3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
46 #include "blacklist.h"
47 #include "wpas_glue.h"
48 #include "wps_supplicant.h"
51 #include "gas_query.h"
53 #include "p2p_supplicant.h"
54 #include "wifi_display.h"
60 #include "offchannel.h"
61 #include "hs20_supplicant.h"
65 #include "dpp_supplicant.h"
67 #include "ap/ap_config.h"
68 #include "ap/hostapd.h"
69 #endif /* CONFIG_MESH */
71 const char *const wpa_supplicant_version
=
72 "wpa_supplicant v" VERSION_STR
"\n"
73 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
75 const char *const wpa_supplicant_license
=
76 "This software may be distributed under the terms of the BSD license.\n"
77 "See README for more details.\n"
78 #ifdef EAP_TLS_OPENSSL
79 "\nThis product includes software developed by the OpenSSL Project\n"
80 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81 #endif /* EAP_TLS_OPENSSL */
84 #ifndef CONFIG_NO_STDOUT_DEBUG
85 /* Long text divided into parts in order to fit in C89 strings size limits. */
86 const char *const wpa_supplicant_full_license1
=
88 const char *const wpa_supplicant_full_license2
=
89 "This software may be distributed under the terms of the BSD license.\n"
91 "Redistribution and use in source and binary forms, with or without\n"
92 "modification, are permitted provided that the following conditions are\n"
95 const char *const wpa_supplicant_full_license3
=
96 "1. Redistributions of source code must retain the above copyright\n"
97 " notice, this list of conditions and the following disclaimer.\n"
99 "2. Redistributions in binary form must reproduce the above copyright\n"
100 " notice, this list of conditions and the following disclaimer in the\n"
101 " documentation and/or other materials provided with the distribution.\n"
103 const char *const wpa_supplicant_full_license4
=
104 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105 " names of its contributors may be used to endorse or promote products\n"
106 " derived from this software without specific prior written permission.\n"
108 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
112 const char *const wpa_supplicant_full_license5
=
113 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 #endif /* CONFIG_NO_STDOUT_DEBUG */
124 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
127 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
);
130 #endif /* CONFIG_OWE */
133 /* Configure default/group WEP keys for static WEP */
134 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
138 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
139 if (ssid
->wep_key_len
[i
] == 0)
143 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
144 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
145 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
152 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
153 struct wpa_ssid
*ssid
)
161 /* IBSS/WPA-None uses only one key (Group) for both receiving and
162 * sending unicast and multicast packets. */
164 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
165 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
166 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
170 if (!ssid
->psk_set
) {
171 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
176 switch (wpa_s
->group_cipher
) {
177 case WPA_CIPHER_CCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_GCMP
:
183 os_memcpy(key
, ssid
->psk
, 16);
187 case WPA_CIPHER_TKIP
:
188 /* WPA-None uses the same Michael MIC key for both TX and RX */
189 os_memcpy(key
, ssid
->psk
, 16 + 8);
190 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
195 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
196 "WPA-None", wpa_s
->group_cipher
);
200 /* TODO: should actually remember the previously used seq#, both for TX
201 * and RX from each STA.. */
203 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
204 os_memset(key
, 0, sizeof(key
));
209 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
211 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
212 const u8
*bssid
= wpa_s
->bssid
;
213 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
214 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
215 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
216 bssid
= wpa_s
->pending_bssid
;
217 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
219 wpa_blacklist_add(wpa_s
, bssid
);
220 wpa_sm_notify_disassoc(wpa_s
->wpa
);
221 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
222 wpa_s
->reassociate
= 1;
225 * If we timed out, the AP or the local radio may be busy.
226 * So, wait a second until scanning again.
228 wpa_supplicant_req_scan(wpa_s
, 1, 0);
233 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
234 * @wpa_s: Pointer to wpa_supplicant data
235 * @sec: Number of seconds after which to time out authentication
236 * @usec: Number of microseconds after which to time out authentication
238 * This function is used to schedule a timeout for the current authentication
241 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
244 if (wpa_s
->conf
->ap_scan
== 0 &&
245 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
248 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
249 "%d usec", sec
, usec
);
250 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
251 wpa_s
->last_auth_timeout_sec
= sec
;
252 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
257 * wpas_auth_timeout_restart - Restart and change timeout for authentication
258 * @wpa_s: Pointer to wpa_supplicant data
259 * @sec_diff: difference in seconds applied to original timeout value
261 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
263 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
265 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
266 wpa_dbg(wpa_s
, MSG_DEBUG
,
267 "Authentication timeout restart: %d sec", new_sec
);
268 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
269 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
276 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
277 * @wpa_s: Pointer to wpa_supplicant data
279 * This function is used to cancel authentication timeout scheduled with
280 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
283 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
285 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
286 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
287 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
288 os_free(wpa_s
->last_con_fail_realm
);
289 wpa_s
->last_con_fail_realm
= NULL
;
290 wpa_s
->last_con_fail_realm_len
= 0;
295 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
296 * @wpa_s: Pointer to wpa_supplicant data
298 * This function is used to configure EAPOL state machine based on the selected
299 * authentication mode.
301 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
303 #ifdef IEEE8021X_EAPOL
304 struct eapol_config eapol_conf
;
305 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
307 #ifdef CONFIG_IBSS_RSN
308 if (ssid
->mode
== WPAS_MODE_IBSS
&&
309 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
312 * RSN IBSS authentication is per-STA and we can disable the
313 * per-BSSID EAPOL authentication.
315 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
316 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
317 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 #endif /* CONFIG_IBSS_RSN */
322 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
323 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
325 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
326 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
327 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
329 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
331 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
332 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
333 eapol_conf
.accept_802_1x_keys
= 1;
334 eapol_conf
.required_keys
= 0;
335 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
336 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
338 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
339 eapol_conf
.required_keys
|=
340 EAPOL_REQUIRE_KEY_BROADCAST
;
343 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
344 eapol_conf
.required_keys
= 0;
346 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
347 eapol_conf
.workaround
= ssid
->eap_workaround
;
348 eapol_conf
.eap_disabled
=
349 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
350 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
351 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
352 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
355 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
356 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
357 if (wpa_s
->current_bss
) {
359 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
364 EAPOL_PEER_IS_WPS20_AP
;
369 #endif /* CONFIG_WPS */
371 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
374 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
375 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
377 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
378 #endif /* CONFIG_MACSEC */
379 #endif /* IEEE8021X_EAPOL */
384 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
385 * @wpa_s: Pointer to wpa_supplicant data
386 * @ssid: Configuration data for the network
388 * This function is used to configure WPA state machine and related parameters
389 * to a mode where WPA is not enabled. This is called as part of the
390 * authentication configuration when the selected network does not use WPA.
392 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
393 struct wpa_ssid
*ssid
)
397 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
399 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
400 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
402 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
403 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
404 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
405 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
406 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
407 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
408 wpa_s
->mgmt_group_cipher
= 0;
410 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
411 if (ssid
->wep_key_len
[i
] > 5) {
412 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
413 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
415 } else if (ssid
->wep_key_len
[i
] > 0) {
416 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
417 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
422 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
424 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
425 wpa_s
->pairwise_cipher
);
426 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
427 #ifdef CONFIG_IEEE80211W
428 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
429 wpa_s
->mgmt_group_cipher
);
430 #endif /* CONFIG_IEEE80211W */
432 pmksa_cache_clear_current(wpa_s
->wpa
);
436 void free_hw_features(struct wpa_supplicant
*wpa_s
)
439 if (wpa_s
->hw
.modes
== NULL
)
442 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
443 os_free(wpa_s
->hw
.modes
[i
].channels
);
444 os_free(wpa_s
->hw
.modes
[i
].rates
);
447 os_free(wpa_s
->hw
.modes
);
448 wpa_s
->hw
.modes
= NULL
;
452 void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
454 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
456 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
457 struct wpa_bss_tmp_disallowed
, list
) {
458 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
459 dl_list_del(&bss
->list
);
465 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
467 struct fils_hlp_req
*req
;
469 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
471 dl_list_del(&req
->list
);
472 wpabuf_free(req
->pkt
);
478 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
482 bgscan_deinit(wpa_s
);
483 autoscan_deinit(wpa_s
);
484 scard_deinit(wpa_s
->scard
);
486 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
487 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
488 l2_packet_deinit(wpa_s
->l2
);
491 l2_packet_deinit(wpa_s
->l2_br
);
494 #ifdef CONFIG_TESTING_OPTIONS
495 l2_packet_deinit(wpa_s
->l2_test
);
496 wpa_s
->l2_test
= NULL
;
497 os_free(wpa_s
->get_pref_freq_list_override
);
498 wpa_s
->get_pref_freq_list_override
= NULL
;
499 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
500 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
501 #endif /* CONFIG_TESTING_OPTIONS */
503 if (wpa_s
->conf
!= NULL
) {
504 struct wpa_ssid
*ssid
;
505 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
506 wpas_notify_network_removed(wpa_s
, ssid
);
509 os_free(wpa_s
->confname
);
510 wpa_s
->confname
= NULL
;
512 os_free(wpa_s
->confanother
);
513 wpa_s
->confanother
= NULL
;
515 os_free(wpa_s
->last_con_fail_realm
);
516 wpa_s
->last_con_fail_realm
= NULL
;
517 wpa_s
->last_con_fail_realm_len
= 0;
519 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
520 eapol_sm_deinit(wpa_s
->eapol
);
523 rsn_preauth_deinit(wpa_s
->wpa
);
526 wpa_tdls_deinit(wpa_s
->wpa
);
527 #endif /* CONFIG_TDLS */
529 wmm_ac_clear_saved_tspecs(wpa_s
);
530 pmksa_candidate_free(wpa_s
->wpa
);
531 wpa_sm_deinit(wpa_s
->wpa
);
533 wpa_blacklist_clear(wpa_s
);
535 wpa_bss_deinit(wpa_s
);
537 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
538 wpa_supplicant_cancel_scan(wpa_s
);
539 wpa_supplicant_cancel_auth_timeout(wpa_s
);
540 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
541 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
542 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
544 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
546 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
548 wpas_wps_deinit(wpa_s
);
550 wpabuf_free(wpa_s
->pending_eapol_rx
);
551 wpa_s
->pending_eapol_rx
= NULL
;
553 #ifdef CONFIG_IBSS_RSN
554 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
555 wpa_s
->ibss_rsn
= NULL
;
556 #endif /* CONFIG_IBSS_RSN */
561 wpa_supplicant_ap_deinit(wpa_s
);
562 #endif /* CONFIG_AP */
564 wpas_p2p_deinit(wpa_s
);
566 #ifdef CONFIG_OFFCHANNEL
567 offchannel_deinit(wpa_s
);
568 #endif /* CONFIG_OFFCHANNEL */
570 wpa_supplicant_cancel_sched_scan(wpa_s
);
572 os_free(wpa_s
->next_scan_freqs
);
573 wpa_s
->next_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_scan_freqs
);
576 wpa_s
->manual_scan_freqs
= NULL
;
577 os_free(wpa_s
->select_network_scan_freqs
);
578 wpa_s
->select_network_scan_freqs
= NULL
;
580 os_free(wpa_s
->manual_sched_scan_freqs
);
581 wpa_s
->manual_sched_scan_freqs
= NULL
;
583 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
586 * Need to remove any pending gas-query radio work before the
587 * gas_query_deinit() call because gas_query::work has not yet been set
588 * for works that have not been started. gas_query_free() will be unable
589 * to cancel such pending radio works and once the pending gas-query
590 * radio work eventually gets removed, the deinit notification call to
591 * gas_query_start_cb() would result in dereferencing freed memory.
594 radio_remove_works(wpa_s
, "gas-query", 0);
595 gas_query_deinit(wpa_s
->gas
);
597 gas_server_deinit(wpa_s
->gas_server
);
598 wpa_s
->gas_server
= NULL
;
600 free_hw_features(wpa_s
);
602 ieee802_1x_dealloc_kay_sm(wpa_s
);
604 os_free(wpa_s
->bssid_filter
);
605 wpa_s
->bssid_filter
= NULL
;
607 os_free(wpa_s
->disallow_aps_bssid
);
608 wpa_s
->disallow_aps_bssid
= NULL
;
609 os_free(wpa_s
->disallow_aps_ssid
);
610 wpa_s
->disallow_aps_ssid
= NULL
;
612 wnm_bss_keep_alive_deinit(wpa_s
);
614 wnm_deallocate_memory(wpa_s
);
615 #endif /* CONFIG_WNM */
617 ext_password_deinit(wpa_s
->ext_pw
);
618 wpa_s
->ext_pw
= NULL
;
620 wpabuf_free(wpa_s
->last_gas_resp
);
621 wpa_s
->last_gas_resp
= NULL
;
622 wpabuf_free(wpa_s
->prev_gas_resp
);
623 wpa_s
->prev_gas_resp
= NULL
;
625 os_free(wpa_s
->last_scan_res
);
626 wpa_s
->last_scan_res
= NULL
;
630 wpa_drv_configure_frame_filters(wpa_s
, 0);
632 #endif /* CONFIG_HS20 */
634 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
635 wpabuf_free(wpa_s
->vendor_elem
[i
]);
636 wpa_s
->vendor_elem
[i
] = NULL
;
639 wmm_ac_notify_disassoc(wpa_s
);
641 wpa_s
->sched_scan_plans_num
= 0;
642 os_free(wpa_s
->sched_scan_plans
);
643 wpa_s
->sched_scan_plans
= NULL
;
646 wpa_s
->non_pref_chan_num
= 0;
647 os_free(wpa_s
->non_pref_chan
);
648 wpa_s
->non_pref_chan
= NULL
;
649 #endif /* CONFIG_MBO */
651 free_bss_tmp_disallowed(wpa_s
);
653 wpabuf_free(wpa_s
->lci
);
655 wpas_clear_beacon_rep_data(wpa_s
);
657 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
660 struct external_pmksa_cache
*entry
;
662 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
663 struct external_pmksa_cache
,
665 dl_list_del(&entry
->list
);
666 os_free(entry
->pmksa_cache
);
670 #endif /* CONFIG_MESH */
671 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
673 wpas_flush_fils_hlp_req(wpa_s
);
675 wpabuf_free(wpa_s
->ric_ies
);
676 wpa_s
->ric_ies
= NULL
;
679 wpas_dpp_deinit(wpa_s
);
680 dpp_global_deinit(wpa_s
->dpp
);
682 #endif /* CONFIG_DPP */
687 * wpa_clear_keys - Clear keys configured for the driver
688 * @wpa_s: Pointer to wpa_supplicant data
689 * @addr: Previously used BSSID or %NULL if not available
691 * This function clears the encryption keys that has been previously configured
694 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
698 #ifdef CONFIG_IEEE80211W
700 #else /* CONFIG_IEEE80211W */
702 #endif /* CONFIG_IEEE80211W */
704 /* MLME-DELETEKEYS.request */
705 for (i
= 0; i
< max
; i
++) {
706 if (wpa_s
->keys_cleared
& BIT(i
))
708 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
711 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
712 !is_zero_ether_addr(addr
)) {
713 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
715 /* MLME-SETPROTECTION.request(None) */
716 wpa_drv_mlme_setprotection(
718 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
719 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
721 wpa_s
->keys_cleared
= (u32
) -1;
726 * wpa_supplicant_state_txt - Get the connection state name as a text string
727 * @state: State (wpa_state; WPA_*)
728 * Returns: The state name as a printable text string
730 const char * wpa_supplicant_state_txt(enum wpa_states state
)
733 case WPA_DISCONNECTED
:
734 return "DISCONNECTED";
737 case WPA_INTERFACE_DISABLED
:
738 return "INTERFACE_DISABLED";
741 case WPA_AUTHENTICATING
:
742 return "AUTHENTICATING";
743 case WPA_ASSOCIATING
:
744 return "ASSOCIATING";
747 case WPA_4WAY_HANDSHAKE
:
748 return "4WAY_HANDSHAKE";
749 case WPA_GROUP_HANDSHAKE
:
750 return "GROUP_HANDSHAKE";
761 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
765 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
766 name
= wpa_s
->current_ssid
->bgscan
;
768 name
= wpa_s
->conf
->bgscan
;
769 if (name
== NULL
|| name
[0] == '\0')
771 if (wpas_driver_bss_selection(wpa_s
))
773 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
776 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
778 #endif /* CONFIG_P2P */
780 bgscan_deinit(wpa_s
);
781 if (wpa_s
->current_ssid
) {
782 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
783 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
786 * Live without bgscan; it is only used as a roaming
787 * optimization, so the initial connection is not
791 struct wpa_scan_results
*scan_res
;
792 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
793 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
796 bgscan_notify_scan(wpa_s
, scan_res
);
797 wpa_scan_results_free(scan_res
);
801 wpa_s
->bgscan_ssid
= NULL
;
805 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
807 if (wpa_s
->bgscan_ssid
!= NULL
) {
808 bgscan_deinit(wpa_s
);
809 wpa_s
->bgscan_ssid
= NULL
;
813 #endif /* CONFIG_BGSCAN */
816 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
818 if (autoscan_init(wpa_s
, 0))
819 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
823 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
825 autoscan_deinit(wpa_s
);
829 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
831 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
832 wpa_s
->wpa_state
== WPA_SCANNING
) {
833 autoscan_deinit(wpa_s
);
834 wpa_supplicant_start_autoscan(wpa_s
);
840 * wpa_supplicant_set_state - Set current connection state
841 * @wpa_s: Pointer to wpa_supplicant data
842 * @state: The new connection state
844 * This function is called whenever the connection state changes, e.g.,
845 * association is completed for WPA/WPA2 4-Way Handshake is started.
847 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
848 enum wpa_states state
)
850 enum wpa_states old_state
= wpa_s
->wpa_state
;
852 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
853 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
854 wpa_supplicant_state_txt(state
));
856 if (state
== WPA_COMPLETED
&&
857 os_reltime_initialized(&wpa_s
->roam_start
)) {
858 os_reltime_age(&wpa_s
->roam_start
, &wpa_s
->roam_time
);
859 wpa_s
->roam_start
.sec
= 0;
860 wpa_s
->roam_start
.usec
= 0;
861 wpas_notify_auth_changed(wpa_s
);
862 wpas_notify_roam_time(wpa_s
);
863 wpas_notify_roam_complete(wpa_s
);
864 } else if (state
== WPA_DISCONNECTED
&&
865 os_reltime_initialized(&wpa_s
->roam_start
)) {
866 wpa_s
->roam_start
.sec
= 0;
867 wpa_s
->roam_start
.usec
= 0;
868 wpa_s
->roam_time
.sec
= 0;
869 wpa_s
->roam_time
.usec
= 0;
870 wpas_notify_roam_complete(wpa_s
);
873 if (state
== WPA_INTERFACE_DISABLED
) {
874 /* Assure normal scan when interface is restored */
875 wpa_s
->normal_scans
= 0;
878 if (state
== WPA_COMPLETED
) {
879 wpas_connect_work_done(wpa_s
);
880 /* Reinitialize normal_scan counter */
881 wpa_s
->normal_scans
= 0;
886 * P2PS client has to reply to Probe Request frames received on the
887 * group operating channel. Enable Probe Request frame reporting for
888 * P2P connected client in case p2p_cli_probe configuration property is
891 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
892 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
893 wpa_s
->current_ssid
->p2p_group
) {
894 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
895 wpa_dbg(wpa_s
, MSG_DEBUG
,
896 "P2P: Enable CLI Probe Request RX reporting");
897 wpa_s
->p2p_cli_probe
=
898 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
899 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
900 wpa_dbg(wpa_s
, MSG_DEBUG
,
901 "P2P: Disable CLI Probe Request RX reporting");
902 wpa_s
->p2p_cli_probe
= 0;
903 wpa_drv_probe_req_report(wpa_s
, 0);
906 #endif /* CONFIG_P2P */
908 if (state
!= WPA_SCANNING
)
909 wpa_supplicant_notify_scanning(wpa_s
, 0);
911 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
912 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
913 int fils_hlp_sent
= 0;
916 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
917 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
919 #endif /* CONFIG_SME */
920 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
921 wpa_auth_alg_fils(wpa_s
->auth_alg
))
924 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
925 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
926 MACSTR
" completed [id=%d id_str=%s%s]",
927 MAC2STR(wpa_s
->bssid
),
928 ssid
? ssid
->id
: -1,
929 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
930 fils_hlp_sent
? " FILS_HLP_SENT" : "");
931 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
932 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
933 wpa_blacklist_clear(wpa_s
);
934 wpa_s
->extra_blacklist_count
= 0;
935 wpa_s
->new_connection
= 0;
936 wpa_drv_set_operstate(wpa_s
, 1);
937 #ifndef IEEE8021X_EAPOL
938 wpa_drv_set_supp_port(wpa_s
, 1);
939 #endif /* IEEE8021X_EAPOL */
940 wpa_s
->after_wps
= 0;
941 wpa_s
->known_wps_freq
= 0;
942 wpas_p2p_completed(wpa_s
);
944 sme_sched_obss_scan(wpa_s
, 1);
946 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
947 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
948 wpas_update_fils_connect_params(wpa_s
);
949 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
951 if (ssid
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
))
952 wpas_update_owe_connect_params(wpa_s
);
953 #endif /* CONFIG_OWE */
954 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
955 state
== WPA_ASSOCIATED
) {
956 wpa_s
->new_connection
= 1;
957 wpa_drv_set_operstate(wpa_s
, 0);
958 #ifndef IEEE8021X_EAPOL
959 wpa_drv_set_supp_port(wpa_s
, 0);
960 #endif /* IEEE8021X_EAPOL */
961 sme_sched_obss_scan(wpa_s
, 0);
963 wpa_s
->wpa_state
= state
;
966 if (state
== WPA_COMPLETED
)
967 wpa_supplicant_start_bgscan(wpa_s
);
968 else if (state
< WPA_ASSOCIATED
)
969 wpa_supplicant_stop_bgscan(wpa_s
);
970 #endif /* CONFIG_BGSCAN */
972 if (state
> WPA_SCANNING
)
973 wpa_supplicant_stop_autoscan(wpa_s
);
975 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
976 wpa_supplicant_start_autoscan(wpa_s
);
978 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
979 wmm_ac_notify_disassoc(wpa_s
);
981 if (wpa_s
->wpa_state
!= old_state
) {
982 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
985 * Notify the P2P Device interface about a state change in one
988 wpas_p2p_indicate_state_change(wpa_s
);
990 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
991 old_state
== WPA_COMPLETED
)
992 wpas_notify_auth_changed(wpa_s
);
997 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
1001 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
1003 struct wpa_supplicant
*next
= wpa_s
->next
;
1004 if (wpas_wps_terminate_pending(wpa_s
) == 1)
1007 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
1008 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
1009 wpas_p2p_disconnect(wpa_s
);
1010 #endif /* CONFIG_P2P */
1013 #endif /* CONFIG_WPS */
1020 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
1022 struct wpa_global
*global
= signal_ctx
;
1023 wpa_supplicant_terminate_proc(global
);
1027 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1029 enum wpa_states old_state
= wpa_s
->wpa_state
;
1031 wpa_s
->pairwise_cipher
= 0;
1032 wpa_s
->group_cipher
= 0;
1033 wpa_s
->mgmt_group_cipher
= 0;
1034 wpa_s
->key_mgmt
= 0;
1035 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1036 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1038 if (wpa_s
->wpa_state
!= old_state
)
1039 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1044 * wpa_supplicant_reload_configuration - Reload configuration data
1045 * @wpa_s: Pointer to wpa_supplicant data
1046 * Returns: 0 on success or -1 if configuration parsing failed
1048 * This function can be used to request that the configuration data is reloaded
1049 * (e.g., after configuration file change). This function is reloading
1050 * configuration only for one interface, so this may need to be called multiple
1051 * times if %wpa_supplicant is controlling multiple interfaces and all
1052 * interfaces need reconfiguration.
1054 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1056 struct wpa_config
*conf
;
1060 if (wpa_s
->confname
== NULL
)
1062 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1064 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1065 "file '%s' - exiting", wpa_s
->confname
);
1068 if (wpa_s
->confanother
&&
1069 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1070 wpa_msg(wpa_s
, MSG_ERROR
,
1071 "Failed to parse the configuration file '%s' - exiting",
1072 wpa_s
->confanother
);
1076 conf
->changed_parameters
= (unsigned int) -1;
1078 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1079 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1080 os_strcmp(conf
->ctrl_interface
,
1081 wpa_s
->conf
->ctrl_interface
) != 0);
1083 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1084 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1085 wpa_s
->ctrl_iface
= NULL
;
1088 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1089 if (wpa_s
->current_ssid
) {
1090 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1091 wpa_s
->own_disconnect_req
= 1;
1092 wpa_supplicant_deauthenticate(wpa_s
,
1093 WLAN_REASON_DEAUTH_LEAVING
);
1097 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1098 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1100 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1101 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1102 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1104 * Clear forced success to clear EAP state for next
1107 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1109 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1110 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1111 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1112 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1113 rsn_preauth_deinit(wpa_s
->wpa
);
1115 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1116 wpa_config_free(wpa_s
->conf
);
1118 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1119 wpas_notify_ap_scan_changed(wpa_s
);
1122 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1124 wpa_supplicant_update_config(wpa_s
);
1126 wpa_supplicant_clear_status(wpa_s
);
1127 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1128 wpa_s
->reassociate
= 1;
1129 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1131 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1136 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1138 struct wpa_global
*global
= signal_ctx
;
1139 struct wpa_supplicant
*wpa_s
;
1140 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1141 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1143 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1144 wpa_supplicant_terminate_proc(global
);
1148 if (wpa_debug_reopen_file() < 0) {
1149 /* Ignore errors since we cannot really do much to fix this */
1150 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1155 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1156 struct wpa_ssid
*ssid
,
1157 struct wpa_ie_data
*ie
)
1159 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1162 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1163 "from association info");
1168 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1170 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1171 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1172 "cipher 0x%x (mask 0x%x) - reject",
1173 ie
->group_cipher
, ssid
->group_cipher
);
1176 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1177 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1178 "cipher 0x%x (mask 0x%x) - reject",
1179 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1182 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1183 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1184 "management 0x%x (mask 0x%x) - reject",
1185 ie
->key_mgmt
, ssid
->key_mgmt
);
1189 #ifdef CONFIG_IEEE80211W
1190 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1191 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1192 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1193 "that does not support management frame protection - "
1197 #endif /* CONFIG_IEEE80211W */
1203 static int matching_ciphers(struct wpa_ssid
*ssid
, struct wpa_ie_data
*ie
,
1207 ie
->group_cipher
= wpa_default_rsn_cipher(freq
);
1208 if (!ie
->has_pairwise
)
1209 ie
->pairwise_cipher
= wpa_default_rsn_cipher(freq
);
1210 return (ie
->group_cipher
& ssid
->group_cipher
) &&
1211 (ie
->pairwise_cipher
& ssid
->pairwise_cipher
);
1216 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1217 * @wpa_s: Pointer to wpa_supplicant data
1218 * @bss: Scan results for the selected BSS, or %NULL if not available
1219 * @ssid: Configuration data for the selected network
1220 * @wpa_ie: Buffer for the WPA/RSN IE
1221 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1222 * used buffer length in case the functions returns success.
1223 * Returns: 0 on success or -1 on failure
1225 * This function is used to configure authentication and encryption parameters
1226 * based on the network configuration and scan result for the selected BSS (if
1229 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1230 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1231 u8
*wpa_ie
, size_t *wpa_ie_len
)
1233 struct wpa_ie_data ie
;
1235 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1238 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1239 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1240 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1242 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1244 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1245 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1246 matching_ciphers(ssid
, &ie
, bss
->freq
) &&
1247 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1248 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1249 proto
= WPA_PROTO_RSN
;
1250 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1251 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1252 (ie
.group_cipher
& ssid
->group_cipher
) &&
1253 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1254 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1255 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1256 proto
= WPA_PROTO_WPA
;
1258 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1259 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1260 (ie
.group_cipher
& ssid
->group_cipher
) &&
1261 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1262 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1263 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1264 proto
= WPA_PROTO_OSEN
;
1265 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1266 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1267 (ie
.group_cipher
& ssid
->group_cipher
) &&
1268 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1269 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1270 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1271 proto
= WPA_PROTO_RSN
;
1272 #endif /* CONFIG_HS20 */
1274 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1275 wpa_dbg(wpa_s
, MSG_DEBUG
,
1276 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1277 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1279 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1280 MAC2STR(bss
->bssid
),
1281 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1282 bss_wpa
? " WPA" : "",
1283 bss_rsn
? " RSN" : "",
1284 bss_osen
? " OSEN" : "");
1286 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1287 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1288 wpa_dbg(wpa_s
, MSG_DEBUG
,
1289 "Could not parse RSN element");
1291 wpa_dbg(wpa_s
, MSG_DEBUG
,
1292 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1293 ie
.pairwise_cipher
, ie
.group_cipher
,
1298 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1299 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1300 wpa_dbg(wpa_s
, MSG_DEBUG
,
1301 "Could not parse WPA element");
1303 wpa_dbg(wpa_s
, MSG_DEBUG
,
1304 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1305 ie
.pairwise_cipher
, ie
.group_cipher
,
1311 if (ssid
->proto
& WPA_PROTO_OSEN
)
1312 proto
= WPA_PROTO_OSEN
;
1313 else if (ssid
->proto
& WPA_PROTO_RSN
)
1314 proto
= WPA_PROTO_RSN
;
1316 proto
= WPA_PROTO_WPA
;
1317 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1318 os_memset(&ie
, 0, sizeof(ie
));
1319 ie
.group_cipher
= ssid
->group_cipher
;
1320 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1321 ie
.key_mgmt
= ssid
->key_mgmt
;
1322 #ifdef CONFIG_IEEE80211W
1323 ie
.mgmt_group_cipher
= 0;
1324 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1325 if (ssid
->group_mgmt_cipher
&
1326 WPA_CIPHER_BIP_GMAC_256
)
1327 ie
.mgmt_group_cipher
=
1328 WPA_CIPHER_BIP_GMAC_256
;
1329 else if (ssid
->group_mgmt_cipher
&
1330 WPA_CIPHER_BIP_CMAC_256
)
1331 ie
.mgmt_group_cipher
=
1332 WPA_CIPHER_BIP_CMAC_256
;
1333 else if (ssid
->group_mgmt_cipher
&
1334 WPA_CIPHER_BIP_GMAC_128
)
1335 ie
.mgmt_group_cipher
=
1336 WPA_CIPHER_BIP_GMAC_128
;
1338 ie
.mgmt_group_cipher
=
1339 WPA_CIPHER_AES_128_CMAC
;
1341 #endif /* CONFIG_IEEE80211W */
1343 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1345 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1346 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1347 wpa_s
->wpa_proto
= 0;
1351 #endif /* CONFIG_OWE */
1352 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1353 "based on configuration");
1358 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1359 "pairwise %d key_mgmt %d proto %d",
1360 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1361 #ifdef CONFIG_IEEE80211W
1362 if (ssid
->ieee80211w
) {
1363 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1364 ie
.mgmt_group_cipher
);
1366 #endif /* CONFIG_IEEE80211W */
1368 wpa_s
->wpa_proto
= proto
;
1369 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1370 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1371 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1373 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1374 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1375 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1376 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1377 bss_rsn
? 2 + bss_rsn
[1] : 0))
1381 #ifdef CONFIG_NO_WPA
1382 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1383 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1384 #else /* CONFIG_NO_WPA */
1385 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1386 wpa_dbg(wpa_s
, MSG_DEBUG
,
1387 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1388 ie
.group_cipher
, ssid
->group_cipher
, sel
);
1389 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1390 if (wpa_s
->group_cipher
< 0) {
1391 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1395 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1396 wpa_cipher_txt(wpa_s
->group_cipher
));
1398 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1399 wpa_dbg(wpa_s
, MSG_DEBUG
,
1400 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1401 ie
.pairwise_cipher
, ssid
->pairwise_cipher
, sel
);
1402 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1403 if (wpa_s
->pairwise_cipher
< 0) {
1404 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1408 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1409 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1410 #endif /* CONFIG_NO_WPA */
1412 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1413 wpa_dbg(wpa_s
, MSG_DEBUG
,
1414 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1415 ie
.key_mgmt
, ssid
->key_mgmt
, sel
);
1417 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1418 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1419 #endif /* CONFIG_SAE */
1421 #ifdef CONFIG_IEEE80211R
1422 #ifdef CONFIG_SHA384
1423 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) &&
1424 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1425 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1426 wpa_dbg(wpa_s
, MSG_DEBUG
,
1427 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1428 if (!ssid
->ft_eap_pmksa_caching
&&
1429 pmksa_cache_get_current(wpa_s
->wpa
)) {
1430 /* PMKSA caching with FT may have interoperability
1431 * issues, so disable that case by default for now. */
1432 wpa_dbg(wpa_s
, MSG_DEBUG
,
1433 "WPA: Disable PMKSA caching for FT/802.1X connection");
1434 pmksa_cache_clear_current(wpa_s
->wpa
);
1436 #endif /* CONFIG_SHA384 */
1437 #endif /* CONFIG_IEEE80211R */
1438 #ifdef CONFIG_SUITEB192
1439 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1440 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1441 wpa_dbg(wpa_s
, MSG_DEBUG
,
1442 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1443 #endif /* CONFIG_SUITEB192 */
1444 #ifdef CONFIG_SUITEB
1445 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1446 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1447 wpa_dbg(wpa_s
, MSG_DEBUG
,
1448 "WPA: using KEY_MGMT 802.1X with Suite B");
1449 #endif /* CONFIG_SUITEB */
1451 #ifdef CONFIG_IEEE80211R
1452 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1453 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1454 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1455 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1456 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1457 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1458 #endif /* CONFIG_IEEE80211R */
1459 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1460 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1461 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1462 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1463 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1464 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1465 #endif /* CONFIG_FILS */
1466 #ifdef CONFIG_IEEE80211R
1467 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X
) &&
1468 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1469 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1470 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1471 if (!ssid
->ft_eap_pmksa_caching
&&
1472 pmksa_cache_get_current(wpa_s
->wpa
)) {
1473 /* PMKSA caching with FT may have interoperability
1474 * issues, so disable that case by default for now. */
1475 wpa_dbg(wpa_s
, MSG_DEBUG
,
1476 "WPA: Disable PMKSA caching for FT/802.1X connection");
1477 pmksa_cache_clear_current(wpa_s
->wpa
);
1479 #endif /* CONFIG_IEEE80211R */
1481 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1482 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1483 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1484 #endif /* CONFIG_DPP */
1486 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1487 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1488 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1489 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1490 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1491 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1492 #endif /* CONFIG_SAE */
1493 #ifdef CONFIG_IEEE80211R
1494 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1495 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1496 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1497 #endif /* CONFIG_IEEE80211R */
1498 #ifdef CONFIG_IEEE80211W
1499 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1500 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1501 wpa_dbg(wpa_s
, MSG_DEBUG
,
1502 "WPA: using KEY_MGMT 802.1X with SHA256");
1503 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1504 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1505 wpa_dbg(wpa_s
, MSG_DEBUG
,
1506 "WPA: using KEY_MGMT PSK with SHA256");
1507 #endif /* CONFIG_IEEE80211W */
1508 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1509 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1510 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1511 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1512 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1513 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1514 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1515 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1516 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1518 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1519 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1520 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1521 #endif /* CONFIG_HS20 */
1523 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1524 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1525 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1526 #endif /* CONFIG_OWE */
1528 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1529 "authenticated key management type");
1533 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1534 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1535 wpa_s
->pairwise_cipher
);
1536 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1538 #ifdef CONFIG_IEEE80211W
1539 if (!(ie
.capabilities
& WPA_CAPABILITY_MFPC
) &&
1540 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1541 wpa_msg(wpa_s
, MSG_INFO
,
1542 "RSN: Management frame protection required but the selected AP does not enable it");
1546 sel
= ie
.mgmt_group_cipher
;
1547 if (ssid
->group_mgmt_cipher
)
1548 sel
&= ssid
->group_mgmt_cipher
;
1549 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1550 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1552 wpa_dbg(wpa_s
, MSG_DEBUG
,
1553 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1554 ie
.mgmt_group_cipher
, ssid
->group_mgmt_cipher
, sel
);
1555 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1556 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1557 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1559 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1560 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1561 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1563 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1564 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1565 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1567 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1568 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1569 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1572 wpa_s
->mgmt_group_cipher
= 0;
1573 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1575 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1576 wpa_s
->mgmt_group_cipher
);
1577 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1578 wpas_get_ssid_pmf(wpa_s
, ssid
));
1579 #endif /* CONFIG_IEEE80211W */
1581 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_OCV
, ssid
->ocv
);
1582 #endif /* CONFIG_OCV */
1584 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1585 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1591 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1592 /* Use PMK from DPP network introduction (PMKSA entry) */
1593 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1594 #endif /* CONFIG_DPP */
1595 } else if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1599 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1600 WPA_KEY_MGMT_FT_PSK
|
1601 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1603 if (ssid
->psk_set
&& !sae_only
) {
1604 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1605 ssid
->psk
, PMK_LEN
);
1606 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1611 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1612 (ssid
->sae_password
|| ssid
->passphrase
))
1615 #ifndef CONFIG_NO_PBKDF2
1616 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1617 ssid
->passphrase
&& !sae_only
) {
1619 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1620 4096, psk
, PMK_LEN
);
1621 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1623 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1625 os_memset(psk
, 0, sizeof(psk
));
1627 #endif /* CONFIG_NO_PBKDF2 */
1628 #ifdef CONFIG_EXT_PASSWORD
1629 if (ssid
->ext_psk
&& !sae_only
) {
1630 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1632 char pw_str
[64 + 1];
1636 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1637 "found from external storage");
1641 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1642 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1643 "PSK length %d in external storage",
1644 (int) wpabuf_len(pw
));
1645 ext_password_free(pw
);
1649 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1650 pw_str
[wpabuf_len(pw
)] = '\0';
1652 #ifndef CONFIG_NO_PBKDF2
1653 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1655 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1656 4096, psk
, PMK_LEN
);
1657 os_memset(pw_str
, 0, sizeof(pw_str
));
1658 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1659 "external passphrase)",
1661 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1664 os_memset(psk
, 0, sizeof(psk
));
1666 #endif /* CONFIG_NO_PBKDF2 */
1667 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1668 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1669 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1670 "Invalid PSK hex string");
1671 os_memset(pw_str
, 0, sizeof(pw_str
));
1672 ext_password_free(pw
);
1675 wpa_hexdump_key(MSG_MSGDUMP
,
1676 "PSK (from external PSK)",
1678 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1681 os_memset(psk
, 0, sizeof(psk
));
1683 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1685 os_memset(pw_str
, 0, sizeof(pw_str
));
1686 ext_password_free(pw
);
1690 os_memset(pw_str
, 0, sizeof(pw_str
));
1691 ext_password_free(pw
);
1693 #endif /* CONFIG_EXT_PASSWORD */
1696 wpa_msg(wpa_s
, MSG_INFO
,
1697 "No PSK available for association");
1698 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1702 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1703 /* OWE Diffie-Hellman exchange in (Re)Association
1704 * Request/Response frames set the PMK, so do not override it
1706 #endif /* CONFIG_OWE */
1708 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1714 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1719 case 0: /* Bits 0-7 */
1721 case 1: /* Bits 8-15 */
1722 if (wpa_s
->conf
->coloc_intf_reporting
) {
1723 /* Bit 13 - Collocated Interference Reporting */
1727 case 2: /* Bits 16-23 */
1729 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1730 if (!wpa_s
->conf
->disable_btm
)
1731 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1732 #endif /* CONFIG_WNM */
1734 case 3: /* Bits 24-31 */
1736 *pos
|= 0x02; /* Bit 25 - SSID List */
1737 #endif /* CONFIG_WNM */
1738 #ifdef CONFIG_INTERWORKING
1739 if (wpa_s
->conf
->interworking
)
1740 *pos
|= 0x80; /* Bit 31 - Interworking */
1741 #endif /* CONFIG_INTERWORKING */
1743 case 4: /* Bits 32-39 */
1744 #ifdef CONFIG_INTERWORKING
1745 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1746 *pos
|= 0x01; /* Bit 32 - QoS Map */
1747 #endif /* CONFIG_INTERWORKING */
1749 case 5: /* Bits 40-47 */
1751 if (wpa_s
->conf
->hs20
)
1752 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1753 #endif /* CONFIG_HS20 */
1755 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1756 #endif /* CONFIG_MBO */
1758 case 6: /* Bits 48-55 */
1760 case 7: /* Bits 56-63 */
1762 case 8: /* Bits 64-71 */
1763 if (wpa_s
->conf
->ftm_responder
)
1764 *pos
|= 0x40; /* Bit 70 - FTM responder */
1765 if (wpa_s
->conf
->ftm_initiator
)
1766 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1768 case 9: /* Bits 72-79 */
1770 if (!wpa_s
->disable_fils
)
1772 #endif /* CONFIG_FILS */
1778 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1783 if (len
< wpa_s
->extended_capa_len
)
1784 len
= wpa_s
->extended_capa_len
;
1785 if (buflen
< (size_t) len
+ 2) {
1786 wpa_printf(MSG_INFO
,
1787 "Not enough room for building extended capabilities element");
1791 *pos
++ = WLAN_EID_EXT_CAPAB
;
1793 for (i
= 0; i
< len
; i
++, pos
++) {
1794 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1796 if (i
< wpa_s
->extended_capa_len
) {
1797 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1798 *pos
|= wpa_s
->extended_capa
[i
];
1802 while (len
> 0 && buf
[1 + len
] == 0) {
1813 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1814 struct wpa_bss
*test_bss
)
1816 struct wpa_bss
*bss
;
1818 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1819 if (bss
== test_bss
)
1827 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1828 struct wpa_ssid
*test_ssid
)
1830 struct wpa_ssid
*ssid
;
1832 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1833 if (ssid
== test_ssid
)
1841 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1842 struct wpa_ssid
*test_ssid
)
1844 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1847 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1851 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1859 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1861 struct wpa_connect_work
*cwork
;
1862 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1867 wpa_s
->connect_work
= NULL
;
1870 wpas_connect_work_free(cwork
);
1871 radio_work_done(work
);
1875 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1877 struct os_reltime now
;
1880 os_get_reltime(&now
);
1881 if (wpa_s
->last_mac_addr_style
== style
&&
1882 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1883 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1884 wpa_s
->conf
->rand_addr_lifetime
)) {
1885 wpa_msg(wpa_s
, MSG_DEBUG
,
1886 "Previously selected random MAC address has not yet expired");
1892 if (random_mac_addr(addr
) < 0)
1896 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1897 if (random_mac_addr_keep_oui(addr
) < 0)
1904 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1905 wpa_msg(wpa_s
, MSG_INFO
,
1906 "Failed to set random MAC address");
1910 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1911 wpa_s
->mac_addr_changed
= 1;
1912 wpa_s
->last_mac_addr_style
= style
;
1914 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1915 wpa_msg(wpa_s
, MSG_INFO
,
1916 "Could not update MAC address information");
1920 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1927 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1929 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1930 !wpa_s
->conf
->preassoc_mac_addr
)
1933 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1937 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1940 * wpa_supplicant_associate - Request association
1941 * @wpa_s: Pointer to wpa_supplicant data
1942 * @bss: Scan results for the selected BSS, or %NULL if not available
1943 * @ssid: Configuration data for the selected network
1945 * This function is used to request %wpa_supplicant to associate with a BSS.
1947 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1948 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1950 struct wpa_connect_work
*cwork
;
1953 wpa_s
->own_disconnect_req
= 0;
1956 * If we are starting a new connection, any previously pending EAPOL
1957 * RX cannot be valid anymore.
1959 wpabuf_free(wpa_s
->pending_eapol_rx
);
1960 wpa_s
->pending_eapol_rx
= NULL
;
1962 if (ssid
->mac_addr
== -1)
1963 rand_style
= wpa_s
->conf
->mac_addr
;
1965 rand_style
= ssid
->mac_addr
;
1967 wmm_ac_clear_saved_tspecs(wpa_s
);
1968 wpa_s
->reassoc_same_bss
= 0;
1969 wpa_s
->reassoc_same_ess
= 0;
1970 #ifdef CONFIG_TESTING_OPTIONS
1971 wpa_s
->testing_resend_assoc
= 0;
1972 #endif /* CONFIG_TESTING_OPTIONS */
1974 if (wpa_s
->last_ssid
== ssid
) {
1975 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1976 wpa_s
->reassoc_same_ess
= 1;
1977 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1978 wmm_ac_save_tspecs(wpa_s
);
1979 wpa_s
->reassoc_same_bss
= 1;
1980 } else if (wpa_s
->current_bss
&& wpa_s
->current_bss
!= bss
) {
1981 os_get_reltime(&wpa_s
->roam_start
);
1985 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1986 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1988 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1989 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1990 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1991 wpa_msg(wpa_s
, MSG_INFO
,
1992 "Could not restore permanent MAC address");
1995 wpa_s
->mac_addr_changed
= 0;
1996 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1997 wpa_msg(wpa_s
, MSG_INFO
,
1998 "Could not update MAC address information");
2001 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
2003 wpa_s
->last_ssid
= ssid
;
2005 #ifdef CONFIG_IBSS_RSN
2006 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
2007 wpa_s
->ibss_rsn
= NULL
;
2008 #else /* CONFIG_IBSS_RSN */
2009 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2010 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
2011 wpa_msg(wpa_s
, MSG_INFO
,
2012 "IBSS RSN not supported in the build");
2015 #endif /* CONFIG_IBSS_RSN */
2017 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
2018 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
2020 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
2021 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
2025 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
2026 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2027 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
2028 wpas_p2p_ap_setup_failed(wpa_s
);
2031 wpa_s
->current_bss
= bss
;
2032 #else /* CONFIG_AP */
2033 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
2035 #endif /* CONFIG_AP */
2039 if (ssid
->mode
== WPAS_MODE_MESH
) {
2041 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
2042 wpa_msg(wpa_s
, MSG_INFO
,
2043 "Driver does not support mesh mode");
2047 ssid
->frequency
= bss
->freq
;
2048 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
2049 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
2052 wpa_s
->current_bss
= bss
;
2053 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
2054 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
2056 wpas_notify_mesh_group_started(wpa_s
, ssid
);
2057 #else /* CONFIG_MESH */
2058 wpa_msg(wpa_s
, MSG_ERROR
,
2059 "mesh mode support not included in the build");
2060 #endif /* CONFIG_MESH */
2065 * Set WPA state machine configuration to match the selected network now
2066 * so that the information is available before wpas_start_assoc_cb()
2067 * gets called. This is needed at least for RSN pre-authentication where
2068 * candidate APs are added to a list based on scan result processing
2069 * before completion of the first association.
2071 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
2074 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
2076 #endif /* CONFIG_DPP */
2080 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2082 #endif /* CONFIG_TDLS */
2084 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2085 ssid
->mode
== WPAS_MODE_INFRA
) {
2086 sme_authenticate(wpa_s
, bss
, ssid
);
2090 if (wpa_s
->connect_work
) {
2091 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2095 if (radio_work_pending(wpa_s
, "connect")) {
2096 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2101 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2102 /* Clear possibly set auth_alg, if any, from last attempt. */
2103 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2105 #endif /* CONFIG_SME */
2107 wpas_abort_ongoing_scan(wpa_s
);
2109 cwork
= os_zalloc(sizeof(*cwork
));
2116 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2117 wpas_start_assoc_cb
, cwork
) < 0) {
2123 static int bss_is_ibss(struct wpa_bss
*bss
)
2125 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2130 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2131 const struct wpa_ssid
*ssid
)
2133 enum hostapd_hw_mode hw_mode
;
2134 struct hostapd_hw_modes
*mode
= NULL
;
2138 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2139 if (hw_mode
== NUM_HOSTAPD_MODES
)
2141 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2142 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2143 mode
= &wpa_s
->hw
.modes
[i
];
2151 return mode
->vht_capab
!= 0;
2155 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2156 const struct wpa_ssid
*ssid
,
2157 struct hostapd_freq_params
*freq
)
2159 int ieee80211_mode
= wpas_mode_to_ieee80211_mode(ssid
->mode
);
2160 enum hostapd_hw_mode hw_mode
;
2161 struct hostapd_hw_modes
*mode
= NULL
;
2162 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2164 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2165 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2167 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2169 struct hostapd_freq_params vht_freq
;
2170 int chwidth
, seg0
, seg1
;
2174 freq
->freq
= ssid
->frequency
;
2176 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2177 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2179 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2182 /* Don't adjust control freq in case of fixed_freq */
2183 if (ssid
->fixed_freq
)
2186 if (!bss_is_ibss(bss
))
2189 if (ssid
->ssid_len
== bss
->ssid_len
&&
2190 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2191 wpa_printf(MSG_DEBUG
,
2192 "IBSS already found in scan results, adjust control freq: %d",
2194 freq
->freq
= bss
->freq
;
2200 /* For IBSS check HT_IBSS flag */
2201 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2202 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2205 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2206 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2207 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2208 wpa_printf(MSG_DEBUG
,
2209 "IBSS: WEP/TKIP detected, do not try to enable HT");
2213 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2214 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2215 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2216 mode
= &wpa_s
->hw
.modes
[i
];
2224 is_24ghz
= hw_mode
== HOSTAPD_MODE_IEEE80211G
||
2225 hw_mode
== HOSTAPD_MODE_IEEE80211B
;
2227 #ifdef CONFIG_HT_OVERRIDES
2228 if (ssid
->disable_ht
) {
2229 freq
->ht_enabled
= 0;
2232 #endif /* CONFIG_HT_OVERRIDES */
2234 freq
->ht_enabled
= ht_supported(mode
);
2235 if (!freq
->ht_enabled
)
2238 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2240 freq
->he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2242 /* Setup higher BW only for 5 GHz */
2243 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2246 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2247 pri_chan
= &mode
->channels
[chan_idx
];
2248 if (pri_chan
->chan
== channel
)
2255 /* Check primary channel flags */
2256 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2259 freq
->channel
= pri_chan
->chan
;
2261 #ifdef CONFIG_HT_OVERRIDES
2262 if (ssid
->disable_ht40
) {
2263 if (ssid
->disable_vht
)
2267 #endif /* CONFIG_HT_OVERRIDES */
2269 /* Check/setup HT40+/HT40- */
2270 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2271 if (ht40plus
[j
] == channel
) {
2277 /* Find secondary channel */
2278 for (i
= 0; i
< mode
->num_channels
; i
++) {
2279 sec_chan
= &mode
->channels
[i
];
2280 if (sec_chan
->chan
== channel
+ ht40
* 4)
2287 /* Check secondary channel flags */
2288 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2292 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2295 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2298 freq
->sec_channel_offset
= ht40
;
2301 struct wpa_scan_results
*scan_res
;
2303 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2304 if (scan_res
== NULL
) {
2306 freq
->sec_channel_offset
= 0;
2310 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2315 freq
->sec_channel_offset
= 0;
2318 /* Configuration allowed */
2321 /* Switch pri/sec channels */
2322 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2323 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2324 freq
->channel
= sec_chan
->chan
;
2327 freq
->sec_channel_offset
= 0;
2331 wpa_scan_results_free(scan_res
);
2334 #ifdef CONFIG_HT_OVERRIDES
2336 #endif /* CONFIG_HT_OVERRIDES */
2337 wpa_printf(MSG_DEBUG
,
2338 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2339 freq
->channel
, freq
->sec_channel_offset
);
2341 if (!drv_supports_vht(wpa_s
, ssid
))
2344 /* For IBSS check VHT_IBSS flag */
2345 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2346 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2351 #ifdef CONFIG_VHT_OVERRIDES
2352 if (ssid
->disable_vht
) {
2353 freq
->vht_enabled
= 0;
2356 #endif /* CONFIG_VHT_OVERRIDES */
2358 vht_freq
.vht_enabled
= vht_supported(mode
);
2359 if (!vht_freq
.vht_enabled
)
2362 /* Enable HE for VHT */
2363 vht_freq
.he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2365 /* setup center_freq1, bandwidth */
2366 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2367 if (freq
->channel
>= vht80
[j
] &&
2368 freq
->channel
< vht80
[j
] + 16)
2372 if (j
== ARRAY_SIZE(vht80
))
2375 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2376 struct hostapd_channel_data
*chan
;
2378 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2382 /* Back to HT configuration if channel not usable */
2383 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2387 chwidth
= CHANWIDTH_80MHZ
;
2388 seg0
= vht80
[j
] + 6;
2391 if (ssid
->max_oper_chwidth
== CHANWIDTH_80P80MHZ
) {
2392 /* setup center_freq2, bandwidth */
2393 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2394 /* Only accept 80 MHz segments separated by a gap */
2395 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2397 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2398 struct hostapd_channel_data
*chan
;
2400 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2404 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2405 HOSTAPD_CHAN_NO_IR
|
2406 HOSTAPD_CHAN_RADAR
))
2409 /* Found a suitable second segment for 80+80 */
2410 chwidth
= CHANWIDTH_80P80MHZ
;
2412 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2413 seg1
= vht80
[k
] + 6;
2416 if (chwidth
== CHANWIDTH_80P80MHZ
)
2419 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_160MHZ
) {
2420 if (freq
->freq
== 5180) {
2421 chwidth
= CHANWIDTH_160MHZ
;
2422 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2424 } else if (freq
->freq
== 5520) {
2425 chwidth
= CHANWIDTH_160MHZ
;
2426 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2429 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_USE_HT
) {
2430 chwidth
= CHANWIDTH_USE_HT
;
2431 seg0
= vht80
[j
] + 2;
2432 #ifdef CONFIG_HT_OVERRIDES
2433 if (ssid
->disable_ht40
)
2435 #endif /* CONFIG_HT_OVERRIDES */
2438 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2439 freq
->channel
, freq
->ht_enabled
,
2440 vht_freq
.vht_enabled
, freq
->he_enabled
,
2441 freq
->sec_channel_offset
,
2442 chwidth
, seg0
, seg1
, vht_caps
,
2443 &mode
->he_capab
[ieee80211_mode
]) != 0)
2448 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2449 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2454 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2457 struct fils_hlp_req
*req
;
2458 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2462 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2464 rem_len
= ie_buf_len
- ie_len
;
2465 pos
= wpabuf_head(req
->pkt
);
2466 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2467 hlp_len
= wpabuf_len(req
->pkt
);
2469 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2470 wpa_printf(MSG_ERROR
,
2471 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2472 (unsigned long) rem_len
,
2473 (unsigned long) (2 + hdr_len
+ hlp_len
));
2477 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2479 *buf
++ = WLAN_EID_EXTENSION
;
2482 /* Element ID Extension */
2483 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2484 /* Destination MAC address */
2485 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2487 /* Source MAC address */
2488 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2490 /* LLC/SNAP Header */
2491 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2494 os_memcpy(buf
, pos
, len
- hdr_len
);
2495 buf
+= len
- hdr_len
;
2496 pos
+= len
- hdr_len
;
2498 hlp_len
-= len
- hdr_len
;
2503 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2504 if (rem_len
< 2 + len
)
2506 *buf
++ = WLAN_EID_FRAGMENT
;
2508 os_memcpy(buf
, pos
, len
);
2522 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2524 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2525 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2526 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2527 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2531 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2533 #ifdef CONFIG_FILS_SK_PFS
2534 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2535 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2536 #else /* CONFIG_FILS_SK_PFS */
2538 #endif /* CONFIG_FILS_SK_PFS */
2541 #endif /* CONFIG_FILS */
2544 static u8
* wpas_populate_assoc_ies(
2545 struct wpa_supplicant
*wpa_s
,
2546 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2547 struct wpa_driver_associate_params
*params
,
2548 enum wpa_drv_update_connect_params_mask
*mask
)
2551 size_t max_wpa_ie_len
= 500;
2553 int algs
= WPA_AUTH_ALG_OPEN
;
2558 int sae_pmksa_cached
= 0;
2559 #endif /* CONFIG_SAE */
2561 const u8
*realm
, *username
, *rrk
;
2562 size_t realm_len
, username_len
, rrk_len
;
2564 struct fils_hlp_req
*req
;
2566 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2568 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2569 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2571 #endif /* CONFIG_FILS */
2573 wpa_ie
= os_malloc(max_wpa_ie_len
);
2575 wpa_printf(MSG_ERROR
,
2576 "Failed to allocate connect IE buffer for %lu bytes",
2577 (unsigned long) max_wpa_ie_len
);
2581 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2582 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2583 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2584 int try_opportunistic
;
2585 const u8
*cache_id
= NULL
;
2587 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2589 ssid
->proactive_key_caching
) &&
2590 (ssid
->proto
& WPA_PROTO_RSN
);
2592 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2593 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2594 #endif /* CONFIG_FILS */
2595 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2596 ssid
, try_opportunistic
,
2597 cache_id
, 0) == 0) {
2598 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2600 sae_pmksa_cached
= 1;
2601 #endif /* CONFIG_SAE */
2603 wpa_ie_len
= max_wpa_ie_len
;
2604 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2605 wpa_ie
, &wpa_ie_len
)) {
2606 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2607 "key management and encryption suites");
2612 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2613 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2614 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2615 wpa_ie_len
= max_wpa_ie_len
;
2616 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2617 wpa_ie
, &wpa_ie_len
)) {
2618 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2619 "key management and encryption suites");
2623 #endif /* CONFIG_HS20 */
2624 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2625 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2627 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2628 * use non-WPA since the scan results did not indicate that the
2629 * AP is using WPA or WPA2.
2631 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2633 wpa_s
->wpa_proto
= 0;
2634 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2635 wpa_ie_len
= max_wpa_ie_len
;
2636 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2637 wpa_ie
, &wpa_ie_len
)) {
2638 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2639 "key management and encryption suites (no "
2645 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2646 struct wpabuf
*wps_ie
;
2647 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2648 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2649 wpa_ie_len
= wpabuf_len(wps_ie
);
2650 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2653 wpabuf_free(wps_ie
);
2654 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2655 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2656 params
->wps
= WPS_MODE_PRIVACY
;
2658 params
->wps
= WPS_MODE_OPEN
;
2659 wpa_s
->wpa_proto
= 0;
2660 #endif /* CONFIG_WPS */
2662 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2664 wpa_s
->wpa_proto
= 0;
2667 #ifdef IEEE8021X_EAPOL
2668 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2670 if (ssid
->non_leap
== 0)
2671 algs
= WPA_AUTH_ALG_LEAP
;
2673 algs
|= WPA_AUTH_ALG_LEAP
;
2678 /* Clear FILS association */
2679 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2681 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2682 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2683 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2684 &username_len
, &realm
, &realm_len
,
2685 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2686 (!wpa_s
->last_con_fail_realm
||
2687 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2688 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2689 algs
= WPA_AUTH_ALG_FILS
;
2690 params
->fils_erp_username
= username
;
2691 params
->fils_erp_username_len
= username_len
;
2692 params
->fils_erp_realm
= realm
;
2693 params
->fils_erp_realm_len
= realm_len
;
2694 params
->fils_erp_next_seq_num
= next_seq_num
;
2695 params
->fils_erp_rrk
= rrk
;
2696 params
->fils_erp_rrk_len
= rrk_len
;
2699 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2701 #endif /* CONFIG_FILS */
2702 #endif /* IEEE8021X_EAPOL */
2704 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2705 algs
= WPA_AUTH_ALG_SAE
;
2706 #endif /* CONFIG_SAE */
2708 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2709 if (ssid
->auth_alg
) {
2710 algs
= ssid
->auth_alg
;
2711 wpa_dbg(wpa_s
, MSG_DEBUG
,
2712 "Overriding auth_alg selection: 0x%x", algs
);
2716 if (sae_pmksa_cached
&& algs
== WPA_AUTH_ALG_SAE
) {
2717 wpa_dbg(wpa_s
, MSG_DEBUG
,
2718 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2719 algs
= WPA_AUTH_ALG_OPEN
;
2721 #endif /* CONFIG_SAE */
2724 if (wpa_s
->global
->p2p
) {
2728 pos
= wpa_ie
+ wpa_ie_len
;
2729 len
= max_wpa_ie_len
- wpa_ie_len
;
2730 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2736 wpa_s
->cross_connect_disallowed
= 0;
2739 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2741 wpa_s
->cross_connect_disallowed
=
2742 p2p_get_cross_connect_disallowed(p2p
);
2744 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2746 wpa_s
->cross_connect_disallowed
?
2747 "disallows" : "allows");
2751 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2752 #endif /* CONFIG_P2P */
2755 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, ssid
, bss
->freq
,
2756 wpa_ie
+ wpa_ie_len
,
2762 * Workaround: Add Extended Capabilities element only if the AP
2763 * included this element in Beacon/Probe Response frames. Some older
2764 * APs seem to have interoperability issues if this element is
2765 * included, so while the standard may require us to include the
2766 * element in all cases, it is justifiable to skip it to avoid
2767 * interoperability issues.
2769 if (ssid
->p2p_group
)
2770 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2772 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2774 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2777 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2779 if (ext_capab_len
> 0 &&
2780 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2782 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2784 os_memmove(pos
+ ext_capab_len
, pos
,
2785 wpa_ie_len
- (pos
- wpa_ie
));
2786 wpa_ie_len
+= ext_capab_len
;
2787 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2792 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2793 struct wpabuf
*hs20
;
2795 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2797 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2800 wpas_hs20_add_indication(hs20
, pps_mo_id
,
2801 get_hs20_version(bss
));
2802 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2803 len
= max_wpa_ie_len
- wpa_ie_len
;
2804 if (wpabuf_len(hs20
) <= len
) {
2805 os_memcpy(wpa_ie
+ wpa_ie_len
,
2806 wpabuf_head(hs20
), wpabuf_len(hs20
));
2807 wpa_ie_len
+= wpabuf_len(hs20
);
2811 hs20_configure_frame_filters(wpa_s
);
2814 #endif /* CONFIG_HS20 */
2816 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2817 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2820 len
= max_wpa_ie_len
- wpa_ie_len
;
2821 if (wpabuf_len(buf
) <= len
) {
2822 os_memcpy(wpa_ie
+ wpa_ie_len
,
2823 wpabuf_head(buf
), wpabuf_len(buf
));
2824 wpa_ie_len
+= wpabuf_len(buf
);
2829 if (wpa_s
->fst_ies
) {
2830 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2832 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2833 os_memcpy(wpa_ie
+ wpa_ie_len
,
2834 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2835 wpa_ie_len
+= fst_ies_len
;
2838 #endif /* CONFIG_FST */
2841 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2845 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2846 max_wpa_ie_len
- wpa_ie_len
,
2847 !!mbo_attr_from_mbo_ie(mbo_ie
,
2848 OCE_ATTR_ID_CAPA_IND
));
2852 #endif /* CONFIG_MBO */
2855 if (algs
== WPA_AUTH_ALG_FILS
) {
2858 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2859 max_wpa_ie_len
- wpa_ie_len
);
2862 #endif /* CONFIG_FILS */
2865 #ifdef CONFIG_TESTING_OPTIONS
2866 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2867 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2869 #endif /* CONFIG_TESTING_OPTIONS */
2870 if (algs
== WPA_AUTH_ALG_OPEN
&&
2871 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2872 struct wpabuf
*owe_ie
;
2875 if (ssid
->owe_group
) {
2876 group
= ssid
->owe_group
;
2877 } else if (wpa_s
->assoc_status_code
==
2878 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2879 if (wpa_s
->last_owe_group
== 19)
2881 else if (wpa_s
->last_owe_group
== 20)
2884 group
= OWE_DH_GROUP
;
2886 group
= OWE_DH_GROUP
;
2889 wpa_s
->last_owe_group
= group
;
2890 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2891 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2893 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2894 os_memcpy(wpa_ie
+ wpa_ie_len
,
2895 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2896 wpa_ie_len
+= wpabuf_len(owe_ie
);
2898 wpabuf_free(owe_ie
);
2900 #endif /* CONFIG_OWE */
2903 if (wpa_sm_get_key_mgmt(wpa_s
->wpa
) == WPA_KEY_MGMT_DPP
&&
2904 ssid
->dpp_netaccesskey
) {
2905 dpp_pfs_free(wpa_s
->dpp_pfs
);
2906 wpa_s
->dpp_pfs
= dpp_pfs_init(ssid
->dpp_netaccesskey
,
2907 ssid
->dpp_netaccesskey_len
);
2908 if (!wpa_s
->dpp_pfs
) {
2909 wpa_printf(MSG_DEBUG
, "DPP: Could not initialize PFS");
2910 /* Try to continue without PFS */
2913 if (wpabuf_len(wpa_s
->dpp_pfs
->ie
) <=
2914 max_wpa_ie_len
- wpa_ie_len
) {
2915 os_memcpy(wpa_ie
+ wpa_ie_len
,
2916 wpabuf_head(wpa_s
->dpp_pfs
->ie
),
2917 wpabuf_len(wpa_s
->dpp_pfs
->ie
));
2918 wpa_ie_len
+= wpabuf_len(wpa_s
->dpp_pfs
->ie
);
2922 #endif /* CONFIG_DPP2 */
2924 #ifdef CONFIG_IEEE80211R
2926 * Add MDIE under these conditions: the network profile allows FT,
2927 * the AP supports FT, and the mobility domain ID matches.
2929 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2930 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2932 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2934 const u8
*md
= mdie
+ 2;
2935 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2937 if (os_memcmp(md
, wpa_md
,
2938 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2939 /* Add mobility domain IE */
2940 len
= wpa_ft_add_mdie(
2941 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2942 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2946 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2947 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2948 wpa_dbg(wpa_s
, MSG_DEBUG
,
2949 "SME: Trying to use FT over-the-air");
2950 algs
|= WPA_AUTH_ALG_FT
;
2952 #endif /* CONFIG_SME */
2955 #endif /* CONFIG_IEEE80211R */
2957 if (ssid
->multi_ap_backhaul_sta
) {
2958 size_t multi_ap_ie_len
;
2960 multi_ap_ie_len
= add_multi_ap_ie(wpa_ie
+ wpa_ie_len
,
2961 max_wpa_ie_len
- wpa_ie_len
,
2962 MULTI_AP_BACKHAUL_STA
);
2963 if (multi_ap_ie_len
== 0) {
2964 wpa_printf(MSG_ERROR
,
2965 "Multi-AP: Failed to build Multi-AP IE");
2969 wpa_ie_len
+= multi_ap_ie_len
;
2972 params
->wpa_ie
= wpa_ie
;
2973 params
->wpa_ie_len
= wpa_ie_len
;
2974 params
->auth_alg
= algs
;
2976 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2983 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
)
2985 struct wpa_driver_associate_params params
;
2988 os_memset(¶ms
, 0, sizeof(params
));
2989 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2990 wpa_s
->current_ssid
, ¶ms
, NULL
);
2994 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
2997 #endif /* CONFIG_OWE */
3000 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3001 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
3003 struct wpa_driver_associate_params params
;
3004 enum wpa_drv_update_connect_params_mask mask
= 0;
3007 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
3008 return; /* nothing to do */
3010 os_memset(¶ms
, 0, sizeof(params
));
3011 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3012 wpa_s
->current_ssid
, ¶ms
, &mask
);
3016 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
3021 wpa_s
->auth_alg
= params
.auth_alg
;
3022 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
3025 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3029 void wpas_update_mbo_connect_params(struct wpa_supplicant
*wpa_s
)
3031 struct wpa_driver_associate_params params
;
3035 * Update MBO connect params only in case of change of MBO attributes
3036 * when connected, if the AP support MBO.
3039 if (wpa_s
->wpa_state
!= WPA_COMPLETED
|| !wpa_s
->current_ssid
||
3040 !wpa_s
->current_bss
||
3041 !wpa_bss_get_vendor_ie(wpa_s
->current_bss
, MBO_IE_VENDOR_TYPE
))
3044 os_memset(¶ms
, 0, sizeof(params
));
3045 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3046 wpa_s
->current_ssid
, ¶ms
, NULL
);
3050 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
3053 #endif /* CONFIG_MBO */
3056 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
3058 struct wpa_connect_work
*cwork
= work
->ctx
;
3059 struct wpa_bss
*bss
= cwork
->bss
;
3060 struct wpa_ssid
*ssid
= cwork
->ssid
;
3061 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
3063 int use_crypt
, ret
, i
, bssid_changed
;
3064 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
3065 struct wpa_driver_associate_params params
;
3066 int wep_keys_set
= 0;
3067 int assoc_failed
= 0;
3068 struct wpa_ssid
*old_ssid
;
3069 u8 prev_bssid
[ETH_ALEN
];
3070 #ifdef CONFIG_HT_OVERRIDES
3071 struct ieee80211_ht_capabilities htcaps
;
3072 struct ieee80211_ht_capabilities htcaps_mask
;
3073 #endif /* CONFIG_HT_OVERRIDES */
3074 #ifdef CONFIG_VHT_OVERRIDES
3075 struct ieee80211_vht_capabilities vhtcaps
;
3076 struct ieee80211_vht_capabilities vhtcaps_mask
;
3077 #endif /* CONFIG_VHT_OVERRIDES */
3080 if (work
->started
) {
3081 wpa_s
->connect_work
= NULL
;
3083 /* cancel possible auth. timeout */
3084 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
3087 wpas_connect_work_free(cwork
);
3091 wpa_s
->connect_work
= work
;
3093 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
3094 wpas_network_disabled(wpa_s
, ssid
)) {
3095 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3096 wpas_connect_work_done(wpa_s
);
3100 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
3101 os_memset(¶ms
, 0, sizeof(params
));
3102 wpa_s
->reassociate
= 0;
3103 wpa_s
->eap_expected_failure
= 0;
3105 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
3106 #ifdef CONFIG_IEEE80211R
3107 const u8
*ie
, *md
= NULL
;
3108 #endif /* CONFIG_IEEE80211R */
3109 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
3110 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
3111 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
3112 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
3113 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
3114 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3116 wpas_notify_bssid_changed(wpa_s
);
3117 #ifdef CONFIG_IEEE80211R
3118 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
3119 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
3121 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
3123 /* Prepare for the next transition */
3124 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
3126 #endif /* CONFIG_IEEE80211R */
3128 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
3129 wpa_s
->conf
->ap_scan
== 2 &&
3130 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
3131 /* Use ap_scan==1 style network selection to find the network
3133 wpas_connect_work_done(wpa_s
);
3134 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
3135 wpa_s
->reassociate
= 1;
3136 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3138 #endif /* CONFIG_WPS */
3140 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
3141 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
3143 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3145 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3148 wpa_supplicant_cancel_sched_scan(wpa_s
);
3150 wpa_supplicant_cancel_scan(wpa_s
);
3152 /* Starting new association, so clear the possibly used WPA IE from the
3153 * previous association. */
3154 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
3156 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
3158 wpas_connect_work_done(wpa_s
);
3162 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
3164 cipher_pairwise
= wpa_s
->pairwise_cipher
;
3165 cipher_group
= wpa_s
->group_cipher
;
3166 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
3167 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
3168 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3169 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
3171 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
3176 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
3179 #ifdef IEEE8021X_EAPOL
3180 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3181 if ((ssid
->eapol_flags
&
3182 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
3183 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
3187 /* Assume that dynamic WEP-104 keys will be used and
3188 * set cipher suites in order for drivers to expect
3190 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
3193 #endif /* IEEE8021X_EAPOL */
3195 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3196 /* Set the key before (and later after) association */
3197 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3200 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
3202 params
.ssid
= bss
->ssid
;
3203 params
.ssid_len
= bss
->ssid_len
;
3204 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3205 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3206 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3207 MACSTR
" freq=%u MHz based on scan results "
3208 "(bssid_set=%d wps=%d)",
3209 MAC2STR(bss
->bssid
), bss
->freq
,
3211 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3212 params
.bssid
= bss
->bssid
;
3213 params
.freq
.freq
= bss
->freq
;
3215 params
.bssid_hint
= bss
->bssid
;
3216 params
.freq_hint
= bss
->freq
;
3217 params
.pbss
= bss_is_pbss(bss
);
3219 if (ssid
->bssid_hint_set
)
3220 params
.bssid_hint
= ssid
->bssid_hint
;
3222 params
.ssid
= ssid
->ssid
;
3223 params
.ssid_len
= ssid
->ssid_len
;
3224 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3227 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3228 wpa_s
->conf
->ap_scan
== 2) {
3229 params
.bssid
= ssid
->bssid
;
3230 params
.fixed_bssid
= 1;
3233 /* Initial frequency for IBSS/mesh */
3234 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3235 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3236 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3238 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3239 params
.fixed_freq
= ssid
->fixed_freq
;
3240 if (ssid
->beacon_int
)
3241 params
.beacon_int
= ssid
->beacon_int
;
3243 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3246 params
.pairwise_suite
= cipher_pairwise
;
3247 params
.group_suite
= cipher_group
;
3248 params
.mgmt_group_suite
= cipher_group_mgmt
;
3249 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3250 params
.wpa_proto
= wpa_s
->wpa_proto
;
3251 wpa_s
->auth_alg
= params
.auth_alg
;
3252 params
.mode
= ssid
->mode
;
3253 params
.bg_scan_period
= ssid
->bg_scan_period
;
3254 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3255 if (ssid
->wep_key_len
[i
])
3256 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3257 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3259 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3261 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) &&
3262 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3263 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3264 params
.passphrase
= ssid
->passphrase
;
3266 params
.psk
= ssid
->psk
;
3269 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X
) &&
3270 (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3271 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3272 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3273 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
))
3274 params
.req_handshake_offload
= 1;
3276 if (wpa_s
->conf
->key_mgmt_offload
) {
3277 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3278 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3279 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3280 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3281 params
.req_key_mgmt_offload
=
3282 ssid
->proactive_key_caching
< 0 ?
3283 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3285 params
.req_key_mgmt_offload
= 1;
3287 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3288 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3289 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3291 params
.psk
= ssid
->psk
;
3294 params
.drop_unencrypted
= use_crypt
;
3296 #ifdef CONFIG_IEEE80211W
3297 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3298 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3299 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3300 struct wpa_ie_data ie
;
3301 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3303 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3304 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3305 "MFP: require MFP");
3306 params
.mgmt_frame_protection
=
3307 MGMT_FRAME_PROTECTION_REQUIRED
;
3309 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3311 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3312 #endif /* CONFIG_OWE */
3315 #endif /* CONFIG_IEEE80211W */
3317 params
.p2p
= ssid
->p2p_group
;
3319 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3320 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3324 #ifdef CONFIG_HT_OVERRIDES
3325 os_memset(&htcaps
, 0, sizeof(htcaps
));
3326 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3327 params
.htcaps
= (u8
*) &htcaps
;
3328 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3329 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3330 #endif /* CONFIG_HT_OVERRIDES */
3331 #ifdef CONFIG_VHT_OVERRIDES
3332 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3333 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3334 params
.vhtcaps
= &vhtcaps
;
3335 params
.vhtcaps_mask
= &vhtcaps_mask
;
3336 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3337 #endif /* CONFIG_VHT_OVERRIDES */
3341 * If multi-channel concurrency is not supported, check for any
3342 * frequency conflict. In case of any frequency conflict, remove the
3343 * least prioritized connection.
3345 if (wpa_s
->num_multichan_concurrent
< 2) {
3347 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3348 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3349 wpa_printf(MSG_DEBUG
,
3350 "Assoc conflicting freq found (%d != %d)",
3351 freq
, params
.freq
.freq
);
3352 if (wpas_p2p_handle_frequency_conflicts(
3353 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3354 wpas_connect_work_done(wpa_s
);
3360 #endif /* CONFIG_P2P */
3362 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3363 wpa_s
->current_ssid
)
3364 params
.prev_bssid
= prev_bssid
;
3366 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3369 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3371 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3373 * The driver is known to mean what is saying, so we
3374 * can stop right here; the association will not
3377 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3378 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3379 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3382 /* try to continue anyway; new association will be tried again
3387 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3388 /* Set the key after the association just in case association
3389 * cleared the previously configured key. */
3390 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3391 /* No need to timeout authentication since there is no key
3393 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3394 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3395 #ifdef CONFIG_IBSS_RSN
3396 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3397 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3398 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3400 * RSN IBSS authentication is per-STA and we can disable the
3401 * per-BSSID authentication.
3403 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3404 #endif /* CONFIG_IBSS_RSN */
3406 /* Timeout for IEEE 802.11 authentication and association */
3410 /* give IBSS a bit more time */
3411 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3412 } else if (wpa_s
->conf
->ap_scan
== 1) {
3413 /* give IBSS a bit more time */
3414 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3416 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3420 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3421 /* Set static WEP keys again */
3422 wpa_set_wep_keys(wpa_s
, ssid
);
3425 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3427 * Do not allow EAP session resumption between different
3428 * network configurations.
3430 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3432 old_ssid
= wpa_s
->current_ssid
;
3433 wpa_s
->current_ssid
= ssid
;
3435 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3436 wpa_s
->current_bss
= bss
;
3438 hs20_configure_frame_filters(wpa_s
);
3439 #endif /* CONFIG_HS20 */
3442 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3443 wpa_supplicant_initiate_eapol(wpa_s
);
3444 if (old_ssid
!= wpa_s
->current_ssid
)
3445 wpas_notify_network_changed(wpa_s
);
3449 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3452 struct wpa_ssid
*old_ssid
;
3454 wpas_connect_work_done(wpa_s
);
3455 wpa_clear_keys(wpa_s
, addr
);
3456 old_ssid
= wpa_s
->current_ssid
;
3457 wpa_supplicant_mark_disassoc(wpa_s
);
3458 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3459 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3460 if (old_ssid
!= wpa_s
->current_ssid
)
3461 wpas_notify_network_changed(wpa_s
);
3462 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3467 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3468 * @wpa_s: Pointer to wpa_supplicant data
3469 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3471 * This function is used to request %wpa_supplicant to deauthenticate from the
3474 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3478 union wpa_event_data event
;
3481 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3482 " pending_bssid=" MACSTR
" reason=%d (%s) state=%s",
3483 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3484 reason_code
, reason2str(reason_code
),
3485 wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3487 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3488 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3489 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3490 addr
= wpa_s
->pending_bssid
;
3491 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3492 addr
= wpa_s
->bssid
;
3493 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3495 * When using driver-based BSS selection, we may not know the
3496 * BSSID with which we are currently trying to associate. We
3497 * need to notify the driver of this disconnection even in such
3498 * a case, so use the all zeros address here.
3500 addr
= wpa_s
->bssid
;
3504 if (wpa_s
->enabled_4addr_mode
&& wpa_drv_set_4addr_mode(wpa_s
, 0) == 0)
3505 wpa_s
->enabled_4addr_mode
= 0;
3508 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3509 #endif /* CONFIG_TDLS */
3513 struct mesh_conf
*mconf
;
3515 mconf
= wpa_s
->ifmsh
->mconf
;
3516 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3518 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3519 mconf
->meshid_len
, reason_code
);
3520 wpa_supplicant_leave_mesh(wpa_s
);
3522 #endif /* CONFIG_MESH */
3525 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3526 os_memset(&event
, 0, sizeof(event
));
3527 event
.deauth_info
.reason_code
= reason_code
;
3528 event
.deauth_info
.locally_generated
= 1;
3529 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3534 wpa_supplicant_clear_connection(wpa_s
, addr
);
3537 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3538 struct wpa_ssid
*ssid
)
3540 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3544 ssid
->owe_transition_bss_select_count
= 0;
3545 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3546 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3549 * Try to reassociate since there is no current configuration and a new
3550 * network was made available.
3552 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3553 wpa_s
->reassociate
= 1;
3558 * wpa_supplicant_add_network - Add a new network
3559 * @wpa_s: wpa_supplicant structure for a network interface
3560 * Returns: The new network configuration or %NULL if operation failed
3562 * This function performs the following operations:
3563 * 1. Adds a new network.
3564 * 2. Send network addition notification.
3565 * 3. Marks the network disabled.
3566 * 4. Set network default parameters.
3568 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3570 struct wpa_ssid
*ssid
;
3572 ssid
= wpa_config_add_network(wpa_s
->conf
);
3575 wpas_notify_network_added(wpa_s
, ssid
);
3577 wpa_config_set_network_defaults(ssid
);
3584 * wpa_supplicant_remove_network - Remove a configured network based on id
3585 * @wpa_s: wpa_supplicant structure for a network interface
3586 * @id: Unique network id to search for
3587 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3588 * could not be removed
3590 * This function performs the following operations:
3591 * 1. Removes the network.
3592 * 2. Send network removal notification.
3593 * 3. Update internal state machines.
3594 * 4. Stop any running sched scans.
3596 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3598 struct wpa_ssid
*ssid
;
3601 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3604 wpas_notify_network_removed(wpa_s
, ssid
);
3606 if (wpa_s
->last_ssid
== ssid
)
3607 wpa_s
->last_ssid
= NULL
;
3609 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3611 wpa_s
->sme
.prev_bssid_set
= 0;
3612 #endif /* CONFIG_SME */
3614 * Invalidate the EAP session cache if the current or
3615 * previously used network is removed.
3617 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3620 if (ssid
== wpa_s
->current_ssid
) {
3621 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3622 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3624 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3625 wpa_s
->own_disconnect_req
= 1;
3626 wpa_supplicant_deauthenticate(wpa_s
,
3627 WLAN_REASON_DEAUTH_LEAVING
);
3630 was_disabled
= ssid
->disabled
;
3632 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3635 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3636 wpa_printf(MSG_DEBUG
,
3637 "Stop ongoing sched_scan to remove network from filters");
3638 wpa_supplicant_cancel_sched_scan(wpa_s
);
3639 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3647 * wpa_supplicant_enable_network - Mark a configured network as enabled
3648 * @wpa_s: wpa_supplicant structure for a network interface
3649 * @ssid: wpa_ssid structure for a configured network or %NULL
3651 * Enables the specified network or all networks if no network specified.
3653 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3654 struct wpa_ssid
*ssid
)
3657 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3658 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3660 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3662 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3663 (!wpa_s
->current_ssid
||
3664 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3665 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3666 if (wpa_s
->sched_scanning
) {
3667 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3668 "new network to scan filters");
3669 wpa_supplicant_cancel_sched_scan(wpa_s
);
3672 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3673 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3674 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3681 * wpa_supplicant_disable_network - Mark a configured network as disabled
3682 * @wpa_s: wpa_supplicant structure for a network interface
3683 * @ssid: wpa_ssid structure for a configured network or %NULL
3685 * Disables the specified network or all networks if no network specified.
3687 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3688 struct wpa_ssid
*ssid
)
3690 struct wpa_ssid
*other_ssid
;
3694 if (wpa_s
->sched_scanning
)
3695 wpa_supplicant_cancel_sched_scan(wpa_s
);
3697 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3698 other_ssid
= other_ssid
->next
) {
3699 was_disabled
= other_ssid
->disabled
;
3700 if (was_disabled
== 2)
3701 continue; /* do not change persistent P2P group
3704 other_ssid
->disabled
= 1;
3706 if (was_disabled
!= other_ssid
->disabled
)
3707 wpas_notify_network_enabled_changed(
3710 if (wpa_s
->current_ssid
) {
3711 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3712 wpa_s
->own_disconnect_req
= 1;
3713 wpa_supplicant_deauthenticate(
3714 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3716 } else if (ssid
->disabled
!= 2) {
3717 if (ssid
== wpa_s
->current_ssid
) {
3718 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3719 wpa_s
->own_disconnect_req
= 1;
3720 wpa_supplicant_deauthenticate(
3721 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3724 was_disabled
= ssid
->disabled
;
3728 if (was_disabled
!= ssid
->disabled
) {
3729 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3730 if (wpa_s
->sched_scanning
) {
3731 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3732 "to remove network from filters");
3733 wpa_supplicant_cancel_sched_scan(wpa_s
);
3734 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3742 * wpa_supplicant_select_network - Attempt association with a network
3743 * @wpa_s: wpa_supplicant structure for a network interface
3744 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3746 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3747 struct wpa_ssid
*ssid
)
3750 struct wpa_ssid
*other_ssid
;
3751 int disconnected
= 0;
3753 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3754 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3755 wpa_s
->own_disconnect_req
= 1;
3756 wpa_supplicant_deauthenticate(
3757 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3762 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3765 * Mark all other networks disabled or mark all networks enabled if no
3766 * network specified.
3768 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3769 other_ssid
= other_ssid
->next
) {
3770 int was_disabled
= other_ssid
->disabled
;
3771 if (was_disabled
== 2)
3772 continue; /* do not change persistent P2P group data */
3774 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3775 if (was_disabled
&& !other_ssid
->disabled
)
3776 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3778 if (was_disabled
!= other_ssid
->disabled
)
3779 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3782 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3783 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3784 /* We are already associated with the selected network */
3785 wpa_printf(MSG_DEBUG
, "Already associated with the "
3786 "selected network - do nothing");
3791 wpa_s
->current_ssid
= ssid
;
3792 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3793 wpa_s
->connect_without_scan
=
3794 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3797 * Don't optimize next scan freqs since a new ESS has been
3800 os_free(wpa_s
->next_scan_freqs
);
3801 wpa_s
->next_scan_freqs
= NULL
;
3803 wpa_s
->connect_without_scan
= NULL
;
3806 wpa_s
->disconnected
= 0;
3807 wpa_s
->reassociate
= 1;
3808 wpa_s
->last_owe_group
= 0;
3810 ssid
->owe_transition_bss_select_count
= 0;
3812 if (wpa_s
->connect_without_scan
||
3813 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3814 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3815 wpas_scan_reset_sched_scan(wpa_s
);
3816 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3820 wpas_notify_network_selected(wpa_s
, ssid
);
3825 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3826 * @wpa_s: wpa_supplicant structure for a network interface
3827 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3828 * @pkcs11_module_path: PKCS #11 module path or NULL
3829 * Returns: 0 on success; -1 on failure
3831 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3832 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3833 * module path fails the paths will be reset to the default value (NULL).
3835 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3836 const char *pkcs11_engine_path
,
3837 const char *pkcs11_module_path
)
3839 char *pkcs11_engine_path_copy
= NULL
;
3840 char *pkcs11_module_path_copy
= NULL
;
3842 if (pkcs11_engine_path
!= NULL
) {
3843 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3844 if (pkcs11_engine_path_copy
== NULL
)
3847 if (pkcs11_module_path
!= NULL
) {
3848 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3849 if (pkcs11_module_path_copy
== NULL
) {
3850 os_free(pkcs11_engine_path_copy
);
3855 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3856 os_free(wpa_s
->conf
->pkcs11_module_path
);
3857 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3858 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3860 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3861 eapol_sm_deinit(wpa_s
->eapol
);
3862 wpa_s
->eapol
= NULL
;
3863 if (wpa_supplicant_init_eapol(wpa_s
)) {
3864 /* Error -> Reset paths to the default value (NULL) once. */
3865 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3866 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3871 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3878 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3879 * @wpa_s: wpa_supplicant structure for a network interface
3880 * @ap_scan: AP scan mode
3881 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3884 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3889 if (ap_scan
< 0 || ap_scan
> 2)
3892 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3893 wpa_printf(MSG_INFO
,
3894 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3898 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3899 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3900 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3901 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3902 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3905 #endif /* ANDROID */
3907 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3908 wpa_s
->conf
->ap_scan
= ap_scan
;
3910 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3911 wpas_notify_ap_scan_changed(wpa_s
);
3918 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3919 * @wpa_s: wpa_supplicant structure for a network interface
3920 * @expire_age: Expiration age in seconds
3921 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3924 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3925 unsigned int bss_expire_age
)
3927 if (bss_expire_age
< 10) {
3928 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3932 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3934 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3941 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3942 * @wpa_s: wpa_supplicant structure for a network interface
3943 * @expire_count: number of scans after which an unseen BSS is reclaimed
3944 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3947 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3948 unsigned int bss_expire_count
)
3950 if (bss_expire_count
< 1) {
3951 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3955 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3957 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3964 * wpa_supplicant_set_scan_interval - Set scan interval
3965 * @wpa_s: wpa_supplicant structure for a network interface
3966 * @scan_interval: scan interval in seconds
3967 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3970 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3973 if (scan_interval
< 0) {
3974 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3978 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3980 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3987 * wpa_supplicant_set_debug_params - Set global debug params
3988 * @global: wpa_global structure
3989 * @debug_level: debug level
3990 * @debug_timestamp: determines if show timestamp in debug data
3991 * @debug_show_keys: determines if show keys in debug data
3992 * Returns: 0 if succeed or -1 if debug_level has wrong value
3994 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3995 int debug_timestamp
, int debug_show_keys
)
3998 int old_level
, old_timestamp
, old_show_keys
;
4000 /* check for allowed debuglevels */
4001 if (debug_level
!= MSG_EXCESSIVE
&&
4002 debug_level
!= MSG_MSGDUMP
&&
4003 debug_level
!= MSG_DEBUG
&&
4004 debug_level
!= MSG_INFO
&&
4005 debug_level
!= MSG_WARNING
&&
4006 debug_level
!= MSG_ERROR
)
4009 old_level
= wpa_debug_level
;
4010 old_timestamp
= wpa_debug_timestamp
;
4011 old_show_keys
= wpa_debug_show_keys
;
4013 wpa_debug_level
= debug_level
;
4014 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
4015 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
4017 if (wpa_debug_level
!= old_level
)
4018 wpas_notify_debug_level_changed(global
);
4019 if (wpa_debug_timestamp
!= old_timestamp
)
4020 wpas_notify_debug_timestamp_changed(global
);
4021 if (wpa_debug_show_keys
!= old_show_keys
)
4022 wpas_notify_debug_show_keys_changed(global
);
4029 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
4030 const u8
*entry_ssid
, size_t entry_ssid_len
)
4032 const u8
*owe
, *pos
, *end
;
4034 struct wpa_bss
*bss
;
4036 /* Check network profile SSID aganst the SSID in the
4037 * OWE Transition Mode element. */
4039 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
4043 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
4048 end
= owe
+ 2 + owe
[1];
4050 if (end
- pos
< ETH_ALEN
+ 1)
4054 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
4057 return entry_ssid_len
== ssid_len
&&
4058 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
4060 #endif /* CONFIG_OWE */
4064 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4065 * @wpa_s: Pointer to wpa_supplicant data
4066 * Returns: A pointer to the current network structure or %NULL on failure
4068 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
4070 struct wpa_ssid
*entry
;
4071 u8 ssid
[SSID_MAX_LEN
];
4077 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
4079 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
4085 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
4086 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
4091 wired
= wpa_s
->conf
->ap_scan
== 0 &&
4092 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
4094 entry
= wpa_s
->conf
->ssid
;
4096 if (!wpas_network_disabled(wpa_s
, entry
) &&
4097 ((ssid_len
== entry
->ssid_len
&&
4099 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0)) ||
4101 (!entry
->bssid_set
||
4102 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4105 if (!wpas_network_disabled(wpa_s
, entry
) &&
4106 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4107 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
4108 (!entry
->bssid_set
||
4109 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4111 #endif /* CONFIG_WPS */
4114 if (!wpas_network_disabled(wpa_s
, entry
) &&
4115 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
4117 (!entry
->bssid_set
||
4118 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4120 #endif /* CONFIG_OWE */
4122 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
4123 entry
->ssid_len
== 0 &&
4124 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
4127 entry
= entry
->next
;
4134 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
4136 struct wpa_global
*global
= wpa_s
->global
;
4138 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
4139 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
4140 if (global
->drv_priv
[i
] == NULL
) {
4141 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
4142 "'%s'", wpa_drivers
[i
]->name
);
4147 wpa_s
->driver
= wpa_drivers
[i
];
4148 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
4154 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
4159 const char *pos
, *driver
= name
;
4164 if (wpa_drivers
[0] == NULL
) {
4165 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
4171 /* default to first driver in the list */
4172 return select_driver(wpa_s
, 0);
4176 pos
= os_strchr(driver
, ',');
4180 len
= os_strlen(driver
);
4182 for (i
= 0; wpa_drivers
[i
]; i
++) {
4183 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
4184 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
4186 /* First driver that succeeds wins */
4187 if (select_driver(wpa_s
, i
) == 0)
4195 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
4201 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4202 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4203 * with struct wpa_driver_ops::init()
4204 * @src_addr: Source address of the EAPOL frame
4205 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4206 * @len: Length of the EAPOL data
4208 * This function is called for each received EAPOL frame. Most driver
4209 * interfaces rely on more generic OS mechanism for receiving frames through
4210 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4211 * take care of received EAPOL frames and deliver them to the core supplicant
4212 * code by calling this function.
4214 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
4215 const u8
*buf
, size_t len
)
4217 struct wpa_supplicant
*wpa_s
= ctx
;
4219 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4220 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4222 #ifdef CONFIG_TESTING_OPTIONS
4223 if (wpa_s
->ignore_auth_resp
) {
4224 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4227 #endif /* CONFIG_TESTING_OPTIONS */
4229 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4230 (wpa_s
->last_eapol_matches_bssid
&&
4233 #endif /* CONFIG_AP */
4234 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4236 * There is possible race condition between receiving the
4237 * association event and the EAPOL frame since they are coming
4238 * through different paths from the driver. In order to avoid
4239 * issues in trying to process the EAPOL frame before receiving
4240 * association information, lets queue it for processing until
4241 * the association event is received. This may also be needed in
4242 * driver-based roaming case, so also use src_addr != BSSID as a
4243 * trigger if we have previously confirmed that the
4244 * Authenticator uses BSSID as the src_addr (which is not the
4245 * case with wired IEEE 802.1X).
4247 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4248 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4249 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4250 MAC2STR(wpa_s
->bssid
));
4251 wpabuf_free(wpa_s
->pending_eapol_rx
);
4252 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4253 if (wpa_s
->pending_eapol_rx
) {
4254 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4255 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4261 wpa_s
->last_eapol_matches_bssid
=
4262 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4265 if (wpa_s
->ap_iface
) {
4266 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4269 #endif /* CONFIG_AP */
4271 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4272 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4273 "no key management is configured");
4277 if (wpa_s
->eapol_received
== 0 &&
4278 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) ||
4279 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4280 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4281 (wpa_s
->current_ssid
== NULL
||
4282 wpa_s
->current_ssid
->mode
!= WPAS_MODE_IBSS
)) {
4283 /* Timeout for completing IEEE 802.1X and WPA authentication */
4286 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4287 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4288 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4289 /* Use longer timeout for IEEE 802.1X/EAP */
4294 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4295 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4296 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4298 * Use shorter timeout if going through WPS AP iteration
4299 * for PIN config method with an AP that does not
4300 * advertise Selected Registrar.
4302 struct wpabuf
*wps_ie
;
4304 wps_ie
= wpa_bss_get_vendor_ie_multi(
4305 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4307 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4309 wpabuf_free(wps_ie
);
4311 #endif /* CONFIG_WPS */
4313 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4315 wpa_s
->eapol_received
++;
4317 if (wpa_s
->countermeasures
) {
4318 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4323 #ifdef CONFIG_IBSS_RSN
4324 if (wpa_s
->current_ssid
&&
4325 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4326 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4329 #endif /* CONFIG_IBSS_RSN */
4331 /* Source address of the incoming EAPOL frame could be compared to the
4332 * current BSSID. However, it is possible that a centralized
4333 * Authenticator could be using another MAC address than the BSSID of
4334 * an AP, so just allow any address to be used for now. The replies are
4335 * still sent to the current BSSID (if available), though. */
4337 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4338 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4339 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4340 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4341 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4343 wpa_drv_poll(wpa_s
);
4344 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
))
4345 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4346 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4348 * Set portValid = TRUE here since we are going to skip 4-way
4349 * handshake processing which would normally set portValid. We
4350 * need this to allow the EAPOL state machines to be completed
4351 * without going through EAPOL-Key handshake.
4353 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4358 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4360 if ((!wpa_s
->p2p_mgmt
||
4361 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4362 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4363 l2_packet_deinit(wpa_s
->l2
);
4364 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4365 wpa_drv_get_mac_addr(wpa_s
),
4367 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4368 if (wpa_s
->l2
== NULL
)
4371 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4372 L2_PACKET_FILTER_PKTTYPE
))
4373 wpa_dbg(wpa_s
, MSG_DEBUG
,
4374 "Failed to attach pkt_type filter");
4376 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4378 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4381 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4382 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4386 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4392 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4393 const u8
*buf
, size_t len
)
4395 struct wpa_supplicant
*wpa_s
= ctx
;
4396 const struct l2_ethhdr
*eth
;
4398 if (len
< sizeof(*eth
))
4400 eth
= (const struct l2_ethhdr
*) buf
;
4402 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4403 !(eth
->h_dest
[0] & 0x01)) {
4404 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4405 " (bridge - not for this interface - ignore)",
4406 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4410 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4411 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4412 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4413 len
- sizeof(*eth
));
4418 * wpa_supplicant_driver_init - Initialize driver interface parameters
4419 * @wpa_s: Pointer to wpa_supplicant data
4420 * Returns: 0 on success, -1 on failure
4422 * This function is called to initialize driver interface parameters.
4423 * wpa_drv_init() must have been called before this function to initialize the
4426 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4428 static int interface_count
= 0;
4430 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4433 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4434 MAC2STR(wpa_s
->own_addr
));
4435 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4436 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4438 if (wpa_s
->bridge_ifname
[0]) {
4439 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4440 "interface '%s'", wpa_s
->bridge_ifname
);
4441 wpa_s
->l2_br
= l2_packet_init_bridge(
4442 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4443 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4444 if (wpa_s
->l2_br
== NULL
) {
4445 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4446 "connection for the bridge interface '%s'",
4447 wpa_s
->bridge_ifname
);
4452 if (wpa_s
->conf
->ap_scan
== 2 &&
4453 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4454 wpa_printf(MSG_INFO
,
4455 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4458 wpa_clear_keys(wpa_s
, NULL
);
4460 /* Make sure that TKIP countermeasures are not left enabled (could
4461 * happen if wpa_supplicant is killed during countermeasures. */
4462 wpa_drv_set_countermeasures(wpa_s
, 0);
4464 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4465 wpa_drv_flush_pmkid(wpa_s
);
4467 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4468 wpa_s
->prev_scan_wildcard
= 0;
4470 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4471 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4472 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4473 interface_count
= 0;
4476 if (!wpa_s
->p2p_mgmt
&&
4477 wpa_supplicant_delayed_sched_scan(wpa_s
,
4478 interface_count
% 3,
4480 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4482 #endif /* ANDROID */
4485 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4491 static int wpa_supplicant_daemon(const char *pid_file
)
4493 wpa_printf(MSG_DEBUG
, "Daemonize..");
4494 return os_daemonize(pid_file
);
4498 static struct wpa_supplicant
*
4499 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4501 struct wpa_supplicant
*wpa_s
;
4503 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4506 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4507 wpa_s
->scan_interval
= 5;
4508 wpa_s
->new_connection
= 1;
4509 wpa_s
->parent
= parent
? parent
: wpa_s
;
4510 wpa_s
->p2pdev
= wpa_s
->parent
;
4511 wpa_s
->sched_scanning
= 0;
4513 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4514 dl_list_init(&wpa_s
->fils_hlp_req
);
4520 #ifdef CONFIG_HT_OVERRIDES
4522 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4523 struct ieee80211_ht_capabilities
*htcaps
,
4524 struct ieee80211_ht_capabilities
*htcaps_mask
,
4527 /* parse ht_mcs into hex array */
4529 const char *tmp
= ht_mcs
;
4532 /* If ht_mcs is null, do not set anything */
4536 /* This is what we are setting in the kernel */
4537 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4539 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4541 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4545 v
= strtol(tmp
, &end
, 16);
4548 wpa_msg(wpa_s
, MSG_DEBUG
,
4549 "htcap value[%i]: %ld end: %p tmp: %p",
4554 htcaps
->supported_mcs_set
[i
] = v
;
4557 wpa_msg(wpa_s
, MSG_ERROR
,
4558 "Failed to parse ht-mcs: %s, error: %s\n",
4559 ht_mcs
, strerror(errno
));
4565 * If we were able to parse any values, then set mask for the MCS set.
4568 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4569 IEEE80211_HT_MCS_MASK_LEN
- 1);
4570 /* skip the 3 reserved bits */
4571 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4579 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4580 struct ieee80211_ht_capabilities
*htcaps
,
4581 struct ieee80211_ht_capabilities
*htcaps_mask
,
4589 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4591 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4592 htcaps_mask
->ht_capabilities_info
|= msk
;
4594 htcaps
->ht_capabilities_info
&= msk
;
4596 htcaps
->ht_capabilities_info
|= msk
;
4602 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4603 struct ieee80211_ht_capabilities
*htcaps
,
4604 struct ieee80211_ht_capabilities
*htcaps_mask
,
4610 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4612 if (factor
< 0 || factor
> 3) {
4613 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4614 "Must be 0-3 or -1", factor
);
4618 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4619 htcaps
->a_mpdu_params
&= ~0x3;
4620 htcaps
->a_mpdu_params
|= factor
& 0x3;
4626 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4627 struct ieee80211_ht_capabilities
*htcaps
,
4628 struct ieee80211_ht_capabilities
*htcaps_mask
,
4634 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4636 if (density
< 0 || density
> 7) {
4637 wpa_msg(wpa_s
, MSG_ERROR
,
4638 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4643 htcaps_mask
->a_mpdu_params
|= 0x1C;
4644 htcaps
->a_mpdu_params
&= ~(0x1C);
4645 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4651 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4652 struct ieee80211_ht_capabilities
*htcaps
,
4653 struct ieee80211_ht_capabilities
*htcaps_mask
,
4657 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4659 set_disable_ht40(htcaps
, disabled
);
4660 set_disable_ht40(htcaps_mask
, 0);
4666 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4667 struct ieee80211_ht_capabilities
*htcaps
,
4668 struct ieee80211_ht_capabilities
*htcaps_mask
,
4671 /* Masking these out disables SGI */
4672 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4673 HT_CAP_INFO_SHORT_GI40MHZ
);
4676 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4679 htcaps
->ht_capabilities_info
&= ~msk
;
4681 htcaps
->ht_capabilities_info
|= msk
;
4683 htcaps_mask
->ht_capabilities_info
|= msk
;
4689 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4690 struct ieee80211_ht_capabilities
*htcaps
,
4691 struct ieee80211_ht_capabilities
*htcaps_mask
,
4694 /* Masking these out disables LDPC */
4695 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4698 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4701 htcaps
->ht_capabilities_info
&= ~msk
;
4703 htcaps
->ht_capabilities_info
|= msk
;
4705 htcaps_mask
->ht_capabilities_info
|= msk
;
4711 static int wpa_set_tx_stbc(struct wpa_supplicant
*wpa_s
,
4712 struct ieee80211_ht_capabilities
*htcaps
,
4713 struct ieee80211_ht_capabilities
*htcaps_mask
,
4716 le16 msk
= host_to_le16(HT_CAP_INFO_TX_STBC
);
4721 wpa_msg(wpa_s
, MSG_DEBUG
, "set_tx_stbc: %d", tx_stbc
);
4723 if (tx_stbc
< 0 || tx_stbc
> 1) {
4724 wpa_msg(wpa_s
, MSG_ERROR
,
4725 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc
);
4729 htcaps_mask
->ht_capabilities_info
|= msk
;
4730 htcaps
->ht_capabilities_info
&= ~msk
;
4731 htcaps
->ht_capabilities_info
|= (tx_stbc
<< 7) & msk
;
4737 static int wpa_set_rx_stbc(struct wpa_supplicant
*wpa_s
,
4738 struct ieee80211_ht_capabilities
*htcaps
,
4739 struct ieee80211_ht_capabilities
*htcaps_mask
,
4742 le16 msk
= host_to_le16(HT_CAP_INFO_RX_STBC_MASK
);
4747 wpa_msg(wpa_s
, MSG_DEBUG
, "set_rx_stbc: %d", rx_stbc
);
4749 if (rx_stbc
< 0 || rx_stbc
> 3) {
4750 wpa_msg(wpa_s
, MSG_ERROR
,
4751 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc
);
4755 htcaps_mask
->ht_capabilities_info
|= msk
;
4756 htcaps
->ht_capabilities_info
&= ~msk
;
4757 htcaps
->ht_capabilities_info
|= (rx_stbc
<< 8) & msk
;
4763 void wpa_supplicant_apply_ht_overrides(
4764 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4765 struct wpa_driver_associate_params
*params
)
4767 struct ieee80211_ht_capabilities
*htcaps
;
4768 struct ieee80211_ht_capabilities
*htcaps_mask
;
4773 params
->disable_ht
= ssid
->disable_ht
;
4774 if (!params
->htcaps
|| !params
->htcaps_mask
)
4777 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4778 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4779 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4780 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4781 ssid
->disable_max_amsdu
);
4782 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4783 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4784 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4785 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4786 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4787 wpa_set_rx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->rx_stbc
);
4788 wpa_set_tx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->tx_stbc
);
4790 if (ssid
->ht40_intolerant
) {
4791 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4792 htcaps
->ht_capabilities_info
|= bit
;
4793 htcaps_mask
->ht_capabilities_info
|= bit
;
4797 #endif /* CONFIG_HT_OVERRIDES */
4800 #ifdef CONFIG_VHT_OVERRIDES
4801 void wpa_supplicant_apply_vht_overrides(
4802 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4803 struct wpa_driver_associate_params
*params
)
4805 struct ieee80211_vht_capabilities
*vhtcaps
;
4806 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4811 params
->disable_vht
= ssid
->disable_vht
;
4813 vhtcaps
= (void *) params
->vhtcaps
;
4814 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4816 if (!vhtcaps
|| !vhtcaps_mask
)
4819 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4820 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4822 #ifdef CONFIG_HT_OVERRIDES
4823 if (ssid
->disable_sgi
) {
4824 vhtcaps_mask
->vht_capabilities_info
|= (VHT_CAP_SHORT_GI_80
|
4825 VHT_CAP_SHORT_GI_160
);
4826 vhtcaps
->vht_capabilities_info
&= ~(VHT_CAP_SHORT_GI_80
|
4827 VHT_CAP_SHORT_GI_160
);
4828 wpa_msg(wpa_s
, MSG_DEBUG
,
4829 "disable-sgi override specified, vht-caps: 0x%x",
4830 vhtcaps
->vht_capabilities_info
);
4833 /* if max ampdu is <= 3, we have to make the HT cap the same */
4834 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4837 max_ampdu
= (ssid
->vht_capa
&
4838 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4839 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4841 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4842 wpa_set_ampdu_factor(wpa_s
,
4843 (void *) params
->htcaps
,
4844 (void *) params
->htcaps_mask
,
4847 #endif /* CONFIG_HT_OVERRIDES */
4849 #define OVERRIDE_MCS(i) \
4850 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4851 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4852 host_to_le16(3 << 2 * (i - 1)); \
4853 vhtcaps->vht_supported_mcs_set.tx_map |= \
4854 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4857 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4858 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4859 host_to_le16(3 << 2 * (i - 1)); \
4860 vhtcaps->vht_supported_mcs_set.rx_map |= \
4861 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4874 #endif /* CONFIG_VHT_OVERRIDES */
4877 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4882 if (!wpa_s
->conf
->pcsc_reader
)
4885 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4889 if (wpa_s
->conf
->pcsc_pin
&&
4890 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4891 scard_deinit(wpa_s
->scard
);
4892 wpa_s
->scard
= NULL
;
4893 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4897 len
= sizeof(wpa_s
->imsi
) - 1;
4898 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4899 scard_deinit(wpa_s
->scard
);
4900 wpa_s
->scard
= NULL
;
4901 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4904 wpa_s
->imsi
[len
] = '\0';
4906 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4908 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4909 wpa_s
->imsi
, wpa_s
->mnc_len
);
4911 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4912 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4913 #endif /* PCSC_FUNCS */
4919 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4923 ext_password_deinit(wpa_s
->ext_pw
);
4924 wpa_s
->ext_pw
= NULL
;
4925 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4927 if (!wpa_s
->conf
->ext_password_backend
)
4930 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4933 pos
= os_strchr(val
, ':');
4937 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4939 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4941 if (wpa_s
->ext_pw
== NULL
) {
4942 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4945 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4953 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4955 struct wpa_supplicant
*wpa_s
= ctx
;
4957 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4958 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4962 static void wpas_fst_get_channel_info_cb(void *ctx
,
4963 enum hostapd_hw_mode
*hw_mode
,
4966 struct wpa_supplicant
*wpa_s
= ctx
;
4968 if (wpa_s
->current_bss
) {
4969 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4971 } else if (wpa_s
->hw
.num_modes
) {
4972 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4980 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4982 struct wpa_supplicant
*wpa_s
= ctx
;
4984 *modes
= wpa_s
->hw
.modes
;
4985 return wpa_s
->hw
.num_modes
;
4989 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4991 struct wpa_supplicant
*wpa_s
= ctx
;
4993 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4994 wpa_s
->fst_ies
= fst_ies
;
4998 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
5000 struct wpa_supplicant
*wpa_s
= ctx
;
5002 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
5003 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
5004 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
5007 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
5008 wpa_s
->own_addr
, wpa_s
->bssid
,
5009 wpabuf_head(data
), wpabuf_len(data
),
5014 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
5016 struct wpa_supplicant
*wpa_s
= ctx
;
5018 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5019 return wpa_s
->received_mb_ies
;
5023 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
5024 const u8
*buf
, size_t size
)
5026 struct wpa_supplicant
*wpa_s
= ctx
;
5027 struct mb_ies_info info
;
5029 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5031 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
5032 wpabuf_free(wpa_s
->received_mb_ies
);
5033 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
5038 static const u8
* wpas_fst_get_peer_first(void *ctx
,
5039 struct fst_get_peer_ctx
**get_ctx
,
5042 struct wpa_supplicant
*wpa_s
= ctx
;
5045 if (!is_zero_ether_addr(wpa_s
->bssid
))
5046 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
5047 wpa_s
->bssid
: NULL
;
5052 static const u8
* wpas_fst_get_peer_next(void *ctx
,
5053 struct fst_get_peer_ctx
**get_ctx
,
5059 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
5060 struct fst_wpa_obj
*iface_obj
)
5062 iface_obj
->ctx
= wpa_s
;
5063 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
5064 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
5065 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
5066 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
5067 iface_obj
->send_action
= wpas_fst_send_action_cb
;
5068 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
5069 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
5070 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
5071 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
5073 #endif /* CONFIG_FST */
5075 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
5076 const struct wpa_driver_capa
*capa
)
5078 struct wowlan_triggers
*triggers
;
5081 if (!wpa_s
->conf
->wowlan_triggers
)
5084 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
5086 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
5093 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
5096 return BAND_2_4_GHZ
;
5103 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
5106 unsigned int band
= 0;
5109 /* freqs are specified for the radio work */
5110 for (i
= 0; freqs
[i
]; i
++)
5111 band
|= wpas_freq_to_band(freqs
[i
]);
5114 * freqs are not specified, implies all
5115 * the supported freqs by HW
5117 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5118 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
5119 if (wpa_s
->hw
.modes
[i
].mode
==
5120 HOSTAPD_MODE_IEEE80211B
||
5121 wpa_s
->hw
.modes
[i
].mode
==
5122 HOSTAPD_MODE_IEEE80211G
)
5123 band
|= BAND_2_4_GHZ
;
5124 else if (wpa_s
->hw
.modes
[i
].mode
==
5125 HOSTAPD_MODE_IEEE80211A
)
5127 else if (wpa_s
->hw
.modes
[i
].mode
==
5128 HOSTAPD_MODE_IEEE80211AD
)
5129 band
|= BAND_60_GHZ
;
5130 else if (wpa_s
->hw
.modes
[i
].mode
==
5131 HOSTAPD_MODE_IEEE80211ANY
)
5132 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
5142 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
5145 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
5146 struct wpa_radio
*radio
;
5148 while (rn
&& iface
) {
5149 radio
= iface
->radio
;
5150 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
5151 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
5153 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5157 iface
= iface
->next
;
5160 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
5161 wpa_s
->ifname
, rn
? rn
: "N/A");
5162 radio
= os_zalloc(sizeof(*radio
));
5167 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
5168 dl_list_init(&radio
->ifaces
);
5169 dl_list_init(&radio
->work
);
5170 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5176 static void radio_work_free(struct wpa_radio_work
*work
)
5178 if (work
->wpa_s
->scan_work
== work
) {
5179 /* This should not really happen. */
5180 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5181 work
->type
, work
, work
->started
);
5182 work
->wpa_s
->scan_work
= NULL
;
5186 if (work
->wpa_s
->p2p_scan_work
== work
) {
5187 /* This should not really happen. */
5188 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5189 work
->type
, work
, work
->started
);
5190 work
->wpa_s
->p2p_scan_work
= NULL
;
5192 #endif /* CONFIG_P2P */
5194 if (work
->started
) {
5195 work
->wpa_s
->radio
->num_active_works
--;
5196 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
5197 "radio_work_free('%s'@%p): num_active_works --> %u",
5199 work
->wpa_s
->radio
->num_active_works
);
5202 dl_list_del(&work
->list
);
5207 static int radio_work_is_connect(struct wpa_radio_work
*work
)
5209 return os_strcmp(work
->type
, "sme-connect") == 0 ||
5210 os_strcmp(work
->type
, "connect") == 0;
5214 static int radio_work_is_scan(struct wpa_radio_work
*work
)
5216 return os_strcmp(work
->type
, "scan") == 0 ||
5217 os_strcmp(work
->type
, "p2p-scan") == 0;
5221 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
5223 struct wpa_radio_work
*active_work
= NULL
;
5224 struct wpa_radio_work
*tmp
;
5226 /* Get the active work to know the type and band. */
5227 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5235 /* No active work, start one */
5236 radio
->num_active_works
= 0;
5237 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
5239 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5240 radio
->external_scan_running
&&
5241 (((struct wpa_driver_scan_params
*)
5242 tmp
->ctx
)->only_new_results
||
5243 tmp
->wpa_s
->clear_driver_scan_cache
))
5250 if (radio_work_is_connect(active_work
)) {
5252 * If the active work is either connect or sme-connect,
5253 * do not parallelize them with other radio works.
5255 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5256 "Do not parallelize radio work with %s",
5261 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5266 * If connect or sme-connect are enqueued, parallelize only
5267 * those operations ahead of them in the queue.
5269 if (radio_work_is_connect(tmp
))
5272 /* Serialize parallel scan and p2p_scan operations on the same
5273 * interface since the driver_nl80211 mechanism for tracking
5274 * scan cookies does not yet have support for this. */
5275 if (active_work
->wpa_s
== tmp
->wpa_s
&&
5276 radio_work_is_scan(active_work
) &&
5277 radio_work_is_scan(tmp
)) {
5278 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5279 "Do not start work '%s' when another work '%s' is already scheduled",
5280 tmp
->type
, active_work
->type
);
5284 * Check that the radio works are distinct and
5285 * on different bands.
5287 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5288 (active_work
->bands
!= tmp
->bands
)) {
5290 * If a scan has to be scheduled through nl80211 scan
5291 * interface and if an external scan is already running,
5292 * do not schedule the scan since it is likely to get
5293 * rejected by kernel.
5295 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5296 radio
->external_scan_running
&&
5297 (((struct wpa_driver_scan_params
*)
5298 tmp
->ctx
)->only_new_results
||
5299 tmp
->wpa_s
->clear_driver_scan_cache
))
5302 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5303 "active_work:%s new_work:%s",
5304 active_work
->type
, tmp
->type
);
5309 /* Did not find a radio work to schedule in parallel. */
5314 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5316 struct wpa_radio
*radio
= eloop_ctx
;
5317 struct wpa_radio_work
*work
;
5318 struct os_reltime now
, diff
;
5319 struct wpa_supplicant
*wpa_s
;
5321 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5323 radio
->num_active_works
= 0;
5327 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5331 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5333 return; /* already started and still in progress */
5335 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5336 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5341 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5342 /* get the work to schedule next */
5343 work
= radio_work_get_next_work(radio
);
5349 wpa_s
= work
->wpa_s
;
5350 os_get_reltime(&now
);
5351 os_reltime_sub(&now
, &work
->time
, &diff
);
5352 wpa_dbg(wpa_s
, MSG_DEBUG
,
5353 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5354 work
->type
, work
, diff
.sec
, diff
.usec
);
5357 radio
->num_active_works
++;
5361 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5362 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5363 radio_work_check_next(wpa_s
);
5368 * This function removes both started and pending radio works running on
5369 * the provided interface's radio.
5370 * Prior to the removal of the radio work, its callback (cb) is called with
5371 * deinit set to be 1. Each work's callback is responsible for clearing its
5372 * internal data and restoring to a correct state.
5373 * @wpa_s: wpa_supplicant data
5374 * @type: type of works to be removed
5375 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5376 * this interface's works.
5378 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5379 const char *type
, int remove_all
)
5381 struct wpa_radio_work
*work
, *tmp
;
5382 struct wpa_radio
*radio
= wpa_s
->radio
;
5384 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5386 if (type
&& os_strcmp(type
, work
->type
) != 0)
5389 /* skip other ifaces' works */
5390 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5393 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5394 work
->type
, work
, work
->started
? " (started)" : "");
5396 radio_work_free(work
);
5399 /* in case we removed the started work */
5400 radio_work_check_next(wpa_s
);
5404 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5406 struct wpa_radio_work
*work
;
5407 struct wpa_radio
*radio
= wpa_s
->radio
;
5409 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5410 if (work
->ctx
!= ctx
)
5412 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5413 work
->type
, work
, work
->started
? " (started)" : "");
5414 radio_work_free(work
);
5420 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5422 struct wpa_radio
*radio
= wpa_s
->radio
;
5427 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5428 wpa_s
->ifname
, radio
->name
);
5429 dl_list_del(&wpa_s
->radio_list
);
5430 radio_remove_works(wpa_s
, NULL
, 0);
5431 wpa_s
->radio
= NULL
;
5432 if (!dl_list_empty(&radio
->ifaces
))
5433 return; /* Interfaces remain for this radio */
5435 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5436 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5441 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5443 struct wpa_radio
*radio
= wpa_s
->radio
;
5445 if (dl_list_empty(&radio
->work
))
5447 if (wpa_s
->ext_work_in_progress
) {
5448 wpa_printf(MSG_DEBUG
,
5449 "External radio work in progress - delay start of pending item");
5452 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5453 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5458 * radio_add_work - Add a radio work item
5459 * @wpa_s: Pointer to wpa_supplicant data
5460 * @freq: Frequency of the offchannel operation in MHz or 0
5461 * @type: Unique identifier for each type of work
5462 * @next: Force as the next work to be executed
5463 * @cb: Callback function for indicating when radio is available
5464 * @ctx: Context pointer for the work (work->ctx in cb())
5465 * Returns: 0 on success, -1 on failure
5467 * This function is used to request time for an operation that requires
5468 * exclusive radio control. Once the radio is available, the registered callback
5469 * function will be called. radio_work_done() must be called once the exclusive
5470 * radio operation has been completed, so that the radio is freed for other
5471 * operations. The special case of deinit=1 is used to free the context data
5472 * during interface removal. That does not allow the callback function to start
5473 * the radio operation, i.e., it must free any resources allocated for the radio
5476 * The @freq parameter can be used to indicate a single channel on which the
5477 * offchannel operation will occur. This may allow multiple radio work
5478 * operations to be performed in parallel if they apply for the same channel.
5479 * Setting this to 0 indicates that the work item may use multiple channels or
5480 * requires exclusive control of the radio.
5482 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5483 const char *type
, int next
,
5484 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5487 struct wpa_radio
*radio
= wpa_s
->radio
;
5488 struct wpa_radio_work
*work
;
5491 work
= os_zalloc(sizeof(*work
));
5494 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5495 os_get_reltime(&work
->time
);
5498 work
->wpa_s
= wpa_s
;
5503 work
->bands
= wpas_freq_to_band(freq
);
5504 else if (os_strcmp(type
, "scan") == 0 ||
5505 os_strcmp(type
, "p2p-scan") == 0)
5506 work
->bands
= wpas_get_bands(wpa_s
,
5507 ((struct wpa_driver_scan_params
*)
5510 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5512 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5514 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5516 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5518 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5519 radio_work_check_next(wpa_s
);
5520 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5521 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5522 wpa_dbg(wpa_s
, MSG_DEBUG
,
5523 "Try to schedule a radio work (num_active_works=%u)",
5524 radio
->num_active_works
);
5525 radio_work_check_next(wpa_s
);
5533 * radio_work_done - Indicate that a radio work item has been completed
5534 * @work: Completed work
5536 * This function is called once the callback function registered with
5537 * radio_add_work() has completed its work.
5539 void radio_work_done(struct wpa_radio_work
*work
)
5541 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5542 struct os_reltime now
, diff
;
5543 unsigned int started
= work
->started
;
5545 os_get_reltime(&now
);
5546 os_reltime_sub(&now
, &work
->time
, &diff
);
5547 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5548 work
->type
, work
, started
? "done" : "canceled",
5549 diff
.sec
, diff
.usec
);
5550 radio_work_free(work
);
5552 radio_work_check_next(wpa_s
);
5556 struct wpa_radio_work
*
5557 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5559 struct wpa_radio_work
*work
;
5560 struct wpa_radio
*radio
= wpa_s
->radio
;
5562 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5563 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5571 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5572 const struct wpa_interface
*iface
)
5574 const char *ifname
, *driver
, *rn
;
5576 driver
= iface
->driver
;
5578 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5581 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5582 if (wpa_s
->drv_priv
== NULL
) {
5584 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5586 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5587 "driver interface - try next driver wrapper");
5591 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5595 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5596 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5597 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5601 ifname
= wpa_drv_get_ifname(wpa_s
);
5602 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5603 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5604 "interface name with '%s'", ifname
);
5605 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5608 rn
= wpa_driver_get_radio_name(wpa_s
);
5609 if (rn
&& rn
[0] == '\0')
5612 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5613 if (wpa_s
->radio
== NULL
)
5620 #ifdef CONFIG_GAS_SERVER
5622 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5623 unsigned int freq
, const u8
*dst
,
5624 const u8
*src
, const u8
*bssid
,
5625 const u8
*data
, size_t data_len
,
5626 enum offchannel_send_action_result result
)
5628 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5631 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5632 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5634 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5635 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5639 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5640 struct wpabuf
*buf
, unsigned int wait_time
)
5642 struct wpa_supplicant
*wpa_s
= ctx
;
5643 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5645 if (wait_time
> wpa_s
->max_remain_on_chan
)
5646 wait_time
= wpa_s
->max_remain_on_chan
;
5648 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5649 wpabuf_head(buf
), wpabuf_len(buf
),
5650 wait_time
, wpas_gas_server_tx_status
, 0);
5653 #endif /* CONFIG_GAS_SERVER */
5655 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5656 const struct wpa_interface
*iface
)
5658 struct wpa_driver_capa capa
;
5662 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5663 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5664 iface
->confname
? iface
->confname
: "N/A",
5665 iface
->driver
? iface
->driver
: "default",
5666 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5667 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5669 if (iface
->confname
) {
5670 #ifdef CONFIG_BACKEND_FILE
5671 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5672 if (wpa_s
->confname
== NULL
) {
5673 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5674 "for configuration file '%s'.",
5678 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5679 iface
->confname
, wpa_s
->confname
);
5680 #else /* CONFIG_BACKEND_FILE */
5681 wpa_s
->confname
= os_strdup(iface
->confname
);
5682 #endif /* CONFIG_BACKEND_FILE */
5683 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5684 if (wpa_s
->conf
== NULL
) {
5685 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5686 "configuration '%s'.", wpa_s
->confname
);
5689 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5690 if (wpa_s
->confanother
&&
5691 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5692 wpa_printf(MSG_ERROR
,
5693 "Failed to read or parse configuration '%s'.",
5694 wpa_s
->confanother
);
5699 * Override ctrl_interface and driver_param if set on command
5702 if (iface
->ctrl_interface
) {
5703 os_free(wpa_s
->conf
->ctrl_interface
);
5704 wpa_s
->conf
->ctrl_interface
=
5705 os_strdup(iface
->ctrl_interface
);
5708 if (iface
->driver_param
) {
5709 os_free(wpa_s
->conf
->driver_param
);
5710 wpa_s
->conf
->driver_param
=
5711 os_strdup(iface
->driver_param
);
5714 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5715 os_free(wpa_s
->conf
->ctrl_interface
);
5716 wpa_s
->conf
->ctrl_interface
= NULL
;
5719 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5720 iface
->driver_param
);
5722 if (wpa_s
->conf
== NULL
) {
5723 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5727 if (iface
->ifname
== NULL
) {
5728 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5731 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5732 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5736 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5738 if (iface
->bridge_ifname
) {
5739 if (os_strlen(iface
->bridge_ifname
) >=
5740 sizeof(wpa_s
->bridge_ifname
)) {
5741 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5742 "name '%s'.", iface
->bridge_ifname
);
5745 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5746 sizeof(wpa_s
->bridge_ifname
));
5749 /* RSNA Supplicant Key Management - INITIALIZE */
5750 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5751 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5753 /* Initialize driver interface and register driver event handler before
5754 * L2 receive handler so that association events are processed before
5755 * EAPOL-Key packets if both become available for the same select()
5757 if (wpas_init_driver(wpa_s
, iface
) < 0)
5760 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5763 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5764 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5766 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5768 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5769 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5770 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5771 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5772 "dot11RSNAConfigPMKLifetime");
5776 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5777 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5778 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5779 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5780 "dot11RSNAConfigPMKReauthThreshold");
5784 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5785 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5786 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5787 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5788 "dot11RSNAConfigSATimeout");
5792 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5793 &wpa_s
->hw
.num_modes
,
5796 if (wpa_s
->hw
.modes
) {
5799 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5800 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5801 wpa_s
->hw_capab
= CAPAB_VHT
;
5805 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5806 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5807 wpa_s
->hw_capab
= CAPAB_HT40
;
5808 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5809 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5810 wpa_s
->hw_capab
= CAPAB_HT
;
5814 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5815 if (capa_res
== 0) {
5816 wpa_s
->drv_capa_known
= 1;
5817 wpa_s
->drv_flags
= capa
.flags
;
5818 wpa_s
->drv_enc
= capa
.enc
;
5819 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5820 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5821 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5822 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5823 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5824 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5825 wpa_s
->max_sched_scan_plan_interval
=
5826 capa
.max_sched_scan_plan_interval
;
5827 wpa_s
->max_sched_scan_plan_iterations
=
5828 capa
.max_sched_scan_plan_iterations
;
5829 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5830 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5831 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5832 wpa_s
->max_stations
= capa
.max_stations
;
5833 wpa_s
->extended_capa
= capa
.extended_capa
;
5834 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5835 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5836 wpa_s
->num_multichan_concurrent
=
5837 capa
.num_multichan_concurrent
;
5838 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5840 if (capa
.mac_addr_rand_scan_supported
)
5841 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5842 if (wpa_s
->sched_scan_supported
&&
5843 capa
.mac_addr_rand_sched_scan_supported
)
5844 wpa_s
->mac_addr_rand_supported
|=
5845 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5847 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
5848 if (wpa_s
->extended_capa
&&
5849 wpa_s
->extended_capa_len
>= 3 &&
5850 wpa_s
->extended_capa
[2] & 0x40)
5851 wpa_s
->multi_bss_support
= 1;
5853 if (wpa_s
->max_remain_on_chan
== 0)
5854 wpa_s
->max_remain_on_chan
= 1000;
5857 * Only take p2p_mgmt parameters when P2P Device is supported.
5858 * Doing it here as it determines whether l2_packet_init() will be done
5859 * during wpa_supplicant_driver_init().
5861 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5862 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5864 if (wpa_s
->num_multichan_concurrent
== 0)
5865 wpa_s
->num_multichan_concurrent
= 1;
5867 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5871 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5873 #endif /* CONFIG_TDLS */
5875 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5876 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5877 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5882 if (wpa_s
->conf
->fst_group_id
) {
5883 struct fst_iface_cfg cfg
;
5884 struct fst_wpa_obj iface_obj
;
5886 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5887 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5888 sizeof(cfg
.group_id
));
5889 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5890 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5892 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5895 wpa_msg(wpa_s
, MSG_ERROR
,
5896 "FST: Cannot attach iface %s to group %s",
5897 wpa_s
->ifname
, cfg
.group_id
);
5901 #endif /* CONFIG_FST */
5903 if (wpas_wps_init(wpa_s
))
5906 #ifdef CONFIG_GAS_SERVER
5907 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5908 if (!wpa_s
->gas_server
) {
5909 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5912 #endif /* CONFIG_GAS_SERVER */
5915 if (wpas_dpp_init(wpa_s
) < 0)
5917 #endif /* CONFIG_DPP */
5919 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5921 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5923 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5924 if (wpa_s
->ctrl_iface
== NULL
) {
5925 wpa_printf(MSG_ERROR
,
5926 "Failed to initialize control interface '%s'.\n"
5927 "You may have another wpa_supplicant process "
5928 "already running or the file was\n"
5929 "left by an unclean termination of wpa_supplicant "
5930 "in which case you will need\n"
5931 "to manually remove this file before starting "
5932 "wpa_supplicant again.\n",
5933 wpa_s
->conf
->ctrl_interface
);
5937 wpa_s
->gas
= gas_query_init(wpa_s
);
5938 if (wpa_s
->gas
== NULL
) {
5939 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5943 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5945 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5946 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5950 if (wpa_bss_init(wpa_s
) < 0)
5953 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5955 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5956 #endif /* CONFIG_MESH */
5957 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5960 * Set Wake-on-WLAN triggers, if configured.
5961 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5962 * have effect anyway when the interface is down).
5964 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5967 #ifdef CONFIG_EAP_PROXY
5970 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5972 if (wpa_s
->mnc_len
> 0) {
5973 wpa_s
->imsi
[len
] = '\0';
5974 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5975 wpa_s
->imsi
, wpa_s
->mnc_len
);
5977 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5980 #endif /* CONFIG_EAP_PROXY */
5982 if (pcsc_reader_init(wpa_s
) < 0)
5985 if (wpas_init_ext_pw(wpa_s
) < 0)
5988 wpas_rrm_reset(wpa_s
);
5990 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5994 #endif /* CONFIG_HS20 */
5996 if (wpa_s
->conf
->oce
) {
5997 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5998 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5999 wpa_s
->enable_oce
= OCE_STA
;
6000 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
6001 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
6002 /* TODO: Need to add STA-CFON support */
6003 wpa_printf(MSG_ERROR
,
6004 "OCE STA-CFON feature is not yet supported");
6007 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
6008 #endif /* CONFIG_MBO */
6010 wpa_supplicant_set_default_scan_ies(wpa_s
);
6016 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
6017 int notify
, int terminate
)
6019 struct wpa_global
*global
= wpa_s
->global
;
6020 struct wpa_supplicant
*iface
, *prev
;
6022 if (wpa_s
== wpa_s
->parent
)
6023 wpas_p2p_group_remove(wpa_s
, "*");
6025 iface
= global
->ifaces
;
6027 if (iface
->p2pdev
== wpa_s
)
6028 iface
->p2pdev
= iface
->parent
;
6029 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
6030 iface
= iface
->next
;
6033 wpa_printf(MSG_DEBUG
,
6034 "Remove remaining child interface %s from parent %s",
6035 iface
->ifname
, wpa_s
->ifname
);
6037 iface
= iface
->next
;
6038 wpa_supplicant_remove_iface(global
, prev
, terminate
);
6041 wpa_s
->disconnected
= 1;
6042 if (wpa_s
->drv_priv
) {
6043 wpa_supplicant_deauthenticate(wpa_s
,
6044 WLAN_REASON_DEAUTH_LEAVING
);
6046 wpa_drv_set_countermeasures(wpa_s
, 0);
6047 wpa_clear_keys(wpa_s
, NULL
);
6050 wpa_supplicant_cleanup(wpa_s
);
6051 wpas_p2p_deinit_iface(wpa_s
);
6053 wpas_ctrl_radio_work_flush(wpa_s
);
6054 radio_remove_interface(wpa_s
);
6058 fst_detach(wpa_s
->fst
);
6061 if (wpa_s
->received_mb_ies
) {
6062 wpabuf_free(wpa_s
->received_mb_ies
);
6063 wpa_s
->received_mb_ies
= NULL
;
6065 #endif /* CONFIG_FST */
6067 if (wpa_s
->drv_priv
)
6068 wpa_drv_deinit(wpa_s
);
6071 wpas_notify_iface_removed(wpa_s
);
6074 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
6076 if (wpa_s
->ctrl_iface
) {
6077 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
6078 wpa_s
->ctrl_iface
= NULL
;
6083 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
6084 wpa_s
->ifmsh
= NULL
;
6086 #endif /* CONFIG_MESH */
6088 if (wpa_s
->conf
!= NULL
) {
6089 wpa_config_free(wpa_s
->conf
);
6093 os_free(wpa_s
->ssids_from_scan_req
);
6099 #ifdef CONFIG_MATCH_IFACE
6102 * wpa_supplicant_match_iface - Match an interface description to a name
6103 * @global: Pointer to global data from wpa_supplicant_init()
6104 * @ifname: Name of the interface to match
6105 * Returns: Pointer to the created interface description or %NULL on failure
6107 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
6111 struct wpa_interface
*iface
, *miface
;
6113 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
6114 miface
= &global
->params
.match_ifaces
[i
];
6115 if (!miface
->ifname
||
6116 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
6117 iface
= os_zalloc(sizeof(*iface
));
6121 iface
->ifname
= ifname
;
6131 * wpa_supplicant_match_existing - Match existing interfaces
6132 * @global: Pointer to global data from wpa_supplicant_init()
6133 * Returns: 0 on success, -1 on failure
6135 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
6137 struct if_nameindex
*ifi
, *ifp
;
6138 struct wpa_supplicant
*wpa_s
;
6139 struct wpa_interface
*iface
;
6141 ifp
= if_nameindex();
6143 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
6147 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
6148 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
6151 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
6153 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
6160 if_freenameindex(ifp
);
6164 #endif /* CONFIG_MATCH_IFACE */
6168 * wpa_supplicant_add_iface - Add a new network interface
6169 * @global: Pointer to global data from wpa_supplicant_init()
6170 * @iface: Interface configuration options
6171 * @parent: Parent interface or %NULL to assign new interface as parent
6172 * Returns: Pointer to the created interface or %NULL on failure
6174 * This function is used to add new network interfaces for %wpa_supplicant.
6175 * This can be called before wpa_supplicant_run() to add interfaces before the
6176 * main event loop has been started. In addition, new interfaces can be added
6177 * dynamically while %wpa_supplicant is already running. This could happen,
6178 * e.g., when a hotplug network adapter is inserted.
6180 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
6181 struct wpa_interface
*iface
,
6182 struct wpa_supplicant
*parent
)
6184 struct wpa_supplicant
*wpa_s
;
6185 struct wpa_interface t_iface
;
6186 struct wpa_ssid
*ssid
;
6188 if (global
== NULL
|| iface
== NULL
)
6191 wpa_s
= wpa_supplicant_alloc(parent
);
6195 wpa_s
->global
= global
;
6198 if (global
->params
.override_driver
) {
6199 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
6201 iface
->driver
, global
->params
.override_driver
);
6202 t_iface
.driver
= global
->params
.override_driver
;
6204 if (global
->params
.override_ctrl_interface
) {
6205 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
6206 "ctrl_interface ('%s' -> '%s')",
6207 iface
->ctrl_interface
,
6208 global
->params
.override_ctrl_interface
);
6209 t_iface
.ctrl_interface
=
6210 global
->params
.override_ctrl_interface
;
6212 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
6213 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
6215 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
6219 if (iface
->p2p_mgmt
== 0) {
6220 /* Notify the control interfaces about new iface */
6221 if (wpas_notify_iface_added(wpa_s
)) {
6222 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
6226 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
6227 wpas_notify_network_added(wpa_s
, ssid
);
6230 wpa_s
->next
= global
->ifaces
;
6231 global
->ifaces
= wpa_s
;
6233 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
6234 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
6237 if (wpa_s
->global
->p2p
== NULL
&&
6238 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
6239 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
6240 wpas_p2p_add_p2pdev_interface(
6241 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
6242 wpa_printf(MSG_INFO
,
6243 "P2P: Failed to enable P2P Device interface");
6244 /* Try to continue without. P2P will be disabled. */
6246 #endif /* CONFIG_P2P */
6253 * wpa_supplicant_remove_iface - Remove a network interface
6254 * @global: Pointer to global data from wpa_supplicant_init()
6255 * @wpa_s: Pointer to the network interface to be removed
6256 * Returns: 0 if interface was removed, -1 if interface was not found
6258 * This function can be used to dynamically remove network interfaces from
6259 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6260 * addition, this function is used to remove all remaining interfaces when
6261 * %wpa_supplicant is terminated.
6263 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
6264 struct wpa_supplicant
*wpa_s
,
6267 struct wpa_supplicant
*prev
;
6269 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
6270 char *ifname
= NULL
;
6271 struct wpa_supplicant
*parent
= wpa_s
->parent
;
6272 #endif /* CONFIG_MESH */
6274 /* Remove interface from the global list of interfaces */
6275 prev
= global
->ifaces
;
6276 if (prev
== wpa_s
) {
6277 global
->ifaces
= wpa_s
->next
;
6279 while (prev
&& prev
->next
!= wpa_s
)
6283 prev
->next
= wpa_s
->next
;
6286 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6289 if (mesh_if_created
) {
6290 ifname
= os_strdup(wpa_s
->ifname
);
6291 if (ifname
== NULL
) {
6292 wpa_dbg(wpa_s
, MSG_ERROR
,
6293 "mesh: Failed to malloc ifname");
6297 #endif /* CONFIG_MESH */
6299 if (global
->p2p_group_formation
== wpa_s
)
6300 global
->p2p_group_formation
= NULL
;
6301 if (global
->p2p_invite_group
== wpa_s
)
6302 global
->p2p_invite_group
= NULL
;
6303 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6306 if (mesh_if_created
) {
6307 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6310 #endif /* CONFIG_MESH */
6317 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6318 * @wpa_s: Pointer to the network interface
6319 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6321 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6323 const char *eapol_method
;
6325 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6326 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6330 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6331 if (eapol_method
== NULL
)
6332 return "UNKNOWN-EAP";
6334 return eapol_method
;
6339 * wpa_supplicant_get_iface - Get a new network interface
6340 * @global: Pointer to global data from wpa_supplicant_init()
6341 * @ifname: Interface name
6342 * Returns: Pointer to the interface or %NULL if not found
6344 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6347 struct wpa_supplicant
*wpa_s
;
6349 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6350 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6357 #ifndef CONFIG_NO_WPA_MSG
6358 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6360 struct wpa_supplicant
*wpa_s
= ctx
;
6363 return wpa_s
->ifname
;
6365 #endif /* CONFIG_NO_WPA_MSG */
6368 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6369 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6370 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6372 /* Periodic cleanup tasks */
6373 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6375 struct wpa_global
*global
= eloop_ctx
;
6376 struct wpa_supplicant
*wpa_s
;
6378 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6379 wpas_periodic
, global
, NULL
);
6383 p2p_expire_peers(global
->p2p
);
6384 #endif /* CONFIG_P2P */
6386 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6387 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6390 #endif /* CONFIG_AP */
6396 * wpa_supplicant_init - Initialize %wpa_supplicant
6397 * @params: Parameters for %wpa_supplicant
6398 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6400 * This function is used to initialize %wpa_supplicant. After successful
6401 * initialization, the returned data pointer can be used to add and remove
6402 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6404 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6406 struct wpa_global
*global
;
6412 #ifdef CONFIG_DRIVER_NDIS
6414 void driver_ndis_init_ops(void);
6415 driver_ndis_init_ops();
6417 #endif /* CONFIG_DRIVER_NDIS */
6419 #ifndef CONFIG_NO_WPA_MSG
6420 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6421 #endif /* CONFIG_NO_WPA_MSG */
6423 if (params
->wpa_debug_file_path
)
6424 wpa_debug_open_file(params
->wpa_debug_file_path
);
6426 wpa_debug_setup_stdout();
6427 if (params
->wpa_debug_syslog
)
6428 wpa_debug_open_syslog();
6429 if (params
->wpa_debug_tracing
) {
6430 ret
= wpa_debug_open_linux_tracing();
6432 wpa_printf(MSG_ERROR
,
6433 "Failed to enable trace logging");
6438 ret
= eap_register_methods();
6440 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6442 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6443 "the same EAP type.");
6447 global
= os_zalloc(sizeof(*global
));
6450 dl_list_init(&global
->p2p_srv_bonjour
);
6451 dl_list_init(&global
->p2p_srv_upnp
);
6452 global
->params
.daemonize
= params
->daemonize
;
6453 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6454 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6455 if (params
->pid_file
)
6456 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6457 if (params
->ctrl_interface
)
6458 global
->params
.ctrl_interface
=
6459 os_strdup(params
->ctrl_interface
);
6460 if (params
->ctrl_interface_group
)
6461 global
->params
.ctrl_interface_group
=
6462 os_strdup(params
->ctrl_interface_group
);
6463 if (params
->override_driver
)
6464 global
->params
.override_driver
=
6465 os_strdup(params
->override_driver
);
6466 if (params
->override_ctrl_interface
)
6467 global
->params
.override_ctrl_interface
=
6468 os_strdup(params
->override_ctrl_interface
);
6469 #ifdef CONFIG_MATCH_IFACE
6470 global
->params
.match_iface_count
= params
->match_iface_count
;
6471 if (params
->match_iface_count
) {
6472 global
->params
.match_ifaces
=
6473 os_calloc(params
->match_iface_count
,
6474 sizeof(struct wpa_interface
));
6475 os_memcpy(global
->params
.match_ifaces
,
6476 params
->match_ifaces
,
6477 params
->match_iface_count
*
6478 sizeof(struct wpa_interface
));
6480 #endif /* CONFIG_MATCH_IFACE */
6482 if (params
->conf_p2p_dev
)
6483 global
->params
.conf_p2p_dev
=
6484 os_strdup(params
->conf_p2p_dev
);
6485 #endif /* CONFIG_P2P */
6486 wpa_debug_level
= global
->params
.wpa_debug_level
=
6487 params
->wpa_debug_level
;
6488 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6489 params
->wpa_debug_show_keys
;
6490 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6491 params
->wpa_debug_timestamp
;
6493 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6496 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6497 wpa_supplicant_deinit(global
);
6501 random_init(params
->entropy_file
);
6503 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6504 if (global
->ctrl_iface
== NULL
) {
6505 wpa_supplicant_deinit(global
);
6509 if (wpas_notify_supplicant_initialized(global
)) {
6510 wpa_supplicant_deinit(global
);
6514 for (i
= 0; wpa_drivers
[i
]; i
++)
6515 global
->drv_count
++;
6516 if (global
->drv_count
== 0) {
6517 wpa_printf(MSG_ERROR
, "No drivers enabled");
6518 wpa_supplicant_deinit(global
);
6521 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6522 if (global
->drv_priv
== NULL
) {
6523 wpa_supplicant_deinit(global
);
6527 #ifdef CONFIG_WIFI_DISPLAY
6528 if (wifi_display_init(global
) < 0) {
6529 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6530 wpa_supplicant_deinit(global
);
6533 #endif /* CONFIG_WIFI_DISPLAY */
6535 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6536 wpas_periodic
, global
, NULL
);
6543 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6544 * @global: Pointer to global data from wpa_supplicant_init()
6545 * Returns: 0 after successful event loop run, -1 on failure
6547 * This function starts the main event loop and continues running as long as
6548 * there are any remaining events. In most cases, this function is running as
6549 * long as the %wpa_supplicant process in still in use.
6551 int wpa_supplicant_run(struct wpa_global
*global
)
6553 struct wpa_supplicant
*wpa_s
;
6555 if (global
->params
.daemonize
&&
6556 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6557 eloop_sock_requeue()))
6560 #ifdef CONFIG_MATCH_IFACE
6561 if (wpa_supplicant_match_existing(global
))
6565 if (global
->params
.wait_for_monitor
) {
6566 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6567 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6568 wpa_supplicant_ctrl_iface_wait(
6572 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6573 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6582 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6583 * @global: Pointer to global data from wpa_supplicant_init()
6585 * This function is called to deinitialize %wpa_supplicant and to free all
6586 * allocated resources. Remaining network interfaces will also be removed.
6588 void wpa_supplicant_deinit(struct wpa_global
*global
)
6595 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6597 #ifdef CONFIG_WIFI_DISPLAY
6598 wifi_display_deinit(global
);
6599 #endif /* CONFIG_WIFI_DISPLAY */
6601 while (global
->ifaces
)
6602 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6604 if (global
->ctrl_iface
)
6605 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6607 wpas_notify_supplicant_deinitialized(global
);
6609 eap_peer_unregister_methods();
6611 eap_server_unregister_methods();
6612 #endif /* CONFIG_AP */
6614 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6615 if (!global
->drv_priv
[i
])
6617 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6619 os_free(global
->drv_priv
);
6625 if (global
->params
.pid_file
) {
6626 os_daemonize_terminate(global
->params
.pid_file
);
6627 os_free(global
->params
.pid_file
);
6629 os_free(global
->params
.ctrl_interface
);
6630 os_free(global
->params
.ctrl_interface_group
);
6631 os_free(global
->params
.override_driver
);
6632 os_free(global
->params
.override_ctrl_interface
);
6633 #ifdef CONFIG_MATCH_IFACE
6634 os_free(global
->params
.match_ifaces
);
6635 #endif /* CONFIG_MATCH_IFACE */
6637 os_free(global
->params
.conf_p2p_dev
);
6638 #endif /* CONFIG_P2P */
6640 os_free(global
->p2p_disallow_freq
.range
);
6641 os_free(global
->p2p_go_avoid_freq
.range
);
6642 os_free(global
->add_psk
);
6645 wpa_debug_close_syslog();
6646 wpa_debug_close_file();
6647 wpa_debug_close_linux_tracing();
6651 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6653 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6654 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6656 country
[0] = wpa_s
->conf
->country
[0];
6657 country
[1] = wpa_s
->conf
->country
[1];
6659 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6660 wpa_printf(MSG_ERROR
, "Failed to set country code "
6665 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6666 wpas_init_ext_pw(wpa_s
);
6668 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6669 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6671 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6672 struct wpa_driver_capa capa
;
6673 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6675 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6676 wpa_printf(MSG_ERROR
,
6677 "Failed to update wowlan_triggers to '%s'",
6678 wpa_s
->conf
->wowlan_triggers
);
6681 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_DISABLE_BTM
)
6682 wpa_supplicant_set_default_scan_ies(wpa_s
);
6685 wpas_wps_update_config(wpa_s
);
6686 #endif /* CONFIG_WPS */
6687 wpas_p2p_update_config(wpa_s
);
6688 wpa_s
->conf
->changed_parameters
= 0;
6692 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6696 for (i
= 0; i
< *num_freqs
; i
++) {
6697 if (freqs
[i
] == freq
)
6701 freqs
[*num_freqs
] = freq
;
6706 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6708 struct wpa_bss
*bss
, *cbss
;
6709 const int max_freqs
= 10;
6713 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6717 cbss
= wpa_s
->current_bss
;
6719 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6722 if (bss
->ssid_len
== cbss
->ssid_len
&&
6723 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6724 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6725 add_freq(freqs
, &num_freqs
, bss
->freq
);
6726 if (num_freqs
== max_freqs
)
6731 if (num_freqs
== 0) {
6740 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6746 wpas_connect_work_done(wpa_s
);
6749 * Remove possible authentication timeout since the connection failed.
6751 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6754 * There is no point in blacklisting the AP if this event is
6755 * generated based on local request to disconnect.
6757 if (wpa_s
->own_disconnect_req
) {
6758 wpa_s
->own_disconnect_req
= 0;
6759 wpa_dbg(wpa_s
, MSG_DEBUG
,
6760 "Ignore connection failure due to local request to disconnect");
6763 if (wpa_s
->disconnected
) {
6764 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6765 "indication since interface has been put into "
6766 "disconnected state");
6771 * Add the failed BSSID into the blacklist and speed up next scan
6772 * attempt if there could be other APs that could accept association.
6773 * The current blacklist count indicates how many times we have tried
6774 * connecting to this AP and multiple attempts mean that other APs are
6775 * either not available or has already been tried, so that we can start
6776 * increasing the delay here to avoid constant scanning.
6778 count
= wpa_blacklist_add(wpa_s
, bssid
);
6779 if (count
== 1 && wpa_s
->current_bss
) {
6781 * This BSS was not in the blacklist before. If there is
6782 * another BSS available for the same ESS, we should try that
6783 * next. Otherwise, we may as well try this one once more
6784 * before allowing other, likely worse, ESSes to be considered.
6786 freqs
= get_bss_freqs_in_ess(wpa_s
);
6788 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6789 "has been seen; try it next");
6790 wpa_blacklist_add(wpa_s
, bssid
);
6792 * On the next scan, go through only the known channels
6793 * used in this ESS based on previous scans to speed up
6794 * common load balancing use case.
6796 os_free(wpa_s
->next_scan_freqs
);
6797 wpa_s
->next_scan_freqs
= freqs
;
6802 * Add previous failure count in case the temporary blacklist was
6803 * cleared due to no other BSSes being available.
6805 count
+= wpa_s
->extra_blacklist_count
;
6807 if (count
> 3 && wpa_s
->current_ssid
) {
6808 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6809 "consider temporary network disabling");
6810 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6831 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6832 "ms", count
, timeout
);
6835 * TODO: if more than one possible AP is available in scan results,
6836 * could try the other ones before requesting a new scan.
6839 /* speed up the connection attempt with normal scan */
6840 wpa_s
->normal_scans
= 0;
6841 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6842 1000 * (timeout
% 1000));
6847 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6849 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6850 const u8
*realm
, *username
, *rrk
;
6851 size_t realm_len
, username_len
, rrk_len
;
6854 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6855 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6856 &username
, &username_len
,
6857 &realm
, &realm_len
, &next_seq_num
,
6858 &rrk
, &rrk_len
) != 0 ||
6862 wpa_hexdump_ascii(MSG_DEBUG
,
6863 "FILS: Store last connection failure realm",
6865 os_free(wpa_s
->last_con_fail_realm
);
6866 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6867 if (wpa_s
->last_con_fail_realm
) {
6868 wpa_s
->last_con_fail_realm_len
= realm_len
;
6869 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6872 #endif /* CONFIG_FILS */
6875 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6877 return wpa_s
->conf
->ap_scan
== 2 ||
6878 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6882 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6883 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6884 struct wpa_ssid
*ssid
,
6888 #ifdef IEEE8021X_EAPOL
6889 struct eap_peer_config
*eap
= &ssid
->eap
;
6891 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6892 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6893 (const u8
*) value
, os_strlen(value
));
6895 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6896 case WPA_CTRL_REQ_EAP_IDENTITY
:
6897 os_free(eap
->identity
);
6898 eap
->identity
= (u8
*) os_strdup(value
);
6899 eap
->identity_len
= os_strlen(value
);
6900 eap
->pending_req_identity
= 0;
6901 if (ssid
== wpa_s
->current_ssid
)
6902 wpa_s
->reassociate
= 1;
6904 case WPA_CTRL_REQ_EAP_PASSWORD
:
6905 bin_clear_free(eap
->password
, eap
->password_len
);
6906 eap
->password
= (u8
*) os_strdup(value
);
6907 eap
->password_len
= os_strlen(value
);
6908 eap
->pending_req_password
= 0;
6909 if (ssid
== wpa_s
->current_ssid
)
6910 wpa_s
->reassociate
= 1;
6912 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6913 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6914 eap
->new_password
= (u8
*) os_strdup(value
);
6915 eap
->new_password_len
= os_strlen(value
);
6916 eap
->pending_req_new_password
= 0;
6917 if (ssid
== wpa_s
->current_ssid
)
6918 wpa_s
->reassociate
= 1;
6920 case WPA_CTRL_REQ_EAP_PIN
:
6921 str_clear_free(eap
->cert
.pin
);
6922 eap
->cert
.pin
= os_strdup(value
);
6923 eap
->pending_req_pin
= 0;
6924 if (ssid
== wpa_s
->current_ssid
)
6925 wpa_s
->reassociate
= 1;
6927 case WPA_CTRL_REQ_EAP_OTP
:
6928 bin_clear_free(eap
->otp
, eap
->otp_len
);
6929 eap
->otp
= (u8
*) os_strdup(value
);
6930 eap
->otp_len
= os_strlen(value
);
6931 os_free(eap
->pending_req_otp
);
6932 eap
->pending_req_otp
= NULL
;
6933 eap
->pending_req_otp_len
= 0;
6935 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6936 str_clear_free(eap
->cert
.private_key_passwd
);
6937 eap
->cert
.private_key_passwd
= os_strdup(value
);
6938 eap
->pending_req_passphrase
= 0;
6939 if (ssid
== wpa_s
->current_ssid
)
6940 wpa_s
->reassociate
= 1;
6942 case WPA_CTRL_REQ_SIM
:
6943 str_clear_free(eap
->external_sim_resp
);
6944 eap
->external_sim_resp
= os_strdup(value
);
6945 eap
->pending_req_sim
= 0;
6947 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6948 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6950 ssid
->mem_only_psk
= 1;
6951 if (ssid
->passphrase
)
6952 wpa_config_update_psk(ssid
);
6953 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6954 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6956 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6957 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6959 if (os_strcmp(value
, "good") == 0)
6960 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6961 else if (os_strcmp(value
, "bad") == 0)
6962 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6967 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6972 #else /* IEEE8021X_EAPOL */
6973 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6975 #endif /* IEEE8021X_EAPOL */
6977 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6980 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6983 unsigned int drv_enc
;
6985 if (wpa_s
->p2p_mgmt
)
6986 return 1; /* no normal network profiles on p2p_mgmt interface */
6994 if (wpa_s
->drv_capa_known
)
6995 drv_enc
= wpa_s
->drv_enc
;
6997 drv_enc
= (unsigned int) -1;
6999 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
7000 size_t len
= ssid
->wep_key_len
[i
];
7003 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
7005 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
7007 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
7009 return 1; /* invalid WEP key */
7012 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
7013 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
7014 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
7015 !ssid
->mem_only_psk
)
7022 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
7024 #ifdef CONFIG_IEEE80211W
7025 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
7026 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
7027 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
7029 * Driver does not support BIP -- ignore pmf=1 default
7030 * since the connection with PMF would fail and the
7031 * configuration does not require PMF to be enabled.
7033 return NO_MGMT_FRAME_PROTECTION
;
7038 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
7039 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
7041 * Do not use the default PMF value for non-RSN networks
7042 * since PMF is available only with RSN and pmf=2
7043 * configuration would otherwise prevent connections to
7044 * all open networks.
7046 return NO_MGMT_FRAME_PROTECTION
;
7049 return wpa_s
->conf
->pmf
;
7052 return ssid
->ieee80211w
;
7053 #else /* CONFIG_IEEE80211W */
7054 return NO_MGMT_FRAME_PROTECTION
;
7055 #endif /* CONFIG_IEEE80211W */
7059 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
7061 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
7063 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
7069 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
7071 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
7073 struct os_reltime now
;
7076 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
7081 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
7084 ssid
->auth_failures
++;
7087 if (ssid
->p2p_group
&&
7088 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
7090 * Skip the wait time since there is a short timeout on the
7091 * connection to a P2P group.
7095 #endif /* CONFIG_P2P */
7097 if (ssid
->auth_failures
> 50)
7099 else if (ssid
->auth_failures
> 10)
7101 else if (ssid
->auth_failures
> 5)
7103 else if (ssid
->auth_failures
> 3)
7105 else if (ssid
->auth_failures
> 2)
7107 else if (ssid
->auth_failures
> 1)
7112 if (ssid
->auth_failures
> 1 &&
7113 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
7114 dur
+= os_random() % (ssid
->auth_failures
* 10);
7116 os_get_reltime(&now
);
7117 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
7120 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
7122 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
7123 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7124 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
7125 ssid
->auth_failures
, dur
, reason
);
7129 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
7130 struct wpa_ssid
*ssid
, int clear_failures
)
7135 if (ssid
->disabled_until
.sec
) {
7136 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
7137 "id=%d ssid=\"%s\"",
7138 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
7140 ssid
->disabled_until
.sec
= 0;
7141 ssid
->disabled_until
.usec
= 0;
7143 ssid
->auth_failures
= 0;
7147 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7151 if (wpa_s
->disallow_aps_bssid
== NULL
)
7154 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
7155 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
7156 bssid
, ETH_ALEN
) == 0)
7164 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
7169 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
7172 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
7173 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
7174 if (ssid_len
== s
->ssid_len
&&
7175 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
7184 * wpas_request_connection - Request a new connection
7185 * @wpa_s: Pointer to the network interface
7187 * This function is used to request a new connection to be found. It will mark
7188 * the interface to allow reassociation and request a new scan to find a
7189 * suitable network to connect to.
7191 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
7193 wpa_s
->normal_scans
= 0;
7194 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
7195 wpa_supplicant_reinit_autoscan(wpa_s
);
7196 wpa_s
->extra_blacklist_count
= 0;
7197 wpa_s
->disconnected
= 0;
7198 wpa_s
->reassociate
= 1;
7199 wpa_s
->last_owe_group
= 0;
7201 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
7202 wpa_supplicant_req_scan(wpa_s
, 0, 0);
7204 wpa_s
->reattach
= 0;
7209 * wpas_request_disconnection - Request disconnection
7210 * @wpa_s: Pointer to the network interface
7212 * This function is used to request disconnection from the currently connected
7213 * network. This will stop any ongoing scans and initiate deauthentication.
7215 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
7218 wpa_s
->sme
.prev_bssid_set
= 0;
7219 #endif /* CONFIG_SME */
7220 wpa_s
->reassociate
= 0;
7221 wpa_s
->disconnected
= 1;
7222 wpa_supplicant_cancel_sched_scan(wpa_s
);
7223 wpa_supplicant_cancel_scan(wpa_s
);
7224 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
7225 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
7226 radio_remove_works(wpa_s
, "connect", 0);
7227 radio_remove_works(wpa_s
, "sme-connect", 0);
7231 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
7232 struct wpa_used_freq_data
*freqs_data
,
7237 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
7239 for (i
= 0; i
< len
; i
++) {
7240 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
7241 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
7242 i
, cur
->freq
, cur
->flags
);
7248 * Find the operating frequencies of any of the virtual interfaces that
7249 * are using the same radio as the current interface, and in addition, get
7250 * information about the interface types that are using the frequency.
7252 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
7253 struct wpa_used_freq_data
*freqs_data
,
7256 struct wpa_supplicant
*ifs
;
7259 unsigned int idx
= 0, i
;
7261 wpa_dbg(wpa_s
, MSG_DEBUG
,
7262 "Determining shared radio frequencies (max len %u)", len
);
7263 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
7265 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
7270 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
7273 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
7274 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
7275 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
7276 freq
= ifs
->current_ssid
->frequency
;
7277 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
7278 freq
= ifs
->assoc_freq
;
7282 /* Hold only distinct freqs */
7283 for (i
= 0; i
< idx
; i
++)
7284 if (freqs_data
[i
].freq
== freq
)
7288 freqs_data
[idx
++].freq
= freq
;
7290 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
7291 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
7292 WPA_FREQ_USED_BY_P2P_CLIENT
:
7293 WPA_FREQ_USED_BY_INFRA_STATION
;
7297 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7303 * Find the operating frequencies of any of the virtual interfaces that
7304 * are using the same radio as the current interface.
7306 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7307 int *freq_array
, unsigned int len
)
7309 struct wpa_used_freq_data
*freqs_data
;
7312 os_memset(freq_array
, 0, sizeof(int) * len
);
7314 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7318 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7319 for (i
= 0; i
< num
; i
++)
7320 freq_array
[i
] = freqs_data
[i
].freq
;
7322 os_free(freqs_data
);
7328 struct wpa_supplicant
*
7329 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7333 case VENDOR_ELEM_PROBE_REQ_P2P
:
7334 case VENDOR_ELEM_PROBE_RESP_P2P
:
7335 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7336 case VENDOR_ELEM_BEACON_P2P_GO
:
7337 case VENDOR_ELEM_P2P_PD_REQ
:
7338 case VENDOR_ELEM_P2P_PD_RESP
:
7339 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7340 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7341 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7342 case VENDOR_ELEM_P2P_INV_REQ
:
7343 case VENDOR_ELEM_P2P_INV_RESP
:
7344 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7345 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7346 return wpa_s
->p2pdev
;
7347 #endif /* CONFIG_P2P */
7354 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7359 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7361 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7362 if (wpa_s
->vendor_elem
[i
]) {
7365 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7366 if (!os_snprintf_error(sizeof(buf
), res
)) {
7367 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7368 wpa_s
->vendor_elem
[i
]);
7374 if (wpa_s
->parent
== wpa_s
&&
7375 wpa_s
->global
->p2p
&&
7376 !wpa_s
->global
->p2p_disabled
)
7377 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7378 #endif /* CONFIG_P2P */
7382 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7383 const u8
*elem
, size_t len
)
7387 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7388 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7390 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7393 if (os_memcmp(ie
, elem
, len
) != 0)
7396 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7397 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7398 wpa_s
->vendor_elem
[frame
] = NULL
;
7400 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7401 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7403 wpas_vendor_elem_update(wpa_s
);
7411 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7412 u16 num_modes
, enum hostapd_hw_mode mode
)
7416 for (i
= 0; i
< num_modes
; i
++) {
7417 if (modes
[i
].mode
== mode
)
7426 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7429 struct wpa_bss_tmp_disallowed
*bss
;
7431 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7432 struct wpa_bss_tmp_disallowed
, list
) {
7433 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7441 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7443 struct wpa_bss_tmp_disallowed
*tmp
;
7444 unsigned int num_bssid
= 0;
7448 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7451 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7452 struct wpa_bss_tmp_disallowed
, list
) {
7453 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7457 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7463 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7465 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7466 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7468 /* Make sure the bss is not already freed */
7469 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7470 struct wpa_bss_tmp_disallowed
, list
) {
7472 dl_list_del(&tmp
->list
);
7474 wpa_set_driver_tmp_disallow_list(wpa_s
);
7481 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7482 unsigned int sec
, int rssi_threshold
)
7484 struct wpa_bss_tmp_disallowed
*bss
;
7486 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7488 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7492 bss
= os_malloc(sizeof(*bss
));
7494 wpa_printf(MSG_DEBUG
,
7495 "Failed to allocate memory for temp disallow BSS");
7499 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7500 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7501 wpa_set_driver_tmp_disallow_list(wpa_s
);
7504 bss
->rssi_threshold
= rssi_threshold
;
7505 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7510 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
,
7511 struct wpa_bss
*bss
)
7513 struct wpa_bss_tmp_disallowed
*disallowed
= NULL
, *tmp
, *prev
;
7515 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7516 struct wpa_bss_tmp_disallowed
, list
) {
7517 if (os_memcmp(bss
->bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {
7525 if (disallowed
->rssi_threshold
!= 0 &&
7526 bss
->level
> disallowed
->rssi_threshold
)
7533 int wpas_enable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7534 unsigned int type
, const u8
*addr
,
7537 if ((addr
&& !mask
) || (!addr
&& mask
)) {
7538 wpa_printf(MSG_INFO
,
7539 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7543 if (addr
&& mask
&& (!(mask
[0] & 0x01) || (addr
[0] & 0x01))) {
7544 wpa_printf(MSG_INFO
,
7545 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7549 if (type
& MAC_ADDR_RAND_SCAN
) {
7550 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCAN
,
7555 if (type
& MAC_ADDR_RAND_SCHED_SCAN
) {
7556 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCHED_SCAN
,
7560 if (wpa_s
->sched_scanning
&& !wpa_s
->pno
)
7561 wpas_scan_restart_sched_scan(wpa_s
);
7564 if (type
& MAC_ADDR_RAND_PNO
) {
7565 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_PNO
,
7570 wpas_stop_pno(wpa_s
);
7571 wpas_start_pno(wpa_s
);
7579 int wpas_disable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7582 wpas_mac_addr_rand_scan_clear(wpa_s
, type
);
7584 if (type
& MAC_ADDR_RAND_PNO
) {
7585 wpas_stop_pno(wpa_s
);
7586 wpas_start_pno(wpa_s
);
7588 } else if (wpa_s
->sched_scanning
&& (type
& MAC_ADDR_RAND_SCHED_SCAN
)) {
7589 wpas_scan_restart_sched_scan(wpa_s
);