
1689 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1690 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1691 "PSK length %d in external storage",
1692 (int) wpabuf_len(pw));
1693 ext_password_free(pw);
1694 return -1;
1695 }
1696
1697 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1698 pw_str[wpabuf_len(pw)] = '\0';
1699
1700#ifndef CONFIG_NO_PBKDF2
1701 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1702 {
986de33d
JM		 1703 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1704 4096, psk, PMK_LEN);
9173b16f
JM		 1705 os_memset(pw_str, 0, sizeof(pw_str));
1706 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1707 "external passphrase)",
1708 psk, PMK_LEN);
70c93963
MH		 1709 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1710 NULL);
a52410c2 1711 psk_set = 1;
e886c88e 1712 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1713 } else
1714#endif /* CONFIG_NO_PBKDF2 */
1715 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1716 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1717 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1718 "Invalid PSK hex string");
1719 os_memset(pw_str, 0, sizeof(pw_str));
1720 ext_password_free(pw);
1721 return -1;
1722 }
66dbc8d9
JM		 1723 wpa_hexdump_key(MSG_MSGDUMP,
1724 "PSK (from external PSK)",
1725 psk, PMK_LEN);
70c93963
MH		 1726 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1727 NULL);
a52410c2 1728 psk_set = 1;
e886c88e 1729 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1730 } else {
1731 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1732 "PSK available");
1733 os_memset(pw_str, 0, sizeof(pw_str));
1734 ext_password_free(pw);
1735 return -1;
1736 }
1737
1738 os_memset(pw_str, 0, sizeof(pw_str));
1739 ext_password_free(pw);
1740 }
1741#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1742
1743 if (!psk_set) {
1744 wpa_msg(wpa_s, MSG_INFO,
1745 "No PSK available for association");
06b1a104 1746 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1747 return -1;
1748 }
675112df
JM		 1749#ifdef CONFIG_OWE
1750 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1751 /* OWE Diffie-Hellman exchange in (Re)Association
1752 * Request/Response frames set the PMK, so do not override it
1753 * here. */
1754#endif /* CONFIG_OWE */
7d232e23 1755 } else
6fc6879b
JM		 1756 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1757
1758 return 0;
1759}
1760
1761
8cd6b7bc 1762static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1763{
8cd6b7bc 1764 *pos = 0x00;
03e47c9c 1765
8cd6b7bc
JB		 1766 switch (idx) {
1767 case 0: /* Bits 0-7 */
1768 break;
1769 case 1: /* Bits 8-15 */
d514b502
JM		 1770 if (wpa_s->conf->coloc_intf_reporting) {
1771 /* Bit 13 - Collocated Interference Reporting */
1772 *pos |= 0x20;
1773 }
8cd6b7bc
JB		 1774 break;
1775 case 2: /* Bits 16-23 */
1776#ifdef CONFIG_WNM
1777 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2e06cef8 1778 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
ef59f987 1779 *pos |= 0x08; /* Bit 19 - BSS Transition */
8cd6b7bc
JB		 1780#endif /* CONFIG_WNM */
1781 break;
1782 case 3: /* Bits 24-31 */
1783#ifdef CONFIG_WNM
1784 *pos |= 0x02; /* Bit 25 - SSID List */
1785#endif /* CONFIG_WNM */
03e47c9c 1786#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1787 if (wpa_s->conf->interworking)
1788 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1789#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1790 break;
1791 case 4: /* Bits 32-39 */
56f5af48 1792#ifdef CONFIG_INTERWORKING
1e1245bc 1793 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
429dd9af 1794 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1795#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1796 break;
1797 case 5: /* Bits 40-47 */
95a3ea94
JM		 1798#ifdef CONFIG_HS20
1799 if (wpa_s->conf->hs20)
1800 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1801#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1802#ifdef CONFIG_MBO
1803 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1804#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1805 break;
1806 case 6: /* Bits 48-55 */
1807 break;
d1723c55
LD		 1808 case 7: /* Bits 56-63 */
1809 break;
1810 case 8: /* Bits 64-71 */
1811 if (wpa_s->conf->ftm_responder)
1812 *pos |= 0x40; /* Bit 70 - FTM responder */
1813 if (wpa_s->conf->ftm_initiator)
1814 *pos |= 0x80; /* Bit 71 - FTM initiator */
1815 break;
e4d2ce1b
JM		 1816 case 9: /* Bits 72-79 */
1817#ifdef CONFIG_FILS
d98038bb 1818 if (!wpa_s->disable_fils)
1819 *pos |= 0x01;
e4d2ce1b
JM		 1820#endif /* CONFIG_FILS */
1821 break;
8cd6b7bc
JB		 1822 }
1823}
03e47c9c 1824
03e47c9c 1825
0bbaa9b9 1826int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1827{
1828 u8 *pos = buf;
e4d2ce1b 1829 u8 len = 10, i;
8cd6b7bc
JB		 1830
1831 if (len < wpa_s->extended_capa_len)
1832 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1833 if (buflen < (size_t) len + 2) {
1834 wpa_printf(MSG_INFO,
1835 "Not enough room for building extended capabilities element");
1836 return -1;
1837 }
03e47c9c
JM		 1838
1839 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1840 *pos++ = len;
1841 for (i = 0; i < len; i++, pos++) {
1842 wpas_ext_capab_byte(wpa_s, pos, i);
1843
1844 if (i < wpa_s->extended_capa_len) {
1845 *pos &= ~wpa_s->extended_capa_mask[i];
1846 *pos |= wpa_s->extended_capa[i];
1847 }
1848 }
03e47c9c 1849
3db5439a
JM		 1850 while (len > 0 && buf[1 + len] == 0) {
1851 len--;
1852 buf[1] = len;
1853 }
1854 if (len == 0)
1855 return 0;
1856
1857 return 2 + len;
03e47c9c
JM		 1858}
1859
1860
6ac4b15e
JM		 1861static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1862 struct wpa_bss *test_bss)
1863{
1864 struct wpa_bss *bss;
1865
1866 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1867 if (bss == test_bss)
1868 return 1;
1869 }
1870
1871 return 0;
1872}
1873
1874
1875static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1876 struct wpa_ssid *test_ssid)
1877{
1878 struct wpa_ssid *ssid;
1879
1880 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1881 if (ssid == test_ssid)
1882 return 1;
1883 }
1884
1885 return 0;
1886}
1887
1888
1889int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1890 struct wpa_ssid *test_ssid)
1891{
1892 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1893 return 0;
1894
1895 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1896}
1897
1898
1899void wpas_connect_work_free(struct wpa_connect_work *cwork)
1900{
1901 if (cwork == NULL)
1902 return;
1903 os_free(cwork);
1904}
1905
1906
1907void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1908{
1909 struct wpa_connect_work *cwork;
1910 struct wpa_radio_work *work = wpa_s->connect_work;
1911
1912 if (!work)
1913 return;
1914
1915 wpa_s->connect_work = NULL;
1916 cwork = work->ctx;
1917 work->ctx = NULL;
1918 wpas_connect_work_free(cwork);
1919 radio_work_done(work);
1920}
1921
1922
a313d17d 1923int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1924{
1925 struct os_reltime now;
1926 u8 addr[ETH_ALEN];
1927
1928 os_get_reltime(&now);
a313d17d
JM		 1929 if (wpa_s->last_mac_addr_style == style &&
1930 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1931 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1932 wpa_s->conf->rand_addr_lifetime)) {
1933 wpa_msg(wpa_s, MSG_DEBUG,
1934 "Previously selected random MAC address has not yet expired");
1935 return 0;
1936 }
1937
a313d17d
JM		 1938 switch (style) {
1939 case 1:
1940 if (random_mac_addr(addr) < 0)
1941 return -1;
1942 break;
1943 case 2:
1944 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1945 if (random_mac_addr_keep_oui(addr) < 0)
1946 return -1;
1947 break;
1948 default:
c267753b 1949 return -1;
a313d17d 1950 }
c267753b
JM		 1951
1952 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1953 wpa_msg(wpa_s, MSG_INFO,
1954 "Failed to set random MAC address");
1955 return -1;
1956 }
1957
1958 os_get_reltime(&wpa_s->last_mac_addr_change);
1959 wpa_s->mac_addr_changed = 1;
a313d17d 1960 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1961
1962 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1963 wpa_msg(wpa_s, MSG_INFO,
1964 "Could not update MAC address information");
1965 return -1;
1966 }
1967
1968 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1969 MAC2STR(addr));
1970
1971 return 0;
1972}
1973
1974
1975int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1976{
1977 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1978 !wpa_s->conf->preassoc_mac_addr)
1979 return 0;
1980
a313d17d 1981 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1982}
1983
1984
05a2fb0d
JM		 1985static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
1986{
1987#ifdef CONFIG_SAE
1988 int *groups = conf->sae_groups;
1989 int default_groups[] = { 19, 20, 21, 0 };
1990 const char *password;
1991
1992 if (!groups || groups[0] <= 0)
1993 groups = default_groups;
1994
1995 password = ssid->sae_password;
1996 if (!password)
1997 password = ssid->passphrase;
1998
641d79f1
JM		 1999 if ((conf->sae_pwe == 0 && !ssid->sae_password_id) || !password ||
2000 conf->sae_pwe == 3) {
05a2fb0d
JM		 2001 /* PT derivation not needed */
2002 sae_deinit_pt(ssid->pt);
2003 ssid->pt = NULL;
2004 return;
2005 }
2006
2007 if (ssid->pt)
2008 return; /* PT already derived */
2009 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2010 (const u8 *) password, os_strlen(password),
2011 ssid->sae_password_id);
2012#endif /* CONFIG_SAE */
2013}
2014
2015
b834e970
JM		 2016static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2017{
2018#if defined(CONFIG_SAE) && defined(CONFIG_SME)
2019 os_free(wpa_s->sme.sae_rejected_groups);
2020 wpa_s->sme.sae_rejected_groups = NULL;
2021#ifdef CONFIG_TESTING_OPTIONS
2022 if (wpa_s->extra_sae_rejected_groups) {
2023 int i, *groups = wpa_s->extra_sae_rejected_groups;
2024
2025 for (i = 0; groups[i]; i++) {
2026 wpa_printf(MSG_DEBUG,
2027 "TESTING: Indicate rejection of an extra SAE group %d",
2028 groups[i]);
2029 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2030 groups[i]);
2031 }
2032 }
2033#endif /* CONFIG_TESTING_OPTIONS */
2034#endif /* CONFIG_SAE && CONFIG_SME */
2035}
2036
2037
6ac4b15e
JM		 2038static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2039
6fc6879b
JM		 2040/**
2041 * wpa_supplicant_associate - Request association
2042 * @wpa_s: Pointer to wpa_supplicant data
2043 * @bss: Scan results for the selected BSS, or %NULL if not available
2044 * @ssid: Configuration data for the selected network
2045 *
2046 * This function is used to request %wpa_supplicant to associate with a BSS.
2047 */
2048void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 2049 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 2050{
6ac4b15e 2051 struct wpa_connect_work *cwork;
a313d17d
JM		 2052 int rand_style;
2053
a8412ec9
JM		 2054 wpa_s->own_disconnect_req = 0;
2055
e7160bd8
JM		 2056 /*
2057 * If we are starting a new connection, any previously pending EAPOL
2058 * RX cannot be valid anymore.
2059 */
2060 wpabuf_free(wpa_s->pending_eapol_rx);
2061 wpa_s->pending_eapol_rx = NULL;
2062
a313d17d
JM		 2063 if (ssid->mac_addr == -1)
2064 rand_style = wpa_s->conf->mac_addr;
2065 else
2066 rand_style = ssid->mac_addr;
6fc6879b 2067
8c42b369
EP		 2068 wmm_ac_clear_saved_tspecs(wpa_s);
2069 wpa_s->reassoc_same_bss = 0;
6a5ee810 2070 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 2071#ifdef CONFIG_TESTING_OPTIONS
2072 wpa_s->testing_resend_assoc = 0;
2073#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 2074
c267753b
JM		 2075 if (wpa_s->last_ssid == ssid) {
2076 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 2077 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 2078 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2079 wmm_ac_save_tspecs(wpa_s);
2080 wpa_s->reassoc_same_bss = 1;
2bbad1c7
MW		 2081 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2082 os_get_reltime(&wpa_s->roam_start);
8c42b369 2083 }
05a2fb0d
JM		 2084 } else {
2085#ifdef CONFIG_SAE
b834e970 2086 wpa_s_clear_sae_rejected(wpa_s);
05a2fb0d
JM		 2087 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2088#endif /* CONFIG_SAE */
5d30f927
BR		 2089 }
2090
2091 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 2092 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 2093 return;
2094 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 2095 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 2096 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2097 wpa_msg(wpa_s, MSG_INFO,
2098 "Could not restore permanent MAC address");
2099 return;
2100 }
2101 wpa_s->mac_addr_changed = 0;
2102 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2103 wpa_msg(wpa_s, MSG_INFO,
2104 "Could not update MAC address information");
2105 return;
2106 }
2107 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2108 }
2109 wpa_s->last_ssid = ssid;
2110
78177a00
JM		 2111#ifdef CONFIG_IBSS_RSN
2112 ibss_rsn_deinit(wpa_s->ibss_rsn);
2113 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 2114#else /* CONFIG_IBSS_RSN */
2115 if (ssid->mode == WPAS_MODE_IBSS &&
2116 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2117 wpa_msg(wpa_s, MSG_INFO,
2118 "IBSS RSN not supported in the build");
2119 return;
2120 }
78177a00
JM		 2121#endif /* CONFIG_IBSS_RSN */
2122
2c5d725c
JM		 2123 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2124 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 2125#ifdef CONFIG_AP
2126 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 2127 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2128 "mode");
1581b38b
JM		 2129 return;
2130 }
8c981d17
DW		 2131 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2132 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 2133 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2134 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 2135 return;
2136 }
8f770587 2137 wpa_s->current_bss = bss;
1581b38b 2138#else /* CONFIG_AP */
f049052b
BG		 2139 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2140 "the build");
1581b38b
JM		 2141#endif /* CONFIG_AP */
2142 return;
2143 }
2144
603a3f34
JL		 2145 if (ssid->mode == WPAS_MODE_MESH) {
2146#ifdef CONFIG_MESH
2147 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2148 wpa_msg(wpa_s, MSG_INFO,
2149 "Driver does not support mesh mode");
2150 return;
2151 }
2152 if (bss)
2153 ssid->frequency = bss->freq;
2154 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2155 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2156 return;
2157 }
2158 wpa_s->current_bss = bss;
6174de66
JM		 2159 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2160 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2161 ssid->id);
89e9cd25 2162 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 2163#else /* CONFIG_MESH */
2164 wpa_msg(wpa_s, MSG_ERROR,
2165 "mesh mode support not included in the build");
2166#endif /* CONFIG_MESH */
2167 return;
2168 }
2169
2efc6720
JM		 2170 /*
2171 * Set WPA state machine configuration to match the selected network now
2172 * so that the information is available before wpas_start_assoc_cb()
2173 * gets called. This is needed at least for RSN pre-authentication where
2174 * candidate APs are added to a list based on scan result processing
2175 * before completion of the first association.
2176 */
2177 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2178
a0d5c56f
JM		 2179#ifdef CONFIG_DPP
2180 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2181 return;
2182#endif /* CONFIG_DPP */
2183
52c9e6f3 2184#ifdef CONFIG_TDLS
95cb2d88
JM		 2185 if (bss)
2186 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2187 bss->ie_len);
52c9e6f3
JM		 2188#endif /* CONFIG_TDLS */
2189
2e06cef8
VK		 2190#ifdef CONFIG_MBO
2191 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2192#endif /* CONFIG_MBO */
2193
5cc4d64b 2194 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
f74618cb 2195 ssid->mode == WPAS_MODE_INFRA) {
c2a04078
JM		 2196 sme_authenticate(wpa_s, bss, ssid);
2197 return;
2198 }
2199
6ac4b15e
JM		 2200 if (wpa_s->connect_work) {
2201 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2202 return;
2203 }
2204
f0e30c84
JM		 2205 if (radio_work_pending(wpa_s, "connect")) {
2206 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2207 return;
2208 }
2209
a1836de6
JM		 2210#ifdef CONFIG_SME
2211 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2212 /* Clear possibly set auth_alg, if any, from last attempt. */
2213 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2214 }
2215#endif /* CONFIG_SME */
2216
4ead7cfd
KV		 2217 wpas_abort_ongoing_scan(wpa_s);
2218
6ac4b15e
JM		 2219 cwork = os_zalloc(sizeof(*cwork));
2220 if (cwork == NULL)
2221 return;
2222
2223 cwork->bss = bss;
2224 cwork->ssid = ssid;
2225
2226 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2227 wpas_start_assoc_cb, cwork) < 0) {
2228 os_free(cwork);
2229 }
2230}
2231
2232
98479dc9
JD		 2233static int bss_is_ibss(struct wpa_bss *bss)
2234{
2235 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2236 IEEE80211_CAP_IBSS;
2237}
2238
2239
a65efbfb
PO		 2240static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2241 const struct wpa_ssid *ssid)
2242{
2243 enum hostapd_hw_mode hw_mode;
2244 struct hostapd_hw_modes *mode = NULL;
2245 u8 channel;
2246 int i;
2247
a65efbfb
PO		 2248 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2249 if (hw_mode == NUM_HOSTAPD_MODES)
2250 return 0;
2251 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2252 if (wpa_s->hw.modes[i].mode == hw_mode) {
2253 mode = &wpa_s->hw.modes[i];
2254 break;
2255 }
2256 }
2257
2258 if (!mode)
2259 return 0;
2260
2261 return mode->vht_capab != 0;
2262}
2263
2264
54fe48b9
JM		 2265void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2266 const struct wpa_ssid *ssid,
2267 struct hostapd_freq_params *freq)
1830817e 2268{
3459c54a 2269 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
1830817e
JD		 2270 enum hostapd_hw_mode hw_mode;
2271 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2272 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2273 184, 192 };
563ee183 2274 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2275 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2276 u8 channel;
98479dc9 2277 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2278 unsigned int j, k;
563ee183 2279 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2280 int chwidth, seg0, seg1;
2281 u32 vht_caps = 0;
6e711e7a 2282 int is_24ghz;
1830817e
JD		 2283
2284 freq->freq = ssid->frequency;
2285
98479dc9
JD		 2286 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2287 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2288
2289 if (ssid->mode != WPAS_MODE_IBSS)
2290 break;
2291
2292 /* Don't adjust control freq in case of fixed_freq */
2293 if (ssid->fixed_freq)
2294 break;
2295
2296 if (!bss_is_ibss(bss))
2297 continue;
2298
2299 if (ssid->ssid_len == bss->ssid_len &&
2300 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2301 wpa_printf(MSG_DEBUG,
2302 "IBSS already found in scan results, adjust control freq: %d",
2303 bss->freq);
2304 freq->freq = bss->freq;
2305 obss_scan = 0;
2306 break;
2307 }
2308 }
2309
1830817e
JD		 2310 /* For IBSS check HT_IBSS flag */
2311 if (ssid->mode == WPAS_MODE_IBSS &&
2312 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2313 return;
2314
d9a9bc04
JD		 2315 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2316 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2317 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2318 wpa_printf(MSG_DEBUG,
2319 "IBSS: WEP/TKIP detected, do not try to enable HT");
2320 return;
2321 }
2322
98479dc9 2323 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2324 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2325 if (wpa_s->hw.modes[i].mode == hw_mode) {
2326 mode = &wpa_s->hw.modes[i];
2327 break;
2328 }
2329 }
2330
2331 if (!mode)
2332 return;
2333
6e711e7a
SE		 2334 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2335 hw_mode == HOSTAPD_MODE_IEEE80211B;
3459c54a 2336
3388e7b9
MH		 2337#ifdef CONFIG_HT_OVERRIDES
2338 if (ssid->disable_ht) {
2339 freq->ht_enabled = 0;
2340 return;
2341 }
2342#endif /* CONFIG_HT_OVERRIDES */
2343
1830817e 2344 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2345 if (!freq->ht_enabled)
2346 return;
2347
6e711e7a
SE		 2348 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2349 if (is_24ghz)
2350 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2351
6b8b0774
JD		 2352 /* Setup higher BW only for 5 GHz */
2353 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2354 return;
2355
2356 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2357 pri_chan = &mode->channels[chan_idx];
2358 if (pri_chan->chan == channel)
2359 break;
2360 pri_chan = NULL;
2361 }
2362 if (!pri_chan)
2363 return;
2364
2365 /* Check primary channel flags */
2366 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2367 return;
2368
e5a9b1e8
PO		 2369 freq->channel = pri_chan->chan;
2370
05aed438 2371#ifdef CONFIG_HT_OVERRIDES
e5a9b1e8
PO		 2372 if (ssid->disable_ht40) {
2373 if (ssid->disable_vht)
2374 return;
2375 goto skip_ht40;
2376 }
05aed438
MH		 2377#endif /* CONFIG_HT_OVERRIDES */
2378
6b8b0774
JD		 2379 /* Check/setup HT40+/HT40- */
2380 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2381 if (ht40plus[j] == channel) {
2382 ht40 = 1;
2383 break;
2384 }
2385 }
2386
2387 /* Find secondary channel */
2388 for (i = 0; i < mode->num_channels; i++) {
2389 sec_chan = &mode->channels[i];
2390 if (sec_chan->chan == channel + ht40 * 4)
2391 break;
2392 sec_chan = NULL;
2393 }
2394 if (!sec_chan)
2395 return;
2396
2397 /* Check secondary channel flags */
2398 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2399 return;
2400
ecba4509 2401 if (ht40 == -1) {
6b8b0774
JD		 2402 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2403 return;
ecba4509 2404 } else {
6b8b0774
JD		 2405 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2406 return;
6b8b0774 2407 }
ecba4509 2408 freq->sec_channel_offset = ht40;
6b8b0774 2409
ecba4509 2410 if (obss_scan) {
6b8b0774
JD		 2411 struct wpa_scan_results *scan_res;
2412
2413 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2414 if (scan_res == NULL) {
2415 /* Back to HT20 */
2416 freq->sec_channel_offset = 0;
2417 return;
2418 }
2419
5f9b4afd 2420 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
6b8b0774
JD		 2421 switch (res) {
2422 case 0:
2423 /* Back to HT20 */
2424 freq->sec_channel_offset = 0;
2425 break;
2426 case 1:
2427 /* Configuration allowed */
2428 break;
2429 case 2:
2430 /* Switch pri/sec channels */
2431 freq->freq = hw_get_freq(mode, sec_chan->chan);
2432 freq->sec_channel_offset = -freq->sec_channel_offset;
2433 freq->channel = sec_chan->chan;
2434 break;
2435 default:
2436 freq->sec_channel_offset = 0;
2437 break;
2438 }
2439
2440 wpa_scan_results_free(scan_res);
2441 }
2442
e5a9b1e8
PO		 2443#ifdef CONFIG_HT_OVERRIDES
2444skip_ht40:
2445#endif /* CONFIG_HT_OVERRIDES */
6b8b0774
JD		 2446 wpa_printf(MSG_DEBUG,
2447 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2448 freq->channel, freq->sec_channel_offset);
563ee183 2449
a65efbfb 2450 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2451 return;
2452
2453 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2454 if (ssid->mode == WPAS_MODE_IBSS &&
2455 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2456 return;
2457
2458 vht_freq = *freq;
2459
b301f54e
JM		 2460#ifdef CONFIG_VHT_OVERRIDES
2461 if (ssid->disable_vht) {
2462 freq->vht_enabled = 0;
2463 return;
2464 }
2465#endif /* CONFIG_VHT_OVERRIDES */
2466
563ee183
JD		 2467 vht_freq.vht_enabled = vht_supported(mode);
2468 if (!vht_freq.vht_enabled)
2469 return;
2470
6e711e7a
SE		 2471 /* Enable HE for VHT */
2472 vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2473
563ee183
JD		 2474 /* setup center_freq1, bandwidth */
2475 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2476 if (freq->channel >= vht80[j] &&
2477 freq->channel < vht80[j] + 16)
2478 break;
2479 }
2480
2481 if (j == ARRAY_SIZE(vht80))
2482 return;
2483
2484 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2485 struct hostapd_channel_data *chan;
2486
2487 chan = hw_get_channel_chan(mode, i, NULL);
2488 if (!chan)
2489 return;
2490
2491 /* Back to HT configuration if channel not usable */
2492 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2493 return;
2494 }
2495
464dcfd0 2496 chwidth = CHANWIDTH_80MHZ;
0f29bc68
AK		 2497 seg0 = vht80[j] + 6;
2498 seg1 = 0;
2499
464dcfd0 2500 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
0f29bc68
AK		 2501 /* setup center_freq2, bandwidth */
2502 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2503 /* Only accept 80 MHz segments separated by a gap */
2504 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2505 continue;
2506 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2507 struct hostapd_channel_data *chan;
2508
2509 chan = hw_get_channel_chan(mode, i, NULL);
2510 if (!chan)
2511 continue;
2512
2513 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2514 HOSTAPD_CHAN_NO_IR |
2515 HOSTAPD_CHAN_RADAR))
2516 continue;
2517
2518 /* Found a suitable second segment for 80+80 */
464dcfd0 2519 chwidth = CHANWIDTH_80P80MHZ;
0f29bc68
AK		 2520 vht_caps |=
2521 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2522 seg1 = vht80[k] + 6;
2523 }
2524
464dcfd0 2525 if (chwidth == CHANWIDTH_80P80MHZ)
0f29bc68
AK		 2526 break;
2527 }
464dcfd0 2528 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
331f0774 2529 if (freq->freq == 5180) {
464dcfd0 2530 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2531 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2532 seg0 = 50;
2533 } else if (freq->freq == 5520) {
464dcfd0 2534 chwidth = CHANWIDTH_160MHZ;
331f0774
JM		 2535 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2536 seg0 = 114;
2537 }
464dcfd0
JC		 2538 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2539 chwidth = CHANWIDTH_USE_HT;
806db174 2540 seg0 = vht80[j] + 2;
e5a9b1e8
PO		 2541#ifdef CONFIG_HT_OVERRIDES
2542 if (ssid->disable_ht40)
2543 seg0 = 0;
2544#endif /* CONFIG_HT_OVERRIDES */
0f29bc68
AK		 2545 }
2546
563ee183 2547 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
bebd91e9
AAL		 2548 freq->channel, ssid->enable_edmg,
2549 ssid->edmg_channel, freq->ht_enabled,
3459c54a 2550 vht_freq.vht_enabled, freq->he_enabled,
563ee183 2551 freq->sec_channel_offset,
3459c54a
SE		 2552 chwidth, seg0, seg1, vht_caps,
2553 &mode->he_capab[ieee80211_mode]) != 0)
563ee183
JD		 2554 return;
2555
2556 *freq = vht_freq;
2557
2558 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2559 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2560}
2561
2562
a38090b1
VK		 2563#ifdef CONFIG_FILS
2564static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2565 size_t ie_buf_len)
2566{
2567 struct fils_hlp_req *req;
2568 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2569 const u8 *pos;
2570 u8 *buf = ie_buf;
2571
2572 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2573 list) {
2574 rem_len = ie_buf_len - ie_len;
2575 pos = wpabuf_head(req->pkt);
2576 hdr_len = 1 + 2 * ETH_ALEN + 6;
2577 hlp_len = wpabuf_len(req->pkt);
2578
2579 if (rem_len < 2 + hdr_len + hlp_len) {
2580 wpa_printf(MSG_ERROR,
2581 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2582 (unsigned long) rem_len,
2583 (unsigned long) (2 + hdr_len + hlp_len));
2584 break;
2585 }
2586
2587 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2588 /* Element ID */
2589 *buf++ = WLAN_EID_EXTENSION;
2590 /* Length */
2591 *buf++ = len;
2592 /* Element ID Extension */
2593 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2594 /* Destination MAC address */
2595 os_memcpy(buf, req->dst, ETH_ALEN);
2596 buf += ETH_ALEN;
2597 /* Source MAC address */
2598 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2599 buf += ETH_ALEN;
2600 /* LLC/SNAP Header */
2601 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2602 buf += 6;
2603 /* HLP Packet */
2604 os_memcpy(buf, pos, len - hdr_len);
2605 buf += len - hdr_len;
2606 pos += len - hdr_len;
2607
2608 hlp_len -= len - hdr_len;
2609 ie_len += 2 + len;
2610 rem_len -= 2 + len;
2611
2612 while (hlp_len) {
2613 len = (hlp_len > 255) ? 255 : hlp_len;
2614 if (rem_len < 2 + len)
2615 break;
2616 *buf++ = WLAN_EID_FRAGMENT;
2617 *buf++ = len;
2618 os_memcpy(buf, pos, len);
2619 buf += len;
2620 pos += len;
2621
2622 hlp_len -= len;
2623 ie_len += 2 + len;
2624 rem_len -= 2 + len;
2625 }
2626 }
2627
2628 return ie_len;
2629}
e4802127
MH		 2630
2631
2632int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2633{
2634 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2635 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2636 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2637 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2638}
2639
2640
2641int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2642{
2643#ifdef CONFIG_FILS_SK_PFS
2644 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2645 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2646#else /* CONFIG_FILS_SK_PFS */
2647 return 0;
2648#endif /* CONFIG_FILS_SK_PFS */
2649}
2650
a38090b1
VK		 2651#endif /* CONFIG_FILS */
2652
2653
d2ba0d71
VK		 2654static u8 * wpas_populate_assoc_ies(
2655 struct wpa_supplicant *wpa_s,
2656 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2657 struct wpa_driver_associate_params *params,
2658 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2659{
1e6780bd 2660 u8 *wpa_ie;
10970465 2661 size_t max_wpa_ie_len = 500;
6ac4b15e 2662 size_t wpa_ie_len;
6ac4b15e 2663 int algs = WPA_AUTH_ALG_OPEN;
077232f6
BL		 2664#ifdef CONFIG_MBO
2665 const u8 *mbo_ie;
2666#endif
eb3234c0
SM		 2667#ifdef CONFIG_SAE
2668 int sae_pmksa_cached = 0;
2669#endif /* CONFIG_SAE */
8b0a6dba
VK		 2670#ifdef CONFIG_FILS
2671 const u8 *realm, *username, *rrk;
2672 size_t realm_len, username_len, rrk_len;
2673 u16 next_seq_num;
b377ec25 2674 struct fils_hlp_req *req;
6fc6879b 2675
b377ec25
VK		 2676 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2677 list) {
2678 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2679 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2680 }
2681#endif /* CONFIG_FILS */
8b0a6dba 2682
1e6780bd
VK		 2683 wpa_ie = os_malloc(max_wpa_ie_len);
2684 if (!wpa_ie) {
2685 wpa_printf(MSG_ERROR,
2686 "Failed to allocate connect IE buffer for %lu bytes",
2687 (unsigned long) max_wpa_ie_len);
d2ba0d71 2688 return NULL;
1e6780bd
VK		 2689 }
2690
6fa81a3b
JM		 2691 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2692 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2693 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2694 int try_opportunistic;
79f3121b
VK		 2695 const u8 *cache_id = NULL;
2696
6e202021
JM		 2697 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2698 wpa_s->conf->okc :
2699 ssid->proactive_key_caching) &&
6fc6879b 2700 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2701#ifdef CONFIG_FILS
2702 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2703 cache_id = wpa_bss_get_fils_cache_id(bss);
2704#endif /* CONFIG_FILS */
6fc6879b 2705 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2706 ssid, try_opportunistic,
eb3234c0 2707 cache_id, 0) == 0) {
ba422613 2708 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
eb3234c0
SM		 2709#ifdef CONFIG_SAE
2710 sae_pmksa_cached = 1;
2711#endif /* CONFIG_SAE */
2712 }
1e6780bd 2713 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2714 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2715 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2716 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2717 "key management and encryption suites");
1e6780bd 2718 os_free(wpa_ie);
d2ba0d71 2719 return NULL;
6fc6879b 2720 }
dc673aec
JM		 2721#ifdef CONFIG_HS20
2722 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2723 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2724 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2725 wpa_ie_len = max_wpa_ie_len;
2726 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2727 wpa_ie, &wpa_ie_len)) {
2728 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2729 "key management and encryption suites");
2730 os_free(wpa_ie);
2731 return NULL;
2732 }
2733#endif /* CONFIG_HS20 */
a3f7e518
JM		 2734 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2735 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2736 /*
2737 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2738 * use non-WPA since the scan results did not indicate that the
2739 * AP is using WPA or WPA2.
2740 */
2741 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2742 wpa_ie_len = 0;
2743 wpa_s->wpa_proto = 0;
0bf927a0 2744 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2745 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2746 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2747 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2748 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2749 "key management and encryption suites (no "
2750 "scan results)");
1e6780bd 2751 os_free(wpa_ie);
d2ba0d71 2752 return NULL;
6fc6879b 2753 }
ad08c363
JM		 2754#ifdef CONFIG_WPS
2755 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2756 struct wpabuf *wps_ie;
2757 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2758 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2759 wpa_ie_len = wpabuf_len(wps_ie);
2760 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2761 } else
2762 wpa_ie_len = 0;
ad08c363
JM		 2763 wpabuf_free(wps_ie);
2764 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2765 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2766 params->wps = WPS_MODE_PRIVACY;
0c80427d 2767 else
d2ba0d71 2768 params->wps = WPS_MODE_OPEN;
cf546f1a 2769 wpa_s->wpa_proto = 0;
ad08c363 2770#endif /* CONFIG_WPS */
6fc6879b
JM		 2771 } else {
2772 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2773 wpa_ie_len = 0;
cf546f1a 2774 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2775 }
2776
b377ec25
VK		 2777#ifdef IEEE8021X_EAPOL
2778 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2779 if (ssid->leap) {
2780 if (ssid->non_leap == 0)
2781 algs = WPA_AUTH_ALG_LEAP;
2782 else
2783 algs |= WPA_AUTH_ALG_LEAP;
2784 }
2785 }
2786
2787#ifdef CONFIG_FILS
2788 /* Clear FILS association */
2789 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2790
2791 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2792 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2793 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2794 &username_len, &realm, &realm_len,
af835d75
AB		 2795 &next_seq_num, &rrk, &rrk_len) == 0 &&
2796 (!wpa_s->last_con_fail_realm ||
2797 wpa_s->last_con_fail_realm_len != realm_len ||
2798 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
b377ec25 2799 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2800 params->fils_erp_username = username;
2801 params->fils_erp_username_len = username_len;
2802 params->fils_erp_realm = realm;
2803 params->fils_erp_realm_len = realm_len;
2804 params->fils_erp_next_seq_num = next_seq_num;
2805 params->fils_erp_rrk = rrk;
2806 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2807
2808 if (mask)
2809 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2810 }
2811#endif /* CONFIG_FILS */
2812#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2813#ifdef CONFIG_SAE
2814 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2815 algs = WPA_AUTH_ALG_SAE;
2816#endif /* CONFIG_SAE */
b377ec25
VK		 2817
2818 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2819 if (ssid->auth_alg) {
2820 algs = ssid->auth_alg;
2821 wpa_dbg(wpa_s, MSG_DEBUG,
2822 "Overriding auth_alg selection: 0x%x", algs);
2823 }
2824
eb3234c0
SM		 2825#ifdef CONFIG_SAE
2826 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2827 wpa_dbg(wpa_s, MSG_DEBUG,
2828 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2829 algs = WPA_AUTH_ALG_OPEN;
2830 }
2831#endif /* CONFIG_SAE */
2832
5f3a6aa0
JM		 2833#ifdef CONFIG_P2P
2834 if (wpa_s->global->p2p) {
2835 u8 *pos;
2836 size_t len;
2837 int res;
5f3a6aa0 2838 pos = wpa_ie + wpa_ie_len;
1e6780bd 2839 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2840 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2841 ssid->p2p_group);
5f3a6aa0
JM		 2842 if (res >= 0)
2843 wpa_ie_len += res;
2844 }
72044390
JM		 2845
2846 wpa_s->cross_connect_disallowed = 0;
2847 if (bss) {
2848 struct wpabuf *p2p;
2849 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2850 if (p2p) {
2851 wpa_s->cross_connect_disallowed =
2852 p2p_get_cross_connect_disallowed(p2p);
2853 wpabuf_free(p2p);
f049052b
BG		 2854 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2855 "connection",
2856 wpa_s->cross_connect_disallowed ?
2857 "disallows" : "allows");
72044390
JM		 2858 }
2859 }
25ef8529
JM		 2860
2861 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2862#endif /* CONFIG_P2P */
2863
5e57ba25 2864 if (bss) {
cb828507 2865 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
065c029a 2866 wpa_ie + wpa_ie_len,
1e6780bd 2867 max_wpa_ie_len -
065c029a 2868 wpa_ie_len);
5e57ba25 2869 }
5e57ba25 2870
8b3b803a
AH		 2871 /*
2872 * Workaround: Add Extended Capabilities element only if the AP
2873 * included this element in Beacon/Probe Response frames. Some older
2874 * APs seem to have interoperability issues if this element is
2875 * included, so while the standard may require us to include the
2876 * element in all cases, it is justifiable to skip it to avoid
2877 * interoperability issues.
2878 */
cc9a2575
KV		 2879 if (ssid->p2p_group)
2880 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2881 else
2882 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2883
8b3b803a 2884 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2885 u8 ext_capab[18];
8b3b803a 2886 int ext_capab_len;
0bbaa9b9
JM		 2887 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2888 sizeof(ext_capab));
2c66c7d1
AA		 2889 if (ext_capab_len > 0 &&
2890 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2891 u8 *pos = wpa_ie;
2892 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2893 pos += 2 + pos[1];
2894 os_memmove(pos + ext_capab_len, pos,
2895 wpa_ie_len - (pos - wpa_ie));
2896 wpa_ie_len += ext_capab_len;
2897 os_memcpy(pos, ext_capab, ext_capab_len);
2898 }
92cbcf91 2899 }
92cbcf91 2900
c484b198
AS		 2901#ifdef CONFIG_HS20
2902 if (is_hs20_network(wpa_s, ssid, bss)) {
2903 struct wpabuf *hs20;
2904
4204669c 2905 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2906 if (hs20) {
2907 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2908 size_t len;
2909
ec2cf403
JM		 2910 wpas_hs20_add_indication(hs20, pps_mo_id,
2911 get_hs20_version(bss));
4204669c 2912 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2913 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2914 if (wpabuf_len(hs20) <= len) {
2915 os_memcpy(wpa_ie + wpa_ie_len,
2916 wpabuf_head(hs20), wpabuf_len(hs20));
2917 wpa_ie_len += wpabuf_len(hs20);
2918 }
2919 wpabuf_free(hs20);
ece4ac5f
MG		 2920
2921 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2922 }
2923 }
2924#endif /* CONFIG_HS20 */
2925
d29fa3a7
JM		 2926 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2927 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2928 size_t len;
2929
1e6780bd 2930 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2931 if (wpabuf_len(buf) <= len) {
2932 os_memcpy(wpa_ie + wpa_ie_len,
2933 wpabuf_head(buf), wpabuf_len(buf));
2934 wpa_ie_len += wpabuf_len(buf);
2935 }
2936 }
2937
b36a3a65
AN		 2938#ifdef CONFIG_FST
2939 if (wpa_s->fst_ies) {
2940 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2941
1e6780bd 2942 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2943 os_memcpy(wpa_ie + wpa_ie_len,
2944 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2945 wpa_ie_len += fst_ies_len;
2946 }
2947 }
2948#endif /* CONFIG_FST */
2949
92c6e2e3 2950#ifdef CONFIG_MBO
077232f6 2951 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2e06cef8 2952 if (!wpa_s->disable_mbo_oce && mbo_ie) {
5e57ba25 2953 int len;
92c6e2e3 2954
5e57ba25 2955 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
077232f6
BL		 2956 max_wpa_ie_len - wpa_ie_len,
2957 !!mbo_attr_from_mbo_ie(mbo_ie,
2958 OCE_ATTR_ID_CAPA_IND));
5e57ba25
AS		 2959 if (len >= 0)
2960 wpa_ie_len += len;
92c6e2e3
DS		 2961 }
2962#endif /* CONFIG_MBO */
2963
a38090b1
VK		 2964#ifdef CONFIG_FILS
2965 if (algs == WPA_AUTH_ALG_FILS) {
2966 size_t len;
2967
2968 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2969 max_wpa_ie_len - wpa_ie_len);
2970 wpa_ie_len += len;
2971 }
2972#endif /* CONFIG_FILS */
2973
10970465 2974#ifdef CONFIG_OWE
5f30b69c
JM		 2975#ifdef CONFIG_TESTING_OPTIONS
2976 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2977 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2978 } else
2979#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2980 if (algs == WPA_AUTH_ALG_OPEN &&
2981 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2982 struct wpabuf *owe_ie;
2cb40e9f 2983 u16 group;
10970465 2984
2cb40e9f 2985 if (ssid->owe_group) {
10970465 2986 group = ssid->owe_group;
698c9e20
AK		 2987 } else if (wpa_s->assoc_status_code ==
2988 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2cb40e9f
JM		 2989 if (wpa_s->last_owe_group == 19)
2990 group = 20;
2991 else if (wpa_s->last_owe_group == 20)
2992 group = 21;
2993 else
2994 group = OWE_DH_GROUP;
698c9e20
AK		 2995 } else {
2996 group = OWE_DH_GROUP;
2cb40e9f 2997 }
698c9e20 2998
2cb40e9f
JM		 2999 wpa_s->last_owe_group = group;
3000 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 3001 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3002 if (owe_ie &&
3003 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3004 os_memcpy(wpa_ie + wpa_ie_len,
3005 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3006 wpa_ie_len += wpabuf_len(owe_ie);
10970465 3007 }
04879671 3008 wpabuf_free(owe_ie);
10970465
JM		 3009 }
3010#endif /* CONFIG_OWE */
3011
10ec6a5f
JM		 3012#ifdef CONFIG_DPP2
3013 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3014 ssid->dpp_netaccesskey) {
3015 dpp_pfs_free(wpa_s->dpp_pfs);
3016 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3017 ssid->dpp_netaccesskey_len);
3018 if (!wpa_s->dpp_pfs) {
3019 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3020 /* Try to continue without PFS */
3021 goto pfs_fail;
3022 }
3023 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3024 max_wpa_ie_len - wpa_ie_len) {
3025 os_memcpy(wpa_ie + wpa_ie_len,
3026 wpabuf_head(wpa_s->dpp_pfs->ie),
3027 wpabuf_len(wpa_s->dpp_pfs->ie));
3028 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3029 }
3030 }
3031pfs_fail:
3032#endif /* CONFIG_DPP2 */
3033
3dc3afe2
AM		 3034#ifdef CONFIG_IEEE80211R
3035 /*
3036 * Add MDIE under these conditions: the network profile allows FT,
3037 * the AP supports FT, and the mobility domain ID matches.
3038 */
88bf44be 3039 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3dc3afe2
AM		 3040 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3041
3042 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 3043 size_t len = 0;
3dc3afe2
AM		 3044 const u8 *md = mdie + 2;
3045 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3046
3047 if (os_memcmp(md, wpa_md,
3048 MOBILITY_DOMAIN_ID_LEN) == 0) {
3049 /* Add mobility domain IE */
86c998d3 3050 len = wpa_ft_add_mdie(
3dc3afe2
AM		 3051 wpa_s->wpa, wpa_ie + wpa_ie_len,
3052 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 3053 wpa_ie_len += len;
3dc3afe2 3054 }
86c998d3
AM		 3055#ifdef CONFIG_SME
3056 if (len > 0 && wpa_s->sme.ft_used &&
3057 wpa_sm_has_ptk(wpa_s->wpa)) {
3058 wpa_dbg(wpa_s, MSG_DEBUG,
3059 "SME: Trying to use FT over-the-air");
3060 algs |= WPA_AUTH_ALG_FT;
3061 }
3062#endif /* CONFIG_SME */
3dc3afe2
AM		 3063 }
3064 }
3065#endif /* CONFIG_IEEE80211R */
3066
13256553
JM		 3067#ifdef CONFIG_TESTING_OPTIONS
3068 if (wpa_s->rsnxe_override_assoc &&
3069 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3070 max_wpa_ie_len - wpa_ie_len) {
3071 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3072 os_memcpy(wpa_ie + wpa_ie_len,
3073 wpabuf_head(wpa_s->rsnxe_override_assoc),
3074 wpabuf_len(wpa_s->rsnxe_override_assoc));
3075 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3076 } else
3077#endif /* CONFIG_TESTING_OPTIONS */
6d6c8877
JM		 3078 if (wpa_s->rsnxe_len > 0 &&
3079 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3080 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3081 wpa_ie_len += wpa_s->rsnxe_len;
3082 }
3083
5abc7823
VN		 3084 if (ssid->multi_ap_backhaul_sta) {
3085 size_t multi_ap_ie_len;
3086
3087 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3088 max_wpa_ie_len - wpa_ie_len,
3089 MULTI_AP_BACKHAUL_STA);
3090 if (multi_ap_ie_len == 0) {
3091 wpa_printf(MSG_ERROR,
3092 "Multi-AP: Failed to build Multi-AP IE");
3093 os_free(wpa_ie);
3094 return NULL;
3095 }
3096 wpa_ie_len += multi_ap_ie_len;
3097 }
3098
d2ba0d71
VK		 3099 params->wpa_ie = wpa_ie;
3100 params->wpa_ie_len = wpa_ie_len;
3101 params->auth_alg = algs;
6338c99e
VK		 3102 if (mask)
3103 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 3104
3105 return wpa_ie;
3106}
3107
3108
e0b331d8
SD		 3109#ifdef CONFIG_OWE
3110static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3111{
3112 struct wpa_driver_associate_params params;
3113 u8 *wpa_ie;
3114
3115 os_memset(&params, 0, sizeof(params));
3116 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3117 wpa_s->current_ssid, &params, NULL);
3118 if (!wpa_ie)
3119 return;
3120
3121 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3122 os_free(wpa_ie);
3123}
3124#endif /* CONFIG_OWE */
3125
3126
6338c99e
VK		 3127#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3128static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3129{
3130 struct wpa_driver_associate_params params;
3131 enum wpa_drv_update_connect_params_mask mask = 0;
3132 u8 *wpa_ie;
3133
3134 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3135 return; /* nothing to do */
3136
3137 os_memset(&params, 0, sizeof(params));
3138 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3139 wpa_s->current_ssid, &params, &mask);
3140 if (!wpa_ie)
3141 return;
3142
3143 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3144 os_free(wpa_ie);
3145 return;
3146 }
3147
3148 wpa_s->auth_alg = params.auth_alg;
3149 wpa_drv_update_connect_params(wpa_s, &params, mask);
3150 os_free(wpa_ie);
3151}
3152#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3153
3154
a82aee1f
AAL		 3155static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3156{
3157 if (!edmg_ie || edmg_ie[1] < 6)
3158 return 0;
3159 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3160}
3161
3162
3163static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3164{
3165 if (!edmg_ie || edmg_ie[1] < 6)
3166 return 0;
3167 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3168}
3169
3170
3171/* Returns the intersection of two EDMG configurations.
3172 * Note: The current implementation is limited to CB2 only (CB1 included),
3173 * i.e., the implementation supports up to 2 contiguous channels.
3174 * For supporting non-contiguous (aggregated) channels and for supporting
3175 * CB3 and above, this function will need to be extended.
3176 */
3177static struct ieee80211_edmg_config
3178get_edmg_intersection(struct ieee80211_edmg_config a,
3179 struct ieee80211_edmg_config b,
3180 u8 primary_channel)
3181{
3182 struct ieee80211_edmg_config result;
3183 int i, contiguous = 0;
3184 int max_contiguous = 0;
3185
3186 result.channels = b.channels & a.channels;
3187 if (!result.channels) {
3188 wpa_printf(MSG_DEBUG,
3189 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3190 a.channels, b.channels);
3191 goto fail;
3192 }
3193
3194 if (!(result.channels & BIT(primary_channel - 1))) {
3195 wpa_printf(MSG_DEBUG,
3196 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3197 primary_channel, result.channels);
3198 goto fail;
3199 }
3200
3201 /* Find max contiguous channels */
3202 for (i = 0; i < 6; i++) {
3203 if (result.channels & BIT(i))
3204 contiguous++;
3205 else
3206 contiguous = 0;
3207
3208 if (contiguous > max_contiguous)
3209 max_contiguous = contiguous;
3210 }
3211
3212 /* Assuming AP and STA supports ONLY contiguous channels,
3213 * bw configuration can have value between 4-7.
3214 */
3215 if ((b.bw_config < a.bw_config))
3216 result.bw_config = b.bw_config;
3217 else
3218 result.bw_config = a.bw_config;
3219
3220 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3221 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3222 wpa_printf(MSG_DEBUG,
3223 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3224 max_contiguous);
3225 goto fail;
3226 }
3227
3228 return result;
3229
3230fail:
3231 result.channels = 0;
3232 result.bw_config = 0;
3233 return result;
3234}
3235
3236
3237static struct ieee80211_edmg_config
3238get_supported_edmg(struct wpa_supplicant *wpa_s,
3239 struct hostapd_freq_params *freq,
3240 struct ieee80211_edmg_config request_edmg)
3241{
3242 enum hostapd_hw_mode hw_mode;
3243 struct hostapd_hw_modes *mode = NULL;
3244 u8 primary_channel;
3245
3246 if (!wpa_s->hw.modes)
3247 goto fail;
3248
3249 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3250 if (hw_mode == NUM_HOSTAPD_MODES)
3251 goto fail;
3252
d0e116f6 3253 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, 0);
a82aee1f
AAL		 3254 if (!mode)
3255 goto fail;
3256
3257 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3258
3259fail:
3260 request_edmg.channels = 0;
3261 request_edmg.bw_config = 0;
3262 return request_edmg;
3263}
3264
3265
822c756e
AB		 3266#ifdef CONFIG_MBO
3267void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3268{
3269 struct wpa_driver_associate_params params;
3270 u8 *wpa_ie;
3271
3272 /*
3273 * Update MBO connect params only in case of change of MBO attributes
3274 * when connected, if the AP support MBO.
3275 */
3276
3277 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3278 !wpa_s->current_bss ||
3279 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3280 return;
3281
3282 os_memset(&params, 0, sizeof(params));
3283 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3284 wpa_s->current_ssid, &params, NULL);
3285 if (!wpa_ie)
3286 return;
3287
3288 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3289 os_free(wpa_ie);
3290}
3291#endif /* CONFIG_MBO */
3292
3293
d2ba0d71
VK		 3294static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3295{
3296 struct wpa_connect_work *cwork = work->ctx;
3297 struct wpa_bss *bss = cwork->bss;
3298 struct wpa_ssid *ssid = cwork->ssid;
3299 struct wpa_supplicant *wpa_s = work->wpa_s;
3300 u8 *wpa_ie;
a82aee1f 3301 const u8 *edmg_ie_oper;
d2ba0d71
VK		 3302 int use_crypt, ret, i, bssid_changed;
3303 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3304 struct wpa_driver_associate_params params;
3305 int wep_keys_set = 0;
3306 int assoc_failed = 0;
3307 struct wpa_ssid *old_ssid;
3308 u8 prev_bssid[ETH_ALEN];
3309#ifdef CONFIG_HT_OVERRIDES
3310 struct ieee80211_ht_capabilities htcaps;
3311 struct ieee80211_ht_capabilities htcaps_mask;
3312#endif /* CONFIG_HT_OVERRIDES */
3313#ifdef CONFIG_VHT_OVERRIDES
3314 struct ieee80211_vht_capabilities vhtcaps;
3315 struct ieee80211_vht_capabilities vhtcaps_mask;
3316#endif /* CONFIG_VHT_OVERRIDES */
3317
3318 if (deinit) {
3319 if (work->started) {
3320 wpa_s->connect_work = NULL;
3321
3322 /* cancel possible auth. timeout */
3323 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3324 NULL);
3325 }
3326 wpas_connect_work_free(cwork);
3327 return;
3328 }
3329
3330 wpa_s->connect_work = work;
3331
3332 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3333 wpas_network_disabled(wpa_s, ssid)) {
3334 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3335 wpas_connect_work_done(wpa_s);
3336 return;
3337 }
3338
3339 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3340 os_memset(&params, 0, sizeof(params));
3341 wpa_s->reassociate = 0;
3342 wpa_s->eap_expected_failure = 0;
3343 if (bss &&
3344 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3345#ifdef CONFIG_IEEE80211R
3346 const u8 *ie, *md = NULL;
3347#endif /* CONFIG_IEEE80211R */
3348 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3349 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3350 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3351 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3352 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3353 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3354 if (bssid_changed)
3355 wpas_notify_bssid_changed(wpa_s);
3356#ifdef CONFIG_IEEE80211R
3357 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3358 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3359 md = ie + 2;
3360 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3361 if (md) {
3362 /* Prepare for the next transition */
3363 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3364 }
3365#endif /* CONFIG_IEEE80211R */
3366#ifdef CONFIG_WPS
3367 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3368 wpa_s->conf->ap_scan == 2 &&
3369 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3370 /* Use ap_scan==1 style network selection to find the network
3371 */
3372 wpas_connect_work_done(wpa_s);
3373 wpa_s->scan_req = MANUAL_SCAN_REQ;
3374 wpa_s->reassociate = 1;
3375 wpa_supplicant_req_scan(wpa_s, 0, 0);
3376 return;
3377#endif /* CONFIG_WPS */
3378 } else {
3379 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3380 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3381 if (bss)
3382 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3383 else
3384 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3385 }
3386 if (!wpa_s->pno)
3387 wpa_supplicant_cancel_sched_scan(wpa_s);
3388
3389 wpa_supplicant_cancel_scan(wpa_s);
3390
3391 /* Starting new association, so clear the possibly used WPA IE from the
3392 * previous association. */
3393 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
6d6c8877
JM		 3394 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3395 wpa_s->rsnxe_len = 0;
d2ba0d71 3396
6338c99e 3397 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 3398 if (!wpa_ie) {
3399 wpas_connect_work_done(wpa_s);
3400 return;
3401 }
3402
6fc6879b
JM		 3403 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3404 use_crypt = 1;
4848a38d
JM		 3405 cipher_pairwise = wpa_s->pairwise_cipher;
3406 cipher_group = wpa_s->group_cipher;
61a56c14 3407 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 3408 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3409 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3410 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3411 use_crypt = 0;
3412 if (wpa_set_wep_keys(wpa_s, ssid)) {
3413 use_crypt = 1;
3414 wep_keys_set = 1;
3415 }
3416 }
ad08c363
JM		 3417 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3418 use_crypt = 0;
6fc6879b
JM		 3419
3420#ifdef IEEE8021X_EAPOL
3421 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3422 if ((ssid->eapol_flags &
3423 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3424 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3425 !wep_keys_set) {
3426 use_crypt = 0;
3427 } else {
3428 /* Assume that dynamic WEP-104 keys will be used and
3429 * set cipher suites in order for drivers to expect
3430 * encryption. */
4848a38d 3431 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 3432 }
3433 }
3434#endif /* IEEE8021X_EAPOL */
3435
3436 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3437 /* Set the key before (and later after) association */
3438 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3439 }
3440
6fc6879b 3441 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 3442 if (bss) {
6fa81a3b
JM		 3443 params.ssid = bss->ssid;
3444 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 3445 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3446 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 3447 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3448 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 3449 "(bssid_set=%d wps=%d)",
f15854d1 3450 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 3451 ssid->bssid_set,
3452 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 3453 params.bssid = bss->bssid;
4ec68377 3454 params.freq.freq = bss->freq;
22628eca 3455 }
7ac7fd43
DS		 3456 params.bssid_hint = bss->bssid;
3457 params.freq_hint = bss->freq;
b9074912 3458 params.pbss = bss_is_pbss(bss);
6fc6879b 3459 } else {
43a356b2
PK		 3460 if (ssid->bssid_hint_set)
3461 params.bssid_hint = ssid->bssid_hint;
3462
6fc6879b
JM		 3463 params.ssid = ssid->ssid;
3464 params.ssid_len = ssid->ssid_len;
90f14962 3465 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 3466 }
9e2af29f
NC		 3467
3468 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3469 wpa_s->conf->ap_scan == 2) {
3470 params.bssid = ssid->bssid;
3471 params.fixed_bssid = 1;
3472 }
3473
603a3f34
JL		 3474 /* Initial frequency for IBSS/mesh */
3475 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 3476 ssid->frequency > 0 && params.freq.freq == 0)
3477 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 3478
8f05577d 3479 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 3480 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 3481 if (ssid->beacon_int)
3482 params.beacon_int = ssid->beacon_int;
3483 else
3484 params.beacon_int = wpa_s->conf->beacon_int;
3485 }
3486
a82aee1f
AAL		 3487 if (bss && ssid->enable_edmg)
3488 edmg_ie_oper = get_ie_ext((const u8 *) (bss + 1), bss->ie_len,
3489 WLAN_EID_EXT_EDMG_OPERATION);
3490 else
3491 edmg_ie_oper = NULL;
3492
3493 if (edmg_ie_oper) {
3494 params.freq.edmg.channels =
3495 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3496 params.freq.edmg.bw_config =
3497 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3498 wpa_printf(MSG_DEBUG,
3499 "AP supports EDMG channels 0x%x, bw_config %d",
3500 params.freq.edmg.channels,
3501 params.freq.edmg.bw_config);
3502
3503 /* User may ask for specific EDMG channel for EDMG connection
3504 * (must be supported by AP)
3505 */
3506 if (ssid->edmg_channel) {
3507 struct ieee80211_edmg_config configured_edmg;
3508 enum hostapd_hw_mode hw_mode;
3509 u8 primary_channel;
3510
3511 hw_mode = ieee80211_freq_to_chan(bss->freq,
3512 &primary_channel);
3513 if (hw_mode == NUM_HOSTAPD_MODES)
3514 goto edmg_fail;
3515
3516 hostapd_encode_edmg_chan(ssid->enable_edmg,
3517 ssid->edmg_channel,
3518 primary_channel,
3519 &configured_edmg);
3520
3521 if (ieee802_edmg_is_allowed(params.freq.edmg,
3522 configured_edmg)) {
3523 params.freq.edmg = configured_edmg;
3524 wpa_printf(MSG_DEBUG,
3525 "Use EDMG channel %d for connection",
3526 ssid->edmg_channel);
3527 } else {
3528 edmg_fail:
3529 params.freq.edmg.channels = 0;
3530 params.freq.edmg.bw_config = 0;
3531 wpa_printf(MSG_WARNING,
3532 "EDMG channel %d not supported by AP, fallback to DMG",
3533 ssid->edmg_channel);
3534 }
3535 }
3536
3537 if (params.freq.edmg.channels) {
3538 wpa_printf(MSG_DEBUG,
3539 "EDMG before: channels 0x%x, bw_config %d",
3540 params.freq.edmg.channels,
3541 params.freq.edmg.bw_config);
3542 params.freq.edmg = get_supported_edmg(wpa_s,
3543 &params.freq,
3544 params.freq.edmg);
3545 wpa_printf(MSG_DEBUG,
3546 "EDMG after: channels 0x%x, bw_config %d",
3547 params.freq.edmg.channels,
3548 params.freq.edmg.bw_config);
3549 }
3550 }
3551
6fc6879b
JM		 3552 params.pairwise_suite = cipher_pairwise;
3553 params.group_suite = cipher_group;
61a56c14 3554 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 3555 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 3556 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 3557 wpa_s->auth_alg = params.auth_alg;
6fc6879b 3558 params.mode = ssid->mode;
1f6c0ab8 3559 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 3560 for (i = 0; i < NUM_WEP_KEYS; i++) {
3561 if (ssid->wep_key_len[i])
3562 params.wep_key[i] = ssid->wep_key[i];
3563 params.wep_key_len[i] = ssid->wep_key_len[i];
3564 }
3565 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3566
436ee2fd 3567 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4848a38d
JM		 3568 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3569 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3570 params.passphrase = ssid->passphrase;
3571 if (ssid->psk_set)
3572 params.psk = ssid->psk;
b41f2684
CL		 3573 }
3574
d896874f
AS		 3575 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3576 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3577 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3578 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3579 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
cb28bd52 3580 params.req_handshake_offload = 1;
d896874f 3581
b41f2684
CL		 3582 if (wpa_s->conf->key_mgmt_offload) {
3583 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3584 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3585 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3586 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3587 params.req_key_mgmt_offload =
3588 ssid->proactive_key_caching < 0 ?
3589 wpa_s->conf->okc : ssid->proactive_key_caching;
3590 else
3591 params.req_key_mgmt_offload = 1;
3592
3593 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3594 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3595 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3596 ssid->psk_set)
3597 params.psk = ssid->psk;
6fc6879b
JM		 3598 }
3599
36b15723
JM		 3600 params.drop_unencrypted = use_crypt;
3601
3f56a2b7 3602 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3603 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3604 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3605 struct wpa_ie_data ie;
3606 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3607 ie.capabilities &
3608 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3609 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3610 "MFP: require MFP");
97d3497e
JM		 3611 params.mgmt_frame_protection =
3612 MGMT_FRAME_PROTECTION_REQUIRED;
cf94626c
PK		 3613#ifdef CONFIG_OWE
3614 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3615 !ssid->owe_only) {
3616 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3617#endif /* CONFIG_OWE */
97d3497e
JM		 3618 }
3619 }
6fc6879b 3620
ffad8858 3621 params.p2p = ssid->p2p_group;
6e3f4b89 3622
ba307f85
LD		 3623 if (wpa_s->p2pdev->set_sta_uapsd)
3624 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3625 else
3626 params.uapsd = -1;
3627
80e8a5ee
BG		 3628#ifdef CONFIG_HT_OVERRIDES
3629 os_memset(&htcaps, 0, sizeof(htcaps));
3630 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3631 params.htcaps = (u8 *) &htcaps;
3632 params.htcaps_mask = (u8 *) &htcaps_mask;
3633 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3634#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3635#ifdef CONFIG_VHT_OVERRIDES
3636 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3637 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3638 params.vhtcaps = &vhtcaps;
3639 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3640 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3641#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3642
8567866d
JJ		 3643#ifdef CONFIG_P2P
3644 /*
3645 * If multi-channel concurrency is not supported, check for any
3646 * frequency conflict. In case of any frequency conflict, remove the
3647 * least prioritized connection.
3648 */
3649 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3650 int freq, num;
3651 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3652 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3653 wpa_printf(MSG_DEBUG,
3654 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3655 freq, params.freq.freq);
3656 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3657 wpa_s, params.freq.freq, ssid) < 0) {
3658 wpas_connect_work_done(wpa_s);
1e6780bd 3659 os_free(wpa_ie);
8567866d 3660 return;
74656400 3661 }
8567866d
JJ		 3662 }
3663 }
3664#endif /* CONFIG_P2P */
3665
6a5ee810
JM		 3666 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3667 wpa_s->current_ssid)
3668 params.prev_bssid = prev_bssid;
3669
17fbb751 3670 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3671 os_free(wpa_ie);
6fc6879b
JM		 3672 if (ret < 0) {
3673 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3674 "failed");
871f4dd0
JM		 3675 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3676 /*
3677 * The driver is known to mean what is saying, so we
3678 * can stop right here; the association will not
3679 * succeed.
3680 */
3681 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3682 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3683 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3684 return;
3685 }
6fc6879b
JM		 3686 /* try to continue anyway; new association will be tried again
3687 * after timeout */
3688 assoc_failed = 1;
3689 }
3690
3691 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3692 /* Set the key after the association just in case association
3693 * cleared the previously configured key. */
3694 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3695 /* No need to timeout authentication since there is no key
3696 * management. */
3697 wpa_supplicant_cancel_auth_timeout(wpa_s);
3698 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3699#ifdef CONFIG_IBSS_RSN
d7dcba70 3700 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3701 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3702 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3703 /*
3704 * RSN IBSS authentication is per-STA and we can disable the
3705 * per-BSSID authentication.
3706 */
3707 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3708#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3709 } else {
3710 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3711 int timeout = 60;
3712
3713 if (assoc_failed) {
3714 /* give IBSS a bit more time */
d7dcba70 3715 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3716 } else if (wpa_s->conf->ap_scan == 1) {
3717 /* give IBSS a bit more time */
d7dcba70 3718 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3719 }
6fc6879b
JM		 3720 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3721 }
3722
66562e9c
JM		 3723 if (wep_keys_set &&
3724 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3725 /* Set static WEP keys again */
3726 wpa_set_wep_keys(wpa_s, ssid);
3727 }
3728
3729 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3730 /*
3731 * Do not allow EAP session resumption between different
3732 * network configurations.
3733 */
3734 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3735 }
8bac466b 3736 old_ssid = wpa_s->current_ssid;
6fc6879b 3737 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3738
3739 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3740 wpa_s->current_bss = bss;
ece4ac5f
MG		 3741#ifdef CONFIG_HS20
3742 hs20_configure_frame_filters(wpa_s);
3743#endif /* CONFIG_HS20 */
3744 }
3745
6fc6879b
JM		 3746 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3747 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3748 if (old_ssid != wpa_s->current_ssid)
3749 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3750}
3751
3752
09f58c09
JM		 3753static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3754 const u8 *addr)
3755{
3756 struct wpa_ssid *old_ssid;
3757
c155305f 3758 wpas_connect_work_done(wpa_s);
09f58c09 3759 wpa_clear_keys(wpa_s, addr);
09f58c09 3760 old_ssid = wpa_s->current_ssid;
0d30cc24 3761 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3762 wpa_sm_set_config(wpa_s->wpa, NULL);
3763 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3764 if (old_ssid != wpa_s->current_ssid)
3765 wpas_notify_network_changed(wpa_s);
3766 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3767}
3768
3769
6fc6879b
JM		 3770/**
3771 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3772 * @wpa_s: Pointer to wpa_supplicant data
3773 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3774 *
073ab58f 3775 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3776 * current AP.
3777 */
3778void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4be17ffb 3779 u16 reason_code)
6fc6879b
JM		 3780{
3781 u8 *addr = NULL;
ef48ff94 3782 union wpa_event_data event;
42d23547 3783 int zero_addr = 0;
8bac466b 3784
42d23547 3785 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
cfde99a8 3786 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
42d23547 3787 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
cfde99a8
AK		 3788 reason_code, reason2str(reason_code),
3789 wpa_supplicant_state_txt(wpa_s->wpa_state));
42d23547 3790
04e3d815
MK		 3791 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3792 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3793 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3794 addr = wpa_s->pending_bssid;
04e3d815
MK		 3795 else if (!is_zero_ether_addr(wpa_s->bssid))
3796 addr = wpa_s->bssid;
42d23547
JM		 3797 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3798 /*
3799 * When using driver-based BSS selection, we may not know the
3800 * BSSID with which we are currently trying to associate. We
3801 * need to notify the driver of this disconnection even in such
3802 * a case, so use the all zeros address here.
3803 */
6fc6879b 3804 addr = wpa_s->bssid;
42d23547
JM		 3805 zero_addr = 1;
3806 }
3807
5abc7823
VN		 3808 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3809 wpa_s->enabled_4addr_mode = 0;
3810
7b44ff2c
SD		 3811#ifdef CONFIG_TDLS
3812 wpa_tdls_teardown_peers(wpa_s->wpa);
3813#endif /* CONFIG_TDLS */
3814
603a3f34
JL		 3815#ifdef CONFIG_MESH
3816 if (wpa_s->ifmsh) {
a39b040b
SB		 3817 struct mesh_conf *mconf;
3818
3819 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3820 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3821 wpa_s->ifname);
a39b040b
SB		 3822 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3823 mconf->meshid_len, reason_code);
603a3f34
JL		 3824 wpa_supplicant_leave_mesh(wpa_s);
3825 }
3826#endif /* CONFIG_MESH */
3827
42d23547
JM		 3828 if (addr) {
3829 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94 3830 os_memset(&event, 0, sizeof(event));
4be17ffb 3831 event.deauth_info.reason_code = reason_code;
ef48ff94
JM		 3832 event.deauth_info.locally_generated = 1;
3833 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3834 if (zero_addr)
3835 addr = NULL;
6fc6879b 3836 }
09f58c09
JM		 3837
3838 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3839}
3840
dca1a511
DS		 3841static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3842 struct wpa_ssid *ssid)
3843{
3844 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3845 return;
3846
3847 ssid->disabled = 0;
91073cca 3848 ssid->owe_transition_bss_select_count = 0;
dca1a511
DS		 3849 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3850 wpas_notify_network_enabled_changed(wpa_s, ssid);
3851
3852 /*
3853 * Try to reassociate since there is no current configuration and a new
3854 * network was made available.
3855 */
d2592497 3856 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3857 wpa_s->reassociate = 1;
3858}
3859
6fc6879b 3860
d015bb05
RP		 3861/**
3862 * wpa_supplicant_add_network - Add a new network
3863 * @wpa_s: wpa_supplicant structure for a network interface
3864 * Returns: The new network configuration or %NULL if operation failed
3865 *
3866 * This function performs the following operations:
3867 * 1. Adds a new network.
3868 * 2. Send network addition notification.
3869 * 3. Marks the network disabled.
3870 * 4. Set network default parameters.
3871 */
3872struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3873{
3874 struct wpa_ssid *ssid;
3875
3876 ssid = wpa_config_add_network(wpa_s->conf);
3877 if (!ssid)
3878 return NULL;
3879 wpas_notify_network_added(wpa_s, ssid);
3880 ssid->disabled = 1;
3881 wpa_config_set_network_defaults(ssid);
3882
3883 return ssid;
3884}
3885
3886
3887/**
3888 * wpa_supplicant_remove_network - Remove a configured network based on id
3889 * @wpa_s: wpa_supplicant structure for a network interface
3890 * @id: Unique network id to search for
3891 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3892 * could not be removed
3893 *
3894 * This function performs the following operations:
3895 * 1. Removes the network.
3896 * 2. Send network removal notification.
3897 * 3. Update internal state machines.
3898 * 4. Stop any running sched scans.
3899 */
3900int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3901{
3902 struct wpa_ssid *ssid;
3903 int was_disabled;
3904
3905 ssid = wpa_config_get_network(wpa_s->conf, id);
3906 if (!ssid)
3907 return -1;
3908 wpas_notify_network_removed(wpa_s, ssid);
3909
3910 if (wpa_s->last_ssid == ssid)
3911 wpa_s->last_ssid = NULL;
3912
3913 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3914#ifdef CONFIG_SME
3915 wpa_s->sme.prev_bssid_set = 0;
3916#endif /* CONFIG_SME */
3917 /*
3918 * Invalidate the EAP session cache if the current or
3919 * previously used network is removed.
3920 */
3921 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3922 }
3923
3924 if (ssid == wpa_s->current_ssid) {
3925 wpa_sm_set_config(wpa_s->wpa, NULL);
3926 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3927
3928 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3929 wpa_s->own_disconnect_req = 1;
3930 wpa_supplicant_deauthenticate(wpa_s,
3931 WLAN_REASON_DEAUTH_LEAVING);
3932 }
3933
3934 was_disabled = ssid->disabled;
3935
3936 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3937 return -2;
3938
3939 if (!was_disabled && wpa_s->sched_scanning) {
3940 wpa_printf(MSG_DEBUG,
3941 "Stop ongoing sched_scan to remove network from filters");
3942 wpa_supplicant_cancel_sched_scan(wpa_s);
3943 wpa_supplicant_req_scan(wpa_s, 0, 0);
3944 }
3945
3946 return 0;
3947}
3948
3949
86b89452
WS		 3950/**
3951 * wpa_supplicant_enable_network - Mark a configured network as enabled
3952 * @wpa_s: wpa_supplicant structure for a network interface
3953 * @ssid: wpa_ssid structure for a configured network or %NULL
3954 *
3955 * Enables the specified network or all networks if no network specified.
3956 */
3957void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3958 struct wpa_ssid *ssid)
3959{
86b89452 3960 if (ssid == NULL) {
14f79078
JM		 3961 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3962 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3963 } else
3964 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3965
5a1d9d1a
JM		 3966 if (wpa_s->reassociate && !wpa_s->disconnected &&
3967 (!wpa_s->current_ssid ||
3968 wpa_s->wpa_state == WPA_DISCONNECTED ||
3969 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3970 if (wpa_s->sched_scanning) {
3971 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3972 "new network to scan filters");
3973 wpa_supplicant_cancel_sched_scan(wpa_s);
3974 }
86b89452 3975
35d40309
JM		 3976 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3977 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3978 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3979 }
86b89452
WS		 3980 }
3981}
3982
3983
3984/**
3985 * wpa_supplicant_disable_network - Mark a configured network as disabled
3986 * @wpa_s: wpa_supplicant structure for a network interface
3987 * @ssid: wpa_ssid structure for a configured network or %NULL
3988 *
3989 * Disables the specified network or all networks if no network specified.
3990 */
3991void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3992 struct wpa_ssid *ssid)
3993{
3994 struct wpa_ssid *other_ssid;
3995 int was_disabled;
3996
3997 if (ssid == NULL) {
725fc39e
DS		 3998 if (wpa_s->sched_scanning)
3999 wpa_supplicant_cancel_sched_scan(wpa_s);
4000
4dac0245
JM		 4001 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4002 other_ssid = other_ssid->next) {
86b89452 4003 was_disabled = other_ssid->disabled;
4dac0245
JM		 4004 if (was_disabled == 2)
4005 continue; /* do not change persistent P2P group
4006 * data */
86b89452
WS		 4007
4008 other_ssid->disabled = 1;
4009
4010 if (was_disabled != other_ssid->disabled)
4011 wpas_notify_network_enabled_changed(
4012 wpa_s, other_ssid);
86b89452 4013 }
0661163e
SD		 4014 if (wpa_s->current_ssid) {
4015 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4016 wpa_s->own_disconnect_req = 1;
07783eaa 4017 wpa_supplicant_deauthenticate(
86b89452 4018 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4019 }
4dac0245 4020 } else if (ssid->disabled != 2) {
0661163e
SD		 4021 if (ssid == wpa_s->current_ssid) {
4022 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4023 wpa_s->own_disconnect_req = 1;
07783eaa 4024 wpa_supplicant_deauthenticate(
86b89452 4025 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 4026 }
86b89452
WS		 4027
4028 was_disabled = ssid->disabled;
4029
4030 ssid->disabled = 1;
4031
725fc39e 4032 if (was_disabled != ssid->disabled) {
86b89452 4033 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 4034 if (wpa_s->sched_scanning) {
4035 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4036 "to remove network from filters");
4037 wpa_supplicant_cancel_sched_scan(wpa_s);
4038 wpa_supplicant_req_scan(wpa_s, 0, 0);
4039 }
4040 }
86b89452
WS		 4041 }
4042}
4043
4044
4045/**
4046 * wpa_supplicant_select_network - Attempt association with a network
4047 * @wpa_s: wpa_supplicant structure for a network interface
4048 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4049 */
4050void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4051 struct wpa_ssid *ssid)
4052{
4053
4054 struct wpa_ssid *other_ssid;
d93dfbd5 4055 int disconnected = 0;
86b89452 4056
d93dfbd5 4057 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 4058 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4059 wpa_s->own_disconnect_req = 1;
07783eaa 4060 wpa_supplicant_deauthenticate(
86b89452 4061 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 4062 disconnected = 1;
4063 }
86b89452 4064
00e5e3d5
JM		 4065 if (ssid)
4066 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4067
86b89452
WS		 4068 /*
4069 * Mark all other networks disabled or mark all networks enabled if no
4070 * network specified.
4071 */
4dac0245
JM		 4072 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4073 other_ssid = other_ssid->next) {
86b89452 4074 int was_disabled = other_ssid->disabled;
4dac0245
JM		 4075 if (was_disabled == 2)
4076 continue; /* do not change persistent P2P group data */
86b89452
WS		 4077
4078 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 4079 if (was_disabled && !other_ssid->disabled)
4080 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 4081
4082 if (was_disabled != other_ssid->disabled)
4083 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 4084 }
2a6f78fb 4085
d38c7be0
JM		 4086 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4087 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 4088 /* We are already associated with the selected network */
4089 wpa_printf(MSG_DEBUG, "Already associated with the "
4090 "selected network - do nothing");
4091 return;
4092 }
4093
25a8f9e3 4094 if (ssid) {
96efeeb6 4095 wpa_s->current_ssid = ssid;
25a8f9e3 4096 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 4097 wpa_s->connect_without_scan =
4098 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 4099
4100 /*
4101 * Don't optimize next scan freqs since a new ESS has been
4102 * selected.
4103 */
4104 os_free(wpa_s->next_scan_freqs);
4105 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 4106 } else {
4107 wpa_s->connect_without_scan = NULL;
25a8f9e3 4108 }
603a3f34 4109
86b89452
WS		 4110 wpa_s->disconnected = 0;
4111 wpa_s->reassociate = 1;
b834e970 4112 wpa_s_clear_sae_rejected(wpa_s);
2cb40e9f 4113 wpa_s->last_owe_group = 0;
05a2fb0d 4114 if (ssid) {
91073cca 4115 ssid->owe_transition_bss_select_count = 0;
05a2fb0d
JM		 4116 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4117 }
cecdddc1 4118
e4a35f07 4119 if (wpa_s->connect_without_scan ||
35d40309
JM		 4120 wpa_supplicant_fast_associate(wpa_s) != 1) {
4121 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 4122 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 4123 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 4124 }
86b89452 4125
a1641d26
JM		 4126 if (ssid)
4127 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 4128}
4129
4130
bdec7ee5
MS		 4131/**
4132 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4133 * @wpa_s: wpa_supplicant structure for a network interface
4134 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4135 * @pkcs11_module_path: PKCS #11 module path or NULL
4136 * Returns: 0 on success; -1 on failure
4137 *
4138 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4139 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4140 * module path fails the paths will be reset to the default value (NULL).
4141 */
4142int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4143 const char *pkcs11_engine_path,
4144 const char *pkcs11_module_path)
4145{
4146 char *pkcs11_engine_path_copy = NULL;
4147 char *pkcs11_module_path_copy = NULL;
4148
4149 if (pkcs11_engine_path != NULL) {
4150 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4151 if (pkcs11_engine_path_copy == NULL)
4152 return -1;
4153 }
4154 if (pkcs11_module_path != NULL) {
4155 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 4156 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 4157 os_free(pkcs11_engine_path_copy);
4158 return -1;
4159 }
4160 }
4161
4162 os_free(wpa_s->conf->pkcs11_engine_path);
4163 os_free(wpa_s->conf->pkcs11_module_path);
4164 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4165 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4166
4167 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4168 eapol_sm_deinit(wpa_s->eapol);
4169 wpa_s->eapol = NULL;
4170 if (wpa_supplicant_init_eapol(wpa_s)) {
4171 /* Error -> Reset paths to the default value (NULL) once. */
4172 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4173 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4174 NULL);
4175
4176 return -1;
4177 }
4178 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4179
4180 return 0;
4181}
4182
4183
86b89452
WS		 4184/**
4185 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4186 * @wpa_s: wpa_supplicant structure for a network interface
4187 * @ap_scan: AP scan mode
4188 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4189 *
4190 */
4191int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4192{
4193
4194 int old_ap_scan;
4195
4196 if (ap_scan < 0 || ap_scan > 2)
4197 return -1;
4198
8406cd35
JM		 4199 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4200 wpa_printf(MSG_INFO,
4201 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4202 }
4203
48f8e036
DS		 4204#ifdef ANDROID
4205 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4206 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4207 wpa_s->wpa_state < WPA_COMPLETED) {
4208 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4209 "associating", wpa_s->conf->ap_scan, ap_scan);
4210 return 0;
4211 }
4212#endif /* ANDROID */
4213
86b89452
WS		 4214 old_ap_scan = wpa_s->conf->ap_scan;
4215 wpa_s->conf->ap_scan = ap_scan;
4216
4217 if (old_ap_scan != wpa_s->conf->ap_scan)
4218 wpas_notify_ap_scan_changed(wpa_s);
4219
4220 return 0;
4221}
4222
4223
78633c37
SL		 4224/**
4225 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4226 * @wpa_s: wpa_supplicant structure for a network interface
4227 * @expire_age: Expiration age in seconds
4228 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4229 *
4230 */
4231int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4232 unsigned int bss_expire_age)
4233{
4234 if (bss_expire_age < 10) {
4235 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4236 bss_expire_age);
4237 return -1;
4238 }
4239 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4240 bss_expire_age);
4241 wpa_s->conf->bss_expiration_age = bss_expire_age;
4242
4243 return 0;
4244}
4245
4246
4247/**
4248 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4249 * @wpa_s: wpa_supplicant structure for a network interface
4250 * @expire_count: number of scans after which an unseen BSS is reclaimed
4251 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4252 *
4253 */
4254int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4255 unsigned int bss_expire_count)
4256{
4257 if (bss_expire_count < 1) {
4258 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4259 bss_expire_count);
4260 return -1;
4261 }
4262 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4263 bss_expire_count);
4264 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4265
4266 return 0;
4267}
4268
4269
c6e86b63
MA		 4270/**
4271 * wpa_supplicant_set_scan_interval - Set scan interval
4272 * @wpa_s: wpa_supplicant structure for a network interface
4273 * @scan_interval: scan interval in seconds
4274 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4275 *
4276 */
4277int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4278 int scan_interval)
4279{
4280 if (scan_interval < 0) {
4281 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4282 scan_interval);
4283 return -1;
4284 }
4285 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4286 scan_interval);
9e737f08 4287 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 4288
4289 return 0;
4290}
4291
4292
86b89452
WS		 4293/**
4294 * wpa_supplicant_set_debug_params - Set global debug params
4295 * @global: wpa_global structure
4296 * @debug_level: debug level
4297 * @debug_timestamp: determines if show timestamp in debug data
4298 * @debug_show_keys: determines if show keys in debug data
4299 * Returns: 0 if succeed or -1 if debug_level has wrong value
4300 */
4301int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4302 int debug_timestamp, int debug_show_keys)
4303{
4304
4305 int old_level, old_timestamp, old_show_keys;
4306
4307 /* check for allowed debuglevels */
14dc0011
PS		 4308 if (debug_level != MSG_EXCESSIVE &&
4309 debug_level != MSG_MSGDUMP &&
86b89452
WS		 4310 debug_level != MSG_DEBUG &&
4311 debug_level != MSG_INFO &&
4312 debug_level != MSG_WARNING &&
4313 debug_level != MSG_ERROR)
4314 return -1;
4315
4316 old_level = wpa_debug_level;
4317 old_timestamp = wpa_debug_timestamp;
4318 old_show_keys = wpa_debug_show_keys;
4319
4320 wpa_debug_level = debug_level;
4321 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4322 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4323
db9133ac
WS		 4324 if (wpa_debug_level != old_level)
4325 wpas_notify_debug_level_changed(global);
4326 if (wpa_debug_timestamp != old_timestamp)
4327 wpas_notify_debug_timestamp_changed(global);
4328 if (wpa_debug_show_keys != old_show_keys)
4329 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 4330
4331 return 0;
4332}
4333
4334
e8b96490
JM		 4335#ifdef CONFIG_OWE
4336static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4337 const u8 *entry_ssid, size_t entry_ssid_len)
4338{
4339 const u8 *owe, *pos, *end;
4340 u8 ssid_len;
4341 struct wpa_bss *bss;
4342
4343 /* Check network profile SSID aganst the SSID in the
4344 * OWE Transition Mode element. */
4345
4346 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4347 if (!bss)
4348 return 0;
4349
4350 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4351 if (!owe)
4352 return 0;
4353
4354 pos = owe + 6;
4355 end = owe + 2 + owe[1];
4356
4357 if (end - pos < ETH_ALEN + 1)
4358 return 0;
4359 pos += ETH_ALEN;
4360 ssid_len = *pos++;
4361 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4362 return 0;
4363
4364 return entry_ssid_len == ssid_len &&
4365 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4366}
4367#endif /* CONFIG_OWE */
4368
4369
6fc6879b
JM		 4370/**
4371 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4372 * @wpa_s: Pointer to wpa_supplicant data
4373 * Returns: A pointer to the current network structure or %NULL on failure
4374 */
4375struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4376{
4377 struct wpa_ssid *entry;
eaa8eefe 4378 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 4379 int res;
4380 size_t ssid_len;
4381 u8 bssid[ETH_ALEN];
4382 int wired;
4383
17fbb751
JM		 4384 res = wpa_drv_get_ssid(wpa_s, ssid);
4385 if (res < 0) {
4386 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4387 "driver");
4388 return NULL;
6fc6879b 4389 }
17fbb751 4390 ssid_len = res;
6fc6879b 4391
17fbb751 4392 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 4393 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4394 "driver");
6fc6879b
JM		 4395 return NULL;
4396 }
4397
c2a04078
JM		 4398 wired = wpa_s->conf->ap_scan == 0 &&
4399 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 4400
4401 entry = wpa_s->conf->ssid;
4402 while (entry) {
349493bd 4403 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b 4404 ((ssid_len == entry->ssid_len &&
c4fccfc7
JM		 4405 (!entry->ssid ||
4406 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4407 wired) &&
6fc6879b
JM		 4408 (!entry->bssid_set ||
4409 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4410 return entry;
24c23d1b 4411#ifdef CONFIG_WPS
349493bd 4412 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 4413 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4414 (entry->ssid == NULL || entry->ssid_len == 0) &&
4415 (!entry->bssid_set ||
4416 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4417 return entry;
4418#endif /* CONFIG_WPS */
7d232e23 4419
e8b96490
JM		 4420#ifdef CONFIG_OWE
4421 if (!wpas_network_disabled(wpa_s, entry) &&
4422 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4423 entry->ssid_len) &&
4424 (!entry->bssid_set ||
4425 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4426 return entry;
4427#endif /* CONFIG_OWE */
4428
349493bd 4429 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 4430 entry->ssid_len == 0 &&
4431 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4432 return entry;
4433
6fc6879b
JM		 4434 entry = entry->next;
4435 }
4436
4437 return NULL;
4438}
4439
4440
7756114f
JM		 4441static int select_driver(struct wpa_supplicant *wpa_s, int i)
4442{
4443 struct wpa_global *global = wpa_s->global;
4444
4445 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 4446 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 4447 if (global->drv_priv[i] == NULL) {
4448 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4449 "'%s'", wpa_drivers[i]->name);
4450 return -1;
4451 }
4452 }
4453
4454 wpa_s->driver = wpa_drivers[i];
4455 wpa_s->global_drv_priv = global->drv_priv[i];
4456
4457 return 0;
4458}
4459
4460
6fc6879b
JM		 4461static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4462 const char *name)
4463{
4464 int i;
362f781e 4465 size_t len;
74b1c84a 4466 const char *pos, *driver = name;
6fc6879b
JM		 4467
4468 if (wpa_s == NULL)
4469 return -1;
4470
c5121837 4471 if (wpa_drivers[0] == NULL) {
f049052b
BG		 4472 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4473 "wpa_supplicant");
6fc6879b
JM		 4474 return -1;
4475 }
4476
4477 if (name == NULL) {
4478 /* default to first driver in the list */
7756114f 4479 return select_driver(wpa_s, 0);
6fc6879b
JM		 4480 }
4481
74b1c84a
SO		 4482 do {
4483 pos = os_strchr(driver, ',');
4484 if (pos)
4485 len = pos - driver;
4486 else
4487 len = os_strlen(driver);
4488
4489 for (i = 0; wpa_drivers[i]; i++) {
4490 if (os_strlen(wpa_drivers[i]->name) == len &&
4491 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 4492 0) {
4493 /* First driver that succeeds wins */
4494 if (select_driver(wpa_s, i) == 0)
4495 return 0;
4496 }
6fc6879b 4497 }
74b1c84a
SO		 4498
4499 driver = pos + 1;
4500 } while (pos);
6fc6879b 4501
f049052b 4502 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 4503 return -1;
4504}
4505
4506
a8e0505b
JM		 4507/**
4508 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4509 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4510 * with struct wpa_driver_ops::init()
4511 * @src_addr: Source address of the EAPOL frame
4512 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4513 * @len: Length of the EAPOL data
4514 *
4515 * This function is called for each received EAPOL frame. Most driver
4516 * interfaces rely on more generic OS mechanism for receiving frames through
4517 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4518 * take care of received EAPOL frames and deliver them to the core supplicant
4519 * code by calling this function.
4520 */
6fc6879b
JM		 4521void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4522 const u8 *buf, size_t len)
4523{
4524 struct wpa_supplicant *wpa_s = ctx;
4525
f049052b 4526 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 4527 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4528
02adead5
MK		 4529#ifdef CONFIG_TESTING_OPTIONS
4530 if (wpa_s->ignore_auth_resp) {
4531 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4532 return;
4533 }
4534#endif /* CONFIG_TESTING_OPTIONS */
4535
3ab35a66
JM		 4536 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4537 (wpa_s->last_eapol_matches_bssid &&
4538#ifdef CONFIG_AP
4539 !wpa_s->ap_iface &&
4540#endif /* CONFIG_AP */
4541 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 4542 /*
4543 * There is possible race condition between receiving the
4544 * association event and the EAPOL frame since they are coming
4545 * through different paths from the driver. In order to avoid
4546 * issues in trying to process the EAPOL frame before receiving
4547 * association information, lets queue it for processing until
3ab35a66
JM		 4548 * the association event is received. This may also be needed in
4549 * driver-based roaming case, so also use src_addr != BSSID as a
4550 * trigger if we have previously confirmed that the
4551 * Authenticator uses BSSID as the src_addr (which is not the
4552 * case with wired IEEE 802.1X).
1ff73338 4553 */
f049052b 4554 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 4555 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4556 wpa_supplicant_state_txt(wpa_s->wpa_state),
4557 MAC2STR(wpa_s->bssid));
1ff73338
JM		 4558 wpabuf_free(wpa_s->pending_eapol_rx);
4559 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4560 if (wpa_s->pending_eapol_rx) {
c2be937c 4561 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 4562 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4563 ETH_ALEN);
4564 }
4565 return;
4566 }
4567
3ab35a66
JM		 4568 wpa_s->last_eapol_matches_bssid =
4569 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4570
db149ac9
JM		 4571#ifdef CONFIG_AP
4572 if (wpa_s->ap_iface) {
4573 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4574 return;
4575 }
4576#endif /* CONFIG_AP */
4577
6fc6879b 4578 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 4579 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4580 "no key management is configured");
6fc6879b
JM		 4581 return;
4582 }
4583
4584 if (wpa_s->eapol_received == 0 &&
436ee2fd 4585 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
56586197 4586 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4587 wpa_s->wpa_state != WPA_COMPLETED) &&
4588 (wpa_s->current_ssid == NULL ||
f74618cb 4589 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
6fc6879b 4590 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4591 int timeout = 10;
4592
4593 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4594 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4595 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4596 /* Use longer timeout for IEEE 802.1X/EAP */
4597 timeout = 70;
4598 }
4599
c7dafdf9 4600#ifdef CONFIG_WPS
5add4101
JM		 4601 if (wpa_s->current_ssid && wpa_s->current_bss &&
4602 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4603 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4604 /*
4605 * Use shorter timeout if going through WPS AP iteration
4606 * for PIN config method with an AP that does not
4607 * advertise Selected Registrar.
4608 */
4609 struct wpabuf *wps_ie;
4610
4611 wps_ie = wpa_bss_get_vendor_ie_multi(
4612 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4613 if (wps_ie &&
4614 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4615 timeout = 10;
4616 wpabuf_free(wps_ie);
4617 }
c7dafdf9 4618#endif /* CONFIG_WPS */
5add4101
JM		 4619
4620 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4621 }
4622 wpa_s->eapol_received++;
4623
4624 if (wpa_s->countermeasures) {
f049052b
BG		 4625 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4626 "EAPOL packet");
6fc6879b
JM		 4627 return;
4628 }
4629
8be18440
JM		 4630#ifdef CONFIG_IBSS_RSN
4631 if (wpa_s->current_ssid &&
d7dcba70 4632 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4633 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4634 return;
4635 }
4636#endif /* CONFIG_IBSS_RSN */
4637
6fc6879b
JM		 4638 /* Source address of the incoming EAPOL frame could be compared to the
4639 * current BSSID. However, it is possible that a centralized
4640 * Authenticator could be using another MAC address than the BSSID of
4641 * an AP, so just allow any address to be used for now. The replies are
4642 * still sent to the current BSSID (if available), though. */
4643
4644 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4645 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4646 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4647 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4648 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4649 return;
4650 wpa_drv_poll(wpa_s);
436ee2fd 4651 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
6fc6879b 4652 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4653 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4654 /*
4655 * Set portValid = TRUE here since we are going to skip 4-way
4656 * handshake processing which would normally set portValid. We
4657 * need this to allow the EAPOL state machines to be completed
4658 * without going through EAPOL-Key handshake.
4659 */
4660 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4661 }
4662}
4663
4664
bfba8deb 4665int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4666{
2961bfa8
JM		 4667 if ((!wpa_s->p2p_mgmt ||
4668 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4669 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4670 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4671 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4672 wpa_drv_get_mac_addr(wpa_s),
4673 ETH_P_EAPOL,
4674 wpa_supplicant_rx_eapol, wpa_s, 0);
4675 if (wpa_s->l2 == NULL)
4676 return -1;
d89edb61
DC		 4677
4678 if (l2_packet_set_packet_filter(wpa_s->l2,
4679 L2_PACKET_FILTER_PKTTYPE))
4680 wpa_dbg(wpa_s, MSG_DEBUG,
4681 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4682 } else {
4683 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4684 if (addr)
4685 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4686 }
4687
4688 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4689 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4690 return -1;
4691 }
4692
c267753b 4693 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
8788a314 4694 wpas_wps_update_mac_addr(wpa_s);
c267753b 4695
cdb5774f
DL		 4696#ifdef CONFIG_FST
4697 if (wpa_s->fst)
4698 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4699#endif /* CONFIG_FST */
4700
bfba8deb
JM		 4701 return 0;
4702}
4703
4704
25f839c6
JM		 4705static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4706 const u8 *buf, size_t len)
4707{
4708 struct wpa_supplicant *wpa_s = ctx;
4709 const struct l2_ethhdr *eth;
4710
4711 if (len < sizeof(*eth))
4712 return;
4713 eth = (const struct l2_ethhdr *) buf;
4714
4715 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4716 !(eth->h_dest[0] & 0x01)) {
4717 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4718 " (bridge - not for this interface - ignore)",
4719 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4720 return;
4721 }
4722
4723 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4724 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4725 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4726 len - sizeof(*eth));
4727}
4728
4729
bfba8deb
JM		 4730/**
4731 * wpa_supplicant_driver_init - Initialize driver interface parameters
4732 * @wpa_s: Pointer to wpa_supplicant data
4733 * Returns: 0 on success, -1 on failure
4734 *
4735 * This function is called to initialize driver interface parameters.
4736 * wpa_drv_init() must have been called before this function to initialize the
4737 * driver interface.
4738 */
4739int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4740{
4741 static int interface_count = 0;
4742
4743 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4744 return -1;
4745
c68f6200
AS		 4746 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4747 MAC2STR(wpa_s->own_addr));
a313d17d 4748 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4749 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4750
6fc6879b 4751 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4752 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4753 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4754 wpa_s->l2_br = l2_packet_init_bridge(
4755 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4756 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4757 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4758 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4759 "connection for the bridge interface '%s'",
4760 wpa_s->bridge_ifname);
6fc6879b
JM		 4761 return -1;
4762 }
4763 }
4764
8406cd35
JM		 4765 if (wpa_s->conf->ap_scan == 2 &&
4766 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4767 wpa_printf(MSG_INFO,
4768 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4769 }
4770
6fc6879b
JM		 4771 wpa_clear_keys(wpa_s, NULL);
4772
4773 /* Make sure that TKIP countermeasures are not left enabled (could
4774 * happen if wpa_supplicant is killed during countermeasures. */
4775 wpa_drv_set_countermeasures(wpa_s, 0);
4776
f049052b 4777 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4778 wpa_drv_flush_pmkid(wpa_s);
4779
ba2a573c 4780 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4781 wpa_s->prev_scan_wildcard = 0;
4782
349493bd 4783 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4784 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4785 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4786 interface_count = 0;
4787 }
ee82e33d 4788#ifndef ANDROID
3a94adbf 4789 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4790 wpa_supplicant_delayed_sched_scan(wpa_s,
4791 interface_count % 3,
6a90053c 4792 100000))
5d0d72a3 4793 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4794 100000);
ee82e33d 4795#endif /* ANDROID */
74e259ec
JM		 4796 interface_count++;
4797 } else
4798 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4799
4800 return 0;
4801}
4802
4803
4804static int wpa_supplicant_daemon(const char *pid_file)
4805{
4806 wpa_printf(MSG_DEBUG, "Daemonize..");
4807 return os_daemonize(pid_file);
4808}
4809
4810
1772d348
JM		 4811static struct wpa_supplicant *
4812wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4813{
4814 struct wpa_supplicant *wpa_s;
4815
4816 wpa_s = os_zalloc(sizeof(*wpa_s));
4817 if (wpa_s == NULL)
4818 return NULL;
4115303b 4819 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4820 wpa_s->scan_interval = 5;
c302f207 4821 wpa_s->new_connection = 1;
1772d348 4822 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4823 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4824 wpa_s->sched_scanning = 0;
6fc6879b 4825
dd599908 4826 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4827 dl_list_init(&wpa_s->fils_hlp_req);
6c570193
JM		 4828#ifdef CONFIG_TESTING_OPTIONS
4829 dl_list_init(&wpa_s->drv_signal_override);
4830#endif /* CONFIG_TESTING_OPTIONS */
dd599908 4831
6fc6879b
JM		 4832 return wpa_s;
4833}
4834
4835
80e8a5ee
BG		 4836#ifdef CONFIG_HT_OVERRIDES
4837
4838static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4839 struct ieee80211_ht_capabilities *htcaps,
4840 struct ieee80211_ht_capabilities *htcaps_mask,
4841 const char *ht_mcs)
4842{
4843 /* parse ht_mcs into hex array */
4844 int i;
4845 const char *tmp = ht_mcs;
4846 char *end = NULL;
4847
4848 /* If ht_mcs is null, do not set anything */
4849 if (!ht_mcs)
4850 return 0;
4851
4852 /* This is what we are setting in the kernel */
4853 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4854
4855 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4856
4857 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4858 long v;
4859
80e8a5ee 4860 errno = 0;
30eddf35
JB		 4861 v = strtol(tmp, &end, 16);
4862
80e8a5ee
BG		 4863 if (errno == 0) {
4864 wpa_msg(wpa_s, MSG_DEBUG,
4865 "htcap value[%i]: %ld end: %p tmp: %p",
4866 i, v, end, tmp);
4867 if (end == tmp)
4868 break;
4869
4870 htcaps->supported_mcs_set[i] = v;
4871 tmp = end;
4872 } else {
4873 wpa_msg(wpa_s, MSG_ERROR,
4874 "Failed to parse ht-mcs: %s, error: %s\n",
4875 ht_mcs, strerror(errno));
4876 return -1;
4877 }
4878 }
4879
4880 /*
4881 * If we were able to parse any values, then set mask for the MCS set.
4882 */
4883 if (i) {
4884 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4885 IEEE80211_HT_MCS_MASK_LEN - 1);
4886 /* skip the 3 reserved bits */
4887 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4888 0x1f;
4889 }
4890
4891 return 0;
4892}
4893
4894
4895static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4896 struct ieee80211_ht_capabilities *htcaps,
4897 struct ieee80211_ht_capabilities *htcaps_mask,
4898 int disabled)
4899{
5bc28571 4900 le16 msk;
80e8a5ee 4901
80e8a5ee
BG		 4902 if (disabled == -1)
4903 return 0;
4904
bbdb5014
JM		 4905 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4906
80e8a5ee
BG		 4907 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4908 htcaps_mask->ht_capabilities_info |= msk;
4909 if (disabled)
4910 htcaps->ht_capabilities_info &= msk;
4911 else
4912 htcaps->ht_capabilities_info |= msk;
4913
4914 return 0;
4915}
4916
4917
4918static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4919 struct ieee80211_ht_capabilities *htcaps,
4920 struct ieee80211_ht_capabilities *htcaps_mask,
4921 int factor)
4922{
80e8a5ee
BG		 4923 if (factor == -1)
4924 return 0;
4925
bbdb5014
JM		 4926 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4927
80e8a5ee
BG		 4928 if (factor < 0 || factor > 3) {
4929 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4930 "Must be 0-3 or -1", factor);
4931 return -EINVAL;
4932 }
4933
4934 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4935 htcaps->a_mpdu_params &= ~0x3;
4936 htcaps->a_mpdu_params |= factor & 0x3;
4937
4938 return 0;
4939}
4940
4941
4942static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4943 struct ieee80211_ht_capabilities *htcaps,
4944 struct ieee80211_ht_capabilities *htcaps_mask,
4945 int density)
4946{
80e8a5ee
BG		 4947 if (density == -1)
4948 return 0;
4949
bbdb5014
JM		 4950 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4951
80e8a5ee
BG		 4952 if (density < 0 || density > 7) {
4953 wpa_msg(wpa_s, MSG_ERROR,
4954 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4955 density);
4956 return -EINVAL;
4957 }
4958
4959 htcaps_mask->a_mpdu_params |= 0x1C;
4960 htcaps->a_mpdu_params &= ~(0x1C);
4961 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4962
4963 return 0;
4964}
4965
4966
4967static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4968 struct ieee80211_ht_capabilities *htcaps,
4969 struct ieee80211_ht_capabilities *htcaps_mask,
4970 int disabled)
4971{
bbdb5014
JM		 4972 if (disabled)
4973 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
80e8a5ee 4974
9eb5757a
MH		 4975 set_disable_ht40(htcaps, disabled);
4976 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4977
4978 return 0;
4979}
4980
4981
a90497f8
BG		 4982static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4983 struct ieee80211_ht_capabilities *htcaps,
4984 struct ieee80211_ht_capabilities *htcaps_mask,
4985 int disabled)
4986{
4987 /* Masking these out disables SGI */
5bc28571
JM		 4988 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4989 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8 4990
bbdb5014
JM		 4991 if (disabled)
4992 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
a90497f8
BG		 4993
4994 if (disabled)
4995 htcaps->ht_capabilities_info &= ~msk;
4996 else
4997 htcaps->ht_capabilities_info |= msk;
4998
4999 htcaps_mask->ht_capabilities_info |= msk;
5000
5001 return 0;
5002}
5003
5004
39a5800f
PK		 5005static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5006 struct ieee80211_ht_capabilities *htcaps,
5007 struct ieee80211_ht_capabilities *htcaps_mask,
5008 int disabled)
5009{
5010 /* Masking these out disables LDPC */
5bc28571 5011 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f 5012
bbdb5014
JM		 5013 if (disabled)
5014 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
39a5800f
PK		 5015
5016 if (disabled)
5017 htcaps->ht_capabilities_info &= ~msk;
5018 else
5019 htcaps->ht_capabilities_info |= msk;
5020
5021 htcaps_mask->ht_capabilities_info |= msk;
5022
5023 return 0;
5024}
5025
5026
cdeea70f
SM		 5027static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5028 struct ieee80211_ht_capabilities *htcaps,
5029 struct ieee80211_ht_capabilities *htcaps_mask,
5030 int tx_stbc)
5031{
5032 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5033
cdeea70f
SM		 5034 if (tx_stbc == -1)
5035 return 0;
5036
bbdb5014
JM		 5037 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5038
cdeea70f
SM		 5039 if (tx_stbc < 0 || tx_stbc > 1) {
5040 wpa_msg(wpa_s, MSG_ERROR,
5041 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5042 return -EINVAL;
5043 }
5044
5045 htcaps_mask->ht_capabilities_info |= msk;
5046 htcaps->ht_capabilities_info &= ~msk;
5047 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5048
5049 return 0;
5050}
5051
5052
5053static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5054 struct ieee80211_ht_capabilities *htcaps,
5055 struct ieee80211_ht_capabilities *htcaps_mask,
5056 int rx_stbc)
5057{
5058 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5059
cdeea70f
SM		 5060 if (rx_stbc == -1)
5061 return 0;
5062
bbdb5014
JM		 5063 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5064
cdeea70f
SM		 5065 if (rx_stbc < 0 || rx_stbc > 3) {
5066 wpa_msg(wpa_s, MSG_ERROR,
5067 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5068 return -EINVAL;
5069 }
5070
5071 htcaps_mask->ht_capabilities_info |= msk;
5072 htcaps->ht_capabilities_info &= ~msk;
5073 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5074
5075 return 0;
5076}
5077
5078
80e8a5ee
BG		 5079void wpa_supplicant_apply_ht_overrides(
5080 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5081 struct wpa_driver_associate_params *params)
5082{
5083 struct ieee80211_ht_capabilities *htcaps;
5084 struct ieee80211_ht_capabilities *htcaps_mask;
5085
5086 if (!ssid)
5087 return;
5088
5089 params->disable_ht = ssid->disable_ht;
5090 if (!params->htcaps || !params->htcaps_mask)
5091 return;
5092
5093 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5094 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5095 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5096 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5097 ssid->disable_max_amsdu);
5098 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5099 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5100 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 5101 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 5102 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
cdeea70f
SM		 5103 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5104 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
d41cc8cc
JM		 5105
5106 if (ssid->ht40_intolerant) {
5bc28571 5107 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 5108 htcaps->ht_capabilities_info |= bit;
5109 htcaps_mask->ht_capabilities_info |= bit;
5110 }
80e8a5ee
BG		 5111}
5112
5113#endif /* CONFIG_HT_OVERRIDES */
5114
5115
e9ee8dc3
JB		 5116#ifdef CONFIG_VHT_OVERRIDES
5117void wpa_supplicant_apply_vht_overrides(
5118 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5119 struct wpa_driver_associate_params *params)
5120{
5121 struct ieee80211_vht_capabilities *vhtcaps;
5122 struct ieee80211_vht_capabilities *vhtcaps_mask;
5123
5124 if (!ssid)
5125 return;
5126
5127 params->disable_vht = ssid->disable_vht;
5128
5129 vhtcaps = (void *) params->vhtcaps;
5130 vhtcaps_mask = (void *) params->vhtcaps_mask;
5131
5132 if (!vhtcaps || !vhtcaps_mask)
5133 return;
5134
4d8d710f
JM		 5135 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5136 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 5137
4f560cde 5138#ifdef CONFIG_HT_OVERRIDES
fd83a808
BG		 5139 if (ssid->disable_sgi) {
5140 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5141 VHT_CAP_SHORT_GI_160);
5142 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5143 VHT_CAP_SHORT_GI_160);
5144 wpa_msg(wpa_s, MSG_DEBUG,
5145 "disable-sgi override specified, vht-caps: 0x%x",
5146 vhtcaps->vht_capabilities_info);
5147 }
5148
4f560cde 5149 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 5150 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5151 int max_ampdu;
5152
5153 max_ampdu = (ssid->vht_capa &
5154 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5155 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 5156
5157 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5158 wpa_set_ampdu_factor(wpa_s,
5159 (void *) params->htcaps,
5160 (void *) params->htcaps_mask,
5161 max_ampdu);
5162 }
5163#endif /* CONFIG_HT_OVERRIDES */
5164
e9ee8dc3
JB		 5165#define OVERRIDE_MCS(i) \
5166 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5167 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 5168 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5169 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 5170 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5171 2 * (i - 1)); \
e9ee8dc3
JB		 5172 } \
5173 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5174 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 5175 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 5176 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 5177 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5178 2 * (i - 1)); \
e9ee8dc3
JB		 5179 }
5180
5181 OVERRIDE_MCS(1);
5182 OVERRIDE_MCS(2);
5183 OVERRIDE_MCS(3);
5184 OVERRIDE_MCS(4);
5185 OVERRIDE_MCS(5);
5186 OVERRIDE_MCS(6);
5187 OVERRIDE_MCS(7);
5188 OVERRIDE_MCS(8);
5189}
5190#endif /* CONFIG_VHT_OVERRIDES */
5191
5192
f64adcd7
JM		 5193static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5194{
5195#ifdef PCSC_FUNCS
5196 size_t len;
5197
5198 if (!wpa_s->conf->pcsc_reader)
5199 return 0;
5200
22cf7d73 5201 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 5202 if (!wpa_s->scard)
5203 return 1;
5204
5205 if (wpa_s->conf->pcsc_pin &&
5206 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5207 scard_deinit(wpa_s->scard);
5208 wpa_s->scard = NULL;
5209 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5210 return -1;
5211 }
5212
5213 len = sizeof(wpa_s->imsi) - 1;
5214 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5215 scard_deinit(wpa_s->scard);
5216 wpa_s->scard = NULL;
5217 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5218 return -1;
5219 }
5220 wpa_s->imsi[len] = '\0';
5221
5222 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5223
5224 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5225 wpa_s->imsi, wpa_s->mnc_len);
5226
5227 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5228 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5229#endif /* PCSC_FUNCS */
5230
5231 return 0;
5232}
5233
5234
306ae225
JM		 5235int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5236{
5237 char *val, *pos;
5238
5239 ext_password_deinit(wpa_s->ext_pw);
5240 wpa_s->ext_pw = NULL;
5241 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5242
5243 if (!wpa_s->conf->ext_password_backend)
5244 return 0;
5245
5246 val = os_strdup(wpa_s->conf->ext_password_backend);
5247 if (val == NULL)
5248 return -1;
5249 pos = os_strchr(val, ':');
5250 if (pos)
5251 *pos++ = '\0';
5252
5253 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5254
5255 wpa_s->ext_pw = ext_password_init(val, pos);
5256 os_free(val);
5257 if (wpa_s->ext_pw == NULL) {
5258 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5259 return -1;
5260 }
5261 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5262
5263 return 0;
5264}
5265
5266
b36a3a65
AN		 5267#ifdef CONFIG_FST
5268
5269static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5270{
5271 struct wpa_supplicant *wpa_s = ctx;
5272
5273 return (is_zero_ether_addr(wpa_s->bssid) ||
5274 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5275}
5276
5277
5278static void wpas_fst_get_channel_info_cb(void *ctx,
5279 enum hostapd_hw_mode *hw_mode,
5280 u8 *channel)
5281{
5282 struct wpa_supplicant *wpa_s = ctx;
5283
5284 if (wpa_s->current_bss) {
5285 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5286 channel);
5287 } else if (wpa_s->hw.num_modes) {
5288 *hw_mode = wpa_s->hw.modes[0].mode;
5289 } else {
5290 WPA_ASSERT(0);
5291 *hw_mode = 0;
5292 }
5293}
5294
5295
5296static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5297{
5298 struct wpa_supplicant *wpa_s = ctx;
5299
5300 *modes = wpa_s->hw.modes;
5301 return wpa_s->hw.num_modes;
5302}
5303
5304
84bcb4e7 5305static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 5306{
5307 struct wpa_supplicant *wpa_s = ctx;
5308
b7a07937 5309 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 5310 wpa_s->fst_ies = fst_ies;
5311}
5312
5313
5314static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5315{
5316 struct wpa_supplicant *wpa_s = ctx;
5317
0da35523
JM		 5318 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5319 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5320 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5321 return -1;
5322 }
b36a3a65 5323 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 5324 wpa_s->own_addr, wpa_s->bssid,
5325 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 5326 0);
5327}
5328
5329
a0f04da5 5330static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 5331{
5332 struct wpa_supplicant *wpa_s = ctx;
5333
5334 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5335 return wpa_s->received_mb_ies;
5336}
5337
5338
5339static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5340 const u8 *buf, size_t size)
5341{
5342 struct wpa_supplicant *wpa_s = ctx;
5343 struct mb_ies_info info;
5344
5345 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5346
5347 if (!mb_ies_info_by_ies(&info, buf, size)) {
5348 wpabuf_free(wpa_s->received_mb_ies);
5349 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5350 }
5351}
5352
5353
39cdd3a0
JM		 5354static const u8 * wpas_fst_get_peer_first(void *ctx,
5355 struct fst_get_peer_ctx **get_ctx,
5356 Boolean mb_only)
b36a3a65
AN		 5357{
5358 struct wpa_supplicant *wpa_s = ctx;
5359
5360 *get_ctx = NULL;
5361 if (!is_zero_ether_addr(wpa_s->bssid))
5362 return (wpa_s->received_mb_ies || !mb_only) ?
5363 wpa_s->bssid : NULL;
5364 return NULL;
5365}
5366
5367
39cdd3a0
JM		 5368static const u8 * wpas_fst_get_peer_next(void *ctx,
5369 struct fst_get_peer_ctx **get_ctx,
5370 Boolean mb_only)
b36a3a65
AN		 5371{
5372 return NULL;
5373}
5374
5375void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5376 struct fst_wpa_obj *iface_obj)
5377{
5378 iface_obj->ctx = wpa_s;
5379 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5380 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5381 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5382 iface_obj->set_ies = wpas_fst_set_ies_cb;
5383 iface_obj->send_action = wpas_fst_send_action_cb;
5384 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5385 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5386 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5387 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5388}
5389#endif /* CONFIG_FST */
5390
a520bf4a 5391static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 5392 const struct wpa_driver_capa *capa)
e4fa8b12 5393{
88cb27c7
DS		 5394 struct wowlan_triggers *triggers;
5395 int ret = 0;
e4fa8b12
EP		 5396
5397 if (!wpa_s->conf->wowlan_triggers)
5398 return 0;
5399
88cb27c7
DS		 5400 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5401 if (triggers) {
5402 ret = wpa_drv_wowlan(wpa_s, triggers);
5403 os_free(triggers);
e4fa8b12 5404 }
e4fa8b12
EP		 5405 return ret;
5406}
5407
5408
2b6e9f91 5409enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 5410{
5411 if (freq < 3000)
5412 return BAND_2_4_GHZ;
5413 if (freq > 50000)
5414 return BAND_60_GHZ;
5415 return BAND_5_GHZ;
5416}
5417
5418
2b6e9f91 5419unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 5420{
5421 int i;
5422 unsigned int band = 0;
5423
5424 if (freqs) {
5425 /* freqs are specified for the radio work */
5426 for (i = 0; freqs[i]; i++)
5427 band |= wpas_freq_to_band(freqs[i]);
5428 } else {
5429 /*
5430 * freqs are not specified, implies all
5431 * the supported freqs by HW
5432 */
5433 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5434 if (wpa_s->hw.modes[i].num_channels != 0) {
5435 if (wpa_s->hw.modes[i].mode ==
5436 HOSTAPD_MODE_IEEE80211B ||
5437 wpa_s->hw.modes[i].mode ==
5438 HOSTAPD_MODE_IEEE80211G)
5439 band |= BAND_2_4_GHZ;
5440 else if (wpa_s->hw.modes[i].mode ==
5441 HOSTAPD_MODE_IEEE80211A)
5442 band |= BAND_5_GHZ;
5443 else if (wpa_s->hw.modes[i].mode ==
5444 HOSTAPD_MODE_IEEE80211AD)
5445 band |= BAND_60_GHZ;
5446 else if (wpa_s->hw.modes[i].mode ==
5447 HOSTAPD_MODE_IEEE80211ANY)
5448 band = BAND_2_4_GHZ | BAND_5_GHZ |
5449 BAND_60_GHZ;
5450 }
5451 }
5452 }
5453
5454 return band;
5455}
5456
5457
202dec2a
JM		 5458static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5459 const char *rn)
5460{
5461 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5462 struct wpa_radio *radio;
5463
5464 while (rn && iface) {
5465 radio = iface->radio;
5466 if (radio && os_strcmp(rn, radio->name) == 0) {
5467 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5468 wpa_s->ifname, rn);
5469 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5470 return radio;
5471 }
b154a24e
TB		 5472
5473 iface = iface->next;
202dec2a
JM		 5474 }
5475
5476 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5477 wpa_s->ifname, rn ? rn : "N/A");
5478 radio = os_zalloc(sizeof(*radio));
5479 if (radio == NULL)
5480 return NULL;
5481
5482 if (rn)
5483 os_strlcpy(radio->name, rn, sizeof(radio->name));
5484 dl_list_init(&radio->ifaces);
b1ae396f 5485 dl_list_init(&radio->work);
202dec2a
JM		 5486 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5487
5488 return radio;
5489}
5490
5491
b1ae396f
JM		 5492static void radio_work_free(struct wpa_radio_work *work)
5493{
d12a51b5
JM		 5494 if (work->wpa_s->scan_work == work) {
5495 /* This should not really happen. */
5496 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5497 work->type, work, work->started);
5498 work->wpa_s->scan_work = NULL;
5499 }
5500
1b5d4714
JM		 5501#ifdef CONFIG_P2P
5502 if (work->wpa_s->p2p_scan_work == work) {
5503 /* This should not really happen. */
5504 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5505 work->type, work, work->started);
5506 work->wpa_s->p2p_scan_work = NULL;
5507 }
5508#endif /* CONFIG_P2P */
5509
e903d32d
KV		 5510 if (work->started) {
5511 work->wpa_s->radio->num_active_works--;
5512 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 5513 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 5514 work->type, work,
5515 work->wpa_s->radio->num_active_works);
5516 }
5517
b1ae396f
JM		 5518 dl_list_del(&work->list);
5519 os_free(work);
5520}
5521
5522
4c6f450c
JM		 5523static int radio_work_is_connect(struct wpa_radio_work *work)
5524{
5525 return os_strcmp(work->type, "sme-connect") == 0 ||
5526 os_strcmp(work->type, "connect") == 0;
5527}
5528
5529
85b6b6b6
SD		 5530static int radio_work_is_scan(struct wpa_radio_work *work)
5531{
5532 return os_strcmp(work->type, "scan") == 0 ||
5533 os_strcmp(work->type, "p2p-scan") == 0;
5534}
5535
5536
e903d32d
KV		 5537static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5538{
5539 struct wpa_radio_work *active_work = NULL;
5540 struct wpa_radio_work *tmp;
5541
5542 /* Get the active work to know the type and band. */
5543 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5544 if (tmp->started) {
5545 active_work = tmp;
5546 break;
5547 }
5548 }
5549
5550 if (!active_work) {
5551 /* No active work, start one */
5552 radio->num_active_works = 0;
5553 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5554 list) {
5555 if (os_strcmp(tmp->type, "scan") == 0 &&
5556 radio->external_scan_running &&
5557 (((struct wpa_driver_scan_params *)
5558 tmp->ctx)->only_new_results ||
5559 tmp->wpa_s->clear_driver_scan_cache))
5560 continue;
5561 return tmp;
5562 }
5563 return NULL;
5564 }
5565
4c6f450c 5566 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 5567 /*
5568 * If the active work is either connect or sme-connect,
5569 * do not parallelize them with other radio works.
5570 */
5571 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5572 "Do not parallelize radio work with %s",
5573 active_work->type);
5574 return NULL;
5575 }
5576
5577 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5578 if (tmp->started)
5579 continue;
5580
5581 /*
5582 * If connect or sme-connect are enqueued, parallelize only
5583 * those operations ahead of them in the queue.
5584 */
4c6f450c 5585 if (radio_work_is_connect(tmp))
e903d32d
KV		 5586 break;
5587
85b6b6b6
SD		 5588 /* Serialize parallel scan and p2p_scan operations on the same
5589 * interface since the driver_nl80211 mechanism for tracking
5590 * scan cookies does not yet have support for this. */
5591 if (active_work->wpa_s == tmp->wpa_s &&
5592 radio_work_is_scan(active_work) &&
5593 radio_work_is_scan(tmp)) {
5594 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5595 "Do not start work '%s' when another work '%s' is already scheduled",
5596 tmp->type, active_work->type);
5597 continue;
5598 }
e903d32d
KV		 5599 /*
5600 * Check that the radio works are distinct and
5601 * on different bands.
5602 */
5603 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5604 (active_work->bands != tmp->bands)) {
5605 /*
5606 * If a scan has to be scheduled through nl80211 scan
5607 * interface and if an external scan is already running,
5608 * do not schedule the scan since it is likely to get
5609 * rejected by kernel.
5610 */
5611 if (os_strcmp(tmp->type, "scan") == 0 &&
5612 radio->external_scan_running &&
5613 (((struct wpa_driver_scan_params *)
5614 tmp->ctx)->only_new_results ||
5615 tmp->wpa_s->clear_driver_scan_cache))
5616 continue;
5617
5618 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5619 "active_work:%s new_work:%s",
5620 active_work->type, tmp->type);
5621 return tmp;
5622 }
5623 }
5624
5625 /* Did not find a radio work to schedule in parallel. */
5626 return NULL;
5627}
5628
5629
b1ae396f
JM		 5630static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5631{
5632 struct wpa_radio *radio = eloop_ctx;
5633 struct wpa_radio_work *work;
5634 struct os_reltime now, diff;
6428d0a7 5635 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 5636
5637 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 5638 if (work == NULL) {
5639 radio->num_active_works = 0;
b1ae396f 5640 return;
e903d32d 5641 }
b1ae396f 5642
6428d0a7
JM		 5643 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5644 radio_list);
e903d32d
KV		 5645
5646 if (!(wpa_s &&
5647 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5648 if (work->started)
5649 return; /* already started and still in progress */
5650
5651 if (wpa_s && wpa_s->radio->external_scan_running) {
5652 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5653 return;
5654 }
5655 } else {
5656 work = NULL;
5657 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5658 /* get the work to schedule next */
5659 work = radio_work_get_next_work(radio);
5660 }
5661 if (!work)
5662 return;
6428d0a7
JM		 5663 }
5664
e903d32d 5665 wpa_s = work->wpa_s;
b1ae396f
JM		 5666 os_get_reltime(&now);
5667 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5668 wpa_dbg(wpa_s, MSG_DEBUG,
5669 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5670 work->type, work, diff.sec, diff.usec);
5671 work->started = 1;
5672 work->time = now;
e903d32d
KV		 5673 radio->num_active_works++;
5674
b1ae396f 5675 work->cb(work, 0);
e903d32d
KV		 5676
5677 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5678 radio->num_active_works < MAX_ACTIVE_WORKS)
5679 radio_work_check_next(wpa_s);
b1ae396f
JM		 5680}
5681
5682
b3253ebb
AO		 5683/*
5684 * This function removes both started and pending radio works running on
5685 * the provided interface's radio.
5686 * Prior to the removal of the radio work, its callback (cb) is called with
5687 * deinit set to be 1. Each work's callback is responsible for clearing its
5688 * internal data and restoring to a correct state.
5689 * @wpa_s: wpa_supplicant data
5690 * @type: type of works to be removed
5691 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5692 * this interface's works.
5693 */
5694void radio_remove_works(struct wpa_supplicant *wpa_s,
5695 const char *type, int remove_all)
b1ae396f
JM		 5696{
5697 struct wpa_radio_work *work, *tmp;
5698 struct wpa_radio *radio = wpa_s->radio;
5699
5700 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5701 list) {
b3253ebb 5702 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5703 continue;
b3253ebb
AO		 5704
5705 /* skip other ifaces' works */
5706 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5707 continue;
b3253ebb
AO		 5708
5709 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5710 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5711 work->cb(work, 1);
5712 radio_work_free(work);
5713 }
b3253ebb
AO		 5714
5715 /* in case we removed the started work */
5716 radio_work_check_next(wpa_s);
b1ae396f
JM		 5717}
5718
5719
6a252ece
JM		 5720void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5721{
5722 struct wpa_radio_work *work;
5723 struct wpa_radio *radio = wpa_s->radio;
5724
5725 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5726 if (work->ctx != ctx)
5727 continue;
5728 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5729 work->type, work, work->started ? " (started)" : "");
5730 radio_work_free(work);
5731 break;
5732 }
5733}
5734
5735
202dec2a
JM		 5736static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5737{
5738 struct wpa_radio *radio = wpa_s->radio;
5739
5740 if (!radio)
5741 return;
5742
5743 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5744 wpa_s->ifname, radio->name);
5745 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5746 radio_remove_works(wpa_s, NULL, 0);
5747 wpa_s->radio = NULL;
5748 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5749 return; /* Interfaces remain for this radio */
5750
5751 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5752 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5753 os_free(radio);
5754}
5755
5756
6428d0a7 5757void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5758{
5759 struct wpa_radio *radio = wpa_s->radio;
5760
5761 if (dl_list_empty(&radio->work))
5762 return;
e3745228
JM		 5763 if (wpa_s->ext_work_in_progress) {
5764 wpa_printf(MSG_DEBUG,
5765 "External radio work in progress - delay start of pending item");
5766 return;
5767 }
b1ae396f
JM		 5768 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5769 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5770}
5771
5772
5773/**
5774 * radio_add_work - Add a radio work item
5775 * @wpa_s: Pointer to wpa_supplicant data
5776 * @freq: Frequency of the offchannel operation in MHz or 0
5777 * @type: Unique identifier for each type of work
5778 * @next: Force as the next work to be executed
5779 * @cb: Callback function for indicating when radio is available
5780 * @ctx: Context pointer for the work (work->ctx in cb())
5781 * Returns: 0 on success, -1 on failure
5782 *
5783 * This function is used to request time for an operation that requires
5784 * exclusive radio control. Once the radio is available, the registered callback
5785 * function will be called. radio_work_done() must be called once the exclusive
5786 * radio operation has been completed, so that the radio is freed for other
5787 * operations. The special case of deinit=1 is used to free the context data
5788 * during interface removal. That does not allow the callback function to start
5789 * the radio operation, i.e., it must free any resources allocated for the radio
5790 * work and return.
5791 *
5792 * The @freq parameter can be used to indicate a single channel on which the
5793 * offchannel operation will occur. This may allow multiple radio work
5794 * operations to be performed in parallel if they apply for the same channel.
5795 * Setting this to 0 indicates that the work item may use multiple channels or
5796 * requires exclusive control of the radio.
5797 */
5798int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5799 const char *type, int next,
5800 void (*cb)(struct wpa_radio_work *work, int deinit),
5801 void *ctx)
5802{
e903d32d 5803 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5804 struct wpa_radio_work *work;
5805 int was_empty;
5806
5807 work = os_zalloc(sizeof(*work));
5808 if (work == NULL)
5809 return -1;
5810 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5811 os_get_reltime(&work->time);
5812 work->freq = freq;
5813 work->type = type;
5814 work->wpa_s = wpa_s;
5815 work->cb = cb;
5816 work->ctx = ctx;
5817
e903d32d
KV		 5818 if (freq)
5819 work->bands = wpas_freq_to_band(freq);
5820 else if (os_strcmp(type, "scan") == 0 ||
5821 os_strcmp(type, "p2p-scan") == 0)
5822 work->bands = wpas_get_bands(wpa_s,
5823 ((struct wpa_driver_scan_params *)
5824 ctx)->freqs);
5825 else
5826 work->bands = wpas_get_bands(wpa_s, NULL);
5827
b1ae396f
JM		 5828 was_empty = dl_list_empty(&wpa_s->radio->work);
5829 if (next)
5830 dl_list_add(&wpa_s->radio->work, &work->list);
5831 else
5832 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5833 if (was_empty) {
5834 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5835 radio_work_check_next(wpa_s);
e903d32d
KV		 5836 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5837 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5838 wpa_dbg(wpa_s, MSG_DEBUG,
5839 "Try to schedule a radio work (num_active_works=%u)",
5840 radio->num_active_works);
5841 radio_work_check_next(wpa_s);
b1ae396f
JM		 5842 }
5843
5844 return 0;
5845}
5846
5847
5848/**
5849 * radio_work_done - Indicate that a radio work item has been completed
5850 * @work: Completed work
5851 *
5852 * This function is called once the callback function registered with
5853 * radio_add_work() has completed its work.
5854 */
5855void radio_work_done(struct wpa_radio_work *work)
5856{
5857 struct wpa_supplicant *wpa_s = work->wpa_s;
5858 struct os_reltime now, diff;
1f965e62 5859 unsigned int started = work->started;
b1ae396f
JM		 5860
5861 os_get_reltime(&now);
5862 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5863 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5864 work->type, work, started ? "done" : "canceled",
5865 diff.sec, diff.usec);
b1ae396f 5866 radio_work_free(work);
1f965e62
JM		 5867 if (started)
5868 radio_work_check_next(wpa_s);
b1ae396f
JM		 5869}
5870
5871
a7f5271d
JM		 5872struct wpa_radio_work *
5873radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5874{
5875 struct wpa_radio_work *work;
5876 struct wpa_radio *radio = wpa_s->radio;
5877
5878 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5879 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5880 return work;
f0e30c84
JM		 5881 }
5882
a7f5271d 5883 return NULL;
f0e30c84
JM		 5884}
5885
5886
73c00fd7 5887static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5888 const struct wpa_interface *iface)
73c00fd7 5889{
202dec2a 5890 const char *ifname, *driver, *rn;
73c00fd7
JM		 5891
5892 driver = iface->driver;
5893next_driver:
5894 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5895 return -1;
5896
5897 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5898 if (wpa_s->drv_priv == NULL) {
5899 const char *pos;
5900 pos = driver ? os_strchr(driver, ',') : NULL;
5901 if (pos) {
5902 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5903 "driver interface - try next driver wrapper");
5904 driver = pos + 1;
5905 goto next_driver;
5906 }
5907 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5908 "interface");
5909 return -1;
5910 }
5911 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5912 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5913 "driver_param '%s'", wpa_s->conf->driver_param);
5914 return -1;
5915 }
5916
5917 ifname = wpa_drv_get_ifname(wpa_s);
5918 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5919 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5920 "interface name with '%s'", ifname);
5921 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5922 }
5923
95bf699f 5924 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5925 if (rn && rn[0] == '\0')
5926 rn = NULL;
5927
5928 wpa_s->radio = radio_add_interface(wpa_s, rn);
5929 if (wpa_s->radio == NULL)
5930 return -1;
5931
73c00fd7
JM		 5932 return 0;
5933}
5934
5935
461d39af
JM		 5936#ifdef CONFIG_GAS_SERVER
5937
5938static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5939 unsigned int freq, const u8 *dst,
5940 const u8 *src, const u8 *bssid,
5941 const u8 *data, size_t data_len,
5942 enum offchannel_send_action_result result)
5943{
5944 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5945 " result=%s",
5946 freq, MAC2STR(dst),
5947 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5948 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5949 "FAILED"));
5950 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5951 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5952}
5953
5954
5955static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5956 struct wpabuf *buf, unsigned int wait_time)
5957{
5958 struct wpa_supplicant *wpa_s = ctx;
5959 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5960
5961 if (wait_time > wpa_s->max_remain_on_chan)
5962 wait_time = wpa_s->max_remain_on_chan;
5963
5964 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5965 wpabuf_head(buf), wpabuf_len(buf),
5966 wait_time, wpas_gas_server_tx_status, 0);
5967}
5968
5969#endif /* CONFIG_GAS_SERVER */
5970
6fc6879b 5971static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5972 const struct wpa_interface *iface)
6fc6879b 5973{
362f781e 5974 struct wpa_driver_capa capa;
6cbdb0c5 5975 int capa_res;
aa56e36d 5976 u8 dfs_domain;
362f781e 5977
6fc6879b
JM		 5978 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5979 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5980 iface->confname ? iface->confname : "N/A",
5981 iface->driver ? iface->driver : "default",
5982 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5983 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5984
6fc6879b
JM		 5985 if (iface->confname) {
5986#ifdef CONFIG_BACKEND_FILE
5987 wpa_s->confname = os_rel2abs_path(iface->confname);
5988 if (wpa_s->confname == NULL) {
5989 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5990 "for configuration file '%s'.",
5991 iface->confname);
5992 return -1;
5993 }
5994 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5995 iface->confname, wpa_s->confname);
5996#else /* CONFIG_BACKEND_FILE */
5997 wpa_s->confname = os_strdup(iface->confname);
5998#endif /* CONFIG_BACKEND_FILE */
e6304cad 5999 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 6000 if (wpa_s->conf == NULL) {
6001 wpa_printf(MSG_ERROR, "Failed to read or parse "
6002 "configuration '%s'.", wpa_s->confname);
6003 return -1;
6004 }
e6304cad 6005 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 6006 if (wpa_s->confanother &&
6007 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6008 wpa_printf(MSG_ERROR,
6009 "Failed to read or parse configuration '%s'.",
6010 wpa_s->confanother);
6011 return -1;
6012 }
6fc6879b
JM		 6013
6014 /*
6015 * Override ctrl_interface and driver_param if set on command
6016 * line.
6017 */
6018 if (iface->ctrl_interface) {
6019 os_free(wpa_s->conf->ctrl_interface);
6020 wpa_s->conf->ctrl_interface =
6021 os_strdup(iface->ctrl_interface);
6022 }
6023
6024 if (iface->driver_param) {
6025 os_free(wpa_s->conf->driver_param);
6026 wpa_s->conf->driver_param =
6027 os_strdup(iface->driver_param);
6028 }
78f79fe5
JM		 6029
6030 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6031 os_free(wpa_s->conf->ctrl_interface);
6032 wpa_s->conf->ctrl_interface = NULL;
6033 }
6fc6879b
JM		 6034 } else
6035 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6036 iface->driver_param);
6037
6038 if (wpa_s->conf == NULL) {
6039 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6040 return -1;
6041 }
6042
6043 if (iface->ifname == NULL) {
6044 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6045 return -1;
6046 }
6047 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6048 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6049 iface->ifname);
6050 return -1;
6051 }
6052 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6053
6054 if (iface->bridge_ifname) {
6055 if (os_strlen(iface->bridge_ifname) >=
6056 sizeof(wpa_s->bridge_ifname)) {
6057 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6058 "name '%s'.", iface->bridge_ifname);
6059 return -1;
6060 }
6061 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6062 sizeof(wpa_s->bridge_ifname));
6063 }
6064
6fc6879b
JM		 6065 /* RSNA Supplicant Key Management - INITIALIZE */
6066 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
6067 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
6068
6069 /* Initialize driver interface and register driver event handler before
6070 * L2 receive handler so that association events are processed before
6071 * EAPOL-Key packets if both become available for the same select()
6072 * call. */
73c00fd7 6073 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 6074 return -1;
6075
6fc6879b
JM		 6076 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6077 return -1;
6078
6079 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6080 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6081 NULL);
6082 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6083
6084 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6085 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6086 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 6087 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6088 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 6089 return -1;
6090 }
6091
6092 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6093 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6094 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 6095 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 6096 "dot11RSNAConfigPMKReauthThreshold");
6097 return -1;
6098 }
6099
6100 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6101 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6102 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 6103 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6104 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 6105 return -1;
6106 }
6107
6bf731e8
CL		 6108 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6109 &wpa_s->hw.num_modes,
aa56e36d
VT		 6110 &wpa_s->hw.flags,
6111 &dfs_domain);
a1b790eb
JM		 6112 if (wpa_s->hw.modes) {
6113 u16 i;
6114
6115 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6116 if (wpa_s->hw.modes[i].vht_capab) {
6117 wpa_s->hw_capab = CAPAB_VHT;
6118 break;
6119 }
6120
6121 if (wpa_s->hw.modes[i].ht_capab &
6122 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6123 wpa_s->hw_capab = CAPAB_HT40;
6124 else if (wpa_s->hw.modes[i].ht_capab &&
6125 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6126 wpa_s->hw_capab = CAPAB_HT;
6127 }
6128 }
6bf731e8 6129
6cbdb0c5
JM		 6130 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6131 if (capa_res == 0) {
c58ab8f2 6132 wpa_s->drv_capa_known = 1;
814782b9 6133 wpa_s->drv_flags = capa.flags;
349493bd 6134 wpa_s->drv_enc = capa.enc;
04ee647d 6135 wpa_s->drv_smps_modes = capa.smps_modes;
f936b73c 6136 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 6137 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 6138 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 6139 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 6140 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6141 wpa_s->max_sched_scan_plan_interval =
6142 capa.max_sched_scan_plan_interval;
6143 wpa_s->max_sched_scan_plan_iterations =
6144 capa.max_sched_scan_plan_iterations;
cbdf3507 6145 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 6146 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 6147 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 6148 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 6149 wpa_s->extended_capa = capa.extended_capa;
6150 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6151 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 6152 wpa_s->num_multichan_concurrent =
6153 capa.num_multichan_concurrent;
471cd6e1 6154 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 6155
6156 if (capa.mac_addr_rand_scan_supported)
6157 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6158 if (wpa_s->sched_scan_supported &&
6159 capa.mac_addr_rand_sched_scan_supported)
6160 wpa_s->mac_addr_rand_supported |=
6161 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
2a93ecc8
JM		 6162
6163 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6164 if (wpa_s->extended_capa &&
6165 wpa_s->extended_capa_len >= 3 &&
6166 wpa_s->extended_capa[2] & 0x40)
6167 wpa_s->multi_bss_support = 1;
814782b9
JM		 6168 }
6169 if (wpa_s->max_remain_on_chan == 0)
6170 wpa_s->max_remain_on_chan = 1000;
6171
c68f6200
AS		 6172 /*
6173 * Only take p2p_mgmt parameters when P2P Device is supported.
6174 * Doing it here as it determines whether l2_packet_init() will be done
6175 * during wpa_supplicant_driver_init().
6176 */
6177 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6178 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 6179
4752147d
IP		 6180 if (wpa_s->num_multichan_concurrent == 0)
6181 wpa_s->num_multichan_concurrent = 1;
6182
6fc6879b
JM		 6183 if (wpa_supplicant_driver_init(wpa_s) < 0)
6184 return -1;
6185
281ff0aa 6186#ifdef CONFIG_TDLS
8fb2b357 6187 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 6188 return -1;
6189#endif /* CONFIG_TDLS */
6190
315ce40a
JM		 6191 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6192 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 6193 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 6194 return -1;
6195 }
6196
b36a3a65
AN		 6197#ifdef CONFIG_FST
6198 if (wpa_s->conf->fst_group_id) {
6199 struct fst_iface_cfg cfg;
6200 struct fst_wpa_obj iface_obj;
6201
6202 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6203 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6204 sizeof(cfg.group_id));
6205 cfg.priority = wpa_s->conf->fst_priority;
6206 cfg.llt = wpa_s->conf->fst_llt;
6207
6208 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6209 &iface_obj, &cfg);
6210 if (!wpa_s->fst) {
6211 wpa_msg(wpa_s, MSG_ERROR,
6212 "FST: Cannot attach iface %s to group %s",
6213 wpa_s->ifname, cfg.group_id);
6214 return -1;
6215 }
6216 }
6217#endif /* CONFIG_FST */
6218
116654ce
JM		 6219 if (wpas_wps_init(wpa_s))
6220 return -1;
6221
461d39af
JM		 6222#ifdef CONFIG_GAS_SERVER
6223 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6224 if (!wpa_s->gas_server) {
6225 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6226 return -1;
6227 }
6228#endif /* CONFIG_GAS_SERVER */
6229
be27e185
JM		 6230#ifdef CONFIG_DPP
6231 if (wpas_dpp_init(wpa_s) < 0)
6232 return -1;
6233#endif /* CONFIG_DPP */
6234
6fc6879b
JM		 6235 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6236 return -1;
6237 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6238
6239 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6240 if (wpa_s->ctrl_iface == NULL) {
6241 wpa_printf(MSG_ERROR,
6242 "Failed to initialize control interface '%s'.\n"
6243 "You may have another wpa_supplicant process "
6244 "already running or the file was\n"
6245 "left by an unclean termination of wpa_supplicant "
6246 "in which case you will need\n"
6247 "to manually remove this file before starting "
6248 "wpa_supplicant again.\n",
6249 wpa_s->conf->ctrl_interface);
6250 return -1;
6251 }
6252
04ea7b79
JM		 6253 wpa_s->gas = gas_query_init(wpa_s);
6254 if (wpa_s->gas == NULL) {
6255 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6256 return -1;
6257 }
6258
8fb2b357
VV		 6259 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6260 wpa_s->p2p_mgmt) &&
6261 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 6262 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 6263 return -1;
6264 }
b22128ef 6265
83922c2d
JM		 6266 if (wpa_bss_init(wpa_s) < 0)
6267 return -1;
83922c2d 6268
4d77d80e
MH		 6269#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6270#ifdef CONFIG_MESH
6271 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6272#endif /* CONFIG_MESH */
6273#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6274
e4fa8b12
EP		 6275 /*
6276 * Set Wake-on-WLAN triggers, if configured.
6277 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6278 * have effect anyway when the interface is down).
6279 */
6cbdb0c5 6280 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 6281 return -1;
6282
ec7b97ab
JM		 6283#ifdef CONFIG_EAP_PROXY
6284{
6285 size_t len;
b5db6e5d
VK		 6286 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6287 wpa_s->imsi, &len);
ec7b97ab
JM		 6288 if (wpa_s->mnc_len > 0) {
6289 wpa_s->imsi[len] = '\0';
6290 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6291 wpa_s->imsi, wpa_s->mnc_len);
6292 } else {
6293 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6294 }
6295}
6296#endif /* CONFIG_EAP_PROXY */
6297
f64adcd7
JM		 6298 if (pcsc_reader_init(wpa_s) < 0)
6299 return -1;
6300
306ae225
JM		 6301 if (wpas_init_ext_pw(wpa_s) < 0)
6302 return -1;
6303
b361d580
AK		 6304 wpas_rrm_reset(wpa_s);
6305
32c02261
AS		 6306 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6307
ca9968a0
JM		 6308#ifdef CONFIG_HS20
6309 hs20_init(wpa_s);
6310#endif /* CONFIG_HS20 */
92c6e2e3 6311#ifdef CONFIG_MBO
2e06cef8 6312 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
332aadb8
AP		 6313 if ((wpa_s->conf->oce & OCE_STA) &&
6314 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6315 wpa_s->enable_oce = OCE_STA;
6316 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6317 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6318 /* TODO: Need to add STA-CFON support */
6319 wpa_printf(MSG_ERROR,
6320 "OCE STA-CFON feature is not yet supported");
6321 }
6322 }
92c6e2e3
DS		 6323 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6324#endif /* CONFIG_MBO */
ca9968a0 6325
cc9985d1 6326 wpa_supplicant_set_default_scan_ies(wpa_s);
6327
6fc6879b
JM		 6328 return 0;
6329}
6330
6331
2ee055b3 6332static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 6333 int notify, int terminate)
6fc6879b 6334{
26fc96e8
JM		 6335 struct wpa_global *global = wpa_s->global;
6336 struct wpa_supplicant *iface, *prev;
6337
6338 if (wpa_s == wpa_s->parent)
6339 wpas_p2p_group_remove(wpa_s, "*");
6340
6341 iface = global->ifaces;
6342 while (iface) {
96a26ab7
LD		 6343 if (iface->p2pdev == wpa_s)
6344 iface->p2pdev = iface->parent;
26fc96e8
JM		 6345 if (iface == wpa_s || iface->parent != wpa_s) {
6346 iface = iface->next;
6347 continue;
6348 }
6349 wpa_printf(MSG_DEBUG,
6350 "Remove remaining child interface %s from parent %s",
6351 iface->ifname, wpa_s->ifname);
6352 prev = iface;
6353 iface = iface->next;
6354 wpa_supplicant_remove_iface(global, prev, terminate);
6355 }
6356
e679f140 6357 wpa_s->disconnected = 1;
6fc6879b 6358 if (wpa_s->drv_priv) {
02c21c02
ASB		 6359 /* Don't deauthenticate if WoWLAN is enabled */
6360 if (!wpa_drv_get_wowlan(wpa_s)) {
6361 wpa_supplicant_deauthenticate(
6362 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 6363
02c21c02
ASB		 6364 wpa_drv_set_countermeasures(wpa_s, 0);
6365 wpa_clear_keys(wpa_s, NULL);
6366 } else {
6367 wpa_msg(wpa_s, MSG_INFO,
6368 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6369 }
6fc6879b
JM		 6370 }
6371
8e56d189 6372 wpa_supplicant_cleanup(wpa_s);
bd10d938 6373 wpas_p2p_deinit_iface(wpa_s);
ab28911d 6374
1f965e62 6375 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 6376 radio_remove_interface(wpa_s);
6377
b36a3a65
AN		 6378#ifdef CONFIG_FST
6379 if (wpa_s->fst) {
6380 fst_detach(wpa_s->fst);
6381 wpa_s->fst = NULL;
6382 }
6383 if (wpa_s->received_mb_ies) {
6384 wpabuf_free(wpa_s->received_mb_ies);
6385 wpa_s->received_mb_ies = NULL;
6386 }
6387#endif /* CONFIG_FST */
6388
6fc6879b
JM		 6389 if (wpa_s->drv_priv)
6390 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 6391
6392 if (notify)
6393 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 6394
6395 if (terminate)
6396 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6397
6398 if (wpa_s->ctrl_iface) {
6399 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6400 wpa_s->ctrl_iface = NULL;
6401 }
6402
603a3f34
JL		 6403#ifdef CONFIG_MESH
6404 if (wpa_s->ifmsh) {
6405 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6406 wpa_s->ifmsh = NULL;
6407 }
6408#endif /* CONFIG_MESH */
6409
f0811516
DS		 6410 if (wpa_s->conf != NULL) {
6411 wpa_config_free(wpa_s->conf);
6412 wpa_s->conf = NULL;
6413 }
18e00b5e 6414
a80651d0 6415 os_free(wpa_s->ssids_from_scan_req);
16ef233b 6416 os_free(wpa_s->last_scan_freqs);
a80651d0 6417
18e00b5e 6418 os_free(wpa_s);
6fc6879b
JM		 6419}
6420
6421
2e997eec
RM		 6422#ifdef CONFIG_MATCH_IFACE
6423
6424/**
6425 * wpa_supplicant_match_iface - Match an interface description to a name
6426 * @global: Pointer to global data from wpa_supplicant_init()
6427 * @ifname: Name of the interface to match
6428 * Returns: Pointer to the created interface description or %NULL on failure
6429 */
6430struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6431 const char *ifname)
6432{
6433 int i;
6434 struct wpa_interface *iface, *miface;
6435
6436 for (i = 0; i < global->params.match_iface_count; i++) {
6437 miface = &global->params.match_ifaces[i];
6438 if (!miface->ifname ||
6439 fnmatch(miface->ifname, ifname, 0) == 0) {
6440 iface = os_zalloc(sizeof(*iface));
6441 if (!iface)
6442 return NULL;
6443 *iface = *miface;
6444 iface->ifname = ifname;
6445 return iface;
6446 }
6447 }
6448
6449 return NULL;
6450}
6451
6452
6453/**
6454 * wpa_supplicant_match_existing - Match existing interfaces
6455 * @global: Pointer to global data from wpa_supplicant_init()
6456 * Returns: 0 on success, -1 on failure
6457 */
6458static int wpa_supplicant_match_existing(struct wpa_global *global)
6459{
6460 struct if_nameindex *ifi, *ifp;
6461 struct wpa_supplicant *wpa_s;
6462 struct wpa_interface *iface;
6463
6464 ifp = if_nameindex();
6465 if (!ifp) {
6466 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6467 return -1;
6468 }
6469
6470 for (ifi = ifp; ifi->if_name; ifi++) {
6471 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6472 if (wpa_s)
6473 continue;
6474 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6475 if (iface) {
6476 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6477 os_free(iface);
6478 if (wpa_s)
6479 wpa_s->matched = 1;
6480 }
6481 }
6482
6483 if_freenameindex(ifp);
6484 return 0;
6485}
6486
6487#endif /* CONFIG_MATCH_IFACE */
6488
6489
6fc6879b
JM		 6490/**
6491 * wpa_supplicant_add_iface - Add a new network interface
6492 * @global: Pointer to global data from wpa_supplicant_init()
6493 * @iface: Interface configuration options
1772d348 6494 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 6495 * Returns: Pointer to the created interface or %NULL on failure
6496 *
6497 * This function is used to add new network interfaces for %wpa_supplicant.
6498 * This can be called before wpa_supplicant_run() to add interfaces before the
6499 * main event loop has been started. In addition, new interfaces can be added
6500 * dynamically while %wpa_supplicant is already running. This could happen,
6501 * e.g., when a hotplug network adapter is inserted.
6502 */
6503struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 6504 struct wpa_interface *iface,
6505 struct wpa_supplicant *parent)
6fc6879b
JM		 6506{
6507 struct wpa_supplicant *wpa_s;
d27df100 6508 struct wpa_interface t_iface;
8e56d189 6509 struct wpa_ssid *ssid;
6fc6879b
JM		 6510
6511 if (global == NULL || iface == NULL)
6512 return NULL;
6513
1772d348 6514 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 6515 if (wpa_s == NULL)
6516 return NULL;
6517
d8222ae3
JM		 6518 wpa_s->global = global;
6519
d27df100
JM		 6520 t_iface = *iface;
6521 if (global->params.override_driver) {
6522 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6523 "('%s' -> '%s')",
6524 iface->driver, global->params.override_driver);
6525 t_iface.driver = global->params.override_driver;
6526 }
6527 if (global->params.override_ctrl_interface) {
6528 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6529 "ctrl_interface ('%s' -> '%s')",
6530 iface->ctrl_interface,
6531 global->params.override_ctrl_interface);
6532 t_iface.ctrl_interface =
6533 global->params.override_ctrl_interface;
6534 }
6535 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 6536 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6537 iface->ifname);
df509539 6538 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 6539 return NULL;
6540 }
6541
21efc940
TB		 6542 if (iface->p2p_mgmt == 0) {
6543 /* Notify the control interfaces about new iface */
6544 if (wpas_notify_iface_added(wpa_s)) {
6545 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6546 return NULL;
6547 }
1bd3f426 6548
21efc940
TB		 6549 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6550 wpas_notify_network_added(wpa_s, ssid);
6551 }
8e56d189 6552
6fc6879b
JM		 6553 wpa_s->next = global->ifaces;
6554 global->ifaces = wpa_s;
6555
f049052b 6556 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 6557 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 6558
c3c4b3ed
JM		 6559#ifdef CONFIG_P2P
6560 if (wpa_s->global->p2p == NULL &&
74802c09 6561 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 6562 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 6563 wpas_p2p_add_p2pdev_interface(
6564 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 6565 wpa_printf(MSG_INFO,
6566 "P2P: Failed to enable P2P Device interface");
6567 /* Try to continue without. P2P will be disabled. */
6568 }
6569#endif /* CONFIG_P2P */
6570
6fc6879b
JM		 6571 return wpa_s;
6572}
6573
6574
6575/**
6576 * wpa_supplicant_remove_iface - Remove a network interface
6577 * @global: Pointer to global data from wpa_supplicant_init()
6578 * @wpa_s: Pointer to the network interface to be removed
6579 * Returns: 0 if interface was removed, -1 if interface was not found
6580 *
6581 * This function can be used to dynamically remove network interfaces from
6582 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6583 * addition, this function is used to remove all remaining interfaces when
6584 * %wpa_supplicant is terminated.
6585 */
6586int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 6587 struct wpa_supplicant *wpa_s,
6588 int terminate)
6fc6879b
JM		 6589{
6590 struct wpa_supplicant *prev;
5b78493f
MH		 6591#ifdef CONFIG_MESH
6592 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6593 char *ifname = NULL;
9b170991 6594 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 6595#endif /* CONFIG_MESH */
6fc6879b
JM		 6596
6597 /* Remove interface from the global list of interfaces */
6598 prev = global->ifaces;
6599 if (prev == wpa_s) {
6600 global->ifaces = wpa_s->next;
6601 } else {
6602 while (prev && prev->next != wpa_s)
6603 prev = prev->next;
6604 if (prev == NULL)
6605 return -1;
6606 prev->next = wpa_s->next;
6607 }
6608
f049052b 6609 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 6610
5b78493f
MH		 6611#ifdef CONFIG_MESH
6612 if (mesh_if_created) {
6613 ifname = os_strdup(wpa_s->ifname);
6614 if (ifname == NULL) {
6615 wpa_dbg(wpa_s, MSG_ERROR,
6616 "mesh: Failed to malloc ifname");
6617 return -1;
6618 }
6619 }
6620#endif /* CONFIG_MESH */
6621
b22128ef
JM		 6622 if (global->p2p_group_formation == wpa_s)
6623 global->p2p_group_formation = NULL;
dbca75f8
JM		 6624 if (global->p2p_invite_group == wpa_s)
6625 global->p2p_invite_group = NULL;
df509539 6626 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 6627
5b78493f
MH		 6628#ifdef CONFIG_MESH
6629 if (mesh_if_created) {
9b170991 6630 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 6631 os_free(ifname);
6632 }
6633#endif /* CONFIG_MESH */
6634
6fc6879b
JM		 6635 return 0;
6636}
6637
6638
cf83fb0b
PS		 6639/**
6640 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6641 * @wpa_s: Pointer to the network interface
6642 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6643 */
6644const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6645{
6646 const char *eapol_method;
6647
6648 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6649 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6650 return "NO-EAP";
6651 }
6652
6653 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6654 if (eapol_method == NULL)
6655 return "UNKNOWN-EAP";
6656
6657 return eapol_method;
6658}
6659
6660
6fc6879b
JM		 6661/**
6662 * wpa_supplicant_get_iface - Get a new network interface
6663 * @global: Pointer to global data from wpa_supplicant_init()
6664 * @ifname: Interface name
6665 * Returns: Pointer to the interface or %NULL if not found
6666 */
6667struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6668 const char *ifname)
6669{
6670 struct wpa_supplicant *wpa_s;
6671
6672 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6673 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6674 return wpa_s;
6675 }
6676 return NULL;
6677}
6678
6679
50b16da1 6680#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6681static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6682{
6683 struct wpa_supplicant *wpa_s = ctx;
6684 if (wpa_s == NULL)
6685 return NULL;
6686 return wpa_s->ifname;
6687}
50b16da1 6688#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6689
6690
8c0d0ff2
JM		 6691#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6692#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6693#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6694
6695/* Periodic cleanup tasks */
6696static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6697{
6698 struct wpa_global *global = eloop_ctx;
6699 struct wpa_supplicant *wpa_s;
6700
6701 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6702 wpas_periodic, global, NULL);
6703
6704#ifdef CONFIG_P2P
6705 if (global->p2p)
6706 p2p_expire_peers(global->p2p);
6707#endif /* CONFIG_P2P */
6708
3188aaba 6709 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6710 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6711#ifdef CONFIG_AP
6712 ap_periodic(wpa_s);
6713#endif /* CONFIG_AP */
6714 }
8c0d0ff2
JM		 6715}
6716
6717
6fc6879b
JM		 6718/**
6719 * wpa_supplicant_init - Initialize %wpa_supplicant
6720 * @params: Parameters for %wpa_supplicant
6721 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6722 *
6723 * This function is used to initialize %wpa_supplicant. After successful
6724 * initialization, the returned data pointer can be used to add and remove
6725 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6726 */
6727struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6728{
6729 struct wpa_global *global;
ac305589 6730 int ret, i;
6fc6879b
JM		 6731
6732 if (params == NULL)
6733 return NULL;
6734
39e7d718
JM		 6735#ifdef CONFIG_DRIVER_NDIS
6736 {
6737 void driver_ndis_init_ops(void);
6738 driver_ndis_init_ops();
6739 }
6740#endif /* CONFIG_DRIVER_NDIS */
6741
50b16da1 6742#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6743 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6744#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6745
f4637fe0
JM		 6746 if (params->wpa_debug_file_path)
6747 wpa_debug_open_file(params->wpa_debug_file_path);
53661e3a 6748 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
f4637fe0 6749 wpa_debug_setup_stdout();
daa70d49
SL		 6750 if (params->wpa_debug_syslog)
6751 wpa_debug_open_syslog();
4f68895e
JB		 6752 if (params->wpa_debug_tracing) {
6753 ret = wpa_debug_open_linux_tracing();
6754 if (ret) {
6755 wpa_printf(MSG_ERROR,
6756 "Failed to enable trace logging");
6757 return NULL;
6758 }
6759 }
6fc6879b 6760
12760815 6761 ret = eap_register_methods();
6fc6879b
JM		 6762 if (ret) {
6763 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6764 if (ret == -2)
6765 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6766 "the same EAP type.");
6767 return NULL;
6768 }
6769
6770 global = os_zalloc(sizeof(*global));
6771 if (global == NULL)
6772 return NULL;
b22128ef
JM		 6773 dl_list_init(&global->p2p_srv_bonjour);
6774 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6775 global->params.daemonize = params->daemonize;
6776 global->params.wait_for_monitor = params->wait_for_monitor;
6777 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6778 if (params->pid_file)
6779 global->params.pid_file = os_strdup(params->pid_file);
6780 if (params->ctrl_interface)
6781 global->params.ctrl_interface =
6782 os_strdup(params->ctrl_interface);
29257565
JM		 6783 if (params->ctrl_interface_group)
6784 global->params.ctrl_interface_group =
6785 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6786 if (params->override_driver)
6787 global->params.override_driver =
6788 os_strdup(params->override_driver);
6789 if (params->override_ctrl_interface)
6790 global->params.override_ctrl_interface =
6791 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6792#ifdef CONFIG_MATCH_IFACE
6793 global->params.match_iface_count = params->match_iface_count;
6794 if (params->match_iface_count) {
6795 global->params.match_ifaces =
6796 os_calloc(params->match_iface_count,
6797 sizeof(struct wpa_interface));
6798 os_memcpy(global->params.match_ifaces,
6799 params->match_ifaces,
6800 params->match_iface_count *
6801 sizeof(struct wpa_interface));
6802 }
6803#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6804#ifdef CONFIG_P2P
6805 if (params->conf_p2p_dev)
6806 global->params.conf_p2p_dev =
6807 os_strdup(params->conf_p2p_dev);
6808#endif /* CONFIG_P2P */
6fc6879b
JM		 6809 wpa_debug_level = global->params.wpa_debug_level =
6810 params->wpa_debug_level;
6811 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6812 params->wpa_debug_show_keys;
6813 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6814 params->wpa_debug_timestamp;
6815
f19858f5
JM		 6816 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6817
0456ea16 6818 if (eloop_init()) {
6fc6879b
JM		 6819 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6820 wpa_supplicant_deinit(global);
6821 return NULL;
6822 }
6823
38e24575 6824 random_init(params->entropy_file);
d47fa330 6825
6fc6879b
JM		 6826 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6827 if (global->ctrl_iface == NULL) {
6828 wpa_supplicant_deinit(global);
6829 return NULL;
6830 }
6831
dc461de4
WS		 6832 if (wpas_notify_supplicant_initialized(global)) {
6833 wpa_supplicant_deinit(global);
6834 return NULL;
6fc6879b
JM		 6835 }
6836
c5121837 6837 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6838 global->drv_count++;
6839 if (global->drv_count == 0) {
6840 wpa_printf(MSG_ERROR, "No drivers enabled");
6841 wpa_supplicant_deinit(global);
6842 return NULL;
6843 }
faebdeaa 6844 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6845 if (global->drv_priv == NULL) {
6846 wpa_supplicant_deinit(global);
6847 return NULL;
6848 }
ac305589 6849
9675ce35
JM		 6850#ifdef CONFIG_WIFI_DISPLAY
6851 if (wifi_display_init(global) < 0) {
6852 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6853 wpa_supplicant_deinit(global);
6854 return NULL;
6855 }
6856#endif /* CONFIG_WIFI_DISPLAY */
6857
8c0d0ff2
JM		 6858 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6859 wpas_periodic, global, NULL);
6860
6fc6879b
JM		 6861 return global;
6862}
6863
6864
6865/**
6866 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6867 * @global: Pointer to global data from wpa_supplicant_init()
6868 * Returns: 0 after successful event loop run, -1 on failure
6869 *
6870 * This function starts the main event loop and continues running as long as
6871 * there are any remaining events. In most cases, this function is running as
6872 * long as the %wpa_supplicant process in still in use.
6873 */
6874int wpa_supplicant_run(struct wpa_global *global)
6875{
6876 struct wpa_supplicant *wpa_s;
6877
6878 if (global->params.daemonize &&
2e69bdd1
RM		 6879 (wpa_supplicant_daemon(global->params.pid_file) ||
6880 eloop_sock_requeue()))
6fc6879b
JM		 6881 return -1;
6882
2e997eec
RM		 6883#ifdef CONFIG_MATCH_IFACE
6884 if (wpa_supplicant_match_existing(global))
6885 return -1;
6886#endif
6887
6fc6879b
JM		 6888 if (global->params.wait_for_monitor) {
6889 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6890 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6891 wpa_supplicant_ctrl_iface_wait(
6892 wpa_s->ctrl_iface);
6893 }
6894
0456ea16
JM		 6895 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6896 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6897
6898 eloop_run();
6899
6900 return 0;
6901}
6902
6903
6904/**
6905 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6906 * @global: Pointer to global data from wpa_supplicant_init()
6907 *
6908 * This function is called to deinitialize %wpa_supplicant and to free all
6909 * allocated resources. Remaining network interfaces will also be removed.
6910 */
6911void wpa_supplicant_deinit(struct wpa_global *global)
6912{
ac305589
JM		 6913 int i;
6914
6fc6879b
JM		 6915 if (global == NULL)
6916 return;
6917
8c0d0ff2
JM		 6918 eloop_cancel_timeout(wpas_periodic, global, NULL);
6919
9675ce35
JM		 6920#ifdef CONFIG_WIFI_DISPLAY
6921 wifi_display_deinit(global);
6922#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6923
6fc6879b 6924 while (global->ifaces)
df509539 6925 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6926
6927 if (global->ctrl_iface)
6928 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6929
6930 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6931
6932 eap_peer_unregister_methods();
3ec97afe
JM		 6933#ifdef CONFIG_AP
6934 eap_server_unregister_methods();
6935#endif /* CONFIG_AP */
6fc6879b 6936
c5121837 6937 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6938 if (!global->drv_priv[i])
6939 continue;
c5121837 6940 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6941 }
6942 os_free(global->drv_priv);
6943
d47fa330
JM		 6944 random_deinit();
6945
6fc6879b
JM		 6946 eloop_destroy();
6947
6948 if (global->params.pid_file) {
6949 os_daemonize_terminate(global->params.pid_file);
6950 os_free(global->params.pid_file);
6951 }
6952 os_free(global->params.ctrl_interface);
29257565 6953 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6954 os_free(global->params.override_driver);
6955 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6956#ifdef CONFIG_MATCH_IFACE
6957 os_free(global->params.match_ifaces);
6958#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6959#ifdef CONFIG_P2P
6960 os_free(global->params.conf_p2p_dev);
6961#endif /* CONFIG_P2P */
6fc6879b 6962
af8a827b 6963 os_free(global->p2p_disallow_freq.range);
253f2e37 6964 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6965 os_free(global->add_psk);
6f3bc72b 6966
6fc6879b 6967 os_free(global);
daa70d49 6968 wpa_debug_close_syslog();
6fc6879b 6969 wpa_debug_close_file();
4f68895e 6970 wpa_debug_close_linux_tracing();
6fc6879b 6971}
611aea7d
JM		 6972
6973
6974void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6975{
849b5dc7
JM		 6976 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6977 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6978 char country[3];
6979 country[0] = wpa_s->conf->country[0];
6980 country[1] = wpa_s->conf->country[1];
6981 country[2] = '\0';
6982 if (wpa_drv_set_country(wpa_s, country) < 0) {
6983 wpa_printf(MSG_ERROR, "Failed to set country code "
6984 "'%s'", country);
6985 }
6986 }
6987
306ae225
JM		 6988 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6989 wpas_init_ext_pw(wpa_s);
6990
bea48f77
JM		 6991 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6992 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6993
3c7863f8
LD		 6994 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6995 struct wpa_driver_capa capa;
6996 int res = wpa_drv_get_capa(wpa_s, &capa);
6997
6998 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6999 wpa_printf(MSG_ERROR,
7000 "Failed to update wowlan_triggers to '%s'",
7001 wpa_s->conf->wowlan_triggers);
7002 }
7003
ef59f987
AB		 7004 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7005 wpa_supplicant_set_default_scan_ies(wpa_s);
7006
611aea7d
JM		 7007#ifdef CONFIG_WPS
7008 wpas_wps_update_config(wpa_s);
7009#endif /* CONFIG_WPS */
b22128ef 7010 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 7011 wpa_s->conf->changed_parameters = 0;
7012}
2f9c6aa6
JM		 7013
7014
e1117c1c 7015void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 7016{
7017 int i;
7018
7019 for (i = 0; i < *num_freqs; i++) {
7020 if (freqs[i] == freq)
7021 return;
7022 }
7023
7024 freqs[*num_freqs] = freq;
7025 (*num_freqs)++;
7026}
7027
7028
7029static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7030{
7031 struct wpa_bss *bss, *cbss;
7032 const int max_freqs = 10;
7033 int *freqs;
7034 int num_freqs = 0;
7035
faebdeaa 7036 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 7037 if (freqs == NULL)
7038 return NULL;
7039
7040 cbss = wpa_s->current_bss;
7041
7042 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7043 if (bss == cbss)
7044 continue;
7045 if (bss->ssid_len == cbss->ssid_len &&
7046 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7047 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
7048 add_freq(freqs, &num_freqs, bss->freq);
7049 if (num_freqs == max_freqs)
7050 break;
7051 }
7052 }
7053
7054 if (num_freqs == 0) {
7055 os_free(freqs);
7056 freqs = NULL;
7057 }
7058
7059 return freqs;
7060}
7061
7062
7063void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7064{
7065 int timeout;
7066 int count;
7067 int *freqs = NULL;
7068
6ac4b15e
JM		 7069 wpas_connect_work_done(wpa_s);
7070
5fd9fb27
JM		 7071 /*
7072 * Remove possible authentication timeout since the connection failed.
7073 */
7074 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7075
c2805909
JM		 7076 /*
7077 * There is no point in blacklisting the AP if this event is
7078 * generated based on local request to disconnect.
7079 */
7080 if (wpa_s->own_disconnect_req) {
7081 wpa_s->own_disconnect_req = 0;
7082 wpa_dbg(wpa_s, MSG_DEBUG,
7083 "Ignore connection failure due to local request to disconnect");
7084 return;
7085 }
0cdb93fe 7086 if (wpa_s->disconnected) {
0cdb93fe
JM		 7087 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7088 "indication since interface has been put into "
7089 "disconnected state");
7090 return;
7091 }
7092
0fb337c1
JM		 7093 /*
7094 * Add the failed BSSID into the blacklist and speed up next scan
7095 * attempt if there could be other APs that could accept association.
7096 * The current blacklist count indicates how many times we have tried
7097 * connecting to this AP and multiple attempts mean that other APs are
7098 * either not available or has already been tried, so that we can start
7099 * increasing the delay here to avoid constant scanning.
7100 */
7101 count = wpa_blacklist_add(wpa_s, bssid);
7102 if (count == 1 && wpa_s->current_bss) {
7103 /*
7104 * This BSS was not in the blacklist before. If there is
7105 * another BSS available for the same ESS, we should try that
7106 * next. Otherwise, we may as well try this one once more
7107 * before allowing other, likely worse, ESSes to be considered.
7108 */
7109 freqs = get_bss_freqs_in_ess(wpa_s);
7110 if (freqs) {
f049052b
BG		 7111 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7112 "has been seen; try it next");
0fb337c1
JM		 7113 wpa_blacklist_add(wpa_s, bssid);
7114 /*
7115 * On the next scan, go through only the known channels
7116 * used in this ESS based on previous scans to speed up
7117 * common load balancing use case.
7118 */
7119 os_free(wpa_s->next_scan_freqs);
7120 wpa_s->next_scan_freqs = freqs;
7121 }
7122 }
7123
f1a52633
JM		 7124 /*
7125 * Add previous failure count in case the temporary blacklist was
7126 * cleared due to no other BSSes being available.
7127 */
7128 count += wpa_s->extra_blacklist_count;
7129
dd579704
JM		 7130 if (count > 3 && wpa_s->current_ssid) {
7131 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7132 "consider temporary network disabling");
b19c098e 7133 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 7134 }
7135
0fb337c1
JM		 7136 switch (count) {
7137 case 1:
7138 timeout = 100;
7139 break;
7140 case 2:
7141 timeout = 500;
7142 break;
7143 case 3:
7144 timeout = 1000;
7145 break;
f1a52633 7146 case 4:
0fb337c1 7147 timeout = 5000;
f1a52633
JM		 7148 break;
7149 default:
7150 timeout = 10000;
7151 break;
0fb337c1
JM		 7152 }
7153
f1a52633
JM		 7154 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
7155 "ms", count, timeout);
7156
0fb337c1
JM		 7157 /*
7158 * TODO: if more than one possible AP is available in scan results,
7159 * could try the other ones before requesting a new scan.
7160 */
0a42f1ed
IP		 7161
7162 /* speed up the connection attempt with normal scan */
7163 wpa_s->normal_scans = 0;
0fb337c1
JM		 7164 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7165 1000 * (timeout % 1000));
7166}
22628eca
JM		 7167
7168
af835d75
AB		 7169#ifdef CONFIG_FILS
7170void fils_connection_failure(struct wpa_supplicant *wpa_s)
7171{
7172 struct wpa_ssid *ssid = wpa_s->current_ssid;
7173 const u8 *realm, *username, *rrk;
7174 size_t realm_len, username_len, rrk_len;
7175 u16 next_seq_num;
7176
7177 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7178 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7179 &username, &username_len,
7180 &realm, &realm_len, &next_seq_num,
7181 &rrk, &rrk_len) != 0 ||
7182 !realm)
7183 return;
7184
7185 wpa_hexdump_ascii(MSG_DEBUG,
7186 "FILS: Store last connection failure realm",
7187 realm, realm_len);
7188 os_free(wpa_s->last_con_fail_realm);
7189 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7190 if (wpa_s->last_con_fail_realm) {
7191 wpa_s->last_con_fail_realm_len = realm_len;
7192 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7193 }
7194}
7195#endif /* CONFIG_FILS */
7196
7197
22628eca
JM		 7198int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7199{
7200 return wpa_s->conf->ap_scan == 2 ||
7201 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7202}
d2118814
JM		 7203
7204
7205#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
7206int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7207 struct wpa_ssid *ssid,
7208 const char *field,
7209 const char *value)
7210{
7211#ifdef IEEE8021X_EAPOL
7212 struct eap_peer_config *eap = &ssid->eap;
7213
7214 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7215 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7216 (const u8 *) value, os_strlen(value));
7217
7218 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7219 case WPA_CTRL_REQ_EAP_IDENTITY:
7220 os_free(eap->identity);
7221 eap->identity = (u8 *) os_strdup(value);
7222 eap->identity_len = os_strlen(value);
7223 eap->pending_req_identity = 0;
7224 if (ssid == wpa_s->current_ssid)
7225 wpa_s->reassociate = 1;
7226 break;
7227 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 7228 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 7229 eap->password = (u8 *) os_strdup(value);
7230 eap->password_len = os_strlen(value);
7231 eap->pending_req_password = 0;
7232 if (ssid == wpa_s->current_ssid)
7233 wpa_s->reassociate = 1;
7234 break;
7235 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 7236 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 7237 eap->new_password = (u8 *) os_strdup(value);
7238 eap->new_password_len = os_strlen(value);
7239 eap->pending_req_new_password = 0;
7240 if (ssid == wpa_s->current_ssid)
7241 wpa_s->reassociate = 1;
7242 break;
7243 case WPA_CTRL_REQ_EAP_PIN:
b99c4cad
JM		 7244 str_clear_free(eap->cert.pin);
7245 eap->cert.pin = os_strdup(value);
d2118814
JM		 7246 eap->pending_req_pin = 0;
7247 if (ssid == wpa_s->current_ssid)
7248 wpa_s->reassociate = 1;
7249 break;
7250 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 7251 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 7252 eap->otp = (u8 *) os_strdup(value);
7253 eap->otp_len = os_strlen(value);
7254 os_free(eap->pending_req_otp);
7255 eap->pending_req_otp = NULL;
7256 eap->pending_req_otp_len = 0;
7257 break;
7258 case WPA_CTRL_REQ_EAP_PASSPHRASE:
b99c4cad
JM		 7259 str_clear_free(eap->cert.private_key_passwd);
7260 eap->cert.private_key_passwd = os_strdup(value);
d2118814
JM		 7261 eap->pending_req_passphrase = 0;
7262 if (ssid == wpa_s->current_ssid)
7263 wpa_s->reassociate = 1;
7264 break;
a5d44ac0 7265 case WPA_CTRL_REQ_SIM:
19c48da0 7266 str_clear_free(eap->external_sim_resp);
a5d44ac0 7267 eap->external_sim_resp = os_strdup(value);
ed9b1c16 7268 eap->pending_req_sim = 0;
a5d44ac0 7269 break;
a52410c2
JM		 7270 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7271 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7272 return -1;
7273 ssid->mem_only_psk = 1;
7274 if (ssid->passphrase)
7275 wpa_config_update_psk(ssid);
7276 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7277 wpa_supplicant_req_scan(wpa_s, 0, 0);
7278 break;
3c108b75
JM		 7279 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7280 if (eap->pending_ext_cert_check != PENDING_CHECK)
7281 return -1;
7282 if (os_strcmp(value, "good") == 0)
7283 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7284 else if (os_strcmp(value, "bad") == 0)
7285 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7286 else
7287 return -1;
7288 break;
d2118814
JM		 7289 default:
7290 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7291 return -1;
7292 }
7293
7294 return 0;
7295#else /* IEEE8021X_EAPOL */
7296 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7297 return -1;
7298#endif /* IEEE8021X_EAPOL */
7299}
7300#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 7301
7302
7303int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7304{
7305 int i;
7306 unsigned int drv_enc;
7307
44b9ea5b
JM		 7308 if (wpa_s->p2p_mgmt)
7309 return 1; /* no normal network profiles on p2p_mgmt interface */
7310
349493bd
JM		 7311 if (ssid == NULL)
7312 return 1;
7313
7314 if (ssid->disabled)
7315 return 1;
7316
9feadba1 7317 if (wpa_s->drv_capa_known)
349493bd
JM		 7318 drv_enc = wpa_s->drv_enc;
7319 else
7320 drv_enc = (unsigned int) -1;
7321
7322 for (i = 0; i < NUM_WEP_KEYS; i++) {
7323 size_t len = ssid->wep_key_len[i];
7324 if (len == 0)
7325 continue;
7326 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7327 continue;
7328 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7329 continue;
7330 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7331 continue;
7332 return 1; /* invalid WEP key */
7333 }
7334
9173b16f 7335 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 7336 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 7337 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 7338 !ssid->mem_only_psk)
2518aad3
JM		 7339 return 1;
7340
349493bd
JM		 7341 return 0;
7342}
b9cfc09a
JJ		 7343
7344
3f56a2b7
JM		 7345int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7346{
3f56a2b7
JM		 7347 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7348 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7349 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7350 /*
7351 * Driver does not support BIP -- ignore pmf=1 default
7352 * since the connection with PMF would fail and the
7353 * configuration does not require PMF to be enabled.
7354 */
7355 return NO_MGMT_FRAME_PROTECTION;
7356 }
7357
22950049
JM		 7358 if (ssid &&
7359 (ssid->key_mgmt &
7360 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7361 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7362 /*
7363 * Do not use the default PMF value for non-RSN networks
7364 * since PMF is available only with RSN and pmf=2
7365 * configuration would otherwise prevent connections to
7366 * all open networks.
7367 */
7368 return NO_MGMT_FRAME_PROTECTION;
7369 }
7370
3f56a2b7
JM		 7371 return wpa_s->conf->pmf;
7372 }
7373
7374 return ssid->ieee80211w;
3f56a2b7
JM		 7375}
7376
7377
b9cfc09a
JJ		 7378int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7379{
7380 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7381 return 1;
7382 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7383 return 0;
7384 return -1;
7385}
00e5e3d5
JM		 7386
7387
b19c098e 7388void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 7389{
7390 struct wpa_ssid *ssid = wpa_s->current_ssid;
7391 int dur;
4e1eae1d 7392 struct os_reltime now;
00e5e3d5
JM		 7393
7394 if (ssid == NULL) {
7395 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7396 "SSID block");
7397 return;
7398 }
7399
7400 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7401 return;
7402
7403 ssid->auth_failures++;
cbf41ca7
SL		 7404
7405#ifdef CONFIG_P2P
7406 if (ssid->p2p_group &&
7407 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7408 /*
7409 * Skip the wait time since there is a short timeout on the
7410 * connection to a P2P group.
7411 */
7412 return;
7413 }
7414#endif /* CONFIG_P2P */
7415
00e5e3d5
JM		 7416 if (ssid->auth_failures > 50)
7417 dur = 300;
00e5e3d5 7418 else if (ssid->auth_failures > 10)
8a77f1be 7419 dur = 120;
00e5e3d5 7420 else if (ssid->auth_failures > 5)
8a77f1be
JM		 7421 dur = 90;
7422 else if (ssid->auth_failures > 3)
7423 dur = 60;
7424 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 7425 dur = 30;
7426 else if (ssid->auth_failures > 1)
7427 dur = 20;
7428 else
7429 dur = 10;
7430
8a77f1be
JM		 7431 if (ssid->auth_failures > 1 &&
7432 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7433 dur += os_random() % (ssid->auth_failures * 10);
7434
4e1eae1d 7435 os_get_reltime(&now);
00e5e3d5
JM		 7436 if (now.sec + dur <= ssid->disabled_until.sec)
7437 return;
7438
7439 ssid->disabled_until.sec = now.sec + dur;
7440
7441 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 7442 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 7443 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 7444 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 7445}
7446
7447
7448void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7449 struct wpa_ssid *ssid, int clear_failures)
7450{
7451 if (ssid == NULL)
7452 return;
7453
7454 if (ssid->disabled_until.sec) {
7455 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7456 "id=%d ssid=\"%s\"",
7457 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7458 }
7459 ssid->disabled_until.sec = 0;
7460 ssid->disabled_until.usec = 0;
7461 if (clear_failures)
7462 ssid->auth_failures = 0;
7463}
6407f413
JM		 7464
7465
7466int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7467{
7468 size_t i;
7469
7470 if (wpa_s->disallow_aps_bssid == NULL)
7471 return 0;
7472
7473 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7474 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7475 bssid, ETH_ALEN) == 0)
7476 return 1;
7477 }
7478
7479 return 0;
7480}
7481
7482
7483int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7484 size_t ssid_len)
7485{
7486 size_t i;
7487
7488 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7489 return 0;
7490
7491 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7492 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7493 if (ssid_len == s->ssid_len &&
7494 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7495 return 1;
7496 }
7497
7498 return 0;
7499}
9796a86c
JM		 7500
7501
7502/**
7503 * wpas_request_connection - Request a new connection
7504 * @wpa_s: Pointer to the network interface
7505 *
7506 * This function is used to request a new connection to be found. It will mark
7507 * the interface to allow reassociation and request a new scan to find a
7508 * suitable network to connect to.
7509 */
7510void wpas_request_connection(struct wpa_supplicant *wpa_s)
7511{
7512 wpa_s->normal_scans = 0;
5214f4fa 7513 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 7514 wpa_supplicant_reinit_autoscan(wpa_s);
7515 wpa_s->extra_blacklist_count = 0;
7516 wpa_s->disconnected = 0;
7517 wpa_s->reassociate = 1;
2cb40e9f 7518 wpa_s->last_owe_group = 0;
5e24beae
MH		 7519
7520 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7521 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 7522 else
7523 wpa_s->reattach = 0;
9796a86c 7524}
36b9883d
DG		 7525
7526
5f040be4
RP		 7527/**
7528 * wpas_request_disconnection - Request disconnection
7529 * @wpa_s: Pointer to the network interface
7530 *
7531 * This function is used to request disconnection from the currently connected
7532 * network. This will stop any ongoing scans and initiate deauthentication.
7533 */
7534void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7535{
7536#ifdef CONFIG_SME
7537 wpa_s->sme.prev_bssid_set = 0;
7538#endif /* CONFIG_SME */
7539 wpa_s->reassociate = 0;
7540 wpa_s->disconnected = 1;
7541 wpa_supplicant_cancel_sched_scan(wpa_s);
7542 wpa_supplicant_cancel_scan(wpa_s);
7543 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7544 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
f5db7750
JM		 7545 radio_remove_works(wpa_s, "connect", 0);
7546 radio_remove_works(wpa_s, "sme-connect", 0);
5f040be4
RP		 7547}
7548
7549
a0c90bb0
IP		 7550void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7551 struct wpa_used_freq_data *freqs_data,
7552 unsigned int len)
7553{
7554 unsigned int i;
7555
7556 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7557 len, title);
7558 for (i = 0; i < len; i++) {
7559 struct wpa_used_freq_data *cur = &freqs_data[i];
7560 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7561 i, cur->freq, cur->flags);
7562 }
7563}
7564
7565
53c5dfc2
IP		 7566/*
7567 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 7568 * are using the same radio as the current interface, and in addition, get
7569 * information about the interface types that are using the frequency.
53c5dfc2 7570 */
a0c90bb0
IP		 7571int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7572 struct wpa_used_freq_data *freqs_data,
7573 unsigned int len)
53c5dfc2 7574{
53c5dfc2
IP		 7575 struct wpa_supplicant *ifs;
7576 u8 bssid[ETH_ALEN];
7577 int freq;
7578 unsigned int idx = 0, i;
7579
217cf499
JM		 7580 wpa_dbg(wpa_s, MSG_DEBUG,
7581 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 7582 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 7583
0ad3b9c4
JM		 7584 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7585 radio_list) {
a0c90bb0
IP		 7586 if (idx == len)
7587 break;
7588
53c5dfc2
IP		 7589 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7590 continue;
7591
7592 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 7593 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7594 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 7595 freq = ifs->current_ssid->frequency;
7596 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7597 freq = ifs->assoc_freq;
7598 else
7599 continue;
7600
7601 /* Hold only distinct freqs */
7602 for (i = 0; i < idx; i++)
a0c90bb0 7603 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 7604 break;
7605
7606 if (i == idx)
a0c90bb0
IP		 7607 freqs_data[idx++].freq = freq;
7608
7609 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 7610 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 7611 WPA_FREQ_USED_BY_P2P_CLIENT :
7612 WPA_FREQ_USED_BY_INFRA_STATION;
7613 }
53c5dfc2 7614 }
217cf499 7615
a0c90bb0 7616 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 7617 return idx;
7618}
a0c90bb0
IP		 7619
7620
7621/*
7622 * Find the operating frequencies of any of the virtual interfaces that
7623 * are using the same radio as the current interface.
7624 */
7625int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7626 int *freq_array, unsigned int len)
7627{
7628 struct wpa_used_freq_data *freqs_data;
7629 int num, i;
7630
7631 os_memset(freq_array, 0, sizeof(int) * len);
7632
7633 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7634 if (!freqs_data)
7635 return -1;
7636
7637 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7638 for (i = 0; i < num; i++)
7639 freq_array[i] = freqs_data[i].freq;
7640
7641 os_free(freqs_data);
7642
7643 return num;
7644}
b361d580
AK		 7645
7646
af041f99
AA		 7647struct wpa_supplicant *
7648wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7649{
7650 switch (frame) {
7651#ifdef CONFIG_P2P
7652 case VENDOR_ELEM_PROBE_REQ_P2P:
7653 case VENDOR_ELEM_PROBE_RESP_P2P:
7654 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7655 case VENDOR_ELEM_BEACON_P2P_GO:
7656 case VENDOR_ELEM_P2P_PD_REQ:
7657 case VENDOR_ELEM_P2P_PD_RESP:
7658 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7659 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7660 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7661 case VENDOR_ELEM_P2P_INV_REQ:
7662 case VENDOR_ELEM_P2P_INV_RESP:
7663 case VENDOR_ELEM_P2P_ASSOC_REQ:
7664 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 7665 return wpa_s->p2pdev;
af041f99
AA		 7666#endif /* CONFIG_P2P */
7667 default:
7668 return wpa_s;
7669 }
7670}
7671
7672
7673void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7674{
7675 unsigned int i;
7676 char buf[30];
7677
7678 wpa_printf(MSG_DEBUG, "Update vendor elements");
7679
7680 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7681 if (wpa_s->vendor_elem[i]) {
7682 int res;
7683
7684 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7685 if (!os_snprintf_error(sizeof(buf), res)) {
7686 wpa_hexdump_buf(MSG_DEBUG, buf,
7687 wpa_s->vendor_elem[i]);
7688 }
7689 }
7690 }
7691
7692#ifdef CONFIG_P2P
7693 if (wpa_s->parent == wpa_s &&
7694 wpa_s->global->p2p &&
7695 !wpa_s->global->p2p_disabled)
7696 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7697#endif /* CONFIG_P2P */
7698}
7699
7700
7701int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7702 const u8 *elem, size_t len)
7703{
7704 u8 *ie, *end;
7705
7706 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7707 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7708
7709 for (; ie + 1 < end; ie += 2 + ie[1]) {
7710 if (ie + len > end)
7711 break;
7712 if (os_memcmp(ie, elem, len) != 0)
7713 continue;
7714
7715 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7716 wpabuf_free(wpa_s->vendor_elem[frame]);
7717 wpa_s->vendor_elem[frame] = NULL;
7718 } else {
7719 os_memmove(ie, ie + len, end - (ie + len));
7720 wpa_s->vendor_elem[frame]->used -= len;
7721 }
7722 wpas_vendor_elem_update(wpa_s);
7723 return 0;
7724 }
7725
7726 return -1;
7727}
ea69d973
AS		 7728
7729
7730struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
d0e116f6
VK		 7731 u16 num_modes, enum hostapd_hw_mode mode,
7732 int is_6ghz)
ea69d973
AS		 7733{
7734 u16 i;
7735
7736 for (i = 0; i < num_modes; i++) {
d0e116f6
VK		 7737 if (modes[i].mode != mode ||
7738 !modes[i].num_channels || !modes[i].channels)
7739 continue;
7740 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
7741 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
ea69d973
AS		 7742 return &modes[i];
7743 }
7744
7745 return NULL;
7746}
dd599908
AS		 7747
7748
7749static struct
7750wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7751 const u8 *bssid)
7752{
7753 struct wpa_bss_tmp_disallowed *bss;
7754
7755 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7756 struct wpa_bss_tmp_disallowed, list) {
7757 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7758 return bss;
7759 }
7760
7761 return NULL;
7762}
7763
7764
b04854ce
AP		 7765static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7766{
7767 struct wpa_bss_tmp_disallowed *tmp;
7768 unsigned int num_bssid = 0;
7769 u8 *bssids;
7770 int ret;
7771
7772 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7773 if (!bssids)
7774 return -1;
7775 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7776 struct wpa_bss_tmp_disallowed, list) {
7777 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7778 ETH_ALEN);
7779 num_bssid++;
7780 }
7781 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7782 os_free(bssids);
7783 return ret;
7784}
7785
7786
7787static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7788{
7789 struct wpa_supplicant *wpa_s = eloop_ctx;
7790 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7791
7792 /* Make sure the bss is not already freed */
7793 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7794 struct wpa_bss_tmp_disallowed, list) {
7795 if (bss == tmp) {
7796 dl_list_del(&tmp->list);
7797 os_free(tmp);
7798 wpa_set_driver_tmp_disallow_list(wpa_s);
7799 break;
7800 }
7801 }
7802}
7803
7804
dd599908 7805void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
19677b77 7806 unsigned int sec, int rssi_threshold)
dd599908
AS		 7807{
7808 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7809
7810 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7811 if (bss) {
b04854ce 7812 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
19677b77 7813 goto finish;
dd599908
AS		 7814 }
7815
7816 bss = os_malloc(sizeof(*bss));
7817 if (!bss) {
7818 wpa_printf(MSG_DEBUG,
7819 "Failed to allocate memory for temp disallow BSS");
7820 return;
7821 }
7822
dd599908
AS		 7823 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7824 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce 7825 wpa_set_driver_tmp_disallow_list(wpa_s);
19677b77
BL		 7826
7827finish:
7828 bss->rssi_threshold = rssi_threshold;
b04854ce
AP		 7829 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7830 wpa_s, bss);
dd599908
AS		 7831}
7832
7833
19677b77
BL		 7834int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7835 struct wpa_bss *bss)
dd599908 7836{
19677b77 7837 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
dd599908 7838
d010048c
JM		 7839 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7840 struct wpa_bss_tmp_disallowed, list) {
19677b77
BL		 7841 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7842 disallowed = tmp;
d010048c
JM		 7843 break;
7844 }
7845 }
19677b77
BL		 7846 if (!disallowed)
7847 return 0;
7848
7849 if (disallowed->rssi_threshold != 0 &&
7850 bss->level > disallowed->rssi_threshold)
dd599908
AS		 7851 return 0;
7852
d010048c 7853 return 1;
dd599908 7854}
91b6eba7
EC		 7855
7856
7857int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7858 unsigned int type, const u8 *addr,
7859 const u8 *mask)
7860{
7861 if ((addr && !mask) || (!addr && mask)) {
7862 wpa_printf(MSG_INFO,
7863 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7864 return -1;
7865 }
7866
7867 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7868 wpa_printf(MSG_INFO,
7869 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7870 return -1;
7871 }
7872
7873 if (type & MAC_ADDR_RAND_SCAN) {
7874 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7875 addr, mask))
7876 return -1;
7877 }
7878
7879 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7880 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7881 addr, mask))
7882 return -1;
7883
7884 if (wpa_s->sched_scanning && !wpa_s->pno)
7885 wpas_scan_restart_sched_scan(wpa_s);
7886 }
7887
7888 if (type & MAC_ADDR_RAND_PNO) {
7889 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7890 addr, mask))
7891 return -1;
7892
7893 if (wpa_s->pno) {
7894 wpas_stop_pno(wpa_s);
7895 wpas_start_pno(wpa_s);
7896 }
7897 }
7898
7899 return 0;
7900}
7901
7902
7903int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7904 unsigned int type)
7905{
7906 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7907 if (wpa_s->pno) {
7908 if (type & MAC_ADDR_RAND_PNO) {
7909 wpas_stop_pno(wpa_s);
7910 wpas_start_pno(wpa_s);
7911 }
7912 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7913 wpas_scan_restart_sched_scan(wpa_s);
7914 }
7915
7916 return 0;
7917}
6c570193
JM		 7918
7919
7920int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
7921 struct wpa_signal_info *si)
7922{
7923 int res;
7924
7925 if (!wpa_s->driver->signal_poll)
7926 return -1;
7927
7928 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
7929
7930#ifdef CONFIG_TESTING_OPTIONS
7931 if (res == 0) {
7932 struct driver_signal_override *dso;
7933
7934 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7935 struct driver_signal_override, list) {
7936 if (os_memcmp(wpa_s->bssid, dso->bssid,
7937 ETH_ALEN) != 0)
7938 continue;
7939 wpa_printf(MSG_DEBUG,
7940 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
7941 si->current_signal,
7942 dso->si_current_signal,
7943 si->avg_signal,
7944 dso->si_avg_signal,
7945 si->avg_beacon_signal,
7946 dso->si_avg_beacon_signal,
7947 si->current_noise,
7948 dso->si_current_noise);
7949 si->current_signal = dso->si_current_signal;
7950 si->avg_signal = dso->si_avg_signal;
7951 si->avg_beacon_signal = dso->si_avg_beacon_signal;
7952 si->current_noise = dso->si_current_noise;
7953 break;
7954 }
7955 }
7956#endif /* CONFIG_TESTING_OPTIONS */
7957
7958 return res;
7959}
7960
7961
7962struct wpa_scan_results *
7963wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
7964{
7965 struct wpa_scan_results *scan_res;
7966#ifdef CONFIG_TESTING_OPTIONS
7967 size_t idx;
7968#endif /* CONFIG_TESTING_OPTIONS */
7969
7970 if (!wpa_s->driver->get_scan_results2)
7971 return NULL;
7972
7973 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
7974
7975#ifdef CONFIG_TESTING_OPTIONS
7976 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
7977 struct driver_signal_override *dso;
7978 struct wpa_scan_res *res = scan_res->res[idx];
7979
7980 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7981 struct driver_signal_override, list) {
7982 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
7983 continue;
7984 wpa_printf(MSG_DEBUG,
7985 "Override driver scan signal level %d->%d for "
7986 MACSTR,
7987 res->level, dso->scan_level,
7988 MAC2STR(res->bssid));
7989 res->flags |= WPA_SCAN_QUAL_INVALID;
7990 if (dso->scan_level < 0)
7991 res->flags |= WPA_SCAN_LEVEL_DBM;
7992 else
7993 res->flags &= ~WPA_SCAN_LEVEL_DBM;
7994 res->level = dso->scan_level;
7995 break;
7996 }
7997 }
7998#endif /* CONFIG_TESTING_OPTIONS */
7999
8000 return scan_res;
8001}
Unnamed repository; edit this file 'description' to name the repository.