]> git.ipfire.org Git - thirdparty/hostap.git/blame - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
HS 2.0: Allow OSEN connection to be enabled in an RSN BSS
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
CommitLineData
6fc6879b
JM		 1/*
2 * WPA Supplicant
6774c6a9 3 * Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi>
6fc6879b 4 *
0f3d578e
JM		 5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
6fc6879b
JM		 7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13#include "includes.h"
2e997eec
RM		 14#ifdef CONFIG_MATCH_IFACE
15#include <net/if.h>
16#include <fnmatch.h>
17#endif /* CONFIG_MATCH_IFACE */
6fc6879b
JM		 18
19#include "common.h"
d47fa330 20#include "crypto/random.h"
7d232e23 21#include "crypto/sha1.h"
6fc6879b
JM		 22#include "eapol_supp/eapol_supp_sm.h"
23#include "eap_peer/eap.h"
ec7b97ab 24#include "eap_peer/eap_proxy.h"
3ec97afe 25#include "eap_server/eap_methods.h"
3acb5005 26#include "rsn_supp/wpa.h"
6fc6879b 27#include "eloop.h"
6fc6879b 28#include "config.h"
306ae225 29#include "utils/ext_password.h"
6fc6879b
JM		 30#include "l2_packet/l2_packet.h"
31#include "wpa_supplicant_i.h"
2d5b792d 32#include "driver_i.h"
6fc6879b 33#include "ctrl_iface.h"
6fc6879b 34#include "pcsc_funcs.h"
90973fb2 35#include "common/version.h"
3acb5005
JM		 36#include "rsn_supp/preauth.h"
37#include "rsn_supp/pmksa_cache.h"
90973fb2 38#include "common/wpa_ctrl.h"
90973fb2 39#include "common/ieee802_11_defs.h"
6b8b0774 40#include "common/hw_features_common.h"
461d39af 41#include "common/gas_server.h"
72044390 42#include "p2p/p2p.h"
b36a3a65 43#include "fst/fst.h"
6fc6879b
JM		 44#include "blacklist.h"
45#include "wpas_glue.h"
116654ce 46#include "wps_supplicant.h"
11ef8d35 47#include "ibss_rsn.h"
c2a04078 48#include "sme.h"
04ea7b79 49#include "gas_query.h"
1f1b62a0 50#include "ap.h"
b22128ef 51#include "p2p_supplicant.h"
9675ce35 52#include "wifi_display.h"
8bac466b 53#include "notify.h"
60b94c98 54#include "bgscan.h"
7c865c68 55#include "autoscan.h"
83922c2d 56#include "bss.h"
9ba9fa07 57#include "scan.h"
24f6497c 58#include "offchannel.h"
cb418324 59#include "hs20_supplicant.h"
e27d20bb 60#include "wnm_sta.h"
dd10abcc 61#include "wpas_kay.h"
603a3f34 62#include "mesh.h"
be27e185 63#include "dpp_supplicant.h"
a39b040b
SB		 64#ifdef CONFIG_MESH
65#include "ap/ap_config.h"
66#include "ap/hostapd.h"
67#endif /* CONFIG_MESH */
6fc6879b 68
8b423edb 69const char *const wpa_supplicant_version =
6fc6879b 70"wpa_supplicant v" VERSION_STR "\n"
6774c6a9 71"Copyright (c) 2003-2017, Jouni Malinen <j@w1.fi> and contributors";
6fc6879b 72
8b423edb 73const char *const wpa_supplicant_license =
331f89ff
JM		 74"This software may be distributed under the terms of the BSD license.\n"
75"See README for more details.\n"
6fc6879b
JM		 76#ifdef EAP_TLS_OPENSSL
77"\nThis product includes software developed by the OpenSSL Project\n"
78"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
79#endif /* EAP_TLS_OPENSSL */
80;
81
82#ifndef CONFIG_NO_STDOUT_DEBUG
83/* Long text divided into parts in order to fit in C89 strings size limits. */
8b423edb 84const char *const wpa_supplicant_full_license1 =
331f89ff 85"";
8b423edb 86const char *const wpa_supplicant_full_license2 =
331f89ff 87"This software may be distributed under the terms of the BSD license.\n"
6fc6879b
JM		 88"\n"
89"Redistribution and use in source and binary forms, with or without\n"
90"modification, are permitted provided that the following conditions are\n"
91"met:\n"
92"\n";
8b423edb 93const char *const wpa_supplicant_full_license3 =
6fc6879b
JM		 94"1. Redistributions of source code must retain the above copyright\n"
95" notice, this list of conditions and the following disclaimer.\n"
96"\n"
97"2. Redistributions in binary form must reproduce the above copyright\n"
98" notice, this list of conditions and the following disclaimer in the\n"
99" documentation and/or other materials provided with the distribution.\n"
100"\n";
8b423edb 101const char *const wpa_supplicant_full_license4 =
6fc6879b
JM		 102"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
103" names of its contributors may be used to endorse or promote products\n"
104" derived from this software without specific prior written permission.\n"
105"\n"
106"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
107"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
108"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
109"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
8b423edb 110const char *const wpa_supplicant_full_license5 =
6fc6879b
JM		 111"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
112"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
113"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
114"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
115"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
116"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
117"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118"\n";
119#endif /* CONFIG_NO_STDOUT_DEBUG */
120
b04854ce
AP		 121
122static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
6338c99e
VK		 123#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
124static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
125#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
b04854ce
AP		 126
127
6fc6879b 128/* Configure default/group WEP keys for static WEP */
0194fedb 129int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6fc6879b
JM		 130{
131 int i, set = 0;
132
133 for (i = 0; i < NUM_WEP_KEYS; i++) {
134 if (ssid->wep_key_len[i] == 0)
135 continue;
136
137 set = 1;
0382097e 138 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
da64c266 139 i, i == ssid->wep_tx_keyidx, NULL, 0,
6fc6879b
JM		 140 ssid->wep_key[i], ssid->wep_key_len[i]);
141 }
142
143 return set;
144}
145
146
6ea1f413
JM		 147int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
148 struct wpa_ssid *ssid)
6fc6879b
JM		 149{
150 u8 key[32];
151 size_t keylen;
71934751 152 enum wpa_alg alg;
6fc6879b 153 u8 seq[6] = { 0 };
658da804 154 int ret;
6fc6879b
JM		 155
156 /* IBSS/WPA-None uses only one key (Group) for both receiving and
157 * sending unicast and multicast packets. */
158
d7dcba70 159 if (ssid->mode != WPAS_MODE_IBSS) {
f049052b
BG		 160 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
161 "IBSS/ad-hoc) for WPA-None", ssid->mode);
6fc6879b
JM		 162 return -1;
163 }
164
165 if (!ssid->psk_set) {
f049052b
BG		 166 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
167 "WPA-None");
6fc6879b
JM		 168 return -1;
169 }
170
171 switch (wpa_s->group_cipher) {
172 case WPA_CIPHER_CCMP:
173 os_memcpy(key, ssid->psk, 16);
174 keylen = 16;
175 alg = WPA_ALG_CCMP;
176 break;
eb7719ff
JM		 177 case WPA_CIPHER_GCMP:
178 os_memcpy(key, ssid->psk, 16);
179 keylen = 16;
180 alg = WPA_ALG_GCMP;
181 break;
6fc6879b
JM		 182 case WPA_CIPHER_TKIP:
183 /* WPA-None uses the same Michael MIC key for both TX and RX */
184 os_memcpy(key, ssid->psk, 16 + 8);
185 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
186 keylen = 32;
187 alg = WPA_ALG_TKIP;
188 break;
189 default:
f049052b
BG		 190 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
191 "WPA-None", wpa_s->group_cipher);
6fc6879b
JM		 192 return -1;
193 }
194
195 /* TODO: should actually remember the previously used seq#, both for TX
196 * and RX from each STA.. */
197
658da804
JM		 198 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
199 os_memset(key, 0, sizeof(key));
200 return ret;
6fc6879b
JM		 201}
202
203
204static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
205{
206 struct wpa_supplicant *wpa_s = eloop_ctx;
207 const u8 *bssid = wpa_s->bssid;
04e3d815
MK		 208 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
209 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
210 wpa_s->wpa_state == WPA_ASSOCIATING))
6fc6879b
JM		 211 bssid = wpa_s->pending_bssid;
212 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
213 MAC2STR(bssid));
214 wpa_blacklist_add(wpa_s, bssid);
215 wpa_sm_notify_disassoc(wpa_s->wpa);
07783eaa 216 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6fc6879b 217 wpa_s->reassociate = 1;
48b84f18
BG		 218
219 /*
220 * If we timed out, the AP or the local radio may be busy.
221 * So, wait a second until scanning again.
222 */
223 wpa_supplicant_req_scan(wpa_s, 1, 0);
6fc6879b
JM		 224}
225
226
227/**
228 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
229 * @wpa_s: Pointer to wpa_supplicant data
230 * @sec: Number of seconds after which to time out authentication
231 * @usec: Number of microseconds after which to time out authentication
232 *
233 * This function is used to schedule a timeout for the current authentication
234 * attempt.
235 */
236void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
237 int sec, int usec)
238{
a2a535f8 239 if (wpa_s->conf->ap_scan == 0 &&
c2a04078 240 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
6fc6879b
JM		 241 return;
242
f049052b 243 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
6fc6879b
JM		 244 "%d usec", sec, usec);
245 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
37547ad6 246 wpa_s->last_auth_timeout_sec = sec;
6fc6879b
JM		 247 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
248}
249
250
37547ad6
DL		 251/*
252 * wpas_auth_timeout_restart - Restart and change timeout for authentication
253 * @wpa_s: Pointer to wpa_supplicant data
254 * @sec_diff: difference in seconds applied to original timeout value
255 */
256void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
257{
258 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
259
260 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
261 wpa_dbg(wpa_s, MSG_DEBUG,
262 "Authentication timeout restart: %d sec", new_sec);
263 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
264 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
265 wpa_s, NULL);
266 }
267}
268
269
6fc6879b
JM		 270/**
271 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
272 * @wpa_s: Pointer to wpa_supplicant data
273 *
274 * This function is used to cancel authentication timeout scheduled with
275 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
276 * been completed.
277 */
278void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
279{
f049052b 280 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
6fc6879b
JM		 281 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
282 wpa_blacklist_del(wpa_s, wpa_s->bssid);
283}
284
285
286/**
287 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
288 * @wpa_s: Pointer to wpa_supplicant data
289 *
290 * This function is used to configure EAPOL state machine based on the selected
291 * authentication mode.
292 */
293void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
294{
295#ifdef IEEE8021X_EAPOL
296 struct eapol_config eapol_conf;
297 struct wpa_ssid *ssid = wpa_s->current_ssid;
298
53895c3b 299#ifdef CONFIG_IBSS_RSN
d7dcba70 300 if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 301 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
302 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
303 /*
304 * RSN IBSS authentication is per-STA and we can disable the
305 * per-BSSID EAPOL authentication.
306 */
307 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
308 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
309 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
310 return;
311 }
312#endif /* CONFIG_IBSS_RSN */
313
0a40ec6a
JM		 314 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
315 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
316
6fc6879b
JM		 317 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
318 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 else
321 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
322
323 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
324 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
325 eapol_conf.accept_802_1x_keys = 1;
326 eapol_conf.required_keys = 0;
327 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
328 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
329 }
330 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
331 eapol_conf.required_keys |=
332 EAPOL_REQUIRE_KEY_BROADCAST;
333 }
334
a2a535f8 335 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
6fc6879b 336 eapol_conf.required_keys = 0;
6fc6879b 337 }
a2a535f8 338 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
6fc6879b 339 eapol_conf.workaround = ssid->eap_workaround;
56586197
JM		 340 eapol_conf.eap_disabled =
341 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
ad08c363
JM		 342 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
343 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
a5d44ac0 344 eapol_conf.external_sim = wpa_s->conf->external_sim;
3f7ac058
JS		 345
346#ifdef CONFIG_WPS
347 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
348 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
349 if (wpa_s->current_bss) {
350 struct wpabuf *ie;
351 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
352 WPS_IE_VENDOR_TYPE);
353 if (ie) {
354 if (wps_is_20(ie))
355 eapol_conf.wps |=
356 EAPOL_PEER_IS_WPS20_AP;
357 wpabuf_free(ie);
358 }
359 }
360 }
361#endif /* CONFIG_WPS */
362
6fc6879b 363 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
dd10abcc 364
ad51731a
SD		 365#ifdef CONFIG_MACSEC
366 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
367 ieee802_1x_create_preshared_mka(wpa_s, ssid);
368 else
369 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
370#endif /* CONFIG_MACSEC */
cd3153a9 371#endif /* IEEE8021X_EAPOL */
6fc6879b
JM		 372}
373
374
375/**
376 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
377 * @wpa_s: Pointer to wpa_supplicant data
378 * @ssid: Configuration data for the network
379 *
380 * This function is used to configure WPA state machine and related parameters
381 * to a mode where WPA is not enabled. This is called as part of the
382 * authentication configuration when the selected network does not use WPA.
383 */
384void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
385 struct wpa_ssid *ssid)
386{
387 int i;
388
ad08c363
JM		 389 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
390 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
391 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
6fc6879b
JM		 392 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
393 else
394 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
395 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
396 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
397 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
398 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
399 wpa_s->group_cipher = WPA_CIPHER_NONE;
400 wpa_s->mgmt_group_cipher = 0;
401
402 for (i = 0; i < NUM_WEP_KEYS; i++) {
403 if (ssid->wep_key_len[i] > 5) {
404 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
405 wpa_s->group_cipher = WPA_CIPHER_WEP104;
406 break;
407 } else if (ssid->wep_key_len[i] > 0) {
408 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
409 wpa_s->group_cipher = WPA_CIPHER_WEP40;
410 break;
411 }
412 }
413
414 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
415 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
416 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
417 wpa_s->pairwise_cipher);
418 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
419#ifdef CONFIG_IEEE80211W
420 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
421 wpa_s->mgmt_group_cipher);
422#endif /* CONFIG_IEEE80211W */
423
424 pmksa_cache_clear_current(wpa_s->wpa);
425}
426
427
6979582c 428void free_hw_features(struct wpa_supplicant *wpa_s)
6bf731e8
CL		 429{
430 int i;
431 if (wpa_s->hw.modes == NULL)
432 return;
433
434 for (i = 0; i < wpa_s->hw.num_modes; i++) {
435 os_free(wpa_s->hw.modes[i].channels);
436 os_free(wpa_s->hw.modes[i].rates);
437 }
438
439 os_free(wpa_s->hw.modes);
440 wpa_s->hw.modes = NULL;
441}
442
443
dd599908
AS		 444static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
445{
446 struct wpa_bss_tmp_disallowed *bss, *prev;
447
448 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
449 struct wpa_bss_tmp_disallowed, list) {
b04854ce 450 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
dd599908
AS		 451 dl_list_del(&bss->list);
452 os_free(bss);
453 }
454}
455
456
5732b770
JM		 457void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
458{
459 struct fils_hlp_req *req;
460
461 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
462 list)) != NULL) {
463 dl_list_del(&req->list);
464 wpabuf_free(req->pkt);
465 os_free(req);
466 }
467}
468
469
6fc6879b
JM		 470static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
471{
86bd36f0
JM		 472 int i;
473
60b94c98 474 bgscan_deinit(wpa_s);
7c865c68 475 autoscan_deinit(wpa_s);
6fc6879b
JM		 476 scard_deinit(wpa_s->scard);
477 wpa_s->scard = NULL;
478 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
479 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
480 l2_packet_deinit(wpa_s->l2);
481 wpa_s->l2 = NULL;
482 if (wpa_s->l2_br) {
483 l2_packet_deinit(wpa_s->l2_br);
484 wpa_s->l2_br = NULL;
485 }
4a6cc862
JM		 486#ifdef CONFIG_TESTING_OPTIONS
487 l2_packet_deinit(wpa_s->l2_test);
488 wpa_s->l2_test = NULL;
c06fca04
JM		 489 os_free(wpa_s->get_pref_freq_list_override);
490 wpa_s->get_pref_freq_list_override = NULL;
daa40960
JM		 491 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
492 wpa_s->last_assoc_req_wpa_ie = NULL;
4a6cc862 493#endif /* CONFIG_TESTING_OPTIONS */
6fc6879b 494
6fc6879b 495 if (wpa_s->conf != NULL) {
8e56d189
JM		 496 struct wpa_ssid *ssid;
497 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
498 wpas_notify_network_removed(wpa_s, ssid);
6fc6879b
JM		 499 }
500
501 os_free(wpa_s->confname);
502 wpa_s->confname = NULL;
503
e6304cad
DS		 504 os_free(wpa_s->confanother);
505 wpa_s->confanother = NULL;
506
6fc6879b
JM		 507 wpa_sm_set_eapol(wpa_s->wpa, NULL);
508 eapol_sm_deinit(wpa_s->eapol);
509 wpa_s->eapol = NULL;
510
511 rsn_preauth_deinit(wpa_s->wpa);
512
281ff0aa
GP		 513#ifdef CONFIG_TDLS
514 wpa_tdls_deinit(wpa_s->wpa);
515#endif /* CONFIG_TDLS */
516
8c42b369 517 wmm_ac_clear_saved_tspecs(wpa_s);
6fc6879b
JM		 518 pmksa_candidate_free(wpa_s->wpa);
519 wpa_sm_deinit(wpa_s->wpa);
520 wpa_s->wpa = NULL;
521 wpa_blacklist_clear(wpa_s);
522
83922c2d 523 wpa_bss_deinit(wpa_s);
6fc6879b 524
831770bf 525 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
6fc6879b
JM		 526 wpa_supplicant_cancel_scan(wpa_s);
527 wpa_supplicant_cancel_auth_timeout(wpa_s);
01a17491
JM		 528 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
529#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
530 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
531 wpa_s, NULL);
532#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
6fc6879b 533
9bd566a3
AS		 534 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
535
116654ce 536 wpas_wps_deinit(wpa_s);
11ef8d35 537
1ff73338
JM		 538 wpabuf_free(wpa_s->pending_eapol_rx);
539 wpa_s->pending_eapol_rx = NULL;
540
11ef8d35
JM		 541#ifdef CONFIG_IBSS_RSN
542 ibss_rsn_deinit(wpa_s->ibss_rsn);
543 wpa_s->ibss_rsn = NULL;
544#endif /* CONFIG_IBSS_RSN */
c2a04078 545
e29853bb 546 sme_deinit(wpa_s);
2d5b792d
JM		 547
548#ifdef CONFIG_AP
549 wpa_supplicant_ap_deinit(wpa_s);
550#endif /* CONFIG_AP */
b22128ef 551
b22128ef 552 wpas_p2p_deinit(wpa_s);
f47d639d 553
24f6497c
JM		 554#ifdef CONFIG_OFFCHANNEL
555 offchannel_deinit(wpa_s);
556#endif /* CONFIG_OFFCHANNEL */
557
a4cba8f1
LC		 558 wpa_supplicant_cancel_sched_scan(wpa_s);
559
f47d639d
JM		 560 os_free(wpa_s->next_scan_freqs);
561 wpa_s->next_scan_freqs = NULL;
fee52342
JM		 562
563 os_free(wpa_s->manual_scan_freqs);
564 wpa_s->manual_scan_freqs = NULL;
88a44755
JM		 565 os_free(wpa_s->select_network_scan_freqs);
566 wpa_s->select_network_scan_freqs = NULL;
04ea7b79 567
d3c9c35f
DS		 568 os_free(wpa_s->manual_sched_scan_freqs);
569 wpa_s->manual_sched_scan_freqs = NULL;
570
56c76fa5
IP		 571 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
572
57e832de
IP		 573 /*
574 * Need to remove any pending gas-query radio work before the
575 * gas_query_deinit() call because gas_query::work has not yet been set
576 * for works that have not been started. gas_query_free() will be unable
577 * to cancel such pending radio works and once the pending gas-query
578 * radio work eventually gets removed, the deinit notification call to
579 * gas_query_start_cb() would result in dereferencing freed memory.
580 */
581 if (wpa_s->radio)
582 radio_remove_works(wpa_s, "gas-query", 0);
04ea7b79
JM		 583 gas_query_deinit(wpa_s->gas);
584 wpa_s->gas = NULL;
461d39af
JM		 585 gas_server_deinit(wpa_s->gas_server);
586 wpa_s->gas_server = NULL;
6bf731e8
CL		 587
588 free_hw_features(wpa_s);
d445a5cd 589
dd10abcc
HW		 590 ieee802_1x_dealloc_kay_sm(wpa_s);
591
d445a5cd
JM		 592 os_free(wpa_s->bssid_filter);
593 wpa_s->bssid_filter = NULL;
b6668734 594
6407f413
JM		 595 os_free(wpa_s->disallow_aps_bssid);
596 wpa_s->disallow_aps_bssid = NULL;
597 os_free(wpa_s->disallow_aps_ssid);
598 wpa_s->disallow_aps_ssid = NULL;
599
b6668734 600 wnm_bss_keep_alive_deinit(wpa_s);
e27d20bb
VK		 601#ifdef CONFIG_WNM
602 wnm_deallocate_memory(wpa_s);
603#endif /* CONFIG_WNM */
306ae225
JM		 604
605 ext_password_deinit(wpa_s->ext_pw);
606 wpa_s->ext_pw = NULL;
b1f12296
JM		 607
608 wpabuf_free(wpa_s->last_gas_resp);
b6a9590b
JM		 609 wpa_s->last_gas_resp = NULL;
610 wpabuf_free(wpa_s->prev_gas_resp);
611 wpa_s->prev_gas_resp = NULL;
a297201d
JM		 612
613 os_free(wpa_s->last_scan_res);
614 wpa_s->last_scan_res = NULL;
b572df86
JM		 615
616#ifdef CONFIG_HS20
ece4ac5f
MG		 617 if (wpa_s->drv_priv)
618 wpa_drv_configure_frame_filters(wpa_s, 0);
fb2ac53d 619 hs20_deinit(wpa_s);
b572df86 620#endif /* CONFIG_HS20 */
86bd36f0
JM		 621
622 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
623 wpabuf_free(wpa_s->vendor_elem[i]);
624 wpa_s->vendor_elem[i] = NULL;
625 }
3882a708
JM		 626
627 wmm_ac_notify_disassoc(wpa_s);
32c02261
AS		 628
629 wpa_s->sched_scan_plans_num = 0;
630 os_free(wpa_s->sched_scan_plans);
631 wpa_s->sched_scan_plans = NULL;
92c6e2e3
DS		 632
633#ifdef CONFIG_MBO
634 wpa_s->non_pref_chan_num = 0;
635 os_free(wpa_s->non_pref_chan);
636 wpa_s->non_pref_chan = NULL;
637#endif /* CONFIG_MBO */
dd599908
AS		 638
639 free_bss_tmp_disallowed(wpa_s);
4a742011
DS		 640
641 wpabuf_free(wpa_s->lci);
642 wpa_s->lci = NULL;
76196ddb 643 wpas_clear_beacon_rep_data(wpa_s);
4d77d80e
MH		 644
645#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
646#ifdef CONFIG_MESH
647 {
648 struct external_pmksa_cache *entry;
649
650 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
651 struct external_pmksa_cache,
652 list)) != NULL) {
653 dl_list_del(&entry->list);
654 os_free(entry->pmksa_cache);
655 os_free(entry);
656 }
657 }
658#endif /* CONFIG_MESH */
659#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5732b770
JM		 660
661 wpas_flush_fils_hlp_req(wpa_s);
c6c41f6e
JM		 662
663 wpabuf_free(wpa_s->ric_ies);
664 wpa_s->ric_ies = NULL;
be27e185
JM		 665
666#ifdef CONFIG_DPP
667 wpas_dpp_deinit(wpa_s);
668#endif /* CONFIG_DPP */
6fc6879b
JM		 669}
670
671
672/**
673 * wpa_clear_keys - Clear keys configured for the driver
674 * @wpa_s: Pointer to wpa_supplicant data
675 * @addr: Previously used BSSID or %NULL if not available
676 *
677 * This function clears the encryption keys that has been previously configured
678 * for the driver.
679 */
680void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
681{
2f30cac3 682 int i, max;
6fc6879b 683
0e27f655 684#ifdef CONFIG_IEEE80211W
2f30cac3
JM		 685 max = 6;
686#else /* CONFIG_IEEE80211W */
687 max = 4;
0e27f655 688#endif /* CONFIG_IEEE80211W */
2f30cac3
JM		 689
690 /* MLME-DELETEKEYS.request */
691 for (i = 0; i < max; i++) {
692 if (wpa_s->keys_cleared & BIT(i))
693 continue;
694 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
695 NULL, 0);
696 }
697 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
698 !is_zero_ether_addr(addr)) {
6fc6879b
JM		 699 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
700 0);
701 /* MLME-SETPROTECTION.request(None) */
702 wpa_drv_mlme_setprotection(
703 wpa_s, addr,
704 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
705 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
706 }
2f30cac3 707 wpa_s->keys_cleared = (u32) -1;
6fc6879b
JM		 708}
709
710
711/**
712 * wpa_supplicant_state_txt - Get the connection state name as a text string
713 * @state: State (wpa_state; WPA_*)
714 * Returns: The state name as a printable text string
715 */
71934751 716const char * wpa_supplicant_state_txt(enum wpa_states state)
6fc6879b
JM		 717{
718 switch (state) {
719 case WPA_DISCONNECTED:
720 return "DISCONNECTED";
721 case WPA_INACTIVE:
722 return "INACTIVE";
8401a6b0
JM		 723 case WPA_INTERFACE_DISABLED:
724 return "INTERFACE_DISABLED";
6fc6879b
JM		 725 case WPA_SCANNING:
726 return "SCANNING";
c2a04078
JM		 727 case WPA_AUTHENTICATING:
728 return "AUTHENTICATING";
6fc6879b
JM		 729 case WPA_ASSOCIATING:
730 return "ASSOCIATING";
731 case WPA_ASSOCIATED:
732 return "ASSOCIATED";
733 case WPA_4WAY_HANDSHAKE:
734 return "4WAY_HANDSHAKE";
735 case WPA_GROUP_HANDSHAKE:
736 return "GROUP_HANDSHAKE";
737 case WPA_COMPLETED:
738 return "COMPLETED";
739 default:
740 return "UNKNOWN";
741 }
742}
743
744
cfe53c9a
PS		 745#ifdef CONFIG_BGSCAN
746
747static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
748{
31392709
HD		 749 const char *name;
750
751 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
752 name = wpa_s->current_ssid->bgscan;
753 else
754 name = wpa_s->conf->bgscan;
268043d5 755 if (name == NULL || name[0] == '\0')
31392709 756 return;
0096c427
JM		 757 if (wpas_driver_bss_selection(wpa_s))
758 return;
cfe53c9a
PS		 759 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
760 return;
aa109830
DS		 761#ifdef CONFIG_P2P
762 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
763 return;
764#endif /* CONFIG_P2P */
cfe53c9a
PS		 765
766 bgscan_deinit(wpa_s);
31392709
HD		 767 if (wpa_s->current_ssid) {
768 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
cfe53c9a
PS		 769 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
770 "bgscan");
771 /*
772 * Live without bgscan; it is only used as a roaming
773 * optimization, so the initial connection is not
774 * affected.
775 */
6409b7a7
YD		 776 } else {
777 struct wpa_scan_results *scan_res;
cfe53c9a 778 wpa_s->bgscan_ssid = wpa_s->current_ssid;
6409b7a7
YD		 779 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
780 0);
781 if (scan_res) {
782 bgscan_notify_scan(wpa_s, scan_res);
783 wpa_scan_results_free(scan_res);
784 }
785 }
cfe53c9a
PS		 786 } else
787 wpa_s->bgscan_ssid = NULL;
788}
789
790
791static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
792{
793 if (wpa_s->bgscan_ssid != NULL) {
794 bgscan_deinit(wpa_s);
795 wpa_s->bgscan_ssid = NULL;
796 }
797}
798
799#endif /* CONFIG_BGSCAN */
800
801
7c865c68
TB		 802static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
803{
99218999 804 if (autoscan_init(wpa_s, 0))
7c865c68
TB		 805 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
806}
807
808
809static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
810{
811 autoscan_deinit(wpa_s);
812}
813
814
c3d12238
JM		 815void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
816{
817 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
818 wpa_s->wpa_state == WPA_SCANNING) {
819 autoscan_deinit(wpa_s);
820 wpa_supplicant_start_autoscan(wpa_s);
821 }
822}
823
824
6fc6879b
JM		 825/**
826 * wpa_supplicant_set_state - Set current connection state
827 * @wpa_s: Pointer to wpa_supplicant data
828 * @state: The new connection state
829 *
830 * This function is called whenever the connection state changes, e.g.,
831 * association is completed for WPA/WPA2 4-Way Handshake is started.
832 */
71934751
JM		 833void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
834 enum wpa_states state)
6fc6879b 835{
27f43d8d
MH		 836 enum wpa_states old_state = wpa_s->wpa_state;
837
f049052b
BG		 838 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
839 wpa_supplicant_state_txt(wpa_s->wpa_state),
840 wpa_supplicant_state_txt(state));
6fc6879b 841
5ddd07cb
AS		 842 if (state == WPA_INTERFACE_DISABLED) {
843 /* Assure normal scan when interface is restored */
844 wpa_s->normal_scans = 0;
845 }
846
0cf24fda 847 if (state == WPA_COMPLETED) {
6ac4b15e 848 wpas_connect_work_done(wpa_s);
0cf24fda
LC		 849 /* Reinitialize normal_scan counter */
850 wpa_s->normal_scans = 0;
851 }
6ac4b15e 852
07c1e987
MS		 853#ifdef CONFIG_P2P
854 /*
855 * P2PS client has to reply to Probe Request frames received on the
856 * group operating channel. Enable Probe Request frame reporting for
857 * P2P connected client in case p2p_cli_probe configuration property is
858 * set to 1.
859 */
860 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
861 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
862 wpa_s->current_ssid->p2p_group) {
863 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
864 wpa_dbg(wpa_s, MSG_DEBUG,
865 "P2P: Enable CLI Probe Request RX reporting");
866 wpa_s->p2p_cli_probe =
867 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
868 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
869 wpa_dbg(wpa_s, MSG_DEBUG,
870 "P2P: Disable CLI Probe Request RX reporting");
871 wpa_s->p2p_cli_probe = 0;
872 wpa_drv_probe_req_report(wpa_s, 0);
873 }
874 }
875#endif /* CONFIG_P2P */
876
cb8564b1
DW		 877 if (state != WPA_SCANNING)
878 wpa_supplicant_notify_scanning(wpa_s, 0);
879
6fc6879b 880 if (state == WPA_COMPLETED && wpa_s->new_connection) {
6fc6879b 881 struct wpa_ssid *ssid = wpa_s->current_ssid;
da6a28ba
VK		 882 int fils_hlp_sent = 0;
883
884#ifdef CONFIG_SME
885 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
886 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
887 fils_hlp_sent = 1;
888#endif /* CONFIG_SME */
889 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
890 wpa_auth_alg_fils(wpa_s->auth_alg))
891 fils_hlp_sent = 1;
892
7d37a357 893#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
6fc6879b 894 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
da6a28ba 895 MACSTR " completed [id=%d id_str=%s%s]",
1cfc6787 896 MAC2STR(wpa_s->bssid),
6fc6879b 897 ssid ? ssid->id : -1,
da6a28ba
VK		 898 ssid && ssid->id_str ? ssid->id_str : "",
899 fils_hlp_sent ? " FILS_HLP_SENT" : "");
6fc6879b 900#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
00e5e3d5 901 wpas_clear_temp_disabled(wpa_s, ssid, 1);
a20a3616 902 wpa_blacklist_clear(wpa_s);
f1a52633 903 wpa_s->extra_blacklist_count = 0;
6fc6879b 904 wpa_s->new_connection = 0;
6fc6879b 905 wpa_drv_set_operstate(wpa_s, 1);
99ac2913
FF		 906#ifndef IEEE8021X_EAPOL
907 wpa_drv_set_supp_port(wpa_s, 1);
908#endif /* IEEE8021X_EAPOL */
17a4734d 909 wpa_s->after_wps = 0;
4d9fb08d 910 wpa_s->known_wps_freq = 0;
b22128ef 911 wpas_p2p_completed(wpa_s);
c3701c66
RM		 912
913 sme_sched_obss_scan(wpa_s, 1);
6338c99e
VK		 914
915#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
916 if (!fils_hlp_sent && ssid && ssid->eap.erp)
917 wpas_update_fils_connect_params(wpa_s);
918#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
6fc6879b
JM		 919 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
920 state == WPA_ASSOCIATED) {
921 wpa_s->new_connection = 1;
922 wpa_drv_set_operstate(wpa_s, 0);
99ac2913
FF		 923#ifndef IEEE8021X_EAPOL
924 wpa_drv_set_supp_port(wpa_s, 0);
925#endif /* IEEE8021X_EAPOL */
c3701c66 926 sme_sched_obss_scan(wpa_s, 0);
6fc6879b
JM		 927 }
928 wpa_s->wpa_state = state;
27f43d8d 929
cfe53c9a
PS		 930#ifdef CONFIG_BGSCAN
931 if (state == WPA_COMPLETED)
932 wpa_supplicant_start_bgscan(wpa_s);
37271232 933 else if (state < WPA_ASSOCIATED)
cfe53c9a
PS		 934 wpa_supplicant_stop_bgscan(wpa_s);
935#endif /* CONFIG_BGSCAN */
936
7c865c68
TB		 937 if (state == WPA_AUTHENTICATING)
938 wpa_supplicant_stop_autoscan(wpa_s);
939
940 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
941 wpa_supplicant_start_autoscan(wpa_s);
942
fecc2bb5
EP		 943 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
944 wmm_ac_notify_disassoc(wpa_s);
945
5bbf9f10 946 if (wpa_s->wpa_state != old_state) {
27f43d8d 947 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
5bbf9f10 948
e3bd6e9d
IP		 949 /*
950 * Notify the P2P Device interface about a state change in one
951 * of the interfaces.
952 */
953 wpas_p2p_indicate_state_change(wpa_s);
e3bd6e9d 954
5bbf9f10
PS		 955 if (wpa_s->wpa_state == WPA_COMPLETED ||
956 old_state == WPA_COMPLETED)
957 wpas_notify_auth_changed(wpa_s);
958 }
6fc6879b
JM		 959}
960
961
1a1bf008
JM		 962void wpa_supplicant_terminate_proc(struct wpa_global *global)
963{
964 int pending = 0;
965#ifdef CONFIG_WPS
966 struct wpa_supplicant *wpa_s = global->ifaces;
967 while (wpa_s) {
ab41595f 968 struct wpa_supplicant *next = wpa_s->next;
5516ed32
EA		 969 if (wpas_wps_terminate_pending(wpa_s) == 1)
970 pending = 1;
20625e97
JM		 971#ifdef CONFIG_P2P
972 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
973 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
974 wpas_p2p_disconnect(wpa_s);
975#endif /* CONFIG_P2P */
ab41595f 976 wpa_s = next;
1a1bf008
JM		 977 }
978#endif /* CONFIG_WPS */
979 if (pending)
980 return;
981 eloop_terminate();
982}
983
984
0456ea16 985static void wpa_supplicant_terminate(int sig, void *signal_ctx)
6fc6879b 986{
0456ea16 987 struct wpa_global *global = signal_ctx;
1a1bf008 988 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 989}
990
991
b22128ef 992void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
6fc6879b 993{
71934751 994 enum wpa_states old_state = wpa_s->wpa_state;
27f43d8d 995
6fc6879b
JM		 996 wpa_s->pairwise_cipher = 0;
997 wpa_s->group_cipher = 0;
998 wpa_s->mgmt_group_cipher = 0;
999 wpa_s->key_mgmt = 0;
8401a6b0 1000 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
99218999 1001 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
27f43d8d
MH		 1002
1003 if (wpa_s->wpa_state != old_state)
1004 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
6fc6879b
JM		 1005}
1006
1007
1008/**
1009 * wpa_supplicant_reload_configuration - Reload configuration data
1010 * @wpa_s: Pointer to wpa_supplicant data
1011 * Returns: 0 on success or -1 if configuration parsing failed
1012 *
1013 * This function can be used to request that the configuration data is reloaded
1014 * (e.g., after configuration file change). This function is reloading
1015 * configuration only for one interface, so this may need to be called multiple
1016 * times if %wpa_supplicant is controlling multiple interfaces and all
1017 * interfaces need reconfiguration.
1018 */
1019int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1020{
1021 struct wpa_config *conf;
1022 int reconf_ctrl;
8bac466b
JM		 1023 int old_ap_scan;
1024
6fc6879b
JM		 1025 if (wpa_s->confname == NULL)
1026 return -1;
e6304cad 1027 conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 1028 if (conf == NULL) {
1029 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1030 "file '%s' - exiting", wpa_s->confname);
1031 return -1;
1032 }
3bd35b68
JM		 1033 if (wpa_s->confanother &&
1034 !wpa_config_read(wpa_s->confanother, conf)) {
1035 wpa_msg(wpa_s, MSG_ERROR,
1036 "Failed to parse the configuration file '%s' - exiting",
1037 wpa_s->confanother);
1038 return -1;
1039 }
e6304cad 1040
611aea7d 1041 conf->changed_parameters = (unsigned int) -1;
6fc6879b
JM		 1042
1043 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1044 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1045 os_strcmp(conf->ctrl_interface,
1046 wpa_s->conf->ctrl_interface) != 0);
1047
1048 if (reconf_ctrl && wpa_s->ctrl_iface) {
1049 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1050 wpa_s->ctrl_iface = NULL;
1051 }
1052
1053 eapol_sm_invalidate_cached_session(wpa_s->eapol);
7b7ce8aa 1054 if (wpa_s->current_ssid) {
e66bcedd
JM		 1055 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1056 wpa_s->own_disconnect_req = 1;
7b7ce8aa
JM		 1057 wpa_supplicant_deauthenticate(wpa_s,
1058 WLAN_REASON_DEAUTH_LEAVING);
1059 }
8bac466b 1060
6fc6879b
JM		 1061 /*
1062 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
07e2de31 1063 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
6fc6879b 1064 */
a1ea1b45 1065 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
567da5bb
JM		 1066 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1067 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
6fc6879b
JM		 1068 /*
1069 * Clear forced success to clear EAP state for next
1070 * authentication.
1071 */
1072 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1073 }
1074 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1075 wpa_sm_set_config(wpa_s->wpa, NULL);
d8a790b9 1076 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
6fc6879b
JM		 1077 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1078 rsn_preauth_deinit(wpa_s->wpa);
8bac466b
JM		 1079
1080 old_ap_scan = wpa_s->conf->ap_scan;
6fc6879b
JM		 1081 wpa_config_free(wpa_s->conf);
1082 wpa_s->conf = conf;
8bac466b
JM		 1083 if (old_ap_scan != wpa_s->conf->ap_scan)
1084 wpas_notify_ap_scan_changed(wpa_s);
1085
6fc6879b
JM		 1086 if (reconf_ctrl)
1087 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1088
611aea7d
JM		 1089 wpa_supplicant_update_config(wpa_s);
1090
6fc6879b 1091 wpa_supplicant_clear_status(wpa_s);
349493bd 1092 if (wpa_supplicant_enabled_networks(wpa_s)) {
43a38635
JM		 1093 wpa_s->reassociate = 1;
1094 wpa_supplicant_req_scan(wpa_s, 0, 0);
1095 }
f049052b 1096 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
6fc6879b
JM		 1097 return 0;
1098}
1099
1100
0456ea16 1101static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
6fc6879b 1102{
0456ea16 1103 struct wpa_global *global = signal_ctx;
6fc6879b 1104 struct wpa_supplicant *wpa_s;
6fc6879b 1105 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
f049052b
BG		 1106 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1107 sig);
6fc6879b 1108 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1a1bf008 1109 wpa_supplicant_terminate_proc(global);
6fc6879b
JM		 1110 }
1111 }
1248e584
LR		 1112
1113 if (wpa_debug_reopen_file() < 0) {
1114 /* Ignore errors since we cannot really do much to fix this */
1115 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1116 }
6fc6879b
JM		 1117}
1118
1119
6fc6879b
JM		 1120static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1121 struct wpa_ssid *ssid,
1122 struct wpa_ie_data *ie)
1123{
1124 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1125 if (ret) {
1126 if (ret == -2) {
1127 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1128 "from association info");
1129 }
1130 return -1;
1131 }
1132
f049052b
BG		 1133 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1134 "cipher suites");
6fc6879b
JM		 1135 if (!(ie->group_cipher & ssid->group_cipher)) {
1136 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1137 "cipher 0x%x (mask 0x%x) - reject",
1138 ie->group_cipher, ssid->group_cipher);
1139 return -1;
1140 }
1141 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1142 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1143 "cipher 0x%x (mask 0x%x) - reject",
1144 ie->pairwise_cipher, ssid->pairwise_cipher);
1145 return -1;
1146 }
1147 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1148 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1149 "management 0x%x (mask 0x%x) - reject",
1150 ie->key_mgmt, ssid->key_mgmt);
1151 return -1;
1152 }
1153
1154#ifdef CONFIG_IEEE80211W
0b60b0aa 1155 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
3f56a2b7 1156 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
6fc6879b
JM		 1157 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1158 "that does not support management frame protection - "
1159 "reject");
1160 return -1;
1161 }
1162#endif /* CONFIG_IEEE80211W */
1163
1164 return 0;
1165}
1166
1167
1168/**
1169 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1170 * @wpa_s: Pointer to wpa_supplicant data
1171 * @bss: Scan results for the selected BSS, or %NULL if not available
1172 * @ssid: Configuration data for the selected network
1173 * @wpa_ie: Buffer for the WPA/RSN IE
1174 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1175 * used buffer length in case the functions returns success.
1176 * Returns: 0 on success or -1 on failure
1177 *
1178 * This function is used to configure authentication and encryption parameters
1179 * based on the network configuration and scan result for the selected BSS (if
1180 * available).
1181 */
1182int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
6fa81a3b 1183 struct wpa_bss *bss, struct wpa_ssid *ssid,
6fc6879b
JM		 1184 u8 *wpa_ie, size_t *wpa_ie_len)
1185{
1186 struct wpa_ie_data ie;
1187 int sel, proto;
df0f01d9 1188 const u8 *bss_wpa, *bss_rsn, *bss_osen;
6fc6879b
JM		 1189
1190 if (bss) {
6fa81a3b
JM		 1191 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1192 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
df0f01d9 1193 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
6fc6879b 1194 } else
df0f01d9 1195 bss_wpa = bss_rsn = bss_osen = NULL;
6fc6879b
JM		 1196
1197 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1198 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1199 (ie.group_cipher & ssid->group_cipher) &&
1200 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1201 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1202 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
6fc6879b
JM		 1203 proto = WPA_PROTO_RSN;
1204 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
267ac3bc 1205 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
6fc6879b
JM		 1206 (ie.group_cipher & ssid->group_cipher) &&
1207 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1208 (ie.key_mgmt & ssid->key_mgmt)) {
f049052b 1209 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
6fc6879b 1210 proto = WPA_PROTO_WPA;
df0f01d9
JM		 1211#ifdef CONFIG_HS20
1212 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1213 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1214 /* TODO: parse OSEN element */
137ff332 1215 os_memset(&ie, 0, sizeof(ie));
df0f01d9
JM		 1216 ie.group_cipher = WPA_CIPHER_CCMP;
1217 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1218 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1219 proto = WPA_PROTO_OSEN;
1220#endif /* CONFIG_HS20 */
6fc6879b
JM		 1221 } else if (bss) {
1222 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
267ac3bc
JM		 1223 wpa_dbg(wpa_s, MSG_DEBUG,
1224 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1225 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1226 ssid->key_mgmt);
1227 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1228 MAC2STR(bss->bssid),
1229 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1230 bss_wpa ? " WPA" : "",
1231 bss_rsn ? " RSN" : "",
1232 bss_osen ? " OSEN" : "");
1233 if (bss_rsn) {
1234 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1235 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1236 wpa_dbg(wpa_s, MSG_DEBUG,
1237 "Could not parse RSN element");
1238 } else {
1239 wpa_dbg(wpa_s, MSG_DEBUG,
1240 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1241 ie.pairwise_cipher, ie.group_cipher,
1242 ie.key_mgmt);
1243 }
1244 }
1245 if (bss_wpa) {
1246 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1247 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1248 wpa_dbg(wpa_s, MSG_DEBUG,
1249 "Could not parse WPA element");
1250 } else {
1251 wpa_dbg(wpa_s, MSG_DEBUG,
1252 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1253 ie.pairwise_cipher, ie.group_cipher,
1254 ie.key_mgmt);
1255 }
1256 }
6fc6879b
JM		 1257 return -1;
1258 } else {
df0f01d9
JM		 1259 if (ssid->proto & WPA_PROTO_OSEN)
1260 proto = WPA_PROTO_OSEN;
1261 else if (ssid->proto & WPA_PROTO_RSN)
6fc6879b
JM		 1262 proto = WPA_PROTO_RSN;
1263 else
1264 proto = WPA_PROTO_WPA;
1265 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1266 os_memset(&ie, 0, sizeof(ie));
1267 ie.group_cipher = ssid->group_cipher;
1268 ie.pairwise_cipher = ssid->pairwise_cipher;
1269 ie.key_mgmt = ssid->key_mgmt;
1270#ifdef CONFIG_IEEE80211W
61a56c14
JM		 1271 ie.mgmt_group_cipher = 0;
1272 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1273 if (ssid->group_mgmt_cipher &
1274 WPA_CIPHER_BIP_GMAC_256)
1275 ie.mgmt_group_cipher =
1276 WPA_CIPHER_BIP_GMAC_256;
1277 else if (ssid->group_mgmt_cipher &
1278 WPA_CIPHER_BIP_CMAC_256)
1279 ie.mgmt_group_cipher =
1280 WPA_CIPHER_BIP_CMAC_256;
1281 else if (ssid->group_mgmt_cipher &
1282 WPA_CIPHER_BIP_GMAC_128)
1283 ie.mgmt_group_cipher =
1284 WPA_CIPHER_BIP_GMAC_128;
1285 else
1286 ie.mgmt_group_cipher =
1287 WPA_CIPHER_AES_128_CMAC;
1288 }
6fc6879b 1289#endif /* CONFIG_IEEE80211W */
c1790a5f
JM		 1290#ifdef CONFIG_OWE
1291 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1292 !ssid->owe_only &&
1293 !bss_wpa && !bss_rsn && !bss_osen) {
1294 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1295 wpa_s->wpa_proto = 0;
9f8d459d 1296 *wpa_ie_len = 0;
c1790a5f
JM		 1297 return 0;
1298 }
1299#endif /* CONFIG_OWE */
f049052b
BG		 1300 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1301 "based on configuration");
6fc6879b
JM		 1302 } else
1303 proto = ie.proto;
1304 }
1305
f049052b
BG		 1306 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1307 "pairwise %d key_mgmt %d proto %d",
1308 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
6fc6879b
JM		 1309#ifdef CONFIG_IEEE80211W
1310 if (ssid->ieee80211w) {
f049052b
BG		 1311 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1312 ie.mgmt_group_cipher);
6fc6879b
JM		 1313 }
1314#endif /* CONFIG_IEEE80211W */
1315
64fa840a 1316 wpa_s->wpa_proto = proto;
6fc6879b
JM		 1317 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1318 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
df0f01d9 1319 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
6fc6879b
JM		 1320
1321 if (bss || !wpa_s->ap_ies_from_associnfo) {
1322 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1323 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1324 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1325 bss_rsn ? 2 + bss_rsn[1] : 0))
1326 return -1;
1327 }
1328
9e68742e
JM		 1329#ifdef CONFIG_NO_WPA
1330 wpa_s->group_cipher = WPA_CIPHER_NONE;
1331 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1332#else /* CONFIG_NO_WPA */
6fc6879b 1333 sel = ie.group_cipher & ssid->group_cipher;
edbd2a19
JM		 1334 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1335 if (wpa_s->group_cipher < 0) {
f049052b
BG		 1336 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1337 "cipher");
6fc6879b
JM		 1338 return -1;
1339 }
edbd2a19
JM		 1340 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1341 wpa_cipher_txt(wpa_s->group_cipher));
6fc6879b
JM		 1342
1343 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
edbd2a19
JM		 1344 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1345 if (wpa_s->pairwise_cipher < 0) {
f049052b
BG		 1346 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1347 "cipher");
6fc6879b
JM		 1348 return -1;
1349 }
edbd2a19
JM		 1350 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1351 wpa_cipher_txt(wpa_s->pairwise_cipher));
9e68742e 1352#endif /* CONFIG_NO_WPA */
6fc6879b
JM		 1353
1354 sel = ie.key_mgmt & ssid->key_mgmt;
c10347f2
JM		 1355#ifdef CONFIG_SAE
1356 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1357 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1358#endif /* CONFIG_SAE */
6fc6879b 1359 if (0) {
5e3b5197
JM		 1360#ifdef CONFIG_SUITEB192
1361 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1362 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1363 wpa_dbg(wpa_s, MSG_DEBUG,
1364 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1365#endif /* CONFIG_SUITEB192 */
1366#ifdef CONFIG_SUITEB
666497c8
JM		 1367 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1368 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1369 wpa_dbg(wpa_s, MSG_DEBUG,
1370 "WPA: using KEY_MGMT 802.1X with Suite B");
5e3b5197 1371#endif /* CONFIG_SUITEB */
b8ae56e4
JM		 1372#ifdef CONFIG_FILS
1373#ifdef CONFIG_IEEE80211R
1374 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1375 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1376 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1377 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1378 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1379 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1380#endif /* CONFIG_IEEE80211R */
1381 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1382 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1383 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1384 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1385 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1386 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1387#endif /* CONFIG_FILS */
6fc6879b
JM		 1388#ifdef CONFIG_IEEE80211R
1389 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1390 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
f049052b 1391 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
833bb2ab
JM		 1392 if (pmksa_cache_get_current(wpa_s->wpa)) {
1393 /* PMKSA caching with FT is not fully functional, so
1394 * disable the case for now. */
1395 wpa_dbg(wpa_s, MSG_DEBUG,
1396 "WPA: Disable PMKSA caching for FT/802.1X connection");
1397 pmksa_cache_clear_current(wpa_s->wpa);
1398 }
6fc6879b
JM		 1399 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1400 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
f049052b 1401 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
6fc6879b 1402#endif /* CONFIG_IEEE80211R */
c10347f2
JM		 1403#ifdef CONFIG_SAE
1404 } else if (sel & WPA_KEY_MGMT_SAE) {
1405 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1406 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1407 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1408 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1409 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1410#endif /* CONFIG_SAE */
56586197
JM		 1411#ifdef CONFIG_IEEE80211W
1412 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1413 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
f049052b 1414 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1415 "WPA: using KEY_MGMT 802.1X with SHA256");
1416 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1417 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
f049052b 1418 wpa_dbg(wpa_s, MSG_DEBUG,
56586197
JM		 1419 "WPA: using KEY_MGMT PSK with SHA256");
1420#endif /* CONFIG_IEEE80211W */
6fc6879b
JM		 1421 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1422 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
f049052b 1423 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
6fc6879b
JM		 1424 } else if (sel & WPA_KEY_MGMT_PSK) {
1425 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
f049052b 1426 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
6fc6879b
JM		 1427 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1428 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
f049052b 1429 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
df0f01d9
JM		 1430#ifdef CONFIG_HS20
1431 } else if (sel & WPA_KEY_MGMT_OSEN) {
1432 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1433 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1434#endif /* CONFIG_HS20 */
a1ea1b45
JM		 1435#ifdef CONFIG_OWE
1436 } else if (sel & WPA_KEY_MGMT_OWE) {
1437 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1438 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1439#endif /* CONFIG_OWE */
567da5bb
JM		 1440#ifdef CONFIG_DPP
1441 } else if (sel & WPA_KEY_MGMT_DPP) {
1442 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1443 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1444#endif /* CONFIG_DPP */
6fc6879b 1445 } else {
f049052b
BG		 1446 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1447 "authenticated key management type");
6fc6879b
JM		 1448 return -1;
1449 }
1450
1451 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1452 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1453 wpa_s->pairwise_cipher);
1454 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1455
1456#ifdef CONFIG_IEEE80211W
1457 sel = ie.mgmt_group_cipher;
61a56c14
JM		 1458 if (ssid->group_mgmt_cipher)
1459 sel &= ssid->group_mgmt_cipher;
3f56a2b7 1460 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
0b60b0aa 1461 !(ie.capabilities & WPA_CAPABILITY_MFPC))
6fc6879b
JM		 1462 sel = 0;
1463 if (sel & WPA_CIPHER_AES_128_CMAC) {
1464 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
f049052b 1465 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
6fc6879b 1466 "AES-128-CMAC");
8dd9f9cd
JM		 1467 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1468 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1469 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1470 "BIP-GMAC-128");
1471 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1472 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1473 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1474 "BIP-GMAC-256");
1475 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1476 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1477 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1478 "BIP-CMAC-256");
6fc6879b
JM		 1479 } else {
1480 wpa_s->mgmt_group_cipher = 0;
f049052b 1481 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
6fc6879b
JM		 1482 }
1483 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1484 wpa_s->mgmt_group_cipher);
62d49803 1485 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
3f56a2b7 1486 wpas_get_ssid_pmf(wpa_s, ssid));
6fc6879b
JM		 1487#endif /* CONFIG_IEEE80211W */
1488
1489 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
f049052b 1490 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
6fc6879b
JM		 1491 return -1;
1492 }
1493
0bf927a0 1494 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
a52410c2 1495 int psk_set = 0;
06b1a104 1496 int sae_only;
a52410c2 1497
06b1a104
JM		 1498 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1499 WPA_KEY_MGMT_FT_PSK |
1500 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1501
1502 if (ssid->psk_set && !sae_only) {
66dbc8d9
JM		 1503 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1504 ssid->psk, PMK_LEN);
70c93963
MH		 1505 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1506 NULL);
a52410c2
JM		 1507 psk_set = 1;
1508 }
a34ca59e 1509
06b1a104
JM		 1510 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1511 (ssid->sae_password || ssid->passphrase))
a34ca59e
JM		 1512 psk_set = 1;
1513
7d232e23
ZC		 1514#ifndef CONFIG_NO_PBKDF2
1515 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
06b1a104 1516 ssid->passphrase && !sae_only) {
7d232e23 1517 u8 psk[PMK_LEN];
986de33d
JM		 1518 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1519 4096, psk, PMK_LEN);
7d232e23
ZC		 1520 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1521 psk, PMK_LEN);
70c93963 1522 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
a52410c2 1523 psk_set = 1;
e886c88e 1524 os_memset(psk, 0, sizeof(psk));
7d232e23
ZC		 1525 }
1526#endif /* CONFIG_NO_PBKDF2 */
9173b16f 1527#ifdef CONFIG_EXT_PASSWORD
06b1a104 1528 if (ssid->ext_psk && !sae_only) {
9173b16f
JM		 1529 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1530 ssid->ext_psk);
1531 char pw_str[64 + 1];
1532 u8 psk[PMK_LEN];
1533
1534 if (pw == NULL) {
1535 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1536 "found from external storage");
1537 return -1;
1538 }
1539
1540 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1541 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1542 "PSK length %d in external storage",
1543 (int) wpabuf_len(pw));
1544 ext_password_free(pw);
1545 return -1;
1546 }
1547
1548 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1549 pw_str[wpabuf_len(pw)] = '\0';
1550
1551#ifndef CONFIG_NO_PBKDF2
1552 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1553 {
986de33d
JM		 1554 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1555 4096, psk, PMK_LEN);
9173b16f
JM		 1556 os_memset(pw_str, 0, sizeof(pw_str));
1557 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1558 "external passphrase)",
1559 psk, PMK_LEN);
70c93963
MH		 1560 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1561 NULL);
a52410c2 1562 psk_set = 1;
e886c88e 1563 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1564 } else
1565#endif /* CONFIG_NO_PBKDF2 */
1566 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1567 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1568 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1569 "Invalid PSK hex string");
1570 os_memset(pw_str, 0, sizeof(pw_str));
1571 ext_password_free(pw);
1572 return -1;
1573 }
66dbc8d9
JM		 1574 wpa_hexdump_key(MSG_MSGDUMP,
1575 "PSK (from external PSK)",
1576 psk, PMK_LEN);
70c93963
MH		 1577 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1578 NULL);
a52410c2 1579 psk_set = 1;
e886c88e 1580 os_memset(psk, 0, sizeof(psk));
9173b16f
JM		 1581 } else {
1582 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1583 "PSK available");
1584 os_memset(pw_str, 0, sizeof(pw_str));
1585 ext_password_free(pw);
1586 return -1;
1587 }
1588
1589 os_memset(pw_str, 0, sizeof(pw_str));
1590 ext_password_free(pw);
1591 }
1592#endif /* CONFIG_EXT_PASSWORD */
a52410c2
JM		 1593
1594 if (!psk_set) {
1595 wpa_msg(wpa_s, MSG_INFO,
1596 "No PSK available for association");
06b1a104 1597 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
a52410c2
JM		 1598 return -1;
1599 }
675112df
JM		 1600#ifdef CONFIG_OWE
1601 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1602 /* OWE Diffie-Hellman exchange in (Re)Association
1603 * Request/Response frames set the PMK, so do not override it
1604 * here. */
1605#endif /* CONFIG_OWE */
7d232e23 1606 } else
6fc6879b
JM		 1607 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1608
1609 return 0;
1610}
1611
1612
8cd6b7bc 1613static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
03e47c9c 1614{
8cd6b7bc 1615 *pos = 0x00;
03e47c9c 1616
8cd6b7bc
JB		 1617 switch (idx) {
1618 case 0: /* Bits 0-7 */
1619 break;
1620 case 1: /* Bits 8-15 */
1621 break;
1622 case 2: /* Bits 16-23 */
1623#ifdef CONFIG_WNM
1624 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1625 *pos |= 0x08; /* Bit 19 - BSS Transition */
1626#endif /* CONFIG_WNM */
1627 break;
1628 case 3: /* Bits 24-31 */
1629#ifdef CONFIG_WNM
1630 *pos |= 0x02; /* Bit 25 - SSID List */
1631#endif /* CONFIG_WNM */
03e47c9c 1632#ifdef CONFIG_INTERWORKING
8cd6b7bc
JB		 1633 if (wpa_s->conf->interworking)
1634 *pos |= 0x80; /* Bit 31 - Interworking */
03e47c9c 1635#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1636 break;
1637 case 4: /* Bits 32-39 */
56f5af48 1638#ifdef CONFIG_INTERWORKING
429dd9af
JM		 1639 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1640 *pos |= 0x01; /* Bit 32 - QoS Map */
56f5af48 1641#endif /* CONFIG_INTERWORKING */
8cd6b7bc
JB		 1642 break;
1643 case 5: /* Bits 40-47 */
95a3ea94
JM		 1644#ifdef CONFIG_HS20
1645 if (wpa_s->conf->hs20)
1646 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1647#endif /* CONFIG_HS20 */
92c6e2e3
DS		 1648#ifdef CONFIG_MBO
1649 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1650#endif /* CONFIG_MBO */
8cd6b7bc
JB		 1651 break;
1652 case 6: /* Bits 48-55 */
1653 break;
d1723c55
LD		 1654 case 7: /* Bits 56-63 */
1655 break;
1656 case 8: /* Bits 64-71 */
1657 if (wpa_s->conf->ftm_responder)
1658 *pos |= 0x40; /* Bit 70 - FTM responder */
1659 if (wpa_s->conf->ftm_initiator)
1660 *pos |= 0x80; /* Bit 71 - FTM initiator */
1661 break;
e4d2ce1b
JM		 1662 case 9: /* Bits 72-79 */
1663#ifdef CONFIG_FILS
d98038bb 1664 if (!wpa_s->disable_fils)
1665 *pos |= 0x01;
e4d2ce1b
JM		 1666#endif /* CONFIG_FILS */
1667 break;
8cd6b7bc
JB		 1668 }
1669}
03e47c9c 1670
03e47c9c 1671
0bbaa9b9 1672int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
8cd6b7bc
JB		 1673{
1674 u8 *pos = buf;
e4d2ce1b 1675 u8 len = 10, i;
8cd6b7bc
JB		 1676
1677 if (len < wpa_s->extended_capa_len)
1678 len = wpa_s->extended_capa_len;
0bbaa9b9
JM		 1679 if (buflen < (size_t) len + 2) {
1680 wpa_printf(MSG_INFO,
1681 "Not enough room for building extended capabilities element");
1682 return -1;
1683 }
03e47c9c
JM		 1684
1685 *pos++ = WLAN_EID_EXT_CAPAB;
8cd6b7bc
JB		 1686 *pos++ = len;
1687 for (i = 0; i < len; i++, pos++) {
1688 wpas_ext_capab_byte(wpa_s, pos, i);
1689
1690 if (i < wpa_s->extended_capa_len) {
1691 *pos &= ~wpa_s->extended_capa_mask[i];
1692 *pos |= wpa_s->extended_capa[i];
1693 }
1694 }
03e47c9c 1695
3db5439a
JM		 1696 while (len > 0 && buf[1 + len] == 0) {
1697 len--;
1698 buf[1] = len;
1699 }
1700 if (len == 0)
1701 return 0;
1702
1703 return 2 + len;
03e47c9c
JM		 1704}
1705
1706
6ac4b15e
JM		 1707static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1708 struct wpa_bss *test_bss)
1709{
1710 struct wpa_bss *bss;
1711
1712 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1713 if (bss == test_bss)
1714 return 1;
1715 }
1716
1717 return 0;
1718}
1719
1720
1721static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1722 struct wpa_ssid *test_ssid)
1723{
1724 struct wpa_ssid *ssid;
1725
1726 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1727 if (ssid == test_ssid)
1728 return 1;
1729 }
1730
1731 return 0;
1732}
1733
1734
1735int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1736 struct wpa_ssid *test_ssid)
1737{
1738 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1739 return 0;
1740
1741 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1742}
1743
1744
1745void wpas_connect_work_free(struct wpa_connect_work *cwork)
1746{
1747 if (cwork == NULL)
1748 return;
1749 os_free(cwork);
1750}
1751
1752
1753void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1754{
1755 struct wpa_connect_work *cwork;
1756 struct wpa_radio_work *work = wpa_s->connect_work;
1757
1758 if (!work)
1759 return;
1760
1761 wpa_s->connect_work = NULL;
1762 cwork = work->ctx;
1763 work->ctx = NULL;
1764 wpas_connect_work_free(cwork);
1765 radio_work_done(work);
1766}
1767
1768
a313d17d 1769int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
c267753b
JM		 1770{
1771 struct os_reltime now;
1772 u8 addr[ETH_ALEN];
1773
1774 os_get_reltime(&now);
a313d17d
JM		 1775 if (wpa_s->last_mac_addr_style == style &&
1776 wpa_s->last_mac_addr_change.sec != 0 &&
c267753b
JM		 1777 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1778 wpa_s->conf->rand_addr_lifetime)) {
1779 wpa_msg(wpa_s, MSG_DEBUG,
1780 "Previously selected random MAC address has not yet expired");
1781 return 0;
1782 }
1783
a313d17d
JM		 1784 switch (style) {
1785 case 1:
1786 if (random_mac_addr(addr) < 0)
1787 return -1;
1788 break;
1789 case 2:
1790 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1791 if (random_mac_addr_keep_oui(addr) < 0)
1792 return -1;
1793 break;
1794 default:
c267753b 1795 return -1;
a313d17d 1796 }
c267753b
JM		 1797
1798 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1799 wpa_msg(wpa_s, MSG_INFO,
1800 "Failed to set random MAC address");
1801 return -1;
1802 }
1803
1804 os_get_reltime(&wpa_s->last_mac_addr_change);
1805 wpa_s->mac_addr_changed = 1;
a313d17d 1806 wpa_s->last_mac_addr_style = style;
c267753b
JM		 1807
1808 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1809 wpa_msg(wpa_s, MSG_INFO,
1810 "Could not update MAC address information");
1811 return -1;
1812 }
1813
1814 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1815 MAC2STR(addr));
1816
1817 return 0;
1818}
1819
1820
1821int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1822{
1823 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1824 !wpa_s->conf->preassoc_mac_addr)
1825 return 0;
1826
a313d17d 1827 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
c267753b
JM		 1828}
1829
1830
6ac4b15e
JM		 1831static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1832
6fc6879b
JM		 1833/**
1834 * wpa_supplicant_associate - Request association
1835 * @wpa_s: Pointer to wpa_supplicant data
1836 * @bss: Scan results for the selected BSS, or %NULL if not available
1837 * @ssid: Configuration data for the selected network
1838 *
1839 * This function is used to request %wpa_supplicant to associate with a BSS.
1840 */
1841void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
6fa81a3b 1842 struct wpa_bss *bss, struct wpa_ssid *ssid)
6fc6879b 1843{
6ac4b15e 1844 struct wpa_connect_work *cwork;
a313d17d
JM		 1845 int rand_style;
1846
a8412ec9
JM		 1847 wpa_s->own_disconnect_req = 0;
1848
e7160bd8
JM		 1849 /*
1850 * If we are starting a new connection, any previously pending EAPOL
1851 * RX cannot be valid anymore.
1852 */
1853 wpabuf_free(wpa_s->pending_eapol_rx);
1854 wpa_s->pending_eapol_rx = NULL;
1855
a313d17d
JM		 1856 if (ssid->mac_addr == -1)
1857 rand_style = wpa_s->conf->mac_addr;
1858 else
1859 rand_style = ssid->mac_addr;
6fc6879b 1860
8c42b369
EP		 1861 wmm_ac_clear_saved_tspecs(wpa_s);
1862 wpa_s->reassoc_same_bss = 0;
6a5ee810 1863 wpa_s->reassoc_same_ess = 0;
daa40960
JM		 1864#ifdef CONFIG_TESTING_OPTIONS
1865 wpa_s->testing_resend_assoc = 0;
1866#endif /* CONFIG_TESTING_OPTIONS */
8c42b369 1867
c267753b
JM		 1868 if (wpa_s->last_ssid == ssid) {
1869 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
6a5ee810 1870 wpa_s->reassoc_same_ess = 1;
8c42b369
EP		 1871 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1872 wmm_ac_save_tspecs(wpa_s);
1873 wpa_s->reassoc_same_bss = 1;
1874 }
5d30f927
BR		 1875 }
1876
1877 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
a313d17d 1878 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
c267753b
JM		 1879 return;
1880 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
5d30f927 1881 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
c267753b
JM		 1882 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1883 wpa_msg(wpa_s, MSG_INFO,
1884 "Could not restore permanent MAC address");
1885 return;
1886 }
1887 wpa_s->mac_addr_changed = 0;
1888 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1889 wpa_msg(wpa_s, MSG_INFO,
1890 "Could not update MAC address information");
1891 return;
1892 }
1893 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1894 }
1895 wpa_s->last_ssid = ssid;
1896
78177a00
JM		 1897#ifdef CONFIG_IBSS_RSN
1898 ibss_rsn_deinit(wpa_s->ibss_rsn);
1899 wpa_s->ibss_rsn = NULL;
81a10a94
JM		 1900#else /* CONFIG_IBSS_RSN */
1901 if (ssid->mode == WPAS_MODE_IBSS &&
1902 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
1903 wpa_msg(wpa_s, MSG_INFO,
1904 "IBSS RSN not supported in the build");
1905 return;
1906 }
78177a00
JM		 1907#endif /* CONFIG_IBSS_RSN */
1908
2c5d725c
JM		 1909 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1910 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1581b38b
JM		 1911#ifdef CONFIG_AP
1912 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
f049052b
BG		 1913 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1914 "mode");
1581b38b
JM		 1915 return;
1916 }
8c981d17
DW		 1917 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1918 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
b2b688d1
VKE		 1919 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1920 wpas_p2p_ap_setup_failed(wpa_s);
8c981d17
DW		 1921 return;
1922 }
8f770587 1923 wpa_s->current_bss = bss;
1581b38b 1924#else /* CONFIG_AP */
f049052b
BG		 1925 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1926 "the build");
1581b38b
JM		 1927#endif /* CONFIG_AP */
1928 return;
1929 }
1930
603a3f34
JL		 1931 if (ssid->mode == WPAS_MODE_MESH) {
1932#ifdef CONFIG_MESH
1933 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1934 wpa_msg(wpa_s, MSG_INFO,
1935 "Driver does not support mesh mode");
1936 return;
1937 }
1938 if (bss)
1939 ssid->frequency = bss->freq;
1940 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1941 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1942 return;
1943 }
1944 wpa_s->current_bss = bss;
6174de66
JM		 1945 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1946 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1947 ssid->id);
89e9cd25 1948 wpas_notify_mesh_group_started(wpa_s, ssid);
603a3f34
JL		 1949#else /* CONFIG_MESH */
1950 wpa_msg(wpa_s, MSG_ERROR,
1951 "mesh mode support not included in the build");
1952#endif /* CONFIG_MESH */
1953 return;
1954 }
1955
2efc6720
JM		 1956 /*
1957 * Set WPA state machine configuration to match the selected network now
1958 * so that the information is available before wpas_start_assoc_cb()
1959 * gets called. This is needed at least for RSN pre-authentication where
1960 * candidate APs are added to a list based on scan result processing
1961 * before completion of the first association.
1962 */
1963 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
1964
a0d5c56f
JM		 1965#ifdef CONFIG_DPP
1966 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
1967 return;
1968#endif /* CONFIG_DPP */
1969
52c9e6f3 1970#ifdef CONFIG_TDLS
95cb2d88
JM		 1971 if (bss)
1972 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1973 bss->ie_len);
52c9e6f3
JM		 1974#endif /* CONFIG_TDLS */
1975
5cc4d64b
JM		 1976 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1977 ssid->mode == IEEE80211_MODE_INFRA) {
c2a04078
JM		 1978 sme_authenticate(wpa_s, bss, ssid);
1979 return;
1980 }
1981
6ac4b15e
JM		 1982 if (wpa_s->connect_work) {
1983 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1984 return;
1985 }
1986
f0e30c84
JM		 1987 if (radio_work_pending(wpa_s, "connect")) {
1988 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1989 return;
1990 }
1991
a1836de6
JM		 1992#ifdef CONFIG_SME
1993 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
1994 /* Clear possibly set auth_alg, if any, from last attempt. */
1995 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
1996 }
1997#endif /* CONFIG_SME */
1998
4ead7cfd
KV		 1999 wpas_abort_ongoing_scan(wpa_s);
2000
6ac4b15e
JM		 2001 cwork = os_zalloc(sizeof(*cwork));
2002 if (cwork == NULL)
2003 return;
2004
2005 cwork->bss = bss;
2006 cwork->ssid = ssid;
2007
2008 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2009 wpas_start_assoc_cb, cwork) < 0) {
2010 os_free(cwork);
2011 }
2012}
2013
2014
98479dc9
JD		 2015static int bss_is_ibss(struct wpa_bss *bss)
2016{
2017 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2018 IEEE80211_CAP_IBSS;
2019}
2020
2021
a65efbfb
PO		 2022static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2023 const struct wpa_ssid *ssid)
2024{
2025 enum hostapd_hw_mode hw_mode;
2026 struct hostapd_hw_modes *mode = NULL;
2027 u8 channel;
2028 int i;
2029
a65efbfb
PO		 2030 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2031 if (hw_mode == NUM_HOSTAPD_MODES)
2032 return 0;
2033 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2034 if (wpa_s->hw.modes[i].mode == hw_mode) {
2035 mode = &wpa_s->hw.modes[i];
2036 break;
2037 }
2038 }
2039
2040 if (!mode)
2041 return 0;
2042
2043 return mode->vht_capab != 0;
2044}
2045
2046
54fe48b9
JM		 2047void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2048 const struct wpa_ssid *ssid,
2049 struct hostapd_freq_params *freq)
1830817e
JD		 2050{
2051 enum hostapd_hw_mode hw_mode;
2052 struct hostapd_hw_modes *mode = NULL;
6b8b0774
JD		 2053 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2054 184, 192 };
563ee183 2055 int vht80[] = { 36, 52, 100, 116, 132, 149 };
6b8b0774 2056 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1830817e 2057 u8 channel;
98479dc9 2058 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
0f29bc68 2059 unsigned int j, k;
563ee183 2060 struct hostapd_freq_params vht_freq;
0f29bc68
AK		 2061 int chwidth, seg0, seg1;
2062 u32 vht_caps = 0;
1830817e
JD		 2063
2064 freq->freq = ssid->frequency;
2065
98479dc9
JD		 2066 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2067 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2068
2069 if (ssid->mode != WPAS_MODE_IBSS)
2070 break;
2071
2072 /* Don't adjust control freq in case of fixed_freq */
2073 if (ssid->fixed_freq)
2074 break;
2075
2076 if (!bss_is_ibss(bss))
2077 continue;
2078
2079 if (ssid->ssid_len == bss->ssid_len &&
2080 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2081 wpa_printf(MSG_DEBUG,
2082 "IBSS already found in scan results, adjust control freq: %d",
2083 bss->freq);
2084 freq->freq = bss->freq;
2085 obss_scan = 0;
2086 break;
2087 }
2088 }
2089
1830817e
JD		 2090 /* For IBSS check HT_IBSS flag */
2091 if (ssid->mode == WPAS_MODE_IBSS &&
2092 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2093 return;
2094
d9a9bc04
JD		 2095 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2096 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2097 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2098 wpa_printf(MSG_DEBUG,
2099 "IBSS: WEP/TKIP detected, do not try to enable HT");
2100 return;
2101 }
2102
98479dc9 2103 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1830817e
JD		 2104 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2105 if (wpa_s->hw.modes[i].mode == hw_mode) {
2106 mode = &wpa_s->hw.modes[i];
2107 break;
2108 }
2109 }
2110
2111 if (!mode)
2112 return;
2113
3388e7b9
MH		 2114#ifdef CONFIG_HT_OVERRIDES
2115 if (ssid->disable_ht) {
2116 freq->ht_enabled = 0;
2117 return;
2118 }
2119#endif /* CONFIG_HT_OVERRIDES */
2120
1830817e 2121 freq->ht_enabled = ht_supported(mode);
6b8b0774
JD		 2122 if (!freq->ht_enabled)
2123 return;
2124
2125 /* Setup higher BW only for 5 GHz */
2126 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2127 return;
2128
2129 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2130 pri_chan = &mode->channels[chan_idx];
2131 if (pri_chan->chan == channel)
2132 break;
2133 pri_chan = NULL;
2134 }
2135 if (!pri_chan)
2136 return;
2137
2138 /* Check primary channel flags */
2139 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2140 return;
2141
05aed438
MH		 2142#ifdef CONFIG_HT_OVERRIDES
2143 if (ssid->disable_ht40)
2144 return;
2145#endif /* CONFIG_HT_OVERRIDES */
2146
6b8b0774
JD		 2147 /* Check/setup HT40+/HT40- */
2148 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2149 if (ht40plus[j] == channel) {
2150 ht40 = 1;
2151 break;
2152 }
2153 }
2154
2155 /* Find secondary channel */
2156 for (i = 0; i < mode->num_channels; i++) {
2157 sec_chan = &mode->channels[i];
2158 if (sec_chan->chan == channel + ht40 * 4)
2159 break;
2160 sec_chan = NULL;
2161 }
2162 if (!sec_chan)
2163 return;
2164
2165 /* Check secondary channel flags */
2166 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2167 return;
2168
2169 freq->channel = pri_chan->chan;
2170
ecba4509 2171 if (ht40 == -1) {
6b8b0774
JD		 2172 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2173 return;
ecba4509 2174 } else {
6b8b0774
JD		 2175 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2176 return;
6b8b0774 2177 }
ecba4509 2178 freq->sec_channel_offset = ht40;
6b8b0774 2179
ecba4509 2180 if (obss_scan) {
6b8b0774
JD		 2181 struct wpa_scan_results *scan_res;
2182
2183 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2184 if (scan_res == NULL) {
2185 /* Back to HT20 */
2186 freq->sec_channel_offset = 0;
2187 return;
2188 }
2189
2190 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
2191 sec_chan->chan);
2192 switch (res) {
2193 case 0:
2194 /* Back to HT20 */
2195 freq->sec_channel_offset = 0;
2196 break;
2197 case 1:
2198 /* Configuration allowed */
2199 break;
2200 case 2:
2201 /* Switch pri/sec channels */
2202 freq->freq = hw_get_freq(mode, sec_chan->chan);
2203 freq->sec_channel_offset = -freq->sec_channel_offset;
2204 freq->channel = sec_chan->chan;
2205 break;
2206 default:
2207 freq->sec_channel_offset = 0;
2208 break;
2209 }
2210
2211 wpa_scan_results_free(scan_res);
2212 }
2213
2214 wpa_printf(MSG_DEBUG,
2215 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2216 freq->channel, freq->sec_channel_offset);
563ee183 2217
a65efbfb 2218 if (!drv_supports_vht(wpa_s, ssid))
563ee183
JD		 2219 return;
2220
2221 /* For IBSS check VHT_IBSS flag */
a65efbfb
PO		 2222 if (ssid->mode == WPAS_MODE_IBSS &&
2223 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
563ee183
JD		 2224 return;
2225
2226 vht_freq = *freq;
2227
b301f54e
JM		 2228#ifdef CONFIG_VHT_OVERRIDES
2229 if (ssid->disable_vht) {
2230 freq->vht_enabled = 0;
2231 return;
2232 }
2233#endif /* CONFIG_VHT_OVERRIDES */
2234
563ee183
JD		 2235 vht_freq.vht_enabled = vht_supported(mode);
2236 if (!vht_freq.vht_enabled)
2237 return;
2238
2239 /* setup center_freq1, bandwidth */
2240 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2241 if (freq->channel >= vht80[j] &&
2242 freq->channel < vht80[j] + 16)
2243 break;
2244 }
2245
2246 if (j == ARRAY_SIZE(vht80))
2247 return;
2248
2249 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2250 struct hostapd_channel_data *chan;
2251
2252 chan = hw_get_channel_chan(mode, i, NULL);
2253 if (!chan)
2254 return;
2255
2256 /* Back to HT configuration if channel not usable */
2257 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2258 return;
2259 }
2260
0f29bc68
AK		 2261 chwidth = VHT_CHANWIDTH_80MHZ;
2262 seg0 = vht80[j] + 6;
2263 seg1 = 0;
2264
2265 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2266 /* setup center_freq2, bandwidth */
2267 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2268 /* Only accept 80 MHz segments separated by a gap */
2269 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2270 continue;
2271 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2272 struct hostapd_channel_data *chan;
2273
2274 chan = hw_get_channel_chan(mode, i, NULL);
2275 if (!chan)
2276 continue;
2277
2278 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2279 HOSTAPD_CHAN_NO_IR |
2280 HOSTAPD_CHAN_RADAR))
2281 continue;
2282
2283 /* Found a suitable second segment for 80+80 */
2284 chwidth = VHT_CHANWIDTH_80P80MHZ;
2285 vht_caps |=
2286 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2287 seg1 = vht80[k] + 6;
2288 }
2289
2290 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2291 break;
2292 }
331f0774
JM		 2293 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2294 if (freq->freq == 5180) {
2295 chwidth = VHT_CHANWIDTH_160MHZ;
2296 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2297 seg0 = 50;
2298 } else if (freq->freq == 5520) {
2299 chwidth = VHT_CHANWIDTH_160MHZ;
2300 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2301 seg0 = 114;
2302 }
0f29bc68
AK		 2303 }
2304
563ee183
JD		 2305 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2306 freq->channel, freq->ht_enabled,
2307 vht_freq.vht_enabled,
2308 freq->sec_channel_offset,
0f29bc68 2309 chwidth, seg0, seg1, vht_caps) != 0)
563ee183
JD		 2310 return;
2311
2312 *freq = vht_freq;
2313
2314 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2315 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1830817e
JD		 2316}
2317
2318
a38090b1
VK		 2319#ifdef CONFIG_FILS
2320static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2321 size_t ie_buf_len)
2322{
2323 struct fils_hlp_req *req;
2324 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2325 const u8 *pos;
2326 u8 *buf = ie_buf;
2327
2328 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2329 list) {
2330 rem_len = ie_buf_len - ie_len;
2331 pos = wpabuf_head(req->pkt);
2332 hdr_len = 1 + 2 * ETH_ALEN + 6;
2333 hlp_len = wpabuf_len(req->pkt);
2334
2335 if (rem_len < 2 + hdr_len + hlp_len) {
2336 wpa_printf(MSG_ERROR,
2337 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2338 (unsigned long) rem_len,
2339 (unsigned long) (2 + hdr_len + hlp_len));
2340 break;
2341 }
2342
2343 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2344 /* Element ID */
2345 *buf++ = WLAN_EID_EXTENSION;
2346 /* Length */
2347 *buf++ = len;
2348 /* Element ID Extension */
2349 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2350 /* Destination MAC address */
2351 os_memcpy(buf, req->dst, ETH_ALEN);
2352 buf += ETH_ALEN;
2353 /* Source MAC address */
2354 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2355 buf += ETH_ALEN;
2356 /* LLC/SNAP Header */
2357 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2358 buf += 6;
2359 /* HLP Packet */
2360 os_memcpy(buf, pos, len - hdr_len);
2361 buf += len - hdr_len;
2362 pos += len - hdr_len;
2363
2364 hlp_len -= len - hdr_len;
2365 ie_len += 2 + len;
2366 rem_len -= 2 + len;
2367
2368 while (hlp_len) {
2369 len = (hlp_len > 255) ? 255 : hlp_len;
2370 if (rem_len < 2 + len)
2371 break;
2372 *buf++ = WLAN_EID_FRAGMENT;
2373 *buf++ = len;
2374 os_memcpy(buf, pos, len);
2375 buf += len;
2376 pos += len;
2377
2378 hlp_len -= len;
2379 ie_len += 2 + len;
2380 rem_len -= 2 + len;
2381 }
2382 }
2383
2384 return ie_len;
2385}
e4802127
MH		 2386
2387
2388int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2389{
2390 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2391 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2392 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2393 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2394}
2395
2396
2397int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2398{
2399#ifdef CONFIG_FILS_SK_PFS
2400 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2401 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2402#else /* CONFIG_FILS_SK_PFS */
2403 return 0;
2404#endif /* CONFIG_FILS_SK_PFS */
2405}
2406
a38090b1
VK		 2407#endif /* CONFIG_FILS */
2408
2409
d2ba0d71
VK		 2410static u8 * wpas_populate_assoc_ies(
2411 struct wpa_supplicant *wpa_s,
2412 struct wpa_bss *bss, struct wpa_ssid *ssid,
6338c99e
VK		 2413 struct wpa_driver_associate_params *params,
2414 enum wpa_drv_update_connect_params_mask *mask)
6ac4b15e 2415{
1e6780bd 2416 u8 *wpa_ie;
10970465 2417 size_t max_wpa_ie_len = 500;
6ac4b15e 2418 size_t wpa_ie_len;
6ac4b15e 2419 int algs = WPA_AUTH_ALG_OPEN;
8b0a6dba
VK		 2420#ifdef CONFIG_FILS
2421 const u8 *realm, *username, *rrk;
2422 size_t realm_len, username_len, rrk_len;
2423 u16 next_seq_num;
b377ec25 2424 struct fils_hlp_req *req;
6fc6879b 2425
b377ec25
VK		 2426 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2427 list) {
2428 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2429 2 + 2 * wpabuf_len(req->pkt) / 255;
8b0a6dba
VK		 2430 }
2431#endif /* CONFIG_FILS */
8b0a6dba 2432
1e6780bd
VK		 2433 wpa_ie = os_malloc(max_wpa_ie_len);
2434 if (!wpa_ie) {
2435 wpa_printf(MSG_ERROR,
2436 "Failed to allocate connect IE buffer for %lu bytes",
2437 (unsigned long) max_wpa_ie_len);
d2ba0d71 2438 return NULL;
1e6780bd
VK		 2439 }
2440
6fa81a3b
JM		 2441 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2442 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
0bf927a0 2443 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
6fc6879b 2444 int try_opportunistic;
79f3121b
VK		 2445 const u8 *cache_id = NULL;
2446
6e202021
JM		 2447 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2448 wpa_s->conf->okc :
2449 ssid->proactive_key_caching) &&
6fc6879b 2450 (ssid->proto & WPA_PROTO_RSN);
79f3121b
VK		 2451#ifdef CONFIG_FILS
2452 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2453 cache_id = wpa_bss_get_fils_cache_id(bss);
2454#endif /* CONFIG_FILS */
6fc6879b 2455 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
79f3121b 2456 ssid, try_opportunistic,
852b2f27 2457 cache_id, 0) == 0)
ba422613 2458 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
1e6780bd 2459 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2460 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2461 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2462 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2463 "key management and encryption suites");
1e6780bd 2464 os_free(wpa_ie);
d2ba0d71 2465 return NULL;
6fc6879b 2466 }
a3f7e518
JM		 2467 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2468 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2469 /*
2470 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2471 * use non-WPA since the scan results did not indicate that the
2472 * AP is using WPA or WPA2.
2473 */
2474 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2475 wpa_ie_len = 0;
2476 wpa_s->wpa_proto = 0;
0bf927a0 2477 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1e6780bd 2478 wpa_ie_len = max_wpa_ie_len;
6fc6879b
JM		 2479 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2480 wpa_ie, &wpa_ie_len)) {
f049052b
BG		 2481 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2482 "key management and encryption suites (no "
2483 "scan results)");
1e6780bd 2484 os_free(wpa_ie);
d2ba0d71 2485 return NULL;
6fc6879b 2486 }
ad08c363
JM		 2487#ifdef CONFIG_WPS
2488 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
b01c18a8
JM		 2489 struct wpabuf *wps_ie;
2490 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1e6780bd 2491 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
ad08c363
JM		 2492 wpa_ie_len = wpabuf_len(wps_ie);
2493 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
24386985
JM		 2494 } else
2495 wpa_ie_len = 0;
ad08c363
JM		 2496 wpabuf_free(wps_ie);
2497 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
0c80427d 2498 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
d2ba0d71 2499 params->wps = WPS_MODE_PRIVACY;
0c80427d 2500 else
d2ba0d71 2501 params->wps = WPS_MODE_OPEN;
cf546f1a 2502 wpa_s->wpa_proto = 0;
ad08c363 2503#endif /* CONFIG_WPS */
6fc6879b
JM		 2504 } else {
2505 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2506 wpa_ie_len = 0;
cf546f1a 2507 wpa_s->wpa_proto = 0;
6fc6879b
JM		 2508 }
2509
b377ec25
VK		 2510#ifdef IEEE8021X_EAPOL
2511 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2512 if (ssid->leap) {
2513 if (ssid->non_leap == 0)
2514 algs = WPA_AUTH_ALG_LEAP;
2515 else
2516 algs |= WPA_AUTH_ALG_LEAP;
2517 }
2518 }
2519
2520#ifdef CONFIG_FILS
2521 /* Clear FILS association */
2522 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2523
2524 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2525 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2526 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2527 &username_len, &realm, &realm_len,
2528 &next_seq_num, &rrk, &rrk_len) == 0) {
2529 algs = WPA_AUTH_ALG_FILS;
d2ba0d71
VK		 2530 params->fils_erp_username = username;
2531 params->fils_erp_username_len = username_len;
2532 params->fils_erp_realm = realm;
2533 params->fils_erp_realm_len = realm_len;
2534 params->fils_erp_next_seq_num = next_seq_num;
2535 params->fils_erp_rrk = rrk;
2536 params->fils_erp_rrk_len = rrk_len;
6338c99e
VK		 2537
2538 if (mask)
2539 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
b377ec25
VK		 2540 }
2541#endif /* CONFIG_FILS */
2542#endif /* IEEE8021X_EAPOL */
5ff39c13
SD		 2543#ifdef CONFIG_SAE
2544 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2545 algs = WPA_AUTH_ALG_SAE;
2546#endif /* CONFIG_SAE */
b377ec25
VK		 2547
2548 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2549 if (ssid->auth_alg) {
2550 algs = ssid->auth_alg;
2551 wpa_dbg(wpa_s, MSG_DEBUG,
2552 "Overriding auth_alg selection: 0x%x", algs);
2553 }
2554
5f3a6aa0
JM		 2555#ifdef CONFIG_P2P
2556 if (wpa_s->global->p2p) {
2557 u8 *pos;
2558 size_t len;
2559 int res;
5f3a6aa0 2560 pos = wpa_ie + wpa_ie_len;
1e6780bd 2561 len = max_wpa_ie_len - wpa_ie_len;
b8a8d677
JM		 2562 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2563 ssid->p2p_group);
5f3a6aa0
JM		 2564 if (res >= 0)
2565 wpa_ie_len += res;
2566 }
72044390
JM		 2567
2568 wpa_s->cross_connect_disallowed = 0;
2569 if (bss) {
2570 struct wpabuf *p2p;
2571 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2572 if (p2p) {
2573 wpa_s->cross_connect_disallowed =
2574 p2p_get_cross_connect_disallowed(p2p);
2575 wpabuf_free(p2p);
f049052b
BG		 2576 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2577 "connection",
2578 wpa_s->cross_connect_disallowed ?
2579 "disallows" : "allows");
72044390
JM		 2580 }
2581 }
25ef8529
JM		 2582
2583 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
5f3a6aa0
JM		 2584#endif /* CONFIG_P2P */
2585
5e57ba25 2586 if (bss) {
065c029a 2587 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, bss->freq,
2588 wpa_ie + wpa_ie_len,
1e6780bd 2589 max_wpa_ie_len -
065c029a 2590 wpa_ie_len);
5e57ba25 2591 }
5e57ba25 2592
8b3b803a
AH		 2593 /*
2594 * Workaround: Add Extended Capabilities element only if the AP
2595 * included this element in Beacon/Probe Response frames. Some older
2596 * APs seem to have interoperability issues if this element is
2597 * included, so while the standard may require us to include the
2598 * element in all cases, it is justifiable to skip it to avoid
2599 * interoperability issues.
2600 */
cc9a2575
KV		 2601 if (ssid->p2p_group)
2602 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2603 else
2604 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2605
8b3b803a 2606 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
0bbaa9b9 2607 u8 ext_capab[18];
8b3b803a 2608 int ext_capab_len;
0bbaa9b9
JM		 2609 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2610 sizeof(ext_capab));
2c66c7d1
AA		 2611 if (ext_capab_len > 0 &&
2612 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
8b3b803a
AH		 2613 u8 *pos = wpa_ie;
2614 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2615 pos += 2 + pos[1];
2616 os_memmove(pos + ext_capab_len, pos,
2617 wpa_ie_len - (pos - wpa_ie));
2618 wpa_ie_len += ext_capab_len;
2619 os_memcpy(pos, ext_capab, ext_capab_len);
2620 }
92cbcf91 2621 }
92cbcf91 2622
c484b198
AS		 2623#ifdef CONFIG_HS20
2624 if (is_hs20_network(wpa_s, ssid, bss)) {
2625 struct wpabuf *hs20;
2626
4204669c 2627 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
c484b198
AS		 2628 if (hs20) {
2629 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2630 size_t len;
2631
2632 wpas_hs20_add_indication(hs20, pps_mo_id);
4204669c 2633 wpas_hs20_add_roam_cons_sel(hs20, ssid);
1e6780bd 2634 len = max_wpa_ie_len - wpa_ie_len;
c484b198
AS		 2635 if (wpabuf_len(hs20) <= len) {
2636 os_memcpy(wpa_ie + wpa_ie_len,
2637 wpabuf_head(hs20), wpabuf_len(hs20));
2638 wpa_ie_len += wpabuf_len(hs20);
2639 }
2640 wpabuf_free(hs20);
ece4ac5f
MG		 2641
2642 hs20_configure_frame_filters(wpa_s);
c484b198
AS		 2643 }
2644 }
2645#endif /* CONFIG_HS20 */
2646
d29fa3a7
JM		 2647 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2648 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2649 size_t len;
2650
1e6780bd 2651 len = max_wpa_ie_len - wpa_ie_len;
d29fa3a7
JM		 2652 if (wpabuf_len(buf) <= len) {
2653 os_memcpy(wpa_ie + wpa_ie_len,
2654 wpabuf_head(buf), wpabuf_len(buf));
2655 wpa_ie_len += wpabuf_len(buf);
2656 }
2657 }
2658
b36a3a65
AN		 2659#ifdef CONFIG_FST
2660 if (wpa_s->fst_ies) {
2661 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2662
1e6780bd 2663 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
b36a3a65
AN		 2664 os_memcpy(wpa_ie + wpa_ie_len,
2665 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2666 wpa_ie_len += fst_ies_len;
2667 }
2668 }
2669#endif /* CONFIG_FST */
2670
92c6e2e3 2671#ifdef CONFIG_MBO
065c029a 2672 if (bss && wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE)) {
5e57ba25 2673 int len;
92c6e2e3 2674
5e57ba25 2675 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
1e6780bd 2676 max_wpa_ie_len - wpa_ie_len);
5e57ba25
AS		 2677 if (len >= 0)
2678 wpa_ie_len += len;
92c6e2e3
DS		 2679 }
2680#endif /* CONFIG_MBO */
2681
a38090b1
VK		 2682#ifdef CONFIG_FILS
2683 if (algs == WPA_AUTH_ALG_FILS) {
2684 size_t len;
2685
2686 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2687 max_wpa_ie_len - wpa_ie_len);
2688 wpa_ie_len += len;
2689 }
2690#endif /* CONFIG_FILS */
2691
10970465 2692#ifdef CONFIG_OWE
5f30b69c
JM		 2693#ifdef CONFIG_TESTING_OPTIONS
2694 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2695 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2696 } else
2697#endif /* CONFIG_TESTING_OPTIONS */
10970465
JM		 2698 if (algs == WPA_AUTH_ALG_OPEN &&
2699 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2700 struct wpabuf *owe_ie;
2cb40e9f 2701 u16 group;
10970465 2702
2cb40e9f 2703 if (ssid->owe_group) {
10970465 2704 group = ssid->owe_group;
2cb40e9f
JM		 2705 } else {
2706 if (wpa_s->last_owe_group == 19)
2707 group = 20;
2708 else if (wpa_s->last_owe_group == 20)
2709 group = 21;
2710 else
2711 group = OWE_DH_GROUP;
2712 }
2713 wpa_s->last_owe_group = group;
2714 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
10970465
JM		 2715 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2716 if (owe_ie &&
2717 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
2718 os_memcpy(wpa_ie + wpa_ie_len,
2719 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
2720 wpa_ie_len += wpabuf_len(owe_ie);
2721 wpabuf_free(owe_ie);
2722 }
2723 }
2724#endif /* CONFIG_OWE */
2725
3dc3afe2
AM		 2726#ifdef CONFIG_IEEE80211R
2727 /*
2728 * Add MDIE under these conditions: the network profile allows FT,
2729 * the AP supports FT, and the mobility domain ID matches.
2730 */
2731 if (wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
2732 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2733
2734 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
86c998d3 2735 size_t len = 0;
3dc3afe2
AM		 2736 const u8 *md = mdie + 2;
2737 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
2738
2739 if (os_memcmp(md, wpa_md,
2740 MOBILITY_DOMAIN_ID_LEN) == 0) {
2741 /* Add mobility domain IE */
86c998d3 2742 len = wpa_ft_add_mdie(
3dc3afe2
AM		 2743 wpa_s->wpa, wpa_ie + wpa_ie_len,
2744 max_wpa_ie_len - wpa_ie_len, mdie);
86c998d3 2745 wpa_ie_len += len;
3dc3afe2 2746 }
86c998d3
AM		 2747#ifdef CONFIG_SME
2748 if (len > 0 && wpa_s->sme.ft_used &&
2749 wpa_sm_has_ptk(wpa_s->wpa)) {
2750 wpa_dbg(wpa_s, MSG_DEBUG,
2751 "SME: Trying to use FT over-the-air");
2752 algs |= WPA_AUTH_ALG_FT;
2753 }
2754#endif /* CONFIG_SME */
3dc3afe2
AM		 2755 }
2756 }
2757#endif /* CONFIG_IEEE80211R */
2758
d2ba0d71
VK		 2759 params->wpa_ie = wpa_ie;
2760 params->wpa_ie_len = wpa_ie_len;
2761 params->auth_alg = algs;
6338c99e
VK		 2762 if (mask)
2763 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
d2ba0d71
VK		 2764
2765 return wpa_ie;
2766}
2767
2768
6338c99e
VK		 2769#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2770static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
2771{
2772 struct wpa_driver_associate_params params;
2773 enum wpa_drv_update_connect_params_mask mask = 0;
2774 u8 *wpa_ie;
2775
2776 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
2777 return; /* nothing to do */
2778
2779 os_memset(&params, 0, sizeof(params));
2780 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
2781 wpa_s->current_ssid, &params, &mask);
2782 if (!wpa_ie)
2783 return;
2784
2785 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
2786 os_free(wpa_ie);
2787 return;
2788 }
2789
2790 wpa_s->auth_alg = params.auth_alg;
2791 wpa_drv_update_connect_params(wpa_s, &params, mask);
2792 os_free(wpa_ie);
2793}
2794#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
2795
2796
d2ba0d71
VK		 2797static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2798{
2799 struct wpa_connect_work *cwork = work->ctx;
2800 struct wpa_bss *bss = cwork->bss;
2801 struct wpa_ssid *ssid = cwork->ssid;
2802 struct wpa_supplicant *wpa_s = work->wpa_s;
2803 u8 *wpa_ie;
2804 int use_crypt, ret, i, bssid_changed;
2805 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
2806 struct wpa_driver_associate_params params;
2807 int wep_keys_set = 0;
2808 int assoc_failed = 0;
2809 struct wpa_ssid *old_ssid;
2810 u8 prev_bssid[ETH_ALEN];
2811#ifdef CONFIG_HT_OVERRIDES
2812 struct ieee80211_ht_capabilities htcaps;
2813 struct ieee80211_ht_capabilities htcaps_mask;
2814#endif /* CONFIG_HT_OVERRIDES */
2815#ifdef CONFIG_VHT_OVERRIDES
2816 struct ieee80211_vht_capabilities vhtcaps;
2817 struct ieee80211_vht_capabilities vhtcaps_mask;
2818#endif /* CONFIG_VHT_OVERRIDES */
2819
2820 if (deinit) {
2821 if (work->started) {
2822 wpa_s->connect_work = NULL;
2823
2824 /* cancel possible auth. timeout */
2825 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2826 NULL);
2827 }
2828 wpas_connect_work_free(cwork);
2829 return;
2830 }
2831
2832 wpa_s->connect_work = work;
2833
2834 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2835 wpas_network_disabled(wpa_s, ssid)) {
2836 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2837 wpas_connect_work_done(wpa_s);
2838 return;
2839 }
2840
2841 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2842 os_memset(&params, 0, sizeof(params));
2843 wpa_s->reassociate = 0;
2844 wpa_s->eap_expected_failure = 0;
2845 if (bss &&
2846 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2847#ifdef CONFIG_IEEE80211R
2848 const u8 *ie, *md = NULL;
2849#endif /* CONFIG_IEEE80211R */
2850 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2851 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2852 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2853 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2854 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2855 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2856 if (bssid_changed)
2857 wpas_notify_bssid_changed(wpa_s);
2858#ifdef CONFIG_IEEE80211R
2859 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2860 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2861 md = ie + 2;
2862 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2863 if (md) {
2864 /* Prepare for the next transition */
2865 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2866 }
2867#endif /* CONFIG_IEEE80211R */
2868#ifdef CONFIG_WPS
2869 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2870 wpa_s->conf->ap_scan == 2 &&
2871 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2872 /* Use ap_scan==1 style network selection to find the network
2873 */
2874 wpas_connect_work_done(wpa_s);
2875 wpa_s->scan_req = MANUAL_SCAN_REQ;
2876 wpa_s->reassociate = 1;
2877 wpa_supplicant_req_scan(wpa_s, 0, 0);
2878 return;
2879#endif /* CONFIG_WPS */
2880 } else {
2881 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2882 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2883 if (bss)
2884 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2885 else
2886 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2887 }
2888 if (!wpa_s->pno)
2889 wpa_supplicant_cancel_sched_scan(wpa_s);
2890
2891 wpa_supplicant_cancel_scan(wpa_s);
2892
2893 /* Starting new association, so clear the possibly used WPA IE from the
2894 * previous association. */
2895 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2896
6338c99e 2897 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
d2ba0d71
VK		 2898 if (!wpa_ie) {
2899 wpas_connect_work_done(wpa_s);
2900 return;
2901 }
2902
6fc6879b
JM		 2903 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2904 use_crypt = 1;
4848a38d
JM		 2905 cipher_pairwise = wpa_s->pairwise_cipher;
2906 cipher_group = wpa_s->group_cipher;
61a56c14 2907 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
6fc6879b
JM		 2908 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2909 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2910 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2911 use_crypt = 0;
2912 if (wpa_set_wep_keys(wpa_s, ssid)) {
2913 use_crypt = 1;
2914 wep_keys_set = 1;
2915 }
2916 }
ad08c363
JM		 2917 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2918 use_crypt = 0;
6fc6879b
JM		 2919
2920#ifdef IEEE8021X_EAPOL
2921 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2922 if ((ssid->eapol_flags &
2923 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2924 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2925 !wep_keys_set) {
2926 use_crypt = 0;
2927 } else {
2928 /* Assume that dynamic WEP-104 keys will be used and
2929 * set cipher suites in order for drivers to expect
2930 * encryption. */
4848a38d 2931 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
6fc6879b
JM		 2932 }
2933 }
2934#endif /* IEEE8021X_EAPOL */
2935
2936 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2937 /* Set the key before (and later after) association */
2938 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2939 }
2940
6fc6879b 2941 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
6fc6879b 2942 if (bss) {
6fa81a3b
JM		 2943 params.ssid = bss->ssid;
2944 params.ssid_len = bss->ssid_len;
4b5b8a53
JM		 2945 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
2946 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
f15854d1
JM		 2947 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2948 MACSTR " freq=%u MHz based on scan results "
4b5b8a53 2949 "(bssid_set=%d wps=%d)",
f15854d1 2950 MAC2STR(bss->bssid), bss->freq,
4b5b8a53
JM		 2951 ssid->bssid_set,
2952 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
22628eca 2953 params.bssid = bss->bssid;
4ec68377 2954 params.freq.freq = bss->freq;
22628eca 2955 }
7ac7fd43
DS		 2956 params.bssid_hint = bss->bssid;
2957 params.freq_hint = bss->freq;
b9074912 2958 params.pbss = bss_is_pbss(bss);
6fc6879b 2959 } else {
43a356b2
PK		 2960 if (ssid->bssid_hint_set)
2961 params.bssid_hint = ssid->bssid_hint;
2962
6fc6879b
JM		 2963 params.ssid = ssid->ssid;
2964 params.ssid_len = ssid->ssid_len;
90f14962 2965 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
6fc6879b 2966 }
9e2af29f
NC		 2967
2968 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2969 wpa_s->conf->ap_scan == 2) {
2970 params.bssid = ssid->bssid;
2971 params.fixed_bssid = 1;
2972 }
2973
603a3f34
JL		 2974 /* Initial frequency for IBSS/mesh */
2975 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1830817e
JD		 2976 ssid->frequency > 0 && params.freq.freq == 0)
2977 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
dc152f32 2978
8f05577d 2979 if (ssid->mode == WPAS_MODE_IBSS) {
4d9e6fba 2980 params.fixed_freq = ssid->fixed_freq;
8f05577d
JM		 2981 if (ssid->beacon_int)
2982 params.beacon_int = ssid->beacon_int;
2983 else
2984 params.beacon_int = wpa_s->conf->beacon_int;
2985 }
2986
6fc6879b
JM		 2987 params.pairwise_suite = cipher_pairwise;
2988 params.group_suite = cipher_group;
61a56c14 2989 params.mgmt_group_suite = cipher_group_mgmt;
4848a38d 2990 params.key_mgmt_suite = wpa_s->key_mgmt;
64fa840a 2991 params.wpa_proto = wpa_s->wpa_proto;
5538fc93 2992 wpa_s->auth_alg = params.auth_alg;
6fc6879b 2993 params.mode = ssid->mode;
1f6c0ab8 2994 params.bg_scan_period = ssid->bg_scan_period;
6fc6879b
JM		 2995 for (i = 0; i < NUM_WEP_KEYS; i++) {
2996 if (ssid->wep_key_len[i])
2997 params.wep_key[i] = ssid->wep_key[i];
2998 params.wep_key_len[i] = ssid->wep_key_len[i];
2999 }
3000 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3001
c2a04078 3002 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
4848a38d
JM		 3003 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3004 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
6fc6879b
JM		 3005 params.passphrase = ssid->passphrase;
3006 if (ssid->psk_set)
3007 params.psk = ssid->psk;
b41f2684
CL		 3008 }
3009
3010 if (wpa_s->conf->key_mgmt_offload) {
3011 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
666497c8 3012 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
5e3b5197
JM		 3013 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3014 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
b41f2684
CL		 3015 params.req_key_mgmt_offload =
3016 ssid->proactive_key_caching < 0 ?
3017 wpa_s->conf->okc : ssid->proactive_key_caching;
3018 else
3019 params.req_key_mgmt_offload = 1;
3020
3021 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3022 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3023 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3024 ssid->psk_set)
3025 params.psk = ssid->psk;
6fc6879b
JM		 3026 }
3027
36b15723
JM		 3028 params.drop_unencrypted = use_crypt;
3029
6fc6879b 3030#ifdef CONFIG_IEEE80211W
3f56a2b7 3031 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
62d49803 3032 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
6fa81a3b 3033 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
97d3497e
JM		 3034 struct wpa_ie_data ie;
3035 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3036 ie.capabilities &
3037 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
f049052b
BG		 3038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3039 "MFP: require MFP");
97d3497e
JM		 3040 params.mgmt_frame_protection =
3041 MGMT_FRAME_PROTECTION_REQUIRED;
3042 }
3043 }
6fc6879b
JM		 3044#endif /* CONFIG_IEEE80211W */
3045
ffad8858 3046 params.p2p = ssid->p2p_group;
6e3f4b89 3047
ba307f85
LD		 3048 if (wpa_s->p2pdev->set_sta_uapsd)
3049 params.uapsd = wpa_s->p2pdev->sta_uapsd;
eea2fd9e
JM		 3050 else
3051 params.uapsd = -1;
3052
80e8a5ee
BG		 3053#ifdef CONFIG_HT_OVERRIDES
3054 os_memset(&htcaps, 0, sizeof(htcaps));
3055 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3056 params.htcaps = (u8 *) &htcaps;
3057 params.htcaps_mask = (u8 *) &htcaps_mask;
3058 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3059#endif /* CONFIG_HT_OVERRIDES */
6aa1cd4e
PS		 3060#ifdef CONFIG_VHT_OVERRIDES
3061 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3062 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3063 params.vhtcaps = &vhtcaps;
3064 params.vhtcaps_mask = &vhtcaps_mask;
95ff3069 3065 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
6aa1cd4e 3066#endif /* CONFIG_VHT_OVERRIDES */
80e8a5ee 3067
8567866d
JJ		 3068#ifdef CONFIG_P2P
3069 /*
3070 * If multi-channel concurrency is not supported, check for any
3071 * frequency conflict. In case of any frequency conflict, remove the
3072 * least prioritized connection.
3073 */
3074 if (wpa_s->num_multichan_concurrent < 2) {
d0df6437
IP		 3075 int freq, num;
3076 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4ec68377 3077 if (num > 0 && freq > 0 && freq != params.freq.freq) {
d0df6437
IP		 3078 wpa_printf(MSG_DEBUG,
3079 "Assoc conflicting freq found (%d != %d)",
4ec68377
JD		 3080 freq, params.freq.freq);
3081 if (wpas_p2p_handle_frequency_conflicts(
74656400
SD		 3082 wpa_s, params.freq.freq, ssid) < 0) {
3083 wpas_connect_work_done(wpa_s);
1e6780bd 3084 os_free(wpa_ie);
8567866d 3085 return;
74656400 3086 }
8567866d
JJ		 3087 }
3088 }
3089#endif /* CONFIG_P2P */
3090
6a5ee810
JM		 3091 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3092 wpa_s->current_ssid)
3093 params.prev_bssid = prev_bssid;
3094
17fbb751 3095 ret = wpa_drv_associate(wpa_s, &params);
1e6780bd 3096 os_free(wpa_ie);
6fc6879b
JM		 3097 if (ret < 0) {
3098 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3099 "failed");
871f4dd0
JM		 3100 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3101 /*
3102 * The driver is known to mean what is saying, so we
3103 * can stop right here; the association will not
3104 * succeed.
3105 */
3106 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
c1c02342 3107 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
871f4dd0
JM		 3108 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3109 return;
3110 }
6fc6879b
JM		 3111 /* try to continue anyway; new association will be tried again
3112 * after timeout */
3113 assoc_failed = 1;
3114 }
3115
3116 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3117 /* Set the key after the association just in case association
3118 * cleared the previously configured key. */
3119 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3120 /* No need to timeout authentication since there is no key
3121 * management. */
3122 wpa_supplicant_cancel_auth_timeout(wpa_s);
3123 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
53895c3b 3124#ifdef CONFIG_IBSS_RSN
d7dcba70 3125 } else if (ssid->mode == WPAS_MODE_IBSS &&
53895c3b
JM		 3126 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3127 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3128 /*
3129 * RSN IBSS authentication is per-STA and we can disable the
3130 * per-BSSID authentication.
3131 */
3132 wpa_supplicant_cancel_auth_timeout(wpa_s);
53895c3b 3133#endif /* CONFIG_IBSS_RSN */
6fc6879b
JM		 3134 } else {
3135 /* Timeout for IEEE 802.11 authentication and association */
1d3c75b3
DW		 3136 int timeout = 60;
3137
3138 if (assoc_failed) {
3139 /* give IBSS a bit more time */
d7dcba70 3140 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1d3c75b3
DW		 3141 } else if (wpa_s->conf->ap_scan == 1) {
3142 /* give IBSS a bit more time */
d7dcba70 3143 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1d3c75b3 3144 }
6fc6879b
JM		 3145 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3146 }
3147
66562e9c
JM		 3148 if (wep_keys_set &&
3149 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
6fc6879b
JM		 3150 /* Set static WEP keys again */
3151 wpa_set_wep_keys(wpa_s, ssid);
3152 }
3153
3154 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3155 /*
3156 * Do not allow EAP session resumption between different
3157 * network configurations.
3158 */
3159 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3160 }
8bac466b 3161 old_ssid = wpa_s->current_ssid;
6fc6879b 3162 wpa_s->current_ssid = ssid;
ece4ac5f
MG		 3163
3164 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4d3be9cd 3165 wpa_s->current_bss = bss;
ece4ac5f
MG		 3166#ifdef CONFIG_HS20
3167 hs20_configure_frame_filters(wpa_s);
3168#endif /* CONFIG_HS20 */
3169 }
3170
6fc6879b
JM		 3171 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3172 wpa_supplicant_initiate_eapol(wpa_s);
8bac466b
JM		 3173 if (old_ssid != wpa_s->current_ssid)
3174 wpas_notify_network_changed(wpa_s);
6fc6879b
JM		 3175}
3176
3177
09f58c09
JM		 3178static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3179 const u8 *addr)
3180{
3181 struct wpa_ssid *old_ssid;
3182
c155305f 3183 wpas_connect_work_done(wpa_s);
09f58c09 3184 wpa_clear_keys(wpa_s, addr);
09f58c09 3185 old_ssid = wpa_s->current_ssid;
0d30cc24 3186 wpa_supplicant_mark_disassoc(wpa_s);
09f58c09
JM		 3187 wpa_sm_set_config(wpa_s->wpa, NULL);
3188 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3189 if (old_ssid != wpa_s->current_ssid)
3190 wpas_notify_network_changed(wpa_s);
3191 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3192}
3193
3194
6fc6879b
JM		 3195/**
3196 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3197 * @wpa_s: Pointer to wpa_supplicant data
3198 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3199 *
073ab58f 3200 * This function is used to request %wpa_supplicant to deauthenticate from the
6fc6879b
JM		 3201 * current AP.
3202 */
3203void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3204 int reason_code)
3205{
3206 u8 *addr = NULL;
ef48ff94 3207 union wpa_event_data event;
42d23547 3208 int zero_addr = 0;
8bac466b 3209
42d23547
JM		 3210 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3211 " pending_bssid=" MACSTR " reason=%d state=%s",
3212 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3213 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
3214
04e3d815
MK		 3215 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3216 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3217 wpa_s->wpa_state == WPA_ASSOCIATING))
42d23547 3218 addr = wpa_s->pending_bssid;
04e3d815
MK		 3219 else if (!is_zero_ether_addr(wpa_s->bssid))
3220 addr = wpa_s->bssid;
42d23547
JM		 3221 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3222 /*
3223 * When using driver-based BSS selection, we may not know the
3224 * BSSID with which we are currently trying to associate. We
3225 * need to notify the driver of this disconnection even in such
3226 * a case, so use the all zeros address here.
3227 */
6fc6879b 3228 addr = wpa_s->bssid;
42d23547
JM		 3229 zero_addr = 1;
3230 }
3231
7b44ff2c
SD		 3232#ifdef CONFIG_TDLS
3233 wpa_tdls_teardown_peers(wpa_s->wpa);
3234#endif /* CONFIG_TDLS */
3235
603a3f34
JL		 3236#ifdef CONFIG_MESH
3237 if (wpa_s->ifmsh) {
a39b040b
SB		 3238 struct mesh_conf *mconf;
3239
3240 mconf = wpa_s->ifmsh->mconf;
6174de66
JM		 3241 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3242 wpa_s->ifname);
a39b040b
SB		 3243 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3244 mconf->meshid_len, reason_code);
603a3f34
JL		 3245 wpa_supplicant_leave_mesh(wpa_s);
3246 }
3247#endif /* CONFIG_MESH */
3248
42d23547
JM		 3249 if (addr) {
3250 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
ef48ff94
JM		 3251 os_memset(&event, 0, sizeof(event));
3252 event.deauth_info.reason_code = (u16) reason_code;
3253 event.deauth_info.locally_generated = 1;
3254 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
42d23547
JM		 3255 if (zero_addr)
3256 addr = NULL;
6fc6879b 3257 }
09f58c09
JM		 3258
3259 wpa_supplicant_clear_connection(wpa_s, addr);
6fc6879b
JM		 3260}
3261
dca1a511
DS		 3262static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3263 struct wpa_ssid *ssid)
3264{
3265 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3266 return;
3267
3268 ssid->disabled = 0;
3269 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3270 wpas_notify_network_enabled_changed(wpa_s, ssid);
3271
3272 /*
3273 * Try to reassociate since there is no current configuration and a new
3274 * network was made available.
3275 */
d2592497 3276 if (!wpa_s->current_ssid && !wpa_s->disconnected)
dca1a511
DS		 3277 wpa_s->reassociate = 1;
3278}
3279
6fc6879b 3280
d015bb05
RP		 3281/**
3282 * wpa_supplicant_add_network - Add a new network
3283 * @wpa_s: wpa_supplicant structure for a network interface
3284 * Returns: The new network configuration or %NULL if operation failed
3285 *
3286 * This function performs the following operations:
3287 * 1. Adds a new network.
3288 * 2. Send network addition notification.
3289 * 3. Marks the network disabled.
3290 * 4. Set network default parameters.
3291 */
3292struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3293{
3294 struct wpa_ssid *ssid;
3295
3296 ssid = wpa_config_add_network(wpa_s->conf);
3297 if (!ssid)
3298 return NULL;
3299 wpas_notify_network_added(wpa_s, ssid);
3300 ssid->disabled = 1;
3301 wpa_config_set_network_defaults(ssid);
3302
3303 return ssid;
3304}
3305
3306
3307/**
3308 * wpa_supplicant_remove_network - Remove a configured network based on id
3309 * @wpa_s: wpa_supplicant structure for a network interface
3310 * @id: Unique network id to search for
3311 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3312 * could not be removed
3313 *
3314 * This function performs the following operations:
3315 * 1. Removes the network.
3316 * 2. Send network removal notification.
3317 * 3. Update internal state machines.
3318 * 4. Stop any running sched scans.
3319 */
3320int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3321{
3322 struct wpa_ssid *ssid;
3323 int was_disabled;
3324
3325 ssid = wpa_config_get_network(wpa_s->conf, id);
3326 if (!ssid)
3327 return -1;
3328 wpas_notify_network_removed(wpa_s, ssid);
3329
3330 if (wpa_s->last_ssid == ssid)
3331 wpa_s->last_ssid = NULL;
3332
3333 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3334#ifdef CONFIG_SME
3335 wpa_s->sme.prev_bssid_set = 0;
3336#endif /* CONFIG_SME */
3337 /*
3338 * Invalidate the EAP session cache if the current or
3339 * previously used network is removed.
3340 */
3341 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3342 }
3343
3344 if (ssid == wpa_s->current_ssid) {
3345 wpa_sm_set_config(wpa_s->wpa, NULL);
3346 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3347
3348 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3349 wpa_s->own_disconnect_req = 1;
3350 wpa_supplicant_deauthenticate(wpa_s,
3351 WLAN_REASON_DEAUTH_LEAVING);
3352 }
3353
3354 was_disabled = ssid->disabled;
3355
3356 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3357 return -2;
3358
3359 if (!was_disabled && wpa_s->sched_scanning) {
3360 wpa_printf(MSG_DEBUG,
3361 "Stop ongoing sched_scan to remove network from filters");
3362 wpa_supplicant_cancel_sched_scan(wpa_s);
3363 wpa_supplicant_req_scan(wpa_s, 0, 0);
3364 }
3365
3366 return 0;
3367}
3368
3369
86b89452
WS		 3370/**
3371 * wpa_supplicant_enable_network - Mark a configured network as enabled
3372 * @wpa_s: wpa_supplicant structure for a network interface
3373 * @ssid: wpa_ssid structure for a configured network or %NULL
3374 *
3375 * Enables the specified network or all networks if no network specified.
3376 */
3377void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3378 struct wpa_ssid *ssid)
3379{
86b89452 3380 if (ssid == NULL) {
14f79078
JM		 3381 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3382 wpa_supplicant_enable_one_network(wpa_s, ssid);
dca1a511
DS		 3383 } else
3384 wpa_supplicant_enable_one_network(wpa_s, ssid);
86b89452 3385
5a1d9d1a
JM		 3386 if (wpa_s->reassociate && !wpa_s->disconnected &&
3387 (!wpa_s->current_ssid ||
3388 wpa_s->wpa_state == WPA_DISCONNECTED ||
3389 wpa_s->wpa_state == WPA_SCANNING)) {
dca1a511
DS		 3390 if (wpa_s->sched_scanning) {
3391 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3392 "new network to scan filters");
3393 wpa_supplicant_cancel_sched_scan(wpa_s);
3394 }
86b89452 3395
35d40309
JM		 3396 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3397 wpa_s->scan_req = NORMAL_SCAN_REQ;
dad153d1 3398 wpa_supplicant_req_scan(wpa_s, 0, 0);
35d40309 3399 }
86b89452
WS		 3400 }
3401}
3402
3403
3404/**
3405 * wpa_supplicant_disable_network - Mark a configured network as disabled
3406 * @wpa_s: wpa_supplicant structure for a network interface
3407 * @ssid: wpa_ssid structure for a configured network or %NULL
3408 *
3409 * Disables the specified network or all networks if no network specified.
3410 */
3411void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3412 struct wpa_ssid *ssid)
3413{
3414 struct wpa_ssid *other_ssid;
3415 int was_disabled;
3416
3417 if (ssid == NULL) {
725fc39e
DS		 3418 if (wpa_s->sched_scanning)
3419 wpa_supplicant_cancel_sched_scan(wpa_s);
3420
4dac0245
JM		 3421 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3422 other_ssid = other_ssid->next) {
86b89452 3423 was_disabled = other_ssid->disabled;
4dac0245
JM		 3424 if (was_disabled == 2)
3425 continue; /* do not change persistent P2P group
3426 * data */
86b89452
WS		 3427
3428 other_ssid->disabled = 1;
3429
3430 if (was_disabled != other_ssid->disabled)
3431 wpas_notify_network_enabled_changed(
3432 wpa_s, other_ssid);
86b89452 3433 }
0661163e
SD		 3434 if (wpa_s->current_ssid) {
3435 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3436 wpa_s->own_disconnect_req = 1;
07783eaa 3437 wpa_supplicant_deauthenticate(
86b89452 3438 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3439 }
4dac0245 3440 } else if (ssid->disabled != 2) {
0661163e
SD		 3441 if (ssid == wpa_s->current_ssid) {
3442 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3443 wpa_s->own_disconnect_req = 1;
07783eaa 3444 wpa_supplicant_deauthenticate(
86b89452 3445 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
0661163e 3446 }
86b89452
WS		 3447
3448 was_disabled = ssid->disabled;
3449
3450 ssid->disabled = 1;
3451
725fc39e 3452 if (was_disabled != ssid->disabled) {
86b89452 3453 wpas_notify_network_enabled_changed(wpa_s, ssid);
725fc39e
DS		 3454 if (wpa_s->sched_scanning) {
3455 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
3456 "to remove network from filters");
3457 wpa_supplicant_cancel_sched_scan(wpa_s);
3458 wpa_supplicant_req_scan(wpa_s, 0, 0);
3459 }
3460 }
86b89452
WS		 3461 }
3462}
3463
3464
3465/**
3466 * wpa_supplicant_select_network - Attempt association with a network
3467 * @wpa_s: wpa_supplicant structure for a network interface
3468 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3469 */
3470void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
3471 struct wpa_ssid *ssid)
3472{
3473
3474 struct wpa_ssid *other_ssid;
d93dfbd5 3475 int disconnected = 0;
86b89452 3476
d93dfbd5 3477 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
e66bcedd
JM		 3478 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3479 wpa_s->own_disconnect_req = 1;
07783eaa 3480 wpa_supplicant_deauthenticate(
86b89452 3481 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
d93dfbd5
JM		 3482 disconnected = 1;
3483 }
86b89452 3484
00e5e3d5
JM		 3485 if (ssid)
3486 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3487
86b89452
WS		 3488 /*
3489 * Mark all other networks disabled or mark all networks enabled if no
3490 * network specified.
3491 */
4dac0245
JM		 3492 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3493 other_ssid = other_ssid->next) {
86b89452 3494 int was_disabled = other_ssid->disabled;
4dac0245
JM		 3495 if (was_disabled == 2)
3496 continue; /* do not change persistent P2P group data */
86b89452
WS		 3497
3498 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
00e5e3d5
JM		 3499 if (was_disabled && !other_ssid->disabled)
3500 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
86b89452
WS		 3501
3502 if (was_disabled != other_ssid->disabled)
3503 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
86b89452 3504 }
2a6f78fb 3505
d38c7be0
JM		 3506 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
3507 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2a6f78fb
JJ		 3508 /* We are already associated with the selected network */
3509 wpa_printf(MSG_DEBUG, "Already associated with the "
3510 "selected network - do nothing");
3511 return;
3512 }
3513
25a8f9e3 3514 if (ssid) {
96efeeb6 3515 wpa_s->current_ssid = ssid;
25a8f9e3 3516 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
603a3f34
JL		 3517 wpa_s->connect_without_scan =
3518 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
701f3961
AS		 3519
3520 /*
3521 * Don't optimize next scan freqs since a new ESS has been
3522 * selected.
3523 */
3524 os_free(wpa_s->next_scan_freqs);
3525 wpa_s->next_scan_freqs = NULL;
603a3f34
JL		 3526 } else {
3527 wpa_s->connect_without_scan = NULL;
25a8f9e3 3528 }
603a3f34 3529
86b89452
WS		 3530 wpa_s->disconnected = 0;
3531 wpa_s->reassociate = 1;
2cb40e9f 3532 wpa_s->last_owe_group = 0;
cecdddc1 3533
e4a35f07 3534 if (wpa_s->connect_without_scan ||
35d40309
JM		 3535 wpa_supplicant_fast_associate(wpa_s) != 1) {
3536 wpa_s->scan_req = NORMAL_SCAN_REQ;
be7ebd89 3537 wpas_scan_reset_sched_scan(wpa_s);
cecdddc1 3538 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
35d40309 3539 }
86b89452 3540
a1641d26
JM		 3541 if (ssid)
3542 wpas_notify_network_selected(wpa_s, ssid);
86b89452
WS		 3543}
3544
3545
bdec7ee5
MS		 3546/**
3547 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3548 * @wpa_s: wpa_supplicant structure for a network interface
3549 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3550 * @pkcs11_module_path: PKCS #11 module path or NULL
3551 * Returns: 0 on success; -1 on failure
3552 *
3553 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3554 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3555 * module path fails the paths will be reset to the default value (NULL).
3556 */
3557int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
3558 const char *pkcs11_engine_path,
3559 const char *pkcs11_module_path)
3560{
3561 char *pkcs11_engine_path_copy = NULL;
3562 char *pkcs11_module_path_copy = NULL;
3563
3564 if (pkcs11_engine_path != NULL) {
3565 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
3566 if (pkcs11_engine_path_copy == NULL)
3567 return -1;
3568 }
3569 if (pkcs11_module_path != NULL) {
3570 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
04c366cb 3571 if (pkcs11_module_path_copy == NULL) {
bdec7ee5
MS		 3572 os_free(pkcs11_engine_path_copy);
3573 return -1;
3574 }
3575 }
3576
3577 os_free(wpa_s->conf->pkcs11_engine_path);
3578 os_free(wpa_s->conf->pkcs11_module_path);
3579 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
3580 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
3581
3582 wpa_sm_set_eapol(wpa_s->wpa, NULL);
3583 eapol_sm_deinit(wpa_s->eapol);
3584 wpa_s->eapol = NULL;
3585 if (wpa_supplicant_init_eapol(wpa_s)) {
3586 /* Error -> Reset paths to the default value (NULL) once. */
3587 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
3588 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
3589 NULL);
3590
3591 return -1;
3592 }
3593 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3594
3595 return 0;
3596}
3597
3598
86b89452
WS		 3599/**
3600 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3601 * @wpa_s: wpa_supplicant structure for a network interface
3602 * @ap_scan: AP scan mode
3603 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3604 *
3605 */
3606int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
3607{
3608
3609 int old_ap_scan;
3610
3611 if (ap_scan < 0 || ap_scan > 2)
3612 return -1;
3613
8406cd35
JM		 3614 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3615 wpa_printf(MSG_INFO,
3616 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3617 }
3618
48f8e036
DS		 3619#ifdef ANDROID
3620 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3621 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3622 wpa_s->wpa_state < WPA_COMPLETED) {
3623 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3624 "associating", wpa_s->conf->ap_scan, ap_scan);
3625 return 0;
3626 }
3627#endif /* ANDROID */
3628
86b89452
WS		 3629 old_ap_scan = wpa_s->conf->ap_scan;
3630 wpa_s->conf->ap_scan = ap_scan;
3631
3632 if (old_ap_scan != wpa_s->conf->ap_scan)
3633 wpas_notify_ap_scan_changed(wpa_s);
3634
3635 return 0;
3636}
3637
3638
78633c37
SL		 3639/**
3640 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3641 * @wpa_s: wpa_supplicant structure for a network interface
3642 * @expire_age: Expiration age in seconds
3643 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3644 *
3645 */
3646int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3647 unsigned int bss_expire_age)
3648{
3649 if (bss_expire_age < 10) {
3650 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3651 bss_expire_age);
3652 return -1;
3653 }
3654 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3655 bss_expire_age);
3656 wpa_s->conf->bss_expiration_age = bss_expire_age;
3657
3658 return 0;
3659}
3660
3661
3662/**
3663 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3664 * @wpa_s: wpa_supplicant structure for a network interface
3665 * @expire_count: number of scans after which an unseen BSS is reclaimed
3666 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3667 *
3668 */
3669int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3670 unsigned int bss_expire_count)
3671{
3672 if (bss_expire_count < 1) {
3673 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3674 bss_expire_count);
3675 return -1;
3676 }
3677 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3678 bss_expire_count);
3679 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3680
3681 return 0;
3682}
3683
3684
c6e86b63
MA		 3685/**
3686 * wpa_supplicant_set_scan_interval - Set scan interval
3687 * @wpa_s: wpa_supplicant structure for a network interface
3688 * @scan_interval: scan interval in seconds
3689 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3690 *
3691 */
3692int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3693 int scan_interval)
3694{
3695 if (scan_interval < 0) {
3696 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3697 scan_interval);
3698 return -1;
3699 }
3700 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3701 scan_interval);
9e737f08 3702 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
c6e86b63
MA		 3703
3704 return 0;
3705}
3706
3707
86b89452
WS		 3708/**
3709 * wpa_supplicant_set_debug_params - Set global debug params
3710 * @global: wpa_global structure
3711 * @debug_level: debug level
3712 * @debug_timestamp: determines if show timestamp in debug data
3713 * @debug_show_keys: determines if show keys in debug data
3714 * Returns: 0 if succeed or -1 if debug_level has wrong value
3715 */
3716int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3717 int debug_timestamp, int debug_show_keys)
3718{
3719
3720 int old_level, old_timestamp, old_show_keys;
3721
3722 /* check for allowed debuglevels */
14dc0011
PS		 3723 if (debug_level != MSG_EXCESSIVE &&
3724 debug_level != MSG_MSGDUMP &&
86b89452
WS		 3725 debug_level != MSG_DEBUG &&
3726 debug_level != MSG_INFO &&
3727 debug_level != MSG_WARNING &&
3728 debug_level != MSG_ERROR)
3729 return -1;
3730
3731 old_level = wpa_debug_level;
3732 old_timestamp = wpa_debug_timestamp;
3733 old_show_keys = wpa_debug_show_keys;
3734
3735 wpa_debug_level = debug_level;
3736 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3737 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3738
db9133ac
WS		 3739 if (wpa_debug_level != old_level)
3740 wpas_notify_debug_level_changed(global);
3741 if (wpa_debug_timestamp != old_timestamp)
3742 wpas_notify_debug_timestamp_changed(global);
3743 if (wpa_debug_show_keys != old_show_keys)
3744 wpas_notify_debug_show_keys_changed(global);
86b89452
WS		 3745
3746 return 0;
3747}
3748
3749
e8b96490
JM		 3750#ifdef CONFIG_OWE
3751static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
3752 const u8 *entry_ssid, size_t entry_ssid_len)
3753{
3754 const u8 *owe, *pos, *end;
3755 u8 ssid_len;
3756 struct wpa_bss *bss;
3757
3758 /* Check network profile SSID aganst the SSID in the
3759 * OWE Transition Mode element. */
3760
3761 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
3762 if (!bss)
3763 return 0;
3764
3765 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
3766 if (!owe)
3767 return 0;
3768
3769 pos = owe + 6;
3770 end = owe + 2 + owe[1];
3771
3772 if (end - pos < ETH_ALEN + 1)
3773 return 0;
3774 pos += ETH_ALEN;
3775 ssid_len = *pos++;
3776 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
3777 return 0;
3778
3779 return entry_ssid_len == ssid_len &&
3780 os_memcmp(pos, entry_ssid, ssid_len) == 0;
3781}
3782#endif /* CONFIG_OWE */
3783
3784
6fc6879b
JM		 3785/**
3786 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3787 * @wpa_s: Pointer to wpa_supplicant data
3788 * Returns: A pointer to the current network structure or %NULL on failure
3789 */
3790struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3791{
3792 struct wpa_ssid *entry;
eaa8eefe 3793 u8 ssid[SSID_MAX_LEN];
6fc6879b
JM		 3794 int res;
3795 size_t ssid_len;
3796 u8 bssid[ETH_ALEN];
3797 int wired;
3798
17fbb751
JM		 3799 res = wpa_drv_get_ssid(wpa_s, ssid);
3800 if (res < 0) {
3801 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3802 "driver");
3803 return NULL;
6fc6879b 3804 }
17fbb751 3805 ssid_len = res;
6fc6879b 3806
17fbb751 3807 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
f049052b
BG		 3808 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3809 "driver");
6fc6879b
JM		 3810 return NULL;
3811 }
3812
c2a04078
JM		 3813 wired = wpa_s->conf->ap_scan == 0 &&
3814 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
6fc6879b
JM		 3815
3816 entry = wpa_s->conf->ssid;
3817 while (entry) {
349493bd 3818 if (!wpas_network_disabled(wpa_s, entry) &&
6fc6879b
JM		 3819 ((ssid_len == entry->ssid_len &&
3820 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3821 (!entry->bssid_set ||
3822 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3823 return entry;
24c23d1b 3824#ifdef CONFIG_WPS
349493bd 3825 if (!wpas_network_disabled(wpa_s, entry) &&
24c23d1b
JM		 3826 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3827 (entry->ssid == NULL || entry->ssid_len == 0) &&
3828 (!entry->bssid_set ||
3829 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3830 return entry;
3831#endif /* CONFIG_WPS */
7d232e23 3832
e8b96490
JM		 3833#ifdef CONFIG_OWE
3834 if (!wpas_network_disabled(wpa_s, entry) &&
3835 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
3836 entry->ssid_len) &&
3837 (!entry->bssid_set ||
3838 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3839 return entry;
3840#endif /* CONFIG_OWE */
3841
349493bd 3842 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
7d232e23
ZC		 3843 entry->ssid_len == 0 &&
3844 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3845 return entry;
3846
6fc6879b
JM		 3847 entry = entry->next;
3848 }
3849
3850 return NULL;
3851}
3852
3853
7756114f
JM		 3854static int select_driver(struct wpa_supplicant *wpa_s, int i)
3855{
3856 struct wpa_global *global = wpa_s->global;
3857
3858 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
45e3fc72 3859 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
7756114f
JM		 3860 if (global->drv_priv[i] == NULL) {
3861 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3862 "'%s'", wpa_drivers[i]->name);
3863 return -1;
3864 }
3865 }
3866
3867 wpa_s->driver = wpa_drivers[i];
3868 wpa_s->global_drv_priv = global->drv_priv[i];
3869
3870 return 0;
3871}
3872
3873
6fc6879b
JM		 3874static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3875 const char *name)
3876{
3877 int i;
362f781e 3878 size_t len;
74b1c84a 3879 const char *pos, *driver = name;
6fc6879b
JM		 3880
3881 if (wpa_s == NULL)
3882 return -1;
3883
c5121837 3884 if (wpa_drivers[0] == NULL) {
f049052b
BG		 3885 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3886 "wpa_supplicant");
6fc6879b
JM		 3887 return -1;
3888 }
3889
3890 if (name == NULL) {
3891 /* default to first driver in the list */
7756114f 3892 return select_driver(wpa_s, 0);
6fc6879b
JM		 3893 }
3894
74b1c84a
SO		 3895 do {
3896 pos = os_strchr(driver, ',');
3897 if (pos)
3898 len = pos - driver;
3899 else
3900 len = os_strlen(driver);
3901
3902 for (i = 0; wpa_drivers[i]; i++) {
3903 if (os_strlen(wpa_drivers[i]->name) == len &&
3904 os_strncmp(driver, wpa_drivers[i]->name, len) ==
0f4668ce
DW		 3905 0) {
3906 /* First driver that succeeds wins */
3907 if (select_driver(wpa_s, i) == 0)
3908 return 0;
3909 }
6fc6879b 3910 }
74b1c84a
SO		 3911
3912 driver = pos + 1;
3913 } while (pos);
6fc6879b 3914
f049052b 3915 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
6fc6879b
JM		 3916 return -1;
3917}
3918
3919
a8e0505b
JM		 3920/**
3921 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3922 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3923 * with struct wpa_driver_ops::init()
3924 * @src_addr: Source address of the EAPOL frame
3925 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3926 * @len: Length of the EAPOL data
3927 *
3928 * This function is called for each received EAPOL frame. Most driver
3929 * interfaces rely on more generic OS mechanism for receiving frames through
3930 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3931 * take care of received EAPOL frames and deliver them to the core supplicant
3932 * code by calling this function.
3933 */
6fc6879b
JM		 3934void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3935 const u8 *buf, size_t len)
3936{
3937 struct wpa_supplicant *wpa_s = ctx;
3938
f049052b 3939 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
6fc6879b
JM		 3940 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3941
02adead5
MK		 3942#ifdef CONFIG_TESTING_OPTIONS
3943 if (wpa_s->ignore_auth_resp) {
3944 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
3945 return;
3946 }
3947#endif /* CONFIG_TESTING_OPTIONS */
3948
3ab35a66
JM		 3949 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3950 (wpa_s->last_eapol_matches_bssid &&
3951#ifdef CONFIG_AP
3952 !wpa_s->ap_iface &&
3953#endif /* CONFIG_AP */
3954 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
1ff73338
JM		 3955 /*
3956 * There is possible race condition between receiving the
3957 * association event and the EAPOL frame since they are coming
3958 * through different paths from the driver. In order to avoid
3959 * issues in trying to process the EAPOL frame before receiving
3960 * association information, lets queue it for processing until
3ab35a66
JM		 3961 * the association event is received. This may also be needed in
3962 * driver-based roaming case, so also use src_addr != BSSID as a
3963 * trigger if we have previously confirmed that the
3964 * Authenticator uses BSSID as the src_addr (which is not the
3965 * case with wired IEEE 802.1X).
1ff73338 3966 */
f049052b 3967 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3ab35a66
JM		 3968 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3969 wpa_supplicant_state_txt(wpa_s->wpa_state),
3970 MAC2STR(wpa_s->bssid));
1ff73338
JM		 3971 wpabuf_free(wpa_s->pending_eapol_rx);
3972 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3973 if (wpa_s->pending_eapol_rx) {
c2be937c 3974 os_get_reltime(&wpa_s->pending_eapol_rx_time);
1ff73338
JM		 3975 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3976 ETH_ALEN);
3977 }
3978 return;
3979 }
3980
3ab35a66
JM		 3981 wpa_s->last_eapol_matches_bssid =
3982 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3983
db149ac9
JM		 3984#ifdef CONFIG_AP
3985 if (wpa_s->ap_iface) {
3986 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3987 return;
3988 }
3989#endif /* CONFIG_AP */
3990
6fc6879b 3991 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
f049052b
BG		 3992 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3993 "no key management is configured");
6fc6879b
JM		 3994 return;
3995 }
3996
3997 if (wpa_s->eapol_received == 0 &&
c2a04078 3998 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
56586197 3999 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
9c972abb
JM		 4000 wpa_s->wpa_state != WPA_COMPLETED) &&
4001 (wpa_s->current_ssid == NULL ||
4002 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
6fc6879b 4003 /* Timeout for completing IEEE 802.1X and WPA authentication */
5add4101
JM		 4004 int timeout = 10;
4005
4006 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4007 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4008 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4009 /* Use longer timeout for IEEE 802.1X/EAP */
4010 timeout = 70;
4011 }
4012
c7dafdf9 4013#ifdef CONFIG_WPS
5add4101
JM		 4014 if (wpa_s->current_ssid && wpa_s->current_bss &&
4015 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4016 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4017 /*
4018 * Use shorter timeout if going through WPS AP iteration
4019 * for PIN config method with an AP that does not
4020 * advertise Selected Registrar.
4021 */
4022 struct wpabuf *wps_ie;
4023
4024 wps_ie = wpa_bss_get_vendor_ie_multi(
4025 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
0ef1e290
JM		 4026 if (wps_ie &&
4027 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5add4101
JM		 4028 timeout = 10;
4029 wpabuf_free(wps_ie);
4030 }
c7dafdf9 4031#endif /* CONFIG_WPS */
5add4101
JM		 4032
4033 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6fc6879b
JM		 4034 }
4035 wpa_s->eapol_received++;
4036
4037 if (wpa_s->countermeasures) {
f049052b
BG		 4038 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4039 "EAPOL packet");
6fc6879b
JM		 4040 return;
4041 }
4042
8be18440
JM		 4043#ifdef CONFIG_IBSS_RSN
4044 if (wpa_s->current_ssid &&
d7dcba70 4045 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
8be18440
JM		 4046 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4047 return;
4048 }
4049#endif /* CONFIG_IBSS_RSN */
4050
6fc6879b
JM		 4051 /* Source address of the incoming EAPOL frame could be compared to the
4052 * current BSSID. However, it is possible that a centralized
4053 * Authenticator could be using another MAC address than the BSSID of
4054 * an AP, so just allow any address to be used for now. The replies are
4055 * still sent to the current BSSID (if available), though. */
4056
4057 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
56586197 4058 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
a1ea1b45 4059 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
567da5bb 4060 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6fc6879b
JM		 4061 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4062 return;
4063 wpa_drv_poll(wpa_s);
c2a04078 4064 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
6fc6879b 4065 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
56586197 4066 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6fc6879b
JM		 4067 /*
4068 * Set portValid = TRUE here since we are going to skip 4-way
4069 * handshake processing which would normally set portValid. We
4070 * need this to allow the EAPOL state machines to be completed
4071 * without going through EAPOL-Key handshake.
4072 */
4073 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4074 }
4075}
4076
4077
bfba8deb 4078int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6fc6879b 4079{
2961bfa8
JM		 4080 if ((!wpa_s->p2p_mgmt ||
4081 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4082 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
bfba8deb 4083 l2_packet_deinit(wpa_s->l2);
6fc6879b
JM		 4084 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4085 wpa_drv_get_mac_addr(wpa_s),
4086 ETH_P_EAPOL,
4087 wpa_supplicant_rx_eapol, wpa_s, 0);
4088 if (wpa_s->l2 == NULL)
4089 return -1;
d89edb61
DC		 4090
4091 if (l2_packet_set_packet_filter(wpa_s->l2,
4092 L2_PACKET_FILTER_PKTTYPE))
4093 wpa_dbg(wpa_s, MSG_DEBUG,
4094 "Failed to attach pkt_type filter");
fdadd5fe
JM		 4095 } else {
4096 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4097 if (addr)
4098 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6fc6879b
JM		 4099 }
4100
4101 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
f049052b 4102 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
6fc6879b
JM		 4103 return -1;
4104 }
4105
c267753b
JM		 4106 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4107
bfba8deb
JM		 4108 return 0;
4109}
4110
4111
25f839c6
JM		 4112static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4113 const u8 *buf, size_t len)
4114{
4115 struct wpa_supplicant *wpa_s = ctx;
4116 const struct l2_ethhdr *eth;
4117
4118 if (len < sizeof(*eth))
4119 return;
4120 eth = (const struct l2_ethhdr *) buf;
4121
4122 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4123 !(eth->h_dest[0] & 0x01)) {
4124 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4125 " (bridge - not for this interface - ignore)",
4126 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4127 return;
4128 }
4129
4130 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4131 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4132 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4133 len - sizeof(*eth));
4134}
4135
4136
bfba8deb
JM		 4137/**
4138 * wpa_supplicant_driver_init - Initialize driver interface parameters
4139 * @wpa_s: Pointer to wpa_supplicant data
4140 * Returns: 0 on success, -1 on failure
4141 *
4142 * This function is called to initialize driver interface parameters.
4143 * wpa_drv_init() must have been called before this function to initialize the
4144 * driver interface.
4145 */
4146int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4147{
4148 static int interface_count = 0;
4149
4150 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4151 return -1;
4152
c68f6200
AS		 4153 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4154 MAC2STR(wpa_s->own_addr));
a313d17d 4155 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
c68f6200
AS		 4156 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4157
6fc6879b 4158 if (wpa_s->bridge_ifname[0]) {
f049052b
BG		 4159 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4160 "interface '%s'", wpa_s->bridge_ifname);
e6dd8196
JM		 4161 wpa_s->l2_br = l2_packet_init_bridge(
4162 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4163 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6fc6879b 4164 if (wpa_s->l2_br == NULL) {
f049052b
BG		 4165 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4166 "connection for the bridge interface '%s'",
4167 wpa_s->bridge_ifname);
6fc6879b
JM		 4168 return -1;
4169 }
4170 }
4171
8406cd35
JM		 4172 if (wpa_s->conf->ap_scan == 2 &&
4173 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4174 wpa_printf(MSG_INFO,
4175 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4176 }
4177
6fc6879b
JM		 4178 wpa_clear_keys(wpa_s, NULL);
4179
4180 /* Make sure that TKIP countermeasures are not left enabled (could
4181 * happen if wpa_supplicant is killed during countermeasures. */
4182 wpa_drv_set_countermeasures(wpa_s, 0);
4183
f049052b 4184 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6fc6879b
JM		 4185 wpa_drv_flush_pmkid(wpa_s);
4186
ba2a573c 4187 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
b3aa456b
ES		 4188 wpa_s->prev_scan_wildcard = 0;
4189
349493bd 4190 if (wpa_supplicant_enabled_networks(wpa_s)) {
a0e9d892
AS		 4191 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4192 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4193 interface_count = 0;
4194 }
ee82e33d 4195#ifndef ANDROID
3a94adbf 4196 if (!wpa_s->p2p_mgmt &&
5d0d72a3
BG		 4197 wpa_supplicant_delayed_sched_scan(wpa_s,
4198 interface_count % 3,
6a90053c 4199 100000))
5d0d72a3 4200 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
a4cba8f1 4201 100000);
ee82e33d 4202#endif /* ANDROID */
74e259ec
JM		 4203 interface_count++;
4204 } else
4205 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6fc6879b
JM		 4206
4207 return 0;
4208}
4209
4210
4211static int wpa_supplicant_daemon(const char *pid_file)
4212{
4213 wpa_printf(MSG_DEBUG, "Daemonize..");
4214 return os_daemonize(pid_file);
4215}
4216
4217
1772d348
JM		 4218static struct wpa_supplicant *
4219wpa_supplicant_alloc(struct wpa_supplicant *parent)
6fc6879b
JM		 4220{
4221 struct wpa_supplicant *wpa_s;
4222
4223 wpa_s = os_zalloc(sizeof(*wpa_s));
4224 if (wpa_s == NULL)
4225 return NULL;
4115303b 4226 wpa_s->scan_req = INITIAL_SCAN_REQ;
67b9bd08 4227 wpa_s->scan_interval = 5;
c302f207 4228 wpa_s->new_connection = 1;
1772d348 4229 wpa_s->parent = parent ? parent : wpa_s;
ba307f85 4230 wpa_s->p2pdev = wpa_s->parent;
cbdf3507 4231 wpa_s->sched_scanning = 0;
6fc6879b 4232
dd599908 4233 dl_list_init(&wpa_s->bss_tmp_disallowed);
5732b770 4234 dl_list_init(&wpa_s->fils_hlp_req);
dd599908 4235
6fc6879b
JM		 4236 return wpa_s;
4237}
4238
4239
80e8a5ee
BG		 4240#ifdef CONFIG_HT_OVERRIDES
4241
4242static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4243 struct ieee80211_ht_capabilities *htcaps,
4244 struct ieee80211_ht_capabilities *htcaps_mask,
4245 const char *ht_mcs)
4246{
4247 /* parse ht_mcs into hex array */
4248 int i;
4249 const char *tmp = ht_mcs;
4250 char *end = NULL;
4251
4252 /* If ht_mcs is null, do not set anything */
4253 if (!ht_mcs)
4254 return 0;
4255
4256 /* This is what we are setting in the kernel */
4257 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4258
4259 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4260
4261 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
30eddf35
JB		 4262 long v;
4263
80e8a5ee 4264 errno = 0;
30eddf35
JB		 4265 v = strtol(tmp, &end, 16);
4266
80e8a5ee
BG		 4267 if (errno == 0) {
4268 wpa_msg(wpa_s, MSG_DEBUG,
4269 "htcap value[%i]: %ld end: %p tmp: %p",
4270 i, v, end, tmp);
4271 if (end == tmp)
4272 break;
4273
4274 htcaps->supported_mcs_set[i] = v;
4275 tmp = end;
4276 } else {
4277 wpa_msg(wpa_s, MSG_ERROR,
4278 "Failed to parse ht-mcs: %s, error: %s\n",
4279 ht_mcs, strerror(errno));
4280 return -1;
4281 }
4282 }
4283
4284 /*
4285 * If we were able to parse any values, then set mask for the MCS set.
4286 */
4287 if (i) {
4288 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4289 IEEE80211_HT_MCS_MASK_LEN - 1);
4290 /* skip the 3 reserved bits */
4291 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4292 0x1f;
4293 }
4294
4295 return 0;
4296}
4297
4298
4299static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4300 struct ieee80211_ht_capabilities *htcaps,
4301 struct ieee80211_ht_capabilities *htcaps_mask,
4302 int disabled)
4303{
5bc28571 4304 le16 msk;
80e8a5ee
BG		 4305
4306 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4307
4308 if (disabled == -1)
4309 return 0;
4310
4311 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4312 htcaps_mask->ht_capabilities_info |= msk;
4313 if (disabled)
4314 htcaps->ht_capabilities_info &= msk;
4315 else
4316 htcaps->ht_capabilities_info |= msk;
4317
4318 return 0;
4319}
4320
4321
4322static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4323 struct ieee80211_ht_capabilities *htcaps,
4324 struct ieee80211_ht_capabilities *htcaps_mask,
4325 int factor)
4326{
4327 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4328
4329 if (factor == -1)
4330 return 0;
4331
4332 if (factor < 0 || factor > 3) {
4333 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4334 "Must be 0-3 or -1", factor);
4335 return -EINVAL;
4336 }
4337
4338 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4339 htcaps->a_mpdu_params &= ~0x3;
4340 htcaps->a_mpdu_params |= factor & 0x3;
4341
4342 return 0;
4343}
4344
4345
4346static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4347 struct ieee80211_ht_capabilities *htcaps,
4348 struct ieee80211_ht_capabilities *htcaps_mask,
4349 int density)
4350{
4351 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4352
4353 if (density == -1)
4354 return 0;
4355
4356 if (density < 0 || density > 7) {
4357 wpa_msg(wpa_s, MSG_ERROR,
4358 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4359 density);
4360 return -EINVAL;
4361 }
4362
4363 htcaps_mask->a_mpdu_params |= 0x1C;
4364 htcaps->a_mpdu_params &= ~(0x1C);
4365 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4366
4367 return 0;
4368}
4369
4370
4371static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4372 struct ieee80211_ht_capabilities *htcaps,
4373 struct ieee80211_ht_capabilities *htcaps_mask,
4374 int disabled)
4375{
80e8a5ee
BG		 4376 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4377
9eb5757a
MH		 4378 set_disable_ht40(htcaps, disabled);
4379 set_disable_ht40(htcaps_mask, 0);
80e8a5ee
BG		 4380
4381 return 0;
4382}
4383
4384
a90497f8
BG		 4385static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4386 struct ieee80211_ht_capabilities *htcaps,
4387 struct ieee80211_ht_capabilities *htcaps_mask,
4388 int disabled)
4389{
4390 /* Masking these out disables SGI */
5bc28571
JM		 4391 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4392 HT_CAP_INFO_SHORT_GI40MHZ);
a90497f8
BG		 4393
4394 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4395
4396 if (disabled)
4397 htcaps->ht_capabilities_info &= ~msk;
4398 else
4399 htcaps->ht_capabilities_info |= msk;
4400
4401 htcaps_mask->ht_capabilities_info |= msk;
4402
4403 return 0;
4404}
4405
4406
39a5800f
PK		 4407static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
4408 struct ieee80211_ht_capabilities *htcaps,
4409 struct ieee80211_ht_capabilities *htcaps_mask,
4410 int disabled)
4411{
4412 /* Masking these out disables LDPC */
5bc28571 4413 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
39a5800f
PK		 4414
4415 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
4416
4417 if (disabled)
4418 htcaps->ht_capabilities_info &= ~msk;
4419 else
4420 htcaps->ht_capabilities_info |= msk;
4421
4422 htcaps_mask->ht_capabilities_info |= msk;
4423
4424 return 0;
4425}
4426
4427
80e8a5ee
BG		 4428void wpa_supplicant_apply_ht_overrides(
4429 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4430 struct wpa_driver_associate_params *params)
4431{
4432 struct ieee80211_ht_capabilities *htcaps;
4433 struct ieee80211_ht_capabilities *htcaps_mask;
4434
4435 if (!ssid)
4436 return;
4437
4438 params->disable_ht = ssid->disable_ht;
4439 if (!params->htcaps || !params->htcaps_mask)
4440 return;
4441
4442 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
4443 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
4444 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
4445 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
4446 ssid->disable_max_amsdu);
4447 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
4448 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
4449 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
a90497f8 4450 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
39a5800f 4451 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
d41cc8cc
JM		 4452
4453 if (ssid->ht40_intolerant) {
5bc28571 4454 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
d41cc8cc
JM		 4455 htcaps->ht_capabilities_info |= bit;
4456 htcaps_mask->ht_capabilities_info |= bit;
4457 }
80e8a5ee
BG		 4458}
4459
4460#endif /* CONFIG_HT_OVERRIDES */
4461
4462
e9ee8dc3
JB		 4463#ifdef CONFIG_VHT_OVERRIDES
4464void wpa_supplicant_apply_vht_overrides(
4465 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
4466 struct wpa_driver_associate_params *params)
4467{
4468 struct ieee80211_vht_capabilities *vhtcaps;
4469 struct ieee80211_vht_capabilities *vhtcaps_mask;
4470
4471 if (!ssid)
4472 return;
4473
4474 params->disable_vht = ssid->disable_vht;
4475
4476 vhtcaps = (void *) params->vhtcaps;
4477 vhtcaps_mask = (void *) params->vhtcaps_mask;
4478
4479 if (!vhtcaps || !vhtcaps_mask)
4480 return;
4481
4d8d710f
JM		 4482 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
4483 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
e9ee8dc3 4484
4f560cde
EP		 4485#ifdef CONFIG_HT_OVERRIDES
4486 /* if max ampdu is <= 3, we have to make the HT cap the same */
b0f33467
JM		 4487 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
4488 int max_ampdu;
4489
4490 max_ampdu = (ssid->vht_capa &
4491 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
4492 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
4f560cde
EP		 4493
4494 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
4495 wpa_set_ampdu_factor(wpa_s,
4496 (void *) params->htcaps,
4497 (void *) params->htcaps_mask,
4498 max_ampdu);
4499 }
4500#endif /* CONFIG_HT_OVERRIDES */
4501
e9ee8dc3
JB		 4502#define OVERRIDE_MCS(i) \
4503 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4504 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4d8d710f 4505 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4506 vhtcaps->vht_supported_mcs_set.tx_map |= \
4d8d710f
JM		 4507 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4508 2 * (i - 1)); \
e9ee8dc3
JB		 4509 } \
4510 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4511 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4d8d710f 4512 host_to_le16(3 << 2 * (i - 1)); \
e9ee8dc3 4513 vhtcaps->vht_supported_mcs_set.rx_map |= \
4d8d710f
JM		 4514 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4515 2 * (i - 1)); \
e9ee8dc3
JB		 4516 }
4517
4518 OVERRIDE_MCS(1);
4519 OVERRIDE_MCS(2);
4520 OVERRIDE_MCS(3);
4521 OVERRIDE_MCS(4);
4522 OVERRIDE_MCS(5);
4523 OVERRIDE_MCS(6);
4524 OVERRIDE_MCS(7);
4525 OVERRIDE_MCS(8);
4526}
4527#endif /* CONFIG_VHT_OVERRIDES */
4528
4529
f64adcd7
JM		 4530static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
4531{
4532#ifdef PCSC_FUNCS
4533 size_t len;
4534
4535 if (!wpa_s->conf->pcsc_reader)
4536 return 0;
4537
22cf7d73 4538 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
f64adcd7
JM		 4539 if (!wpa_s->scard)
4540 return 1;
4541
4542 if (wpa_s->conf->pcsc_pin &&
4543 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
4544 scard_deinit(wpa_s->scard);
4545 wpa_s->scard = NULL;
4546 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
4547 return -1;
4548 }
4549
4550 len = sizeof(wpa_s->imsi) - 1;
4551 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
4552 scard_deinit(wpa_s->scard);
4553 wpa_s->scard = NULL;
4554 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
4555 return -1;
4556 }
4557 wpa_s->imsi[len] = '\0';
4558
4559 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
4560
4561 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
4562 wpa_s->imsi, wpa_s->mnc_len);
4563
4564 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
4565 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
4566#endif /* PCSC_FUNCS */
4567
4568 return 0;
4569}
4570
4571
306ae225
JM		 4572int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
4573{
4574 char *val, *pos;
4575
4576 ext_password_deinit(wpa_s->ext_pw);
4577 wpa_s->ext_pw = NULL;
4578 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
4579
4580 if (!wpa_s->conf->ext_password_backend)
4581 return 0;
4582
4583 val = os_strdup(wpa_s->conf->ext_password_backend);
4584 if (val == NULL)
4585 return -1;
4586 pos = os_strchr(val, ':');
4587 if (pos)
4588 *pos++ = '\0';
4589
4590 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
4591
4592 wpa_s->ext_pw = ext_password_init(val, pos);
4593 os_free(val);
4594 if (wpa_s->ext_pw == NULL) {
4595 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
4596 return -1;
4597 }
4598 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
4599
4600 return 0;
4601}
4602
4603
b36a3a65
AN		 4604#ifdef CONFIG_FST
4605
4606static const u8 * wpas_fst_get_bssid_cb(void *ctx)
4607{
4608 struct wpa_supplicant *wpa_s = ctx;
4609
4610 return (is_zero_ether_addr(wpa_s->bssid) ||
4611 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
4612}
4613
4614
4615static void wpas_fst_get_channel_info_cb(void *ctx,
4616 enum hostapd_hw_mode *hw_mode,
4617 u8 *channel)
4618{
4619 struct wpa_supplicant *wpa_s = ctx;
4620
4621 if (wpa_s->current_bss) {
4622 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
4623 channel);
4624 } else if (wpa_s->hw.num_modes) {
4625 *hw_mode = wpa_s->hw.modes[0].mode;
4626 } else {
4627 WPA_ASSERT(0);
4628 *hw_mode = 0;
4629 }
4630}
4631
4632
4633static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
4634{
4635 struct wpa_supplicant *wpa_s = ctx;
4636
4637 *modes = wpa_s->hw.modes;
4638 return wpa_s->hw.num_modes;
4639}
4640
4641
84bcb4e7 4642static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
b36a3a65
AN		 4643{
4644 struct wpa_supplicant *wpa_s = ctx;
4645
b7a07937 4646 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
b36a3a65
AN		 4647 wpa_s->fst_ies = fst_ies;
4648}
4649
4650
4651static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
4652{
4653 struct wpa_supplicant *wpa_s = ctx;
4654
0da35523
JM		 4655 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
4656 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
4657 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
4658 return -1;
4659 }
b36a3a65 4660 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
0da35523
JM		 4661 wpa_s->own_addr, wpa_s->bssid,
4662 wpabuf_head(data), wpabuf_len(data),
b36a3a65
AN		 4663 0);
4664}
4665
4666
a0f04da5 4667static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
b36a3a65
AN		 4668{
4669 struct wpa_supplicant *wpa_s = ctx;
4670
4671 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4672 return wpa_s->received_mb_ies;
4673}
4674
4675
4676static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4677 const u8 *buf, size_t size)
4678{
4679 struct wpa_supplicant *wpa_s = ctx;
4680 struct mb_ies_info info;
4681
4682 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4683
4684 if (!mb_ies_info_by_ies(&info, buf, size)) {
4685 wpabuf_free(wpa_s->received_mb_ies);
4686 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4687 }
4688}
4689
4690
39cdd3a0
JM		 4691static const u8 * wpas_fst_get_peer_first(void *ctx,
4692 struct fst_get_peer_ctx **get_ctx,
4693 Boolean mb_only)
b36a3a65
AN		 4694{
4695 struct wpa_supplicant *wpa_s = ctx;
4696
4697 *get_ctx = NULL;
4698 if (!is_zero_ether_addr(wpa_s->bssid))
4699 return (wpa_s->received_mb_ies || !mb_only) ?
4700 wpa_s->bssid : NULL;
4701 return NULL;
4702}
4703
4704
39cdd3a0
JM		 4705static const u8 * wpas_fst_get_peer_next(void *ctx,
4706 struct fst_get_peer_ctx **get_ctx,
4707 Boolean mb_only)
b36a3a65
AN		 4708{
4709 return NULL;
4710}
4711
4712void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4713 struct fst_wpa_obj *iface_obj)
4714{
4715 iface_obj->ctx = wpa_s;
4716 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4717 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4718 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4719 iface_obj->set_ies = wpas_fst_set_ies_cb;
4720 iface_obj->send_action = wpas_fst_send_action_cb;
4721 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4722 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4723 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4724 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4725}
4726#endif /* CONFIG_FST */
4727
a520bf4a 4728static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6cbdb0c5 4729 const struct wpa_driver_capa *capa)
e4fa8b12 4730{
88cb27c7
DS		 4731 struct wowlan_triggers *triggers;
4732 int ret = 0;
e4fa8b12
EP		 4733
4734 if (!wpa_s->conf->wowlan_triggers)
4735 return 0;
4736
88cb27c7
DS		 4737 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4738 if (triggers) {
4739 ret = wpa_drv_wowlan(wpa_s, triggers);
4740 os_free(triggers);
e4fa8b12 4741 }
e4fa8b12
EP		 4742 return ret;
4743}
4744
4745
2b6e9f91 4746enum wpa_radio_work_band wpas_freq_to_band(int freq)
e903d32d
KV		 4747{
4748 if (freq < 3000)
4749 return BAND_2_4_GHZ;
4750 if (freq > 50000)
4751 return BAND_60_GHZ;
4752 return BAND_5_GHZ;
4753}
4754
4755
2b6e9f91 4756unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
e903d32d
KV		 4757{
4758 int i;
4759 unsigned int band = 0;
4760
4761 if (freqs) {
4762 /* freqs are specified for the radio work */
4763 for (i = 0; freqs[i]; i++)
4764 band |= wpas_freq_to_band(freqs[i]);
4765 } else {
4766 /*
4767 * freqs are not specified, implies all
4768 * the supported freqs by HW
4769 */
4770 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4771 if (wpa_s->hw.modes[i].num_channels != 0) {
4772 if (wpa_s->hw.modes[i].mode ==
4773 HOSTAPD_MODE_IEEE80211B ||
4774 wpa_s->hw.modes[i].mode ==
4775 HOSTAPD_MODE_IEEE80211G)
4776 band |= BAND_2_4_GHZ;
4777 else if (wpa_s->hw.modes[i].mode ==
4778 HOSTAPD_MODE_IEEE80211A)
4779 band |= BAND_5_GHZ;
4780 else if (wpa_s->hw.modes[i].mode ==
4781 HOSTAPD_MODE_IEEE80211AD)
4782 band |= BAND_60_GHZ;
4783 else if (wpa_s->hw.modes[i].mode ==
4784 HOSTAPD_MODE_IEEE80211ANY)
4785 band = BAND_2_4_GHZ | BAND_5_GHZ |
4786 BAND_60_GHZ;
4787 }
4788 }
4789 }
4790
4791 return band;
4792}
4793
4794
202dec2a
JM		 4795static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4796 const char *rn)
4797{
4798 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4799 struct wpa_radio *radio;
4800
4801 while (rn && iface) {
4802 radio = iface->radio;
4803 if (radio && os_strcmp(rn, radio->name) == 0) {
4804 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4805 wpa_s->ifname, rn);
4806 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4807 return radio;
4808 }
b154a24e
TB		 4809
4810 iface = iface->next;
202dec2a
JM		 4811 }
4812
4813 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4814 wpa_s->ifname, rn ? rn : "N/A");
4815 radio = os_zalloc(sizeof(*radio));
4816 if (radio == NULL)
4817 return NULL;
4818
4819 if (rn)
4820 os_strlcpy(radio->name, rn, sizeof(radio->name));
4821 dl_list_init(&radio->ifaces);
b1ae396f 4822 dl_list_init(&radio->work);
202dec2a
JM		 4823 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4824
4825 return radio;
4826}
4827
4828
b1ae396f
JM		 4829static void radio_work_free(struct wpa_radio_work *work)
4830{
d12a51b5
JM		 4831 if (work->wpa_s->scan_work == work) {
4832 /* This should not really happen. */
4833 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4834 work->type, work, work->started);
4835 work->wpa_s->scan_work = NULL;
4836 }
4837
1b5d4714
JM		 4838#ifdef CONFIG_P2P
4839 if (work->wpa_s->p2p_scan_work == work) {
4840 /* This should not really happen. */
4841 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4842 work->type, work, work->started);
4843 work->wpa_s->p2p_scan_work = NULL;
4844 }
4845#endif /* CONFIG_P2P */
4846
e903d32d
KV		 4847 if (work->started) {
4848 work->wpa_s->radio->num_active_works--;
4849 wpa_dbg(work->wpa_s, MSG_DEBUG,
7ed5337d 4850 "radio_work_free('%s'@%p): num_active_works --> %u",
e903d32d
KV		 4851 work->type, work,
4852 work->wpa_s->radio->num_active_works);
4853 }
4854
b1ae396f
JM		 4855 dl_list_del(&work->list);
4856 os_free(work);
4857}
4858
4859
4c6f450c
JM		 4860static int radio_work_is_connect(struct wpa_radio_work *work)
4861{
4862 return os_strcmp(work->type, "sme-connect") == 0 ||
4863 os_strcmp(work->type, "connect") == 0;
4864}
4865
4866
85b6b6b6
SD		 4867static int radio_work_is_scan(struct wpa_radio_work *work)
4868{
4869 return os_strcmp(work->type, "scan") == 0 ||
4870 os_strcmp(work->type, "p2p-scan") == 0;
4871}
4872
4873
e903d32d
KV		 4874static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4875{
4876 struct wpa_radio_work *active_work = NULL;
4877 struct wpa_radio_work *tmp;
4878
4879 /* Get the active work to know the type and band. */
4880 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4881 if (tmp->started) {
4882 active_work = tmp;
4883 break;
4884 }
4885 }
4886
4887 if (!active_work) {
4888 /* No active work, start one */
4889 radio->num_active_works = 0;
4890 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4891 list) {
4892 if (os_strcmp(tmp->type, "scan") == 0 &&
4893 radio->external_scan_running &&
4894 (((struct wpa_driver_scan_params *)
4895 tmp->ctx)->only_new_results ||
4896 tmp->wpa_s->clear_driver_scan_cache))
4897 continue;
4898 return tmp;
4899 }
4900 return NULL;
4901 }
4902
4c6f450c 4903 if (radio_work_is_connect(active_work)) {
e903d32d
KV		 4904 /*
4905 * If the active work is either connect or sme-connect,
4906 * do not parallelize them with other radio works.
4907 */
4908 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4909 "Do not parallelize radio work with %s",
4910 active_work->type);
4911 return NULL;
4912 }
4913
4914 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4915 if (tmp->started)
4916 continue;
4917
4918 /*
4919 * If connect or sme-connect are enqueued, parallelize only
4920 * those operations ahead of them in the queue.
4921 */
4c6f450c 4922 if (radio_work_is_connect(tmp))
e903d32d
KV		 4923 break;
4924
85b6b6b6
SD		 4925 /* Serialize parallel scan and p2p_scan operations on the same
4926 * interface since the driver_nl80211 mechanism for tracking
4927 * scan cookies does not yet have support for this. */
4928 if (active_work->wpa_s == tmp->wpa_s &&
4929 radio_work_is_scan(active_work) &&
4930 radio_work_is_scan(tmp)) {
4931 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4932 "Do not start work '%s' when another work '%s' is already scheduled",
4933 tmp->type, active_work->type);
4934 continue;
4935 }
e903d32d
KV		 4936 /*
4937 * Check that the radio works are distinct and
4938 * on different bands.
4939 */
4940 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4941 (active_work->bands != tmp->bands)) {
4942 /*
4943 * If a scan has to be scheduled through nl80211 scan
4944 * interface and if an external scan is already running,
4945 * do not schedule the scan since it is likely to get
4946 * rejected by kernel.
4947 */
4948 if (os_strcmp(tmp->type, "scan") == 0 &&
4949 radio->external_scan_running &&
4950 (((struct wpa_driver_scan_params *)
4951 tmp->ctx)->only_new_results ||
4952 tmp->wpa_s->clear_driver_scan_cache))
4953 continue;
4954
4955 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4956 "active_work:%s new_work:%s",
4957 active_work->type, tmp->type);
4958 return tmp;
4959 }
4960 }
4961
4962 /* Did not find a radio work to schedule in parallel. */
4963 return NULL;
4964}
4965
4966
b1ae396f
JM		 4967static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4968{
4969 struct wpa_radio *radio = eloop_ctx;
4970 struct wpa_radio_work *work;
4971 struct os_reltime now, diff;
6428d0a7 4972 struct wpa_supplicant *wpa_s;
b1ae396f
JM		 4973
4974 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
e903d32d
KV		 4975 if (work == NULL) {
4976 radio->num_active_works = 0;
b1ae396f 4977 return;
e903d32d 4978 }
b1ae396f 4979
6428d0a7
JM		 4980 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4981 radio_list);
e903d32d
KV		 4982
4983 if (!(wpa_s &&
4984 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4985 if (work->started)
4986 return; /* already started and still in progress */
4987
4988 if (wpa_s && wpa_s->radio->external_scan_running) {
4989 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4990 return;
4991 }
4992 } else {
4993 work = NULL;
4994 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4995 /* get the work to schedule next */
4996 work = radio_work_get_next_work(radio);
4997 }
4998 if (!work)
4999 return;
6428d0a7
JM		 5000 }
5001
e903d32d 5002 wpa_s = work->wpa_s;
b1ae396f
JM		 5003 os_get_reltime(&now);
5004 os_reltime_sub(&now, &work->time, &diff);
e903d32d
KV		 5005 wpa_dbg(wpa_s, MSG_DEBUG,
5006 "Starting radio work '%s'@%p after %ld.%06ld second wait",
b1ae396f
JM		 5007 work->type, work, diff.sec, diff.usec);
5008 work->started = 1;
5009 work->time = now;
e903d32d
KV		 5010 radio->num_active_works++;
5011
b1ae396f 5012 work->cb(work, 0);
e903d32d
KV		 5013
5014 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5015 radio->num_active_works < MAX_ACTIVE_WORKS)
5016 radio_work_check_next(wpa_s);
b1ae396f
JM		 5017}
5018
5019
b3253ebb
AO		 5020/*
5021 * This function removes both started and pending radio works running on
5022 * the provided interface's radio.
5023 * Prior to the removal of the radio work, its callback (cb) is called with
5024 * deinit set to be 1. Each work's callback is responsible for clearing its
5025 * internal data and restoring to a correct state.
5026 * @wpa_s: wpa_supplicant data
5027 * @type: type of works to be removed
5028 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5029 * this interface's works.
5030 */
5031void radio_remove_works(struct wpa_supplicant *wpa_s,
5032 const char *type, int remove_all)
b1ae396f
JM		 5033{
5034 struct wpa_radio_work *work, *tmp;
5035 struct wpa_radio *radio = wpa_s->radio;
5036
5037 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5038 list) {
b3253ebb 5039 if (type && os_strcmp(type, work->type) != 0)
b1ae396f 5040 continue;
b3253ebb
AO		 5041
5042 /* skip other ifaces' works */
5043 if (!remove_all && work->wpa_s != wpa_s)
b1ae396f 5044 continue;
b3253ebb
AO		 5045
5046 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5047 work->type, work, work->started ? " (started)" : "");
b1ae396f
JM		 5048 work->cb(work, 1);
5049 radio_work_free(work);
5050 }
b3253ebb
AO		 5051
5052 /* in case we removed the started work */
5053 radio_work_check_next(wpa_s);
b1ae396f
JM		 5054}
5055
5056
6a252ece
JM		 5057void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5058{
5059 struct wpa_radio_work *work;
5060 struct wpa_radio *radio = wpa_s->radio;
5061
5062 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5063 if (work->ctx != ctx)
5064 continue;
5065 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5066 work->type, work, work->started ? " (started)" : "");
5067 radio_work_free(work);
5068 break;
5069 }
5070}
5071
5072
202dec2a
JM		 5073static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5074{
5075 struct wpa_radio *radio = wpa_s->radio;
5076
5077 if (!radio)
5078 return;
5079
5080 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5081 wpa_s->ifname, radio->name);
5082 dl_list_del(&wpa_s->radio_list);
c46235aa
AO		 5083 radio_remove_works(wpa_s, NULL, 0);
5084 wpa_s->radio = NULL;
5085 if (!dl_list_empty(&radio->ifaces))
202dec2a
JM		 5086 return; /* Interfaces remain for this radio */
5087
5088 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
b1ae396f 5089 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
202dec2a
JM		 5090 os_free(radio);
5091}
5092
5093
6428d0a7 5094void radio_work_check_next(struct wpa_supplicant *wpa_s)
b1ae396f
JM		 5095{
5096 struct wpa_radio *radio = wpa_s->radio;
5097
5098 if (dl_list_empty(&radio->work))
5099 return;
e3745228
JM		 5100 if (wpa_s->ext_work_in_progress) {
5101 wpa_printf(MSG_DEBUG,
5102 "External radio work in progress - delay start of pending item");
5103 return;
5104 }
b1ae396f
JM		 5105 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5106 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5107}
5108
5109
5110/**
5111 * radio_add_work - Add a radio work item
5112 * @wpa_s: Pointer to wpa_supplicant data
5113 * @freq: Frequency of the offchannel operation in MHz or 0
5114 * @type: Unique identifier for each type of work
5115 * @next: Force as the next work to be executed
5116 * @cb: Callback function for indicating when radio is available
5117 * @ctx: Context pointer for the work (work->ctx in cb())
5118 * Returns: 0 on success, -1 on failure
5119 *
5120 * This function is used to request time for an operation that requires
5121 * exclusive radio control. Once the radio is available, the registered callback
5122 * function will be called. radio_work_done() must be called once the exclusive
5123 * radio operation has been completed, so that the radio is freed for other
5124 * operations. The special case of deinit=1 is used to free the context data
5125 * during interface removal. That does not allow the callback function to start
5126 * the radio operation, i.e., it must free any resources allocated for the radio
5127 * work and return.
5128 *
5129 * The @freq parameter can be used to indicate a single channel on which the
5130 * offchannel operation will occur. This may allow multiple radio work
5131 * operations to be performed in parallel if they apply for the same channel.
5132 * Setting this to 0 indicates that the work item may use multiple channels or
5133 * requires exclusive control of the radio.
5134 */
5135int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5136 const char *type, int next,
5137 void (*cb)(struct wpa_radio_work *work, int deinit),
5138 void *ctx)
5139{
e903d32d 5140 struct wpa_radio *radio = wpa_s->radio;
b1ae396f
JM		 5141 struct wpa_radio_work *work;
5142 int was_empty;
5143
5144 work = os_zalloc(sizeof(*work));
5145 if (work == NULL)
5146 return -1;
5147 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5148 os_get_reltime(&work->time);
5149 work->freq = freq;
5150 work->type = type;
5151 work->wpa_s = wpa_s;
5152 work->cb = cb;
5153 work->ctx = ctx;
5154
e903d32d
KV		 5155 if (freq)
5156 work->bands = wpas_freq_to_band(freq);
5157 else if (os_strcmp(type, "scan") == 0 ||
5158 os_strcmp(type, "p2p-scan") == 0)
5159 work->bands = wpas_get_bands(wpa_s,
5160 ((struct wpa_driver_scan_params *)
5161 ctx)->freqs);
5162 else
5163 work->bands = wpas_get_bands(wpa_s, NULL);
5164
b1ae396f
JM		 5165 was_empty = dl_list_empty(&wpa_s->radio->work);
5166 if (next)
5167 dl_list_add(&wpa_s->radio->work, &work->list);
5168 else
5169 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5170 if (was_empty) {
5171 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5172 radio_work_check_next(wpa_s);
e903d32d
KV		 5173 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5174 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5175 wpa_dbg(wpa_s, MSG_DEBUG,
5176 "Try to schedule a radio work (num_active_works=%u)",
5177 radio->num_active_works);
5178 radio_work_check_next(wpa_s);
b1ae396f
JM		 5179 }
5180
5181 return 0;
5182}
5183
5184
5185/**
5186 * radio_work_done - Indicate that a radio work item has been completed
5187 * @work: Completed work
5188 *
5189 * This function is called once the callback function registered with
5190 * radio_add_work() has completed its work.
5191 */
5192void radio_work_done(struct wpa_radio_work *work)
5193{
5194 struct wpa_supplicant *wpa_s = work->wpa_s;
5195 struct os_reltime now, diff;
1f965e62 5196 unsigned int started = work->started;
b1ae396f
JM		 5197
5198 os_get_reltime(&now);
5199 os_reltime_sub(&now, &work->time, &diff);
1f965e62
JM		 5200 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5201 work->type, work, started ? "done" : "canceled",
5202 diff.sec, diff.usec);
b1ae396f 5203 radio_work_free(work);
1f965e62
JM		 5204 if (started)
5205 radio_work_check_next(wpa_s);
b1ae396f
JM		 5206}
5207
5208
a7f5271d
JM		 5209struct wpa_radio_work *
5210radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
f0e30c84
JM		 5211{
5212 struct wpa_radio_work *work;
5213 struct wpa_radio *radio = wpa_s->radio;
5214
5215 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5216 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
a7f5271d 5217 return work;
f0e30c84
JM		 5218 }
5219
a7f5271d 5220 return NULL;
f0e30c84
JM		 5221}
5222
5223
73c00fd7 5224static int wpas_init_driver(struct wpa_supplicant *wpa_s,
8fb2b357 5225 const struct wpa_interface *iface)
73c00fd7 5226{
202dec2a 5227 const char *ifname, *driver, *rn;
73c00fd7
JM		 5228
5229 driver = iface->driver;
5230next_driver:
5231 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5232 return -1;
5233
5234 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5235 if (wpa_s->drv_priv == NULL) {
5236 const char *pos;
5237 pos = driver ? os_strchr(driver, ',') : NULL;
5238 if (pos) {
5239 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5240 "driver interface - try next driver wrapper");
5241 driver = pos + 1;
5242 goto next_driver;
5243 }
5244 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5245 "interface");
5246 return -1;
5247 }
5248 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5249 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5250 "driver_param '%s'", wpa_s->conf->driver_param);
5251 return -1;
5252 }
5253
5254 ifname = wpa_drv_get_ifname(wpa_s);
5255 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5256 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5257 "interface name with '%s'", ifname);
5258 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5259 }
5260
95bf699f 5261 rn = wpa_driver_get_radio_name(wpa_s);
202dec2a
JM		 5262 if (rn && rn[0] == '\0')
5263 rn = NULL;
5264
5265 wpa_s->radio = radio_add_interface(wpa_s, rn);
5266 if (wpa_s->radio == NULL)
5267 return -1;
5268
73c00fd7
JM		 5269 return 0;
5270}
5271
5272
461d39af
JM		 5273#ifdef CONFIG_GAS_SERVER
5274
5275static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5276 unsigned int freq, const u8 *dst,
5277 const u8 *src, const u8 *bssid,
5278 const u8 *data, size_t data_len,
5279 enum offchannel_send_action_result result)
5280{
5281 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5282 " result=%s",
5283 freq, MAC2STR(dst),
5284 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5285 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5286 "FAILED"));
5287 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5288 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5289}
5290
5291
5292static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5293 struct wpabuf *buf, unsigned int wait_time)
5294{
5295 struct wpa_supplicant *wpa_s = ctx;
5296 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5297
5298 if (wait_time > wpa_s->max_remain_on_chan)
5299 wait_time = wpa_s->max_remain_on_chan;
5300
5301 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5302 wpabuf_head(buf), wpabuf_len(buf),
5303 wait_time, wpas_gas_server_tx_status, 0);
5304}
5305
5306#endif /* CONFIG_GAS_SERVER */
5307
6fc6879b 5308static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
8fb2b357 5309 const struct wpa_interface *iface)
6fc6879b 5310{
362f781e 5311 struct wpa_driver_capa capa;
6cbdb0c5 5312 int capa_res;
aa56e36d 5313 u8 dfs_domain;
362f781e 5314
6fc6879b
JM		 5315 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5316 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5317 iface->confname ? iface->confname : "N/A",
5318 iface->driver ? iface->driver : "default",
5319 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5320 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5321
6fc6879b
JM		 5322 if (iface->confname) {
5323#ifdef CONFIG_BACKEND_FILE
5324 wpa_s->confname = os_rel2abs_path(iface->confname);
5325 if (wpa_s->confname == NULL) {
5326 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5327 "for configuration file '%s'.",
5328 iface->confname);
5329 return -1;
5330 }
5331 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5332 iface->confname, wpa_s->confname);
5333#else /* CONFIG_BACKEND_FILE */
5334 wpa_s->confname = os_strdup(iface->confname);
5335#endif /* CONFIG_BACKEND_FILE */
e6304cad 5336 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6fc6879b
JM		 5337 if (wpa_s->conf == NULL) {
5338 wpa_printf(MSG_ERROR, "Failed to read or parse "
5339 "configuration '%s'.", wpa_s->confname);
5340 return -1;
5341 }
e6304cad 5342 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3bd35b68
JM		 5343 if (wpa_s->confanother &&
5344 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
5345 wpa_printf(MSG_ERROR,
5346 "Failed to read or parse configuration '%s'.",
5347 wpa_s->confanother);
5348 return -1;
5349 }
6fc6879b
JM		 5350
5351 /*
5352 * Override ctrl_interface and driver_param if set on command
5353 * line.
5354 */
5355 if (iface->ctrl_interface) {
5356 os_free(wpa_s->conf->ctrl_interface);
5357 wpa_s->conf->ctrl_interface =
5358 os_strdup(iface->ctrl_interface);
5359 }
5360
5361 if (iface->driver_param) {
5362 os_free(wpa_s->conf->driver_param);
5363 wpa_s->conf->driver_param =
5364 os_strdup(iface->driver_param);
5365 }
78f79fe5
JM		 5366
5367 if (iface->p2p_mgmt && !iface->ctrl_interface) {
5368 os_free(wpa_s->conf->ctrl_interface);
5369 wpa_s->conf->ctrl_interface = NULL;
5370 }
6fc6879b
JM		 5371 } else
5372 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
5373 iface->driver_param);
5374
5375 if (wpa_s->conf == NULL) {
5376 wpa_printf(MSG_ERROR, "\nNo configuration found.");
5377 return -1;
5378 }
5379
5380 if (iface->ifname == NULL) {
5381 wpa_printf(MSG_ERROR, "\nInterface name is required.");
5382 return -1;
5383 }
5384 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
5385 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
5386 iface->ifname);
5387 return -1;
5388 }
5389 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
5390
5391 if (iface->bridge_ifname) {
5392 if (os_strlen(iface->bridge_ifname) >=
5393 sizeof(wpa_s->bridge_ifname)) {
5394 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
5395 "name '%s'.", iface->bridge_ifname);
5396 return -1;
5397 }
5398 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
5399 sizeof(wpa_s->bridge_ifname));
5400 }
5401
6fc6879b
JM		 5402 /* RSNA Supplicant Key Management - INITIALIZE */
5403 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
5404 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
5405
5406 /* Initialize driver interface and register driver event handler before
5407 * L2 receive handler so that association events are processed before
5408 * EAPOL-Key packets if both become available for the same select()
5409 * call. */
73c00fd7 5410 if (wpas_init_driver(wpa_s, iface) < 0)
362f781e
JM		 5411 return -1;
5412
6fc6879b
JM		 5413 if (wpa_supplicant_init_wpa(wpa_s) < 0)
5414 return -1;
5415
5416 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
5417 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
5418 NULL);
5419 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
5420
5421 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
5422 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
5423 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
f049052b
BG		 5424 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5425 "dot11RSNAConfigPMKLifetime");
6fc6879b
JM		 5426 return -1;
5427 }
5428
5429 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
5430 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
5431 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
f049052b 5432 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6fc6879b
JM		 5433 "dot11RSNAConfigPMKReauthThreshold");
5434 return -1;
5435 }
5436
5437 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
5438 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
5439 wpa_s->conf->dot11RSNAConfigSATimeout)) {
f049052b
BG		 5440 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
5441 "dot11RSNAConfigSATimeout");
6fc6879b
JM		 5442 return -1;
5443 }
5444
6bf731e8
CL		 5445 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
5446 &wpa_s->hw.num_modes,
aa56e36d
VT		 5447 &wpa_s->hw.flags,
5448 &dfs_domain);
a1b790eb
JM		 5449 if (wpa_s->hw.modes) {
5450 u16 i;
5451
5452 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5453 if (wpa_s->hw.modes[i].vht_capab) {
5454 wpa_s->hw_capab = CAPAB_VHT;
5455 break;
5456 }
5457
5458 if (wpa_s->hw.modes[i].ht_capab &
5459 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
5460 wpa_s->hw_capab = CAPAB_HT40;
5461 else if (wpa_s->hw.modes[i].ht_capab &&
5462 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
5463 wpa_s->hw_capab = CAPAB_HT;
5464 }
5465 }
6bf731e8 5466
6cbdb0c5
JM		 5467 capa_res = wpa_drv_get_capa(wpa_s, &capa);
5468 if (capa_res == 0) {
c58ab8f2 5469 wpa_s->drv_capa_known = 1;
814782b9 5470 wpa_s->drv_flags = capa.flags;
349493bd 5471 wpa_s->drv_enc = capa.enc;
04ee647d 5472 wpa_s->drv_smps_modes = capa.smps_modes;
f936b73c 5473 wpa_s->drv_rrm_flags = capa.rrm_flags;
4f73d88a 5474 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
814782b9 5475 wpa_s->max_scan_ssids = capa.max_scan_ssids;
cbdf3507 5476 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
32c02261
AS		 5477 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
5478 wpa_s->max_sched_scan_plan_interval =
5479 capa.max_sched_scan_plan_interval;
5480 wpa_s->max_sched_scan_plan_iterations =
5481 capa.max_sched_scan_plan_iterations;
cbdf3507 5482 wpa_s->sched_scan_supported = capa.sched_scan_supported;
b59e6f26 5483 wpa_s->max_match_sets = capa.max_match_sets;
814782b9 5484 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
c4ea4c5c 5485 wpa_s->max_stations = capa.max_stations;
8cd6b7bc
JB		 5486 wpa_s->extended_capa = capa.extended_capa;
5487 wpa_s->extended_capa_mask = capa.extended_capa_mask;
5488 wpa_s->extended_capa_len = capa.extended_capa_len;
4752147d
IP		 5489 wpa_s->num_multichan_concurrent =
5490 capa.num_multichan_concurrent;
471cd6e1 5491 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
56c76fa5
IP		 5492
5493 if (capa.mac_addr_rand_scan_supported)
5494 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
5495 if (wpa_s->sched_scan_supported &&
5496 capa.mac_addr_rand_sched_scan_supported)
5497 wpa_s->mac_addr_rand_supported |=
5498 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
814782b9
JM		 5499 }
5500 if (wpa_s->max_remain_on_chan == 0)
5501 wpa_s->max_remain_on_chan = 1000;
5502
c68f6200
AS		 5503 /*
5504 * Only take p2p_mgmt parameters when P2P Device is supported.
5505 * Doing it here as it determines whether l2_packet_init() will be done
5506 * during wpa_supplicant_driver_init().
5507 */
5508 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
5509 wpa_s->p2p_mgmt = iface->p2p_mgmt;
c68f6200 5510
4752147d
IP		 5511 if (wpa_s->num_multichan_concurrent == 0)
5512 wpa_s->num_multichan_concurrent = 1;
5513
6fc6879b
JM		 5514 if (wpa_supplicant_driver_init(wpa_s) < 0)
5515 return -1;
5516
281ff0aa 5517#ifdef CONFIG_TDLS
8fb2b357 5518 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
281ff0aa
GP		 5519 return -1;
5520#endif /* CONFIG_TDLS */
5521
315ce40a
JM		 5522 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
5523 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
f049052b 5524 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6d158490
LR		 5525 return -1;
5526 }
5527
b36a3a65
AN		 5528#ifdef CONFIG_FST
5529 if (wpa_s->conf->fst_group_id) {
5530 struct fst_iface_cfg cfg;
5531 struct fst_wpa_obj iface_obj;
5532
5533 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
5534 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
5535 sizeof(cfg.group_id));
5536 cfg.priority = wpa_s->conf->fst_priority;
5537 cfg.llt = wpa_s->conf->fst_llt;
5538
5539 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
5540 &iface_obj, &cfg);
5541 if (!wpa_s->fst) {
5542 wpa_msg(wpa_s, MSG_ERROR,
5543 "FST: Cannot attach iface %s to group %s",
5544 wpa_s->ifname, cfg.group_id);
5545 return -1;
5546 }
5547 }
5548#endif /* CONFIG_FST */
5549
116654ce
JM		 5550 if (wpas_wps_init(wpa_s))
5551 return -1;
5552
461d39af
JM		 5553#ifdef CONFIG_GAS_SERVER
5554 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
5555 if (!wpa_s->gas_server) {
5556 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
5557 return -1;
5558 }
5559#endif /* CONFIG_GAS_SERVER */
5560
be27e185
JM		 5561#ifdef CONFIG_DPP
5562 if (wpas_dpp_init(wpa_s) < 0)
5563 return -1;
5564#endif /* CONFIG_DPP */
5565
6fc6879b
JM		 5566 if (wpa_supplicant_init_eapol(wpa_s) < 0)
5567 return -1;
5568 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5569
5570 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
5571 if (wpa_s->ctrl_iface == NULL) {
5572 wpa_printf(MSG_ERROR,
5573 "Failed to initialize control interface '%s'.\n"
5574 "You may have another wpa_supplicant process "
5575 "already running or the file was\n"
5576 "left by an unclean termination of wpa_supplicant "
5577 "in which case you will need\n"
5578 "to manually remove this file before starting "
5579 "wpa_supplicant again.\n",
5580 wpa_s->conf->ctrl_interface);
5581 return -1;
5582 }
5583
04ea7b79
JM		 5584 wpa_s->gas = gas_query_init(wpa_s);
5585 if (wpa_s->gas == NULL) {
5586 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
5587 return -1;
5588 }
5589
8fb2b357
VV		 5590 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
5591 wpa_s->p2p_mgmt) &&
5592 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
f049052b 5593 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
b22128ef
JM		 5594 return -1;
5595 }
b22128ef 5596
83922c2d
JM		 5597 if (wpa_bss_init(wpa_s) < 0)
5598 return -1;
83922c2d 5599
4d77d80e
MH		 5600#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5601#ifdef CONFIG_MESH
5602 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
5603#endif /* CONFIG_MESH */
5604#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5605
e4fa8b12
EP		 5606 /*
5607 * Set Wake-on-WLAN triggers, if configured.
5608 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5609 * have effect anyway when the interface is down).
5610 */
6cbdb0c5 5611 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
e4fa8b12
EP		 5612 return -1;
5613
ec7b97ab
JM		 5614#ifdef CONFIG_EAP_PROXY
5615{
5616 size_t len;
b5db6e5d
VK		 5617 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
5618 wpa_s->imsi, &len);
ec7b97ab
JM		 5619 if (wpa_s->mnc_len > 0) {
5620 wpa_s->imsi[len] = '\0';
5621 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
5622 wpa_s->imsi, wpa_s->mnc_len);
5623 } else {
5624 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
5625 }
5626}
5627#endif /* CONFIG_EAP_PROXY */
5628
f64adcd7
JM		 5629 if (pcsc_reader_init(wpa_s) < 0)
5630 return -1;
5631
306ae225
JM		 5632 if (wpas_init_ext_pw(wpa_s) < 0)
5633 return -1;
5634
b361d580
AK		 5635 wpas_rrm_reset(wpa_s);
5636
32c02261
AS		 5637 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5638
ca9968a0
JM		 5639#ifdef CONFIG_HS20
5640 hs20_init(wpa_s);
5641#endif /* CONFIG_HS20 */
92c6e2e3 5642#ifdef CONFIG_MBO
332aadb8
AP		 5643 if (wpa_s->conf->oce) {
5644 if ((wpa_s->conf->oce & OCE_STA) &&
5645 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
5646 wpa_s->enable_oce = OCE_STA;
5647 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
5648 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
5649 /* TODO: Need to add STA-CFON support */
5650 wpa_printf(MSG_ERROR,
5651 "OCE STA-CFON feature is not yet supported");
5652 }
5653 }
92c6e2e3
DS		 5654 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
5655#endif /* CONFIG_MBO */
ca9968a0 5656
cc9985d1 5657 wpa_supplicant_set_default_scan_ies(wpa_s);
5658
6fc6879b
JM		 5659 return 0;
5660}
5661
5662
2ee055b3 5663static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
df509539 5664 int notify, int terminate)
6fc6879b 5665{
26fc96e8
JM		 5666 struct wpa_global *global = wpa_s->global;
5667 struct wpa_supplicant *iface, *prev;
5668
5669 if (wpa_s == wpa_s->parent)
5670 wpas_p2p_group_remove(wpa_s, "*");
5671
5672 iface = global->ifaces;
5673 while (iface) {
96a26ab7
LD		 5674 if (iface->p2pdev == wpa_s)
5675 iface->p2pdev = iface->parent;
26fc96e8
JM		 5676 if (iface == wpa_s || iface->parent != wpa_s) {
5677 iface = iface->next;
5678 continue;
5679 }
5680 wpa_printf(MSG_DEBUG,
5681 "Remove remaining child interface %s from parent %s",
5682 iface->ifname, wpa_s->ifname);
5683 prev = iface;
5684 iface = iface->next;
5685 wpa_supplicant_remove_iface(global, prev, terminate);
5686 }
5687
e679f140 5688 wpa_s->disconnected = 1;
6fc6879b
JM		 5689 if (wpa_s->drv_priv) {
5690 wpa_supplicant_deauthenticate(wpa_s,
5691 WLAN_REASON_DEAUTH_LEAVING);
5692
6fc6879b
JM		 5693 wpa_drv_set_countermeasures(wpa_s, 0);
5694 wpa_clear_keys(wpa_s, NULL);
5695 }
5696
8e56d189 5697 wpa_supplicant_cleanup(wpa_s);
bd10d938 5698 wpas_p2p_deinit_iface(wpa_s);
ab28911d 5699
1f965e62 5700 wpas_ctrl_radio_work_flush(wpa_s);
202dec2a
JM		 5701 radio_remove_interface(wpa_s);
5702
b36a3a65
AN		 5703#ifdef CONFIG_FST
5704 if (wpa_s->fst) {
5705 fst_detach(wpa_s->fst);
5706 wpa_s->fst = NULL;
5707 }
5708 if (wpa_s->received_mb_ies) {
5709 wpabuf_free(wpa_s->received_mb_ies);
5710 wpa_s->received_mb_ies = NULL;
5711 }
5712#endif /* CONFIG_FST */
5713
6fc6879b
JM		 5714 if (wpa_s->drv_priv)
5715 wpa_drv_deinit(wpa_s);
2523ff6e
DS		 5716
5717 if (notify)
5718 wpas_notify_iface_removed(wpa_s);
f0811516
DS		 5719
5720 if (terminate)
5721 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
5722
5723 if (wpa_s->ctrl_iface) {
5724 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
5725 wpa_s->ctrl_iface = NULL;
5726 }
5727
603a3f34
JL		 5728#ifdef CONFIG_MESH
5729 if (wpa_s->ifmsh) {
5730 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
5731 wpa_s->ifmsh = NULL;
5732 }
5733#endif /* CONFIG_MESH */
5734
f0811516
DS		 5735 if (wpa_s->conf != NULL) {
5736 wpa_config_free(wpa_s->conf);
5737 wpa_s->conf = NULL;
5738 }
18e00b5e 5739
a80651d0
KV		 5740 os_free(wpa_s->ssids_from_scan_req);
5741
18e00b5e 5742 os_free(wpa_s);
6fc6879b
JM		 5743}
5744
5745
2e997eec
RM		 5746#ifdef CONFIG_MATCH_IFACE
5747
5748/**
5749 * wpa_supplicant_match_iface - Match an interface description to a name
5750 * @global: Pointer to global data from wpa_supplicant_init()
5751 * @ifname: Name of the interface to match
5752 * Returns: Pointer to the created interface description or %NULL on failure
5753 */
5754struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
5755 const char *ifname)
5756{
5757 int i;
5758 struct wpa_interface *iface, *miface;
5759
5760 for (i = 0; i < global->params.match_iface_count; i++) {
5761 miface = &global->params.match_ifaces[i];
5762 if (!miface->ifname ||
5763 fnmatch(miface->ifname, ifname, 0) == 0) {
5764 iface = os_zalloc(sizeof(*iface));
5765 if (!iface)
5766 return NULL;
5767 *iface = *miface;
5768 iface->ifname = ifname;
5769 return iface;
5770 }
5771 }
5772
5773 return NULL;
5774}
5775
5776
5777/**
5778 * wpa_supplicant_match_existing - Match existing interfaces
5779 * @global: Pointer to global data from wpa_supplicant_init()
5780 * Returns: 0 on success, -1 on failure
5781 */
5782static int wpa_supplicant_match_existing(struct wpa_global *global)
5783{
5784 struct if_nameindex *ifi, *ifp;
5785 struct wpa_supplicant *wpa_s;
5786 struct wpa_interface *iface;
5787
5788 ifp = if_nameindex();
5789 if (!ifp) {
5790 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5791 return -1;
5792 }
5793
5794 for (ifi = ifp; ifi->if_name; ifi++) {
5795 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5796 if (wpa_s)
5797 continue;
5798 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5799 if (iface) {
5800 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5801 os_free(iface);
5802 if (wpa_s)
5803 wpa_s->matched = 1;
5804 }
5805 }
5806
5807 if_freenameindex(ifp);
5808 return 0;
5809}
5810
5811#endif /* CONFIG_MATCH_IFACE */
5812
5813
6fc6879b
JM		 5814/**
5815 * wpa_supplicant_add_iface - Add a new network interface
5816 * @global: Pointer to global data from wpa_supplicant_init()
5817 * @iface: Interface configuration options
1772d348 5818 * @parent: Parent interface or %NULL to assign new interface as parent
6fc6879b
JM		 5819 * Returns: Pointer to the created interface or %NULL on failure
5820 *
5821 * This function is used to add new network interfaces for %wpa_supplicant.
5822 * This can be called before wpa_supplicant_run() to add interfaces before the
5823 * main event loop has been started. In addition, new interfaces can be added
5824 * dynamically while %wpa_supplicant is already running. This could happen,
5825 * e.g., when a hotplug network adapter is inserted.
5826 */
5827struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1772d348
JM		 5828 struct wpa_interface *iface,
5829 struct wpa_supplicant *parent)
6fc6879b
JM		 5830{
5831 struct wpa_supplicant *wpa_s;
d27df100 5832 struct wpa_interface t_iface;
8e56d189 5833 struct wpa_ssid *ssid;
6fc6879b
JM		 5834
5835 if (global == NULL || iface == NULL)
5836 return NULL;
5837
1772d348 5838 wpa_s = wpa_supplicant_alloc(parent);
6fc6879b
JM		 5839 if (wpa_s == NULL)
5840 return NULL;
5841
d8222ae3
JM		 5842 wpa_s->global = global;
5843
d27df100
JM		 5844 t_iface = *iface;
5845 if (global->params.override_driver) {
5846 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5847 "('%s' -> '%s')",
5848 iface->driver, global->params.override_driver);
5849 t_iface.driver = global->params.override_driver;
5850 }
5851 if (global->params.override_ctrl_interface) {
5852 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5853 "ctrl_interface ('%s' -> '%s')",
5854 iface->ctrl_interface,
5855 global->params.override_ctrl_interface);
5856 t_iface.ctrl_interface =
5857 global->params.override_ctrl_interface;
5858 }
5859 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6fc6879b
JM		 5860 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5861 iface->ifname);
df509539 5862 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6fc6879b
JM		 5863 return NULL;
5864 }
5865
21efc940
TB		 5866 if (iface->p2p_mgmt == 0) {
5867 /* Notify the control interfaces about new iface */
5868 if (wpas_notify_iface_added(wpa_s)) {
5869 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5870 return NULL;
5871 }
1bd3f426 5872
21efc940
TB		 5873 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5874 wpas_notify_network_added(wpa_s, ssid);
5875 }
8e56d189 5876
6fc6879b
JM		 5877 wpa_s->next = global->ifaces;
5878 global->ifaces = wpa_s;
5879
f049052b 5880 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
99218999 5881 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6fc6879b 5882
c3c4b3ed
JM		 5883#ifdef CONFIG_P2P
5884 if (wpa_s->global->p2p == NULL &&
74802c09 5885 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
c3c4b3ed 5886 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
f43c1ae7
IP		 5887 wpas_p2p_add_p2pdev_interface(
5888 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
c3c4b3ed
JM		 5889 wpa_printf(MSG_INFO,
5890 "P2P: Failed to enable P2P Device interface");
5891 /* Try to continue without. P2P will be disabled. */
5892 }
5893#endif /* CONFIG_P2P */
5894
6fc6879b
JM		 5895 return wpa_s;
5896}
5897
5898
5899/**
5900 * wpa_supplicant_remove_iface - Remove a network interface
5901 * @global: Pointer to global data from wpa_supplicant_init()
5902 * @wpa_s: Pointer to the network interface to be removed
5903 * Returns: 0 if interface was removed, -1 if interface was not found
5904 *
5905 * This function can be used to dynamically remove network interfaces from
5906 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5907 * addition, this function is used to remove all remaining interfaces when
5908 * %wpa_supplicant is terminated.
5909 */
5910int wpa_supplicant_remove_iface(struct wpa_global *global,
df509539
DS		 5911 struct wpa_supplicant *wpa_s,
5912 int terminate)
6fc6879b
JM		 5913{
5914 struct wpa_supplicant *prev;
5b78493f
MH		 5915#ifdef CONFIG_MESH
5916 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5917 char *ifname = NULL;
9b170991 5918 struct wpa_supplicant *parent = wpa_s->parent;
5b78493f 5919#endif /* CONFIG_MESH */
6fc6879b
JM		 5920
5921 /* Remove interface from the global list of interfaces */
5922 prev = global->ifaces;
5923 if (prev == wpa_s) {
5924 global->ifaces = wpa_s->next;
5925 } else {
5926 while (prev && prev->next != wpa_s)
5927 prev = prev->next;
5928 if (prev == NULL)
5929 return -1;
5930 prev->next = wpa_s->next;
5931 }
5932
f049052b 5933 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6fc6879b 5934
5b78493f
MH		 5935#ifdef CONFIG_MESH
5936 if (mesh_if_created) {
5937 ifname = os_strdup(wpa_s->ifname);
5938 if (ifname == NULL) {
5939 wpa_dbg(wpa_s, MSG_ERROR,
5940 "mesh: Failed to malloc ifname");
5941 return -1;
5942 }
5943 }
5944#endif /* CONFIG_MESH */
5945
b22128ef
JM		 5946 if (global->p2p_group_formation == wpa_s)
5947 global->p2p_group_formation = NULL;
dbca75f8
JM		 5948 if (global->p2p_invite_group == wpa_s)
5949 global->p2p_invite_group = NULL;
df509539 5950 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6fc6879b 5951
5b78493f
MH		 5952#ifdef CONFIG_MESH
5953 if (mesh_if_created) {
9b170991 5954 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
5b78493f
MH		 5955 os_free(ifname);
5956 }
5957#endif /* CONFIG_MESH */
5958
6fc6879b
JM		 5959 return 0;
5960}
5961
5962
cf83fb0b
PS		 5963/**
5964 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5965 * @wpa_s: Pointer to the network interface
5966 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5967 */
5968const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5969{
5970 const char *eapol_method;
5971
5972 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5973 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5974 return "NO-EAP";
5975 }
5976
5977 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5978 if (eapol_method == NULL)
5979 return "UNKNOWN-EAP";
5980
5981 return eapol_method;
5982}
5983
5984
6fc6879b
JM		 5985/**
5986 * wpa_supplicant_get_iface - Get a new network interface
5987 * @global: Pointer to global data from wpa_supplicant_init()
5988 * @ifname: Interface name
5989 * Returns: Pointer to the interface or %NULL if not found
5990 */
5991struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5992 const char *ifname)
5993{
5994 struct wpa_supplicant *wpa_s;
5995
5996 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5997 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5998 return wpa_s;
5999 }
6000 return NULL;
6001}
6002
6003
50b16da1 6004#ifndef CONFIG_NO_WPA_MSG
4f1495ae
BG		 6005static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6006{
6007 struct wpa_supplicant *wpa_s = ctx;
6008 if (wpa_s == NULL)
6009 return NULL;
6010 return wpa_s->ifname;
6011}
50b16da1 6012#endif /* CONFIG_NO_WPA_MSG */
4f1495ae
BG		 6013
6014
8c0d0ff2
JM		 6015#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6016#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6017#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6018
6019/* Periodic cleanup tasks */
6020static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6021{
6022 struct wpa_global *global = eloop_ctx;
6023 struct wpa_supplicant *wpa_s;
6024
6025 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6026 wpas_periodic, global, NULL);
6027
6028#ifdef CONFIG_P2P
6029 if (global->p2p)
6030 p2p_expire_peers(global->p2p);
6031#endif /* CONFIG_P2P */
6032
3188aaba 6033 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8c0d0ff2 6034 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
3188aaba
JM		 6035#ifdef CONFIG_AP
6036 ap_periodic(wpa_s);
6037#endif /* CONFIG_AP */
6038 }
8c0d0ff2
JM		 6039}
6040
6041
6fc6879b
JM		 6042/**
6043 * wpa_supplicant_init - Initialize %wpa_supplicant
6044 * @params: Parameters for %wpa_supplicant
6045 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6046 *
6047 * This function is used to initialize %wpa_supplicant. After successful
6048 * initialization, the returned data pointer can be used to add and remove
6049 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6050 */
6051struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6052{
6053 struct wpa_global *global;
ac305589 6054 int ret, i;
6fc6879b
JM		 6055
6056 if (params == NULL)
6057 return NULL;
6058
39e7d718
JM		 6059#ifdef CONFIG_DRIVER_NDIS
6060 {
6061 void driver_ndis_init_ops(void);
6062 driver_ndis_init_ops();
6063 }
6064#endif /* CONFIG_DRIVER_NDIS */
6065
50b16da1 6066#ifndef CONFIG_NO_WPA_MSG
4f1495ae 6067 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
50b16da1 6068#endif /* CONFIG_NO_WPA_MSG */
4f1495ae 6069
f4637fe0
JM		 6070 if (params->wpa_debug_file_path)
6071 wpa_debug_open_file(params->wpa_debug_file_path);
6072 else
6073 wpa_debug_setup_stdout();
daa70d49
SL		 6074 if (params->wpa_debug_syslog)
6075 wpa_debug_open_syslog();
4f68895e
JB		 6076 if (params->wpa_debug_tracing) {
6077 ret = wpa_debug_open_linux_tracing();
6078 if (ret) {
6079 wpa_printf(MSG_ERROR,
6080 "Failed to enable trace logging");
6081 return NULL;
6082 }
6083 }
6fc6879b 6084
12760815 6085 ret = eap_register_methods();
6fc6879b
JM		 6086 if (ret) {
6087 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6088 if (ret == -2)
6089 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6090 "the same EAP type.");
6091 return NULL;
6092 }
6093
6094 global = os_zalloc(sizeof(*global));
6095 if (global == NULL)
6096 return NULL;
b22128ef
JM		 6097 dl_list_init(&global->p2p_srv_bonjour);
6098 dl_list_init(&global->p2p_srv_upnp);
6fc6879b
JM		 6099 global->params.daemonize = params->daemonize;
6100 global->params.wait_for_monitor = params->wait_for_monitor;
6101 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6102 if (params->pid_file)
6103 global->params.pid_file = os_strdup(params->pid_file);
6104 if (params->ctrl_interface)
6105 global->params.ctrl_interface =
6106 os_strdup(params->ctrl_interface);
29257565
JM		 6107 if (params->ctrl_interface_group)
6108 global->params.ctrl_interface_group =
6109 os_strdup(params->ctrl_interface_group);
d27df100
JM		 6110 if (params->override_driver)
6111 global->params.override_driver =
6112 os_strdup(params->override_driver);
6113 if (params->override_ctrl_interface)
6114 global->params.override_ctrl_interface =
6115 os_strdup(params->override_ctrl_interface);
2e997eec
RM		 6116#ifdef CONFIG_MATCH_IFACE
6117 global->params.match_iface_count = params->match_iface_count;
6118 if (params->match_iface_count) {
6119 global->params.match_ifaces =
6120 os_calloc(params->match_iface_count,
6121 sizeof(struct wpa_interface));
6122 os_memcpy(global->params.match_ifaces,
6123 params->match_ifaces,
6124 params->match_iface_count *
6125 sizeof(struct wpa_interface));
6126 }
6127#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6128#ifdef CONFIG_P2P
6129 if (params->conf_p2p_dev)
6130 global->params.conf_p2p_dev =
6131 os_strdup(params->conf_p2p_dev);
6132#endif /* CONFIG_P2P */
6fc6879b
JM		 6133 wpa_debug_level = global->params.wpa_debug_level =
6134 params->wpa_debug_level;
6135 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6136 params->wpa_debug_show_keys;
6137 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6138 params->wpa_debug_timestamp;
6139
f19858f5
JM		 6140 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6141
0456ea16 6142 if (eloop_init()) {
6fc6879b
JM		 6143 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6144 wpa_supplicant_deinit(global);
6145 return NULL;
6146 }
6147
38e24575 6148 random_init(params->entropy_file);
d47fa330 6149
6fc6879b
JM		 6150 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6151 if (global->ctrl_iface == NULL) {
6152 wpa_supplicant_deinit(global);
6153 return NULL;
6154 }
6155
dc461de4
WS		 6156 if (wpas_notify_supplicant_initialized(global)) {
6157 wpa_supplicant_deinit(global);
6158 return NULL;
6fc6879b
JM		 6159 }
6160
c5121837 6161 for (i = 0; wpa_drivers[i]; i++)
ac305589
JM		 6162 global->drv_count++;
6163 if (global->drv_count == 0) {
6164 wpa_printf(MSG_ERROR, "No drivers enabled");
6165 wpa_supplicant_deinit(global);
6166 return NULL;
6167 }
faebdeaa 6168 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
ac305589
JM		 6169 if (global->drv_priv == NULL) {
6170 wpa_supplicant_deinit(global);
6171 return NULL;
6172 }
ac305589 6173
9675ce35
JM		 6174#ifdef CONFIG_WIFI_DISPLAY
6175 if (wifi_display_init(global) < 0) {
6176 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6177 wpa_supplicant_deinit(global);
6178 return NULL;
6179 }
6180#endif /* CONFIG_WIFI_DISPLAY */
6181
8c0d0ff2
JM		 6182 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6183 wpas_periodic, global, NULL);
6184
6fc6879b
JM		 6185 return global;
6186}
6187
6188
6189/**
6190 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6191 * @global: Pointer to global data from wpa_supplicant_init()
6192 * Returns: 0 after successful event loop run, -1 on failure
6193 *
6194 * This function starts the main event loop and continues running as long as
6195 * there are any remaining events. In most cases, this function is running as
6196 * long as the %wpa_supplicant process in still in use.
6197 */
6198int wpa_supplicant_run(struct wpa_global *global)
6199{
6200 struct wpa_supplicant *wpa_s;
6201
6202 if (global->params.daemonize &&
2e69bdd1
RM		 6203 (wpa_supplicant_daemon(global->params.pid_file) ||
6204 eloop_sock_requeue()))
6fc6879b
JM		 6205 return -1;
6206
2e997eec
RM		 6207#ifdef CONFIG_MATCH_IFACE
6208 if (wpa_supplicant_match_existing(global))
6209 return -1;
6210#endif
6211
6fc6879b
JM		 6212 if (global->params.wait_for_monitor) {
6213 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
ede77701 6214 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6fc6879b
JM		 6215 wpa_supplicant_ctrl_iface_wait(
6216 wpa_s->ctrl_iface);
6217 }
6218
0456ea16
JM		 6219 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6220 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6fc6879b
JM		 6221
6222 eloop_run();
6223
6224 return 0;
6225}
6226
6227
6228/**
6229 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6230 * @global: Pointer to global data from wpa_supplicant_init()
6231 *
6232 * This function is called to deinitialize %wpa_supplicant and to free all
6233 * allocated resources. Remaining network interfaces will also be removed.
6234 */
6235void wpa_supplicant_deinit(struct wpa_global *global)
6236{
ac305589
JM		 6237 int i;
6238
6fc6879b
JM		 6239 if (global == NULL)
6240 return;
6241
8c0d0ff2
JM		 6242 eloop_cancel_timeout(wpas_periodic, global, NULL);
6243
9675ce35
JM		 6244#ifdef CONFIG_WIFI_DISPLAY
6245 wifi_display_deinit(global);
6246#endif /* CONFIG_WIFI_DISPLAY */
b22128ef 6247
6fc6879b 6248 while (global->ifaces)
df509539 6249 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6fc6879b
JM		 6250
6251 if (global->ctrl_iface)
6252 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
dc461de4
WS		 6253
6254 wpas_notify_supplicant_deinitialized(global);
6fc6879b
JM		 6255
6256 eap_peer_unregister_methods();
3ec97afe
JM		 6257#ifdef CONFIG_AP
6258 eap_server_unregister_methods();
6259#endif /* CONFIG_AP */
6fc6879b 6260
c5121837 6261 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
ac305589
JM		 6262 if (!global->drv_priv[i])
6263 continue;
c5121837 6264 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
ac305589
JM		 6265 }
6266 os_free(global->drv_priv);
6267
d47fa330
JM		 6268 random_deinit();
6269
6fc6879b
JM		 6270 eloop_destroy();
6271
6272 if (global->params.pid_file) {
6273 os_daemonize_terminate(global->params.pid_file);
6274 os_free(global->params.pid_file);
6275 }
6276 os_free(global->params.ctrl_interface);
29257565 6277 os_free(global->params.ctrl_interface_group);
d27df100
JM		 6278 os_free(global->params.override_driver);
6279 os_free(global->params.override_ctrl_interface);
2e997eec
RM		 6280#ifdef CONFIG_MATCH_IFACE
6281 os_free(global->params.match_ifaces);
6282#endif /* CONFIG_MATCH_IFACE */
d4e59795
G		 6283#ifdef CONFIG_P2P
6284 os_free(global->params.conf_p2p_dev);
6285#endif /* CONFIG_P2P */
6fc6879b 6286
af8a827b 6287 os_free(global->p2p_disallow_freq.range);
253f2e37 6288 os_free(global->p2p_go_avoid_freq.range);
01a57fe4 6289 os_free(global->add_psk);
6f3bc72b 6290
6fc6879b 6291 os_free(global);
daa70d49 6292 wpa_debug_close_syslog();
6fc6879b 6293 wpa_debug_close_file();
4f68895e 6294 wpa_debug_close_linux_tracing();
6fc6879b 6295}
611aea7d
JM		 6296
6297
6298void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6299{
849b5dc7
JM		 6300 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6301 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6302 char country[3];
6303 country[0] = wpa_s->conf->country[0];
6304 country[1] = wpa_s->conf->country[1];
6305 country[2] = '\0';
6306 if (wpa_drv_set_country(wpa_s, country) < 0) {
6307 wpa_printf(MSG_ERROR, "Failed to set country code "
6308 "'%s'", country);
6309 }
6310 }
6311
306ae225
JM		 6312 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6313 wpas_init_ext_pw(wpa_s);
6314
bea48f77
JM		 6315 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6316 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6317
3c7863f8
LD		 6318 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6319 struct wpa_driver_capa capa;
6320 int res = wpa_drv_get_capa(wpa_s, &capa);
6321
6322 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6323 wpa_printf(MSG_ERROR,
6324 "Failed to update wowlan_triggers to '%s'",
6325 wpa_s->conf->wowlan_triggers);
6326 }
6327
611aea7d
JM		 6328#ifdef CONFIG_WPS
6329 wpas_wps_update_config(wpa_s);
6330#endif /* CONFIG_WPS */
b22128ef 6331 wpas_p2p_update_config(wpa_s);
611aea7d
JM		 6332 wpa_s->conf->changed_parameters = 0;
6333}
2f9c6aa6
JM		 6334
6335
e1117c1c 6336void add_freq(int *freqs, int *num_freqs, int freq)
0fb337c1
JM		 6337{
6338 int i;
6339
6340 for (i = 0; i < *num_freqs; i++) {
6341 if (freqs[i] == freq)
6342 return;
6343 }
6344
6345 freqs[*num_freqs] = freq;
6346 (*num_freqs)++;
6347}
6348
6349
6350static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
6351{
6352 struct wpa_bss *bss, *cbss;
6353 const int max_freqs = 10;
6354 int *freqs;
6355 int num_freqs = 0;
6356
faebdeaa 6357 freqs = os_calloc(max_freqs + 1, sizeof(int));
0fb337c1
JM		 6358 if (freqs == NULL)
6359 return NULL;
6360
6361 cbss = wpa_s->current_bss;
6362
6363 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
6364 if (bss == cbss)
6365 continue;
6366 if (bss->ssid_len == cbss->ssid_len &&
6367 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
6368 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
6369 add_freq(freqs, &num_freqs, bss->freq);
6370 if (num_freqs == max_freqs)
6371 break;
6372 }
6373 }
6374
6375 if (num_freqs == 0) {
6376 os_free(freqs);
6377 freqs = NULL;
6378 }
6379
6380 return freqs;
6381}
6382
6383
6384void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6385{
6386 int timeout;
6387 int count;
6388 int *freqs = NULL;
6389
6ac4b15e
JM		 6390 wpas_connect_work_done(wpa_s);
6391
5fd9fb27
JM		 6392 /*
6393 * Remove possible authentication timeout since the connection failed.
6394 */
6395 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
6396
c2805909
JM		 6397 /*
6398 * There is no point in blacklisting the AP if this event is
6399 * generated based on local request to disconnect.
6400 */
6401 if (wpa_s->own_disconnect_req) {
6402 wpa_s->own_disconnect_req = 0;
6403 wpa_dbg(wpa_s, MSG_DEBUG,
6404 "Ignore connection failure due to local request to disconnect");
6405 return;
6406 }
0cdb93fe 6407 if (wpa_s->disconnected) {
0cdb93fe
JM		 6408 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
6409 "indication since interface has been put into "
6410 "disconnected state");
6411 return;
6412 }
6413
0fb337c1
JM		 6414 /*
6415 * Add the failed BSSID into the blacklist and speed up next scan
6416 * attempt if there could be other APs that could accept association.
6417 * The current blacklist count indicates how many times we have tried
6418 * connecting to this AP and multiple attempts mean that other APs are
6419 * either not available or has already been tried, so that we can start
6420 * increasing the delay here to avoid constant scanning.
6421 */
6422 count = wpa_blacklist_add(wpa_s, bssid);
6423 if (count == 1 && wpa_s->current_bss) {
6424 /*
6425 * This BSS was not in the blacklist before. If there is
6426 * another BSS available for the same ESS, we should try that
6427 * next. Otherwise, we may as well try this one once more
6428 * before allowing other, likely worse, ESSes to be considered.
6429 */
6430 freqs = get_bss_freqs_in_ess(wpa_s);
6431 if (freqs) {
f049052b
BG		 6432 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
6433 "has been seen; try it next");
0fb337c1
JM		 6434 wpa_blacklist_add(wpa_s, bssid);
6435 /*
6436 * On the next scan, go through only the known channels
6437 * used in this ESS based on previous scans to speed up
6438 * common load balancing use case.
6439 */
6440 os_free(wpa_s->next_scan_freqs);
6441 wpa_s->next_scan_freqs = freqs;
6442 }
6443 }
6444
f1a52633
JM		 6445 /*
6446 * Add previous failure count in case the temporary blacklist was
6447 * cleared due to no other BSSes being available.
6448 */
6449 count += wpa_s->extra_blacklist_count;
6450
dd579704
JM		 6451 if (count > 3 && wpa_s->current_ssid) {
6452 wpa_printf(MSG_DEBUG, "Continuous association failures - "
6453 "consider temporary network disabling");
b19c098e 6454 wpas_auth_failed(wpa_s, "CONN_FAILED");
dd579704
JM		 6455 }
6456
0fb337c1
JM		 6457 switch (count) {
6458 case 1:
6459 timeout = 100;
6460 break;
6461 case 2:
6462 timeout = 500;
6463 break;
6464 case 3:
6465 timeout = 1000;
6466 break;
f1a52633 6467 case 4:
0fb337c1 6468 timeout = 5000;
f1a52633
JM		 6469 break;
6470 default:
6471 timeout = 10000;
6472 break;
0fb337c1
JM		 6473 }
6474
f1a52633
JM		 6475 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
6476 "ms", count, timeout);
6477
0fb337c1
JM		 6478 /*
6479 * TODO: if more than one possible AP is available in scan results,
6480 * could try the other ones before requesting a new scan.
6481 */
6482 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
6483 1000 * (timeout % 1000));
6484}
22628eca
JM		 6485
6486
6487int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
6488{
6489 return wpa_s->conf->ap_scan == 2 ||
6490 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
6491}
d2118814
JM		 6492
6493
6494#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6495int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
6496 struct wpa_ssid *ssid,
6497 const char *field,
6498 const char *value)
6499{
6500#ifdef IEEE8021X_EAPOL
6501 struct eap_peer_config *eap = &ssid->eap;
6502
6503 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
6504 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
6505 (const u8 *) value, os_strlen(value));
6506
6507 switch (wpa_supplicant_ctrl_req_from_string(field)) {
6508 case WPA_CTRL_REQ_EAP_IDENTITY:
6509 os_free(eap->identity);
6510 eap->identity = (u8 *) os_strdup(value);
6511 eap->identity_len = os_strlen(value);
6512 eap->pending_req_identity = 0;
6513 if (ssid == wpa_s->current_ssid)
6514 wpa_s->reassociate = 1;
6515 break;
6516 case WPA_CTRL_REQ_EAP_PASSWORD:
19c48da0 6517 bin_clear_free(eap->password, eap->password_len);
d2118814
JM		 6518 eap->password = (u8 *) os_strdup(value);
6519 eap->password_len = os_strlen(value);
6520 eap->pending_req_password = 0;
6521 if (ssid == wpa_s->current_ssid)
6522 wpa_s->reassociate = 1;
6523 break;
6524 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
19c48da0 6525 bin_clear_free(eap->new_password, eap->new_password_len);
d2118814
JM		 6526 eap->new_password = (u8 *) os_strdup(value);
6527 eap->new_password_len = os_strlen(value);
6528 eap->pending_req_new_password = 0;
6529 if (ssid == wpa_s->current_ssid)
6530 wpa_s->reassociate = 1;
6531 break;
6532 case WPA_CTRL_REQ_EAP_PIN:
19c48da0 6533 str_clear_free(eap->pin);
d2118814
JM		 6534 eap->pin = os_strdup(value);
6535 eap->pending_req_pin = 0;
6536 if (ssid == wpa_s->current_ssid)
6537 wpa_s->reassociate = 1;
6538 break;
6539 case WPA_CTRL_REQ_EAP_OTP:
19c48da0 6540 bin_clear_free(eap->otp, eap->otp_len);
d2118814
JM		 6541 eap->otp = (u8 *) os_strdup(value);
6542 eap->otp_len = os_strlen(value);
6543 os_free(eap->pending_req_otp);
6544 eap->pending_req_otp = NULL;
6545 eap->pending_req_otp_len = 0;
6546 break;
6547 case WPA_CTRL_REQ_EAP_PASSPHRASE:
19c48da0
JM		 6548 str_clear_free(eap->private_key_passwd);
6549 eap->private_key_passwd = os_strdup(value);
d2118814
JM		 6550 eap->pending_req_passphrase = 0;
6551 if (ssid == wpa_s->current_ssid)
6552 wpa_s->reassociate = 1;
6553 break;
a5d44ac0 6554 case WPA_CTRL_REQ_SIM:
19c48da0 6555 str_clear_free(eap->external_sim_resp);
a5d44ac0 6556 eap->external_sim_resp = os_strdup(value);
ed9b1c16 6557 eap->pending_req_sim = 0;
a5d44ac0 6558 break;
a52410c2
JM		 6559 case WPA_CTRL_REQ_PSK_PASSPHRASE:
6560 if (wpa_config_set(ssid, "psk", value, 0) < 0)
6561 return -1;
6562 ssid->mem_only_psk = 1;
6563 if (ssid->passphrase)
6564 wpa_config_update_psk(ssid);
6565 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
6566 wpa_supplicant_req_scan(wpa_s, 0, 0);
6567 break;
3c108b75
JM		 6568 case WPA_CTRL_REQ_EXT_CERT_CHECK:
6569 if (eap->pending_ext_cert_check != PENDING_CHECK)
6570 return -1;
6571 if (os_strcmp(value, "good") == 0)
6572 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
6573 else if (os_strcmp(value, "bad") == 0)
6574 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
6575 else
6576 return -1;
6577 break;
d2118814
JM		 6578 default:
6579 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
6580 return -1;
6581 }
6582
6583 return 0;
6584#else /* IEEE8021X_EAPOL */
6585 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
6586 return -1;
6587#endif /* IEEE8021X_EAPOL */
6588}
6589#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
349493bd
JM		 6590
6591
6592int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6593{
6594 int i;
6595 unsigned int drv_enc;
6596
44b9ea5b
JM		 6597 if (wpa_s->p2p_mgmt)
6598 return 1; /* no normal network profiles on p2p_mgmt interface */
6599
349493bd
JM		 6600 if (ssid == NULL)
6601 return 1;
6602
6603 if (ssid->disabled)
6604 return 1;
6605
9feadba1 6606 if (wpa_s->drv_capa_known)
349493bd
JM		 6607 drv_enc = wpa_s->drv_enc;
6608 else
6609 drv_enc = (unsigned int) -1;
6610
6611 for (i = 0; i < NUM_WEP_KEYS; i++) {
6612 size_t len = ssid->wep_key_len[i];
6613 if (len == 0)
6614 continue;
6615 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
6616 continue;
6617 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
6618 continue;
6619 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
6620 continue;
6621 return 1; /* invalid WEP key */
6622 }
6623
9173b16f 6624 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
a52410c2 6625 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
a34ca59e 6626 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
a52410c2 6627 !ssid->mem_only_psk)
2518aad3
JM		 6628 return 1;
6629
349493bd
JM		 6630 return 0;
6631}
b9cfc09a
JJ		 6632
6633
3f56a2b7
JM		 6634int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
6635{
6636#ifdef CONFIG_IEEE80211W
6637 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
6638 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
6639 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
6640 /*
6641 * Driver does not support BIP -- ignore pmf=1 default
6642 * since the connection with PMF would fail and the
6643 * configuration does not require PMF to be enabled.
6644 */
6645 return NO_MGMT_FRAME_PROTECTION;
6646 }
6647
22950049
JM		 6648 if (ssid &&
6649 (ssid->key_mgmt &
6650 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
6651 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
6652 /*
6653 * Do not use the default PMF value for non-RSN networks
6654 * since PMF is available only with RSN and pmf=2
6655 * configuration would otherwise prevent connections to
6656 * all open networks.
6657 */
6658 return NO_MGMT_FRAME_PROTECTION;
6659 }
6660
3f56a2b7
JM		 6661 return wpa_s->conf->pmf;
6662 }
6663
6664 return ssid->ieee80211w;
6665#else /* CONFIG_IEEE80211W */
6666 return NO_MGMT_FRAME_PROTECTION;
6667#endif /* CONFIG_IEEE80211W */
6668}
6669
6670
b9cfc09a
JJ		 6671int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
6672{
6673 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
6674 return 1;
6675 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
6676 return 0;
6677 return -1;
6678}
00e5e3d5
JM		 6679
6680
b19c098e 6681void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
00e5e3d5
JM		 6682{
6683 struct wpa_ssid *ssid = wpa_s->current_ssid;
6684 int dur;
4e1eae1d 6685 struct os_reltime now;
00e5e3d5
JM		 6686
6687 if (ssid == NULL) {
6688 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
6689 "SSID block");
6690 return;
6691 }
6692
6693 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
6694 return;
6695
6696 ssid->auth_failures++;
cbf41ca7
SL		 6697
6698#ifdef CONFIG_P2P
6699 if (ssid->p2p_group &&
6700 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
6701 /*
6702 * Skip the wait time since there is a short timeout on the
6703 * connection to a P2P group.
6704 */
6705 return;
6706 }
6707#endif /* CONFIG_P2P */
6708
00e5e3d5
JM		 6709 if (ssid->auth_failures > 50)
6710 dur = 300;
00e5e3d5 6711 else if (ssid->auth_failures > 10)
8a77f1be 6712 dur = 120;
00e5e3d5 6713 else if (ssid->auth_failures > 5)
8a77f1be
JM		 6714 dur = 90;
6715 else if (ssid->auth_failures > 3)
6716 dur = 60;
6717 else if (ssid->auth_failures > 2)
00e5e3d5
JM		 6718 dur = 30;
6719 else if (ssid->auth_failures > 1)
6720 dur = 20;
6721 else
6722 dur = 10;
6723
8a77f1be
JM		 6724 if (ssid->auth_failures > 1 &&
6725 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
6726 dur += os_random() % (ssid->auth_failures * 10);
6727
4e1eae1d 6728 os_get_reltime(&now);
00e5e3d5
JM		 6729 if (now.sec + dur <= ssid->disabled_until.sec)
6730 return;
6731
6732 ssid->disabled_until.sec = now.sec + dur;
6733
6734 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
b19c098e 6735 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
00e5e3d5 6736 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
b19c098e 6737 ssid->auth_failures, dur, reason);
00e5e3d5
JM		 6738}
6739
6740
6741void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
6742 struct wpa_ssid *ssid, int clear_failures)
6743{
6744 if (ssid == NULL)
6745 return;
6746
6747 if (ssid->disabled_until.sec) {
6748 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
6749 "id=%d ssid=\"%s\"",
6750 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
6751 }
6752 ssid->disabled_until.sec = 0;
6753 ssid->disabled_until.usec = 0;
6754 if (clear_failures)
6755 ssid->auth_failures = 0;
6756}
6407f413
JM		 6757
6758
6759int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
6760{
6761 size_t i;
6762
6763 if (wpa_s->disallow_aps_bssid == NULL)
6764 return 0;
6765
6766 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
6767 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
6768 bssid, ETH_ALEN) == 0)
6769 return 1;
6770 }
6771
6772 return 0;
6773}
6774
6775
6776int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
6777 size_t ssid_len)
6778{
6779 size_t i;
6780
6781 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
6782 return 0;
6783
6784 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
6785 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
6786 if (ssid_len == s->ssid_len &&
6787 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6788 return 1;
6789 }
6790
6791 return 0;
6792}
9796a86c
JM		 6793
6794
6795/**
6796 * wpas_request_connection - Request a new connection
6797 * @wpa_s: Pointer to the network interface
6798 *
6799 * This function is used to request a new connection to be found. It will mark
6800 * the interface to allow reassociation and request a new scan to find a
6801 * suitable network to connect to.
6802 */
6803void wpas_request_connection(struct wpa_supplicant *wpa_s)
6804{
6805 wpa_s->normal_scans = 0;
5214f4fa 6806 wpa_s->scan_req = NORMAL_SCAN_REQ;
9796a86c
JM		 6807 wpa_supplicant_reinit_autoscan(wpa_s);
6808 wpa_s->extra_blacklist_count = 0;
6809 wpa_s->disconnected = 0;
6810 wpa_s->reassociate = 1;
2cb40e9f 6811 wpa_s->last_owe_group = 0;
5e24beae
MH		 6812
6813 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6814 wpa_supplicant_req_scan(wpa_s, 0, 0);
0c5f01fd
B		 6815 else
6816 wpa_s->reattach = 0;
9796a86c 6817}
36b9883d
DG		 6818
6819
5f040be4
RP		 6820/**
6821 * wpas_request_disconnection - Request disconnection
6822 * @wpa_s: Pointer to the network interface
6823 *
6824 * This function is used to request disconnection from the currently connected
6825 * network. This will stop any ongoing scans and initiate deauthentication.
6826 */
6827void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6828{
6829#ifdef CONFIG_SME
6830 wpa_s->sme.prev_bssid_set = 0;
6831#endif /* CONFIG_SME */
6832 wpa_s->reassociate = 0;
6833 wpa_s->disconnected = 1;
6834 wpa_supplicant_cancel_sched_scan(wpa_s);
6835 wpa_supplicant_cancel_scan(wpa_s);
6836 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6837 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6838}
6839
6840
a0c90bb0
IP		 6841void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6842 struct wpa_used_freq_data *freqs_data,
6843 unsigned int len)
6844{
6845 unsigned int i;
6846
6847 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6848 len, title);
6849 for (i = 0; i < len; i++) {
6850 struct wpa_used_freq_data *cur = &freqs_data[i];
6851 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6852 i, cur->freq, cur->flags);
6853 }
6854}
6855
6856
53c5dfc2
IP		 6857/*
6858 * Find the operating frequencies of any of the virtual interfaces that
a0c90bb0
IP		 6859 * are using the same radio as the current interface, and in addition, get
6860 * information about the interface types that are using the frequency.
53c5dfc2 6861 */
a0c90bb0
IP		 6862int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6863 struct wpa_used_freq_data *freqs_data,
6864 unsigned int len)
53c5dfc2 6865{
53c5dfc2
IP		 6866 struct wpa_supplicant *ifs;
6867 u8 bssid[ETH_ALEN];
6868 int freq;
6869 unsigned int idx = 0, i;
6870
217cf499
JM		 6871 wpa_dbg(wpa_s, MSG_DEBUG,
6872 "Determining shared radio frequencies (max len %u)", len);
a0c90bb0 6873 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
53c5dfc2 6874
0ad3b9c4
JM		 6875 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6876 radio_list) {
a0c90bb0
IP		 6877 if (idx == len)
6878 break;
6879
53c5dfc2
IP		 6880 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6881 continue;
6882
6883 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
241c3333
MH		 6884 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6885 ifs->current_ssid->mode == WPAS_MODE_MESH)
53c5dfc2
IP		 6886 freq = ifs->current_ssid->frequency;
6887 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6888 freq = ifs->assoc_freq;
6889 else
6890 continue;
6891
6892 /* Hold only distinct freqs */
6893 for (i = 0; i < idx; i++)
a0c90bb0 6894 if (freqs_data[i].freq == freq)
53c5dfc2
IP		 6895 break;
6896
6897 if (i == idx)
a0c90bb0
IP		 6898 freqs_data[idx++].freq = freq;
6899
6900 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
22264b3c 6901 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
a0c90bb0
IP		 6902 WPA_FREQ_USED_BY_P2P_CLIENT :
6903 WPA_FREQ_USED_BY_INFRA_STATION;
6904 }
53c5dfc2 6905 }
217cf499 6906
a0c90bb0 6907 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
53c5dfc2
IP		 6908 return idx;
6909}
a0c90bb0
IP		 6910
6911
6912/*
6913 * Find the operating frequencies of any of the virtual interfaces that
6914 * are using the same radio as the current interface.
6915 */
6916int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6917 int *freq_array, unsigned int len)
6918{
6919 struct wpa_used_freq_data *freqs_data;
6920 int num, i;
6921
6922 os_memset(freq_array, 0, sizeof(int) * len);
6923
6924 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6925 if (!freqs_data)
6926 return -1;
6927
6928 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6929 for (i = 0; i < num; i++)
6930 freq_array[i] = freqs_data[i].freq;
6931
6932 os_free(freqs_data);
6933
6934 return num;
6935}
b361d580
AK		 6936
6937
af041f99
AA		 6938struct wpa_supplicant *
6939wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6940{
6941 switch (frame) {
6942#ifdef CONFIG_P2P
6943 case VENDOR_ELEM_PROBE_REQ_P2P:
6944 case VENDOR_ELEM_PROBE_RESP_P2P:
6945 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6946 case VENDOR_ELEM_BEACON_P2P_GO:
6947 case VENDOR_ELEM_P2P_PD_REQ:
6948 case VENDOR_ELEM_P2P_PD_RESP:
6949 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6950 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6951 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6952 case VENDOR_ELEM_P2P_INV_REQ:
6953 case VENDOR_ELEM_P2P_INV_RESP:
6954 case VENDOR_ELEM_P2P_ASSOC_REQ:
6955 case VENDOR_ELEM_P2P_ASSOC_RESP:
ba307f85 6956 return wpa_s->p2pdev;
af041f99
AA		 6957#endif /* CONFIG_P2P */
6958 default:
6959 return wpa_s;
6960 }
6961}
6962
6963
6964void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6965{
6966 unsigned int i;
6967 char buf[30];
6968
6969 wpa_printf(MSG_DEBUG, "Update vendor elements");
6970
6971 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6972 if (wpa_s->vendor_elem[i]) {
6973 int res;
6974
6975 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6976 if (!os_snprintf_error(sizeof(buf), res)) {
6977 wpa_hexdump_buf(MSG_DEBUG, buf,
6978 wpa_s->vendor_elem[i]);
6979 }
6980 }
6981 }
6982
6983#ifdef CONFIG_P2P
6984 if (wpa_s->parent == wpa_s &&
6985 wpa_s->global->p2p &&
6986 !wpa_s->global->p2p_disabled)
6987 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6988#endif /* CONFIG_P2P */
6989}
6990
6991
6992int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6993 const u8 *elem, size_t len)
6994{
6995 u8 *ie, *end;
6996
6997 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6998 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6999
7000 for (; ie + 1 < end; ie += 2 + ie[1]) {
7001 if (ie + len > end)
7002 break;
7003 if (os_memcmp(ie, elem, len) != 0)
7004 continue;
7005
7006 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7007 wpabuf_free(wpa_s->vendor_elem[frame]);
7008 wpa_s->vendor_elem[frame] = NULL;
7009 } else {
7010 os_memmove(ie, ie + len, end - (ie + len));
7011 wpa_s->vendor_elem[frame]->used -= len;
7012 }
7013 wpas_vendor_elem_update(wpa_s);
7014 return 0;
7015 }
7016
7017 return -1;
7018}
ea69d973
AS		 7019
7020
7021struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7022 u16 num_modes, enum hostapd_hw_mode mode)
7023{
7024 u16 i;
7025
7026 for (i = 0; i < num_modes; i++) {
7027 if (modes[i].mode == mode)
7028 return &modes[i];
7029 }
7030
7031 return NULL;
7032}
dd599908
AS		 7033
7034
7035static struct
7036wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7037 const u8 *bssid)
7038{
7039 struct wpa_bss_tmp_disallowed *bss;
7040
7041 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7042 struct wpa_bss_tmp_disallowed, list) {
7043 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7044 return bss;
7045 }
7046
7047 return NULL;
7048}
7049
7050
b04854ce
AP		 7051static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7052{
7053 struct wpa_bss_tmp_disallowed *tmp;
7054 unsigned int num_bssid = 0;
7055 u8 *bssids;
7056 int ret;
7057
7058 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7059 if (!bssids)
7060 return -1;
7061 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7062 struct wpa_bss_tmp_disallowed, list) {
7063 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7064 ETH_ALEN);
7065 num_bssid++;
7066 }
7067 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7068 os_free(bssids);
7069 return ret;
7070}
7071
7072
7073static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7074{
7075 struct wpa_supplicant *wpa_s = eloop_ctx;
7076 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7077
7078 /* Make sure the bss is not already freed */
7079 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7080 struct wpa_bss_tmp_disallowed, list) {
7081 if (bss == tmp) {
7082 dl_list_del(&tmp->list);
7083 os_free(tmp);
7084 wpa_set_driver_tmp_disallow_list(wpa_s);
7085 break;
7086 }
7087 }
7088}
7089
7090
dd599908
AS		 7091void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7092 unsigned int sec)
7093{
7094 struct wpa_bss_tmp_disallowed *bss;
dd599908
AS		 7095
7096 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7097 if (bss) {
b04854ce
AP		 7098 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7099 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7100 wpa_s, bss);
dd599908
AS		 7101 return;
7102 }
7103
7104 bss = os_malloc(sizeof(*bss));
7105 if (!bss) {
7106 wpa_printf(MSG_DEBUG,
7107 "Failed to allocate memory for temp disallow BSS");
7108 return;
7109 }
7110
dd599908
AS		 7111 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7112 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
b04854ce
AP		 7113 wpa_set_driver_tmp_disallow_list(wpa_s);
7114 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7115 wpa_s, bss);
dd599908
AS		 7116}
7117
7118
7119int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7120{
d010048c 7121 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
dd599908 7122
d010048c
JM		 7123 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7124 struct wpa_bss_tmp_disallowed, list) {
d010048c
JM		 7125 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
7126 bss = tmp;
7127 break;
7128 }
7129 }
dd599908
AS		 7130 if (!bss)
7131 return 0;
7132
d010048c 7133 return 1;
dd599908 7134}
Unnamed repository; edit this file 'description' to name the repository.