]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Share the same enum for MFP configuration
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
6f78f2fb 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
6fc6879b
JM		 4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19#include "includes.h"
20
21#include "common.h"
22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
3ec97afe 24#include "eap_server/eap_methods.h"
3acb5005 25#include "rsn_supp/wpa.h"
6fc6879b 26#include "eloop.h"
6fc6879b
JM		 27#include "config.h"
28#include "l2_packet/l2_packet.h"
29#include "wpa_supplicant_i.h"
2d5b792d 30#include "driver_i.h"
6fc6879b 31#include "ctrl_iface.h"
6fc6879b 32#include "pcsc_funcs.h"
90973fb2 33#include "common/version.h"
3acb5005
JM		 34#include "rsn_supp/preauth.h"
35#include "rsn_supp/pmksa_cache.h"
90973fb2 36#include "common/wpa_ctrl.h"
6fc6879b 37#include "mlme.h"
90973fb2 38#include "common/ieee802_11_defs.h"
6fc6879b
JM		 39#include "blacklist.h"
40#include "wpas_glue.h"
116654ce 41#include "wps_supplicant.h"
11ef8d35 42#include "ibss_rsn.h"
c2a04078 43#include "sme.h"
1f1b62a0 44#include "ap.h"
8bac466b 45#include "notify.h"
60b94c98 46#include "bgscan.h"
83922c2d 47#include "bss.h"
9ba9fa07 48#include "scan.h"
6fc6879b
JM		 49
50const char *wpa_supplicant_version =
51"wpa_supplicant v" VERSION_STR "\n"
6f78f2fb 52"Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b
JM		 53
54const char *wpa_supplicant_license =
55"This program is free software. You can distribute it and/or modify it\n"
56"under the terms of the GNU General Public License version 2.\n"
57"\n"
58"Alternatively, this software may be distributed under the terms of the\n"
59"BSD license. See README and COPYING for more details.\n"
60#ifdef EAP_TLS_OPENSSL
61"\nThis product includes software developed by the OpenSSL Project\n"
62"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63#endif /* EAP_TLS_OPENSSL */
64;
65
66#ifndef CONFIG_NO_STDOUT_DEBUG
67/* Long text divided into parts in order to fit in C89 strings size limits. */
68const char *wpa_supplicant_full_license1 =
69"This program is free software; you can redistribute it and/or modify\n"
70"it under the terms of the GNU General Public License version 2 as\n"
71"published by the Free Software Foundation.\n"
72"\n"
73"This program is distributed in the hope that it will be useful,\n"
74"but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
75"MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
76"GNU General Public License for more details.\n"
77"\n";
78const char *wpa_supplicant_full_license2 =
79"You should have received a copy of the GNU General Public License\n"
80"along with this program; if not, write to the Free Software\n"
81"Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
82"\n"
83"Alternatively, this software may be distributed under the terms of the\n"
84"BSD license.\n"
85"\n"
86"Redistribution and use in source and binary forms, with or without\n"
87"modification, are permitted provided that the following conditions are\n"
88"met:\n"
89"\n";
90const char *wpa_supplicant_full_license3 =
91"1. Redistributions of source code must retain the above copyright\n"
92" notice, this list of conditions and the following disclaimer.\n"
93"\n"
94"2. Redistributions in binary form must reproduce the above copyright\n"
95" notice, this list of conditions and the following disclaimer in the\n"
96" documentation and/or other materials provided with the distribution.\n"
97"\n";
98const char *wpa_supplicant_full_license4 =
99"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
100" names of its contributors may be used to endorse or promote products\n"
101" derived from this software without specific prior written permission.\n"
102"\n"
103"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
104"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
105"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
106"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
107const char *wpa_supplicant_full_license5 =
108"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
109"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
110"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
111"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
112"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
113"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
114"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
115"\n";
116#endif /* CONFIG_NO_STDOUT_DEBUG */
117
6fc6879b
JM		 118extern int wpa_debug_level;
119extern int wpa_debug_show_keys;
120extern int wpa_debug_timestamp;
c5121837 121extern struct wpa_driver_ops *wpa_drivers[];
6fc6879b
JM		 122
123/* Configure default/group WEP keys for static WEP */
0194fedb 124int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 125{
126 int i, set = 0;
127
128 for (i = 0; i < NUM_WEP_KEYS; i++) {
129 if (ssid->wep_key_len[i] == 0)
130 continue;
131
132 set = 1;
133 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
134 (u8 *) "\xff\xff\xff\xff\xff\xff",
135 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
136 ssid->wep_key[i], ssid->wep_key_len[i]);
137 }
138
139 return set;
140}
141
142
143static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
144 struct wpa_ssid *ssid)
145{
146 u8 key[32];
147 size_t keylen;
71934751 148 enum wpa_alg alg;
6fc6879b
JM		 149 u8 seq[6] = { 0 };
150
151 /* IBSS/WPA-None uses only one key (Group) for both receiving and
152 * sending unicast and multicast packets. */
153
d7dcba70 154 if (ssid->mode != WPAS_MODE_IBSS) {
6fc6879b
JM		 155 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
156 "for WPA-None", ssid->mode);
157 return -1;
158 }
159
160 if (!ssid->psk_set) {
161 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
162 return -1;
163 }
164
165 switch (wpa_s->group_cipher) {
166 case WPA_CIPHER_CCMP:
167 os_memcpy(key, ssid->psk, 16);
168 keylen = 16;
169 alg = WPA_ALG_CCMP;
170 break;
171 case WPA_CIPHER_TKIP:
172 /* WPA-None uses the same Michael MIC key for both TX and RX */
173 os_memcpy(key, ssid->psk, 16 + 8);
174 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
175 keylen = 32;
176 alg = WPA_ALG_TKIP;
177 break;
178 default:
179 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
180 "WPA-None", wpa_s->group_cipher);
181 return -1;
182 }
183
184 /* TODO: should actually remember the previously used seq#, both for TX
185 * and RX from each STA.. */
186
187 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
188 0, 1, seq, 6, key, keylen);
189}
190
191
192static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
193{
194 struct wpa_supplicant *wpa_s = eloop_ctx;
195 const u8 *bssid = wpa_s->bssid;
a8e16edc 196 if (is_zero_ether_addr(bssid))
6fc6879b
JM		 197 bssid = wpa_s->pending_bssid;
198 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
199 MAC2STR(bssid));
200 wpa_blacklist_add(wpa_s, bssid);
201 wpa_sm_notify_disassoc(wpa_s->wpa);
202 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
203 wpa_s->reassociate = 1;
204 wpa_supplicant_req_scan(wpa_s, 0, 0);
205}
206
207
208/**
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
213 *
214 * This function is used to schedule a timeout for the current authentication
215 * attempt.
216 */
217void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
218 int sec, int usec)
219{
c2a04078
JM		 220 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 222 return;
223
224 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228}
229
230
231/**
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
234 *
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
237 * been completed.
238 */
239void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
240{
241 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244}
245
246
247/**
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
253 */
254void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
255{
256#ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
259
53895c3b 260#ifdef CONFIG_IBSS_RSN
d7dcba70 261 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
264 /*
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
267 */
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 return;
272 }
273#endif /* CONFIG_IBSS_RSN */
274
0a40ec6a
JM		 275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277
6fc6879b
JM		 278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
281 else
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
283
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
290 }
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
294 }
295
c2a04078 296 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b 297 eapol_conf.required_keys = 0;
6fc6879b
JM		 298 }
299 if (wpa_s->conf)
300 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
301 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 302 eapol_conf.eap_disabled =
303 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 304 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
305 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
6fc6879b
JM		 306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307#endif /* IEEE8021X_EAPOL */
308}
309
310
311/**
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
315 *
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
319 */
320void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
322{
323 int i;
324
ad08c363
JM		 325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
329 else
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
337
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
342 break;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 break;
347 }
348 }
349
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355#ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358#endif /* CONFIG_IEEE80211W */
359
360 pmksa_cache_clear_current(wpa_s->wpa);
361}
362
363
364static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
365{
60b94c98 366 bgscan_deinit(wpa_s);
6fc6879b
JM		 367 scard_deinit(wpa_s->scard);
368 wpa_s->scard = NULL;
369 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
370 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
371 l2_packet_deinit(wpa_s->l2);
372 wpa_s->l2 = NULL;
373 if (wpa_s->l2_br) {
374 l2_packet_deinit(wpa_s->l2_br);
375 wpa_s->l2_br = NULL;
376 }
377
378 if (wpa_s->ctrl_iface) {
379 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
380 wpa_s->ctrl_iface = NULL;
381 }
382 if (wpa_s->conf != NULL) {
8e56d189
JM		 383 struct wpa_ssid *ssid;
384 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
385 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 386 wpa_config_free(wpa_s->conf);
387 wpa_s->conf = NULL;
388 }
389
390 os_free(wpa_s->confname);
391 wpa_s->confname = NULL;
392
393 wpa_sm_set_eapol(wpa_s->wpa, NULL);
394 eapol_sm_deinit(wpa_s->eapol);
395 wpa_s->eapol = NULL;
396
397 rsn_preauth_deinit(wpa_s->wpa);
398
399 pmksa_candidate_free(wpa_s->wpa);
400 wpa_sm_deinit(wpa_s->wpa);
401 wpa_s->wpa = NULL;
402 wpa_blacklist_clear(wpa_s);
403
83922c2d 404 wpa_bss_deinit(wpa_s);
6fc6879b
JM		 405
406 wpa_supplicant_cancel_scan(wpa_s);
407 wpa_supplicant_cancel_auth_timeout(wpa_s);
408
409 ieee80211_sta_deinit(wpa_s);
116654ce
JM		 410
411 wpas_wps_deinit(wpa_s);
11ef8d35 412
1ff73338
JM		 413 wpabuf_free(wpa_s->pending_eapol_rx);
414 wpa_s->pending_eapol_rx = NULL;
415
11ef8d35
JM		 416#ifdef CONFIG_IBSS_RSN
417 ibss_rsn_deinit(wpa_s->ibss_rsn);
418 wpa_s->ibss_rsn = NULL;
419#endif /* CONFIG_IBSS_RSN */
c2a04078
JM		 420
421#ifdef CONFIG_SME
422 os_free(wpa_s->sme.ft_ies);
423 wpa_s->sme.ft_ies = NULL;
424 wpa_s->sme.ft_ies_len = 0;
425#endif /* CONFIG_SME */
2d5b792d
JM		 426
427#ifdef CONFIG_AP
428 wpa_supplicant_ap_deinit(wpa_s);
429#endif /* CONFIG_AP */
6fc6879b
JM		 430}
431
432
433/**
434 * wpa_clear_keys - Clear keys configured for the driver
435 * @wpa_s: Pointer to wpa_supplicant data
436 * @addr: Previously used BSSID or %NULL if not available
437 *
438 * This function clears the encryption keys that has been previously configured
439 * for the driver.
440 */
441void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
442{
443 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
444
445 if (wpa_s->keys_cleared) {
446 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
447 * timing issues with keys being cleared just before new keys
448 * are set or just after association or something similar. This
449 * shows up in group key handshake failing often because of the
450 * client not receiving the first encrypted packets correctly.
451 * Skipping some of the extra key clearing steps seems to help
452 * in completing group key handshake more reliably. */
453 wpa_printf(MSG_DEBUG, "No keys have been configured - "
454 "skip key clearing");
455 return;
456 }
457
458 /* MLME-DELETEKEYS.request */
459 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
460 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
461 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
462 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
0e27f655
MH		 463#ifdef CONFIG_IEEE80211W
464 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
465 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
466#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 467 if (addr) {
468 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
469 0);
470 /* MLME-SETPROTECTION.request(None) */
471 wpa_drv_mlme_setprotection(
472 wpa_s, addr,
473 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
474 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
475 }
476 wpa_s->keys_cleared = 1;
477}
478
479
480/**
481 * wpa_supplicant_state_txt - Get the connection state name as a text string
482 * @state: State (wpa_state; WPA_*)
483 * Returns: The state name as a printable text string
484 */
71934751 485const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 486{
487 switch (state) {
488 case WPA_DISCONNECTED:
489 return "DISCONNECTED";
490 case WPA_INACTIVE:
491 return "INACTIVE";
492 case WPA_SCANNING:
493 return "SCANNING";
c2a04078
JM		 494 case WPA_AUTHENTICATING:
495 return "AUTHENTICATING";
6fc6879b
JM		 496 case WPA_ASSOCIATING:
497 return "ASSOCIATING";
498 case WPA_ASSOCIATED:
499 return "ASSOCIATED";
500 case WPA_4WAY_HANDSHAKE:
501 return "4WAY_HANDSHAKE";
502 case WPA_GROUP_HANDSHAKE:
503 return "GROUP_HANDSHAKE";
504 case WPA_COMPLETED:
505 return "COMPLETED";
506 default:
507 return "UNKNOWN";
508 }
509}
510
511
512/**
513 * wpa_supplicant_set_state - Set current connection state
514 * @wpa_s: Pointer to wpa_supplicant data
515 * @state: The new connection state
516 *
517 * This function is called whenever the connection state changes, e.g.,
518 * association is completed for WPA/WPA2 4-Way Handshake is started.
519 */
71934751
JM		 520void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
521 enum wpa_states state)
6fc6879b
JM		 522{
523 wpa_printf(MSG_DEBUG, "State: %s -> %s",
524 wpa_supplicant_state_txt(wpa_s->wpa_state),
525 wpa_supplicant_state_txt(state));
526
cb8564b1
DW		 527 if (state != WPA_SCANNING)
528 wpa_supplicant_notify_scanning(wpa_s, 0);
529
8bac466b 530 wpas_notify_state_changed(wpa_s, state, wpa_s->wpa_state);
6fc6879b
JM		 531
532 if (state == WPA_COMPLETED && wpa_s->new_connection) {
533#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
534 struct wpa_ssid *ssid = wpa_s->current_ssid;
535 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
536 MACSTR " completed %s [id=%d id_str=%s]",
537 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
538 "(reauth)" : "(auth)",
539 ssid ? ssid->id : -1,
540 ssid && ssid->id_str ? ssid->id_str : "");
541#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
542 wpa_s->new_connection = 0;
543 wpa_s->reassociated_connection = 1;
544 wpa_drv_set_operstate(wpa_s, 1);
545 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
546 state == WPA_ASSOCIATED) {
547 wpa_s->new_connection = 1;
548 wpa_drv_set_operstate(wpa_s, 0);
549 }
550 wpa_s->wpa_state = state;
551}
552
553
1a1bf008
JM		 554void wpa_supplicant_terminate_proc(struct wpa_global *global)
555{
556 int pending = 0;
557#ifdef CONFIG_WPS
558 struct wpa_supplicant *wpa_s = global->ifaces;
559 while (wpa_s) {
560 if (wpas_wps_terminate_pending(wpa_s) == 1)
561 pending = 1;
562 wpa_s = wpa_s->next;
563 }
564#endif /* CONFIG_WPS */
565 if (pending)
566 return;
567 eloop_terminate();
568}
569
570
0456ea16 571static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 572{
0456ea16 573 struct wpa_global *global = signal_ctx;
6fc6879b
JM		 574 struct wpa_supplicant *wpa_s;
575 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
576 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
577 "received", sig);
578 }
1a1bf008 579 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 580}
581
582
583static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
584{
71934751 585 enum wpa_states old_state = wpa_s->wpa_state;
6fc6879b
JM		 586 wpa_s->pairwise_cipher = 0;
587 wpa_s->group_cipher = 0;
588 wpa_s->mgmt_group_cipher = 0;
589 wpa_s->key_mgmt = 0;
590 wpa_s->wpa_state = WPA_DISCONNECTED;
8bac466b 591 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 592}
593
594
595/**
596 * wpa_supplicant_reload_configuration - Reload configuration data
597 * @wpa_s: Pointer to wpa_supplicant data
598 * Returns: 0 on success or -1 if configuration parsing failed
599 *
600 * This function can be used to request that the configuration data is reloaded
601 * (e.g., after configuration file change). This function is reloading
602 * configuration only for one interface, so this may need to be called multiple
603 * times if %wpa_supplicant is controlling multiple interfaces and all
604 * interfaces need reconfiguration.
605 */
606int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
607{
608 struct wpa_config *conf;
8bac466b 609 struct wpa_ssid *old_ssid;
6fc6879b 610 int reconf_ctrl;
8bac466b
JM		 611 int old_ap_scan;
612
6fc6879b
JM		 613 if (wpa_s->confname == NULL)
614 return -1;
615 conf = wpa_config_read(wpa_s->confname);
616 if (conf == NULL) {
617 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
618 "file '%s' - exiting", wpa_s->confname);
619 return -1;
620 }
621
622 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
623 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
624 os_strcmp(conf->ctrl_interface,
625 wpa_s->conf->ctrl_interface) != 0);
626
627 if (reconf_ctrl && wpa_s->ctrl_iface) {
628 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
629 wpa_s->ctrl_iface = NULL;
630 }
631
632 eapol_sm_invalidate_cached_session(wpa_s->eapol);
8bac466b 633 old_ssid = wpa_s->current_ssid;
6fc6879b 634 wpa_s->current_ssid = NULL;
8bac466b
JM		 635 if (old_ssid != wpa_s->current_ssid)
636 wpas_notify_network_changed(wpa_s);
637
6fc6879b
JM		 638 /*
639 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
640 * pkcs11_engine_path, pkcs11_module_path.
641 */
56586197 642 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
6fc6879b
JM		 643 /*
644 * Clear forced success to clear EAP state for next
645 * authentication.
646 */
647 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
648 }
649 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
650 wpa_sm_set_config(wpa_s->wpa, NULL);
651 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
652 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 653
654 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 655 wpa_config_free(wpa_s->conf);
656 wpa_s->conf = conf;
8bac466b
JM		 657 if (old_ap_scan != wpa_s->conf->ap_scan)
658 wpas_notify_ap_scan_changed(wpa_s);
659
6fc6879b
JM		 660 if (reconf_ctrl)
661 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
662
663 wpa_supplicant_clear_status(wpa_s);
664 wpa_s->reassociate = 1;
665 wpa_supplicant_req_scan(wpa_s, 0, 0);
666 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
667 return 0;
668}
669
670
0456ea16 671static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 672{
0456ea16 673 struct wpa_global *global = signal_ctx;
6fc6879b
JM		 674 struct wpa_supplicant *wpa_s;
675 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
676 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
677 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 678 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 679 }
680 }
681}
682
683
71934751 684static enum wpa_cipher cipher_suite2driver(int cipher)
6fc6879b
JM		 685{
686 switch (cipher) {
687 case WPA_CIPHER_NONE:
688 return CIPHER_NONE;
689 case WPA_CIPHER_WEP40:
690 return CIPHER_WEP40;
691 case WPA_CIPHER_WEP104:
692 return CIPHER_WEP104;
693 case WPA_CIPHER_CCMP:
694 return CIPHER_CCMP;
695 case WPA_CIPHER_TKIP:
696 default:
697 return CIPHER_TKIP;
698 }
699}
700
701
71934751 702static enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
6fc6879b
JM		 703{
704 switch (key_mgmt) {
705 case WPA_KEY_MGMT_NONE:
706 return KEY_MGMT_NONE;
707 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
708 return KEY_MGMT_802_1X_NO_WPA;
709 case WPA_KEY_MGMT_IEEE8021X:
710 return KEY_MGMT_802_1X;
711 case WPA_KEY_MGMT_WPA_NONE:
712 return KEY_MGMT_WPA_NONE;
713 case WPA_KEY_MGMT_FT_IEEE8021X:
714 return KEY_MGMT_FT_802_1X;
715 case WPA_KEY_MGMT_FT_PSK:
716 return KEY_MGMT_FT_PSK;
56586197
JM		 717 case WPA_KEY_MGMT_IEEE8021X_SHA256:
718 return KEY_MGMT_802_1X_SHA256;
719 case WPA_KEY_MGMT_PSK_SHA256:
720 return KEY_MGMT_PSK_SHA256;
ad08c363
JM		 721 case WPA_KEY_MGMT_WPS:
722 return KEY_MGMT_WPS;
6fc6879b
JM		 723 case WPA_KEY_MGMT_PSK:
724 default:
725 return KEY_MGMT_PSK;
726 }
727}
728
729
730static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
731 struct wpa_ssid *ssid,
732 struct wpa_ie_data *ie)
733{
734 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
735 if (ret) {
736 if (ret == -2) {
737 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
738 "from association info");
739 }
740 return -1;
741 }
742
743 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
744 "suites");
745 if (!(ie->group_cipher & ssid->group_cipher)) {
746 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
747 "cipher 0x%x (mask 0x%x) - reject",
748 ie->group_cipher, ssid->group_cipher);
749 return -1;
750 }
751 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
752 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
753 "cipher 0x%x (mask 0x%x) - reject",
754 ie->pairwise_cipher, ssid->pairwise_cipher);
755 return -1;
756 }
757 if (!(ie->key_mgmt & ssid->key_mgmt)) {
758 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
759 "management 0x%x (mask 0x%x) - reject",
760 ie->key_mgmt, ssid->key_mgmt);
761 return -1;
762 }
763
764#ifdef CONFIG_IEEE80211W
0b60b0aa 765 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
70f8cc8e 766 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 767 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
768 "that does not support management frame protection - "
769 "reject");
770 return -1;
771 }
772#endif /* CONFIG_IEEE80211W */
773
774 return 0;
775}
776
777
778/**
779 * wpa_supplicant_set_suites - Set authentication and encryption parameters
780 * @wpa_s: Pointer to wpa_supplicant data
781 * @bss: Scan results for the selected BSS, or %NULL if not available
782 * @ssid: Configuration data for the selected network
783 * @wpa_ie: Buffer for the WPA/RSN IE
784 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
785 * used buffer length in case the functions returns success.
786 * Returns: 0 on success or -1 on failure
787 *
788 * This function is used to configure authentication and encryption parameters
789 * based on the network configuration and scan result for the selected BSS (if
790 * available).
791 */
792int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 793 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 794 u8 *wpa_ie, size_t *wpa_ie_len)
795{
796 struct wpa_ie_data ie;
797 int sel, proto;
798 const u8 *bss_wpa, *bss_rsn;
799
800 if (bss) {
6fa81a3b
JM		 801 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
802 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
6fc6879b
JM		 803 } else
804 bss_wpa = bss_rsn = NULL;
805
806 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
807 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
808 (ie.group_cipher & ssid->group_cipher) &&
809 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
810 (ie.key_mgmt & ssid->key_mgmt)) {
811 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
812 proto = WPA_PROTO_RSN;
813 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
814 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
815 (ie.group_cipher & ssid->group_cipher) &&
816 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
817 (ie.key_mgmt & ssid->key_mgmt)) {
818 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
819 proto = WPA_PROTO_WPA;
820 } else if (bss) {
821 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
822 return -1;
823 } else {
824 if (ssid->proto & WPA_PROTO_RSN)
825 proto = WPA_PROTO_RSN;
826 else
827 proto = WPA_PROTO_WPA;
828 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
829 os_memset(&ie, 0, sizeof(ie));
830 ie.group_cipher = ssid->group_cipher;
831 ie.pairwise_cipher = ssid->pairwise_cipher;
832 ie.key_mgmt = ssid->key_mgmt;
833#ifdef CONFIG_IEEE80211W
834 ie.mgmt_group_cipher =
70f8cc8e 835 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
6fc6879b
JM		 836 WPA_CIPHER_AES_128_CMAC : 0;
837#endif /* CONFIG_IEEE80211W */
838 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
839 "on configuration");
840 } else
841 proto = ie.proto;
842 }
843
844 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
845 "pairwise %d key_mgmt %d proto %d",
846 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
847#ifdef CONFIG_IEEE80211W
848 if (ssid->ieee80211w) {
849 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
850 ie.mgmt_group_cipher);
851 }
852#endif /* CONFIG_IEEE80211W */
853
854 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
855 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
856 !!(ssid->proto & WPA_PROTO_RSN));
857
858 if (bss || !wpa_s->ap_ies_from_associnfo) {
859 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
860 bss_wpa ? 2 + bss_wpa[1] : 0) ||
861 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
862 bss_rsn ? 2 + bss_rsn[1] : 0))
863 return -1;
864 }
865
866 sel = ie.group_cipher & ssid->group_cipher;
867 if (sel & WPA_CIPHER_CCMP) {
868 wpa_s->group_cipher = WPA_CIPHER_CCMP;
869 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
870 } else if (sel & WPA_CIPHER_TKIP) {
871 wpa_s->group_cipher = WPA_CIPHER_TKIP;
872 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
873 } else if (sel & WPA_CIPHER_WEP104) {
874 wpa_s->group_cipher = WPA_CIPHER_WEP104;
875 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
876 } else if (sel & WPA_CIPHER_WEP40) {
877 wpa_s->group_cipher = WPA_CIPHER_WEP40;
878 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
879 } else {
880 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
881 return -1;
882 }
883
884 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
885 if (sel & WPA_CIPHER_CCMP) {
886 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
887 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
888 } else if (sel & WPA_CIPHER_TKIP) {
889 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
890 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
891 } else if (sel & WPA_CIPHER_NONE) {
892 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
893 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
894 } else {
895 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
896 "cipher.");
897 return -1;
898 }
899
900 sel = ie.key_mgmt & ssid->key_mgmt;
901 if (0) {
902#ifdef CONFIG_IEEE80211R
903 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
904 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
905 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
906 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
907 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
908 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
909#endif /* CONFIG_IEEE80211R */
56586197
JM		 910#ifdef CONFIG_IEEE80211W
911 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
912 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
913 wpa_msg(wpa_s, MSG_DEBUG,
914 "WPA: using KEY_MGMT 802.1X with SHA256");
915 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
916 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
917 wpa_msg(wpa_s, MSG_DEBUG,
918 "WPA: using KEY_MGMT PSK with SHA256");
919#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 920 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
921 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
922 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
923 } else if (sel & WPA_KEY_MGMT_PSK) {
924 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
925 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
926 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
927 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
928 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
929 } else {
930 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
931 "key management type.");
932 return -1;
933 }
934
935 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
936 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
937 wpa_s->pairwise_cipher);
938 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
939
940#ifdef CONFIG_IEEE80211W
941 sel = ie.mgmt_group_cipher;
70f8cc8e 942 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 943 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 944 sel = 0;
945 if (sel & WPA_CIPHER_AES_128_CMAC) {
946 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
947 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
948 "AES-128-CMAC");
949 } else {
950 wpa_s->mgmt_group_cipher = 0;
951 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
952 }
953 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
954 wpa_s->mgmt_group_cipher);
955#endif /* CONFIG_IEEE80211W */
956
957 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
958 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
959 return -1;
960 }
961
56586197
JM		 962 if (ssid->key_mgmt &
963 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
6fc6879b
JM		 964 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
965 else
966 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
967
968 return 0;
969}
970
971
972/**
973 * wpa_supplicant_associate - Request association
974 * @wpa_s: Pointer to wpa_supplicant data
975 * @bss: Scan results for the selected BSS, or %NULL if not available
976 * @ssid: Configuration data for the selected network
977 *
978 * This function is used to request %wpa_supplicant to associate with a BSS.
979 */
980void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 981 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b
JM		 982{
983 u8 wpa_ie[80];
984 size_t wpa_ie_len;
8bac466b 985 int use_crypt, ret, i, bssid_changed;
6fc6879b 986 int algs = AUTH_ALG_OPEN_SYSTEM;
71934751 987 enum wpa_cipher cipher_pairwise, cipher_group;
6fc6879b
JM		 988 struct wpa_driver_associate_params params;
989 int wep_keys_set = 0;
990 struct wpa_driver_capa capa;
991 int assoc_failed = 0;
8bac466b 992 struct wpa_ssid *old_ssid;
6fc6879b 993
d7dcba70 994 if (ssid->mode == WPAS_MODE_AP) {
1581b38b
JM		 995#ifdef CONFIG_AP
996 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
997 wpa_printf(MSG_INFO, "Driver does not support AP "
998 "mode");
999 return;
1000 }
1001 wpa_supplicant_create_ap(wpa_s, ssid);
8f770587 1002 wpa_s->current_bss = bss;
1581b38b
JM		 1003#else /* CONFIG_AP */
1004 wpa_printf(MSG_ERROR, "AP mode support not included in the "
1005 "build");
1006#endif /* CONFIG_AP */
1007 return;
1008 }
1009
5cc4d64b
JM		 1010 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1011 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1012 sme_authenticate(wpa_s, bss, ssid);
1013 return;
1014 }
1015
6fc6879b
JM		 1016 wpa_s->reassociate = 0;
1017 if (bss) {
1018#ifdef CONFIG_IEEE80211R
6fa81a3b 1019 const u8 *ie, *md = NULL;
6fc6879b 1020#endif /* CONFIG_IEEE80211R */
6fc6879b
JM		 1021 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1022 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
6fa81a3b 1023 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
8bac466b 1024 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
6fc6879b
JM		 1025 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1026 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
8bac466b
JM		 1027 if (bssid_changed)
1028 wpas_notify_bssid_changed(wpa_s);
6fc6879b 1029#ifdef CONFIG_IEEE80211R
6fa81a3b 1030 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
6fc6879b
JM		 1031 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1032 md = ie + 2;
1033 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
91a05482
JM		 1034 if (md) {
1035 /* Prepare for the next transition */
1036 wpa_ft_prepare_auth_request(wpa_s->wpa);
1037 }
6fc6879b 1038#endif /* CONFIG_IEEE80211R */
24c23d1b
JM		 1039#ifdef CONFIG_WPS
1040 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1041 wpa_s->conf->ap_scan == 2 &&
1042 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1043 /* Use ap_scan==1 style network selection to find the network
1044 */
1045 wpa_s->scan_req = 2;
1046 wpa_s->reassociate = 1;
1047 wpa_supplicant_req_scan(wpa_s, 0, 0);
1048 return;
1049#endif /* CONFIG_WPS */
6fc6879b
JM		 1050 } else {
1051 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1052 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1053 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1054 }
1055 wpa_supplicant_cancel_scan(wpa_s);
1056
1057 /* Starting new association, so clear the possibly used WPA IE from the
1058 * previous association. */
1059 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1060
1061#ifdef IEEE8021X_EAPOL
1062 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1063 if (ssid->leap) {
1064 if (ssid->non_leap == 0)
1065 algs = AUTH_ALG_LEAP;
1066 else
1067 algs |= AUTH_ALG_LEAP;
1068 }
1069 }
1070#endif /* IEEE8021X_EAPOL */
1071 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1072 if (ssid->auth_alg) {
1073 algs = 0;
1074 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
1075 algs |= AUTH_ALG_OPEN_SYSTEM;
1076 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
1077 algs |= AUTH_ALG_SHARED_KEY;
1078 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
1079 algs |= AUTH_ALG_LEAP;
1080 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1081 algs);
1082 }
6fc6879b 1083
6fa81a3b
JM		 1084 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1085 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
6fc6879b
JM		 1086 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1087 WPA_KEY_MGMT_FT_IEEE8021X |
56586197
JM		 1088 WPA_KEY_MGMT_FT_PSK |
1089 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1090 WPA_KEY_MGMT_PSK_SHA256))) {
6fc6879b
JM		 1091 int try_opportunistic;
1092 try_opportunistic = ssid->proactive_key_caching &&
1093 (ssid->proto & WPA_PROTO_RSN);
1094 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1095 wpa_s->current_ssid,
1096 try_opportunistic) == 0)
1097 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1098 wpa_ie_len = sizeof(wpa_ie);
1099 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1100 wpa_ie, &wpa_ie_len)) {
1101 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1102 "management and encryption suites");
1103 return;
1104 }
1105 } else if (ssid->key_mgmt &
1106 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1107 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
56586197
JM		 1108 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1109 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
6fc6879b
JM		 1110 wpa_ie_len = sizeof(wpa_ie);
1111 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1112 wpa_ie, &wpa_ie_len)) {
1113 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1114 "management and encryption suites (no scan "
1115 "results)");
1116 return;
1117 }
ad08c363
JM		 1118#ifdef CONFIG_WPS
1119 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 1120 struct wpabuf *wps_ie;
1121 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
ad08c363
JM		 1122 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1123 wpa_ie_len = wpabuf_len(wps_ie);
1124 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 1125 } else
1126 wpa_ie_len = 0;
ad08c363
JM		 1127 wpabuf_free(wps_ie);
1128 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1129#endif /* CONFIG_WPS */
6fc6879b
JM		 1130 } else {
1131 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1132 wpa_ie_len = 0;
1133 }
1134
1135 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1136 use_crypt = 1;
1137 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1138 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1139 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1140 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1141 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1142 use_crypt = 0;
1143 if (wpa_set_wep_keys(wpa_s, ssid)) {
1144 use_crypt = 1;
1145 wep_keys_set = 1;
1146 }
1147 }
ad08c363
JM		 1148 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1149 use_crypt = 0;
6fc6879b
JM		 1150
1151#ifdef IEEE8021X_EAPOL
1152 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1153 if ((ssid->eapol_flags &
1154 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1155 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1156 !wep_keys_set) {
1157 use_crypt = 0;
1158 } else {
1159 /* Assume that dynamic WEP-104 keys will be used and
1160 * set cipher suites in order for drivers to expect
1161 * encryption. */
1162 cipher_pairwise = cipher_group = CIPHER_WEP104;
1163 }
1164 }
1165#endif /* IEEE8021X_EAPOL */
1166
1167 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1168 /* Set the key before (and later after) association */
1169 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1170 }
1171
6fc6879b
JM		 1172 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1173 os_memset(&params, 0, sizeof(params));
1174 if (bss) {
6fc6879b 1175 params.bssid = bss->bssid;
6fa81a3b
JM		 1176 params.ssid = bss->ssid;
1177 params.ssid_len = bss->ssid_len;
6fc6879b
JM		 1178 params.freq = bss->freq;
1179 } else {
1180 params.ssid = ssid->ssid;
1181 params.ssid_len = ssid->ssid_len;
1182 }
d7dcba70
JM		 1183 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1184 params.freq == 0)
6fc6879b
JM		 1185 params.freq = ssid->frequency; /* Initial channel for IBSS */
1186 params.wpa_ie = wpa_ie;
1187 params.wpa_ie_len = wpa_ie_len;
1188 params.pairwise_suite = cipher_pairwise;
1189 params.group_suite = cipher_group;
1190 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1191 params.auth_alg = algs;
1192 params.mode = ssid->mode;
1193 for (i = 0; i < NUM_WEP_KEYS; i++) {
1194 if (ssid->wep_key_len[i])
1195 params.wep_key[i] = ssid->wep_key[i];
1196 params.wep_key_len[i] = ssid->wep_key_len[i];
1197 }
1198 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1199
c2a04078 1200 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
6fc6879b
JM		 1201 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1202 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1203 params.passphrase = ssid->passphrase;
1204 if (ssid->psk_set)
1205 params.psk = ssid->psk;
1206 }
1207
36b15723
JM		 1208 params.drop_unencrypted = use_crypt;
1209
6fc6879b 1210#ifdef CONFIG_IEEE80211W
70f8cc8e
JM		 1211 params.mgmt_frame_protection = ssid->ieee80211w;
1212 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 1213 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 1214 struct wpa_ie_data ie;
1215 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1216 ie.capabilities &
1217 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1218 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1219 "require MFP");
1220 params.mgmt_frame_protection =
1221 MGMT_FRAME_PROTECTION_REQUIRED;
1222 }
1223 }
6fc6879b
JM		 1224#endif /* CONFIG_IEEE80211W */
1225
c2a04078 1226 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1227 ret = ieee80211_sta_associate(wpa_s, &params);
1228 else
1229 ret = wpa_drv_associate(wpa_s, &params);
1230 if (ret < 0) {
1231 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1232 "failed");
1233 /* try to continue anyway; new association will be tried again
1234 * after timeout */
1235 assoc_failed = 1;
1236 }
1237
1238 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1239 /* Set the key after the association just in case association
1240 * cleared the previously configured key. */
1241 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1242 /* No need to timeout authentication since there is no key
1243 * management. */
1244 wpa_supplicant_cancel_auth_timeout(wpa_s);
1245 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 1246#ifdef CONFIG_IBSS_RSN
d7dcba70 1247 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 1248 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1249 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
b9a2e577 1250 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
53895c3b
JM		 1251 /*
1252 * RSN IBSS authentication is per-STA and we can disable the
1253 * per-BSSID authentication.
1254 */
1255 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 1256#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 1257 } else {
1258 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 1259 int timeout = 60;
1260
1261 if (assoc_failed) {
1262 /* give IBSS a bit more time */
d7dcba70 1263 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 1264 } else if (wpa_s->conf->ap_scan == 1) {
1265 /* give IBSS a bit more time */
d7dcba70 1266 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 1267 }
6fc6879b
JM		 1268 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1269 }
1270
1271 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1272 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1273 /* Set static WEP keys again */
1274 wpa_set_wep_keys(wpa_s, ssid);
1275 }
1276
1277 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1278 /*
1279 * Do not allow EAP session resumption between different
1280 * network configurations.
1281 */
1282 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1283 }
8bac466b 1284 old_ssid = wpa_s->current_ssid;
6fc6879b 1285 wpa_s->current_ssid = ssid;
8f770587 1286 wpa_s->current_bss = bss;
6fc6879b
JM		 1287 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1288 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 1289 if (old_ssid != wpa_s->current_ssid)
1290 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1291}
1292
1293
1294/**
1295 * wpa_supplicant_disassociate - Disassociate the current connection
1296 * @wpa_s: Pointer to wpa_supplicant data
1297 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1298 *
1299 * This function is used to request %wpa_supplicant to disassociate with the
1300 * current AP.
1301 */
1302void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1303 int reason_code)
1304{
8bac466b 1305 struct wpa_ssid *old_ssid;
6fc6879b 1306 u8 *addr = NULL;
8bac466b 1307
a8e16edc 1308 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1309 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1310 ieee80211_sta_disassociate(wpa_s, reason_code);
1311 else
1312 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1313 addr = wpa_s->bssid;
1314 }
1315 wpa_clear_keys(wpa_s, addr);
1316 wpa_supplicant_mark_disassoc(wpa_s);
8bac466b 1317 old_ssid = wpa_s->current_ssid;
6fc6879b 1318 wpa_s->current_ssid = NULL;
8f770587 1319 wpa_s->current_bss = NULL;
6fc6879b
JM		 1320 wpa_sm_set_config(wpa_s->wpa, NULL);
1321 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
8bac466b
JM		 1322 if (old_ssid != wpa_s->current_ssid)
1323 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1324}
1325
1326
1327/**
1328 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1329 * @wpa_s: Pointer to wpa_supplicant data
1330 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1331 *
073ab58f 1332 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 1333 * current AP.
1334 */
1335void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1336 int reason_code)
1337{
8bac466b 1338 struct wpa_ssid *old_ssid;
6fc6879b 1339 u8 *addr = NULL;
8bac466b 1340
a8e16edc 1341 if (!is_zero_ether_addr(wpa_s->bssid)) {
c2a04078 1342 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1343 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1344 else
1345 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1346 reason_code);
1347 addr = wpa_s->bssid;
1348 }
1349 wpa_clear_keys(wpa_s, addr);
c3dc92e8 1350 wpa_supplicant_mark_disassoc(wpa_s);
8bac466b 1351 old_ssid = wpa_s->current_ssid;
6fc6879b 1352 wpa_s->current_ssid = NULL;
8f770587 1353 wpa_s->current_bss = NULL;
6fc6879b
JM		 1354 wpa_sm_set_config(wpa_s->wpa, NULL);
1355 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
8bac466b
JM		 1356 if (old_ssid != wpa_s->current_ssid)
1357 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 1358}
1359
1360
86b89452
WS		 1361/**
1362 * wpa_supplicant_enable_network - Mark a configured network as enabled
1363 * @wpa_s: wpa_supplicant structure for a network interface
1364 * @ssid: wpa_ssid structure for a configured network or %NULL
1365 *
1366 * Enables the specified network or all networks if no network specified.
1367 */
1368void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1369 struct wpa_ssid *ssid)
1370{
1371 struct wpa_ssid *other_ssid;
1372 int was_disabled;
1373
1374 if (ssid == NULL) {
1375 other_ssid = wpa_s->conf->ssid;
1376 while (other_ssid) {
1377 if (other_ssid == wpa_s->current_ssid &&
1378 other_ssid->disabled)
1379 wpa_s->reassociate = 1;
1380
1381 was_disabled = other_ssid->disabled;
1382
1383 other_ssid->disabled = 0;
1384
1385 if (was_disabled != other_ssid->disabled)
1386 wpas_notify_network_enabled_changed(
1387 wpa_s, other_ssid);
1388
1389 other_ssid = other_ssid->next;
1390 }
1391 if (wpa_s->reassociate)
1392 wpa_supplicant_req_scan(wpa_s, 0, 0);
1393 } else if (wpa_s->current_ssid == NULL && ssid->disabled) {
1394 /*
1395 * Try to reassociate since there is no current configuration
1396 * and a new network was made available.
1397 */
1398 wpa_s->reassociate = 1;
1399 wpa_supplicant_req_scan(wpa_s, 0, 0);
1400
1401 was_disabled = ssid->disabled;
1402
1403 ssid->disabled = 0;
1404
1405 if (was_disabled != ssid->disabled)
1406 wpas_notify_network_enabled_changed(wpa_s, ssid);
1407 }
1408}
1409
1410
1411/**
1412 * wpa_supplicant_disable_network - Mark a configured network as disabled
1413 * @wpa_s: wpa_supplicant structure for a network interface
1414 * @ssid: wpa_ssid structure for a configured network or %NULL
1415 *
1416 * Disables the specified network or all networks if no network specified.
1417 */
1418void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1419 struct wpa_ssid *ssid)
1420{
1421 struct wpa_ssid *other_ssid;
1422 int was_disabled;
1423
1424 if (ssid == NULL) {
1425 other_ssid = wpa_s->conf->ssid;
1426 while (other_ssid) {
1427 was_disabled = other_ssid->disabled;
1428
1429 other_ssid->disabled = 1;
1430
1431 if (was_disabled != other_ssid->disabled)
1432 wpas_notify_network_enabled_changed(
1433 wpa_s, other_ssid);
1434
1435 other_ssid = other_ssid->next;
1436 }
1437 if (wpa_s->current_ssid)
1438 wpa_supplicant_disassociate(
1439 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1440 } else {
1441 if (ssid == wpa_s->current_ssid)
1442 wpa_supplicant_disassociate(
1443 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1444
1445 was_disabled = ssid->disabled;
1446
1447 ssid->disabled = 1;
1448
1449 if (was_disabled != ssid->disabled)
1450 wpas_notify_network_enabled_changed(wpa_s, ssid);
1451 }
1452}
1453
1454
1455/**
1456 * wpa_supplicant_select_network - Attempt association with a network
1457 * @wpa_s: wpa_supplicant structure for a network interface
1458 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1459 */
1460void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1461 struct wpa_ssid *ssid)
1462{
1463
1464 struct wpa_ssid *other_ssid;
1465
1466 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1467 wpa_supplicant_disassociate(
1468 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1469
1470 /*
1471 * Mark all other networks disabled or mark all networks enabled if no
1472 * network specified.
1473 */
1474 other_ssid = wpa_s->conf->ssid;
1475 while (other_ssid) {
1476 int was_disabled = other_ssid->disabled;
1477
1478 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1479
1480 if (was_disabled != other_ssid->disabled)
1481 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1482
1483 other_ssid = other_ssid->next;
1484 }
1485 wpa_s->disconnected = 0;
1486 wpa_s->reassociate = 1;
1487 wpa_supplicant_req_scan(wpa_s, 0, 0);
1488
a1641d26
JM		 1489 if (ssid)
1490 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 1491}
1492
1493
1494/**
1495 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1496 * @wpa_s: wpa_supplicant structure for a network interface
1497 * @ap_scan: AP scan mode
1498 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1499 *
1500 */
1501int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1502{
1503
1504 int old_ap_scan;
1505
1506 if (ap_scan < 0 || ap_scan > 2)
1507 return -1;
1508
1509 old_ap_scan = wpa_s->conf->ap_scan;
1510 wpa_s->conf->ap_scan = ap_scan;
1511
1512 if (old_ap_scan != wpa_s->conf->ap_scan)
1513 wpas_notify_ap_scan_changed(wpa_s);
1514
1515 return 0;
1516}
1517
1518
1519/**
1520 * wpa_supplicant_set_debug_params - Set global debug params
1521 * @global: wpa_global structure
1522 * @debug_level: debug level
1523 * @debug_timestamp: determines if show timestamp in debug data
1524 * @debug_show_keys: determines if show keys in debug data
1525 * Returns: 0 if succeed or -1 if debug_level has wrong value
1526 */
1527int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1528 int debug_timestamp, int debug_show_keys)
1529{
1530
1531 int old_level, old_timestamp, old_show_keys;
1532
1533 /* check for allowed debuglevels */
1534 if (debug_level != MSG_MSGDUMP &&
1535 debug_level != MSG_DEBUG &&
1536 debug_level != MSG_INFO &&
1537 debug_level != MSG_WARNING &&
1538 debug_level != MSG_ERROR)
1539 return -1;
1540
1541 old_level = wpa_debug_level;
1542 old_timestamp = wpa_debug_timestamp;
1543 old_show_keys = wpa_debug_show_keys;
1544
1545 wpa_debug_level = debug_level;
1546 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1547 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1548
db9133ac
WS		 1549 if (wpa_debug_level != old_level)
1550 wpas_notify_debug_level_changed(global);
1551 if (wpa_debug_timestamp != old_timestamp)
1552 wpas_notify_debug_timestamp_changed(global);
1553 if (wpa_debug_show_keys != old_show_keys)
1554 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 1555
1556 return 0;
1557}
1558
1559
6fc6879b
JM		 1560/**
1561 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1562 * @wpa_s: Pointer to wpa_supplicant data
1563 * Returns: A pointer to the current network structure or %NULL on failure
1564 */
1565struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1566{
1567 struct wpa_ssid *entry;
1568 u8 ssid[MAX_SSID_LEN];
1569 int res;
1570 size_t ssid_len;
1571 u8 bssid[ETH_ALEN];
1572 int wired;
1573
c2a04078 1574 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 1575 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1576 wpa_printf(MSG_WARNING, "Could not read SSID from "
1577 "MLME.");
1578 return NULL;
1579 }
1580 } else {
1581 res = wpa_drv_get_ssid(wpa_s, ssid);
1582 if (res < 0) {
1583 wpa_printf(MSG_WARNING, "Could not read SSID from "
1584 "driver.");
1585 return NULL;
1586 }
1587 ssid_len = res;
1588 }
1589
c2a04078 1590 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
6fc6879b
JM		 1591 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1592 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1593 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1594 return NULL;
1595 }
1596
c2a04078
JM		 1597 wired = wpa_s->conf->ap_scan == 0 &&
1598 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 1599
1600 entry = wpa_s->conf->ssid;
1601 while (entry) {
1602 if (!entry->disabled &&
1603 ((ssid_len == entry->ssid_len &&
1604 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1605 (!entry->bssid_set ||
1606 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1607 return entry;
24c23d1b
JM		 1608#ifdef CONFIG_WPS
1609 if (!entry->disabled &&
1610 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1611 (entry->ssid == NULL || entry->ssid_len == 0) &&
1612 (!entry->bssid_set ||
1613 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1614 return entry;
1615#endif /* CONFIG_WPS */
6fc6879b
JM		 1616 entry = entry->next;
1617 }
1618
1619 return NULL;
1620}
1621
1622
1623static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1624 const char *name)
1625{
1626 int i;
362f781e
JM		 1627 size_t len;
1628 const char *pos;
6fc6879b
JM		 1629
1630 if (wpa_s == NULL)
1631 return -1;
1632
c5121837 1633 if (wpa_drivers[0] == NULL) {
6fc6879b
JM		 1634 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1635 "wpa_supplicant.");
1636 return -1;
1637 }
1638
1639 if (name == NULL) {
1640 /* default to first driver in the list */
c5121837 1641 wpa_s->driver = wpa_drivers[0];
8a5ab9f5 1642 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
6fc6879b
JM		 1643 return 0;
1644 }
1645
362f781e
JM		 1646 pos = os_strchr(name, ',');
1647 if (pos)
1648 len = pos - name;
1649 else
1650 len = os_strlen(name);
c5121837
JM		 1651 for (i = 0; wpa_drivers[i]; i++) {
1652 if (os_strlen(wpa_drivers[i]->name) == len &&
1653 os_strncmp(name, wpa_drivers[i]->name, len) ==
362f781e 1654 0) {
c5121837 1655 wpa_s->driver = wpa_drivers[i];
8a5ab9f5 1656 wpa_s->global_drv_priv = wpa_s->global->drv_priv[i];
6fc6879b
JM		 1657 return 0;
1658 }
1659 }
1660
362f781e 1661 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.", name);
6fc6879b
JM		 1662 return -1;
1663}
1664
1665
a8e0505b
JM		 1666/**
1667 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1668 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1669 * with struct wpa_driver_ops::init()
1670 * @src_addr: Source address of the EAPOL frame
1671 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1672 * @len: Length of the EAPOL data
1673 *
1674 * This function is called for each received EAPOL frame. Most driver
1675 * interfaces rely on more generic OS mechanism for receiving frames through
1676 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1677 * take care of received EAPOL frames and deliver them to the core supplicant
1678 * code by calling this function.
1679 */
6fc6879b
JM		 1680void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1681 const u8 *buf, size_t len)
1682{
1683 struct wpa_supplicant *wpa_s = ctx;
1684
1685 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1686 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1687
1ff73338
JM		 1688 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1689 /*
1690 * There is possible race condition between receiving the
1691 * association event and the EAPOL frame since they are coming
1692 * through different paths from the driver. In order to avoid
1693 * issues in trying to process the EAPOL frame before receiving
1694 * association information, lets queue it for processing until
1695 * the association event is received.
1696 */
1697 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of "
1698 "received EAPOL frame");
1699 wpabuf_free(wpa_s->pending_eapol_rx);
1700 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1701 if (wpa_s->pending_eapol_rx) {
1702 os_get_time(&wpa_s->pending_eapol_rx_time);
1703 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1704 ETH_ALEN);
1705 }
1706 return;
1707 }
1708
db149ac9
JM		 1709#ifdef CONFIG_AP
1710 if (wpa_s->ap_iface) {
1711 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1712 return;
1713 }
1714#endif /* CONFIG_AP */
1715
6fc6879b
JM		 1716 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1717 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1718 "no key management is configured");
1719 return;
1720 }
1721
1722 if (wpa_s->eapol_received == 0 &&
c2a04078 1723 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 1724 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 1725 wpa_s->wpa_state != WPA_COMPLETED) &&
1726 (wpa_s->current_ssid == NULL ||
1727 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b
JM		 1728 /* Timeout for completing IEEE 802.1X and WPA authentication */
1729 wpa_supplicant_req_auth_timeout(
1730 wpa_s,
56586197 1731 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
a6f06dab
AT		 1732 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1733 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
6fc6879b
JM		 1734 70 : 10, 0);
1735 }
1736 wpa_s->eapol_received++;
1737
1738 if (wpa_s->countermeasures) {
1739 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1740 "packet");
1741 return;
1742 }
1743
8be18440
JM		 1744#ifdef CONFIG_IBSS_RSN
1745 if (wpa_s->current_ssid &&
d7dcba70 1746 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 1747 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1748 return;
1749 }
1750#endif /* CONFIG_IBSS_RSN */
1751
6fc6879b
JM		 1752 /* Source address of the incoming EAPOL frame could be compared to the
1753 * current BSSID. However, it is possible that a centralized
1754 * Authenticator could be using another MAC address than the BSSID of
1755 * an AP, so just allow any address to be used for now. The replies are
1756 * still sent to the current BSSID (if available), though. */
1757
1758 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 1759 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6fc6879b
JM		 1760 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1761 return;
1762 wpa_drv_poll(wpa_s);
c2a04078 1763 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 1764 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 1765 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 1766 /*
1767 * Set portValid = TRUE here since we are going to skip 4-way
1768 * handshake processing which would normally set portValid. We
1769 * need this to allow the EAPOL state machines to be completed
1770 * without going through EAPOL-Key handshake.
1771 */
1772 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1773 }
1774}
1775
1776
6fc6879b
JM		 1777/**
1778 * wpa_supplicant_driver_init - Initialize driver interface parameters
1779 * @wpa_s: Pointer to wpa_supplicant data
1780 * Returns: 0 on success, -1 on failure
1781 *
1782 * This function is called to initialize driver interface parameters.
1783 * wpa_drv_init() must have been called before this function to initialize the
1784 * driver interface.
1785 */
1786int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1787{
1788 static int interface_count = 0;
1789
1790 if (wpa_s->driver->send_eapol) {
1791 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1792 if (addr)
1793 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1794 } else {
1795 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1796 wpa_drv_get_mac_addr(wpa_s),
1797 ETH_P_EAPOL,
1798 wpa_supplicant_rx_eapol, wpa_s, 0);
1799 if (wpa_s->l2 == NULL)
1800 return -1;
1801 }
1802
1803 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1804 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1805 return -1;
1806 }
1807
1808 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1809 MAC2STR(wpa_s->own_addr));
1810
1811 if (wpa_s->bridge_ifname[0]) {
1812 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1813 " '%s'", wpa_s->bridge_ifname);
1814 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1815 wpa_s->own_addr,
1816 ETH_P_EAPOL,
1817 wpa_supplicant_rx_eapol, wpa_s,
1818 0);
1819 if (wpa_s->l2_br == NULL) {
1820 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1821 "connection for the bridge interface '%s'",
1822 wpa_s->bridge_ifname);
1823 return -1;
1824 }
1825 }
1826
6fc6879b
JM		 1827 wpa_clear_keys(wpa_s, NULL);
1828
1829 /* Make sure that TKIP countermeasures are not left enabled (could
1830 * happen if wpa_supplicant is killed during countermeasures. */
1831 wpa_drv_set_countermeasures(wpa_s, 0);
1832
6fc6879b
JM		 1833 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1834 wpa_drv_flush_pmkid(wpa_s);
1835
ba2a573c 1836 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
6fc6879b
JM		 1837 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1838 interface_count++;
1839
1840 return 0;
1841}
1842
1843
1844static int wpa_supplicant_daemon(const char *pid_file)
1845{
1846 wpa_printf(MSG_DEBUG, "Daemonize..");
1847 return os_daemonize(pid_file);
1848}
1849
1850
1851static struct wpa_supplicant * wpa_supplicant_alloc(void)
1852{
1853 struct wpa_supplicant *wpa_s;
1854
1855 wpa_s = os_zalloc(sizeof(*wpa_s));
1856 if (wpa_s == NULL)
1857 return NULL;
1858 wpa_s->scan_req = 1;
c302f207 1859 wpa_s->new_connection = 1;
6fc6879b
JM		 1860
1861 return wpa_s;
1862}
1863
1864
1865static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1866 struct wpa_interface *iface)
1867{
362f781e
JM		 1868 const char *ifname, *driver;
1869 struct wpa_driver_capa capa;
1870
6fc6879b
JM		 1871 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1872 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1873 iface->confname ? iface->confname : "N/A",
1874 iface->driver ? iface->driver : "default",
1875 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1876 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1877
6fc6879b
JM		 1878 if (iface->confname) {
1879#ifdef CONFIG_BACKEND_FILE
1880 wpa_s->confname = os_rel2abs_path(iface->confname);
1881 if (wpa_s->confname == NULL) {
1882 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1883 "for configuration file '%s'.",
1884 iface->confname);
1885 return -1;
1886 }
1887 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1888 iface->confname, wpa_s->confname);
1889#else /* CONFIG_BACKEND_FILE */
1890 wpa_s->confname = os_strdup(iface->confname);
1891#endif /* CONFIG_BACKEND_FILE */
1892 wpa_s->conf = wpa_config_read(wpa_s->confname);
1893 if (wpa_s->conf == NULL) {
1894 wpa_printf(MSG_ERROR, "Failed to read or parse "
1895 "configuration '%s'.", wpa_s->confname);
1896 return -1;
1897 }
1898
1899 /*
1900 * Override ctrl_interface and driver_param if set on command
1901 * line.
1902 */
1903 if (iface->ctrl_interface) {
1904 os_free(wpa_s->conf->ctrl_interface);
1905 wpa_s->conf->ctrl_interface =
1906 os_strdup(iface->ctrl_interface);
1907 }
1908
1909 if (iface->driver_param) {
1910 os_free(wpa_s->conf->driver_param);
1911 wpa_s->conf->driver_param =
1912 os_strdup(iface->driver_param);
1913 }
1914 } else
1915 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
1916 iface->driver_param);
1917
1918 if (wpa_s->conf == NULL) {
1919 wpa_printf(MSG_ERROR, "\nNo configuration found.");
1920 return -1;
1921 }
1922
1923 if (iface->ifname == NULL) {
1924 wpa_printf(MSG_ERROR, "\nInterface name is required.");
1925 return -1;
1926 }
1927 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
1928 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
1929 iface->ifname);
1930 return -1;
1931 }
1932 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
1933
1934 if (iface->bridge_ifname) {
1935 if (os_strlen(iface->bridge_ifname) >=
1936 sizeof(wpa_s->bridge_ifname)) {
1937 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
1938 "name '%s'.", iface->bridge_ifname);
1939 return -1;
1940 }
1941 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
1942 sizeof(wpa_s->bridge_ifname));
1943 }
1944
6fc6879b
JM		 1945 /* RSNA Supplicant Key Management - INITIALIZE */
1946 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1947 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1948
1949 /* Initialize driver interface and register driver event handler before
1950 * L2 receive handler so that association events are processed before
1951 * EAPOL-Key packets if both become available for the same select()
1952 * call. */
362f781e
JM		 1953 driver = iface->driver;
1954next_driver:
1955 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
1956 return -1;
1957
6fc6879b
JM		 1958 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
1959 if (wpa_s->drv_priv == NULL) {
362f781e 1960 const char *pos;
a5b9337f 1961 pos = driver ? os_strchr(driver, ',') : NULL;
362f781e
JM		 1962 if (pos) {
1963 wpa_printf(MSG_DEBUG, "Failed to initialize driver "
1964 "interface - try next driver wrapper");
1965 driver = pos + 1;
1966 goto next_driver;
1967 }
6fc6879b
JM		 1968 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
1969 return -1;
1970 }
1971 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
1972 wpa_printf(MSG_ERROR, "Driver interface rejected "
1973 "driver_param '%s'", wpa_s->conf->driver_param);
1974 return -1;
1975 }
1976
1977 ifname = wpa_drv_get_ifname(wpa_s);
1978 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
1979 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
1980 "name with '%s'", ifname);
1981 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
1982 }
1983
1984 if (wpa_supplicant_init_wpa(wpa_s) < 0)
1985 return -1;
1986
1987 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
1988 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
1989 NULL);
1990 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1991
1992 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
1993 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
1994 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
1995 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1996 "dot11RSNAConfigPMKLifetime");
1997 return -1;
1998 }
1999
2000 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2001 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2002 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2003 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2004 "dot11RSNAConfigPMKReauthThreshold");
2005 return -1;
2006 }
2007
2008 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2009 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2010 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2011 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2012 "dot11RSNAConfigSATimeout");
2013 return -1;
2014 }
2015
2016 if (wpa_supplicant_driver_init(wpa_s) < 0)
2017 return -1;
2018
315ce40a
JM		 2019 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2020 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6d158490
LR		 2021 wpa_printf(MSG_DEBUG, "Failed to set country");
2022 return -1;
2023 }
2024
6fc6879b
JM		 2025 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2026
116654ce
JM		 2027 if (wpas_wps_init(wpa_s))
2028 return -1;
2029
6fc6879b
JM		 2030 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2031 return -1;
2032 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2033
2034 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2035 if (wpa_s->ctrl_iface == NULL) {
2036 wpa_printf(MSG_ERROR,
2037 "Failed to initialize control interface '%s'.\n"
2038 "You may have another wpa_supplicant process "
2039 "already running or the file was\n"
2040 "left by an unclean termination of wpa_supplicant "
2041 "in which case you will need\n"
2042 "to manually remove this file before starting "
2043 "wpa_supplicant again.\n",
2044 wpa_s->conf->ctrl_interface);
2045 return -1;
2046 }
2047
2048 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
c2a04078 2049 wpa_s->drv_flags = capa.flags;
6fc6879b 2050 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
6fc6879b
JM		 2051 if (ieee80211_sta_init(wpa_s))
2052 return -1;
2053 }
80bc75f1 2054 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6fc6879b
JM		 2055 }
2056
11ef8d35
JM		 2057#ifdef CONFIG_IBSS_RSN
2058 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2059 if (!wpa_s->ibss_rsn) {
2060 wpa_printf(MSG_DEBUG, "Failed to init IBSS RSN");
2061 return -1;
2062 }
2063#endif /* CONFIG_IBSS_RSN */
2064
83922c2d
JM		 2065 if (wpa_bss_init(wpa_s) < 0)
2066 return -1;
83922c2d 2067
6fc6879b
JM		 2068 return 0;
2069}
2070
2071
2ee055b3
JM		 2072static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2073 int notify)
6fc6879b
JM		 2074{
2075 if (wpa_s->drv_priv) {
2076 wpa_supplicant_deauthenticate(wpa_s,
2077 WLAN_REASON_DEAUTH_LEAVING);
2078
6fc6879b
JM		 2079 wpa_drv_set_countermeasures(wpa_s, 0);
2080 wpa_clear_keys(wpa_s, NULL);
2081 }
2082
8e56d189
JM		 2083 wpa_supplicant_cleanup(wpa_s);
2084
2ee055b3
JM		 2085 if (notify)
2086 wpas_notify_iface_removed(wpa_s);
6fc6879b 2087
6fc6879b
JM		 2088 if (wpa_s->drv_priv)
2089 wpa_drv_deinit(wpa_s);
2090}
2091
2092
2093/**
2094 * wpa_supplicant_add_iface - Add a new network interface
2095 * @global: Pointer to global data from wpa_supplicant_init()
2096 * @iface: Interface configuration options
2097 * Returns: Pointer to the created interface or %NULL on failure
2098 *
2099 * This function is used to add new network interfaces for %wpa_supplicant.
2100 * This can be called before wpa_supplicant_run() to add interfaces before the
2101 * main event loop has been started. In addition, new interfaces can be added
2102 * dynamically while %wpa_supplicant is already running. This could happen,
2103 * e.g., when a hotplug network adapter is inserted.
2104 */
2105struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2106 struct wpa_interface *iface)
2107{
2108 struct wpa_supplicant *wpa_s;
d27df100 2109 struct wpa_interface t_iface;
8e56d189 2110 struct wpa_ssid *ssid;
6fc6879b
JM		 2111
2112 if (global == NULL || iface == NULL)
2113 return NULL;
2114
2115 wpa_s = wpa_supplicant_alloc();
2116 if (wpa_s == NULL)
2117 return NULL;
2118
d8222ae3
JM		 2119 wpa_s->global = global;
2120
d27df100
JM		 2121 t_iface = *iface;
2122 if (global->params.override_driver) {
2123 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2124 "('%s' -> '%s')",
2125 iface->driver, global->params.override_driver);
2126 t_iface.driver = global->params.override_driver;
2127 }
2128 if (global->params.override_ctrl_interface) {
2129 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2130 "ctrl_interface ('%s' -> '%s')",
2131 iface->ctrl_interface,
2132 global->params.override_ctrl_interface);
2133 t_iface.ctrl_interface =
2134 global->params.override_ctrl_interface;
2135 }
2136 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 2137 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2138 iface->ifname);
2ee055b3 2139 wpa_supplicant_deinit_iface(wpa_s, 0);
6fc6879b
JM		 2140 os_free(wpa_s);
2141 return NULL;
2142 }
2143
dc461de4
WS		 2144 /* Notify the control interfaces about new iface */
2145 if (wpas_notify_iface_added(wpa_s)) {
2ee055b3 2146 wpa_supplicant_deinit_iface(wpa_s, 1);
6fc6879b
JM		 2147 os_free(wpa_s);
2148 return NULL;
2149 }
1bd3f426 2150
8e56d189
JM		 2151 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2152 wpas_notify_network_added(wpa_s, ssid);
2153
6fc6879b
JM		 2154 wpa_s->next = global->ifaces;
2155 global->ifaces = wpa_s;
2156
2157 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2158
2159 return wpa_s;
2160}
2161
2162
2163/**
2164 * wpa_supplicant_remove_iface - Remove a network interface
2165 * @global: Pointer to global data from wpa_supplicant_init()
2166 * @wpa_s: Pointer to the network interface to be removed
2167 * Returns: 0 if interface was removed, -1 if interface was not found
2168 *
2169 * This function can be used to dynamically remove network interfaces from
2170 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2171 * addition, this function is used to remove all remaining interfaces when
2172 * %wpa_supplicant is terminated.
2173 */
2174int wpa_supplicant_remove_iface(struct wpa_global *global,
2175 struct wpa_supplicant *wpa_s)
2176{
2177 struct wpa_supplicant *prev;
2178
2179 /* Remove interface from the global list of interfaces */
2180 prev = global->ifaces;
2181 if (prev == wpa_s) {
2182 global->ifaces = wpa_s->next;
2183 } else {
2184 while (prev && prev->next != wpa_s)
2185 prev = prev->next;
2186 if (prev == NULL)
2187 return -1;
2188 prev->next = wpa_s->next;
2189 }
2190
2191 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2192
2ee055b3 2193 wpa_supplicant_deinit_iface(wpa_s, 1);
6fc6879b
JM		 2194 os_free(wpa_s);
2195
2196 return 0;
2197}
2198
2199
2200/**
2201 * wpa_supplicant_get_iface - Get a new network interface
2202 * @global: Pointer to global data from wpa_supplicant_init()
2203 * @ifname: Interface name
2204 * Returns: Pointer to the interface or %NULL if not found
2205 */
2206struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2207 const char *ifname)
2208{
2209 struct wpa_supplicant *wpa_s;
2210
2211 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2212 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2213 return wpa_s;
2214 }
2215 return NULL;
2216}
2217
2218
2219/**
2220 * wpa_supplicant_init - Initialize %wpa_supplicant
2221 * @params: Parameters for %wpa_supplicant
2222 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2223 *
2224 * This function is used to initialize %wpa_supplicant. After successful
2225 * initialization, the returned data pointer can be used to add and remove
2226 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2227 */
2228struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2229{
2230 struct wpa_global *global;
ac305589 2231 int ret, i;
6fc6879b
JM		 2232
2233 if (params == NULL)
2234 return NULL;
2235
2236 wpa_debug_open_file(params->wpa_debug_file_path);
daa70d49
SL		 2237 if (params->wpa_debug_syslog)
2238 wpa_debug_open_syslog();
6fc6879b 2239
12760815 2240 ret = eap_register_methods();
6fc6879b
JM		 2241 if (ret) {
2242 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2243 if (ret == -2)
2244 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2245 "the same EAP type.");
2246 return NULL;
2247 }
2248
2249 global = os_zalloc(sizeof(*global));
2250 if (global == NULL)
2251 return NULL;
2252 global->params.daemonize = params->daemonize;
2253 global->params.wait_for_monitor = params->wait_for_monitor;
2254 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2255 if (params->pid_file)
2256 global->params.pid_file = os_strdup(params->pid_file);
2257 if (params->ctrl_interface)
2258 global->params.ctrl_interface =
2259 os_strdup(params->ctrl_interface);
d27df100
JM		 2260 if (params->override_driver)
2261 global->params.override_driver =
2262 os_strdup(params->override_driver);
2263 if (params->override_ctrl_interface)
2264 global->params.override_ctrl_interface =
2265 os_strdup(params->override_ctrl_interface);
6fc6879b
JM		 2266 wpa_debug_level = global->params.wpa_debug_level =
2267 params->wpa_debug_level;
2268 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2269 params->wpa_debug_show_keys;
2270 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2271 params->wpa_debug_timestamp;
2272
0456ea16 2273 if (eloop_init()) {
6fc6879b
JM		 2274 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2275 wpa_supplicant_deinit(global);
2276 return NULL;
2277 }
2278
2279 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2280 if (global->ctrl_iface == NULL) {
2281 wpa_supplicant_deinit(global);
2282 return NULL;
2283 }
2284
dc461de4
WS		 2285 if (wpas_notify_supplicant_initialized(global)) {
2286 wpa_supplicant_deinit(global);
2287 return NULL;
6fc6879b
JM		 2288 }
2289
c5121837 2290 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 2291 global->drv_count++;
2292 if (global->drv_count == 0) {
2293 wpa_printf(MSG_ERROR, "No drivers enabled");
2294 wpa_supplicant_deinit(global);
2295 return NULL;
2296 }
2297 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2298 if (global->drv_priv == NULL) {
2299 wpa_supplicant_deinit(global);
2300 return NULL;
2301 }
c5121837
JM		 2302 for (i = 0; wpa_drivers[i]; i++) {
2303 if (!wpa_drivers[i]->global_init)
ac305589 2304 continue;
c5121837 2305 global->drv_priv[i] = wpa_drivers[i]->global_init();
ac305589
JM		 2306 if (global->drv_priv[i] == NULL) {
2307 wpa_printf(MSG_ERROR, "Failed to initialize driver "
c5121837 2308 "'%s'", wpa_drivers[i]->name);
ac305589
JM		 2309 wpa_supplicant_deinit(global);
2310 return NULL;
2311 }
2312 }
2313
6fc6879b
JM		 2314 return global;
2315}
2316
2317
2318/**
2319 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2320 * @global: Pointer to global data from wpa_supplicant_init()
2321 * Returns: 0 after successful event loop run, -1 on failure
2322 *
2323 * This function starts the main event loop and continues running as long as
2324 * there are any remaining events. In most cases, this function is running as
2325 * long as the %wpa_supplicant process in still in use.
2326 */
2327int wpa_supplicant_run(struct wpa_global *global)
2328{
2329 struct wpa_supplicant *wpa_s;
2330
2331 if (global->params.daemonize &&
2332 wpa_supplicant_daemon(global->params.pid_file))
2333 return -1;
2334
2335 if (global->params.wait_for_monitor) {
2336 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2337 if (wpa_s->ctrl_iface)
2338 wpa_supplicant_ctrl_iface_wait(
2339 wpa_s->ctrl_iface);
2340 }
2341
0456ea16
JM		 2342 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2343 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 2344
2345 eloop_run();
2346
2347 return 0;
2348}
2349
2350
2351/**
2352 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2353 * @global: Pointer to global data from wpa_supplicant_init()
2354 *
2355 * This function is called to deinitialize %wpa_supplicant and to free all
2356 * allocated resources. Remaining network interfaces will also be removed.
2357 */
2358void wpa_supplicant_deinit(struct wpa_global *global)
2359{
ac305589
JM		 2360 int i;
2361
6fc6879b
JM		 2362 if (global == NULL)
2363 return;
2364
2365 while (global->ifaces)
2366 wpa_supplicant_remove_iface(global, global->ifaces);
2367
2368 if (global->ctrl_iface)
2369 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 2370
2371 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 2372
2373 eap_peer_unregister_methods();
3ec97afe
JM		 2374#ifdef CONFIG_AP
2375 eap_server_unregister_methods();
2376#endif /* CONFIG_AP */
6fc6879b 2377
c5121837 2378 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 2379 if (!global->drv_priv[i])
2380 continue;
c5121837 2381 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 2382 }
2383 os_free(global->drv_priv);
2384
6fc6879b
JM		 2385 eloop_destroy();
2386
2387 if (global->params.pid_file) {
2388 os_daemonize_terminate(global->params.pid_file);
2389 os_free(global->params.pid_file);
2390 }
2391 os_free(global->params.ctrl_interface);
d27df100
JM		 2392 os_free(global->params.override_driver);
2393 os_free(global->params.override_ctrl_interface);
6fc6879b
JM		 2394
2395 os_free(global);
daa70d49 2396 wpa_debug_close_syslog();
6fc6879b
JM		 2397 wpa_debug_close_file();
2398}
Unnamed repository; edit this file 'description' to name the repository.